Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-37747 (GCVE-0-2025-37747)
Vulnerability from cvelistv5
Published
2025-05-01 12:55
Modified
2025-05-26 05:20
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
perf: Fix hang while freeing sigtrap event
Perf can hang while freeing a sigtrap event if a related deferred
signal hadn't managed to be sent before the file got closed:
perf_event_overflow()
task_work_add(perf_pending_task)
fput()
task_work_add(____fput())
task_work_run()
____fput()
perf_release()
perf_event_release_kernel()
_free_event()
perf_pending_task_sync()
task_work_cancel() -> FAILED
rcuwait_wait_event()
Once task_work_run() is running, the list of pending callbacks is
removed from the task_struct and from this point on task_work_cancel()
can't remove any pending and not yet started work items, hence the
task_work_cancel() failure and the hang on rcuwait_wait_event().
Task work could be changed to remove one work at a time, so a work
running on the current task can always cancel a pending one, however
the wait / wake design is still subject to inverted dependencies when
remote targets are involved, as pictured by Oleg:
T1 T2
fd = perf_event_open(pid => T2->pid); fd = perf_event_open(pid => T1->pid);
close(fd) close(fd)
<IRQ> <IRQ>
perf_event_overflow() perf_event_overflow()
task_work_add(perf_pending_task) task_work_add(perf_pending_task)
</IRQ> </IRQ>
fput() fput()
task_work_add(____fput()) task_work_add(____fput())
task_work_run() task_work_run()
____fput() ____fput()
perf_release() perf_release()
perf_event_release_kernel() perf_event_release_kernel()
_free_event() _free_event()
perf_pending_task_sync() perf_pending_task_sync()
rcuwait_wait_event() rcuwait_wait_event()
Therefore the only option left is to acquire the event reference count
upon queueing the perf task work and release it from the task work, just
like it was done before 3a5465418f5f ("perf: Fix event leak upon exec and file release")
but without the leaks it fixed.
Some adjustments are necessary to make it work:
* A child event might dereference its parent upon freeing. Care must be
taken to release the parent last.
* Some places assuming the event doesn't have any reference held and
therefore can be freed right away must instead put the reference and
let the reference counting to its job.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ► | Linux | Linux |
Version: 3a5465418f5fd970e86a86c7f4075be262682840 Version: 3a5465418f5fd970e86a86c7f4075be262682840 Version: 3a5465418f5fd970e86a86c7f4075be262682840 Version: 3a5465418f5fd970e86a86c7f4075be262682840 Version: 9ad46f1fef421d43cdab3a7d1744b2f43b54dae0 Version: ed2c202dac55423a52d7e2290f2888bf08b8ee99 Version: 104e258a004037bc7dba9f6085c71dad6af57ad4 Version: f34d8307a73a18de5320fcc6f40403146d061891 |
|
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"include/linux/perf_event.h",
"kernel/events/core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "fa1827fa968c0674e9b6fca223fa9fb4da4493eb",
"status": "affected",
"version": "3a5465418f5fd970e86a86c7f4075be262682840",
"versionType": "git"
},
{
"lessThan": "665b87b8f8b3aeb49083ef3b65c4953e7753fc12",
"status": "affected",
"version": "3a5465418f5fd970e86a86c7f4075be262682840",
"versionType": "git"
},
{
"lessThan": "1267bd38f161c1a27d9b722de017027167a225a0",
"status": "affected",
"version": "3a5465418f5fd970e86a86c7f4075be262682840",
"versionType": "git"
},
{
"lessThan": "56799bc035658738f362acec3e7647bb84e68933",
"status": "affected",
"version": "3a5465418f5fd970e86a86c7f4075be262682840",
"versionType": "git"
},
{
"status": "affected",
"version": "9ad46f1fef421d43cdab3a7d1744b2f43b54dae0",
"versionType": "git"
},
{
"status": "affected",
"version": "ed2c202dac55423a52d7e2290f2888bf08b8ee99",
"versionType": "git"
},
{
"status": "affected",
"version": "104e258a004037bc7dba9f6085c71dad6af57ad4",
"versionType": "git"
},
{
"status": "affected",
"version": "f34d8307a73a18de5320fcc6f40403146d061891",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"include/linux/perf_event.h",
"kernel/events/core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.11"
},
{
"lessThan": "6.11",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.24",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"version": "6.13.12",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.24",
"versionStartIncluding": "6.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.12",
"versionStartIncluding": "6.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.3",
"versionStartIncluding": "6.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "6.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.165",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1.103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.10.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job."
}
],
"providerMetadata": {
"dateUpdated": "2025-05-26T05:20:01.376Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/fa1827fa968c0674e9b6fca223fa9fb4da4493eb"
},
{
"url": "https://git.kernel.org/stable/c/665b87b8f8b3aeb49083ef3b65c4953e7753fc12"
},
{
"url": "https://git.kernel.org/stable/c/1267bd38f161c1a27d9b722de017027167a225a0"
},
{
"url": "https://git.kernel.org/stable/c/56799bc035658738f362acec3e7647bb84e68933"
}
],
"title": "perf: Fix hang while freeing sigtrap event",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37747",
"datePublished": "2025-05-01T12:55:54.028Z",
"dateReserved": "2025-04-16T04:51:23.936Z",
"dateUpdated": "2025-05-26T05:20:01.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-37747\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-05-01T13:15:53.417\",\"lastModified\":\"2025-05-02T13:53:20.943\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nperf: Fix hang while freeing sigtrap event\\n\\nPerf can hang while freeing a sigtrap event if a related deferred\\nsignal hadn\u0027t managed to be sent before the file got closed:\\n\\nperf_event_overflow()\\n task_work_add(perf_pending_task)\\n\\nfput()\\n task_work_add(____fput())\\n\\ntask_work_run()\\n ____fput()\\n perf_release()\\n perf_event_release_kernel()\\n _free_event()\\n perf_pending_task_sync()\\n task_work_cancel() -\u003e FAILED\\n rcuwait_wait_event()\\n\\nOnce task_work_run() is running, the list of pending callbacks is\\nremoved from the task_struct and from this point on task_work_cancel()\\ncan\u0027t remove any pending and not yet started work items, hence the\\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\\n\\nTask work could be changed to remove one work at a time, so a work\\nrunning on the current task can always cancel a pending one, however\\nthe wait / wake design is still subject to inverted dependencies when\\nremote targets are involved, as pictured by Oleg:\\n\\nT1 T2\\n\\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\\nclose(fd) close(fd)\\n \u003cIRQ\u003e \u003cIRQ\u003e\\n perf_event_overflow() perf_event_overflow()\\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\\n \u003c/IRQ\u003e \u003c/IRQ\u003e\\n fput() fput()\\n task_work_add(____fput()) task_work_add(____fput())\\n\\n task_work_run() task_work_run()\\n ____fput() ____fput()\\n perf_release() perf_release()\\n perf_event_release_kernel() perf_event_release_kernel()\\n _free_event() _free_event()\\n perf_pending_task_sync() perf_pending_task_sync()\\n rcuwait_wait_event() rcuwait_wait_event()\\n\\nTherefore the only option left is to acquire the event reference count\\nupon queueing the perf task work and release it from the task work, just\\nlike it was done before 3a5465418f5f (\\\"perf: Fix event leak upon exec and file release\\\")\\nbut without the leaks it fixed.\\n\\nSome adjustments are necessary to make it work:\\n\\n* A child event might dereference its parent upon freeing. Care must be\\n taken to release the parent last.\\n\\n* Some places assuming the event doesn\u0027t have any reference held and\\n therefore can be freed right away must instead put the reference and\\n let the reference counting to its job.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: perf: Se soluciona el bloqueo al liberar el evento sigtrap Perf puede bloquearse al liberar un evento sigtrap si no se ha logrado enviar una se\u00f1al diferida relacionada antes de que se cerrara el archivo: perf_event_overflow() task_work_add(perf_pending_task) fput() task_work_add(____fput()) task_work_run() ____fput() perf_release() perf_event_release_kernel() _free_event() perf_pending_task_sync() task_work_cancel() -\u0026gt; FAILED rcuwait_wait_event() Una vez que task_work_run() se est\u00e1 ejecutando, la lista de devoluciones de llamadas pendientes se elimina de task_struct y desde este punto, task_work_cancel() no puede eliminar ning\u00fan elemento de trabajo pendiente y a\u00fan no iniciado, de ah\u00ed el error de task_work_cancel() y el bloqueo de rcuwait_wait_event(). El trabajo de la tarea se puede cambiar para eliminar un trabajo a la vez, de modo que un trabajo que se ejecuta en la tarea actual siempre puede cancelar uno pendiente, sin embargo, el dise\u00f1o de espera/activaci\u00f3n a\u00fan est\u00e1 sujeto a dependencias invertidas cuando se involucran objetivos remotos, como lo ilustra Oleg: T1 T2 fd = perf_event_open(pid =\u0026gt; T2-\u0026gt;pid); fd = perf_event_open(pid =\u0026gt; T1-\u0026gt;pid); close(fd) close(fd) perf_event_overflow() perf_event_overflow() task_work_add(perf_pending_task) task_work_add(perf_pending_task) fput() fput() task_work_add(____fput()) task_work_add(____fput()) task_work_run() task_work_run() ____fput() ____fput() perf_release() perf_release() perf_event_release_kernel() perf_event_release_kernel() _free_event() _free_event() perf_pending_task_sync() perf_pending_task_sync() rcuwait_wait_event() rcuwait_wait_event() Por lo tanto, la \u00fanica opci\u00f3n que queda es adquirir el recuento de referencias de evento al poner en cola el trabajo de la tarea de rendimiento y liberarlo del trabajo de la tarea. Tal como se hizo antes de 3a5465418f5f (\\\"perf: Corregir fuga de eventos al ejecutar y liberar archivos\\\"), pero sin las fugas corregidas. Se requieren algunos ajustes para que funcione: * Un evento secundario podr\u00eda desreferenciar a su padre al liberarse. Se debe tener cuidado de liberar al padre al final. * Algunos sitios, al asumir que el evento no tiene ninguna referencia retenida y, por lo tanto, puede liberarse de inmediato, deben colocar la referencia y dejar que el recuento de referencias contin\u00fae.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1267bd38f161c1a27d9b722de017027167a225a0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/56799bc035658738f362acec3e7647bb84e68933\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/665b87b8f8b3aeb49083ef3b65c4953e7753fc12\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/fa1827fa968c0674e9b6fca223fa9fb4da4493eb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
suse-su-2025:02000-1
Vulnerability from csaf_suse
Published
2025-06-18 11:08
Modified
2025-06-18 11:08
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
The following non-security bugs were fixed:
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).
- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
- ASoC: Use of_property_read_bool() (stable-fixes).
- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).
- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).
- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).
- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
- Input: xpad - fix two controller table values (git-fixes).
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
- KVM: arm64: Mark some header functions as inline (git-fixes).
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).
- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
- KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).
- KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (git-fixes).
- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- RDMA/core: Fix 'KASAN: slab-use-after-free Read in ib_register_device' problem (git-fixes)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- RDMA/rxe: Fix 'trying to register non-static key in rxe_qp_do_cleanup' bug (git-fixes)
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
- afs: Make it possible to find the volumes that are using a server (git-fixes).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- arm64: insn: Add support for encoding DSB (git-fixes)
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).
- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
- cBPF: Refresh fixes for cBPF issue (bsc#1242778)
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- can: bcm: add missing rcu read protection for procfs content (git-fixes).
- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).
- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).
- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).
- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).
- can: slcan: allow reception of short error messages (git-fixes).
- check-for-config-changes: Fix flag name typo
- cifs: change tcon status when need_reconnect is set on it (git-fixes).
- cifs: reduce warning log level for server not advertising interfaces (git-fixes).
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- devlink: fix port new reply cmd type (git-fixes).
- dm-integrity: fix a warning on invalid table line (git-fixes).
- dma-buf: insert memory barrier before updating num_fences (git-fixes).
- dmaengine: Revert 'dmaengine: dmatest: Fix dmatest waiting less when interrupted' (git-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).
- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).
- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
- drm/amd/display: Copy AUX read reply data whenever length > 0 (git-fixes).
- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).
- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).
- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).
- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
- exfat: fix potential wrong error return from get_block (git-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).
- iio: adc: ad7606: fix serial register access (git-fixes).
- iio: adis16201: Correct inclinometer channel resolution (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).
- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).
- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).
- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- ipv4: Fix incorrect source address in Record Route option (git-fixes).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).
- ipv4: fix source address selection with route leak (git-fixes).
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes).
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
- ipv6: Align behavior across nexthops during path selection (git-fixes).
- ipv6: Do not consider link down nexthops in path selection (git-fixes).
- ipv6: Start path selection from the first nexthop (git-fixes).
- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).
- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- kernel-obs-qa: Use srchash for dependency as well
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: aio inherit the ioprio of original request (git-fixes).
- loop: do not require ->write_iter for writable files in loop_configure (git-fixes).
- md/raid1,raid10: do not ignore IO flags (git-fixes).
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- md: add a new callback pers->bitmap_sector() (git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md: preserve KABI in struct md_personality v2 (git-fixes).
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- neighbour: delete redundant judgment statements (git-fixes).
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).
- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).
- net: Handle napi_schedule() calls from non-interrupt (git-fixes).
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).
- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
- net: do not dump stack on queue timeout (git-fixes).
- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).
- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- netpoll: Ensure clean state on setup failures (git-fixes).
- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
- nvme: Update patch nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch (git-fixes bsc#1235149).
- nvme: Update patch nvme-re-read-ANA-log-page-after-ns-scan-completes.patch (git-fixes bsc#1235149).
- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
- nvme: multipath: fix return value of nvme_available_path (git-fixes).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvme: unblock ctrl state transition for firmware update (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).
- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
- padata: do not leak refcount in reorder_work (git-fixes).
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).
- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).
- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- qibfs: fix _another_ leak (git-fixes)
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- rcu: Introduce rcu_cpu_online() (git-fixes)
- regulator: max20086: fix invalid memory access (git-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
- scsi: Improve CDL control (git-fixes).
- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
- smb3: fix Open files on server counter going negative (git-fixes).
- smb: client: Use str_yes_no() helper function (git-fixes).
- smb: client: allow more DFS referrals to be cached (git-fixes).
- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).
- smb: client: do not retry DFS targets on server shutdown (git-fixes).
- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).
- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).
- smb: client: fix DFS interlink failover (git-fixes).
- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- smb: client: fix return value of parse_dfs_referrals() (git-fixes).
- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).
- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).
- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).
- smb: client: improve purging of cached referrals (git-fixes).
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- smb: client: optimize referral walk on failed link targets (git-fixes).
- smb: client: parse DNS domain name from domain= option (git-fixes).
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- smb: client: refresh referral without acquiring refpath_lock (git-fixes).
- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
- spi: tegra114: Use value to check for invalid delays (git-fixes).
- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).
- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).
- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).
- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).
- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).
- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).
- usb: gadget: f_ecm: Add get_status callback (git-fixes).
- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).
- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).
- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).
- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).
- usb: uhci-platform: Make the clock really optional (git-fixes).
- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).
- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).
- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).
- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).
- virtio_console: fix missing byte order handling for cols and rows (git-fixes).
- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).
- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- xenfs/xensyms: respect hypervisor's 'next' indication (git-fixes).
- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).
- xhci: split free interrupter into separate remove and free parts (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- xsk: Do not assume metadata is always requested in TX completion (git-fixes).
Patchnames
SUSE-2025-2000,SUSE-SLE-Module-Basesystem-15-SP6-2025-2000,SUSE-SLE-Module-Development-Tools-15-SP6-2025-2000,SUSE-SLE-Module-Legacy-15-SP6-2025-2000,SUSE-SLE-Module-Live-Patching-15-SP6-2025-2000,SUSE-SLE-Product-HA-15-SP6-2025-2000,SUSE-SLE-Product-WE-15-SP6-2025-2000,openSUSE-SLE-15.6-2025-2000
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).\n- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).\n- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).\n- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).\n- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).\n- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1237312).\n- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).\n- CVE-2025-21814: ptp: Ensure info-\u003eenable callback is always set (bsc#1238473).\n- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).\n- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).\n- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).\n- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).\n- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).\n- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).\n- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).\n- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).\n- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).\n- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).\n- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).\n- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).\n- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).\n- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).\n- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).\n- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).\n- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).\n- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).\n- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).\n- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).\n- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).\n- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).\n- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).\n- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).\n- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).\n- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).\n- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).\n- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).\n- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).\n- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).\n- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).\n- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).\n- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).\n- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).\n- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).\n- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).\n- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).\n- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).\n- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).\n- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).\n- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).\n- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).\n- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).\n\nThe following non-security bugs were fixed:\n\n- ACPI: PPTT: Fix processor subtable walk (git-fixes).\n- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).\n- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).\n- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).\n- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).\n- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).\n- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).\n- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).\n- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).\n- ASoC: Use of_property_read_bool() (stable-fixes).\n- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).\n- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).\n- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).\n- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).\n- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).\n- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).\n- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).\n- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).\n- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).\n- IB/cm: use rwlock for MAD agent lock (git-fixes)\n- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).\n- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).\n- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).\n- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).\n- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).\n- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).\n- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).\n- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).\n- Input: xpad - fix two controller table values (git-fixes).\n- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).\n- KVM: SVM: Drop DEBUGCTL[5:2] from guest\u0027s effective value (git-fixes).\n- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).\n- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).\n- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).\n- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).\n- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).\n- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).\n- KVM: arm64: Mark some header functions as inline (git-fixes).\n- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).\n- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).\n- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).\n- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).\n- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).\n- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).\n- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).\n- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).\n- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).\n- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).\n- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).\n- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).\n- KVM: x86/xen: Use guest\u0027s copy of pvclock when starting timer (git-fixes).\n- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).\n- KVM: x86: Do not take kvm-\u003elock when iterating over vCPUs in suspend notifier (git-fixes).\n- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).\n- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn\u0027t supported by KVM (git-fixes).\n- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).\n- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).\n- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).\n- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).\n- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).\n- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).\n- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn\u0027t up (git-fixes).\n- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).\n- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).\n- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)\n- RDMA/core: Fix \u0027KASAN: slab-use-after-free Read in ib_register_device\u0027 problem (git-fixes)\n- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)\n- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)\n- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)\n- RDMA/rxe: Fix \u0027trying to register non-static key in rxe_qp_do_cleanup\u0027 bug (git-fixes)\n- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)\n- Squashfs: check return result of sb_min_blocksize (git-fixes).\n- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).\n- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).\n- add bug reference for an existing hv_netvsc change (bsc#1243737).\n- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).\n- afs: Make it possible to find the volumes that are using a server (git-fixes).\n- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)\n- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)\n- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)\n- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)\n- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)\n- arm64: insn: Add support for encoding DSB (git-fixes)\n- arm64: proton-pack: Add new CPUs \u0027k\u0027 values for branch mitigation (git-fixes)\n- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)\n- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)\n- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).\n- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).\n- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).\n- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).\n- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).\n- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).\n- bpf: Scrub packet on bpf_redirect_peer (git-fixes).\n- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).\n- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).\n- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).\n- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).\n- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).\n- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).\n- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).\n- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).\n- cBPF: Refresh fixes for cBPF issue (bsc#1242778)\n- can: bcm: add locking for bcm_op runtime updates (git-fixes).\n- can: bcm: add missing rcu read protection for procfs content (git-fixes).\n- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).\n- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).\n- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).\n- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).\n- can: slcan: allow reception of short error messages (git-fixes).\n- check-for-config-changes: Fix flag name typo\n- cifs: change tcon status when need_reconnect is set on it (git-fixes).\n- cifs: reduce warning log level for server not advertising interfaces (git-fixes).\n- crypto: algif_hash - fix double free in hash_accept (git-fixes).\n- devlink: fix port new reply cmd type (git-fixes).\n- dm-integrity: fix a warning on invalid table line (git-fixes).\n- dma-buf: insert memory barrier before updating num_fences (git-fixes).\n- dmaengine: Revert \u0027dmaengine: dmatest: Fix dmatest waiting less when interrupted\u0027 (git-fixes).\n- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).\n- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).\n- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).\n- dmaengine: idxd: Fix -\u003epoll() return value (git-fixes).\n- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).\n- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).\n- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).\n- dmaengine: mediatek: drop unused variable (git-fixes).\n- dmaengine: ti: k3-udma: Add missing locking (git-fixes).\n- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).\n- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).\n- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).\n- drm/amd/display: Copy AUX read reply data whenever length \u003e 0 (git-fixes).\n- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).\n- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).\n- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).\n- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).\n- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).\n- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).\n- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).\n- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).\n- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).\n- drm/amdgpu: fix pm notifier handling (git-fixes).\n- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).\n- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).\n- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).\n- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).\n- exfat: fix potential wrong error return from get_block (git-fixes).\n- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).\n- hv_netvsc: Remove rmsg_pgcnt (git-fixes).\n- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).\n- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).\n- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).\n- idpf: fix offloads support for encapsulated packets (git-fixes).\n- idpf: fix potential memory leak on kcalloc() failure (git-fixes).\n- idpf: protect shutdown from reset (git-fixes).\n- igc: fix lock order in igc_ptp_reset (git-fixes).\n- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).\n- iio: adc: ad7606: fix serial register access (git-fixes).\n- iio: adis16201: Correct inclinometer channel resolution (git-fixes).\n- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).\n- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).\n- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).\n- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).\n- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).\n- ipv4/route: avoid unused-but-set-variable warning (git-fixes).\n- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).\n- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).\n- ipv4: Fix incorrect source address in Record Route option (git-fixes).\n- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).\n- ipv4: fix source address selection with route leak (git-fixes).\n- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).\n- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).\n- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes).\n- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).\n- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).\n- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).\n- ipv6: Align behavior across nexthops during path selection (git-fixes).\n- ipv6: Do not consider link down nexthops in path selection (git-fixes).\n- ipv6: Start path selection from the first nexthop (git-fixes).\n- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).\n- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).\n- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).\n- jiffies: Define secs_to_jiffies() (bsc#1242993).\n- kernel-obs-qa: Use srchash for dependency as well\n- loop: Add sanity check for read/write_iter (git-fixes).\n- loop: aio inherit the ioprio of original request (git-fixes).\n- loop: do not require -\u003ewrite_iter for writable files in loop_configure (git-fixes).\n- md/raid1,raid10: do not ignore IO flags (git-fixes).\n- md/raid10: fix missing discard IO accounting (git-fixes).\n- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).\n- md/raid1: Add check for missing source disk in process_checks() (git-fixes).\n- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).\n- md/raid5: implement pers-\u003ebitmap_sector() (git-fixes).\n- md: add a new callback pers-\u003ebitmap_sector() (git-fixes).\n- md: ensure resync is prioritized over recovery (git-fixes).\n- md: fix mddev uaf while iterating all_mddevs list (git-fixes).\n- md: preserve KABI in struct md_personality v2 (git-fixes).\n- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).\n- mtd: phram: Add the kernel lock down check (bsc#1232649).\n- neighbour: delete redundant judgment statements (git-fixes).\n- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).\n- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).\n- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).\n- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).\n- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).\n- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).\n- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).\n- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).\n- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).\n- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).\n- net: Handle napi_schedule() calls from non-interrupt (git-fixes).\n- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).\n- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).\n- net: do not dump stack on queue timeout (git-fixes).\n- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).\n- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).\n- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).\n- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).\n- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).\n- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).\n- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).\n- netdev-genl: avoid empty messages in queue dump (git-fixes).\n- netdev: fix repeated netlink messages in queue dump (git-fixes).\n- netlink: annotate data-races around sk-\u003esk_err (git-fixes).\n- netpoll: Ensure clean state on setup failures (git-fixes).\n- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).\n- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).\n- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).\n- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).\n- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).\n- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).\n- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).\n- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).\n- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).\n- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).\n- nvme: Add \u0027partial_nid\u0027 quirk (bsc#1241148).\n- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).\n- nvme: Update patch nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch (git-fixes bsc#1235149).\n- nvme: Update patch nvme-re-read-ANA-log-page-after-ns-scan-completes.patch (git-fixes bsc#1235149).\n- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).\n- nvme: multipath: fix return value of nvme_available_path (git-fixes).\n- nvme: re-read ANA log page after ns scan completes (git-fixes).\n- nvme: requeue namespace scan on missed AENs (git-fixes).\n- nvme: unblock ctrl state transition for firmware update (git-fixes).\n- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).\n- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).\n- nvmet-fc: put ref when assoc-\u003edel_work is already scheduled (git-fixes).\n- nvmet-fc: take tgtport reference only once (git-fixes).\n- nvmet-fc: update tgtport ref per assoc (git-fixes).\n- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).\n- nvmet-fcloop: add ref counting to lport (git-fixes).\n- nvmet-fcloop: replace kref with refcount (git-fixes).\n- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).\n- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).\n- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).\n- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).\n- padata: do not leak refcount in reorder_work (git-fixes).\n- phy: Fix error handling in tegra_xusb_port_init (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).\n- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).\n- phy: tegra: xusb: remove a stray unlock (git-fixes).\n- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).\n- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).\n- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).\n- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).\n- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).\n- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).\n- qibfs: fix _another_ leak (git-fixes)\n- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)\n- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)\n- rcu: Break rcu_node_0 --\u003e \u0026rq-\u003e__lock order (git-fixes)\n- rcu: Introduce rcu_cpu_online() (git-fixes)\n- regulator: max20086: fix invalid memory access (git-fixes).\n- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN\n- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).\n- scsi: Improve CDL control (git-fixes).\n- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).\n- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).\n- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).\n- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).\n- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).\n- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).\n- scsi: lpfc: Fix spelling mistake \u0027Toplogy\u0027 -\u003e \u0027Topology\u0027 (bsc#1242993).\n- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).\n- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).\n- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).\n- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).\n- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).\n- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).\n- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).\n- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).\n- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).\n- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).\n- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).\n- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).\n- selftests/mm: fix incorrect buffer-\u003emirror size in hmm2 double_map test (bsc#1242203).\n- smb3: fix Open files on server counter going negative (git-fixes).\n- smb: client: Use str_yes_no() helper function (git-fixes).\n- smb: client: allow more DFS referrals to be cached (git-fixes).\n- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).\n- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).\n- smb: client: do not retry DFS targets on server shutdown (git-fixes).\n- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).\n- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).\n- smb: client: fix DFS interlink failover (git-fixes).\n- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).\n- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).\n- smb: client: fix potential race in cifs_put_tcon() (git-fixes).\n- smb: client: fix return value of parse_dfs_referrals() (git-fixes).\n- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).\n- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).\n- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).\n- smb: client: improve purging of cached referrals (git-fixes).\n- smb: client: introduce av_for_each_entry() helper (git-fixes).\n- smb: client: optimize referral walk on failed link targets (git-fixes).\n- smb: client: parse DNS domain name from domain= option (git-fixes).\n- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).\n- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).\n- smb: client: refresh referral without acquiring refpath_lock (git-fixes).\n- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).\n- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).\n- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).\n- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).\n- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).\n- spi: tegra114: Use value to check for invalid delays (git-fixes).\n- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).\n- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).\n- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).\n- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).\n- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).\n- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).\n- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).\n- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).\n- usb: gadget: f_ecm: Add get_status callback (git-fixes).\n- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).\n- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).\n- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).\n- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).\n- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).\n- usb: uhci-platform: Make the clock really optional (git-fixes).\n- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).\n- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).\n- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).\n- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).\n- virtio_console: fix missing byte order handling for cols and rows (git-fixes).\n- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).\n- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).\n- wifi: mt76: disable napi on driver removal (git-fixes).\n- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).\n- x86/xen: move xen_reserve_extra_memory() (git-fixes).\n- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).\n- xen: Change xen-acpi-processor dom0 dependency (git-fixes).\n- xenfs/xensyms: respect hypervisor\u0027s \u0027next\u0027 indication (git-fixes).\n- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).\n- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).\n- xhci: split free interrupter into separate remove and free parts (git-fixes).\n- xsk: Add truesize to skb_add_rx_frag() (git-fixes).\n- xsk: Do not assume metadata is always requested in TX completion (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2000,SUSE-SLE-Module-Basesystem-15-SP6-2025-2000,SUSE-SLE-Module-Development-Tools-15-SP6-2025-2000,SUSE-SLE-Module-Legacy-15-SP6-2025-2000,SUSE-SLE-Module-Live-Patching-15-SP6-2025-2000,SUSE-SLE-Product-HA-15-SP6-2025-2000,SUSE-SLE-Product-WE-15-SP6-2025-2000,openSUSE-SLE-15.6-2025-2000",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02000-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02000-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502000-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02000-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040360.html"
},
{
"category": "self",
"summary": "SUSE Bug 1220112",
"url": "https://bugzilla.suse.com/1220112"
},
{
"category": "self",
"summary": "SUSE Bug 1223096",
"url": "https://bugzilla.suse.com/1223096"
},
{
"category": "self",
"summary": "SUSE Bug 1226498",
"url": "https://bugzilla.suse.com/1226498"
},
{
"category": "self",
"summary": "SUSE Bug 1229491",
"url": "https://bugzilla.suse.com/1229491"
},
{
"category": "self",
"summary": "SUSE Bug 1230581",
"url": "https://bugzilla.suse.com/1230581"
},
{
"category": "self",
"summary": "SUSE Bug 1231016",
"url": "https://bugzilla.suse.com/1231016"
},
{
"category": "self",
"summary": "SUSE Bug 1232649",
"url": "https://bugzilla.suse.com/1232649"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1233192",
"url": "https://bugzilla.suse.com/1233192"
},
{
"category": "self",
"summary": "SUSE Bug 1234154",
"url": "https://bugzilla.suse.com/1234154"
},
{
"category": "self",
"summary": "SUSE Bug 1235149",
"url": "https://bugzilla.suse.com/1235149"
},
{
"category": "self",
"summary": "SUSE Bug 1235968",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "self",
"summary": "SUSE Bug 1236142",
"url": "https://bugzilla.suse.com/1236142"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238473",
"url": "https://bugzilla.suse.com/1238473"
},
{
"category": "self",
"summary": "SUSE Bug 1238774",
"url": "https://bugzilla.suse.com/1238774"
},
{
"category": "self",
"summary": "SUSE Bug 1238992",
"url": "https://bugzilla.suse.com/1238992"
},
{
"category": "self",
"summary": "SUSE Bug 1239691",
"url": "https://bugzilla.suse.com/1239691"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1240593",
"url": "https://bugzilla.suse.com/1240593"
},
{
"category": "self",
"summary": "SUSE Bug 1240866",
"url": "https://bugzilla.suse.com/1240866"
},
{
"category": "self",
"summary": "SUSE Bug 1240966",
"url": "https://bugzilla.suse.com/1240966"
},
{
"category": "self",
"summary": "SUSE Bug 1241148",
"url": "https://bugzilla.suse.com/1241148"
},
{
"category": "self",
"summary": "SUSE Bug 1241282",
"url": "https://bugzilla.suse.com/1241282"
},
{
"category": "self",
"summary": "SUSE Bug 1241305",
"url": "https://bugzilla.suse.com/1241305"
},
{
"category": "self",
"summary": "SUSE Bug 1241340",
"url": "https://bugzilla.suse.com/1241340"
},
{
"category": "self",
"summary": "SUSE Bug 1241351",
"url": "https://bugzilla.suse.com/1241351"
},
{
"category": "self",
"summary": "SUSE Bug 1241376",
"url": "https://bugzilla.suse.com/1241376"
},
{
"category": "self",
"summary": "SUSE Bug 1241448",
"url": "https://bugzilla.suse.com/1241448"
},
{
"category": "self",
"summary": "SUSE Bug 1241457",
"url": "https://bugzilla.suse.com/1241457"
},
{
"category": "self",
"summary": "SUSE Bug 1241492",
"url": "https://bugzilla.suse.com/1241492"
},
{
"category": "self",
"summary": "SUSE Bug 1241519",
"url": "https://bugzilla.suse.com/1241519"
},
{
"category": "self",
"summary": "SUSE Bug 1241525",
"url": "https://bugzilla.suse.com/1241525"
},
{
"category": "self",
"summary": "SUSE Bug 1241533",
"url": "https://bugzilla.suse.com/1241533"
},
{
"category": "self",
"summary": "SUSE Bug 1241538",
"url": "https://bugzilla.suse.com/1241538"
},
{
"category": "self",
"summary": "SUSE Bug 1241576",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "self",
"summary": "SUSE Bug 1241590",
"url": "https://bugzilla.suse.com/1241590"
},
{
"category": "self",
"summary": "SUSE Bug 1241595",
"url": "https://bugzilla.suse.com/1241595"
},
{
"category": "self",
"summary": "SUSE Bug 1241596",
"url": "https://bugzilla.suse.com/1241596"
},
{
"category": "self",
"summary": "SUSE Bug 1241597",
"url": "https://bugzilla.suse.com/1241597"
},
{
"category": "self",
"summary": "SUSE Bug 1241625",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "self",
"summary": "SUSE Bug 1241627",
"url": "https://bugzilla.suse.com/1241627"
},
{
"category": "self",
"summary": "SUSE Bug 1241635",
"url": "https://bugzilla.suse.com/1241635"
},
{
"category": "self",
"summary": "SUSE Bug 1241638",
"url": "https://bugzilla.suse.com/1241638"
},
{
"category": "self",
"summary": "SUSE Bug 1241644",
"url": "https://bugzilla.suse.com/1241644"
},
{
"category": "self",
"summary": "SUSE Bug 1241654",
"url": "https://bugzilla.suse.com/1241654"
},
{
"category": "self",
"summary": "SUSE Bug 1241657",
"url": "https://bugzilla.suse.com/1241657"
},
{
"category": "self",
"summary": "SUSE Bug 1242006",
"url": "https://bugzilla.suse.com/1242006"
},
{
"category": "self",
"summary": "SUSE Bug 1242012",
"url": "https://bugzilla.suse.com/1242012"
},
{
"category": "self",
"summary": "SUSE Bug 1242035",
"url": "https://bugzilla.suse.com/1242035"
},
{
"category": "self",
"summary": "SUSE Bug 1242044",
"url": "https://bugzilla.suse.com/1242044"
},
{
"category": "self",
"summary": "SUSE Bug 1242203",
"url": "https://bugzilla.suse.com/1242203"
},
{
"category": "self",
"summary": "SUSE Bug 1242343",
"url": "https://bugzilla.suse.com/1242343"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242417",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "self",
"summary": "SUSE Bug 1242501",
"url": "https://bugzilla.suse.com/1242501"
},
{
"category": "self",
"summary": "SUSE Bug 1242502",
"url": "https://bugzilla.suse.com/1242502"
},
{
"category": "self",
"summary": "SUSE Bug 1242506",
"url": "https://bugzilla.suse.com/1242506"
},
{
"category": "self",
"summary": "SUSE Bug 1242507",
"url": "https://bugzilla.suse.com/1242507"
},
{
"category": "self",
"summary": "SUSE Bug 1242509",
"url": "https://bugzilla.suse.com/1242509"
},
{
"category": "self",
"summary": "SUSE Bug 1242510",
"url": "https://bugzilla.suse.com/1242510"
},
{
"category": "self",
"summary": "SUSE Bug 1242512",
"url": "https://bugzilla.suse.com/1242512"
},
{
"category": "self",
"summary": "SUSE Bug 1242513",
"url": "https://bugzilla.suse.com/1242513"
},
{
"category": "self",
"summary": "SUSE Bug 1242514",
"url": "https://bugzilla.suse.com/1242514"
},
{
"category": "self",
"summary": "SUSE Bug 1242520",
"url": "https://bugzilla.suse.com/1242520"
},
{
"category": "self",
"summary": "SUSE Bug 1242523",
"url": "https://bugzilla.suse.com/1242523"
},
{
"category": "self",
"summary": "SUSE Bug 1242524",
"url": "https://bugzilla.suse.com/1242524"
},
{
"category": "self",
"summary": "SUSE Bug 1242529",
"url": "https://bugzilla.suse.com/1242529"
},
{
"category": "self",
"summary": "SUSE Bug 1242530",
"url": "https://bugzilla.suse.com/1242530"
},
{
"category": "self",
"summary": "SUSE Bug 1242531",
"url": "https://bugzilla.suse.com/1242531"
},
{
"category": "self",
"summary": "SUSE Bug 1242532",
"url": "https://bugzilla.suse.com/1242532"
},
{
"category": "self",
"summary": "SUSE Bug 1242559",
"url": "https://bugzilla.suse.com/1242559"
},
{
"category": "self",
"summary": "SUSE Bug 1242563",
"url": "https://bugzilla.suse.com/1242563"
},
{
"category": "self",
"summary": "SUSE Bug 1242564",
"url": "https://bugzilla.suse.com/1242564"
},
{
"category": "self",
"summary": "SUSE Bug 1242565",
"url": "https://bugzilla.suse.com/1242565"
},
{
"category": "self",
"summary": "SUSE Bug 1242566",
"url": "https://bugzilla.suse.com/1242566"
},
{
"category": "self",
"summary": "SUSE Bug 1242567",
"url": "https://bugzilla.suse.com/1242567"
},
{
"category": "self",
"summary": "SUSE Bug 1242568",
"url": "https://bugzilla.suse.com/1242568"
},
{
"category": "self",
"summary": "SUSE Bug 1242569",
"url": "https://bugzilla.suse.com/1242569"
},
{
"category": "self",
"summary": "SUSE Bug 1242574",
"url": "https://bugzilla.suse.com/1242574"
},
{
"category": "self",
"summary": "SUSE Bug 1242575",
"url": "https://bugzilla.suse.com/1242575"
},
{
"category": "self",
"summary": "SUSE Bug 1242578",
"url": "https://bugzilla.suse.com/1242578"
},
{
"category": "self",
"summary": "SUSE Bug 1242584",
"url": "https://bugzilla.suse.com/1242584"
},
{
"category": "self",
"summary": "SUSE Bug 1242585",
"url": "https://bugzilla.suse.com/1242585"
},
{
"category": "self",
"summary": "SUSE Bug 1242587",
"url": "https://bugzilla.suse.com/1242587"
},
{
"category": "self",
"summary": "SUSE Bug 1242591",
"url": "https://bugzilla.suse.com/1242591"
},
{
"category": "self",
"summary": "SUSE Bug 1242709",
"url": "https://bugzilla.suse.com/1242709"
},
{
"category": "self",
"summary": "SUSE Bug 1242727",
"url": "https://bugzilla.suse.com/1242727"
},
{
"category": "self",
"summary": "SUSE Bug 1242758",
"url": "https://bugzilla.suse.com/1242758"
},
{
"category": "self",
"summary": "SUSE Bug 1242760",
"url": "https://bugzilla.suse.com/1242760"
},
{
"category": "self",
"summary": "SUSE Bug 1242761",
"url": "https://bugzilla.suse.com/1242761"
},
{
"category": "self",
"summary": "SUSE Bug 1242762",
"url": "https://bugzilla.suse.com/1242762"
},
{
"category": "self",
"summary": "SUSE Bug 1242763",
"url": "https://bugzilla.suse.com/1242763"
},
{
"category": "self",
"summary": "SUSE Bug 1242764",
"url": "https://bugzilla.suse.com/1242764"
},
{
"category": "self",
"summary": "SUSE Bug 1242766",
"url": "https://bugzilla.suse.com/1242766"
},
{
"category": "self",
"summary": "SUSE Bug 1242770",
"url": "https://bugzilla.suse.com/1242770"
},
{
"category": "self",
"summary": "SUSE Bug 1242778",
"url": "https://bugzilla.suse.com/1242778"
},
{
"category": "self",
"summary": "SUSE Bug 1242781",
"url": "https://bugzilla.suse.com/1242781"
},
{
"category": "self",
"summary": "SUSE Bug 1242782",
"url": "https://bugzilla.suse.com/1242782"
},
{
"category": "self",
"summary": "SUSE Bug 1242785",
"url": "https://bugzilla.suse.com/1242785"
},
{
"category": "self",
"summary": "SUSE Bug 1242786",
"url": "https://bugzilla.suse.com/1242786"
},
{
"category": "self",
"summary": "SUSE Bug 1242792",
"url": "https://bugzilla.suse.com/1242792"
},
{
"category": "self",
"summary": "SUSE Bug 1242852",
"url": "https://bugzilla.suse.com/1242852"
},
{
"category": "self",
"summary": "SUSE Bug 1242854",
"url": "https://bugzilla.suse.com/1242854"
},
{
"category": "self",
"summary": "SUSE Bug 1242856",
"url": "https://bugzilla.suse.com/1242856"
},
{
"category": "self",
"summary": "SUSE Bug 1242859",
"url": "https://bugzilla.suse.com/1242859"
},
{
"category": "self",
"summary": "SUSE Bug 1242860",
"url": "https://bugzilla.suse.com/1242860"
},
{
"category": "self",
"summary": "SUSE Bug 1242861",
"url": "https://bugzilla.suse.com/1242861"
},
{
"category": "self",
"summary": "SUSE Bug 1242866",
"url": "https://bugzilla.suse.com/1242866"
},
{
"category": "self",
"summary": "SUSE Bug 1242867",
"url": "https://bugzilla.suse.com/1242867"
},
{
"category": "self",
"summary": "SUSE Bug 1242868",
"url": "https://bugzilla.suse.com/1242868"
},
{
"category": "self",
"summary": "SUSE Bug 1242871",
"url": "https://bugzilla.suse.com/1242871"
},
{
"category": "self",
"summary": "SUSE Bug 1242873",
"url": "https://bugzilla.suse.com/1242873"
},
{
"category": "self",
"summary": "SUSE Bug 1242875",
"url": "https://bugzilla.suse.com/1242875"
},
{
"category": "self",
"summary": "SUSE Bug 1242906",
"url": "https://bugzilla.suse.com/1242906"
},
{
"category": "self",
"summary": "SUSE Bug 1242908",
"url": "https://bugzilla.suse.com/1242908"
},
{
"category": "self",
"summary": "SUSE Bug 1242924",
"url": "https://bugzilla.suse.com/1242924"
},
{
"category": "self",
"summary": "SUSE Bug 1242930",
"url": "https://bugzilla.suse.com/1242930"
},
{
"category": "self",
"summary": "SUSE Bug 1242944",
"url": "https://bugzilla.suse.com/1242944"
},
{
"category": "self",
"summary": "SUSE Bug 1242945",
"url": "https://bugzilla.suse.com/1242945"
},
{
"category": "self",
"summary": "SUSE Bug 1242948",
"url": "https://bugzilla.suse.com/1242948"
},
{
"category": "self",
"summary": "SUSE Bug 1242949",
"url": "https://bugzilla.suse.com/1242949"
},
{
"category": "self",
"summary": "SUSE Bug 1242951",
"url": "https://bugzilla.suse.com/1242951"
},
{
"category": "self",
"summary": "SUSE Bug 1242953",
"url": "https://bugzilla.suse.com/1242953"
},
{
"category": "self",
"summary": "SUSE Bug 1242955",
"url": "https://bugzilla.suse.com/1242955"
},
{
"category": "self",
"summary": "SUSE Bug 1242957",
"url": "https://bugzilla.suse.com/1242957"
},
{
"category": "self",
"summary": "SUSE Bug 1242959",
"url": "https://bugzilla.suse.com/1242959"
},
{
"category": "self",
"summary": "SUSE Bug 1242961",
"url": "https://bugzilla.suse.com/1242961"
},
{
"category": "self",
"summary": "SUSE Bug 1242962",
"url": "https://bugzilla.suse.com/1242962"
},
{
"category": "self",
"summary": "SUSE Bug 1242973",
"url": "https://bugzilla.suse.com/1242973"
},
{
"category": "self",
"summary": "SUSE Bug 1242974",
"url": "https://bugzilla.suse.com/1242974"
},
{
"category": "self",
"summary": "SUSE Bug 1242977",
"url": "https://bugzilla.suse.com/1242977"
},
{
"category": "self",
"summary": "SUSE Bug 1242990",
"url": "https://bugzilla.suse.com/1242990"
},
{
"category": "self",
"summary": "SUSE Bug 1242993",
"url": "https://bugzilla.suse.com/1242993"
},
{
"category": "self",
"summary": "SUSE Bug 1243000",
"url": "https://bugzilla.suse.com/1243000"
},
{
"category": "self",
"summary": "SUSE Bug 1243006",
"url": "https://bugzilla.suse.com/1243006"
},
{
"category": "self",
"summary": "SUSE Bug 1243011",
"url": "https://bugzilla.suse.com/1243011"
},
{
"category": "self",
"summary": "SUSE Bug 1243015",
"url": "https://bugzilla.suse.com/1243015"
},
{
"category": "self",
"summary": "SUSE Bug 1243044",
"url": "https://bugzilla.suse.com/1243044"
},
{
"category": "self",
"summary": "SUSE Bug 1243049",
"url": "https://bugzilla.suse.com/1243049"
},
{
"category": "self",
"summary": "SUSE Bug 1243056",
"url": "https://bugzilla.suse.com/1243056"
},
{
"category": "self",
"summary": "SUSE Bug 1243074",
"url": "https://bugzilla.suse.com/1243074"
},
{
"category": "self",
"summary": "SUSE Bug 1243076",
"url": "https://bugzilla.suse.com/1243076"
},
{
"category": "self",
"summary": "SUSE Bug 1243077",
"url": "https://bugzilla.suse.com/1243077"
},
{
"category": "self",
"summary": "SUSE Bug 1243082",
"url": "https://bugzilla.suse.com/1243082"
},
{
"category": "self",
"summary": "SUSE Bug 1243090",
"url": "https://bugzilla.suse.com/1243090"
},
{
"category": "self",
"summary": "SUSE Bug 1243330",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243456",
"url": "https://bugzilla.suse.com/1243456"
},
{
"category": "self",
"summary": "SUSE Bug 1243469",
"url": "https://bugzilla.suse.com/1243469"
},
{
"category": "self",
"summary": "SUSE Bug 1243470",
"url": "https://bugzilla.suse.com/1243470"
},
{
"category": "self",
"summary": "SUSE Bug 1243471",
"url": "https://bugzilla.suse.com/1243471"
},
{
"category": "self",
"summary": "SUSE Bug 1243472",
"url": "https://bugzilla.suse.com/1243472"
},
{
"category": "self",
"summary": "SUSE Bug 1243473",
"url": "https://bugzilla.suse.com/1243473"
},
{
"category": "self",
"summary": "SUSE Bug 1243476",
"url": "https://bugzilla.suse.com/1243476"
},
{
"category": "self",
"summary": "SUSE Bug 1243509",
"url": "https://bugzilla.suse.com/1243509"
},
{
"category": "self",
"summary": "SUSE Bug 1243511",
"url": "https://bugzilla.suse.com/1243511"
},
{
"category": "self",
"summary": "SUSE Bug 1243513",
"url": "https://bugzilla.suse.com/1243513"
},
{
"category": "self",
"summary": "SUSE Bug 1243515",
"url": "https://bugzilla.suse.com/1243515"
},
{
"category": "self",
"summary": "SUSE Bug 1243516",
"url": "https://bugzilla.suse.com/1243516"
},
{
"category": "self",
"summary": "SUSE Bug 1243517",
"url": "https://bugzilla.suse.com/1243517"
},
{
"category": "self",
"summary": "SUSE Bug 1243519",
"url": "https://bugzilla.suse.com/1243519"
},
{
"category": "self",
"summary": "SUSE Bug 1243522",
"url": "https://bugzilla.suse.com/1243522"
},
{
"category": "self",
"summary": "SUSE Bug 1243524",
"url": "https://bugzilla.suse.com/1243524"
},
{
"category": "self",
"summary": "SUSE Bug 1243528",
"url": "https://bugzilla.suse.com/1243528"
},
{
"category": "self",
"summary": "SUSE Bug 1243529",
"url": "https://bugzilla.suse.com/1243529"
},
{
"category": "self",
"summary": "SUSE Bug 1243530",
"url": "https://bugzilla.suse.com/1243530"
},
{
"category": "self",
"summary": "SUSE Bug 1243534",
"url": "https://bugzilla.suse.com/1243534"
},
{
"category": "self",
"summary": "SUSE Bug 1243536",
"url": "https://bugzilla.suse.com/1243536"
},
{
"category": "self",
"summary": "SUSE Bug 1243539",
"url": "https://bugzilla.suse.com/1243539"
},
{
"category": "self",
"summary": "SUSE Bug 1243540",
"url": "https://bugzilla.suse.com/1243540"
},
{
"category": "self",
"summary": "SUSE Bug 1243541",
"url": "https://bugzilla.suse.com/1243541"
},
{
"category": "self",
"summary": "SUSE Bug 1243543",
"url": "https://bugzilla.suse.com/1243543"
},
{
"category": "self",
"summary": "SUSE Bug 1243545",
"url": "https://bugzilla.suse.com/1243545"
},
{
"category": "self",
"summary": "SUSE Bug 1243547",
"url": "https://bugzilla.suse.com/1243547"
},
{
"category": "self",
"summary": "SUSE Bug 1243559",
"url": "https://bugzilla.suse.com/1243559"
},
{
"category": "self",
"summary": "SUSE Bug 1243560",
"url": "https://bugzilla.suse.com/1243560"
},
{
"category": "self",
"summary": "SUSE Bug 1243562",
"url": "https://bugzilla.suse.com/1243562"
},
{
"category": "self",
"summary": "SUSE Bug 1243567",
"url": "https://bugzilla.suse.com/1243567"
},
{
"category": "self",
"summary": "SUSE Bug 1243573",
"url": "https://bugzilla.suse.com/1243573"
},
{
"category": "self",
"summary": "SUSE Bug 1243574",
"url": "https://bugzilla.suse.com/1243574"
},
{
"category": "self",
"summary": "SUSE Bug 1243575",
"url": "https://bugzilla.suse.com/1243575"
},
{
"category": "self",
"summary": "SUSE Bug 1243589",
"url": "https://bugzilla.suse.com/1243589"
},
{
"category": "self",
"summary": "SUSE Bug 1243621",
"url": "https://bugzilla.suse.com/1243621"
},
{
"category": "self",
"summary": "SUSE Bug 1243624",
"url": "https://bugzilla.suse.com/1243624"
},
{
"category": "self",
"summary": "SUSE Bug 1243625",
"url": "https://bugzilla.suse.com/1243625"
},
{
"category": "self",
"summary": "SUSE Bug 1243626",
"url": "https://bugzilla.suse.com/1243626"
},
{
"category": "self",
"summary": "SUSE Bug 1243627",
"url": "https://bugzilla.suse.com/1243627"
},
{
"category": "self",
"summary": "SUSE Bug 1243649",
"url": "https://bugzilla.suse.com/1243649"
},
{
"category": "self",
"summary": "SUSE Bug 1243657",
"url": "https://bugzilla.suse.com/1243657"
},
{
"category": "self",
"summary": "SUSE Bug 1243658",
"url": "https://bugzilla.suse.com/1243658"
},
{
"category": "self",
"summary": "SUSE Bug 1243659",
"url": "https://bugzilla.suse.com/1243659"
},
{
"category": "self",
"summary": "SUSE Bug 1243660",
"url": "https://bugzilla.suse.com/1243660"
},
{
"category": "self",
"summary": "SUSE Bug 1243664",
"url": "https://bugzilla.suse.com/1243664"
},
{
"category": "self",
"summary": "SUSE Bug 1243737",
"url": "https://bugzilla.suse.com/1243737"
},
{
"category": "self",
"summary": "SUSE Bug 1243805",
"url": "https://bugzilla.suse.com/1243805"
},
{
"category": "self",
"summary": "SUSE Bug 1243963",
"url": "https://bugzilla.suse.com/1243963"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53146 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46713 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50223 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53135 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54458 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58098 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58100 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21629 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21648 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21919 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22030 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22056 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22063 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22070 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22089 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22095 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22124 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22126 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23147 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23148 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23150 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23151 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23157 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23158 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23159 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23161 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37740 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37748 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37769 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37771 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37788 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37789 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37803 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37805 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37809 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37841 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37849 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37851 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37867 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37879 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37897 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37900 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37901 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37903 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37929 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37944 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37949 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37954 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37958 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37974 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37980 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37982 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37983 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37986 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37989 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37990 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38152 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38240 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40325 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40325/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-06-18T11:08:16Z",
"generator": {
"date": "2025-06-18T11:08:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02000-1",
"initial_release_date": "2025-06-18T11:08:16Z",
"revision_history": [
{
"date": "2025-06-18T11:08:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"product_id": "cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"product_id": "cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"product_id": "dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"product_id": "dlm-kmp-default-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-allwinner-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-altera-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-altera-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-altera-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-amazon-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amd-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-amd-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-amd-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-amlogic-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apm-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-apm-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-apm-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apple-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-apple-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-apple-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-arm-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-arm-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-arm-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-broadcom-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-cavium-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-exynos-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-freescale-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-hisilicon-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-lg-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-lg-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-lg-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-marvell-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-mediatek-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-nvidia-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-qcom-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-renesas-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-rockchip-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-socionext-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-sprd-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"product_id": "dtb-xilinx-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"product_id": "gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"product_id": "gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"product_id": "kernel-64kb-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"product_id": "kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"product_id": "kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"product_id": "kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-150600.23.53.1.aarch64",
"product_id": "kernel-default-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"product_id": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"product_id": "kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"product_id": "kernel-default-devel-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"product_id": "kernel-default-extra-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"product_id": "kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"product_id": "kernel-default-optional-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"product_id": "kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"product_id": "kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"product_id": "kernel-obs-build-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"product_id": "kernel-obs-qa-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "kernel-syms-6.4.0-150600.23.53.1.aarch64",
"product_id": "kernel-syms-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"product_id": "kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"product_id": "kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"product_id": "ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"product_id": "ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"product_id": "reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"product_id": "reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-150600.23.53.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-150600.23.53.1.noarch",
"product_id": "kernel-devel-6.4.0-150600.23.53.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-6.4.0-150600.23.53.1.noarch",
"product": {
"name": "kernel-docs-6.4.0-150600.23.53.1.noarch",
"product_id": "kernel-docs-6.4.0-150600.23.53.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"product": {
"name": "kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"product_id": "kernel-docs-html-6.4.0-150600.23.53.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-150600.23.53.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-150600.23.53.1.noarch",
"product_id": "kernel-macros-6.4.0-150600.23.53.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-150600.23.53.1.noarch",
"product": {
"name": "kernel-source-6.4.0-150600.23.53.1.noarch",
"product_id": "kernel-source-6.4.0-150600.23.53.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"product": {
"name": "kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"product_id": "kernel-source-vanilla-6.4.0-150600.23.53.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"product_id": "cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"product_id": "dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"product_id": "gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"product_id": "kernel-debug-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"product_id": "kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "kernel-default-6.4.0-150600.23.53.1.ppc64le",
"product_id": "kernel-default-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"product": {
"name": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"product_id": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"product_id": "kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"product_id": "kernel-default-devel-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"product_id": "kernel-default-extra-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"product_id": "kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"product_id": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"product_id": "kernel-default-optional-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"product_id": "kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"product_id": "kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"product": {
"name": "kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"product_id": "kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"product_id": "kernel-obs-build-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"product_id": "kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"product_id": "kernel-syms-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"product_id": "kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"product_id": "ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"product_id": "reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"product_id": "cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"product": {
"name": "dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"product_id": "dlm-kmp-default-6.4.0-150600.23.53.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"product": {
"name": "gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"product_id": "gfs2-kmp-default-6.4.0-150600.23.53.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150600.23.53.1.s390x",
"product": {
"name": "kernel-default-6.4.0-150600.23.53.1.s390x",
"product_id": "kernel-default-6.4.0-150600.23.53.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"product": {
"name": "kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"product_id": "kernel-default-devel-6.4.0-150600.23.53.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"product": {
"name": "kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"product_id": "kernel-default-extra-6.4.0-150600.23.53.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-150600.23.53.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"product_id": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"product": {
"name": "kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"product_id": "kernel-default-optional-6.4.0-150600.23.53.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"product_id": "kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"product": {
"name": "kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"product_id": "kernel-obs-build-6.4.0-150600.23.53.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"product": {
"name": "kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"product_id": "kernel-obs-qa-6.4.0-150600.23.53.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150600.23.53.1.s390x",
"product": {
"name": "kernel-syms-6.4.0-150600.23.53.1.s390x",
"product_id": "kernel-syms-6.4.0-150600.23.53.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"product": {
"name": "kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"product_id": "kernel-zfcpdump-6.4.0-150600.23.53.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"product": {
"name": "kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"product_id": "kselftests-kmp-default-6.4.0-150600.23.53.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"product_id": "ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"product_id": "reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"product_id": "cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"product_id": "dlm-kmp-default-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"product_id": "gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kernel-debug-6.4.0-150600.23.53.1.x86_64",
"product_id": "kernel-debug-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"product_id": "kernel-debug-devel-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"product_id": "kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-150600.23.53.1.x86_64",
"product_id": "kernel-default-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"product_id": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"product_id": "kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"product_id": "kernel-default-devel-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"product_id": "kernel-default-extra-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"product_id": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"product_id": "kernel-default-optional-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"product_id": "kernel-default-vdso-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"product_id": "kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"product_id": "kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"product_id": "kernel-obs-build-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"product_id": "kernel-obs-qa-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kernel-syms-6.4.0-150600.23.53.1.x86_64",
"product_id": "kernel-syms-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"product_id": "kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"product_id": "ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"product_id": "reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-6.4.0-150600.23.53.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.53.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.53.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-default-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.53.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-default-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.53.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.53.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.53.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.53.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.53.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-150600.23.53.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-150600.23.53.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-150600.23.53.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-150600.23.53.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-6.4.0-150600.23.53.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-6.4.0-150600.23.53.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch"
},
"product_reference": "kernel-docs-6.4.0-150600.23.53.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.53.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.53.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.53.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.53.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-150600.23.53.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch"
},
"product_reference": "kernel-source-6.4.0-150600.23.53.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.53.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-syms-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.53.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.53.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-syms-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.53.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-syms-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.53.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.53.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.53.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.53.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.53.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150600.23.53.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP6",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.53.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-allwinner-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-altera-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-altera-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-amazon-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-amd-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-amd-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-amlogic-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-apm-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-apm-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-apple-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-apple-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-arm-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-arm-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-broadcom-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-cavium-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-exynos-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-freescale-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-hisilicon-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-lg-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-lg-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-marvell-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-mediatek-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-nvidia-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-qcom-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-renesas-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-rockchip-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-socionext-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-sprd-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-xilinx-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.53.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-debug-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-default-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.53.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-default-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64"
},
"product_reference": "kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le"
},
"product_reference": "kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64"
},
"product_reference": "kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.53.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150600.23.53.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.53.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-optional-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-optional-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-optional-6.4.0-150600.23.53.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-optional-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-vdso-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-150600.23.53.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-150600.23.53.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-6.4.0-150600.23.53.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch"
},
"product_reference": "kernel-docs-6.4.0-150600.23.53.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-6.4.0-150600.23.53.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch"
},
"product_reference": "kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-150600.23.53.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-150600.23.53.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.53.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.4.0-150600.23.53.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-150600.23.53.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch"
},
"product_reference": "kernel-source-6.4.0-150600.23.53.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-6.4.0-150600.23.53.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch"
},
"product_reference": "kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kernel-syms-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.53.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-syms-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kernel-syms-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-6.4.0-150600.23.53.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-default-6.4.0-150600.23.53.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()\n\nIn dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach dw2102_i2c_transfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 950e252cb469\n(\"[media] dw2102: limit messages to buffer size\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53146",
"url": "https://www.suse.com/security/cve/CVE-2023-53146"
},
{
"category": "external",
"summary": "SUSE Bug 1220112 for CVE-2023-53146",
"url": "https://bugzilla.suse.com/1220112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-53146"
},
{
"cve": "CVE-2024-28956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28956"
}
],
"notes": [
{
"category": "general",
"text": "Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28956",
"url": "https://www.suse.com/security/cve/CVE-2024-28956"
},
{
"category": "external",
"summary": "SUSE Bug 1242006 for CVE-2024-28956",
"url": "https://bugzilla.suse.com/1242006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-28956"
},
{
"cve": "CVE-2024-43869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix event leak upon exec and file release\n\nThe perf pending task work is never waited upon the matching event\nrelease. In the case of a child event, released via free_event()\ndirectly, this can potentially result in a leaked event, such as in the\nfollowing scenario that doesn\u0027t even require a weak IRQ work\nimplementation to trigger:\n\nschedule()\n prepare_task_switch()\n=======\u003e \u003cNMI\u003e\n perf_event_overflow()\n event-\u003epending_sigtrap = ...\n irq_work_queue(\u0026event-\u003epending_irq)\n\u003c======= \u003c/NMI\u003e\n perf_event_task_sched_out()\n event_sched_out()\n event-\u003epending_sigtrap = 0;\n atomic_long_inc_not_zero(\u0026event-\u003erefcount)\n task_work_add(\u0026event-\u003epending_task)\n finish_lock_switch()\n=======\u003e \u003cIRQ\u003e\n perf_pending_irq()\n //do nothing, rely on pending task work\n\u003c======= \u003c/IRQ\u003e\n\nbegin_new_exec()\n perf_event_exit_task()\n perf_event_exit_event()\n // If is child event\n free_event()\n WARN(atomic_long_cmpxchg(\u0026event-\u003erefcount, 1, 0) != 1)\n // event is leaked\n\nSimilar scenarios can also happen with perf_event_remove_on_exec() or\nsimply against concurrent perf_event_release().\n\nFix this with synchonizing against the possibly remaining pending task\nwork while freeing the event, just like is done with remaining pending\nIRQ work. This means that the pending task callback neither need nor\nshould hold a reference to the event, preventing it from ever beeing\nfreed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43869",
"url": "https://www.suse.com/security/cve/CVE-2024-43869"
},
{
"category": "external",
"summary": "SUSE Bug 1229491 for CVE-2024-43869",
"url": "https://bugzilla.suse.com/1229491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-43869"
},
{
"cve": "CVE-2024-46713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/aux: Fix AUX buffer serialization\n\nOle reported that event-\u003emmap_mutex is strictly insufficient to\nserialize the AUX buffer, add a per RB mutex to fully serialize it.\n\nNote that in the lock order comment the perf_event::mmap_mutex order\nwas already wrong, that is, it nesting under mmap_lock is not new with\nthis patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46713",
"url": "https://www.suse.com/security/cve/CVE-2024-46713"
},
{
"category": "external",
"summary": "SUSE Bug 1230581 for CVE-2024-46713",
"url": "https://bugzilla.suse.com/1230581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-46713"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.com/1232882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-50106"
},
{
"cve": "CVE-2024-50223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50223"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: Fix the potential null pointer dereference in task_numa_work()\n\nWhen running stress-ng-vm-segv test, we found a null pointer dereference\nerror in task_numa_work(). Here is the backtrace:\n\n [323676.066985] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ......\n [323676.067108] CPU: 35 PID: 2694524 Comm: stress-ng-vm-se\n ......\n [323676.067113] pstate: 23401009 (nzCv daif +PAN -UAO +TCO +DIT +SSBS BTYPE=--)\n [323676.067115] pc : vma_migratable+0x1c/0xd0\n [323676.067122] lr : task_numa_work+0x1ec/0x4e0\n [323676.067127] sp : ffff8000ada73d20\n [323676.067128] x29: ffff8000ada73d20 x28: 0000000000000000 x27: 000000003e89f010\n [323676.067130] x26: 0000000000080000 x25: ffff800081b5c0d8 x24: ffff800081b27000\n [323676.067133] x23: 0000000000010000 x22: 0000000104d18cc0 x21: ffff0009f7158000\n [323676.067135] x20: 0000000000000000 x19: 0000000000000000 x18: ffff8000ada73db8\n [323676.067138] x17: 0001400000000000 x16: ffff800080df40b0 x15: 0000000000000035\n [323676.067140] x14: ffff8000ada73cc8 x13: 1fffe0017cc72001 x12: ffff8000ada73cc8\n [323676.067142] x11: ffff80008001160c x10: ffff000be639000c x9 : ffff8000800f4ba4\n [323676.067145] x8 : ffff000810375000 x7 : ffff8000ada73974 x6 : 0000000000000001\n [323676.067147] x5 : 0068000b33e26707 x4 : 0000000000000001 x3 : ffff0009f7158000\n [323676.067149] x2 : 0000000000000041 x1 : 0000000000004400 x0 : 0000000000000000\n [323676.067152] Call trace:\n [323676.067153] vma_migratable+0x1c/0xd0\n [323676.067155] task_numa_work+0x1ec/0x4e0\n [323676.067157] task_work_run+0x78/0xd8\n [323676.067161] do_notify_resume+0x1ec/0x290\n [323676.067163] el0_svc+0x150/0x160\n [323676.067167] el0t_64_sync_handler+0xf8/0x128\n [323676.067170] el0t_64_sync+0x17c/0x180\n [323676.067173] Code: d2888001 910003fd f9000bf3 aa0003f3 (f9401000)\n [323676.067177] SMP: stopping secondary CPUs\n [323676.070184] Starting crashdump kernel...\n\nstress-ng-vm-segv in stress-ng is used to stress test the SIGSEGV error\nhandling function of the system, which tries to cause a SIGSEGV error on\nreturn from unmapping the whole address space of the child process.\n\nNormally this program will not cause kernel crashes. But before the\nmunmap system call returns to user mode, a potential task_numa_work()\nfor numa balancing could be added and executed. In this scenario, since the\nchild process has no vma after munmap, the vma_next() in task_numa_work()\nwill return a null pointer even if the vma iterator restarts from 0.\n\nRecheck the vma pointer before dereferencing it in task_numa_work().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50223",
"url": "https://www.suse.com/security/cve/CVE-2024-50223"
},
{
"category": "external",
"summary": "SUSE Bug 1233192 for CVE-2024-50223",
"url": "https://bugzilla.suse.com/1233192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-50223"
},
{
"cve": "CVE-2024-53135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN\n\nHide KVM\u0027s pt_mode module param behind CONFIG_BROKEN, i.e. disable support\nfor virtualizing Intel PT via guest/host mode unless BROKEN=y. There are\nmyriad bugs in the implementation, some of which are fatal to the guest,\nand others which put the stability and health of the host at risk.\n\nFor guest fatalities, the most glaring issue is that KVM fails to ensure\ntracing is disabled, and *stays* disabled prior to VM-Enter, which is\nnecessary as hardware disallows loading (the guest\u0027s) RTIT_CTL if tracing\nis enabled (enforced via a VMX consistency check). Per the SDM:\n\n If the logical processor is operating with Intel PT enabled (if\n IA32_RTIT_CTL.TraceEn = 1) at the time of VM entry, the \"load\n IA32_RTIT_CTL\" VM-entry control must be 0.\n\nOn the host side, KVM doesn\u0027t validate the guest CPUID configuration\nprovided by userspace, and even worse, uses the guest configuration to\ndecide what MSRs to save/load at VM-Enter and VM-Exit. E.g. configuring\nguest CPUID to enumerate more address ranges than are supported in hardware\nwill result in KVM trying to passthrough, save, and load non-existent MSRs,\nwhich generates a variety of WARNs, ToPA ERRORs in the host, a potential\ndeadlock, etc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53135",
"url": "https://www.suse.com/security/cve/CVE-2024-53135"
},
{
"category": "external",
"summary": "SUSE Bug 1234154 for CVE-2024-53135",
"url": "https://bugzilla.suse.com/1234154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-53135"
},
{
"cve": "CVE-2024-54458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: bsg: Set bsg_queue to NULL after removal\n\nCurrently, this does not cause any issues, but I believe it is necessary to\nset bsg_queue to NULL after removing it to prevent potential use-after-free\n(UAF) access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54458",
"url": "https://www.suse.com/security/cve/CVE-2024-54458"
},
{
"category": "external",
"summary": "SUSE Bug 1238992 for CVE-2024-54458",
"url": "https://bugzilla.suse.com/1238992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-54458"
},
{
"cve": "CVE-2024-58098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: track changes_pkt_data property for global functions\n\nWhen processing calls to certain helpers, verifier invalidates all\npacket pointers in a current state. For example, consider the\nfollowing program:\n\n __attribute__((__noinline__))\n long skb_pull_data(struct __sk_buff *sk, __u32 len)\n {\n return bpf_skb_pull_data(sk, len);\n }\n\n SEC(\"tc\")\n int test_invalidate_checks(struct __sk_buff *sk)\n {\n int *p = (void *)(long)sk-\u003edata;\n if ((void *)(p + 1) \u003e (void *)(long)sk-\u003edata_end) return TCX_DROP;\n skb_pull_data(sk, 0);\n *p = 42;\n return TCX_PASS;\n }\n\nAfter a call to bpf_skb_pull_data() the pointer \u0027p\u0027 can\u0027t be used\nsafely. See function filter.c:bpf_helper_changes_pkt_data() for a list\nof such helpers.\n\nAt the moment verifier invalidates packet pointers when processing\nhelper function calls, and does not traverse global sub-programs when\nprocessing calls to global sub-programs. This means that calls to\nhelpers done from global sub-programs do not invalidate pointers in\nthe caller state. E.g. the program above is unsafe, but is not\nrejected by verifier.\n\nThis commit fixes the omission by computing field\nbpf_subprog_info-\u003echanges_pkt_data for each sub-program before main\nverification pass.\nchanges_pkt_data should be set if:\n- subprogram calls helper for which bpf_helper_changes_pkt_data\n returns true;\n- subprogram calls a global function,\n for which bpf_subprog_info-\u003echanges_pkt_data should be set.\n\nThe verifier.c:check_cfg() pass is modified to compute this\ninformation. The commit relies on depth first instruction traversal\ndone by check_cfg() and absence of recursive function calls:\n- check_cfg() would eventually visit every call to subprogram S in a\n state when S is fully explored;\n- when S is fully explored:\n - every direct helper call within S is explored\n (and thus changes_pkt_data is set if needed);\n - every call to subprogram S1 called by S was visited with S1 fully\n explored (and thus S inherits changes_pkt_data from S1).\n\nThe downside of such approach is that dead code elimination is not\ntaken into account: if a helper call inside global function is dead\nbecause of current configuration, verifier would conservatively assume\nthat the call occurs for the purpose of the changes_pkt_data\ncomputation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58098",
"url": "https://www.suse.com/security/cve/CVE-2024-58098"
},
{
"category": "external",
"summary": "SUSE Bug 1242565 for CVE-2024-58098",
"url": "https://bugzilla.suse.com/1242565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-58098"
},
{
"cve": "CVE-2024-58099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame\n\nAndrew and Nikolay reported connectivity issues with Cilium\u0027s service\nload-balancing in case of vmxnet3.\n\nIf a BPF program for native XDP adds an encapsulation header such as\nIPIP and transmits the packet out the same interface, then in case\nof vmxnet3 a corrupted packet is being sent and subsequently dropped\non the path.\n\nvmxnet3_xdp_xmit_frame() which is called e.g. via vmxnet3_run_xdp()\nthrough vmxnet3_xdp_xmit_back() calculates an incorrect DMA address:\n\n page = virt_to_page(xdpf-\u003edata);\n tbi-\u003edma_addr = page_pool_get_dma_addr(page) +\n VMXNET3_XDP_HEADROOM;\n dma_sync_single_for_device(\u0026adapter-\u003epdev-\u003edev,\n tbi-\u003edma_addr, buf_size,\n DMA_TO_DEVICE);\n\nThe above assumes a fixed offset (VMXNET3_XDP_HEADROOM), but the XDP\nBPF program could have moved xdp-\u003edata. While the passed buf_size is\ncorrect (xdpf-\u003elen), the dma_addr needs to have a dynamic offset which\ncan be calculated as xdpf-\u003edata - (void *)xdpf, that is, xdp-\u003edata -\nxdp-\u003edata_hard_start.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58099",
"url": "https://www.suse.com/security/cve/CVE-2024-58099"
},
{
"category": "external",
"summary": "SUSE Bug 1242035 for CVE-2024-58099",
"url": "https://bugzilla.suse.com/1242035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-58099"
},
{
"cve": "CVE-2024-58100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: check changes_pkt_data property for extension programs\n\nWhen processing calls to global sub-programs, verifier decides whether\nto invalidate all packet pointers in current state depending on the\nchanges_pkt_data property of the global sub-program.\n\nBecause of this, an extension program replacing a global sub-program\nmust be compatible with changes_pkt_data property of the sub-program\nbeing replaced.\n\nThis commit:\n- adds changes_pkt_data flag to struct bpf_prog_aux:\n - this flag is set in check_cfg() for main sub-program;\n - in jit_subprogs() for other sub-programs;\n- modifies bpf_check_attach_btf_id() to check changes_pkt_data flag;\n- moves call to check_attach_btf_id() after the call to check_cfg(),\n because it needs changes_pkt_data flag to be set:\n\n bpf_check:\n ... ...\n - check_attach_btf_id resolve_pseudo_ldimm64\n resolve_pseudo_ldimm64 --\u003e bpf_prog_is_offloaded\n bpf_prog_is_offloaded check_cfg\n check_cfg + check_attach_btf_id\n ... ...\n\nThe following fields are set by check_attach_btf_id():\n- env-\u003eops\n- prog-\u003eaux-\u003eattach_btf_trace\n- prog-\u003eaux-\u003eattach_func_name\n- prog-\u003eaux-\u003eattach_func_proto\n- prog-\u003eaux-\u003edst_trampoline\n- prog-\u003eaux-\u003emod\n- prog-\u003eaux-\u003esaved_dst_attach_type\n- prog-\u003eaux-\u003esaved_dst_prog_type\n- prog-\u003eexpected_attach_type\n\nNeither of these fields are used by resolve_pseudo_ldimm64() or\nbpf_prog_offload_verifier_prep() (for netronome and netdevsim\ndrivers), so the reordering is safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58100",
"url": "https://www.suse.com/security/cve/CVE-2024-58100"
},
{
"category": "external",
"summary": "SUSE Bug 1242564 for CVE-2024-58100",
"url": "https://bugzilla.suse.com/1242564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-58100"
},
{
"cve": "CVE-2024-58237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: consider that tail calls invalidate packet pointers\n\nTail-called programs could execute any of the helpers that invalidate\npacket pointers. Hence, conservatively assume that each tail call\ninvalidates packet pointers.\n\nMaking the change in bpf_helper_changes_pkt_data() automatically makes\nuse of check_cfg() logic that computes \u0027changes_pkt_data\u0027 effect for\nglobal sub-programs, such that the following program could be\nrejected:\n\n int tail_call(struct __sk_buff *sk)\n {\n \tbpf_tail_call_static(sk, \u0026jmp_table, 0);\n \treturn 0;\n }\n\n SEC(\"tc\")\n int not_safe(struct __sk_buff *sk)\n {\n \tint *p = (void *)(long)sk-\u003edata;\n \t... make p valid ...\n \ttail_call(sk);\n \t*p = 42; /* this is unsafe */\n \t...\n }\n\nThe tc_bpf2bpf.c:subprog_tc() needs change: mark it as a function that\ncan invalidate packet pointers. Otherwise, it can\u0027t be freplaced with\ntailcall_freplace.c:entry_freplace() that does a tail call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58237",
"url": "https://www.suse.com/security/cve/CVE-2024-58237"
},
{
"category": "external",
"summary": "SUSE Bug 1242574 for CVE-2024-58237",
"url": "https://bugzilla.suse.com/1242574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-58237"
},
{
"cve": "CVE-2025-21629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\n\nThe blamed commit disabled hardware offoad of IPv6 packets with\nextension headers on devices that advertise NETIF_F_IPV6_CSUM,\nbased on the definition of that feature in skbuff.h:\n\n * * - %NETIF_F_IPV6_CSUM\n * - Driver (device) is only able to checksum plain\n * TCP or UDP packets over IPv6. These are specifically\n * unencapsulated packets of the form IPv6|TCP or\n * IPv6|UDP where the Next Header field in the IPv6\n * header is either TCP or UDP. IPv6 extension headers\n * are not supported with this feature. This feature\n * cannot be set in features for a device with\n * NETIF_F_HW_CSUM also set. This feature is being\n * DEPRECATED (see below).\n\nThe change causes skb_warn_bad_offload to fire for BIG TCP\npackets.\n\n[ 496.310233] WARNING: CPU: 13 PID: 23472 at net/core/dev.c:3129 skb_warn_bad_offload+0xc4/0xe0\n\n[ 496.310297] ? skb_warn_bad_offload+0xc4/0xe0\n[ 496.310300] skb_checksum_help+0x129/0x1f0\n[ 496.310303] skb_csum_hwoffload_help+0x150/0x1b0\n[ 496.310306] validate_xmit_skb+0x159/0x270\n[ 496.310309] validate_xmit_skb_list+0x41/0x70\n[ 496.310312] sch_direct_xmit+0x5c/0x250\n[ 496.310317] __qdisc_run+0x388/0x620\n\nBIG TCP introduced an IPV6_TLV_JUMBO IPv6 extension header to\ncommunicate packet length, as this is an IPv6 jumbogram. But, the\nfeature is only enabled on devices that support BIG TCP TSO. The\nheader is only present for PF_PACKET taps like tcpdump, and not\ntransmitted by physical devices.\n\nFor this specific case of extension headers that are not\ntransmitted, return to the situation before the blamed commit\nand support hardware offload.\n\nipv6_has_hopopt_jumbo() tests not only whether this header is present,\nbut also that it is the only extension header before a terminal (L4)\nheader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21629",
"url": "https://www.suse.com/security/cve/CVE-2025-21629"
},
{
"category": "external",
"summary": "SUSE Bug 1235968 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "external",
"summary": "SUSE Bug 1244722 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1244722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "important"
}
],
"title": "CVE-2025-21629"
},
{
"cve": "CVE-2025-21648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\n\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\nresizing hashtable because __GFP_NOWARN is unset. See:\n\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\n\nNote: hashtable resize is only possible from init_netns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21648",
"url": "https://www.suse.com/security/cve/CVE-2025-21648"
},
{
"category": "external",
"summary": "SUSE Bug 1236142 for CVE-2025-21648",
"url": "https://bugzilla.suse.com/1236142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-21648"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: better TEAM_OPTION_TYPE_STRING validation\n\nsyzbot reported following splat [1]\n\nMake sure user-provided data contains one nul byte.\n\n[1]\n BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inline]\n BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714\n string_nocheck lib/vsprintf.c:633 [inline]\n string+0x3ec/0x5f0 lib/vsprintf.c:714\n vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843\n __request_module+0x252/0x9f0 kernel/module/kmod.c:149\n team_mode_get drivers/net/team/team_core.c:480 [inline]\n team_change_mode drivers/net/team/team_core.c:607 [inline]\n team_mode_option_set+0x437/0x970 drivers/net/team/team_core.c:1401\n team_option_set drivers/net/team/team_core.c:375 [inline]\n team_nl_options_set_doit+0x1339/0x1f90 drivers/net/team/team_core.c:2662\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x1214/0x12c0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2543\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:733\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2573\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2627\n __sys_sendmsg net/socket.c:2659 [inline]\n __do_sys_sendmsg net/socket.c:2664 [inline]\n __se_sys_sendmsg net/socket.c:2662 [inline]\n __x64_sys_sendmsg+0x212/0x3c0 net/socket.c:2662\n x64_sys_call+0x2ed6/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21787",
"url": "https://www.suse.com/security/cve/CVE-2025-21787"
},
{
"category": "external",
"summary": "SUSE Bug 1238774 for CVE-2025-21787",
"url": "https://bugzilla.suse.com/1238774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-21787"
},
{
"cve": "CVE-2025-21814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: Ensure info-\u003eenable callback is always set\n\nThe ioctl and sysfs handlers unconditionally call the -\u003eenable callback.\nNot all drivers implement that callback, leading to NULL dereferences.\nExample of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c.\n\nInstead use a dummy callback if no better was specified by the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21814",
"url": "https://www.suse.com/security/cve/CVE-2025-21814"
},
{
"category": "external",
"summary": "SUSE Bug 1238473 for CVE-2025-21814",
"url": "https://bugzilla.suse.com/1238473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-21814"
},
{
"cve": "CVE-2025-21919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Fix potential memory corruption in child_cfs_rq_on_list\n\nchild_cfs_rq_on_list attempts to convert a \u0027prev\u0027 pointer to a cfs_rq.\nThis \u0027prev\u0027 pointer can originate from struct rq\u0027s leaf_cfs_rq_list,\nmaking the conversion invalid and potentially leading to memory\ncorruption. Depending on the relative positions of leaf_cfs_rq_list and\nthe task group (tg) pointer within the struct, this can cause a memory\nfault or access garbage data.\n\nThe issue arises in list_add_leaf_cfs_rq, where both\ncfs_rq-\u003eleaf_cfs_rq_list and rq-\u003eleaf_cfs_rq_list are added to the same\nleaf list. Also, rq-\u003etmp_alone_branch can be set to rq-\u003eleaf_cfs_rq_list.\n\nThis adds a check `if (prev == \u0026rq-\u003eleaf_cfs_rq_list)` after the main\nconditional in child_cfs_rq_on_list. This ensures that the container_of\noperation will convert a correct cfs_rq struct.\n\nThis check is sufficient because only cfs_rqs on the same CPU are added\nto the list, so verifying the \u0027prev\u0027 pointer against the current rq\u0027s list\nhead is enough.\n\nFixes a potential memory corruption issue that due to current struct\nlayout might not be manifesting as a crash but could lead to unpredictable\nbehavior when the layout changes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21919",
"url": "https://www.suse.com/security/cve/CVE-2025-21919"
},
{
"category": "external",
"summary": "SUSE Bug 1240593 for CVE-2025-21919",
"url": "https://bugzilla.suse.com/1240593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-21919"
},
{
"cve": "CVE-2025-22005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().\n\nfib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything\nwhen it fails.\n\nCommit 7dd73168e273 (\"ipv6: Always allocate pcpu memory in a fib6_nh\")\nmoved fib_nh_common_init() before alloc_percpu_gfp() within fib6_nh_init()\nbut forgot to add cleanup for fib6_nh-\u003enh_common.nhc_pcpu_rth_output in\ncase it fails to allocate fib6_nh-\u003ert6i_pcpu, resulting in memleak.\n\nLet\u0027s call fib_nh_common_release() and clear nhc_pcpu_rth_output in the\nerror path.\n\nNote that we can remove the fib6_nh_release() call in nh_create_ipv6()\nlater in net-next.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22005",
"url": "https://www.suse.com/security/cve/CVE-2025-22005"
},
{
"category": "external",
"summary": "SUSE Bug 1240866 for CVE-2025-22005",
"url": "https://bugzilla.suse.com/1240866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22005"
},
{
"cve": "CVE-2025-22021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: socket: Lookup orig tuple for IPv6 SNAT\n\nnf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to\nrestore the original 5-tuple in case of SNAT, to be able to find the\nright socket (if any). Then socket_match() can correctly check whether\nthe socket was transparent.\n\nHowever, the IPv6 counterpart (nf_sk_lookup_slow_v6) lacks this\nconntrack lookup, making xt_socket fail to match on the socket when the\npacket was SNATed. Add the same logic to nf_sk_lookup_slow_v6.\n\nIPv6 SNAT is used in Kubernetes clusters for pod-to-world packets, as\npods\u0027 addresses are in the fd00::/8 ULA subnet and need to be replaced\nwith the node\u0027s external address. Cilium leverages Envoy to enforce L7\npolicies, and Envoy uses transparent sockets. Cilium inserts an iptables\nprerouting rule that matches on `-m socket --transparent` and redirects\nthe packets to localhost, but it fails to match SNATed IPv6 packets due\nto that missing conntrack lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22021",
"url": "https://www.suse.com/security/cve/CVE-2025-22021"
},
{
"category": "external",
"summary": "SUSE Bug 1241282 for CVE-2025-22021",
"url": "https://bugzilla.suse.com/1241282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "low"
}
],
"title": "CVE-2025-22021"
},
{
"cve": "CVE-2025-22030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()\n\nCurrently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding\nthe per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_lock\n(through crypto_exit_scomp_ops_async()).\n\nOn the other hand, crypto_alloc_acomp_node() holds the scomp_lock (through\ncrypto_scomp_init_tfm()), and then allocates memory. If the allocation\nresults in reclaim, we may attempt to hold the per-CPU acomp_ctx mutex.\n\nThe above dependencies can cause an ABBA deadlock. For example in the\nfollowing scenario:\n\n(1) Task A running on CPU #1:\n crypto_alloc_acomp_node()\n Holds scomp_lock\n Enters reclaim\n Reads per_cpu_ptr(pool-\u003eacomp_ctx, 1)\n\n(2) Task A is descheduled\n\n(3) CPU #1 goes offline\n zswap_cpu_comp_dead(CPU #1)\n Holds per_cpu_ptr(pool-\u003eacomp_ctx, 1))\n Calls crypto_free_acomp()\n Waits for scomp_lock\n\n(4) Task A running on CPU #2:\n Waits for per_cpu_ptr(pool-\u003eacomp_ctx, 1) // Read on CPU #1\n DEADLOCK\n\nSince there is no requirement to call crypto_free_acomp() with the per-CPU\nacomp_ctx mutex held in zswap_cpu_comp_dead(), move it after the mutex is\nunlocked. Also move the acomp_request_free() and kfree() calls for\nconsistency and to avoid any potential sublte locking dependencies in the\nfuture.\n\nWith this, only setting acomp_ctx fields to NULL occurs with the mutex\nheld. This is similar to how zswap_cpu_comp_prepare() only initializes\nacomp_ctx fields with the mutex held, after performing all allocations\nbefore holding the mutex.\n\nOpportunistically, move the NULL check on acomp_ctx so that it takes place\nbefore the mutex dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22030",
"url": "https://www.suse.com/security/cve/CVE-2025-22030"
},
{
"category": "external",
"summary": "SUSE Bug 1241376 for CVE-2025-22030",
"url": "https://bugzilla.suse.com/1241376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22030"
},
{
"cve": "CVE-2025-22056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_tunnel: fix geneve_opt type confusion addition\n\nWhen handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the\nparsing logic should place every geneve_opt structure one by one\ncompactly. Hence, when deciding the next geneve_opt position, the\npointer addition should be in units of char *.\n\nHowever, the current implementation erroneously does type conversion\nbefore the addition, which will lead to heap out-of-bounds write.\n\n[ 6.989857] ==================================================================\n[ 6.990293] BUG: KASAN: slab-out-of-bounds in nft_tunnel_obj_init+0x977/0xa70\n[ 6.990725] Write of size 124 at addr ffff888005f18974 by task poc/178\n[ 6.991162]\n[ 6.991259] CPU: 0 PID: 178 Comm: poc-oob-write Not tainted 6.1.132 #1\n[ 6.991655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 6.992281] Call Trace:\n[ 6.992423] \u003cTASK\u003e\n[ 6.992586] dump_stack_lvl+0x44/0x5c\n[ 6.992801] print_report+0x184/0x4be\n[ 6.993790] kasan_report+0xc5/0x100\n[ 6.994252] kasan_check_range+0xf3/0x1a0\n[ 6.994486] memcpy+0x38/0x60\n[ 6.994692] nft_tunnel_obj_init+0x977/0xa70\n[ 6.995677] nft_obj_init+0x10c/0x1b0\n[ 6.995891] nf_tables_newobj+0x585/0x950\n[ 6.996922] nfnetlink_rcv_batch+0xdf9/0x1020\n[ 6.998997] nfnetlink_rcv+0x1df/0x220\n[ 6.999537] netlink_unicast+0x395/0x530\n[ 7.000771] netlink_sendmsg+0x3d0/0x6d0\n[ 7.001462] __sock_sendmsg+0x99/0xa0\n[ 7.001707] ____sys_sendmsg+0x409/0x450\n[ 7.002391] ___sys_sendmsg+0xfd/0x170\n[ 7.003145] __sys_sendmsg+0xea/0x170\n[ 7.004359] do_syscall_64+0x5e/0x90\n[ 7.005817] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 7.006127] RIP: 0033:0x7ec756d4e407\n[ 7.006339] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 7.007364] RSP: 002b:00007ffed5d46760 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n[ 7.007827] RAX: ffffffffffffffda RBX: 00007ec756cc4740 RCX: 00007ec756d4e407\n[ 7.008223] RDX: 0000000000000000 RSI: 00007ffed5d467f0 RDI: 0000000000000003\n[ 7.008620] RBP: 00007ffed5d468a0 R08: 0000000000000000 R09: 0000000000000000\n[ 7.009039] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n[ 7.009429] R13: 00007ffed5d478b0 R14: 00007ec756ee5000 R15: 00005cbd4e655cb8\n\nFix this bug with correct pointer addition and conversion in parse\nand dump code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22056",
"url": "https://www.suse.com/security/cve/CVE-2025-22056"
},
{
"category": "external",
"summary": "SUSE Bug 1241525 for CVE-2025-22056",
"url": "https://bugzilla.suse.com/1241525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22056"
},
{
"cve": "CVE-2025-22057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: decrease cached dst counters in dst_release\n\nUpstream fix ac888d58869b (\"net: do not delay dst_entries_add() in\ndst_release()\") moved decrementing the dst count from dst_destroy to\ndst_release to avoid accessing already freed data in case of netns\ndismantle. However in case CONFIG_DST_CACHE is enabled and OvS+tunnels\nare used, this fix is incomplete as the same issue will be seen for\ncached dsts:\n\n Unable to handle kernel paging request at virtual address ffff5aabf6b5c000\n Call trace:\n percpu_counter_add_batch+0x3c/0x160 (P)\n dst_release+0xec/0x108\n dst_cache_destroy+0x68/0xd8\n dst_destroy+0x13c/0x168\n dst_destroy_rcu+0x1c/0xb0\n rcu_do_batch+0x18c/0x7d0\n rcu_core+0x174/0x378\n rcu_core_si+0x18/0x30\n\nFix this by invalidating the cache, and thus decrementing cached dst\ncounters, in dst_release too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22057",
"url": "https://www.suse.com/security/cve/CVE-2025-22057"
},
{
"category": "external",
"summary": "SUSE Bug 1241533 for CVE-2025-22057",
"url": "https://bugzilla.suse.com/1241533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22057"
},
{
"cve": "CVE-2025-22063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets\n\nWhen calling netlbl_conn_setattr(), addr-\u003esa_family is used\nto determine the function behavior. If sk is an IPv4 socket,\nbut the connect function is called with an IPv6 address,\nthe function calipso_sock_setattr() is triggered.\nInside this function, the following code is executed:\n\nsk_fullsock(__sk) ? inet_sk(__sk)-\u003epinet6 : NULL;\n\nSince sk is an IPv4 socket, pinet6 is NULL, leading to a\nnull pointer dereference.\n\nThis patch fixes the issue by checking if inet6_sk(sk)\nreturns a NULL pointer before accessing pinet6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22063",
"url": "https://www.suse.com/security/cve/CVE-2025-22063"
},
{
"category": "external",
"summary": "SUSE Bug 1241351 for CVE-2025-22063",
"url": "https://bugzilla.suse.com/1241351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22063"
},
{
"cve": "CVE-2025-22066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: imx-card: Add NULL check in imx_card_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nimx_card_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22066",
"url": "https://www.suse.com/security/cve/CVE-2025-22066"
},
{
"category": "external",
"summary": "SUSE Bug 1241340 for CVE-2025-22066",
"url": "https://bugzilla.suse.com/1241340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22066"
},
{
"cve": "CVE-2025-22070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: fix NULL pointer dereference on mkdir\n\nWhen a 9p tree was mounted with option \u0027posixacl\u0027, parent directory had a\ndefault ACL set for its subdirectories, e.g.:\n\n setfacl -m default:group:simpsons:rwx parentdir\n\nthen creating a subdirectory crashed 9p client, as v9fs_fid_add() call in\nfunction v9fs_vfs_mkdir_dotl() sets the passed \u0027fid\u0027 pointer to NULL\n(since dafbe689736) even though the subsequent v9fs_set_create_acl() call\nexpects a valid non-NULL \u0027fid\u0027 pointer:\n\n [ 37.273191] BUG: kernel NULL pointer dereference, address: 0000000000000000\n ...\n [ 37.322338] Call Trace:\n [ 37.323043] \u003cTASK\u003e\n [ 37.323621] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434)\n [ 37.324448] ? page_fault_oops (arch/x86/mm/fault.c:714)\n [ 37.325532] ? search_module_extables (kernel/module/main.c:3733)\n [ 37.326742] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.328006] ? search_bpf_extables (kernel/bpf/core.c:804)\n [ 37.329142] ? exc_page_fault (./arch/x86/include/asm/paravirt.h:686 arch/x86/mm/fault.c:1488 arch/x86/mm/fault.c:1538)\n [ 37.330196] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:574)\n [ 37.331330] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.332562] ? v9fs_fid_xattr_get (fs/9p/xattr.c:30) 9p\n [ 37.333824] v9fs_fid_xattr_set (fs/9p/fid.h:23 fs/9p/xattr.c:121) 9p\n [ 37.335077] v9fs_set_acl (fs/9p/acl.c:276) 9p\n [ 37.336112] v9fs_set_create_acl (fs/9p/acl.c:307) 9p\n [ 37.337326] v9fs_vfs_mkdir_dotl (fs/9p/vfs_inode_dotl.c:411) 9p\n [ 37.338590] vfs_mkdir (fs/namei.c:4313)\n [ 37.339535] do_mkdirat (fs/namei.c:4336)\n [ 37.340465] __x64_sys_mkdir (fs/namei.c:4354)\n [ 37.341455] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n [ 37.342447] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by simply swapping the sequence of these two calls in\nv9fs_vfs_mkdir_dotl(), i.e. calling v9fs_set_create_acl() before\nv9fs_fid_add().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22070",
"url": "https://www.suse.com/security/cve/CVE-2025-22070"
},
{
"category": "external",
"summary": "SUSE Bug 1241305 for CVE-2025-22070",
"url": "https://bugzilla.suse.com/1241305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22070"
},
{
"cve": "CVE-2025-22089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Don\u0027t expose hw_counters outside of init net namespace\n\nCommit 467f432a521a (\"RDMA/core: Split port and device counter sysfs\nattributes\") accidentally almost exposed hw counters to non-init net\nnamespaces. It didn\u0027t expose them fully, as an attempt to read any of\nthose counters leads to a crash like this one:\n\n[42021.807566] BUG: kernel NULL pointer dereference, address: 0000000000000028\n[42021.814463] #PF: supervisor read access in kernel mode\n[42021.819549] #PF: error_code(0x0000) - not-present page\n[42021.824636] PGD 0 P4D 0\n[42021.827145] Oops: 0000 [#1] SMP PTI\n[42021.830598] CPU: 82 PID: 2843922 Comm: switchto-defaul Kdump: loaded Tainted: G S W I XXX\n[42021.841697] Hardware name: XXX\n[42021.849619] RIP: 0010:hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.855362] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 49 89 d0 4c 8b 5e 20 48 8b 8f b8 04 00 00 48 81 c7 f0 fa ff ff \u003c48\u003e 8b 41 28 48 29 ce 48 83 c6 d0 48 c1 ee 04 69 d6 ab aa aa aa 48\n[42021.873931] RSP: 0018:ffff97fe90f03da0 EFLAGS: 00010287\n[42021.879108] RAX: ffff9406988a8c60 RBX: ffff940e1072d438 RCX: 0000000000000000\n[42021.886169] RDX: ffff94085f1aa000 RSI: ffff93c6cbbdbcb0 RDI: ffff940c7517aef0\n[42021.893230] RBP: ffff97fe90f03e70 R08: ffff94085f1aa000 R09: 0000000000000000\n[42021.900294] R10: ffff94085f1aa000 R11: ffffffffc0775680 R12: ffffffff87ca2530\n[42021.907355] R13: ffff940651602840 R14: ffff93c6cbbdbcb0 R15: ffff94085f1aa000\n[42021.914418] FS: 00007fda1a3b9700(0000) GS:ffff94453fb80000(0000) knlGS:0000000000000000\n[42021.922423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[42021.928130] CR2: 0000000000000028 CR3: 00000042dcfb8003 CR4: 00000000003726f0\n[42021.935194] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[42021.942257] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[42021.949324] Call Trace:\n[42021.951756] \u003cTASK\u003e\n[42021.953842] [\u003cffffffff86c58674\u003e] ? show_regs+0x64/0x70\n[42021.959030] [\u003cffffffff86c58468\u003e] ? __die+0x78/0xc0\n[42021.963874] [\u003cffffffff86c9ef75\u003e] ? page_fault_oops+0x2b5/0x3b0\n[42021.969749] [\u003cffffffff87674b92\u003e] ? exc_page_fault+0x1a2/0x3c0\n[42021.975549] [\u003cffffffff87801326\u003e] ? asm_exc_page_fault+0x26/0x30\n[42021.981517] [\u003cffffffffc0775680\u003e] ? __pfx_show_hw_stats+0x10/0x10 [ib_core]\n[42021.988482] [\u003cffffffffc077564e\u003e] ? hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.995438] [\u003cffffffff86ac7f8e\u003e] dev_attr_show+0x1e/0x50\n[42022.000803] [\u003cffffffff86a3eeb1\u003e] sysfs_kf_seq_show+0x81/0xe0\n[42022.006508] [\u003cffffffff86a11134\u003e] seq_read_iter+0xf4/0x410\n[42022.011954] [\u003cffffffff869f4b2e\u003e] vfs_read+0x16e/0x2f0\n[42022.017058] [\u003cffffffff869f50ee\u003e] ksys_read+0x6e/0xe0\n[42022.022073] [\u003cffffffff8766f1ca\u003e] do_syscall_64+0x6a/0xa0\n[42022.027441] [\u003cffffffff8780013b\u003e] entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nThe problem can be reproduced using the following steps:\n ip netns add foo\n ip netns exec foo bash\n cat /sys/class/infiniband/mlx4_0/hw_counters/*\n\nThe panic occurs because of casting the device pointer into an\nib_device pointer using container_of() in hw_stat_device_show() is\nwrong and leads to a memory corruption.\n\nHowever the real problem is that hw counters should never been exposed\noutside of the non-init net namespace.\n\nFix this by saving the index of the corresponding attribute group\n(it might be 1 or 2 depending on the presence of driver-specific\nattributes) and zeroing the pointer to hw_counters group for compat\ndevices during the initialization.\n\nWith this fix applied hw_counters are not available in a non-init\nnet namespace:\n find /sys/class/infiniband/mlx4_0/ -name hw_counters\n /sys/class/infiniband/mlx4_0/ports/1/hw_counters\n /sys/class/infiniband/mlx4_0/ports/2/hw_counters\n /sys/class/infiniband/mlx4_0/hw_counters\n\n ip netns add foo\n ip netns exec foo bash\n find /sys/class/infiniband/mlx4_0/ -name hw_counters",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22089",
"url": "https://www.suse.com/security/cve/CVE-2025-22089"
},
{
"category": "external",
"summary": "SUSE Bug 1241538 for CVE-2025-22089",
"url": "https://bugzilla.suse.com/1241538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22089"
},
{
"cve": "CVE-2025-22095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: brcmstb: Fix error path after a call to regulator_bulk_get()\n\nIf the regulator_bulk_get() returns an error and no regulators\nare created, we need to set their number to zero.\n\nIf we don\u0027t do this and the PCIe link up fails, a call to the\nregulator_bulk_free() will result in a kernel panic.\n\nWhile at it, print the error value, as we cannot return an error\nupwards as the kernel will WARN() on an error from add_bus().\n\n[kwilczynski: commit log, use comma in the message to match style with\nother similar messages]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22095",
"url": "https://www.suse.com/security/cve/CVE-2025-22095"
},
{
"category": "external",
"summary": "SUSE Bug 1241519 for CVE-2025-22095",
"url": "https://bugzilla.suse.com/1241519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22095"
},
{
"cve": "CVE-2025-22103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix NULL pointer dereference in l3mdev_l3_rcv\n\nWhen delete l3s ipvlan:\n\n ip link del link eth0 ipvlan1 type ipvlan mode l3s\n\nThis may cause a null pointer dereference:\n\n Call trace:\n ip_rcv_finish+0x48/0xd0\n ip_rcv+0x5c/0x100\n __netif_receive_skb_one_core+0x64/0xb0\n __netif_receive_skb+0x20/0x80\n process_backlog+0xb4/0x204\n napi_poll+0xe8/0x294\n net_rx_action+0xd8/0x22c\n __do_softirq+0x12c/0x354\n\nThis is because l3mdev_l3_rcv() visit dev-\u003el3mdev_ops after\nipvlan_l3s_unregister() assign the dev-\u003el3mdev_ops to NULL. The process\nlike this:\n\n (CPU1) | (CPU2)\n l3mdev_l3_rcv() |\n check dev-\u003epriv_flags: |\n master = skb-\u003edev; |\n |\n | ipvlan_l3s_unregister()\n | set dev-\u003epriv_flags\n | dev-\u003el3mdev_ops = NULL;\n |\n visit master-\u003el3mdev_ops |\n\nTo avoid this by do not set dev-\u003el3mdev_ops when unregister l3s ipvlan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22103",
"url": "https://www.suse.com/security/cve/CVE-2025-22103"
},
{
"category": "external",
"summary": "SUSE Bug 1241448 for CVE-2025-22103",
"url": "https://bugzilla.suse.com/1241448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22103"
},
{
"cve": "CVE-2025-22119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: init wiphy_work before allocating rfkill fails\n\nsyzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1]\n\nAfter rfkill allocation fails, the wiphy release process will be performed,\nwhich will cause cfg80211_dev_free to access the uninitialized wiphy_work\nrelated data.\n\nMove the initialization of wiphy_work to before rfkill initialization to\navoid this issue.\n\n[1]\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn\u0027t initialize this object before use?\nturning off the locking correctness validator.\nCPU: 0 UID: 0 PID: 5935 Comm: syz-executor550 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n assign_lock_key kernel/locking/lockdep.c:983 [inline]\n register_lock_class+0xc39/0x1240 kernel/locking/lockdep.c:1297\n __lock_acquire+0x135/0x3c40 kernel/locking/lockdep.c:5103\n lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162\n cfg80211_dev_free+0x30/0x3d0 net/wireless/core.c:1196\n device_release+0xa1/0x240 drivers/base/core.c:2568\n kobject_cleanup lib/kobject.c:689 [inline]\n kobject_release lib/kobject.c:720 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1e4/0x5a0 lib/kobject.c:737\n put_device+0x1f/0x30 drivers/base/core.c:3774\n wiphy_free net/wireless/core.c:1224 [inline]\n wiphy_new_nm+0x1c1f/0x2160 net/wireless/core.c:562\n ieee80211_alloc_hw_nm+0x1b7a/0x2260 net/mac80211/main.c:835\n mac80211_hwsim_new_radio+0x1d6/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5185\n hwsim_new_radio_nl+0xb42/0x12b0 drivers/net/wireless/virtual/mac80211_hwsim.c:6242\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2533\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1338\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1882\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg net/socket.c:733 [inline]\n ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2573\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2627\n __sys_sendmsg+0x16e/0x220 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n\nClose: https://syzkaller.appspot.com/bug?extid=aaf0488c83d1d5f4f029",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22119",
"url": "https://www.suse.com/security/cve/CVE-2025-22119"
},
{
"category": "external",
"summary": "SUSE Bug 1241576 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "external",
"summary": "SUSE Bug 1241577 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "important"
}
],
"title": "CVE-2025-22119"
},
{
"cve": "CVE-2025-22124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: fix wrong bitmap_limit for clustermd when write sb\n\nIn clustermd, separate write-intent-bitmaps are used for each cluster\nnode:\n\n0 4k 8k 12k\n-------------------------------------------------------------------\n| idle | md super | bm super [0] + bits |\n| bm bits[0, contd] | bm super[1] + bits | bm bits[1, contd] |\n| bm super[2] + bits | bm bits [2, contd] | bm super[3] + bits |\n| bm bits [3, contd] | | |\n\nSo in node 1, pg_index in __write_sb_page() could equal to\nbitmap-\u003estorage.file_pages. Then bitmap_limit will be calculated to\n0. md_super_write() will be called with 0 size.\nThat means the first 4k sb area of node 1 will never be updated\nthrough filemap_write_page().\nThis bug causes hang of mdadm/clustermd_tests/01r1_Grow_resize.\n\nHere use (pg_index % bitmap-\u003estorage.file_pages) to make calculation\nof bitmap_limit correct.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22124",
"url": "https://www.suse.com/security/cve/CVE-2025-22124"
},
{
"category": "external",
"summary": "SUSE Bug 1241595 for CVE-2025-22124",
"url": "https://bugzilla.suse.com/1241595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22124"
},
{
"cve": "CVE-2025-22125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1,raid10: don\u0027t ignore IO flags\n\nIf blk-wbt is enabled by default, it\u0027s found that raid write performance\nis quite bad because all IO are throttled by wbt of underlying disks,\ndue to flag REQ_IDLE is ignored. And turns out this behaviour exist since\nblk-wbt is introduced.\n\nOther than REQ_IDLE, other flags should not be ignored as well, for\nexample REQ_META can be set for filesystems, clearing it can cause priority\nreverse problems; And REQ_NOWAIT should not be cleared as well, because\nio will wait instead of failing directly in underlying disks.\n\nFix those problems by keep IO flags from master bio.\n\nFises: f51d46d0e7cb (\"md: add support for REQ_NOWAIT\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22125",
"url": "https://www.suse.com/security/cve/CVE-2025-22125"
},
{
"category": "external",
"summary": "SUSE Bug 1241596 for CVE-2025-22125",
"url": "https://bugzilla.suse.com/1241596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22125"
},
{
"cve": "CVE-2025-22126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix mddev uaf while iterating all_mddevs list\n\nWhile iterating all_mddevs list from md_notify_reboot() and md_exit(),\nlist_for_each_entry_safe is used, and this can race with deletint the\nnext mddev, causing UAF:\n\nt1:\nspin_lock\n//list_for_each_entry_safe(mddev, n, ...)\n mddev_get(mddev1)\n // assume mddev2 is the next entry\n spin_unlock\n t2:\n //remove mddev2\n ...\n mddev_free\n spin_lock\n list_del\n spin_unlock\n kfree(mddev2)\n mddev_put(mddev1)\n spin_lock\n //continue dereference mddev2-\u003eall_mddevs\n\nThe old helper for_each_mddev() actually grab the reference of mddev2\nwhile holding the lock, to prevent from being freed. This problem can be\nfixed the same way, however, the code will be complex.\n\nHence switch to use list_for_each_entry, in this case mddev_put() can free\nthe mddev1 and it\u0027s not safe as well. Refer to md_seq_show(), also factor\nout a helper mddev_put_locked() to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22126",
"url": "https://www.suse.com/security/cve/CVE-2025-22126"
},
{
"category": "external",
"summary": "SUSE Bug 1241597 for CVE-2025-22126",
"url": "https://bugzilla.suse.com/1241597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22126"
},
{
"cve": "CVE-2025-23140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error\n\nAfter devm_request_irq() fails with error in pci_endpoint_test_request_irq(),\nthe pci_endpoint_test_free_irq_vectors() is called assuming that all IRQs\nhave been released.\n\nHowever, some requested IRQs remain unreleased, so there are still\n/proc/irq/* entries remaining, and this results in WARN() with the\nfollowing message:\n\n remove_proc_entry: removing non-empty directory \u0027irq/30\u0027, leaking at least \u0027pci-endpoint-test.0\u0027\n WARNING: CPU: 0 PID: 202 at fs/proc/generic.c:719 remove_proc_entry +0x190/0x19c\n\nTo solve this issue, set the number of remaining IRQs to test-\u003enum_irqs,\nand release IRQs in advance by calling pci_endpoint_test_release_irq().\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23140",
"url": "https://www.suse.com/security/cve/CVE-2025-23140"
},
{
"category": "external",
"summary": "SUSE Bug 1242763 for CVE-2025-23140",
"url": "https://bugzilla.suse.com/1242763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-23140"
},
{
"cve": "CVE-2025-23141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses\n\nAcquire a lock on kvm-\u003esrcu when userspace is getting MP state to handle a\nrather extreme edge case where \"accepting\" APIC events, i.e. processing\npending INIT or SIPI, can trigger accesses to guest memory. If the vCPU\nis in L2 with INIT *and* a TRIPLE_FAULT request pending, then getting MP\nstate will trigger a nested VM-Exit by way of -\u003echeck_nested_events(), and\nemuating the nested VM-Exit can access guest memory.\n\nThe splat was originally hit by syzkaller on a Google-internal kernel, and\nreproduced on an upstream kernel by hacking the triple_fault_event_test\nselftest to stuff a pending INIT, store an MSR on VM-Exit (to generate a\nmemory access on VMX), and do vcpu_mp_state_get() to trigger the scenario.\n\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3-b112d356288b-vmx/pi_lockdep_false_pos-lock #3 Not tainted\n -----------------------------\n include/linux/kvm_host.h:1058 suspicious rcu_dereference_check() usage!\n\n other info that might help us debug this:\n\n rcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by triple_fault_ev/1256:\n #0: ffff88810df5a330 (\u0026vcpu-\u003emutex){+.+.}-{4:4}, at: kvm_vcpu_ioctl+0x8b/0x9a0 [kvm]\n\n stack backtrace:\n CPU: 11 UID: 1000 PID: 1256 Comm: triple_fault_ev Not tainted 6.14.0-rc3-b112d356288b-vmx #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7f/0x90\n lockdep_rcu_suspicious+0x144/0x190\n kvm_vcpu_gfn_to_memslot+0x156/0x180 [kvm]\n kvm_vcpu_read_guest+0x3e/0x90 [kvm]\n read_and_check_msr_entry+0x2e/0x180 [kvm_intel]\n __nested_vmx_vmexit+0x550/0xde0 [kvm_intel]\n kvm_check_nested_events+0x1b/0x30 [kvm]\n kvm_apic_accept_events+0x33/0x100 [kvm]\n kvm_arch_vcpu_ioctl_get_mpstate+0x30/0x1d0 [kvm]\n kvm_vcpu_ioctl+0x33e/0x9a0 [kvm]\n __x64_sys_ioctl+0x8b/0xb0\n do_syscall_64+0x6c/0x170\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23141",
"url": "https://www.suse.com/security/cve/CVE-2025-23141"
},
{
"category": "external",
"summary": "SUSE Bug 1242782 for CVE-2025-23141",
"url": "https://bugzilla.suse.com/1242782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-23141"
},
{
"cve": "CVE-2025-23142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: detect and prevent references to a freed transport in sendmsg\n\nsctp_sendmsg() re-uses associations and transports when possible by\ndoing a lookup based on the socket endpoint and the message destination\naddress, and then sctp_sendmsg_to_asoc() sets the selected transport in\nall the message chunks to be sent.\n\nThere\u0027s a possible race condition if another thread triggers the removal\nof that selected transport, for instance, by explicitly unbinding an\naddress with setsockopt(SCTP_SOCKOPT_BINDX_REM), after the chunks have\nbeen set up and before the message is sent. This can happen if the send\nbuffer is full, during the period when the sender thread temporarily\nreleases the socket lock in sctp_wait_for_sndbuf().\n\nThis causes the access to the transport data in\nsctp_outq_select_transport(), when the association outqueue is flushed,\nto result in a use-after-free read.\n\nThis change avoids this scenario by having sctp_transport_free() signal\nthe freeing of the transport, tagging it as \"dead\". In order to do this,\nthe patch restores the \"dead\" bit in struct sctp_transport, which was\nremoved in\ncommit 47faa1e4c50e (\"sctp: remove the dead field of sctp_transport\").\n\nThen, in the scenario where the sender thread has released the socket\nlock in sctp_wait_for_sndbuf(), the bit is checked again after\nre-acquiring the socket lock to detect the deletion. This is done while\nholding a reference to the transport to prevent it from being freed in\nthe process.\n\nIf the transport was deleted while the socket lock was relinquished,\nsctp_sendmsg_to_asoc() will return -EAGAIN to let userspace retry the\nsend.\n\nThe bug was found by a private syzbot instance (see the error report [1]\nand the C reproducer that triggers it [2]).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23142",
"url": "https://www.suse.com/security/cve/CVE-2025-23142"
},
{
"category": "external",
"summary": "SUSE Bug 1242760 for CVE-2025-23142",
"url": "https://bugzilla.suse.com/1242760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-23142"
},
{
"cve": "CVE-2025-23144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23144"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbacklight: led_bl: Hold led_access lock when calling led_sysfs_disable()\n\nLockdep detects the following issue on led-backlight removal:\n [ 142.315935] ------------[ cut here ]------------\n [ 142.315954] WARNING: CPU: 2 PID: 292 at drivers/leds/led-core.c:455 led_sysfs_enable+0x54/0x80\n ...\n [ 142.500725] Call trace:\n [ 142.503176] led_sysfs_enable+0x54/0x80 (P)\n [ 142.507370] led_bl_remove+0x80/0xa8 [led_bl]\n [ 142.511742] platform_remove+0x30/0x58\n [ 142.515501] device_remove+0x54/0x90\n ...\n\nIndeed, led_sysfs_enable() has to be called with the led_access\nlock held.\n\nHold the lock when calling led_sysfs_disable().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23144",
"url": "https://www.suse.com/security/cve/CVE-2025-23144"
},
{
"category": "external",
"summary": "SUSE Bug 1242568 for CVE-2025-23144",
"url": "https://bugzilla.suse.com/1242568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-23144"
},
{
"cve": "CVE-2025-23146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: ene-kb3930: Fix a potential NULL pointer dereference\n\nThe off_gpios could be NULL. Add missing check in the kb3930_probe().\nThis is similar to the issue fixed in commit b1ba8bcb2d1f\n(\"backlight: hx8357: Fix potential NULL pointer dereference\").\n\nThis was detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23146",
"url": "https://www.suse.com/security/cve/CVE-2025-23146"
},
{
"category": "external",
"summary": "SUSE Bug 1242559 for CVE-2025-23146",
"url": "https://bugzilla.suse.com/1242559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-23146"
},
{
"cve": "CVE-2025-23147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: Add NULL pointer check in i3c_master_queue_ibi()\n\nThe I3C master driver may receive an IBI from a target device that has not\nbeen probed yet. In such cases, the master calls `i3c_master_queue_ibi()`\nto queue an IBI work task, leading to \"Unable to handle kernel read from\nunreadable memory\" and resulting in a kernel panic.\n\nTypical IBI handling flow:\n1. The I3C master scans target devices and probes their respective drivers.\n2. The target device driver calls `i3c_device_request_ibi()` to enable IBI\n and assigns `dev-\u003eibi = ibi`.\n3. The I3C master receives an IBI from the target device and calls\n `i3c_master_queue_ibi()` to queue the target device driver\u0027s IBI\n handler task.\n\nHowever, since target device events are asynchronous to the I3C probe\nsequence, step 3 may occur before step 2, causing `dev-\u003eibi` to be `NULL`,\nleading to a kernel panic.\n\nAdd a NULL pointer check in `i3c_master_queue_ibi()` to prevent accessing\nan uninitialized `dev-\u003eibi`, ensuring stability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23147",
"url": "https://www.suse.com/security/cve/CVE-2025-23147"
},
{
"category": "external",
"summary": "SUSE Bug 1242530 for CVE-2025-23147",
"url": "https://bugzilla.suse.com/1242530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-23147"
},
{
"cve": "CVE-2025-23148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()\n\nsoc_dev_attr-\u003erevision could be NULL, thus,\na pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23148",
"url": "https://www.suse.com/security/cve/CVE-2025-23148"
},
{
"category": "external",
"summary": "SUSE Bug 1242578 for CVE-2025-23148",
"url": "https://bugzilla.suse.com/1242578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-23148"
},
{
"cve": "CVE-2025-23149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: do not start chip while suspended\n\nChecking TPM_CHIP_FLAG_SUSPENDED after the call to tpm_find_get_ops() can\nlead to a spurious tpm_chip_start() call:\n\n[35985.503771] i2c i2c-1: Transfer while suspended\n[35985.503796] WARNING: CPU: 0 PID: 74 at drivers/i2c/i2c-core.h:56 __i2c_transfer+0xbe/0x810\n[35985.503802] Modules linked in:\n[35985.503808] CPU: 0 UID: 0 PID: 74 Comm: hwrng Tainted: G W 6.13.0-next-20250203-00005-gfa0cb5642941 #19 9c3d7f78192f2d38e32010ac9c90fdc71109ef6f\n[35985.503814] Tainted: [W]=WARN\n[35985.503817] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[35985.503819] RIP: 0010:__i2c_transfer+0xbe/0x810\n[35985.503825] Code: 30 01 00 00 4c 89 f7 e8 40 fe d8 ff 48 8b 93 80 01 00 00 48 85 d2 75 03 49 8b 16 48 c7 c7 0a fb 7c a7 48 89 c6 e8 32 ad b0 fe \u003c0f\u003e 0b b8 94 ff ff ff e9 33 04 00 00 be 02 00 00 00 83 fd 02 0f 5\n[35985.503828] RSP: 0018:ffffa106c0333d30 EFLAGS: 00010246\n[35985.503833] RAX: 074ba64aa20f7000 RBX: ffff8aa4c1167120 RCX: 0000000000000000\n[35985.503836] RDX: 0000000000000000 RSI: ffffffffa77ab0e4 RDI: 0000000000000001\n[35985.503838] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\n[35985.503841] R10: 0000000000000004 R11: 00000001000313d5 R12: ffff8aa4c10f1820\n[35985.503843] R13: ffff8aa4c0e243c0 R14: ffff8aa4c1167250 R15: ffff8aa4c1167120\n[35985.503846] FS: 0000000000000000(0000) GS:ffff8aa4eae00000(0000) knlGS:0000000000000000\n[35985.503849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[35985.503852] CR2: 00007fab0aaf1000 CR3: 0000000105328000 CR4: 00000000003506f0\n[35985.503855] Call Trace:\n[35985.503859] \u003cTASK\u003e\n[35985.503863] ? __warn+0xd4/0x260\n[35985.503868] ? __i2c_transfer+0xbe/0x810\n[35985.503874] ? report_bug+0xf3/0x210\n[35985.503882] ? handle_bug+0x63/0xb0\n[35985.503887] ? exc_invalid_op+0x16/0x50\n[35985.503892] ? asm_exc_invalid_op+0x16/0x20\n[35985.503904] ? __i2c_transfer+0xbe/0x810\n[35985.503913] tpm_cr50_i2c_transfer_message+0x24/0xf0\n[35985.503920] tpm_cr50_i2c_read+0x8e/0x120\n[35985.503928] tpm_cr50_request_locality+0x75/0x170\n[35985.503935] tpm_chip_start+0x116/0x160\n[35985.503942] tpm_try_get_ops+0x57/0x90\n[35985.503948] tpm_find_get_ops+0x26/0xd0\n[35985.503955] tpm_get_random+0x2d/0x80\n\nDon\u0027t move forward with tpm_chip_start() inside tpm_try_get_ops(), unless\nTPM_CHIP_FLAG_SUSPENDED is not set. tpm_find_get_ops() will return NULL in\nsuch a failure case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23149",
"url": "https://www.suse.com/security/cve/CVE-2025-23149"
},
{
"category": "external",
"summary": "SUSE Bug 1242758 for CVE-2025-23149",
"url": "https://bugzilla.suse.com/1242758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-23149"
},
{
"cve": "CVE-2025-23150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off-by-one error in do_split\n\nSyzkaller detected a use-after-free issue in ext4_insert_dentry that was\ncaused by out-of-bounds access due to incorrect splitting in do_split.\n\nBUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nWrite of size 251 at addr ffff888074572f14 by task syz-executor335/5847\n\nCPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\n ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\n add_dirent_to_buf+0x3d9/0x750 fs/ext4/namei.c:2154\n make_indexed_dir+0xf98/0x1600 fs/ext4/namei.c:2351\n ext4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2455\n ext4_add_nondir+0x8d/0x290 fs/ext4/namei.c:2796\n ext4_symlink+0x920/0xb50 fs/ext4/namei.c:3431\n vfs_symlink+0x137/0x2e0 fs/namei.c:4615\n do_symlinkat+0x222/0x3a0 fs/namei.c:4641\n __do_sys_symlink fs/namei.c:4662 [inline]\n __se_sys_symlink fs/namei.c:4660 [inline]\n __x64_sys_symlink+0x7a/0x90 fs/namei.c:4660\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThe following loop is located right above \u0027if\u0027 statement.\n\nfor (i = count-1; i \u003e= 0; i--) {\n\t/* is more than half of this entry in 2nd half of the block? */\n\tif (size + map[i].size/2 \u003e blocksize/2)\n\t\tbreak;\n\tsize += map[i].size;\n\tmove++;\n}\n\n\u0027i\u0027 in this case could go down to -1, in which case sum of active entries\nwouldn\u0027t exceed half the block size, but previous behaviour would also do\nsplit in half if sum would exceed at the very last block, which in case of\nhaving too many long name files in a single block could lead to\nout-of-bounds access and following use-after-free.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23150",
"url": "https://www.suse.com/security/cve/CVE-2025-23150"
},
{
"category": "external",
"summary": "SUSE Bug 1242513 for CVE-2025-23150",
"url": "https://bugzilla.suse.com/1242513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-23150"
},
{
"cve": "CVE-2025-23151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Fix race between unprepare and queue_buf\n\nA client driver may use mhi_unprepare_from_transfer() to quiesce\nincoming data during the client driver\u0027s tear down. The client driver\nmight also be processing data at the same time, resulting in a call to\nmhi_queue_buf() which will invoke mhi_gen_tre(). If mhi_gen_tre() runs\nafter mhi_unprepare_from_transfer() has torn down the channel, a panic\nwill occur due to an invalid dereference leading to a page fault.\n\nThis occurs because mhi_gen_tre() does not verify the channel state\nafter locking it. Fix this by having mhi_gen_tre() confirm the channel\nstate is valid, or return error to avoid accessing deinitialized data.\n\n[mani: added stable tag]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23151",
"url": "https://www.suse.com/security/cve/CVE-2025-23151"
},
{
"category": "external",
"summary": "SUSE Bug 1242512 for CVE-2025-23151",
"url": "https://bugzilla.suse.com/1242512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-23151"
},
{
"cve": "CVE-2025-23156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: refactor hfi packet parsing logic\n\nwords_count denotes the number of words in total payload, while data\npoints to payload of various property within it. When words_count\nreaches last word, data can access memory beyond the total payload. This\ncan lead to OOB access. With this patch, the utility api for handling\nindividual properties now returns the size of data consumed. Accordingly\nremaining bytes are calculated before parsing the payload, thereby\neliminates the OOB access possibilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23156",
"url": "https://www.suse.com/security/cve/CVE-2025-23156"
},
{
"category": "external",
"summary": "SUSE Bug 1242569 for CVE-2025-23156",
"url": "https://bugzilla.suse.com/1242569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-23156"
},
{
"cve": "CVE-2025-23157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: add check to avoid out of bound access\n\nThere is a possibility that init_codecs is invoked multiple times during\nmanipulated payload from video firmware. In such case, if codecs_count\ncan get incremented to value more than MAX_CODEC_NUM, there can be OOB\naccess. Reset the count so that it always starts from beginning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23157",
"url": "https://www.suse.com/security/cve/CVE-2025-23157"
},
{
"category": "external",
"summary": "SUSE Bug 1242532 for CVE-2025-23157",
"url": "https://bugzilla.suse.com/1242532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-23157"
},
{
"cve": "CVE-2025-23158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add check to handle incorrect queue size\n\nqsize represents size of shared queued between driver and video\nfirmware. Firmware can modify this value to an invalid large value. In\nsuch situation, empty_space will be bigger than the space actually\navailable. Since new_wr_idx is not checked, so the following code will\nresult in an OOB write.\n...\nqsize = qhdr-\u003eq_size\n\nif (wr_idx \u003e= rd_idx)\n empty_space = qsize - (wr_idx - rd_idx)\n....\nif (new_wr_idx \u003c qsize) {\n memcpy(wr_ptr, packet, dwords \u003c\u003c 2) --\u003e OOB write\n\nAdd check to ensure qsize is within the allocated size while\nreading and writing packets into the queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23158",
"url": "https://www.suse.com/security/cve/CVE-2025-23158"
},
{
"category": "external",
"summary": "SUSE Bug 1242531 for CVE-2025-23158",
"url": "https://bugzilla.suse.com/1242531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-23158"
},
{
"cve": "CVE-2025-23159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add a check to handle OOB in sfr region\n\nsfr-\u003ebuf_size is in shared memory and can be modified by malicious user.\nOOB write is possible when the size is made higher than actual sfr data\nbuffer. Cap the size to allocated size for such cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23159",
"url": "https://www.suse.com/security/cve/CVE-2025-23159"
},
{
"category": "external",
"summary": "SUSE Bug 1242529 for CVE-2025-23159",
"url": "https://bugzilla.suse.com/1242529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-23159"
},
{
"cve": "CVE-2025-23160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization\n\nOn Mediatek devices with a system companion processor (SCP) the mtk_scp\nstructure has to be removed explicitly to avoid a resource leak.\nFree the structure in case the allocation of the firmware structure fails\nduring the firmware initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23160",
"url": "https://www.suse.com/security/cve/CVE-2025-23160"
},
{
"category": "external",
"summary": "SUSE Bug 1242507 for CVE-2025-23160",
"url": "https://bugzilla.suse.com/1242507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-23160"
},
{
"cve": "CVE-2025-23161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type\n\nThe access to the PCI config space via pci_ops::read and pci_ops::write is\na low-level hardware access. The functions can be accessed with disabled\ninterrupts even on PREEMPT_RT. The pci_lock is a raw_spinlock_t for this\npurpose.\n\nA spinlock_t becomes a sleeping lock on PREEMPT_RT, so it cannot be\nacquired with disabled interrupts. The vmd_dev::cfg_lock is accessed in\nthe same context as the pci_lock.\n\nMake vmd_dev::cfg_lock a raw_spinlock_t type so it can be used with\ninterrupts disabled.\n\nThis was reported as:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n Call Trace:\n rt_spin_lock+0x4e/0x130\n vmd_pci_read+0x8d/0x100 [vmd]\n pci_user_read_config_byte+0x6f/0xe0\n pci_read_config+0xfe/0x290\n sysfs_kf_bin_read+0x68/0x90\n\n[bigeasy: reword commit message]\nTested-off-by: Luis Claudio R. Goncalves \u003clgoncalv@redhat.com\u003e\n[kwilczynski: commit log]\n[bhelgaas: add back report info from\nhttps://lore.kernel.org/lkml/20241218115951.83062-1-ryotkkr98@gmail.com/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23161",
"url": "https://www.suse.com/security/cve/CVE-2025-23161"
},
{
"category": "external",
"summary": "SUSE Bug 1242792 for CVE-2025-23161",
"url": "https://bugzilla.suse.com/1242792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-23161"
},
{
"cve": "CVE-2025-37740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add sanity check for agwidth in dbMount\n\nThe width in dmapctl of the AG is zero, it trigger a divide error when\ncalculating the control page level in dbAllocAG.\n\nTo avoid this issue, add a check for agwidth in dbAllocAG.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37740",
"url": "https://www.suse.com/security/cve/CVE-2025-37740"
},
{
"category": "external",
"summary": "SUSE Bug 1243006 for CVE-2025-37740",
"url": "https://bugzilla.suse.com/1243006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37740"
},
{
"cve": "CVE-2025-37741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Prevent copying of nlink with value 0 from disk inode\n\nsyzbot report a deadlock in diFree. [1]\n\nWhen calling \"ioctl$LOOP_SET_STATUS64\", the offset value passed in is 4,\nwhich does not match the mounted loop device, causing the mapping of the\nmounted loop device to be invalidated.\n\nWhen creating the directory and creating the inode of iag in diReadSpecial(),\nread the page of fixed disk inode (AIT) in raw mode in read_metapage(), the\nmetapage data it returns is corrupted, which causes the nlink value of 0 to be\nassigned to the iag inode when executing copy_from_dinode(), which ultimately\ncauses a deadlock when entering diFree().\n\nTo avoid this, first check the nlink value of dinode before setting iag inode.\n\n[1]\nWARNING: possible recursive locking detected\n6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0 Not tainted\n--------------------------------------------\nsyz-executor301/5309 is trying to acquire lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n\nbut task is already holding lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026(imap-\u003eim_aglock[index]));\n lock(\u0026(imap-\u003eim_aglock[index]));\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n5 locks held by syz-executor301/5309:\n #0: ffff8880422a4420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:515\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:850 [inline]\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: filename_create+0x260/0x540 fs/namei.c:4026\n #2: ffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2460 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocAG+0x4b7/0x1e50 fs/jfs/jfs_imap.c:1669\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2477 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocAG+0x869/0x1e50 fs/jfs/jfs_imap.c:1669\n\nstack backtrace:\nCPU: 0 UID: 0 PID: 5309 Comm: syz-executor301 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_deadlock_bug+0x483/0x620 kernel/locking/lockdep.c:3037\n check_deadlock kernel/locking/lockdep.c:3089 [inline]\n validate_chain+0x15e2/0x5920 kernel/locking/lockdep.c:3891\n __lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5202\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825\n __mutex_lock_common kernel/locking/mutex.c:608 [inline]\n __mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752\n diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n jfs_evict_inode+0x32d/0x440 fs/jfs/inode.c:156\n evict+0x4e8/0x9b0 fs/inode.c:725\n diFreeSpecial fs/jfs/jfs_imap.c:552 [inline]\n duplicateIXtree+0x3c6/0x550 fs/jfs/jfs_imap.c:3022\n diNewIAG fs/jfs/jfs_imap.c:2597 [inline]\n diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n diAllocAG+0x17dc/0x1e50 fs/jfs/jfs_imap.c:1669\n diAlloc+0x1d2/0x1630 fs/jfs/jfs_imap.c:1590\n ialloc+0x8f/0x900 fs/jfs/jfs_inode.c:56\n jfs_mkdir+0x1c5/0xba0 fs/jfs/namei.c:225\n vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257\n do_mkdirat+0x264/0x3a0 fs/namei.c:4280\n __do_sys_mkdirat fs/namei.c:4295 [inline]\n __se_sys_mkdirat fs/namei.c:4293 [inline]\n __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293\n do_syscall_x64 arch/x86/en\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37741",
"url": "https://www.suse.com/security/cve/CVE-2025-37741"
},
{
"category": "external",
"summary": "SUSE Bug 1243015 for CVE-2025-37741",
"url": "https://bugzilla.suse.com/1243015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37741"
},
{
"cve": "CVE-2025-37742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix uninit-value access of imap allocated in the diMount() function\n\nsyzbot reports that hex_dump_to_buffer is using uninit-value:\n\n=====================================================\nBUG: KMSAN: uninit-value in hex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nhex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nprint_hex_dump+0x13d/0x3e0 lib/hexdump.c:276\ndiFree+0x5ba/0x4350 fs/jfs/jfs_imap.c:876\njfs_evict_inode+0x510/0x550 fs/jfs/inode.c:156\nevict+0x723/0xd10 fs/inode.c:796\niput_final fs/inode.c:1946 [inline]\niput+0x97b/0xdb0 fs/inode.c:1972\ntxUpdateMap+0xf3e/0x1150 fs/jfs/jfs_txnmgr.c:2367\ntxLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline]\njfs_lazycommit+0x627/0x11d0 fs/jfs/jfs_txnmgr.c:2733\nkthread+0x6b9/0xef0 kernel/kthread.c:464\nret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:148\nret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nUninit was created at:\nslab_post_alloc_hook mm/slub.c:4121 [inline]\nslab_alloc_node mm/slub.c:4164 [inline]\n__kmalloc_cache_noprof+0x8e3/0xdf0 mm/slub.c:4320\nkmalloc_noprof include/linux/slab.h:901 [inline]\ndiMount+0x61/0x7f0 fs/jfs/jfs_imap.c:105\njfs_mount+0xa8e/0x11d0 fs/jfs/jfs_mount.c:176\njfs_fill_super+0xa47/0x17c0 fs/jfs/super.c:523\nget_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636\nget_tree_bdev+0x37/0x50 fs/super.c:1659\njfs_get_tree+0x34/0x40 fs/jfs/super.c:635\nvfs_get_tree+0xb1/0x5a0 fs/super.c:1814\ndo_new_mount+0x71f/0x15e0 fs/namespace.c:3560\npath_mount+0x742/0x1f10 fs/namespace.c:3887\ndo_mount fs/namespace.c:3900 [inline]\n__do_sys_mount fs/namespace.c:4111 [inline]\n__se_sys_mount+0x71f/0x800 fs/namespace.c:4088\n__x64_sys_mount+0xe4/0x150 fs/namespace.c:4088\nx64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\n=====================================================\n\nThe reason is that imap is not properly initialized after memory\nallocation. It will cause the snprintf() function to write uninitialized\ndata into linebuf within hex_dump_to_buffer().\n\nFix this by using kzalloc instead of kmalloc to clear its content at the\nbeginning in diMount().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37742",
"url": "https://www.suse.com/security/cve/CVE-2025-37742"
},
{
"category": "external",
"summary": "SUSE Bug 1243011 for CVE-2025-37742",
"url": "https://bugzilla.suse.com/1243011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37742"
},
{
"cve": "CVE-2025-37747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37747",
"url": "https://www.suse.com/security/cve/CVE-2025-37747"
},
{
"category": "external",
"summary": "SUSE Bug 1242520 for CVE-2025-37747",
"url": "https://bugzilla.suse.com/1242520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37747"
},
{
"cve": "CVE-2025-37748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37748"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group\n\nCurrently, mtk_iommu calls during probe iommu_device_register before\nthe hw_list from driver data is initialized. Since iommu probing issue\nfix, it leads to NULL pointer dereference in mtk_iommu_device_group when\nhw_list is accessed with list_first_entry (not null safe).\n\nSo, change the call order to ensure iommu_device_register is called\nafter the driver data are initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37748",
"url": "https://www.suse.com/security/cve/CVE-2025-37748"
},
{
"category": "external",
"summary": "SUSE Bug 1242523 for CVE-2025-37748",
"url": "https://bugzilla.suse.com/1242523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37748"
},
{
"cve": "CVE-2025-37749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ppp: Add bound checking for skb data on ppp_sync_txmung\n\nEnsure we have enough data in linear buffer from skb before accessing\ninitial bytes. This prevents potential out-of-bounds accesses\nwhen processing short packets.\n\nWhen ppp_sync_txmung receives an incoming package with an empty\npayload:\n(remote) gef\u27a4 p *(struct pppoe_hdr *) (skb-\u003ehead + skb-\u003enetwork_header)\n$18 = {\n\ttype = 0x1,\n\tver = 0x1,\n\tcode = 0x0,\n\tsid = 0x2,\n length = 0x0,\n\ttag = 0xffff8880371cdb96\n}\n\nfrom the skb struct (trimmed)\n tail = 0x16,\n end = 0x140,\n head = 0xffff88803346f400 \"4\",\n data = 0xffff88803346f416 \":\\377\",\n truesize = 0x380,\n len = 0x0,\n data_len = 0x0,\n mac_len = 0xe,\n hdr_len = 0x0,\n\nit is not safe to access data[2].\n\n[pabeni@redhat.com: fixed subj typo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37749",
"url": "https://www.suse.com/security/cve/CVE-2025-37749"
},
{
"category": "external",
"summary": "SUSE Bug 1242859 for CVE-2025-37749",
"url": "https://bugzilla.suse.com/1242859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37749"
},
{
"cve": "CVE-2025-37750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in decryption with multichannel\n\nAfter commit f7025d861694 (\"smb: client: allocate crypto only for\nprimary server\") and commit b0abcd65ec54 (\"smb: client: fix UAF in\nasync decryption\"), the channels started reusing AEAD TFM from primary\nchannel to perform synchronous decryption, but that can\u0027t done as\nthere could be multiple cifsd threads (one per channel) simultaneously\naccessing it to perform decryption.\n\nThis fixes the following KASAN splat when running fstest generic/249\nwith \u0027vers=3.1.1,multichannel,max_channels=4,seal\u0027 against Windows\nServer 2022:\n\nBUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xba/0x110\nRead of size 8 at addr ffff8881046c18a0 by task cifsd/986\nCPU: 3 UID: 0 PID: 986 Comm: cifsd Not tainted 6.15.0-rc1 #1\nPREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n print_report+0x156/0x528\n ? gf128mul_4k_lle+0xba/0x110\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? gf128mul_4k_lle+0xba/0x110\n kasan_report+0xdf/0x1a0\n ? gf128mul_4k_lle+0xba/0x110\n gf128mul_4k_lle+0xba/0x110\n ghash_update+0x189/0x210\n shash_ahash_update+0x295/0x370\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_extract_iter_to_sg+0x10/0x10\n ? ___kmalloc_large_node+0x10e/0x180\n ? __asan_memset+0x23/0x50\n crypto_ahash_update+0x3c/0xc0\n gcm_hash_assoc_remain_continue+0x93/0xc0\n crypt_message+0xe09/0xec0 [cifs]\n ? __pfx_crypt_message+0x10/0x10 [cifs]\n ? _raw_spin_unlock+0x23/0x40\n ? __pfx_cifs_readv_from_socket+0x10/0x10 [cifs]\n decrypt_raw_data+0x229/0x380 [cifs]\n ? __pfx_decrypt_raw_data+0x10/0x10 [cifs]\n ? __pfx_cifs_read_iter_from_socket+0x10/0x10 [cifs]\n smb3_receive_transform+0x837/0xc80 [cifs]\n ? __pfx_smb3_receive_transform+0x10/0x10 [cifs]\n ? __pfx___might_resched+0x10/0x10\n ? __pfx_smb3_is_transform_hdr+0x10/0x10 [cifs]\n cifs_demultiplex_thread+0x692/0x1570 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n ? rcu_is_watching+0x20/0x50\n ? rcu_lockdep_current_cpu_online+0x62/0xb0\n ? find_held_lock+0x32/0x90\n ? kvm_sched_clock_read+0x11/0x20\n ? local_clock_noinstr+0xd/0xd0\n ? trace_irq_enable.constprop.0+0xa8/0xe0\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0x1fe/0x380\n ? kthread+0x10f/0x380\n ? __pfx_kthread+0x10/0x10\n ? local_clock_noinstr+0xd/0xd0\n ? ret_from_fork+0x1b/0x60\n ? local_clock+0x15/0x30\n ? lock_release+0x29b/0x390\n ? rcu_is_watching+0x20/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37750",
"url": "https://www.suse.com/security/cve/CVE-2025-37750"
},
{
"category": "external",
"summary": "SUSE Bug 1242510 for CVE-2025-37750",
"url": "https://bugzilla.suse.com/1242510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37750"
},
{
"cve": "CVE-2025-37754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/huc: Fix fence not released on early probe errors\n\nHuC delayed loading fence, introduced with commit 27536e03271da\n(\"drm/i915/huc: track delayed HuC load with a fence\"), is registered with\nobject tracker early on driver probe but unregistered only from driver\nremove, which is not called on early probe errors. Since its memory is\nallocated under devres, then released anyway, it may happen to be\nallocated again to the fence and reused on future driver probes, resulting\nin kernel warnings that taint the kernel:\n\n\u003c4\u003e [309.731371] ------------[ cut here ]------------\n\u003c3\u003e [309.731373] ODEBUG: init destroyed (active state 0) object: ffff88813d7dd2e0 object type: i915_sw_fence hint: sw_fence_dummy_notify+0x0/0x20 [i915]\n\u003c4\u003e [309.731575] WARNING: CPU: 2 PID: 3161 at lib/debugobjects.c:612 debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731693] CPU: 2 UID: 0 PID: 3161 Comm: i915_module_loa Tainted: G U 6.14.0-CI_DRM_16362-gf0fd77956987+ #1\n...\n\u003c4\u003e [309.731700] RIP: 0010:debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731728] Call Trace:\n\u003c4\u003e [309.731730] \u003cTASK\u003e\n...\n\u003c4\u003e [309.731949] __debug_object_init+0x17b/0x1c0\n\u003c4\u003e [309.731957] debug_object_init+0x34/0x50\n\u003c4\u003e [309.732126] __i915_sw_fence_init+0x34/0x60 [i915]\n\u003c4\u003e [309.732256] intel_huc_init_early+0x4b/0x1d0 [i915]\n\u003c4\u003e [309.732468] intel_uc_init_early+0x61/0x680 [i915]\n\u003c4\u003e [309.732667] intel_gt_common_init_early+0x105/0x130 [i915]\n\u003c4\u003e [309.732804] intel_root_gt_init_early+0x63/0x80 [i915]\n\u003c4\u003e [309.732938] i915_driver_probe+0x1fa/0xeb0 [i915]\n\u003c4\u003e [309.733075] i915_pci_probe+0xe6/0x220 [i915]\n\u003c4\u003e [309.733198] local_pci_probe+0x44/0xb0\n\u003c4\u003e [309.733203] pci_device_probe+0xf4/0x270\n\u003c4\u003e [309.733209] really_probe+0xee/0x3c0\n\u003c4\u003e [309.733215] __driver_probe_device+0x8c/0x180\n\u003c4\u003e [309.733219] driver_probe_device+0x24/0xd0\n\u003c4\u003e [309.733223] __driver_attach+0x10f/0x220\n\u003c4\u003e [309.733230] bus_for_each_dev+0x7d/0xe0\n\u003c4\u003e [309.733236] driver_attach+0x1e/0x30\n\u003c4\u003e [309.733239] bus_add_driver+0x151/0x290\n\u003c4\u003e [309.733244] driver_register+0x5e/0x130\n\u003c4\u003e [309.733247] __pci_register_driver+0x7d/0x90\n\u003c4\u003e [309.733251] i915_pci_register_driver+0x23/0x30 [i915]\n\u003c4\u003e [309.733413] i915_init+0x34/0x120 [i915]\n\u003c4\u003e [309.733655] do_one_initcall+0x62/0x3f0\n\u003c4\u003e [309.733667] do_init_module+0x97/0x2a0\n\u003c4\u003e [309.733671] load_module+0x25ff/0x2890\n\u003c4\u003e [309.733688] init_module_from_file+0x97/0xe0\n\u003c4\u003e [309.733701] idempotent_init_module+0x118/0x330\n\u003c4\u003e [309.733711] __x64_sys_finit_module+0x77/0x100\n\u003c4\u003e [309.733715] x64_sys_call+0x1f37/0x2650\n\u003c4\u003e [309.733719] do_syscall_64+0x91/0x180\n\u003c4\u003e [309.733763] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\u003c4\u003e [309.733792] \u003c/TASK\u003e\n...\n\u003c4\u003e [309.733806] ---[ end trace 0000000000000000 ]---\n\nThat scenario is most easily reproducible with\nigt@i915_module_load@reload-with-fault-injection.\n\nFix the issue by moving the cleanup step to driver release path.\n\n(cherry picked from commit 795dbde92fe5c6996a02a5b579481de73035e7bf)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37754",
"url": "https://www.suse.com/security/cve/CVE-2025-37754"
},
{
"category": "external",
"summary": "SUSE Bug 1242524 for CVE-2025-37754",
"url": "https://bugzilla.suse.com/1242524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37754"
},
{
"cve": "CVE-2025-37755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37755"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: handle page_pool_dev_alloc_pages error\n\npage_pool_dev_alloc_pages could return NULL. There was a WARN_ON(!page)\nbut it would still proceed to use the NULL pointer and then crash.\n\nThis is similar to commit 001ba0902046\n(\"net: fec: handle page_pool_dev_alloc_pages error\").\n\nThis is found by our static analysis tool KNighter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37755",
"url": "https://www.suse.com/security/cve/CVE-2025-37755"
},
{
"category": "external",
"summary": "SUSE Bug 1242506 for CVE-2025-37755",
"url": "https://bugzilla.suse.com/1242506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37755"
},
{
"cve": "CVE-2025-37758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()\n\ndevm_ioremap() returns NULL on error. Currently, pxa_ata_probe() does\nnot check for this case, which can result in a NULL pointer dereference.\n\nAdd NULL check after devm_ioremap() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37758",
"url": "https://www.suse.com/security/cve/CVE-2025-37758"
},
{
"category": "external",
"summary": "SUSE Bug 1242514 for CVE-2025-37758",
"url": "https://bugzilla.suse.com/1242514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37758"
},
{
"cve": "CVE-2025-37765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: prime: fix ttm_bo_delayed_delete oops\n\nFix an oops in ttm_bo_delayed_delete which results from dererencing a\ndangling pointer:\n\nOops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [#1] PREEMPT SMP\nCPU: 4 UID: 0 PID: 1082 Comm: kworker/u65:2 Not tainted 6.14.0-rc4-00267-g505460b44513-dirty #216\nHardware name: LENOVO 82N6/LNVNB161216, BIOS GKCN65WW 01/16/2024\nWorkqueue: ttm ttm_bo_delayed_delete [ttm]\nRIP: 0010:dma_resv_iter_first_unlocked+0x55/0x290\nCode: 31 f6 48 c7 c7 00 2b fa aa e8 97 bd 52 ff e8 a2 c1 53 00 5a 85 c0 74 48 e9 88 01 00 00 4c 89 63 20 4d 85 e4 0f 84 30 01 00 00 \u003c41\u003e 8b 44 24 10 c6 43 2c 01 48 89 df 89 43 28 e8 97 fd ff ff 4c 8b\nRSP: 0018:ffffbf9383473d60 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: ffffbf9383473d88 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffbf9383473d78 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 6b6b6b6b6b6b6b6b\nR13: ffffa003bbf78580 R14: ffffa003a6728040 R15: 00000000000383cc\nFS: 0000000000000000(0000) GS:ffffa00991c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000758348024dd0 CR3: 000000012c259000 CR4: 0000000000f50ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x26\n ? die_addr+0x3d/0x70\n ? exc_general_protection+0x159/0x460\n ? asm_exc_general_protection+0x27/0x30\n ? dma_resv_iter_first_unlocked+0x55/0x290\n dma_resv_wait_timeout+0x56/0x100\n ttm_bo_delayed_delete+0x69/0xb0 [ttm]\n process_one_work+0x217/0x5c0\n worker_thread+0x1c8/0x3d0\n ? apply_wqattrs_cleanup.part.0+0xc0/0xc0\n kthread+0x10b/0x240\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork+0x40/0x70\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThe cause of this is:\n\n- drm_prime_gem_destroy calls dma_buf_put(dma_buf) which releases the\n reference to the shared dma_buf. The reference count is 0, so the\n dma_buf is destroyed, which in turn decrements the corresponding\n amdgpu_bo reference count to 0, and the amdgpu_bo is destroyed -\n calling drm_gem_object_release then dma_resv_fini (which destroys the\n reservation object), then finally freeing the amdgpu_bo.\n\n- nouveau_bo obj-\u003ebo.base.resv is now a dangling pointer to the memory\n formerly allocated to the amdgpu_bo.\n\n- nouveau_gem_object_del calls ttm_bo_put(\u0026nvbo-\u003ebo) which calls\n ttm_bo_release, which schedules ttm_bo_delayed_delete.\n\n- ttm_bo_delayed_delete runs and dereferences the dangling resv pointer,\n resulting in a general protection fault.\n\nFix this by moving the drm_prime_gem_destroy call from\nnouveau_gem_object_del to nouveau_bo_del_ttm. This ensures that it will\nbe run after ttm_bo_delayed_delete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37765",
"url": "https://www.suse.com/security/cve/CVE-2025-37765"
},
{
"category": "external",
"summary": "SUSE Bug 1242761 for CVE-2025-37765",
"url": "https://bugzilla.suse.com/1242761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37765"
},
{
"cve": "CVE-2025-37766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37766",
"url": "https://www.suse.com/security/cve/CVE-2025-37766"
},
{
"category": "external",
"summary": "SUSE Bug 1242785 for CVE-2025-37766",
"url": "https://bugzilla.suse.com/1242785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37766"
},
{
"cve": "CVE-2025-37767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37767",
"url": "https://www.suse.com/security/cve/CVE-2025-37767"
},
{
"category": "external",
"summary": "SUSE Bug 1242501 for CVE-2025-37767",
"url": "https://bugzilla.suse.com/1242501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37767"
},
{
"cve": "CVE-2025-37768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37768",
"url": "https://www.suse.com/security/cve/CVE-2025-37768"
},
{
"category": "external",
"summary": "SUSE Bug 1242567 for CVE-2025-37768",
"url": "https://bugzilla.suse.com/1242567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37768"
},
{
"cve": "CVE-2025-37769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm/smu11: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n(cherry picked from commit da7dc714a8f8e1c9fc33c57cd63583779a3bef71)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37769",
"url": "https://www.suse.com/security/cve/CVE-2025-37769"
},
{
"category": "external",
"summary": "SUSE Bug 1242587 for CVE-2025-37769",
"url": "https://bugzilla.suse.com/1242587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37769"
},
{
"cve": "CVE-2025-37770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37770",
"url": "https://www.suse.com/security/cve/CVE-2025-37770"
},
{
"category": "external",
"summary": "SUSE Bug 1242764 for CVE-2025-37770",
"url": "https://bugzilla.suse.com/1242764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37770"
},
{
"cve": "CVE-2025-37771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37771",
"url": "https://www.suse.com/security/cve/CVE-2025-37771"
},
{
"category": "external",
"summary": "SUSE Bug 1242781 for CVE-2025-37771",
"url": "https://bugzilla.suse.com/1242781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37771"
},
{
"cve": "CVE-2025-37772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix workqueue crash in cma_netevent_work_handler\n\nstruct rdma_cm_id has member \"struct work_struct net_work\"\nthat is reused for enqueuing cma_netevent_work_handler()s\nonto cma_wq.\n\nBelow crash[1] can occur if more than one call to\ncma_netevent_callback() occurs in quick succession,\nwhich further enqueues cma_netevent_work_handler()s for the\nsame rdma_cm_id, overwriting any previously queued work-item(s)\nthat was just scheduled to run i.e. there is no guarantee\nthe queued work item may run between two successive calls\nto cma_netevent_callback() and the 2nd INIT_WORK would overwrite\nthe 1st work item (for the same rdma_cm_id), despite grabbing\nid_table_lock during enqueue.\n\nAlso drgn analysis [2] indicates the work item was likely overwritten.\n\nFix this by moving the INIT_WORK() to __rdma_create_id(),\nso that it doesn\u0027t race with any existing queue_work() or\nits worker thread.\n\n[1] Trimmed crash stack:\n=============================================\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nkworker/u256:6 ... 6.12.0-0...\nWorkqueue: cma_netevent_work_handler [rdma_cm] (rdma_cm)\nRIP: 0010:process_one_work+0xba/0x31a\nCall Trace:\n worker_thread+0x266/0x3a0\n kthread+0xcf/0x100\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x1a/0x30\n=============================================\n\n[2] drgn crash analysis:\n\n\u003e\u003e\u003e trace = prog.crashed_thread().stack_trace()\n\u003e\u003e\u003e trace\n(0) crash_setup_regs (./arch/x86/include/asm/kexec.h:111:15)\n(1) __crash_kexec (kernel/crash_core.c:122:4)\n(2) panic (kernel/panic.c:399:3)\n(3) oops_end (arch/x86/kernel/dumpstack.c:382:3)\n...\n(8) process_one_work (kernel/workqueue.c:3168:2)\n(9) process_scheduled_works (kernel/workqueue.c:3310:3)\n(10) worker_thread (kernel/workqueue.c:3391:4)\n(11) kthread (kernel/kthread.c:389:9)\n\nLine workqueue.c:3168 for this kernel version is in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n\n\u003e\u003e\u003e trace[8][\"work\"]\n*(struct work_struct *)0xffff92577d0a21d8 = {\n\t.data = (atomic_long_t){\n\t\t.counter = (s64)536870912, \u003c=== Note\n\t},\n\t.entry = (struct list_head){\n\t\t.next = (struct list_head *)0xffff924d075924c0,\n\t\t.prev = (struct list_head *)0xffff924d075924c0,\n\t},\n\t.func = (work_func_t)cma_netevent_work_handler+0x0 = 0xffffffffc2cec280,\n}\n\nSuspicion is that pwq is NULL:\n\u003e\u003e\u003e trace[8][\"pwq\"]\n(struct pool_workqueue *)\u003cabsent\u003e\n\nIn process_one_work(), pwq is assigned from:\nstruct pool_workqueue *pwq = get_work_pwq(work);\n\nand get_work_pwq() is:\nstatic struct pool_workqueue *get_work_pwq(struct work_struct *work)\n{\n \tunsigned long data = atomic_long_read(\u0026work-\u003edata);\n\n \tif (data \u0026 WORK_STRUCT_PWQ)\n \t\treturn work_struct_pwq(data);\n \telse\n \t\treturn NULL;\n}\n\nWORK_STRUCT_PWQ is 0x4:\n\u003e\u003e\u003e print(repr(prog[\u0027WORK_STRUCT_PWQ\u0027]))\nObject(prog, \u0027enum work_flags\u0027, value=4)\n\nBut work-\u003edata is 536870912 which is 0x20000000.\nSo, get_work_pwq() returns NULL and we crash in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n=============================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37772",
"url": "https://www.suse.com/security/cve/CVE-2025-37772"
},
{
"category": "external",
"summary": "SUSE Bug 1242563 for CVE-2025-37772",
"url": "https://bugzilla.suse.com/1242563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37772"
},
{
"cve": "CVE-2025-37773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtiofs: add filesystem context source name check\n\nIn certain scenarios, for example, during fuzz testing, the source\nname may be NULL, which could lead to a kernel panic. Therefore, an\nextra check for the source name should be added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37773",
"url": "https://www.suse.com/security/cve/CVE-2025-37773"
},
{
"category": "external",
"summary": "SUSE Bug 1242502 for CVE-2025-37773",
"url": "https://bugzilla.suse.com/1242502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37773"
},
{
"cve": "CVE-2025-37780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Prevent the use of too small fid\n\nsyzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1]\n\nThe handle_bytes value passed in by the reproducing program is equal to 12.\nIn handle_to_path(), only 12 bytes of memory are allocated for the structure\nfile_handle-\u003ef_handle member, which causes an out-of-bounds access when\naccessing the member parent_block of the structure isofs_fid in isofs,\nbecause accessing parent_block requires at least 16 bytes of f_handle.\nHere, fh_len is used to indirectly confirm that the value of handle_bytes\nis greater than 3 before accessing parent_block.\n\n[1]\nBUG: KASAN: slab-out-of-bounds in isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\nRead of size 4 at addr ffff0000cc030d94 by task syz-executor215/6466\nCPU: 1 UID: 0 PID: 6466 Comm: syz-executor215 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0x198/0x550 mm/kasan/report.c:521\n kasan_report+0xd8/0x138 mm/kasan/report.c:634\n __asan_report_load4_noabort+0x20/0x2c mm/kasan/report_generic.c:380\n isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\n exportfs_decode_fh_raw+0x2dc/0x608 fs/exportfs/expfs.c:523\n do_handle_to_path+0xa0/0x198 fs/fhandle.c:257\n handle_to_path fs/fhandle.c:385 [inline]\n do_handle_open+0x8cc/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nAllocated by task 6466:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x40/0x50 mm/kasan/generic.c:562\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xac/0xc4 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4294 [inline]\n __kmalloc_noprof+0x32c/0x54c mm/slub.c:4306\n kmalloc_noprof include/linux/slab.h:905 [inline]\n handle_to_path fs/fhandle.c:357 [inline]\n do_handle_open+0x5a4/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37780",
"url": "https://www.suse.com/security/cve/CVE-2025-37780"
},
{
"category": "external",
"summary": "SUSE Bug 1242786 for CVE-2025-37780",
"url": "https://bugzilla.suse.com/1242786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37780"
},
{
"cve": "CVE-2025-37781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: cros-ec-tunnel: defer probe if parent EC is not present\n\nWhen i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent\ndevice will not be found, leading to NULL pointer dereference.\n\nThat can also be reproduced by unbinding the controller driver and then\nloading i2c-cros-ec-tunnel module (or binding the device).\n\n[ 271.991245] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 271.998215] #PF: supervisor read access in kernel mode\n[ 272.003351] #PF: error_code(0x0000) - not-present page\n[ 272.008485] PGD 0 P4D 0\n[ 272.011022] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 272.015207] CPU: 0 UID: 0 PID: 3859 Comm: insmod Tainted: G S 6.15.0-rc1-00004-g44722359ed83 #30 PREEMPT(full) 3c7fb39a552e7d949de2ad921a7d6588d3a4fdc5\n[ 272.030312] Tainted: [S]=CPU_OUT_OF_SPEC\n[ 272.034233] Hardware name: HP Berknip/Berknip, BIOS Google_Berknip.13434.356.0 05/17/2021\n[ 272.042400] RIP: 0010:ec_i2c_probe+0x2b/0x1c0 [i2c_cros_ec_tunnel]\n[ 272.048577] Code: 1f 44 00 00 41 57 41 56 41 55 41 54 53 48 83 ec 10 65 48 8b 05 06 a0 6c e7 48 89 44 24 08 4c 8d 7f 10 48 8b 47 50 4c 8b 60 78 \u003c49\u003e 83 7c 24 58 00 0f 84 2f 01 00 00 48 89 fb be 30 06 00 00 4c 9\n[ 272.067317] RSP: 0018:ffffa32082a03940 EFLAGS: 00010282\n[ 272.072541] RAX: ffff969580b6a810 RBX: ffff969580b68c10 RCX: 0000000000000000\n[ 272.079672] RDX: 0000000000000000 RSI: 0000000000000282 RDI: ffff969580b68c00\n[ 272.086804] RBP: 00000000fffffdfb R08: 0000000000000000 R09: 0000000000000000\n[ 272.093936] R10: 0000000000000000 R11: ffffffffc0600000 R12: 0000000000000000\n[ 272.101067] R13: ffffffffa666fbb8 R14: ffffffffc05b5528 R15: ffff969580b68c10\n[ 272.108198] FS: 00007b930906fc40(0000) GS:ffff969603149000(0000) knlGS:0000000000000000\n[ 272.116282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 272.122024] CR2: 0000000000000058 CR3: 000000012631c000 CR4: 00000000003506f0\n[ 272.129155] Call Trace:\n[ 272.131606] \u003cTASK\u003e\n[ 272.133709] ? acpi_dev_pm_attach+0xdd/0x110\n[ 272.137985] platform_probe+0x69/0xa0\n[ 272.141652] really_probe+0x152/0x310\n[ 272.145318] __driver_probe_device+0x77/0x110\n[ 272.149678] driver_probe_device+0x1e/0x190\n[ 272.153864] __driver_attach+0x10b/0x1e0\n[ 272.157790] ? driver_attach+0x20/0x20\n[ 272.161542] bus_for_each_dev+0x107/0x150\n[ 272.165553] bus_add_driver+0x15d/0x270\n[ 272.169392] driver_register+0x65/0x110\n[ 272.173232] ? cleanup_module+0xa80/0xa80 [i2c_cros_ec_tunnel 3a00532f3f4af4a9eade753f86b0f8dd4e4e5698]\n[ 272.182617] do_one_initcall+0x110/0x350\n[ 272.186543] ? security_kernfs_init_security+0x49/0xd0\n[ 272.191682] ? __kernfs_new_node+0x1b9/0x240\n[ 272.195954] ? security_kernfs_init_security+0x49/0xd0\n[ 272.201093] ? __kernfs_new_node+0x1b9/0x240\n[ 272.205365] ? kernfs_link_sibling+0x105/0x130\n[ 272.209810] ? kernfs_next_descendant_post+0x1c/0xa0\n[ 272.214773] ? kernfs_activate+0x57/0x70\n[ 272.218699] ? kernfs_add_one+0x118/0x160\n[ 272.222710] ? __kernfs_create_file+0x71/0xa0\n[ 272.227069] ? sysfs_add_bin_file_mode_ns+0xd6/0x110\n[ 272.232033] ? internal_create_group+0x453/0x4a0\n[ 272.236651] ? __vunmap_range_noflush+0x214/0x2d0\n[ 272.241355] ? __free_frozen_pages+0x1dc/0x420\n[ 272.245799] ? free_vmap_area_noflush+0x10a/0x1c0\n[ 272.250505] ? load_module+0x1509/0x16f0\n[ 272.254431] do_init_module+0x60/0x230\n[ 272.258181] __se_sys_finit_module+0x27a/0x370\n[ 272.262627] do_syscall_64+0x6a/0xf0\n[ 272.266206] ? do_syscall_64+0x76/0xf0\n[ 272.269956] ? irqentry_exit_to_user_mode+0x79/0x90\n[ 272.274836] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n[ 272.279887] RIP: 0033:0x7b9309168d39\n[ 272.283466] Code: 5b 41 5c 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d af 40 0c 00 f7 d8 64 89 01 8\n[ 272.302210] RSP: 002b:00007fff50f1a288 EFLAGS: 00000246 ORIG_RAX: 000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37781",
"url": "https://www.suse.com/security/cve/CVE-2025-37781"
},
{
"category": "external",
"summary": "SUSE Bug 1242575 for CVE-2025-37781",
"url": "https://bugzilla.suse.com/1242575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37781"
},
{
"cve": "CVE-2025-37782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37782"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37782",
"url": "https://www.suse.com/security/cve/CVE-2025-37782"
},
{
"category": "external",
"summary": "SUSE Bug 1242770 for CVE-2025-37782",
"url": "https://bugzilla.suse.com/1242770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37782"
},
{
"cve": "CVE-2025-37787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered\n\nRussell King reports that a system with mv88e6xxx dereferences a NULL\npointer when unbinding this driver:\nhttps://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/\n\nThe crash seems to be in devlink_region_destroy(), which is not NULL\ntolerant but is given a NULL devlink global region pointer.\n\nAt least on some chips, some devlink regions are conditionally registered\nsince the blamed commit, see mv88e6xxx_setup_devlink_regions_global():\n\n\t\tif (cond \u0026\u0026 !cond(chip))\n\t\t\tcontinue;\n\nThese are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip\ndoes not have an STU or PVT, it should crash like this.\n\nTo fix the issue, avoid unregistering those regions which are NULL, i.e.\nwere skipped at mv88e6xxx_setup_devlink_regions_global() time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37787",
"url": "https://www.suse.com/security/cve/CVE-2025-37787"
},
{
"category": "external",
"summary": "SUSE Bug 1242585 for CVE-2025-37787",
"url": "https://bugzilla.suse.com/1242585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37787"
},
{
"cve": "CVE-2025-37788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path\n\nIn the for loop used to allocate the loc_array and bmap for each port, a\nmemory leak is possible when the allocation for loc_array succeeds,\nbut the allocation for bmap fails. This is because when the control flow\ngoes to the label free_eth_finfo, only the allocations starting from\n(i-1)th iteration are freed.\n\nFix that by freeing the loc_array in the bmap allocation error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37788",
"url": "https://www.suse.com/security/cve/CVE-2025-37788"
},
{
"category": "external",
"summary": "SUSE Bug 1242766 for CVE-2025-37788",
"url": "https://bugzilla.suse.com/1242766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37788"
},
{
"cve": "CVE-2025-37789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix nested key length validation in the set() action\n\nIt\u0027s not safe to access nla_len(ovs_key) if the data is smaller than\nthe netlink header. Check that the attribute is OK first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37789",
"url": "https://www.suse.com/security/cve/CVE-2025-37789"
},
{
"category": "external",
"summary": "SUSE Bug 1242762 for CVE-2025-37789",
"url": "https://bugzilla.suse.com/1242762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37789"
},
{
"cve": "CVE-2025-37790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Set SOCK_RCU_FREE\n\nBind lookup runs under RCU, so ensure that a socket doesn\u0027t go away in\nthe middle of a lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37790",
"url": "https://www.suse.com/security/cve/CVE-2025-37790"
},
{
"category": "external",
"summary": "SUSE Bug 1242509 for CVE-2025-37790",
"url": "https://bugzilla.suse.com/1242509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37790"
},
{
"cve": "CVE-2025-37792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: Prevent potential NULL dereference\n\nThe btrtl_initialize() function checks that rtl_load_file() either\nhad an error or it loaded a zero length file. However, if it loaded\na zero length file then the error code is not set correctly. It\nresults in an error pointer vs NULL bug, followed by a NULL pointer\ndereference. This was detected by Smatch:\n\ndrivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to \u0027ERR_PTR\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37792",
"url": "https://www.suse.com/security/cve/CVE-2025-37792"
},
{
"category": "external",
"summary": "SUSE Bug 1242591 for CVE-2025-37792",
"url": "https://bugzilla.suse.com/1242591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37792"
},
{
"cve": "CVE-2025-37793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\navs_component_probe() does not check for this case, which results in a\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37793",
"url": "https://www.suse.com/security/cve/CVE-2025-37793"
},
{
"category": "external",
"summary": "SUSE Bug 1242584 for CVE-2025-37793",
"url": "https://bugzilla.suse.com/1242584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37793"
},
{
"cve": "CVE-2025-37794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Purge vif txq in ieee80211_do_stop()\n\nAfter ieee80211_do_stop() SKB from vif\u0027s txq could still be processed.\nIndeed another concurrent vif schedule_and_wake_txq call could cause\nthose packets to be dequeued (see ieee80211_handle_wake_tx_queue())\nwithout checking the sdata current state.\n\nBecause vif.drv_priv is now cleared in this function, this could lead to\ndriver crash.\n\nFor example in ath12k, ahvif is store in vif.drv_priv. Thus if\nath12k_mac_op_tx() is called after ieee80211_do_stop(), ahvif-\u003eah can be\nNULL, leading the ath12k_warn(ahvif-\u003eah,...) call in this function to\ntrigger the NULL deref below.\n\n Unable to handle kernel paging request at virtual address dfffffc000000001\n KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n batman_adv: bat0: Interface deactivated: brbh1337\n Mem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n [dfffffc000000001] address between user and kernel address ranges\n Internal error: Oops: 0000000096000004 [#1] SMP\n CPU: 1 UID: 0 PID: 978 Comm: lbd Not tainted 6.13.0-g633f875b8f1e #114\n Hardware name: HW (DT)\n pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k]\n lr : ath12k_mac_op_tx+0x174/0x29b8 [ath12k]\n sp : ffffffc086ace450\n x29: ffffffc086ace450 x28: 0000000000000000 x27: 1ffffff810d59ca4\n x26: ffffff801d05f7c0 x25: 0000000000000000 x24: 000000004000001e\n x23: ffffff8009ce4926 x22: ffffff801f9c0800 x21: ffffff801d05f7f0\n x20: ffffff8034a19f40 x19: 0000000000000000 x18: ffffff801f9c0958\n x17: ffffff800bc0a504 x16: dfffffc000000000 x15: ffffffc086ace4f8\n x14: ffffff801d05f83c x13: 0000000000000000 x12: ffffffb003a0bf03\n x11: 0000000000000000 x10: ffffffb003a0bf02 x9 : ffffff8034a19f40\n x8 : ffffff801d05f818 x7 : 1ffffff0069433dc x6 : ffffff8034a19ee0\n x5 : ffffff801d05f7f0 x4 : 0000000000000000 x3 : 0000000000000001\n x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000008\n Call trace:\n ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k] (P)\n ieee80211_handle_wake_tx_queue+0x16c/0x260\n ieee80211_queue_skb+0xeec/0x1d20\n ieee80211_tx+0x200/0x2c8\n ieee80211_xmit+0x22c/0x338\n __ieee80211_subif_start_xmit+0x7e8/0xc60\n ieee80211_subif_start_xmit+0xc4/0xee0\n __ieee80211_subif_start_xmit_8023.isra.0+0x854/0x17a0\n ieee80211_subif_start_xmit_8023+0x124/0x488\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n br_dev_queue_push_xmit+0x120/0x4a8\n __br_forward+0xe4/0x2b0\n deliver_clone+0x5c/0xd0\n br_flood+0x398/0x580\n br_dev_xmit+0x454/0x9f8\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n ip6_finish_output2+0xc28/0x1b60\n __ip6_finish_output+0x38c/0x638\n ip6_output+0x1b4/0x338\n ip6_local_out+0x7c/0xa8\n ip6_send_skb+0x7c/0x1b0\n ip6_push_pending_frames+0x94/0xd0\n rawv6_sendmsg+0x1a98/0x2898\n inet_sendmsg+0x94/0xe0\n __sys_sendto+0x1e4/0x308\n __arm64_sys_sendto+0xc4/0x140\n do_el0_svc+0x110/0x280\n el0_svc+0x20/0x60\n el0t_64_sync_handler+0x104/0x138\n el0t_64_sync+0x154/0x158\n\nTo avoid that, empty vif\u0027s txq at ieee80211_do_stop() so no packet could\nbe dequeued after ieee80211_do_stop() (new packets cannot be queued\nbecause SDATA_STATE_RUNNING is cleared at this point).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37794",
"url": "https://www.suse.com/security/cve/CVE-2025-37794"
},
{
"category": "external",
"summary": "SUSE Bug 1242566 for CVE-2025-37794",
"url": "https://bugzilla.suse.com/1242566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37794"
},
{
"cve": "CVE-2025-37796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: at76c50x: fix use after free access in at76_disconnect\n\nThe memory pointed to by priv is freed at the end of at76_delete_device\nfunction (using ieee80211_free_hw). But the code then accesses the udev\nfield of the freed object to put the USB device. This may also lead to a\nmemory leak of the usb device. Fix this by using udev from interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37796",
"url": "https://www.suse.com/security/cve/CVE-2025-37796"
},
{
"category": "external",
"summary": "SUSE Bug 1242727 for CVE-2025-37796",
"url": "https://bugzilla.suse.com/1242727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37796"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudmabuf: fix a buf size overflow issue during udmabuf creation\n\nby casting size_limit_mb to u64 when calculate pglimit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37803",
"url": "https://www.suse.com/security/cve/CVE-2025-37803"
},
{
"category": "external",
"summary": "SUSE Bug 1242852 for CVE-2025-37803",
"url": "https://bugzilla.suse.com/1242852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37803"
},
{
"cve": "CVE-2025-37804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37804"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37804",
"url": "https://www.suse.com/security/cve/CVE-2025-37804"
},
{
"category": "external",
"summary": "SUSE Bug 1242854 for CVE-2025-37804",
"url": "https://bugzilla.suse.com/1242854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37804"
},
{
"cve": "CVE-2025-37805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsound/virtio: Fix cancel_sync warnings on uninitialized work_structs\n\nBetty reported hitting the following warning:\n\n[ 8.709131][ T221] WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182\n...\n[ 8.713282][ T221] Call trace:\n[ 8.713365][ T221] __flush_work+0x8d0/0x914\n[ 8.713468][ T221] __cancel_work_sync+0xac/0xfc\n[ 8.713570][ T221] cancel_work_sync+0x24/0x34\n[ 8.713667][ T221] virtsnd_remove+0xa8/0xf8 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.713868][ T221] virtsnd_probe+0x48c/0x664 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.714035][ T221] virtio_dev_probe+0x28c/0x390\n[ 8.714139][ T221] really_probe+0x1bc/0x4c8\n...\n\nIt seems we\u0027re hitting the error path in virtsnd_probe(), which\ntriggers a virtsnd_remove() which iterates over the substreams\ncalling cancel_work_sync() on the elapsed_period work_struct.\n\nLooking at the code, from earlier in:\nvirtsnd_probe()-\u003evirtsnd_build_devs()-\u003evirtsnd_pcm_parse_cfg()\n\nWe set snd-\u003ensubstreams, allocate the snd-\u003esubstreams, and if\nwe then hit an error on the info allocation or something in\nvirtsnd_ctl_query_info() fails, we will exit without having\ninitialized the elapsed_period work_struct.\n\nWhen that error path unwinds we then call virtsnd_remove()\nwhich as long as the substreams array is allocated, will iterate\nthrough calling cancel_work_sync() on the uninitialized work\nstruct hitting this warning.\n\nTakashi Iwai suggested this fix, which initializes the substreams\nstructure right after allocation, so that if we hit the error\npaths we avoid trying to cleanup uninitialized data.\n\nNote: I have not yet managed to reproduce the issue myself, so\nthis patch has had limited testing.\n\nFeedback or thoughts would be appreciated!",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37805",
"url": "https://www.suse.com/security/cve/CVE-2025-37805"
},
{
"category": "external",
"summary": "SUSE Bug 1242930 for CVE-2025-37805",
"url": "https://bugzilla.suse.com/1242930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37805"
},
{
"cve": "CVE-2025-37809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Fix NULL pointer access\n\nConcurrent calls to typec_partner_unlink_device can lead to a NULL pointer\ndereference. This patch adds a mutex to protect USB device pointers and\nprevent this issue. The same mutex protects both the device pointers and\nthe partner device registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37809",
"url": "https://www.suse.com/security/cve/CVE-2025-37809"
},
{
"category": "external",
"summary": "SUSE Bug 1242856 for CVE-2025-37809",
"url": "https://bugzilla.suse.com/1242856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37809"
},
{
"cve": "CVE-2025-37810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: check that event count does not exceed event buffer length\n\nThe event count is read from register DWC3_GEVNTCOUNT.\nThere is a check for the count being zero, but not for exceeding the\nevent buffer length.\nCheck that event count does not exceed event buffer length,\navoiding an out-of-bounds access when memcpy\u0027ing the event.\nCrash log:\nUnable to handle kernel paging request at virtual address ffffffc0129be000\npc : __memcpy+0x114/0x180\nlr : dwc3_check_event_buf+0xec/0x348\nx3 : 0000000000000030 x2 : 000000000000dfc4\nx1 : ffffffc0129be000 x0 : ffffff87aad60080\nCall trace:\n__memcpy+0x114/0x180\ndwc3_interrupt+0x24/0x34",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37810",
"url": "https://www.suse.com/security/cve/CVE-2025-37810"
},
{
"category": "external",
"summary": "SUSE Bug 1242906 for CVE-2025-37810",
"url": "https://bugzilla.suse.com/1242906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37810"
},
{
"cve": "CVE-2025-37812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: Fix deadlock when using NCM gadget\n\nThe cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit\n58f2fcb3a845 (\"usb: cdnsp: Fix deadlock issue during using NCM gadget\").\n\nUnder PREEMPT_RT the deadlock can be readily triggered by heavy network\ntraffic, for example using \"iperf --bidir\" over NCM ethernet link.\n\nThe deadlock occurs because the threaded interrupt handler gets\npreempted by a softirq, but both are protected by the same spinlock.\nPrevent deadlock by disabling softirq during threaded irq handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37812",
"url": "https://www.suse.com/security/cve/CVE-2025-37812"
},
{
"category": "external",
"summary": "SUSE Bug 1242908 for CVE-2025-37812",
"url": "https://bugzilla.suse.com/1242908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37812"
},
{
"cve": "CVE-2025-37815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration\n\nResolve kernel panic while accessing IRQ handler associated with the\ngenerated IRQ. This is done by acquiring the spinlock and storing the\ncurrent interrupt state before handling the interrupt request using\ngeneric_handle_irq.\n\nA previous fix patch was submitted where \u0027generic_handle_irq\u0027 was\nreplaced with \u0027handle_nested_irq\u0027. However, this change also causes\nthe kernel panic where after determining which GPIO triggered the\ninterrupt and attempting to call handle_nested_irq with the mapped\nIRQ number, leads to a failure in locating the registered handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37815",
"url": "https://www.suse.com/security/cve/CVE-2025-37815"
},
{
"category": "external",
"summary": "SUSE Bug 1242871 for CVE-2025-37815",
"url": "https://bugzilla.suse.com/1242871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37815"
},
{
"cve": "CVE-2025-37819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()\n\nWith ACPI in place, gicv2m_get_fwnode() is registered with the pci\nsubsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime\nduring a PCI host bridge probe. But, the call back is wrongly marked as\n__init, causing it to be freed, while being registered with the PCI\nsubsystem and could trigger:\n\n Unable to handle kernel paging request at virtual address ffff8000816c0400\n gicv2m_get_fwnode+0x0/0x58 (P)\n pci_set_bus_msi_domain+0x74/0x88\n pci_register_host_bridge+0x194/0x548\n\nThis is easily reproducible on a Juno board with ACPI boot.\n\nRetain the function for later use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37819",
"url": "https://www.suse.com/security/cve/CVE-2025-37819"
},
{
"category": "external",
"summary": "SUSE Bug 1242873 for CVE-2025-37819",
"url": "https://bugzilla.suse.com/1242873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37819"
},
{
"cve": "CVE-2025-37820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen-netfront: handle NULL returned by xdp_convert_buff_to_frame()\n\nThe function xdp_convert_buff_to_frame() may return NULL if it fails\nto correctly convert the XDP buffer into an XDP frame due to memory\nconstraints, internal errors, or invalid data. Failing to check for NULL\nmay lead to a NULL pointer dereference if the result is used later in\nprocessing, potentially causing crashes, data corruption, or undefined\nbehavior.\n\nOn XDP redirect failure, the associated page must be released explicitly\nif it was previously retained via get_page(). Failing to do so may result\nin a memory leak, as the pages reference count is not decremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37820",
"url": "https://www.suse.com/security/cve/CVE-2025-37820"
},
{
"category": "external",
"summary": "SUSE Bug 1242866 for CVE-2025-37820",
"url": "https://bugzilla.suse.com/1242866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37820"
},
{
"cve": "CVE-2025-37823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don\u0027t have a reliable reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37823",
"url": "https://www.suse.com/security/cve/CVE-2025-37823"
},
{
"category": "external",
"summary": "SUSE Bug 1242924 for CVE-2025-37823",
"url": "https://bugzilla.suse.com/1242924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37823"
},
{
"cve": "CVE-2025-37824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix NULL pointer dereference in tipc_mon_reinit_self()\n\nsyzbot reported:\n\ntipc: Node number set to 1055423674\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 3 UID: 0 PID: 6017 Comm: kworker/3:5 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: events tipc_net_finalize_work\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tipc_net_finalize+0x10b/0x180 net/tipc/net.c:140\n process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238\n process_scheduled_works kernel/workqueue.c:3319 [inline]\n worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400\n kthread+0x3c2/0x780 kernel/kthread.c:464\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n...\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\nThere is a racing condition between workqueue created when enabling\nbearer and another thread created when disabling bearer right after\nthat as follow:\n\nenabling_bearer | disabling_bearer\n--------------- | ----------------\ntipc_disc_timeout() |\n{ | bearer_disable()\n ... | {\n schedule_work(\u0026tn-\u003ework); | tipc_mon_delete()\n ... | {\n} | ...\n | write_lock_bh(\u0026mon-\u003elock);\n | mon-\u003eself = NULL;\n | write_unlock_bh(\u0026mon-\u003elock);\n | ...\n | }\ntipc_net_finalize_work() | }\n{ |\n ... |\n tipc_net_finalize() |\n { |\n ... |\n tipc_mon_reinit_self() |\n { |\n ... |\n write_lock_bh(\u0026mon-\u003elock); |\n mon-\u003eself-\u003eaddr = tipc_own_addr(net); |\n write_unlock_bh(\u0026mon-\u003elock); |\n ... \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37824",
"url": "https://www.suse.com/security/cve/CVE-2025-37824"
},
{
"category": "external",
"summary": "SUSE Bug 1242867 for CVE-2025-37824",
"url": "https://bugzilla.suse.com/1242867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37824"
},
{
"cve": "CVE-2025-37829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scpi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37829",
"url": "https://www.suse.com/security/cve/CVE-2025-37829"
},
{
"category": "external",
"summary": "SUSE Bug 1242875 for CVE-2025-37829",
"url": "https://bugzilla.suse.com/1242875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37829"
},
{
"cve": "CVE-2025-37830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scmi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.\n\nAdd NULL check after cpufreq_cpu_get_raw() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37830",
"url": "https://www.suse.com/security/cve/CVE-2025-37830"
},
{
"category": "external",
"summary": "SUSE Bug 1242860 for CVE-2025-37830",
"url": "https://bugzilla.suse.com/1242860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37830"
},
{
"cve": "CVE-2025-37831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. apple_soc_cpufreq_get_rate() does not check\nfor this case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37831",
"url": "https://www.suse.com/security/cve/CVE-2025-37831"
},
{
"category": "external",
"summary": "SUSE Bug 1242861 for CVE-2025-37831",
"url": "https://bugzilla.suse.com/1242861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37831"
},
{
"cve": "CVE-2025-37833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads\n\nFix niu_try_msix() to not cause a fatal trap on sparc systems.\n\nSet PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to\nwork around a bug in the hardware or firmware.\n\nFor each vector entry in the msix table, niu chips will cause a fatal\ntrap if any registers in that entry are read before that entries\u0027\nENTRY_DATA register is written to. Testing indicates writes to other\nregisters are not sufficient to prevent the fatal trap, however the value\ndoes not appear to matter. This only needs to happen once after power up,\nso simply rebooting into a kernel lacking this fix will NOT cause the\ntrap.\n\nNON-RESUMABLE ERROR: Reporting on cpu 64\nNON-RESUMABLE ERROR: TPC [0x00000000005f6900] \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\nNON-RESUMABLE ERROR: RAW [4010000000000016:00000e37f93e32ff:0000000202000080:ffffffffffffffff\nNON-RESUMABLE ERROR: 0000000800000000:0000000000000000:0000000000000000:0000000000000000]\nNON-RESUMABLE ERROR: handle [0x4010000000000016] stick [0x00000e37f93e32ff]\nNON-RESUMABLE ERROR: type [precise nonresumable]\nNON-RESUMABLE ERROR: attrs [0x02000080] \u003c ASI sp-faulted priv \u003e\nNON-RESUMABLE ERROR: raddr [0xffffffffffffffff]\nNON-RESUMABLE ERROR: insn effective address [0x000000c50020000c]\nNON-RESUMABLE ERROR: size [0x8]\nNON-RESUMABLE ERROR: asi [0x00]\nCPU: 64 UID: 0 PID: 745 Comm: kworker/64:1 Not tainted 6.11.5 #63\nWorkqueue: events work_for_cpu_fn\nTSTATE: 0000000011001602 TPC: 00000000005f6900 TNPC: 00000000005f6904 Y: 00000000 Not tainted\nTPC: \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\ng0: 00000000000002e9 g1: 000000000000000c g2: 000000c50020000c g3: 0000000000000100\ng4: ffff8000470307c0 g5: ffff800fec5be000 g6: ffff800047a08000 g7: 0000000000000000\no0: ffff800014feb000 o1: ffff800047a0b620 o2: 0000000000000011 o3: ffff800047a0b620\no4: 0000000000000080 o5: 0000000000000011 sp: ffff800047a0ad51 ret_pc: 00000000005f7128\nRPC: \u003c__pci_enable_msix_range+0x3cc/0x460\u003e\nl0: 000000000000000d l1: 000000000000c01f l2: ffff800014feb0a8 l3: 0000000000000020\nl4: 000000000000c000 l5: 0000000000000001 l6: 0000000020000000 l7: ffff800047a0b734\ni0: ffff800014feb000 i1: ffff800047a0b730 i2: 0000000000000001 i3: 000000000000000d\ni4: 0000000000000000 i5: 0000000000000000 i6: ffff800047a0ae81 i7: 00000000101888b0\nI7: \u003cniu_try_msix.constprop.0+0xc0/0x130 [niu]\u003e\nCall Trace:\n[\u003c00000000101888b0\u003e] niu_try_msix.constprop.0+0xc0/0x130 [niu]\n[\u003c000000001018f840\u003e] niu_get_invariants+0x183c/0x207c [niu]\n[\u003c00000000101902fc\u003e] niu_pci_init_one+0x27c/0x2fc [niu]\n[\u003c00000000005ef3e4\u003e] local_pci_probe+0x28/0x74\n[\u003c0000000000469240\u003e] work_for_cpu_fn+0x8/0x1c\n[\u003c000000000046b008\u003e] process_scheduled_works+0x144/0x210\n[\u003c000000000046b518\u003e] worker_thread+0x13c/0x1c0\n[\u003c00000000004710e0\u003e] kthread+0xb8/0xc8\n[\u003c00000000004060c8\u003e] ret_from_fork+0x1c/0x2c\n[\u003c0000000000000000\u003e] 0x0\nKernel panic - not syncing: Non-resumable error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37833",
"url": "https://www.suse.com/security/cve/CVE-2025-37833"
},
{
"category": "external",
"summary": "SUSE Bug 1242868 for CVE-2025-37833",
"url": "https://bugzilla.suse.com/1242868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37833"
},
{
"cve": "CVE-2025-37836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix reference leak in pci_register_host_bridge()\n\nIf device_register() fails, call put_device() to give up the reference to\navoid a memory leak, per the comment at device_register().\n\nFound by code review.\n\n[bhelgaas: squash Dan Carpenter\u0027s double free fix from\nhttps://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37836",
"url": "https://www.suse.com/security/cve/CVE-2025-37836"
},
{
"category": "external",
"summary": "SUSE Bug 1242957 for CVE-2025-37836",
"url": "https://bugzilla.suse.com/1242957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37836"
},
{
"cve": "CVE-2025-37839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb-\u003es_sequence check\n\nJournal emptiness is not determined by sb-\u003es_sequence == 0 but rather by\nsb-\u003es_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37839",
"url": "https://www.suse.com/security/cve/CVE-2025-37839"
},
{
"category": "external",
"summary": "SUSE Bug 1242990 for CVE-2025-37839",
"url": "https://bugzilla.suse.com/1242990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37839"
},
{
"cve": "CVE-2025-37840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: fix PM resume warning\n\nFixed warning on PM resume as shown below caused due to uninitialized\nstruct nand_operation that checks chip select field :\nWARN_ON(op-\u003ecs \u003e= nanddev_ntargets(\u0026chip-\u003ebase)\n\n[ 14.588522] ------------[ cut here ]------------\n[ 14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8\n[ 14.588553] Modules linked in: bdc udc_core\n[ 14.588579] CPU: 0 UID: 0 PID: 1392 Comm: rtcwake Tainted: G W 6.14.0-rc4-g5394eea10651 #16\n[ 14.588590] Tainted: [W]=WARN\n[ 14.588593] Hardware name: Broadcom STB (Flattened Device Tree)\n[ 14.588598] Call trace:\n[ 14.588604] dump_backtrace from show_stack+0x18/0x1c\n[ 14.588622] r7:00000009 r6:0000008b r5:60000153 r4:c0fa558c\n[ 14.588625] show_stack from dump_stack_lvl+0x70/0x7c\n[ 14.588639] dump_stack_lvl from dump_stack+0x18/0x1c\n[ 14.588653] r5:c08d40b0 r4:c1003cb0\n[ 14.588656] dump_stack from __warn+0x84/0xe4\n[ 14.588668] __warn from warn_slowpath_fmt+0x18c/0x194\n[ 14.588678] r7:c08d40b0 r6:c1003cb0 r5:00000000 r4:00000000\n[ 14.588681] warn_slowpath_fmt from nand_reset_op+0x1e0/0x1f8\n[ 14.588695] r8:70c40dff r7:89705f41 r6:36b4a597 r5:c26c9444 r4:c26b0048\n[ 14.588697] nand_reset_op from brcmnand_resume+0x13c/0x150\n[ 14.588714] r9:00000000 r8:00000000 r7:c24f8010 r6:c228a3f8 r5:c26c94bc r4:c26b0040\n[ 14.588717] brcmnand_resume from platform_pm_resume+0x34/0x54\n[ 14.588735] r5:00000010 r4:c0840a50\n[ 14.588738] platform_pm_resume from dpm_run_callback+0x5c/0x14c\n[ 14.588757] dpm_run_callback from device_resume+0xc0/0x324\n[ 14.588776] r9:c24f8054 r8:c24f80a0 r7:00000000 r6:00000000 r5:00000010 r4:c24f8010\n[ 14.588779] device_resume from dpm_resume+0x130/0x160\n[ 14.588799] r9:c22539e4 r8:00000010 r7:c22bebb0 r6:c24f8010 r5:c22539dc r4:c22539b0\n[ 14.588802] dpm_resume from dpm_resume_end+0x14/0x20\n[ 14.588822] r10:c2204e40 r9:00000000 r8:c228a3fc r7:00000000 r6:00000003 r5:c228a414\n[ 14.588826] r4:00000010\n[ 14.588828] dpm_resume_end from suspend_devices_and_enter+0x274/0x6f8\n[ 14.588848] r5:c228a414 r4:00000000\n[ 14.588851] suspend_devices_and_enter from pm_suspend+0x228/0x2bc\n[ 14.588868] r10:c3502910 r9:c3501f40 r8:00000004 r7:c228a438 r6:c0f95e18 r5:00000000\n[ 14.588871] r4:00000003\n[ 14.588874] pm_suspend from state_store+0x74/0xd0\n[ 14.588889] r7:c228a438 r6:c0f934c8 r5:00000003 r4:00000003\n[ 14.588892] state_store from kobj_attr_store+0x1c/0x28\n[ 14.588913] r9:00000000 r8:00000000 r7:f09f9f08 r6:00000004 r5:c3502900 r4:c0283250\n[ 14.588916] kobj_attr_store from sysfs_kf_write+0x40/0x4c\n[ 14.588936] r5:c3502900 r4:c0d92a48\n[ 14.588939] sysfs_kf_write from kernfs_fop_write_iter+0x104/0x1f0\n[ 14.588956] r5:c3502900 r4:c3501f40\n[ 14.588960] kernfs_fop_write_iter from vfs_write+0x250/0x420\n[ 14.588980] r10:c0e14b48 r9:00000000 r8:c25f5780 r7:00443398 r6:f09f9f68 r5:c34f7f00\n[ 14.588983] r4:c042a88c\n[ 14.588987] vfs_write from ksys_write+0x74/0xe4\n[ 14.589005] r10:00000004 r9:c25f5780 r8:c02002fA0 r7:00000000 r6:00000000 r5:c34f7f00\n[ 14.589008] r4:c34f7f00\n[ 14.589011] ksys_write from sys_write+0x10/0x14\n[ 14.589029] r7:00000004 r6:004421c0 r5:00443398 r4:00000004\n[ 14.589032] sys_write from ret_fast_syscall+0x0/0x5c\n[ 14.589044] Exception stack(0xf09f9fa8 to 0xf09f9ff0)\n[ 14.589050] 9fa0: 00000004 00443398 00000004 00443398 00000004 00000001\n[ 14.589056] 9fc0: 00000004 00443398 004421c0 00000004 b6ecbd58 00000008 bebfbc38 0043eb78\n[ 14.589062] 9fe0: 00440eb0 bebfbaf8 b6de18a0 b6e579e8\n[ 14.589065] ---[ end trace 0000000000000000 ]---\n\nThe fix uses the higher level nand_reset(chip, chipnr); where chipnr = 0, when\ndoing PM resume operation in compliance with the controller support for single\ndie nand chip. Switching from nand_reset_op() to nan\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37840",
"url": "https://www.suse.com/security/cve/CVE-2025-37840"
},
{
"category": "external",
"summary": "SUSE Bug 1242953 for CVE-2025-37840",
"url": "https://bugzilla.suse.com/1242953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37840"
},
{
"cve": "CVE-2025-37841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npm: cpupower: bench: Prevent NULL dereference on malloc failure\n\nIf malloc returns NULL due to low memory, \u0027config\u0027 pointer can be NULL.\nAdd a check to prevent NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37841",
"url": "https://www.suse.com/security/cve/CVE-2025-37841"
},
{
"category": "external",
"summary": "SUSE Bug 1242974 for CVE-2025-37841",
"url": "https://bugzilla.suse.com/1242974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37841"
},
{
"cve": "CVE-2025-37842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fsl-qspi: use devm function instead of driver remove\n\nDriver use devm APIs to manage clk/irq/resources and register the spi\ncontroller, but the legacy remove function will be called first during\ndevice detach and trigger kernel panic. Drop the remove function and use\ndevm_add_action_or_reset() for driver cleanup to ensure the release\nsequence.\n\nTrigger kernel panic on i.MX8MQ by\necho 30bb0000.spi \u003e/sys/bus/platform/drivers/fsl-quadspi/unbind",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37842",
"url": "https://www.suse.com/security/cve/CVE-2025-37842"
},
{
"category": "external",
"summary": "SUSE Bug 1242951 for CVE-2025-37842",
"url": "https://bugzilla.suse.com/1242951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37842"
},
{
"cve": "CVE-2025-37849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Tear down vGIC on failed vCPU creation\n\nIf kvm_arch_vcpu_create() fails to share the vCPU page with the\nhypervisor, we propagate the error back to the ioctl but leave the\nvGIC vCPU data initialised. Note only does this leak the corresponding\nmemory when the vCPU is destroyed but it can also lead to use-after-free\nif the redistributor device handling tries to walk into the vCPU.\n\nAdd the missing cleanup to kvm_arch_vcpu_create(), ensuring that the\nvGIC vCPU structures are destroyed on error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37849",
"url": "https://www.suse.com/security/cve/CVE-2025-37849"
},
{
"category": "external",
"summary": "SUSE Bug 1243000 for CVE-2025-37849",
"url": "https://bugzilla.suse.com/1243000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37849"
},
{
"cve": "CVE-2025-37850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()\n\nWith CONFIG_COMPILE_TEST \u0026\u0026 !CONFIG_HAVE_CLK, pwm_mediatek_config() has a\ndivide-by-zero in the following line:\n\n\tdo_div(resolution, clk_get_rate(pc-\u003eclk_pwms[pwm-\u003ehwpwm]));\n\ndue to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate()\nreturns zero.\n\nThis is presumably just a theoretical problem: COMPILE_TEST overrides\nthe dependency on RALINK which would select COMMON_CLK. Regardless it\u0027s\na good idea to check for the error explicitly to avoid divide-by-zero.\n\nFixes the following warning:\n\n drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section\n\n[ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37850",
"url": "https://www.suse.com/security/cve/CVE-2025-37850"
},
{
"category": "external",
"summary": "SUSE Bug 1242955 for CVE-2025-37850",
"url": "https://bugzilla.suse.com/1242955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37850"
},
{
"cve": "CVE-2025-37851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: Add \u0027plane\u0027 value check\n\nFunction dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB\nof the enum parameter plane.\n\nThe value of this parameter is initialized in dss_init_overlays and in the\ncurrent state of the code it cannot take this value so it\u0027s not a real\nproblem.\n\nFor the purposes of defensive coding it wouldn\u0027t be superfluous to check\nthe parameter value, because some functions down the call stack process\nthis value correctly and some not.\n\nFor example, in dispc_ovl_setup_global_alpha it may lead to buffer\noverflow.\n\nAdd check for this value.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37851",
"url": "https://www.suse.com/security/cve/CVE-2025-37851"
},
{
"category": "external",
"summary": "SUSE Bug 1242977 for CVE-2025-37851",
"url": "https://bugzilla.suse.com/1242977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37851"
},
{
"cve": "CVE-2025-37852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create()\n\nAdd error handling to propagate amdgpu_cgs_create_device() failures\nto the caller. When amdgpu_cgs_create_device() fails, release hwmgr\nand return -ENOMEM to prevent null pointer dereference.\n\n[v1]-\u003e[v2]: Change error code from -EINVAL to -ENOMEM. Free hwmgr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37852",
"url": "https://www.suse.com/security/cve/CVE-2025-37852"
},
{
"category": "external",
"summary": "SUSE Bug 1243074 for CVE-2025-37852",
"url": "https://bugzilla.suse.com/1243074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37852"
},
{
"cve": "CVE-2025-37853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: debugfs hang_hws skip GPU with MES\n\ndebugfs hang_hws is used by GPU reset test with HWS, for MES this crash\nthe kernel with NULL pointer access because dqm-\u003epacket_mgr is not setup\nfor MES path.\n\nSkip GPU with MES for now, MES hang_hws debugfs interface will be\nsupported later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37853",
"url": "https://www.suse.com/security/cve/CVE-2025-37853"
},
{
"category": "external",
"summary": "SUSE Bug 1243076 for CVE-2025-37853",
"url": "https://bugzilla.suse.com/1243076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37853"
},
{
"cve": "CVE-2025-37854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix mode1 reset crash issue\n\nIf HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal\nuser space to abort the processes. After process abort exit, user queues\nstill use the GPU to access system memory before h/w is reset while KFD\ncleanup worker free system memory and free VRAM.\n\nThere is use-after-free race bug that KFD allocate and reuse the freed\nsystem memory, and user queue write to the same system memory to corrupt\nthe data structure and cause driver crash.\n\nTo fix this race, KFD cleanup worker terminate user queues, then flush\nreset_domain wq to wait for any GPU ongoing reset complete, and then\nfree outstanding BOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37854",
"url": "https://www.suse.com/security/cve/CVE-2025-37854"
},
{
"category": "external",
"summary": "SUSE Bug 1243082 for CVE-2025-37854",
"url": "https://bugzilla.suse.com/1243082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37854"
},
{
"cve": "CVE-2025-37858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Prevent integer overflow in AG size calculation\n\nThe JFS filesystem calculates allocation group (AG) size using 1 \u003c\u003c\nl2agsize in dbExtendFS(). When l2agsize exceeds 31 (possible with \u003e2TB\naggregates on 32-bit systems), this 32-bit shift operation causes undefined\nbehavior and improper AG sizing.\n\nOn 32-bit architectures:\n- Left-shifting 1 by 32+ bits results in 0 due to integer overflow\n- This creates invalid AG sizes (0 or garbage values) in\nsbi-\u003ebmap-\u003edb_agsize\n- Subsequent block allocations would reference invalid AG structures\n- Could lead to:\n - Filesystem corruption during extend operations\n - Kernel crashes due to invalid memory accesses\n - Security vulnerabilities via malformed on-disk structures\n\nFix by casting to s64 before shifting:\nbmp-\u003edb_agsize = (s64)1 \u003c\u003c l2agsize;\n\nThis ensures 64-bit arithmetic even on 32-bit architectures. The cast\nmatches the data type of db_agsize (s64) and follows similar patterns in\nJFS block calculation code.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37858",
"url": "https://www.suse.com/security/cve/CVE-2025-37858"
},
{
"category": "external",
"summary": "SUSE Bug 1243049 for CVE-2025-37858",
"url": "https://bugzilla.suse.com/1243049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37858"
},
{
"cve": "CVE-2025-37867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Silence oversized kvmalloc() warning\n\nsyzkaller triggered an oversized kvmalloc() warning.\nSilence it by adding __GFP_NOWARN.\n\nsyzkaller log:\n WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node_noprof+0x175/0x180\n CPU: 7 UID: 0 PID: 518 Comm: c_repro Not tainted 6.11.0-rc6+ #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__kvmalloc_node_noprof+0x175/0x180\n RSP: 0018:ffffc90001e67c10 EFLAGS: 00010246\n RAX: 0000000000000100 RBX: 0000000000000400 RCX: ffffffff8149d46b\n RDX: 0000000000000000 RSI: ffff8881030fae80 RDI: 0000000000000002\n RBP: 000000712c800000 R08: 0000000000000100 R09: 0000000000000000\n R10: ffffc90001e67c10 R11: 0030ae0601000000 R12: 0000000000000000\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000\n FS: 00007fde79159740(0000) GS:ffff88813bdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000180 CR3: 0000000105eb4005 CR4: 00000000003706b0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ib_umem_odp_get+0x1f6/0x390\n mlx5_ib_reg_user_mr+0x1e8/0x450\n ib_uverbs_reg_mr+0x28b/0x440\n ib_uverbs_write+0x7d3/0xa30\n vfs_write+0x1ac/0x6c0\n ksys_write+0x134/0x170\n ? __sanitizer_cov_trace_pc+0x1c/0x50\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37867",
"url": "https://www.suse.com/security/cve/CVE-2025-37867"
},
{
"category": "external",
"summary": "SUSE Bug 1242948 for CVE-2025-37867",
"url": "https://bugzilla.suse.com/1242948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37867"
},
{
"cve": "CVE-2025-37870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: prevent hang on link training fail\n\n[Why]\nWhen link training fails, the phy clock will be disabled. However, in\nenable_streams, it is assumed that link training succeeded and the\nmux selects the phy clock, causing a hang when a register write is made.\n\n[How]\nWhen enable_stream is hit, check if link training failed. If it did, fall\nback to the ref clock to avoid a hang and keep the system in a recoverable\nstate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37870",
"url": "https://www.suse.com/security/cve/CVE-2025-37870"
},
{
"category": "external",
"summary": "SUSE Bug 1243056 for CVE-2025-37870",
"url": "https://bugzilla.suse.com/1243056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37870"
},
{
"cve": "CVE-2025-37871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: decrease sc_count directly if fail to queue dl_recall\n\nA deadlock warning occurred when invoking nfs4_put_stid following a failed\ndl_recall queue operation:\n T1 T2\n nfs4_laundromat\n nfs4_get_client_reaplist\n nfs4_anylock_blockers\n__break_lease\n spin_lock // ctx-\u003eflc_lock\n spin_lock // clp-\u003ecl_lock\n nfs4_lockowner_has_blockers\n locks_owner_has_blockers\n spin_lock // flctx-\u003eflc_lock\n nfsd_break_deleg_cb\n nfsd_break_one_deleg\n nfs4_put_stid\n refcount_dec_and_lock\n spin_lock // clp-\u003ecl_lock\n\nWhen a file is opened, an nfs4_delegation is allocated with sc_count\ninitialized to 1, and the file_lease holds a reference to the delegation.\nThe file_lease is then associated with the file through kernel_setlease.\n\nThe disassociation is performed in nfsd4_delegreturn via the following\ncall chain:\nnfsd4_delegreturn --\u003e destroy_delegation --\u003e destroy_unhashed_deleg --\u003e\nnfs4_unlock_deleg_lease --\u003e kernel_setlease --\u003e generic_delete_lease\nThe corresponding sc_count reference will be released after this\ndisassociation.\n\nSince nfsd_break_one_deleg executes while holding the flc_lock, the\ndisassociation process becomes blocked when attempting to acquire flc_lock\nin generic_delete_lease. This means:\n1) sc_count in nfsd_break_one_deleg will not be decremented to 0;\n2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to\nacquire cl_lock;\n3) Consequently, no deadlock condition is created.\n\nGiven that sc_count in nfsd_break_one_deleg remains non-zero, we can\nsafely perform refcount_dec on sc_count directly. This approach\neffectively avoids triggering deadlock warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37871",
"url": "https://www.suse.com/security/cve/CVE-2025-37871"
},
{
"category": "external",
"summary": "SUSE Bug 1242949 for CVE-2025-37871",
"url": "https://bugzilla.suse.com/1242949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37871"
},
{
"cve": "CVE-2025-37873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix missing ring index trim on error path\n\nCommit under Fixes converted tx_prod to be free running but missed\nmasking it on the Tx error path. This crashes on error conditions,\nfor example when DMA mapping fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37873",
"url": "https://www.suse.com/security/cve/CVE-2025-37873"
},
{
"category": "external",
"summary": "SUSE Bug 1242961 for CVE-2025-37873",
"url": "https://bugzilla.suse.com/1242961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37873"
},
{
"cve": "CVE-2025-37875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix PTM cycle trigger logic\n\nWriting to clear the PTM status \u0027valid\u0027 bit while the PTM cycle is\ntriggered results in unreliable PTM operation. To fix this, clear the\nPTM \u0027trigger\u0027 and status after each PTM transaction.\n\nThe issue can be reproduced with the following:\n\n$ sudo phc2sys -R 1000 -O 0 -i tsn0 -m\n\nNote: 1000 Hz (-R 1000) is unrealistically large, but provides a way to\nquickly reproduce the issue.\n\nPHC2SYS exits with:\n\n\"ioctl PTP_OFFSET_PRECISE: Connection timed out\" when the PTM transaction\n fails\n\nThis patch also fixes a hang in igc_probe() when loading the igc\ndriver in the kdump kernel on systems supporting PTM.\n\nThe igc driver running in the base kernel enables PTM trigger in\nigc_probe(). Therefore the driver is always in PTM trigger mode,\nexcept in brief periods when manually triggering a PTM cycle.\n\nWhen a crash occurs, the NIC is reset while PTM trigger is enabled.\nDue to a hardware problem, the NIC is subsequently in a bad busmaster\nstate and doesn\u0027t handle register reads/writes. When running\nigc_probe() in the kdump kernel, the first register access to a NIC\nregister hangs driver probing and ultimately breaks kdump.\n\nWith this patch, igc has PTM trigger disabled most of the time,\nand the trigger is only enabled for very brief (10 - 100 us) periods\nwhen manually triggering a PTM cycle. Chances that a crash occurs\nduring a PTM trigger are not 0, but extremely reduced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37875",
"url": "https://www.suse.com/security/cve/CVE-2025-37875"
},
{
"category": "external",
"summary": "SUSE Bug 1242959 for CVE-2025-37875",
"url": "https://bugzilla.suse.com/1242959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37875"
},
{
"cve": "CVE-2025-37879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37879"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/net: fix improper handling of bogus negative read/write replies\n\nIn p9_client_write() and p9_client_read_once(), if the server\nincorrectly replies with success but a negative write/read count then we\nwould consider written (negative) \u003c= rsize (positive) because both\nvariables were signed.\n\nMake variables unsigned to avoid this problem.\n\nThe reproducer linked below now fails with the following error instead\nof a null pointer deref:\n9pnet: bogus RWRITE count (4294967295 \u003e 3)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37879",
"url": "https://www.suse.com/security/cve/CVE-2025-37879"
},
{
"category": "external",
"summary": "SUSE Bug 1243077 for CVE-2025-37879",
"url": "https://bugzilla.suse.com/1243077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37879"
},
{
"cve": "CVE-2025-37881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()\n\nThe variable d-\u003ename, returned by devm_kasprintf(), could be NULL.\nA pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37881",
"url": "https://www.suse.com/security/cve/CVE-2025-37881"
},
{
"category": "external",
"summary": "SUSE Bug 1242973 for CVE-2025-37881",
"url": "https://bugzilla.suse.com/1242973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37881"
},
{
"cve": "CVE-2025-37886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: make wait_context part of q_info\n\nMake the wait_context a full part of the q_info struct rather\nthan a stack variable that goes away after pdsc_adminq_post()\nis done so that the context is still available after the wait\nloop has given up.\n\nThere was a case where a slow development firmware caused\nthe adminq request to time out, but then later the FW finally\nfinished the request and sent the interrupt. The handler tried\nto complete_all() the completion context that had been created\non the stack in pdsc_adminq_post() but no longer existed.\nThis caused bad pointer usage, kernel crashes, and much wailing\nand gnashing of teeth.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37886",
"url": "https://www.suse.com/security/cve/CVE-2025-37886"
},
{
"category": "external",
"summary": "SUSE Bug 1242944 for CVE-2025-37886",
"url": "https://bugzilla.suse.com/1242944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37886"
},
{
"cve": "CVE-2025-37887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result\n\nIf the FW doesn\u0027t support the PDS_CORE_CMD_FW_CONTROL command\nthe driver might at the least print garbage and at the worst\ncrash when the user runs the \"devlink dev info\" devlink command.\n\nThis happens because the stack variable fw_list is not 0\ninitialized which results in fw_list.num_fw_slots being a\ngarbage value from the stack. Then the driver tries to access\nfw_list.fw_names[i] with i \u003e= ARRAY_SIZE and runs off the end\nof the array.\n\nFix this by initializing the fw_list and by not failing\ncompletely if the devcmd fails because other useful information\nis printed via devlink dev info even if the devcmd fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37887",
"url": "https://www.suse.com/security/cve/CVE-2025-37887"
},
{
"category": "external",
"summary": "SUSE Bug 1242962 for CVE-2025-37887",
"url": "https://bugzilla.suse.com/1242962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37887"
},
{
"cve": "CVE-2025-37889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Consistently treat platform_max as control value\n\nThis reverts commit 9bdd10d57a88 (\"ASoC: ops: Shift tested values in\nsnd_soc_put_volsw() by +min\"), and makes some additional related\nupdates.\n\nThere are two ways the platform_max could be interpreted; the maximum\nregister value, or the maximum value the control can be set to. The\npatch moved from treating the value as a control value to a register\none. When the patch was applied it was technically correct as\nsnd_soc_limit_volume() also used the register interpretation. However,\neven then most of the other usages treated platform_max as a\ncontrol value, and snd_soc_limit_volume() has since been updated to\nalso do so in commit fb9ad24485087 (\"ASoC: ops: add correct range\ncheck for limiting volume\"). That patch however, missed updating\nsnd_soc_put_volsw() back to the control interpretation, and fixing\nsnd_soc_info_volsw_range(). The control interpretation makes more\nsense as limiting is typically done from the machine driver, so it is\nappropriate to use the customer facing representation rather than the\ninternal codec representation. Update all the code to consistently use\nthis interpretation of platform_max.\n\nFinally, also add some comments to the soc_mixer_control struct to\nhopefully avoid further patches switching between the two approaches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37889",
"url": "https://www.suse.com/security/cve/CVE-2025-37889"
},
{
"category": "external",
"summary": "SUSE Bug 1242945 for CVE-2025-37889",
"url": "https://bugzilla.suse.com/1242945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37889"
},
{
"cve": "CVE-2025-37890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], we have a UAF case when an hfsc class\nhas a netem child qdisc. The crux of the issue is that hfsc is assuming\nthat checking for cl-\u003eqdisc-\u003eq.qlen == 0 guarantees that it hasn\u0027t inserted\nthe class in the vttree or eltree (which is not true for the netem\nduplicate case).\n\nThis patch checks the n_active class variable to make sure that the code\nwon\u0027t insert the class in the vttree or eltree twice, catering for the\nreentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37890",
"url": "https://www.suse.com/security/cve/CVE-2025-37890"
},
{
"category": "external",
"summary": "SUSE Bug 1243330 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "external",
"summary": "SUSE Bug 1245791 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1245791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "important"
}
],
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-37891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ump: Fix buffer overflow at UMP SysEx message conversion\n\nThe conversion function from MIDI 1.0 to UMP packet contains an\ninternal buffer to keep the incoming MIDI bytes, and its size is 4, as\nit was supposed to be the max size for a MIDI1 UMP packet data.\nHowever, the implementation overlooked that SysEx is handled in a\ndifferent format, and it can be up to 6 bytes, as found in\ndo_convert_to_ump(). It leads eventually to a buffer overflow, and\nmay corrupt the memory when a longer SysEx message is received.\n\nThe fix is simply to extend the buffer size to 6 to fit with the SysEx\nUMP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37891",
"url": "https://www.suse.com/security/cve/CVE-2025-37891"
},
{
"category": "external",
"summary": "SUSE Bug 1243589 for CVE-2025-37891",
"url": "https://bugzilla.suse.com/1243589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37891"
},
{
"cve": "CVE-2025-37892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: inftlcore: Add error check for inftl_read_oob()\n\nIn INFTL_findwriteunit(), the return value of inftl_read_oob()\nneed to be checked. A proper implementation can be\nfound in INFTL_deleteblock(). The status will be set as\nSECTOR_IGNORE to break from the while-loop correctly\nif the inftl_read_oob() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37892",
"url": "https://www.suse.com/security/cve/CVE-2025-37892"
},
{
"category": "external",
"summary": "SUSE Bug 1243536 for CVE-2025-37892",
"url": "https://bugzilla.suse.com/1243536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37892"
},
{
"cve": "CVE-2025-37897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37897"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: plfxlc: Remove erroneous assert in plfxlc_mac_release\n\nplfxlc_mac_release() asserts that mac-\u003elock is held. This assertion is\nincorrect, because even if it was possible, it would not be the valid\nbehaviour. The function is used when probe fails or after the device is\ndisconnected. In both cases mac-\u003elock can not be held as the driver is\nnot working with the device at the moment. All functions that use mac-\u003elock\nunlock it just after it was held. There is also no need to hold mac-\u003elock\nfor plfxlc_mac_release() itself, as mac data is not affected, except for\nmac-\u003eflags, which is modified atomically.\n\nThis bug leads to the following warning:\n================================================================\nWARNING: CPU: 0 PID: 127 at drivers/net/wireless/purelifi/plfxlc/mac.c:106 plfxlc_mac_release+0x7d/0xa0\nModules linked in:\nCPU: 0 PID: 127 Comm: kworker/0:2 Not tainted 6.1.124-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:plfxlc_mac_release+0x7d/0xa0 drivers/net/wireless/purelifi/plfxlc/mac.c:106\nCall Trace:\n \u003cTASK\u003e\n probe+0x941/0xbd0 drivers/net/wireless/purelifi/plfxlc/usb.c:694\n usb_probe_interface+0x5c0/0xaf0 drivers/usb/core/driver.c:396\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_set_configuration+0x19dd/0x2020 drivers/usb/core/message.c:2165\n usb_generic_driver_probe+0x84/0x140 drivers/usb/core/generic.c:238\n usb_probe_device+0x130/0x260 drivers/usb/core/driver.c:293\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_new_device+0xbdd/0x18f0 drivers/usb/core/hub.c:2620\n hub_port_connect drivers/usb/core/hub.c:5477 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5617 [inline]\n port_event drivers/usb/core/hub.c:5773 [inline]\n hub_event+0x2efe/0x5730 drivers/usb/core/hub.c:5855\n process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292\n worker_thread+0xa47/0x1200 kernel/workqueue.c:2439\n kthread+0x28d/0x320 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n \u003c/TASK\u003e\n================================================================\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37897",
"url": "https://www.suse.com/security/cve/CVE-2025-37897"
},
{
"category": "external",
"summary": "SUSE Bug 1243534 for CVE-2025-37897",
"url": "https://bugzilla.suse.com/1243534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "low"
}
],
"title": "CVE-2025-37897"
},
{
"cve": "CVE-2025-37900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix two issues in iommu_copy_struct_from_user()\n\nIn the review for iommu_copy_struct_to_user() helper, Matt pointed out that\na NULL pointer should be rejected prior to dereferencing it:\nhttps://lore.kernel.org/all/86881827-8E2D-461C-BDA3-FA8FD14C343C@nvidia.com\n\nAnd Alok pointed out a typo at the same time:\nhttps://lore.kernel.org/all/480536af-6830-43ce-a327-adbd13dc3f1d@oracle.com\n\nSince both issues were copied from iommu_copy_struct_from_user(), fix them\nfirst in the current header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37900",
"url": "https://www.suse.com/security/cve/CVE-2025-37900"
},
{
"category": "external",
"summary": "SUSE Bug 1243560 for CVE-2025-37900",
"url": "https://bugzilla.suse.com/1243560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37900"
},
{
"cve": "CVE-2025-37901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs\n\nOn Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not\nhave a corresponding MPM pin and should not be handled inside the MPM\ndriver. The IRQ domain hierarchy is always applied, so it\u0027s required to\nexplicitly disconnect the hierarchy for those. The pinctrl-msm driver marks\nthese with GPIO_NO_WAKE_IRQ. qcom-pdc has a check for this, but\nirq-qcom-mpm is currently missing the check. This is causing crashes when\nsetting up interrupts for non-wake GPIOs:\n\n root@rb1:~# gpiomon -c gpiochip1 10\n irq: IRQ159: trimming hierarchy from :soc@0:interrupt-controller@f200000-1\n Unable to handle kernel paging request at virtual address ffff8000a1dc3820\n Hardware name: Qualcomm Technologies, Inc. Robotics RB1 (DT)\n pc : mpm_set_type+0x80/0xcc\n lr : mpm_set_type+0x5c/0xcc\n Call trace:\n mpm_set_type+0x80/0xcc (P)\n qcom_mpm_set_type+0x64/0x158\n irq_chip_set_type_parent+0x20/0x38\n msm_gpio_irq_set_type+0x50/0x530\n __irq_set_trigger+0x60/0x184\n __setup_irq+0x304/0x6bc\n request_threaded_irq+0xc8/0x19c\n edge_detector_setup+0x260/0x364\n linereq_create+0x420/0x5a8\n gpio_ioctl+0x2d4/0x6c0\n\nFix this by copying the check for GPIO_NO_WAKE_IRQ from qcom-pdc.c, so that\nMPM is removed entirely from the hierarchy for non-wake GPIOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37901",
"url": "https://www.suse.com/security/cve/CVE-2025-37901"
},
{
"category": "external",
"summary": "SUSE Bug 1243559 for CVE-2025-37901",
"url": "https://bugzilla.suse.com/1243559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37901"
},
{
"cve": "CVE-2025-37903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free in hdcp\n\nThe HDCP code in amdgpu_dm_hdcp.c copies pointers to amdgpu_dm_connector\nobjects without incrementing the kref reference counts. When using a\nUSB-C dock, and the dock is unplugged, the corresponding\namdgpu_dm_connector objects are freed, creating dangling pointers in the\nHDCP code. When the dock is plugged back, the dangling pointers are\ndereferenced, resulting in a slab-use-after-free:\n\n[ 66.775837] BUG: KASAN: slab-use-after-free in event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776171] Read of size 4 at addr ffff888127804120 by task kworker/0:1/10\n\n[ 66.776179] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.14.0-rc7-00180-g54505f727a38-dirty #233\n[ 66.776183] Hardware name: HP HP Pavilion Aero Laptop 13-be0xxx/8916, BIOS F.17 12/18/2024\n[ 66.776186] Workqueue: events event_property_validate [amdgpu]\n[ 66.776494] Call Trace:\n[ 66.776496] \u003cTASK\u003e\n[ 66.776497] dump_stack_lvl+0x70/0xa0\n[ 66.776504] print_report+0x175/0x555\n[ 66.776507] ? __virt_addr_valid+0x243/0x450\n[ 66.776510] ? kasan_complete_mode_report_info+0x66/0x1c0\n[ 66.776515] kasan_report+0xeb/0x1c0\n[ 66.776518] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776819] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777121] __asan_report_load4_noabort+0x14/0x20\n[ 66.777124] event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777342] ? __lock_acquire+0x6b40/0x6b40\n[ 66.777347] ? enable_assr+0x250/0x250 [amdgpu]\n[ 66.777571] process_one_work+0x86b/0x1510\n[ 66.777575] ? pwq_dec_nr_in_flight+0xcf0/0xcf0\n[ 66.777578] ? assign_work+0x16b/0x280\n[ 66.777580] ? lock_is_held_type+0xa3/0x130\n[ 66.777583] worker_thread+0x5c0/0xfa0\n[ 66.777587] ? process_one_work+0x1510/0x1510\n[ 66.777588] kthread+0x3a2/0x840\n[ 66.777591] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777594] ? trace_hardirqs_on+0x4f/0x60\n[ 66.777597] ? _raw_spin_unlock_irq+0x27/0x60\n[ 66.777599] ? calculate_sigpending+0x77/0xa0\n[ 66.777602] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777605] ret_from_fork+0x40/0x90\n[ 66.777607] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777609] ret_from_fork_asm+0x11/0x20\n[ 66.777614] \u003c/TASK\u003e\n\n[ 66.777643] Allocated by task 10:\n[ 66.777646] kasan_save_stack+0x39/0x60\n[ 66.777649] kasan_save_track+0x14/0x40\n[ 66.777652] kasan_save_alloc_info+0x37/0x50\n[ 66.777655] __kasan_kmalloc+0xbb/0xc0\n[ 66.777658] __kmalloc_cache_noprof+0x1c8/0x4b0\n[ 66.777661] dm_dp_add_mst_connector+0xdd/0x5c0 [amdgpu]\n[ 66.777880] drm_dp_mst_port_add_connector+0x47e/0x770 [drm_display_helper]\n[ 66.777892] drm_dp_send_link_address+0x1554/0x2bf0 [drm_display_helper]\n[ 66.777901] drm_dp_check_and_send_link_address+0x187/0x1f0 [drm_display_helper]\n[ 66.777909] drm_dp_mst_link_probe_work+0x2b8/0x410 [drm_display_helper]\n[ 66.777917] process_one_work+0x86b/0x1510\n[ 66.777919] worker_thread+0x5c0/0xfa0\n[ 66.777922] kthread+0x3a2/0x840\n[ 66.777925] ret_from_fork+0x40/0x90\n[ 66.777927] ret_from_fork_asm+0x11/0x20\n\n[ 66.777932] Freed by task 1713:\n[ 66.777935] kasan_save_stack+0x39/0x60\n[ 66.777938] kasan_save_track+0x14/0x40\n[ 66.777940] kasan_save_free_info+0x3b/0x60\n[ 66.777944] __kasan_slab_free+0x52/0x70\n[ 66.777946] kfree+0x13f/0x4b0\n[ 66.777949] dm_dp_mst_connector_destroy+0xfa/0x150 [amdgpu]\n[ 66.778179] drm_connector_free+0x7d/0xb0\n[ 66.778184] drm_mode_object_put.part.0+0xee/0x160\n[ 66.778188] drm_mode_object_put+0x37/0x50\n[ 66.778191] drm_atomic_state_default_clear+0x220/0xd60\n[ 66.778194] __drm_atomic_state_free+0x16e/0x2a0\n[ 66.778197] drm_mode_atomic_ioctl+0x15ed/0x2ba0\n[ 66.778200] drm_ioctl_kernel+0x17a/0x310\n[ 66.778203] drm_ioctl+0x584/0xd10\n[ 66.778206] amdgpu_drm_ioctl+0xd2/0x1c0 [amdgpu]\n[ 66.778375] __x64_sys_ioctl+0x139/0x1a0\n[ 66.778378] x64_sys_call+0xee7/0xfb0\n[ 66.778381] \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37903",
"url": "https://www.suse.com/security/cve/CVE-2025-37903"
},
{
"category": "external",
"summary": "SUSE Bug 1243562 for CVE-2025-37903",
"url": "https://bugzilla.suse.com/1243562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37903"
},
{
"cve": "CVE-2025-37905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Balance device refcount when destroying devices\n\nUsing device_find_child() to lookup the proper SCMI device to destroy\ncauses an unbalance in device refcount, since device_find_child() calls an\nimplicit get_device(): this, in turns, inhibits the call of the provided\nrelease methods upon devices destruction.\n\nAs a consequence, one of the structures that is not freed properly upon\ndestruction is the internal struct device_private dev-\u003ep populated by the\ndrivers subsystem core.\n\nKMemleak detects this situation since loading/unloding some SCMI driver\ncauses related devices to be created/destroyed without calling any\ndevice_release method.\n\nunreferenced object 0xffff00000f583800 (size 512):\n comm \"insmod\", pid 227, jiffies 4294912190\n hex dump (first 32 bytes):\n 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........\n ff ff ff ff ff ff ff ff 60 36 1d 8a 00 80 ff ff ........`6......\n backtrace (crc 114e2eed):\n kmemleak_alloc+0xbc/0xd8\n __kmalloc_cache_noprof+0x2dc/0x398\n device_add+0x954/0x12d0\n device_register+0x28/0x40\n __scmi_device_create.part.0+0x1bc/0x380\n scmi_device_create+0x2d0/0x390\n scmi_create_protocol_devices+0x74/0xf8\n scmi_device_request_notifier+0x1f8/0x2a8\n notifier_call_chain+0x110/0x3b0\n blocking_notifier_call_chain+0x70/0xb0\n scmi_driver_register+0x350/0x7f0\n 0xffff80000a3b3038\n do_one_initcall+0x12c/0x730\n do_init_module+0x1dc/0x640\n load_module+0x4b20/0x5b70\n init_module_from_file+0xec/0x158\n\n$ ./scripts/faddr2line ./vmlinux device_add+0x954/0x12d0\ndevice_add+0x954/0x12d0:\nkmalloc_noprof at include/linux/slab.h:901\n(inlined by) kzalloc_noprof at include/linux/slab.h:1037\n(inlined by) device_private_init at drivers/base/core.c:3510\n(inlined by) device_add at drivers/base/core.c:3561\n\nBalance device refcount by issuing a put_device() on devices found via\ndevice_find_child().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37905",
"url": "https://www.suse.com/security/cve/CVE-2025-37905"
},
{
"category": "external",
"summary": "SUSE Bug 1243456 for CVE-2025-37905",
"url": "https://bugzilla.suse.com/1243456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37905"
},
{
"cve": "CVE-2025-37911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix out-of-bound memcpy() during ethtool -w\n\nWhen retrieving the FW coredump using ethtool, it can sometimes cause\nmemory corruption:\n\nBUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nCorrupted memory at 0x000000008f0f30e8 [ ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ] (in kfence-#45):\n__bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nethtool_get_dump_data+0xdc/0x1a0\n__dev_ethtool+0xa1e/0x1af0\ndev_ethtool+0xa8/0x170\ndev_ioctl+0x1b5/0x580\nsock_do_ioctl+0xab/0xf0\nsock_ioctl+0x1ce/0x2e0\n__x64_sys_ioctl+0x87/0xc0\ndo_syscall_64+0x5c/0xf0\nentry_SYSCALL_64_after_hwframe+0x78/0x80\n\n...\n\nThis happens when copying the coredump segment list in\nbnxt_hwrm_dbg_dma_data() with the HWRM_DBG_COREDUMP_LIST FW command.\nThe info-\u003edest_buf buffer is allocated based on the number of coredump\nsegments returned by the FW. The segment list is then DMA\u0027ed by\nthe FW and the length of the DMA is returned by FW. The driver then\ncopies this DMA\u0027ed segment list to info-\u003edest_buf.\n\nIn some cases, this DMA length may exceed the info-\u003edest_buf length\nand cause the above BUG condition. Fix it by capping the copy\nlength to not exceed the length of info-\u003edest_buf. The extra\nDMA data contains no useful information.\n\nThis code path is shared for the HWRM_DBG_COREDUMP_LIST and the\nHWRM_DBG_COREDUMP_RETRIEVE FW commands. The buffering is different\nfor these 2 FW commands. To simplify the logic, we need to move\nthe line to adjust the buffer length for HWRM_DBG_COREDUMP_RETRIEVE\nup, so that the new check to cap the copy length will work for both\ncommands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37911",
"url": "https://www.suse.com/security/cve/CVE-2025-37911"
},
{
"category": "external",
"summary": "SUSE Bug 1243469 for CVE-2025-37911",
"url": "https://bugzilla.suse.com/1243469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37911"
},
{
"cve": "CVE-2025-37912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()\n\nAs mentioned in the commit baeb705fd6a7 (\"ice: always check VF VSI\npointer values\"), we need to perform a null pointer check on the return\nvalue of ice_get_vf_vsi() before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37912",
"url": "https://www.suse.com/security/cve/CVE-2025-37912"
},
{
"category": "external",
"summary": "SUSE Bug 1243470 for CVE-2025-37912",
"url": "https://bugzilla.suse.com/1243470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37912"
},
{
"cve": "CVE-2025-37913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: qfq: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of qfq, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nThis patch checks whether the class was already added to the agg-\u003eactive\nlist (cl_is_active) before doing the addition to cater for the reentrant\ncase.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37913",
"url": "https://www.suse.com/security/cve/CVE-2025-37913"
},
{
"category": "external",
"summary": "SUSE Bug 1243471 for CVE-2025-37913",
"url": "https://bugzilla.suse.com/1243471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37913"
},
{
"cve": "CVE-2025-37914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: ets: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of ets, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether\nthe class was already added to the active_list (cl_is_active) before\ndoing the addition to cater for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37914",
"url": "https://www.suse.com/security/cve/CVE-2025-37914"
},
{
"category": "external",
"summary": "SUSE Bug 1243472 for CVE-2025-37914",
"url": "https://bugzilla.suse.com/1243472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37914"
},
{
"cve": "CVE-2025-37915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: drr: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of drr, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether the\nclass was already added to the active_list (cl_is_active) before adding\nto the list to cover for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37915",
"url": "https://www.suse.com/security/cve/CVE-2025-37915"
},
{
"category": "external",
"summary": "SUSE Bug 1243473 for CVE-2025-37915",
"url": "https://bugzilla.suse.com/1243473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37915"
},
{
"cve": "CVE-2025-37918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: avoid NULL pointer dereference in skb_dequeue()\n\nA NULL pointer dereference can occur in skb_dequeue() when processing a\nQCA firmware crash dump on WCN7851 (0489:e0f3).\n\n[ 93.672166] Bluetooth: hci0: ACL memdump size(589824)\n\n[ 93.672475] BUG: kernel NULL pointer dereference, address: 0000000000000008\n[ 93.672517] Workqueue: hci0 hci_devcd_rx [bluetooth]\n[ 93.672598] RIP: 0010:skb_dequeue+0x50/0x80\n\nThe issue stems from handle_dump_pkt_qca() returning 0 even when a dump\npacket is successfully processed. This is because it incorrectly\nforwards the return value of hci_devcd_init() (which returns 0 on\nsuccess). As a result, the caller (btusb_recv_acl_qca() or\nbtusb_recv_evt_qca()) assumes the packet was not handled and passes it\nto hci_recv_frame(), leading to premature kfree() of the skb.\n\nLater, hci_devcd_rx() attempts to dequeue the same skb from the dump\nqueue, resulting in a NULL pointer dereference.\n\nFix this by:\n1. Making handle_dump_pkt_qca() return 0 on success and negative errno\n on failure, consistent with kernel conventions.\n2. Splitting dump packet detection into separate functions for ACL\n and event packets for better structure and readability.\n\nThis ensures dump packets are properly identified and consumed, avoiding\ndouble handling and preventing NULL pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37918",
"url": "https://www.suse.com/security/cve/CVE-2025-37918"
},
{
"category": "external",
"summary": "SUSE Bug 1243476 for CVE-2025-37918",
"url": "https://bugzilla.suse.com/1243476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37918"
},
{
"cve": "CVE-2025-37925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: reject on-disk inodes of an unsupported type\n\nSyzbot has reported the following BUG:\n\nkernel BUG at fs/inode.c:668!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted 6.12.0-rc4-syzkaller-00085-g4e46774408d9 #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\nRIP: 0010:clear_inode+0x168/0x190\nCode: 4c 89 f7 e8 ba fe e5 ff e9 61 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 7c c1 4c 89 f7 e8 90 ff e5 ff eb b7\n 0b e8 01 5d 7f ff 90 0f 0b e8 f9 5c 7f ff 90 0f 0b e8 f1 5c 7f\nRSP: 0018:ffffc900027dfae8 EFLAGS: 00010093\nRAX: ffffffff82157a87 RBX: 0000000000000001 RCX: ffff888104d4b980\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\nRBP: ffffc900027dfc90 R08: ffffffff82157977 R09: fffff520004fbf38\nR10: dffffc0000000000 R11: fffff520004fbf38 R12: dffffc0000000000\nR13: ffff88811315bc00 R14: ffff88811315bda8 R15: ffff88811315bb80\nFS: 0000000000000000(0000) GS:ffff888135f00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005565222e0578 CR3: 0000000026ef0000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n ? __die_body+0x5f/0xb0\n ? die+0x9e/0xc0\n ? do_trap+0x15a/0x3a0\n ? clear_inode+0x168/0x190\n ? do_error_trap+0x1dc/0x2c0\n ? clear_inode+0x168/0x190\n ? __pfx_do_error_trap+0x10/0x10\n ? report_bug+0x3cd/0x500\n ? handle_invalid_op+0x34/0x40\n ? clear_inode+0x168/0x190\n ? exc_invalid_op+0x38/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? clear_inode+0x57/0x190\n ? clear_inode+0x167/0x190\n ? clear_inode+0x168/0x190\n ? clear_inode+0x167/0x190\n jfs_evict_inode+0xb5/0x440\n ? __pfx_jfs_evict_inode+0x10/0x10\n evict+0x4ea/0x9b0\n ? __pfx_evict+0x10/0x10\n ? iput+0x713/0xa50\n txUpdateMap+0x931/0xb10\n ? __pfx_txUpdateMap+0x10/0x10\n jfs_lazycommit+0x49a/0xb80\n ? _raw_spin_unlock_irqrestore+0x8f/0x140\n ? lockdep_hardirqs_on+0x99/0x150\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_default_wake_function+0x10/0x10\n ? __kthread_parkme+0x169/0x1d0\n ? __pfx_jfs_lazycommit+0x10/0x10\n kthread+0x2f2/0x390\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4d/0x80\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nThis happens when \u0027clear_inode()\u0027 makes an attempt to finalize an underlying\nJFS inode of unknown type. According to JFS layout description from\nhttps://jfs.sourceforge.net/project/pub/jfslayout.pdf, inode types from 5 to\n15 are reserved for future extensions and should not be encountered on a valid\nfilesystem. So add an extra check for valid inode type in \u0027copy_from_dinode()\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37925",
"url": "https://www.suse.com/security/cve/CVE-2025-37925"
},
{
"category": "external",
"summary": "SUSE Bug 1241654 for CVE-2025-37925",
"url": "https://bugzilla.suse.com/1241654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37925"
},
{
"cve": "CVE-2025-37928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-bufio: don\u0027t schedule in atomic context\n\nA BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and\ntry_verify_in_tasklet are enabled.\n[ 129.444685][ T934] BUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2421\n[ 129.444723][ T934] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 934, name: kworker/1:4\n[ 129.444740][ T934] preempt_count: 201, expected: 0\n[ 129.444756][ T934] RCU nest depth: 0, expected: 0\n[ 129.444781][ T934] Preemption disabled at:\n[ 129.444789][ T934] [\u003cffffffd816231900\u003e] shrink_work+0x21c/0x248\n[ 129.445167][ T934] kernel BUG at kernel/sched/walt/walt_debug.c:16!\n[ 129.445183][ T934] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ 129.445204][ T934] Skip md ftrace buffer dump for: 0x1609e0\n[ 129.447348][ T934] CPU: 1 PID: 934 Comm: kworker/1:4 Tainted: G W OE 6.6.56-android15-8-o-g6f82312b30b9-debug #1 1400000003000000474e5500b3187743670464e8\n[ 129.447362][ T934] Hardware name: Qualcomm Technologies, Inc. Parrot QRD, Alpha-M (DT)\n[ 129.447373][ T934] Workqueue: dm_bufio_cache shrink_work\n[ 129.447394][ T934] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 129.447406][ T934] pc : android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug]\n[ 129.447435][ T934] lr : __traceiter_android_rvh_schedule_bug+0x44/0x6c\n[ 129.447451][ T934] sp : ffffffc0843dbc90\n[ 129.447459][ T934] x29: ffffffc0843dbc90 x28: ffffffffffffffff x27: 0000000000000c8b\n[ 129.447479][ T934] x26: 0000000000000040 x25: ffffff804b3d6260 x24: ffffffd816232b68\n[ 129.447497][ T934] x23: ffffff805171c5b4 x22: 0000000000000000 x21: ffffffd816231900\n[ 129.447517][ T934] x20: ffffff80306ba898 x19: 0000000000000000 x18: ffffffc084159030\n[ 129.447535][ T934] x17: 00000000d2b5dd1f x16: 00000000d2b5dd1f x15: ffffffd816720358\n[ 129.447554][ T934] x14: 0000000000000004 x13: ffffff89ef978000 x12: 0000000000000003\n[ 129.447572][ T934] x11: ffffffd817a823c4 x10: 0000000000000202 x9 : 7e779c5735de9400\n[ 129.447591][ T934] x8 : ffffffd81560d004 x7 : 205b5d3938373434 x6 : ffffffd8167397c8\n[ 129.447610][ T934] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffffffc0843db9e0\n[ 129.447629][ T934] x2 : 0000000000002f15 x1 : 0000000000000000 x0 : 0000000000000000\n[ 129.447647][ T934] Call trace:\n[ 129.447655][ T934] android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug 1400000003000000474e550080cce8a8a78606b6]\n[ 129.447681][ T934] __might_resched+0x190/0x1a8\n[ 129.447694][ T934] shrink_work+0x180/0x248\n[ 129.447706][ T934] process_one_work+0x260/0x624\n[ 129.447718][ T934] worker_thread+0x28c/0x454\n[ 129.447729][ T934] kthread+0x118/0x158\n[ 129.447742][ T934] ret_from_fork+0x10/0x20\n[ 129.447761][ T934] Code: ???????? ???????? ???????? d2b5dd1f (d4210000)\n[ 129.447772][ T934] ---[ end trace 0000000000000000 ]---\n\ndm_bufio_lock will call spin_lock_bh when try_verify_in_tasklet\nis enabled, and __scan will be called in atomic context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37928",
"url": "https://www.suse.com/security/cve/CVE-2025-37928"
},
{
"category": "external",
"summary": "SUSE Bug 1243621 for CVE-2025-37928",
"url": "https://bugzilla.suse.com/1243621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37928"
},
{
"cve": "CVE-2025-37929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays\n\nCommit a5951389e58d (\"arm64: errata: Add newer ARM cores to the\nspectre_bhb_loop_affected() lists\") added some additional CPUs to the\nSpectre-BHB workaround, including some new arrays for designs that\nrequire new \u0027k\u0027 values for the workaround to be effective.\n\nUnfortunately, the new arrays omitted the sentinel entry and so\nis_midr_in_range_list() will walk off the end when it doesn\u0027t find a\nmatch. With UBSAN enabled, this leads to a crash during boot when\nis_midr_in_range_list() is inlined (which was more common prior to\nc8c2647e69be (\"arm64: Make _midr_in_range_list() an exported\nfunction\")):\n\n | Internal error: aarch64 BRK: 00000000f2000001 [#1] PREEMPT SMP\n | pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n | pc : spectre_bhb_loop_affected+0x28/0x30\n | lr : is_spectre_bhb_affected+0x170/0x190\n | [...]\n | Call trace:\n | spectre_bhb_loop_affected+0x28/0x30\n | update_cpu_capabilities+0xc0/0x184\n | init_cpu_features+0x188/0x1a4\n | cpuinfo_store_boot_cpu+0x4c/0x60\n | smp_prepare_boot_cpu+0x38/0x54\n | start_kernel+0x8c/0x478\n | __primary_switched+0xc8/0xd4\n | Code: 6b09011f 54000061 52801080 d65f03c0 (d4200020)\n | ---[ end trace 0000000000000000 ]---\n | Kernel panic - not syncing: aarch64 BRK: Fatal exception\n\nAdd the missing sentinel entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37929",
"url": "https://www.suse.com/security/cve/CVE-2025-37929"
},
{
"category": "external",
"summary": "SUSE Bug 1243624 for CVE-2025-37929",
"url": "https://bugzilla.suse.com/1243624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37929"
},
{
"cve": "CVE-2025-37930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()\n\nNouveau is mostly designed in a way that it\u0027s expected that fences only\never get signaled through nouveau_fence_signal(). However, in at least\none other place, nouveau_fence_done(), can signal fences, too. If that\nhappens (race) a signaled fence remains in the pending list for a while,\nuntil it gets removed by nouveau_fence_update().\n\nShould nouveau_fence_context_kill() run in the meantime, this would be\na bug because the function would attempt to set an error code on an\nalready signaled fence.\n\nHave nouveau_fence_context_kill() check for a fence being signaled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37930",
"url": "https://www.suse.com/security/cve/CVE-2025-37930"
},
{
"category": "external",
"summary": "SUSE Bug 1243625 for CVE-2025-37930",
"url": "https://bugzilla.suse.com/1243625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37930"
},
{
"cve": "CVE-2025-37931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: adjust subpage bit start based on sectorsize\n\nWhen running machines with 64k page size and a 16k nodesize we started\nseeing tree log corruption in production. This turned out to be because\nwe were not writing out dirty blocks sometimes, so this in fact affects\nall metadata writes.\n\nWhen writing out a subpage EB we scan the subpage bitmap for a dirty\nrange. If the range isn\u0027t dirty we do\n\n\tbit_start++;\n\nto move onto the next bit. The problem is the bitmap is based on the\nnumber of sectors that an EB has. So in this case, we have a 64k\npagesize, 16k nodesize, but a 4k sectorsize. This means our bitmap is 4\nbits for every node. With a 64k page size we end up with 4 nodes per\npage.\n\nTo make this easier this is how everything looks\n\n[0 16k 32k 48k ] logical address\n[0 4 8 12 ] radix tree offset\n[ 64k page ] folio\n[ 16k eb ][ 16k eb ][ 16k eb ][ 16k eb ] extent buffers\n[ | | | | | | | | | | | | | | | | ] bitmap\n\nNow we use all of our addressing based on fs_info-\u003esectorsize_bits, so\nas you can see the above our 16k eb-\u003estart turns into radix entry 4.\n\nWhen we find a dirty range for our eb, we correctly do bit_start +=\nsectors_per_node, because if we start at bit 0, the next bit for the\nnext eb is 4, to correspond to eb-\u003estart 16k.\n\nHowever if our range is clean, we will do bit_start++, which will now\nput us offset from our radix tree entries.\n\nIn our case, assume that the first time we check the bitmap the block is\nnot dirty, we increment bit_start so now it == 1, and then we loop\naround and check again. This time it is dirty, and we go to find that\nstart using the following equation\n\n\tstart = folio_start + bit_start * fs_info-\u003esectorsize;\n\nso in the case above, eb-\u003estart 0 is now dirty, and we calculate start\nas\n\n\t0 + 1 * fs_info-\u003esectorsize = 4096\n\t4096 \u003e\u003e 12 = 1\n\nNow we\u0027re looking up the radix tree for 1, and we won\u0027t find an eb.\nWhat\u0027s worse is now we\u0027re using bit_start == 1, so we do bit_start +=\nsectors_per_node, which is now 5. If that eb is dirty we will run into\nthe same thing, we will look at an offset that is not populated in the\nradix tree, and now we\u0027re skipping the writeout of dirty extent buffers.\n\nThe best fix for this is to not use sectorsize_bits to address nodes,\nbut that\u0027s a larger change. Since this is a fs corruption problem fix\nit simply by always using sectors_per_node to increment the start bit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37931",
"url": "https://www.suse.com/security/cve/CVE-2025-37931"
},
{
"category": "external",
"summary": "SUSE Bug 1243626 for CVE-2025-37931",
"url": "https://bugzilla.suse.com/1243626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37931"
},
{
"cve": "CVE-2025-37932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_qlen_notify() idempotent\n\nhtb_qlen_notify() always deactivates the HTB class and in fact could\ntrigger a warning if it is already deactivated. Therefore, it is not\nidempotent and not friendly to its callers, like fq_codel_dequeue().\n\nLet\u0027s make it idempotent to ease qdisc_tree_reduce_backlog() callers\u0027\nlife.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37932",
"url": "https://www.suse.com/security/cve/CVE-2025-37932"
},
{
"category": "external",
"summary": "SUSE Bug 1243627 for CVE-2025-37932",
"url": "https://bugzilla.suse.com/1243627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37932"
},
{
"cve": "CVE-2025-37937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds()\n\nIf dib8000_set_dds()\u0027s call to dib8000_read32() returns zero, the result\nis a divide-by-zero. Prevent that from happening.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/media/dvb-frontends/dib8000.o: warning: objtool: dib8000_tune() falls through to next function dib8096p_cfg_DibRx()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37937",
"url": "https://www.suse.com/security/cve/CVE-2025-37937"
},
{
"category": "external",
"summary": "SUSE Bug 1243540 for CVE-2025-37937",
"url": "https://bugzilla.suse.com/1243540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37937"
},
{
"cve": "CVE-2025-37943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi\n\nIn certain cases, hardware might provide packets with a\nlength greater than the maximum native Wi-Fi header length.\nThis can lead to accessing and modifying fields in the header\nwithin the ath12k_dp_rx_h_undecap_nwifi function for\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type and\npotentially resulting in invalid data access and memory corruption.\n\nAdd a sanity check before processing the SKB to prevent invalid\ndata access in the undecap native Wi-Fi function for the\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37943",
"url": "https://www.suse.com/security/cve/CVE-2025-37943"
},
{
"category": "external",
"summary": "SUSE Bug 1243509 for CVE-2025-37943",
"url": "https://bugzilla.suse.com/1243509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37943"
},
{
"cve": "CVE-2025-37944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process\n\nCurrently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry\nto fetch the next entry from the destination ring. This is incorrect because\nath12k_hal_srng_src_get_next_entry is intended for source rings, not destination\nrings. This leads to invalid entry fetches, causing potential data corruption or\ncrashes due to accessing incorrect memory locations. This happens because the\nsource ring and destination ring have different handling mechanisms and using\nthe wrong function results in incorrect pointer arithmetic and ring management.\n\nTo fix this issue, replace the call to ath12k_hal_srng_src_get_next_entry with\nath12k_hal_srng_dst_get_next_entry in ath12k_dp_mon_srng_process. This ensures\nthat the correct function is used for fetching entries from the destination\nring, preventing invalid memory accesses.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37944",
"url": "https://www.suse.com/security/cve/CVE-2025-37944"
},
{
"category": "external",
"summary": "SUSE Bug 1243530 for CVE-2025-37944",
"url": "https://bugzilla.suse.com/1243530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37944"
},
{
"cve": "CVE-2025-37948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Add BHB mitigation to the epilogue for cBPF programs\n\nA malicious BPF program may manipulate the branch history to influence\nwhat the hardware speculates will happen next.\n\nOn exit from a BPF program, emit the BHB mititgation sequence.\n\nThis is only applied for \u0027classic\u0027 cBPF programs that are loaded by\nseccomp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37948",
"url": "https://www.suse.com/security/cve/CVE-2025-37948"
},
{
"category": "external",
"summary": "SUSE Bug 1243649 for CVE-2025-37948",
"url": "https://bugzilla.suse.com/1243649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37948"
},
{
"cve": "CVE-2025-37949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxenbus: Use kref to track req lifetime\n\nMarek reported seeing a NULL pointer fault in the xenbus_thread\ncallstack:\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: e030:__wake_up_common+0x4c/0x180\nCall Trace:\n \u003cTASK\u003e\n __wake_up_common_lock+0x82/0xd0\n process_msg+0x18e/0x2f0\n xenbus_thread+0x165/0x1c0\n\nprocess_msg+0x18e is req-\u003ecb(req). req-\u003ecb is set to xs_wake_up(), a\nthin wrapper around wake_up(), or xenbus_dev_queue_reply(). It seems\nlike it was xs_wake_up() in this case.\n\nIt seems like req may have woken up the xs_wait_for_reply(), which\nkfree()ed the req. When xenbus_thread resumes, it faults on the zero-ed\ndata.\n\nLinux Device Drivers 2nd edition states:\n\"Normally, a wake_up call can cause an immediate reschedule to happen,\nmeaning that other processes might run before wake_up returns.\"\n... which would match the behaviour observed.\n\nChange to keeping two krefs on each request. One for the caller, and\none for xenbus_thread. Each will kref_put() when finished, and the last\nwill free it.\n\nThis use of kref matches the description in\nDocumentation/core-api/kref.rst",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37949",
"url": "https://www.suse.com/security/cve/CVE-2025-37949"
},
{
"category": "external",
"summary": "SUSE Bug 1243541 for CVE-2025-37949",
"url": "https://bugzilla.suse.com/1243541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37949"
},
{
"cve": "CVE-2025-37951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Add job to pending list if the reset was skipped\n\nWhen a CL/CSD job times out, we check if the GPU has made any progress\nsince the last timeout. If so, instead of resetting the hardware, we skip\nthe reset and let the timer get rearmed. This gives long-running jobs a\nchance to complete.\n\nHowever, when `timedout_job()` is called, the job in question is removed\nfrom the pending list, which means it won\u0027t be automatically freed through\n`free_job()`. Consequently, when we skip the reset and keep the job\nrunning, the job won\u0027t be freed when it finally completes.\n\nThis situation leads to a memory leak, as exposed in [1] and [2].\n\nSimilarly to commit 704d3d60fec4 (\"drm/etnaviv: don\u0027t block scheduler when\nGPU is still active\"), this patch ensures the job is put back on the\npending list when extending the timeout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37951",
"url": "https://www.suse.com/security/cve/CVE-2025-37951"
},
{
"category": "external",
"summary": "SUSE Bug 1243659 for CVE-2025-37951",
"url": "https://bugzilla.suse.com/1243659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37951"
},
{
"cve": "CVE-2025-37953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_deactivate() idempotent\n\nAlan reported a NULL pointer dereference in htb_next_rb_node()\nafter we made htb_qlen_notify() idempotent.\n\nIt turns out in the following case it introduced some regression:\n\nhtb_dequeue_tree():\n |-\u003e fq_codel_dequeue()\n |-\u003e qdisc_tree_reduce_backlog()\n |-\u003e htb_qlen_notify()\n |-\u003e htb_deactivate()\n |-\u003e htb_next_rb_node()\n |-\u003e htb_deactivate()\n\nFor htb_next_rb_node(), after calling the 1st htb_deactivate(), the\nclprio[prio]-\u003eptr could be already set to NULL, which means\nhtb_next_rb_node() is vulnerable here.\n\nFor htb_deactivate(), although we checked qlen before calling it, in\ncase of qlen==0 after qdisc_tree_reduce_backlog(), we may call it again\nwhich triggers the warning inside.\n\nTo fix the issues here, we need to:\n\n1) Make htb_deactivate() idempotent, that is, simply return if we\n already call it before.\n2) Make htb_next_rb_node() safe against ptr==NULL.\n\nMany thanks to Alan for testing and for the reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37953",
"url": "https://www.suse.com/security/cve/CVE-2025-37953"
},
{
"category": "external",
"summary": "SUSE Bug 1243543 for CVE-2025-37953",
"url": "https://bugzilla.suse.com/1243543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37953"
},
{
"cve": "CVE-2025-37954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Avoid race in open_cached_dir with lease breaks\n\nA pre-existing valid cfid returned from find_or_create_cached_dir might\nrace with a lease break, meaning open_cached_dir doesn\u0027t consider it\nvalid, and thinks it\u0027s newly-constructed. This leaks a dentry reference\nif the allocation occurs before the queued lease break work runs.\n\nAvoid the race by extending holding the cfid_list_lock across\nfind_or_create_cached_dir and when the result is checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37954",
"url": "https://www.suse.com/security/cve/CVE-2025-37954"
},
{
"category": "external",
"summary": "SUSE Bug 1243664 for CVE-2025-37954",
"url": "https://bugzilla.suse.com/1243664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37954"
},
{
"cve": "CVE-2025-37957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception\n\nPreviously, commit ed129ec9057f (\"KVM: x86: forcibly leave nested mode\non vCPU reset\") addressed an issue where a triple fault occurring in\nnested mode could lead to use-after-free scenarios. However, the commit\ndid not handle the analogous situation for System Management Mode (SMM).\n\nThis omission results in triggering a WARN when KVM forces a vCPU INIT\nafter SHUTDOWN interception while the vCPU is in SMM. This situation was\nreprodused using Syzkaller by:\n\n 1) Creating a KVM VM and vCPU\n 2) Sending a KVM_SMI ioctl to explicitly enter SMM\n 3) Executing invalid instructions causing consecutive exceptions and\n eventually a triple fault\n\nThe issue manifests as follows:\n\n WARNING: CPU: 0 PID: 25506 at arch/x86/kvm/x86.c:12112\n kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Modules linked in:\n CPU: 0 PID: 25506 Comm: syz-executor.0 Not tainted\n 6.1.130-syzkaller-00157-g164fe5dde9b6 #0\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),\n BIOS 1.12.0-1 04/01/2014\n RIP: 0010:kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Call Trace:\n \u003cTASK\u003e\n shutdown_interception+0x66/0xb0 arch/x86/kvm/svm/svm.c:2136\n svm_invoke_exit_handler+0x110/0x530 arch/x86/kvm/svm/svm.c:3395\n svm_handle_exit+0x424/0x920 arch/x86/kvm/svm/svm.c:3457\n vcpu_enter_guest arch/x86/kvm/x86.c:10959 [inline]\n vcpu_run+0x2c43/0x5a90 arch/x86/kvm/x86.c:11062\n kvm_arch_vcpu_ioctl_run+0x50f/0x1cf0 arch/x86/kvm/x86.c:11283\n kvm_vcpu_ioctl+0x570/0xf00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4122\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nArchitecturally, INIT is blocked when the CPU is in SMM, hence KVM\u0027s WARN()\nin kvm_vcpu_reset() to guard against KVM bugs, e.g. to detect improper\nemulation of INIT. SHUTDOWN on SVM is a weird edge case where KVM needs to\ndo _something_ sane with the VMCB, since it\u0027s technically undefined, and\nINIT is the least awful choice given KVM\u0027s ABI.\n\nSo, double down on stuffing INIT on SHUTDOWN, and force the vCPU out of\nSMM to avoid any weirdness (and the WARN).\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.\n\n[sean: massage changelog, make it clear this isn\u0027t architectural behavior]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37957",
"url": "https://www.suse.com/security/cve/CVE-2025-37957"
},
{
"category": "external",
"summary": "SUSE Bug 1243513 for CVE-2025-37957",
"url": "https://bugzilla.suse.com/1243513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37957"
},
{
"cve": "CVE-2025-37958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: fix dereferencing invalid pmd migration entry\n\nWhen migrating a THP, concurrent access to the PMD migration entry during\na deferred split scan can lead to an invalid address access, as\nillustrated below. To prevent this invalid access, it is necessary to\ncheck the PMD migration entry and return early. In this context, there is\nno need to use pmd_to_swp_entry and pfn_swap_entry_to_page to verify the\nequality of the target folio. Since the PMD migration entry is locked, it\ncannot be served as the target.\n\nMailing list discussion and explanation from Hugh Dickins: \"An anon_vma\nlookup points to a location which may contain the folio of interest, but\nmight instead contain another folio: and weeding out those other folios is\nprecisely what the \"folio != pmd_folio((*pmd)\" check (and the \"risk of\nreplacing the wrong folio\" comment a few lines above it) is for.\"\n\nBUG: unable to handle page fault for address: ffffea60001db008\nCPU: 0 UID: 0 PID: 2199114 Comm: tee Not tainted 6.14.0+ #4 NONE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:split_huge_pmd_locked+0x3b5/0x2b60\nCall Trace:\n\u003cTASK\u003e\ntry_to_migrate_one+0x28c/0x3730\nrmap_walk_anon+0x4f6/0x770\nunmap_folio+0x196/0x1f0\nsplit_huge_page_to_list_to_order+0x9f6/0x1560\ndeferred_split_scan+0xac5/0x12a0\nshrinker_debugfs_scan_write+0x376/0x470\nfull_proxy_write+0x15c/0x220\nvfs_write+0x2fc/0xcb0\nksys_write+0x146/0x250\ndo_syscall_64+0x6a/0x120\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe bug is found by syzkaller on an internal kernel, then confirmed on\nupstream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37958",
"url": "https://www.suse.com/security/cve/CVE-2025-37958"
},
{
"category": "external",
"summary": "SUSE Bug 1243539 for CVE-2025-37958",
"url": "https://bugzilla.suse.com/1243539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37958"
},
{
"cve": "CVE-2025-37959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Scrub packet on bpf_redirect_peer\n\nWhen bpf_redirect_peer is used to redirect packets to a device in\nanother network namespace, the skb isn\u0027t scrubbed. That can lead skb\ninformation from one namespace to be \"misused\" in another namespace.\n\nAs one example, this is causing Cilium to drop traffic when using\nbpf_redirect_peer to redirect packets that just went through IPsec\ndecryption to a container namespace. The following pwru trace shows (1)\nthe packet path from the host\u0027s XFRM layer to the container\u0027s XFRM\nlayer where it\u0027s dropped and (2) the number of active skb extensions at\neach function.\n\n NETNS MARK IFACE TUPLE FUNC\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm4_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 gro_cells_receive\n .active_extensions = (__u8)2,\n [...]\n 4026533547 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 skb_do_redirect\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv_core\n .active_extensions = (__u8)2,\n [...]\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 udp_queue_rcv_one_skb\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_policy_check\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 security_xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 kfree_skb_reason(SKB_DROP_REASON_XFRM_POLICY)\n .active_extensions = (__u8)2,\n\nIn this case, there are no XFRM policies in the container\u0027s network\nnamespace so the drop is unexpected. When we decrypt the IPsec packet,\nthe XFRM state used for decryption is set in the skb extensions. This\ninformation is preserved across the netns switch. When we reach the\nXFRM policy check in the container\u0027s netns, __xfrm_policy_check drops\nthe packet with LINUX_MIB_XFRMINNOPOLS because a (container-side) XFRM\npolicy can\u0027t be found that matches the (host-side) XFRM state used for\ndecryption.\n\nThis patch fixes this by scrubbing the packet when using\nbpf_redirect_peer, as is done on typical netns switches via veth\ndevices except skb-\u003emark and skb-\u003etstamp are not zeroed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37959",
"url": "https://www.suse.com/security/cve/CVE-2025-37959"
},
{
"category": "external",
"summary": "SUSE Bug 1243517 for CVE-2025-37959",
"url": "https://bugzilla.suse.com/1243517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37959"
},
{
"cve": "CVE-2025-37960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemblock: Accept allocated memory before use in memblock_double_array()\n\nWhen increasing the array size in memblock_double_array() and the slab\nis not yet available, a call to memblock_find_in_range() is used to\nreserve/allocate memory. However, the range returned may not have been\naccepted, which can result in a crash when booting an SNP guest:\n\n RIP: 0010:memcpy_orig+0x68/0x130\n Code: ...\n RSP: 0000:ffffffff9cc03ce8 EFLAGS: 00010006\n RAX: ff11001ff83e5000 RBX: 0000000000000000 RCX: fffffffffffff000\n RDX: 0000000000000bc0 RSI: ffffffff9dba8860 RDI: ff11001ff83e5c00\n RBP: 0000000000002000 R08: 0000000000000000 R09: 0000000000002000\n R10: 000000207fffe000 R11: 0000040000000000 R12: ffffffff9d06ef78\n R13: ff11001ff83e5000 R14: ffffffff9dba7c60 R15: 0000000000000c00\n memblock_double_array+0xff/0x310\n memblock_add_range+0x1fb/0x2f0\n memblock_reserve+0x4f/0xa0\n memblock_alloc_range_nid+0xac/0x130\n memblock_alloc_internal+0x53/0xc0\n memblock_alloc_try_nid+0x3d/0xa0\n swiotlb_init_remap+0x149/0x2f0\n mem_init+0xb/0xb0\n mm_core_init+0x8f/0x350\n start_kernel+0x17e/0x5d0\n x86_64_start_reservations+0x14/0x30\n x86_64_start_kernel+0x92/0xa0\n secondary_startup_64_no_verify+0x194/0x19b\n\nMitigate this by calling accept_memory() on the memory range returned\nbefore the slab is available.\n\nPrior to v6.12, the accept_memory() interface used a \u0027start\u0027 and \u0027end\u0027\nparameter instead of \u0027start\u0027 and \u0027size\u0027, therefore the accept_memory()\ncall must be adjusted to specify \u0027start + size\u0027 for \u0027end\u0027 when applying\nto kernels prior to v6.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37960",
"url": "https://www.suse.com/security/cve/CVE-2025-37960"
},
{
"category": "external",
"summary": "SUSE Bug 1243519 for CVE-2025-37960",
"url": "https://bugzilla.suse.com/1243519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37960"
},
{
"cve": "CVE-2025-37963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Only mitigate cBPF programs loaded by unprivileged users\n\nSupport for eBPF programs loaded by unprivileged users is typically\ndisabled. This means only cBPF programs need to be mitigated for BHB.\n\nIn addition, only mitigate cBPF programs that were loaded by an\nunprivileged user. Privileged users can also load the same program\nvia eBPF, making the mitigation pointless.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37963",
"url": "https://www.suse.com/security/cve/CVE-2025-37963"
},
{
"category": "external",
"summary": "SUSE Bug 1243660 for CVE-2025-37963",
"url": "https://bugzilla.suse.com/1243660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "low"
}
],
"title": "CVE-2025-37963"
},
{
"cve": "CVE-2025-37969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo\n\nPrevent st_lsm6dsx_read_tagged_fifo from falling in an infinite loop in\ncase pattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37969",
"url": "https://www.suse.com/security/cve/CVE-2025-37969"
},
{
"category": "external",
"summary": "SUSE Bug 1243574 for CVE-2025-37969",
"url": "https://bugzilla.suse.com/1243574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37969"
},
{
"cve": "CVE-2025-37970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo\n\nPrevent st_lsm6dsx_read_fifo from falling in an infinite loop in case\npattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37970",
"url": "https://www.suse.com/security/cve/CVE-2025-37970"
},
{
"category": "external",
"summary": "SUSE Bug 1243575 for CVE-2025-37970",
"url": "https://bugzilla.suse.com/1243575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37970"
},
{
"cve": "CVE-2025-37972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: mtk-pmic-keys - fix possible null pointer dereference\n\nIn mtk_pmic_keys_probe, the regs parameter is only set if the button is\nparsed in the device tree. However, on hardware where the button is left\nfloating, that node will most likely be removed not to enable that\ninput. In that case the code will try to dereference a null pointer.\n\nLet\u0027s use the regs struct instead as it is defined for all supported\nplatforms. Note that it is ok setting the key reg even if that latter is\ndisabled as the interrupt won\u0027t be enabled anyway.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37972",
"url": "https://www.suse.com/security/cve/CVE-2025-37972"
},
{
"category": "external",
"summary": "SUSE Bug 1243573 for CVE-2025-37972",
"url": "https://bugzilla.suse.com/1243573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37972"
},
{
"cve": "CVE-2025-37974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix missing check for zpci_create_device() error return\n\nThe zpci_create_device() function returns an error pointer that needs to\nbe checked before dereferencing it as a struct zpci_dev pointer. Add the\nmissing check in __clp_add() where it was missed when adding the\nscan_list in the fixed commit. Simply not adding the device to the scan\nlist results in the previous behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37974",
"url": "https://www.suse.com/security/cve/CVE-2025-37974"
},
{
"category": "external",
"summary": "SUSE Bug 1243547 for CVE-2025-37974",
"url": "https://bugzilla.suse.com/1243547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37974"
},
{
"cve": "CVE-2025-37978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: integrity: Do not call set_page_dirty_lock()\n\nPlacing multiple protection information buffers inside the same page\ncan lead to oopses because set_page_dirty_lock() can\u0027t be called from\ninterrupt context.\n\nSince a protection information buffer is not backed by a file there is\nno point in setting its page dirty, there is nothing to synchronize.\nDrop the call to set_page_dirty_lock() and remove the last argument to\nbio_integrity_unpin_bvec().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37978",
"url": "https://www.suse.com/security/cve/CVE-2025-37978"
},
{
"category": "external",
"summary": "SUSE Bug 1243516 for CVE-2025-37978",
"url": "https://bugzilla.suse.com/1243516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37978"
},
{
"cve": "CVE-2025-37979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: Fix sc7280 lpass potential buffer overflow\n\nCase values introduced in commit\n5f78e1fb7a3e (\"ASoC: qcom: Add driver support for audioreach solution\")\ncause out of bounds access in arrays of sc7280 driver data (e.g. in case\nof RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()).\n\nRedefine LPASS_MAX_PORTS to consider the maximum possible port id for\nq6dsp as sc7280 driver utilizes some of those values.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37979",
"url": "https://www.suse.com/security/cve/CVE-2025-37979"
},
{
"category": "external",
"summary": "SUSE Bug 1243545 for CVE-2025-37979",
"url": "https://bugzilla.suse.com/1243545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37979"
},
{
"cve": "CVE-2025-37980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix resource leak in blk_register_queue() error path\n\nWhen registering a queue fails after blk_mq_sysfs_register() is\nsuccessful but the function later encounters an error, we need\nto clean up the blk_mq_sysfs resources.\n\nAdd the missing blk_mq_sysfs_unregister() call in the error path\nto properly clean up these resources and prevent a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37980",
"url": "https://www.suse.com/security/cve/CVE-2025-37980"
},
{
"category": "external",
"summary": "SUSE Bug 1243522 for CVE-2025-37980",
"url": "https://bugzilla.suse.com/1243522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37980"
},
{
"cve": "CVE-2025-37982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wl1251: fix memory leak in wl1251_tx_work\n\nThe skb dequeued from tx_queue is lost when wl1251_ps_elp_wakeup fails\nwith a -ETIMEDOUT error. Fix that by queueing the skb back to tx_queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37982",
"url": "https://www.suse.com/security/cve/CVE-2025-37982"
},
{
"category": "external",
"summary": "SUSE Bug 1243524 for CVE-2025-37982",
"url": "https://bugzilla.suse.com/1243524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37982"
},
{
"cve": "CVE-2025-37983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqibfs: fix _another_ leak\n\nfailure to allocate inode =\u003e leaked dentry...\n\nthis one had been there since the initial merge; to be fair,\nif we are that far OOM, the odds of failing at that particular\nallocation are low...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37983",
"url": "https://www.suse.com/security/cve/CVE-2025-37983"
},
{
"category": "external",
"summary": "SUSE Bug 1243567 for CVE-2025-37983",
"url": "https://bugzilla.suse.com/1243567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37983"
},
{
"cve": "CVE-2025-37985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: wdm: close race between wdm_open and wdm_wwan_port_stop\n\nClearing WDM_WWAN_IN_USE must be the last action or\nwe can open a chardev whose URBs are still poisoned",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37985",
"url": "https://www.suse.com/security/cve/CVE-2025-37985"
},
{
"category": "external",
"summary": "SUSE Bug 1243529 for CVE-2025-37985",
"url": "https://bugzilla.suse.com/1243529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37985"
},
{
"cve": "CVE-2025-37986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Invalidate USB device pointers on partner unregistration\n\nTo avoid using invalid USB device pointers after a Type-C partner\ndisconnects, this patch clears the pointers upon partner unregistration.\nThis ensures a clean state for future connections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37986",
"url": "https://www.suse.com/security/cve/CVE-2025-37986"
},
{
"category": "external",
"summary": "SUSE Bug 1243515 for CVE-2025-37986",
"url": "https://bugzilla.suse.com/1243515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37986"
},
{
"cve": "CVE-2025-37989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: leds: fix memory leak\n\nA network restart test on a router led to an out-of-memory condition,\nwhich was traced to a memory leak in the PHY LED trigger code.\n\nThe root cause is misuse of the devm API. The registration function\n(phy_led_triggers_register) is called from phy_attach_direct, not\nphy_probe, and the unregister function (phy_led_triggers_unregister)\nis called from phy_detach, not phy_remove. This means the register and\nunregister functions can be called multiple times for the same PHY\ndevice, but devm-allocated memory is not freed until the driver is\nunbound.\n\nThis also prevents kmemleak from detecting the leak, as the devm API\ninternally stores the allocated pointer.\n\nFix this by replacing devm_kzalloc/devm_kcalloc with standard\nkzalloc/kcalloc, and add the corresponding kfree calls in the unregister\npath.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37989",
"url": "https://www.suse.com/security/cve/CVE-2025-37989"
},
{
"category": "external",
"summary": "SUSE Bug 1243511 for CVE-2025-37989",
"url": "https://bugzilla.suse.com/1243511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37989"
},
{
"cve": "CVE-2025-37990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()\n\nThe function brcmf_usb_dl_writeimage() calls the function\nbrcmf_usb_dl_cmd() but dose not check its return value. The\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized if the\nfunction brcmf_usb_dl_cmd() fails. It is dangerous to use\nuninitialized variables in the conditions.\n\nAdd error handling for brcmf_usb_dl_cmd() to jump to error\nhandling path if the brcmf_usb_dl_cmd() fails and the\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized.\n\nImprove the error message to report more detailed error\ninformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37990",
"url": "https://www.suse.com/security/cve/CVE-2025-37990"
},
{
"category": "external",
"summary": "SUSE Bug 1243528 for CVE-2025-37990",
"url": "https://bugzilla.suse.com/1243528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37990"
},
{
"cve": "CVE-2025-38104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV\n\nRLCG Register Access is a way for virtual functions to safely access GPU\nregisters in a virtualized environment., including TLB flushes and\nregister reads. When multiple threads or VFs try to access the same\nregisters simultaneously, it can lead to race conditions. By using the\nRLCG interface, the driver can serialize access to the registers. This\nmeans that only one thread can access the registers at a time,\npreventing conflicts and ensuring that operations are performed\ncorrectly. Additionally, when a low-priority task holds a mutex that a\nhigh-priority task needs, ie., If a thread holding a spinlock tries to\nacquire a mutex, it can lead to priority inversion. register access in\namdgpu_virt_rlcg_reg_rw especially in a fast code path is critical.\n\nThe call stack shows that the function amdgpu_virt_rlcg_reg_rw is being\ncalled, which attempts to acquire the mutex. This function is invoked\nfrom amdgpu_sriov_wreg, which in turn is called from\ngmc_v11_0_flush_gpu_tlb.\n\nThe [ BUG: Invalid wait context ] indicates that a thread is trying to\nacquire a mutex while it is in a context that does not allow it to sleep\n(like holding a spinlock).\n\nFixes the below:\n\n[ 253.013423] =============================\n[ 253.013434] [ BUG: Invalid wait context ]\n[ 253.013446] 6.12.0-amdstaging-drm-next-lol-050225 #14 Tainted: G U OE\n[ 253.013464] -----------------------------\n[ 253.013475] kworker/0:1/10 is trying to lock:\n[ 253.013487] ffff9f30542e3cf8 (\u0026adev-\u003evirt.rlcg_reg_lock){+.+.}-{3:3}, at: amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.013815] other info that might help us debug this:\n[ 253.013827] context-{4:4}\n[ 253.013835] 3 locks held by kworker/0:1/10:\n[ 253.013847] #0: ffff9f3040050f58 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x3f5/0x680\n[ 253.013877] #1: ffffb789c008be40 ((work_completion)(\u0026wfc.work)){+.+.}-{0:0}, at: process_one_work+0x1d6/0x680\n[ 253.013905] #2: ffff9f3054281838 (\u0026adev-\u003egmc.invalidate_lock){+.+.}-{2:2}, at: gmc_v11_0_flush_gpu_tlb+0x198/0x4f0 [amdgpu]\n[ 253.014154] stack backtrace:\n[ 253.014164] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G U OE 6.12.0-amdstaging-drm-next-lol-050225 #14\n[ 253.014189] Tainted: [U]=USER, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n[ 253.014203] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/18/2024\n[ 253.014224] Workqueue: events work_for_cpu_fn\n[ 253.014241] Call Trace:\n[ 253.014250] \u003cTASK\u003e\n[ 253.014260] dump_stack_lvl+0x9b/0xf0\n[ 253.014275] dump_stack+0x10/0x20\n[ 253.014287] __lock_acquire+0xa47/0x2810\n[ 253.014303] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014321] lock_acquire+0xd1/0x300\n[ 253.014333] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014562] ? __lock_acquire+0xa6b/0x2810\n[ 253.014578] __mutex_lock+0x85/0xe20\n[ 253.014591] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014782] ? sched_clock_noinstr+0x9/0x10\n[ 253.014795] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014808] ? local_clock_noinstr+0xe/0xc0\n[ 253.014822] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015012] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.015029] mutex_lock_nested+0x1b/0x30\n[ 253.015044] ? mutex_lock_nested+0x1b/0x30\n[ 253.015057] amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015249] amdgpu_sriov_wreg+0xc5/0xd0 [amdgpu]\n[ 253.015435] gmc_v11_0_flush_gpu_tlb+0x44b/0x4f0 [amdgpu]\n[ 253.015667] gfx_v11_0_hw_init+0x499/0x29c0 [amdgpu]\n[ 253.015901] ? __pfx_smu_v13_0_update_pcie_parameters+0x10/0x10 [amdgpu]\n[ 253.016159] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.016173] ? smu_hw_init+0x18d/0x300 [amdgpu]\n[ 253.016403] amdgpu_device_init+0x29ad/0x36a0 [amdgpu]\n[ 253.016614] amdgpu_driver_load_kms+0x1a/0xc0 [amdgpu]\n[ 253.0170\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38104",
"url": "https://www.suse.com/security/cve/CVE-2025-38104"
},
{
"category": "external",
"summary": "SUSE Bug 1241635 for CVE-2025-38104",
"url": "https://bugzilla.suse.com/1241635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38104"
},
{
"cve": "CVE-2025-38152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Clear table_sz when rproc_shutdown\n\nThere is case as below could trigger kernel dump:\nUse U-Boot to start remote processor(rproc) with resource table\npublished to a fixed address by rproc. After Kernel boots up,\nstop the rproc, load a new firmware which doesn\u0027t have resource table\n,and start rproc.\n\nWhen starting rproc with a firmware not have resource table,\n`memcpy(loaded_table, rproc-\u003ecached_table, rproc-\u003etable_sz)` will\ntrigger dump, because rproc-\u003ecache_table is set to NULL during the last\nstop operation, but rproc-\u003etable_sz is still valid.\n\nThis issue is found on i.MX8MP and i.MX9.\n\nDump as below:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af63000\n[0000000000000000] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in:\nCPU: 2 UID: 0 PID: 1060 Comm: sh Not tainted 6.14.0-rc7-next-20250317-dirty #38\nHardware name: NXP i.MX8MPlus EVK board (DT)\npstate: a0000005 (NzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __pi_memcpy_generic+0x110/0x22c\nlr : rproc_start+0x88/0x1e0\nCall trace:\n __pi_memcpy_generic+0x110/0x22c (P)\n rproc_boot+0x198/0x57c\n state_store+0x40/0x104\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x7c/0x94\n kernfs_fop_write_iter+0x120/0x1cc\n vfs_write+0x240/0x378\n ksys_write+0x70/0x108\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xcc\n el0t_64_sync_handler+0x10c/0x138\n el0t_64_sync+0x198/0x19c\n\nClear rproc-\u003etable_sz to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38152",
"url": "https://www.suse.com/security/cve/CVE-2025-38152"
},
{
"category": "external",
"summary": "SUSE Bug 1241627 for CVE-2025-38152",
"url": "https://bugzilla.suse.com/1241627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38152"
},
{
"cve": "CVE-2025-38240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38240"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr\n\nThe function mtk_dp_wait_hpd_asserted() may be called before the\n`mtk_dp-\u003edrm_dev` pointer is assigned in mtk_dp_bridge_attach().\nSpecifically it can be called via this callpath:\n - mtk_edp_wait_hpd_asserted\n - [panel probe]\n - dp_aux_ep_probe\n\nUsing \"drm\" level prints anywhere in this callpath causes a NULL\npointer dereference. Change the error message directly in\nmtk_dp_wait_hpd_asserted() to dev_err() to avoid this. Also change the\nerror messages in mtk_dp_parse_capabilities(), which is called by\nmtk_dp_wait_hpd_asserted().\n\nWhile touching these prints, also add the error code to them to make\nfuture debugging easier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38240",
"url": "https://www.suse.com/security/cve/CVE-2025-38240"
},
{
"category": "external",
"summary": "SUSE Bug 1241457 for CVE-2025-38240",
"url": "https://bugzilla.suse.com/1241457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38240"
},
{
"cve": "CVE-2025-38637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: skbprio: Remove overly strict queue assertions\n\nIn the current implementation, skbprio enqueue/dequeue contains an assertion\nthat fails under certain conditions when SKBPRIO is used as a child qdisc under\nTBF with specific parameters. The failure occurs because TBF sometimes peeks at\npackets in the child qdisc without actually dequeuing them when tokens are\nunavailable.\n\nThis peek operation creates a discrepancy between the parent and child qdisc\nqueue length counters. When TBF later receives a high-priority packet,\nSKBPRIO\u0027s queue length may show a different value than what\u0027s reflected in its\ninternal priority queue tracking, triggering the assertion.\n\nThe fix removes this overly strict assertions in SKBPRIO, they are not\nnecessary at all.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38637",
"url": "https://www.suse.com/security/cve/CVE-2025-38637"
},
{
"category": "external",
"summary": "SUSE Bug 1241657 for CVE-2025-38637",
"url": "https://bugzilla.suse.com/1241657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38637"
},
{
"cve": "CVE-2025-39735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix slab-out-of-bounds read in ea_get()\n\nDuring the \"size_check\" label in ea_get(), the code checks if the extended\nattribute list (xattr) size matches ea_size. If not, it logs\n\"ea_get: invalid extended attribute\" and calls print_hex_dump().\n\nHere, EALIST_SIZE(ea_buf-\u003exattr) returns 4110417968, which exceeds\nINT_MAX (2,147,483,647). Then ea_size is clamped:\n\n\tint size = clamp_t(int, ea_size, 0, EALIST_SIZE(ea_buf-\u003exattr));\n\nAlthough clamp_t aims to bound ea_size between 0 and 4110417968, the upper\nlimit is treated as an int, causing an overflow above 2^31 - 1. This leads\n\"size\" to wrap around and become negative (-184549328).\n\nThe \"size\" is then passed to print_hex_dump() (called \"len\" in\nprint_hex_dump()), it is passed as type size_t (an unsigned\ntype), this is then stored inside a variable called\n\"int remaining\", which is then assigned to \"int linelen\" which\nis then passed to hex_dump_to_buffer(). In print_hex_dump()\nthe for loop, iterates through 0 to len-1, where len is\n18446744073525002176, calling hex_dump_to_buffer()\non each iteration:\n\n\tfor (i = 0; i \u003c len; i += rowsize) {\n\t\tlinelen = min(remaining, rowsize);\n\t\tremaining -= rowsize;\n\n\t\thex_dump_to_buffer(ptr + i, linelen, rowsize, groupsize,\n\t\t\t\t linebuf, sizeof(linebuf), ascii);\n\n\t\t...\n\t}\n\nThe expected stopping condition (i \u003c len) is effectively broken\nsince len is corrupted and very large. This eventually leads to\nthe \"ptr+i\" being passed to hex_dump_to_buffer() to get closer\nto the end of the actual bounds of \"ptr\", eventually an out of\nbounds access is done in hex_dump_to_buffer() in the following\nfor loop:\n\n\tfor (j = 0; j \u003c len; j++) {\n\t\t\tif (linebuflen \u003c lx + 2)\n\t\t\t\tgoto overflow2;\n\t\t\tch = ptr[j];\n\t\t...\n\t}\n\nTo fix this we should validate \"EALIST_SIZE(ea_buf-\u003exattr)\"\nbefore it is utilised.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39735",
"url": "https://www.suse.com/security/cve/CVE-2025-39735"
},
{
"category": "external",
"summary": "SUSE Bug 1241625 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "external",
"summary": "SUSE Bug 1241699 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "important"
}
],
"title": "CVE-2025-39735"
},
{
"cve": "CVE-2025-40014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq()\n\nIf speed_hz \u003c AMD_SPI_MIN_HZ, amd_set_spi_freq() iterates over the\nentire amd_spi_freq array without breaking out early, causing \u0027i\u0027 to go\nbeyond the array bounds.\n\nFix that by stopping the loop when it gets to the last entry, so the low\nspeed_hz value gets clamped up to AMD_SPI_MIN_HZ.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/spi/spi-amd.o: error: objtool: amd_set_spi_freq() falls through to next function amd_spi_set_opcode()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40014",
"url": "https://www.suse.com/security/cve/CVE-2025-40014"
},
{
"category": "external",
"summary": "SUSE Bug 1241644 for CVE-2025-40014",
"url": "https://bugzilla.suse.com/1241644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-40014"
},
{
"cve": "CVE-2025-40325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: wait barrier before returning discard request with REQ_NOWAIT\n\nraid10_handle_discard should wait barrier before returning a discard bio\nwhich has REQ_NOWAIT. And there is no need to print warning calltrace\nif a discard bio has REQ_NOWAIT flag. Quality engineer usually checks\ndmesg and reports error if dmesg has warning/error calltrace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40325",
"url": "https://www.suse.com/security/cve/CVE-2025-40325"
},
{
"category": "external",
"summary": "SUSE Bug 1241638 for CVE-2025-40325",
"url": "https://bugzilla.suse.com/1241638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_53-default-1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.53.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.53.1.150600.12.24.1.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.53.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.53.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T11:08:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-40325"
}
]
}
suse-su-2025:02254-1
Vulnerability from csaf_suse
Published
2025-07-08 15:57
Modified
2025-07-08 15:57
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).
- CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728).
- CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913).
- CVE-2024-57995: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() (bsc#1237895).
- CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982).
- CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859).
- CVE-2025-21868: kABI workaround for adding an header (bsc#1240180).
- CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610).
- CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577).
- CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).
- CVE-2025-21938: mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr (bsc#1240723).
- CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814).
- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).
- CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544).
- CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572).
- CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617).
- CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573).
- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).
- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).
- CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).
- CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521).
- CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725).
- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).
- CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850).
- CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907).
- CVE-2025-37837: iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent() (bsc#1242952).
- CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946).
- CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051).
- CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982).
- CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954).
- CVE-2025-37874: net: ngbe: fix memory leak in ngbe_probe() error path (bsc#1242940).
- CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060).
- CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467).
- CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475).
- CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480).
- CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551).
- CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620).
- CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628).
- CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value (bsc#1243537).
- CVE-2025-37938: tracing: Verify event formats that have '%*p..' (bsc#1243544).
- CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538).
- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).
- CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523).
- CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572).
- CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571).
- CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542).
- CVE-2025-37992: net_sched: Flush gso_skb list too during ->change() (bsc#1243698).
- CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827).
- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).
- CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836).
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).
- CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729).
- CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999).
- CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746).
- CVE-2025-38055: perf/x86/intel: Fix segfault with PEBS-via-PT with sample_freq (bsc#1244747).
- CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862).
- CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry != NULL (bsc#1245155).
- CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743).
The following non-security bugs were fixed:
- accel/ivpu: Improve buffer object logging (git-fixes).
- accel/ivpu: Use dma_resv_lock() instead of a custom mutex (git-fixes).
- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).
- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).
- ACPI: Add missing prototype for non CONFIG_SUSPEND/CONFIG_X86 case (stable-fixes).
- ACPI: battery: negate current when discharging (stable-fixes).
- ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes).
- ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes).
- ACPI: HED: Always initialize before evged (stable-fixes).
- ACPI: OSI: Stop advertising support for '3.0 _SCP Extensions' (git-fixes).
- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).
- ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes).
- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).
- ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes).
- ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).
- ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes).
- ACPICA: Utilities: Fix spelling mistake 'Incremement' -> 'Increment' (git-fixes).
- ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).
- ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes).
- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes).
- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).
- ALSA: seq: Improve data consistency at polling (stable-fixes).
- ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes).
- ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes).
- ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).
- ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).
- ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes).
- ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes).
- ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes).
- ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git-fixes).
- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes).
- ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes).
- ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes).
- ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes).
- ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes).
- ALSA: usb-audio: Skip setting clock selector for single connections (stable-fixes).
- ALSA: usb-audio: Support multiple control interfaces (stable-fixes).
- ALSA: usb-audio: Support read-only clock selector control (stable-fixes).
- arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)
- ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes).
- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).
- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).
- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).
- ASoC: cs42l43: Disable headphone clamps during type detection (stable-fixes).
- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).
- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).
- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).
- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).
- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).
- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).
- ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY() (git-fixes).
- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).
- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).
- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).
- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).
- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).
- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).
- ASoC: SOF: Intel: hda-bus: Use PIO mode on ACE2+ platforms (git-fixes).
- ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation type (git-fixes).
- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).
- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).
- ASoC: tas2764: Enable main IRQs (git-fixes).
- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).
- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).
- ASoC: tas2764: Reinit cache on part reset (git-fixes).
- ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes).
- ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes).
- ASoC: ti: omap-hdmi: Re-add dai_link->platform to fix card init (git-fixes).
- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes).
- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes).
- ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes).
- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).
- Bluetooth: btintel_pcie: Fix driver not posting maximum rx buffers (git-fixes).
- Bluetooth: btintel_pcie: Increase the tx and rx descriptor count (git-fixes).
- Bluetooth: btintel_pcie: Reduce driver buffer posting to prevent race condition (git-fixes).
- Bluetooth: btintel: Check dsbr size from EFI variable (git-fixes).
- Bluetooth: eir: Fix possible crashes on eir_create_adv_data (git-fixes).
- Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes).
- Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git-fixes).
- Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes).
- Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes).
- Bluetooth: hci_event: Fix not using key encryption size when its known (git-fixes).
- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).
- Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes).
- Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).
- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).
- Bluetooth: MGMT: Fix sparse errors (git-fixes).
- Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes).
- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).
- Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes).
- Bluetooth: Remove pending ACL connection attempts (stable-fixes).
- bnxt: properly flush XDP redirect lists (git-fixes).
- bpf: Force uprobe bpf program to always return 0 (git-fixes).
- btrfs: fix fsync of files with no hard links not persisting deletion (git-fixes).
- btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes).
- btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes).
- btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes).
- btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes).
- btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes).
- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).
- bus: fsl-mc: fix double-free on mc_dev (git-fixes).
- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).
- bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes).
- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).
- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes).
- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).
- can: tcan4x5x: fix power regulator retrieval during probe (git-fixes).
- ceph: allocate sparse_ext map only for sparse reads (git-fixes).
- ceph: Fix incorrect flush end position calculation (git-fixes).
- ceph: fix memory leaks in __ceph_sync_read() (git-fixes).
- cgroup/cpuset: Do not allow creation of local partition over a remote one (bsc#1241166).
- cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166).
- cifs: change tcon status when need_reconnect is set on it (git-fixes).
- clocksource: Fix brown-bag boolean thinko in (git-fixes)
- clocksource: Make watchdog and suspend-timing multiplication (git-fixes)
- crypto: lrw - Only add ecb if it is not already there (git-fixes).
- crypto: lzo - Fix compression buffer overrun (stable-fixes).
- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).
- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).
- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).
- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).
- crypto: qat - add shutdown handler to qat_420xx (git-fixes).
- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).
- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).
- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).
- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).
- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).
- crypto: xts - Only add ecb if it is not already there (git-fixes).
- devlink: fix port dump cmd type (git-fixes).
- devlink: Fix referring to hw_addr attribute during state validation (git-fixes).
- dlm: mask sk_shutdown value (bsc#1228854).
- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).
- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).
- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).
- drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes).
- drm: Add valid clones check (stable-fixes).
- drm: bridge: adv7511: fill stream capabilities (stable-fixes).
- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).
- drm/amd: Adjust output for discovery error handling (git-fixes).
- drm/amd/display: Add debugging message for brightness caps (bsc#1240650).
- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).
- drm/amd/display: Add support for disconnected eDP streams (stable-fixes).
- drm/amd/display: calculate the remain segments for all pipes (stable-fixes).
- drm/amd/display: Call FP Protect Before Mode Programming/Mode Support (stable-fixes).
- drm/amd/display: check stream id dml21 wrapper to get plane_id (stable-fixes).
- drm/amd/display: Configure DTBCLK_P with OPTC only for dcn401 (stable-fixes).
- drm/amd/display: Correct timing_adjust_pending flag setting (stable-fixes).
- drm/amd/display: Defer BW-optimization-blocked DRR adjustments (git-fixes).
- drm/amd/display: Do not enable replay when vtotal update is pending (stable-fixes).
- drm/amd/display: Do not treat wb connector as physical in create_validate_stream_for_sink (stable-fixes).
- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).
- drm/amd/display: Ensure DMCUB idle before reset on DCN31/DCN35 (stable-fixes).
- drm/amd/display: Fix BT2020 YCbCr limited/full range input (stable-fixes).
- drm/amd/display: fix dcn4x init failed (stable-fixes).
- drm/amd/display: Fix default DC and AC levels (bsc#1240650).
- drm/amd/display: Fix DMUB reset sequence for DCN401 (stable-fixes).
- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).
- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).
- drm/amd/display: Fix p-state type when p-state is unsupported (stable-fixes).
- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).
- drm/amd/display: Guard against setting dispclk low when active (stable-fixes).
- drm/amd/display: handle max_downscale_src_width fail check (stable-fixes).
- drm/amd/display: Increase block_sequence array size (stable-fixes).
- drm/amd/display: Initial psr_version with correct setting (stable-fixes).
- drm/amd/display: not abort link train when bw is low (stable-fixes).
- drm/amd/display: pass calculated dram_speed_mts to dml2 (stable-fixes).
- drm/amd/display: Populate register address for dentist for dcn401 (stable-fixes).
- drm/amd/display: Read LTTPR ALPM caps during link cap retrieval (stable-fixes).
- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).
- drm/amd/display: Request HW cursor on DCN3.2 with SubVP (stable-fixes).
- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).
- drm/amd/display: Support multiple options during psr entry (stable-fixes).
- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).
- drm/amd/display: Use Nominal vBlank If Provided Instead Of Capping It (stable-fixes).
- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).
- drm/amd/pm: Fetch current power limit from PMFW (stable-fixes).
- drm/amd/pm: Skip P2S load for SMU v13.0.12 (stable-fixes).
- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).
- drm/amdgpu: adjust drm_firmware_drivers_only() handling (stable-fixes).
- drm/amdgpu: Allow P2P access through XGMI (stable-fixes).
- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).
- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).
- drm/amdgpu: Fix missing drain retry fault the last entry (stable-fixes).
- drm/amdgpu: Fix the race condition for draining retry fault (stable-fixes).
- drm/amdgpu: read back register after written for VCN v4.0.5 (stable-fixes).
- drm/amdgpu: release xcp_mgr on exit (stable-fixes).
- drm/amdgpu: remove all KFD fences from the BO on release (stable-fixes).
- drm/amdgpu: reset psp->cmd to NULL after releasing the buffer (stable-fixes).
- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).
- drm/amdgpu: Skip pcie_replay_count sysfs creation for VF (stable-fixes).
- drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).
- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).
- drm/amdgpu: Use active umc info from discovery (stable-fixes).
- drm/amdgpu/discovery: check ip_discovery fw file available (stable-fixes).
- drm/amdgpu/gfx11: do not read registers in mqd init (stable-fixes).
- drm/amdgpu/gfx12: do not read registers in mqd init (stable-fixes).
- drm/amdgpu/mes11: fix set_hw_resources_1 calculation (stable-fixes).
- drm/amdkfd: Correct F8_MODE for gfx950 (git-fixes).
- drm/amdkfd: fix missing L2 cache info in topology (stable-fixes).
- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).
- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).
- drm/amdkfd: Set per-process flags only once for gfx9/10/11/12 (stable-fixes).
- drm/amdkfd: set precise mem ops caps to disabled for gfx 11 and 12 (stable-fixes).
- drm/ast: Find VBIOS mode from regular display size (stable-fixes).
- drm/ast: Fix comment on modeset lock (git-fixes).
- drm/atomic: clarify the rules around drm_atomic_state->allow_modeset (stable-fixes).
- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).
- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).
- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).
- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).
- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).
- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).
- drm/buddy: fix issue that force_merge cannot free all roots (stable-fixes).
- drm/etnaviv: Protect the scheduler's pending list with its lock (git-fixes).
- drm/i915: fix build error some more (git-fixes).
- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).
- drm/i915/guc: Check if expecting reply before decrementing outstanding_submission_g2h (git-fixes).
- drm/i915/guc: Handle race condition where wakeref count drops below 0 (git-fixes).
- drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes).
- drm/i915/psr: Fix using wrong mask in REG_FIELD_PREP (git-fixes).
- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).
- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).
- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).
- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).
- drm/msm: Fix CP_RESET_CONTEXT_STATE bitfield names (git-fixes).
- drm/msm/a6xx: Disable rgb565_predicator on Adreno 7c3 (git-fixes).
- drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (git-fixes).
- drm/msm/disp: Correct porch timing for SDM845 (git-fixes).
- drm/msm/dpu: Clear CTL_FETCH_PIPE_ACTIVE before blend setup (git-fixes).
- drm/msm/dpu: Clear CTL_FETCH_PIPE_ACTIVE on ctl_path reset (git-fixes).
- drm/msm/dpu: enable SmartDMA on SC8180X (git-fixes).
- drm/msm/dpu: enable SmartDMA on SM8150 (git-fixes).
- drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes).
- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).
- drm/nouveau: fix the broken marco GSP_MSG_MAX_SIZE (stable-fixes).
- drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes).
- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).
- drm/panel-simple: fix the warnings for the Evervision VGG644804 (git-fixes).
- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).
- drm/panic: add missing space (git-fixes).
- drm/panthor: Fix GPU_COHERENCY_ACE[_LITE] definitions (git-fixes).
- drm/panthor: Update panthor_mmu::irq::mask when needed (git-fixes).
- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).
- drm/rockchip: vop2: Improve display modes handling on RK3588 HDMI0 (stable-fixes).
- drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).
- drm/tegra: Assign plane type before registration (git-fixes).
- drm/tegra: Fix a possible null pointer dereference (git-fixes).
- drm/tegra: rgb: Fix the unbound reference count (git-fixes).
- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).
- drm/v3d: Add clock handling (stable-fixes).
- drm/v3d: Avoid NULL pointer dereference in `v3d_job_update_stats()` (stable-fixes).
- drm/vc4: tests: Use return instead of assert (git-fixes).
- drm/vkms: Adjust vkms_state->active_planes allocation type (git-fixes).
- drm/vmwgfx: Add error path for xa_store in vmw_bo_add_detached_resource (git-fixes).
- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).
- drm/vmwgfx: Fix dumb buffer leak (git-fixes).
- drm/xe: Create LRC BO without VM (git-fixes).
- drm/xe: Do not attempt to bootstrap VF in execlists mode (stable-fixes).
- drm/xe: Fix memset on iomem (git-fixes).
- drm/xe: Fix xe_tile_init_noalloc() error propagation (stable-fixes).
- drm/xe: Make xe_gt_freq part of the Documentation (git-fixes).
- drm/xe: Move suballocator init to after display init (stable-fixes).
- drm/xe: Nuke VM's mapping upon close (stable-fixes).
- drm/xe: Process deferred GGTT node removals on device unwind (git-fixes).
- drm/xe: Reject BO eviction if BO is bound to current VM (stable-fixes).
- drm/xe: remove unmatched xe_vm_unlock() from __xe_exec_queue_init() (git-fixes).
- drm/xe: Retry BO allocation (stable-fixes).
- drm/xe: Rework eviction rejection of bound external bos (git-fixes).
- drm/xe: Save the gt pointer in lrc and drop the tile (stable-fixes).
- drm/xe: Stop ignoring errors from xe_ttm_stolen_mgr_init() (stable-fixes).
- drm/xe: Wire up device shutdown handler (stable-fixes).
- drm/xe: xe_gen_wa_oob: replace program_invocation_short_name (stable-fixes).
- drm/xe/bmg: Update Wa_16023588340 (git-fixes).
- drm/xe/d3cold: Set power state to D3Cold during s2idle/s3 (git-fixes).
- drm/xe/debugfs: Add missing xe_pm_runtime_put in wedge_mode_set (stable-fixes).
- drm/xe/debugfs: fixed the return value of wedged_mode_set (stable-fixes).
- drm/xe/display: Add check for alloc_ordered_workqueue() (git-fixes).
- drm/xe/gt: Update handling of xe_force_wake_get return (stable-fixes).
- drm/xe/oa: Ensure that polled read returns latest data (stable-fixes).
- drm/xe/pf: Create a link between PF and VF devices (stable-fixes).
- drm/xe/pf: Reset GuC VF config when unprovisioning critical resource (stable-fixes).
- drm/xe/relay: Do not use GFP_KERNEL for new transactions (stable-fixes).
- drm/xe/sa: Always call drm_suballoc_manager_fini() (stable-fixes).
- drm/xe/sched: stop re-submitting signalled jobs (git-fixes).
- drm/xe/vf: Retry sending MMIO request to GUC on timeout error (stable-fixes).
- drm/xe/vm: move rebind_work init earlier (git-fixes).
- drm/xe/xe2hpg: Add Wa_22021007897 (stable-fixes).
- dummycon: Trigger redraw when switching consoles with deferred takeover (git-fixes).
- e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes).
- efi/libstub: Describe missing 'out' parameter in efi_load_initrd (git-fixes).
- fbcon: Make sure modelist not set on unregistered console (stable-fixes).
- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).
- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).
- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).
- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).
- fbdev/efifb: Remove PM for parent device (bsc#1244261).
- fgraph: Still initialize idle shadow stacks when starting (git-fixes).
- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).
- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).
- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).
- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).
- firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes).
- fpga: altera-cvp: Increase credit timeout (stable-fixes).
- fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes).
- gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).
- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).
- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).
- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).
- gpiolib: Revert 'Do not WARN on gpiod_put() for optional GPIO' (stable-fixes).
- gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes).
- gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes).
- HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes).
- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).
- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).
- HID: wacom: fix kobject reference count leak (git-fixes).
- HID: wacom: fix memory leak on kobject creation failure (git-fixes).
- HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes).
- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).
- hwmon: (dell-smm) Increment the number of fans (stable-fixes).
- hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).
- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).
- hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes).
- hwmon: (occ) fix unaligned accesses (git-fixes).
- hwmon: (occ) Rework attribute registration for stack usage (git-fixes).
- hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes).
- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).
- hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes).
- i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes).
- i2c: npcm: Add clock toggle recovery (stable-fixes).
- i2c: pxa: fix call balance of i2c->clk handling routines (stable-fixes).
- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).
- i2c: robotfuzz-osif: disable zero-length read messages (git-fixes).
- i2c: tegra: check msg length in SMBUS block read (bsc#1242086)
- i2c: tiny-usb: disable zero-length read messages (git-fixes).
- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).
- i3c: master: svc: Fix missing STOP for master request (stable-fixes).
- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).
- i40e: retry VFLR handling if there is ongoing VF reset (git-fixes).
- i40e: return false from i40e_reset_vf if reset is in progress (git-fixes).
- IB/cm: Drop lockdep assert and WARN when freeing old msg (git-fixes)
- ice: create new Tx scheduler nodes for new queues only (git-fixes).
- ice: Fix LACP bonds without SRIOV environment (git-fixes).
- ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes).
- ice: fix Tx scheduler error handling in XDP callback (git-fixes).
- ice: fix vf->num_mac count with port representors (git-fixes).
- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).
- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).
- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).
- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).
- iio: filter: admv8818: fix band 4, state 15 (git-fixes).
- iio: filter: admv8818: fix integer overflow (git-fixes).
- iio: filter: admv8818: fix range calculation (git-fixes).
- iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes).
- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).
- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).
- ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650).
- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).
- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).
- Input: sparcspkr - avoid unannotated fall-through (stable-fixes).
- Input: xpad - add more controllers (stable-fixes).
- intel_th: avoid using deprecated page->mapping, index fields (stable-fixes).
- iommu: Protect against overflow in iommu_pgsize() (git-fixes).
- iommu: Skip PASID validation for devices without PASID capability (bsc#1244100)
- iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)
- ip_tunnel: annotate data-races around t->parms.link (git-fixes).
- ip6mr: fix tables suspicious RCU usage (git-fixes).
- ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes).
- ipmr: fix tables suspicious RCU usage (git-fixes).
- ipv4: Convert ip_route_input() to dscp_t (git-fixes).
- ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes).
- ipv6: save dontfrag in cork (git-fixes).
- ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes).
- isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).
- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).
- jffs2: check that raw node were preallocated before writing summary (git-fixes).
- KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199).
- KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225).
- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).
- loop: add file_start_write() and file_end_write() (git-fixes).
- loop: Add sanity check for read/write_iter (git-fixes).
- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).
- md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).
- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).
- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).
- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).
- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).
- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).
- media: cx231xx: set device_caps for 417 (stable-fixes).
- media: cxusb: no longer judge rbuf when the write fails (git-fixes).
- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).
- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).
- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).
- media: imx-jpeg: Cleanup after an allocation error (git-fixes).
- media: imx-jpeg: Drop the first error frames (git-fixes).
- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).
- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).
- media: intel/ipu6: Fix dma mask for non-secure mode (git-fixes).
- media: ipu6: Remove workaround for Meteor Lake ES2 (git-fixes).
- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).
- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).
- media: ov2740: Move pm-runtime cleanup on probe-errors to proper place (git-fixes).
- media: ov5675: suppress probe deferral errors (git-fixes).
- media: ov8856: suppress probe deferral errors (git-fixes).
- media: platform: mtk-mdp3: Remove unused mdp_get_plat_device (git-fixes).
- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).
- media: rkvdec: Fix frame size enumeration (git-fixes).
- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).
- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).
- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).
- media: uvcvideo: Fix deferred probing error (git-fixes).
- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).
- media: uvcvideo: Return the number of processed controls (git-fixes).
- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).
- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).
- media: venus: Fix probe error handling (git-fixes).
- media: verisilicon: Free post processor buffers on error (git-fixes).
- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).
- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).
- media: vivid: Change the siize of the composing (git-fixes).
- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).
- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).
- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).
- mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551).
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).
- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).
- mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551).
- mmc: Add quirk to disable DDR50 tuning (stable-fixes).
- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).
- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).
- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).
- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).
- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).
- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).
- neighbour: Do not let neigh_forced_gc() disable preemption for long (git-fixes).
- net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).
- net_sched: prio: fix a race in prio_tune() (git-fixes).
- net_sched: red: fix a race in __red_change() (git-fixes).
- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
- net_sched: sch_sfq: reject invalid perturb period (git-fixes).
- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)
- net_sched: tbf: fix a race in tbf_change() (git-fixes).
- net: add rcu safety to rtnl_prop_list_size() (git-fixes).
- net: Fix TOCTOU issue in sk_is_readable() (git-fixes).
- net: fix udp gso skb_segment after pull from frag_list (git-fixes).
- net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes).
- net: ice: Perform accurate aRFS flow match (git-fixes).
- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes).
- net: ipv4: fix a memleak in ip_setup_cork (git-fixes).
- net: linkwatch: use system_unbound_wq (git-fixes).
- net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).
- net: mana: Record doorbell physical address in PF mode (bsc#1244229).
- net: page_pool: fix warning code (git-fixes).
- net: phy: clear phydev->devlink when the link is deleted (git-fixes).
- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).
- net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538)
- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).
- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).
- net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes).
- net: sched: consistently use rcu_replace_pointer() in taprio_change() (git-fixes).
- net: sched: em_text: fix possible memory leak in em_text_destroy() (git-fixes).
- net: sched: fix erspan_opt settings in cls_flower (git-fixes).
- net: usb: aqc111: debug info before sanitation (git-fixes).
- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).
- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).
- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes).
- net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes).
- net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes).
- net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes).
- net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes).
- net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes).
- net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).
- net/mlx5: Fix return value when searching for existing flow group (git-fixes).
- net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).
- net/neighbor: clear error in case strict check is not set (git-fixes).
- net/sched: fix use-after-free in taprio_dev_notifier (git-fixes).
- netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).
- netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes).
- netlink: specs: dpll: replace underscores with dashes in names (git-fixes).
- netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).
- netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes).
- NFC: nci: uart: Set tty->disc_data only in success path (git-fixes).
- NFS: Do not allow waiting for exiting tasks (git-fixes).
- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).
- nfsd: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).
- nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes).
- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).
- NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes).
- NFSv4: Treat ENETUNREACH errors as fatal for state recovery (git-fixes).
- ntp: Clamp maxerror and esterror to operating range (git-fixes)
- ntp: Remove invalid cast in time offset math (git-fixes)
- ntp: Safeguard against time_constant overflow (git-fixes)
- nvme-fc: do not reference lsrsp after failure (bsc#1245193).
- nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes).
- nvme-pci: add quirks for device 126f:1001 (git-fixes).
- nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).
- nvme: always punt polled uring_cmd end_io work to task_work (git-fixes).
- nvme: fix command limits status code (git-fixes).
- nvme: fix implicit bool to flags conversion (git-fixes).
- nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).
- nvmet-fc: take tgtport refs for portentry (bsc#1245193).
- nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193).
- nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193).
- nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).
- nvmet-fcloop: do not wait for lport cleanup (bsc#1245193).
- nvmet-fcloop: drop response if targetport is gone (bsc#1245193).
- nvmet-fcloop: prevent double port deletion (bsc#1245193).
- nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).
- nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193).
- nvmet-fcloop: remove nport from list on last user (bsc#1245193).
- nvmet-fcloop: track ref counts for nports (bsc#1245193).
- nvmet-fcloop: update refs on tfcp_req (bsc#1245193).
- orangefs: Do not truncate file size (git-fixes).
- page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (stable-fixes).
- PCI: apple: Set only available ports up (git-fixes).
- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).
- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).
- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).
- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: cadence: Fix runtime atomic count underflow (git-fixes).
- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).
- PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes).
- PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).
- PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- PCI: Explicitly put devices into D0 when initializing (git-fixes).
- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).
- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).
- PCI/DPC: Initialize aer_err_info before using it (git-fixes).
- PCI/DPC: Log Error Source ID only when valid (git-fixes).
- PCI/DPC: Use defines with DPC reason fields (git-fixes).
- PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes).
- PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes).
- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).
- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).
- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).
- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).
- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes).
- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).
- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (git-fixes).
- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).
- pinctrl: bcm281xx: Use 'unsigned int' instead of bare 'unsigned' (stable-fixes).
- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).
- pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes).
- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).
- pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).
- pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).
- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).
- platform/x86: amd: Use *-y instead of *-objs in Makefiles (jsc#PED-13094).
- platform/x86: dell_rbu: Fix list usage (git-fixes).
- platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).
- platform/x86: hp-bioscfg: Annotate struct bios_args with __counted_by (jsc#PED-13019).
- platform/x86: hp-bioscfg: biosattr-interface (jsc#PED-13019).
- platform/x86: hp-bioscfg: bioscfg (jsc#PED-13019).
- platform/x86: hp-bioscfg: bioscfg-h (jsc#PED-13019).
- platform/x86: hp-bioscfg: Change how enum possible values size is evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Change how order list size is evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Change how password encoding size is evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Change how prerequisites size is evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: enum-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: fix a signedness bug in hp_wmi_perform_query() (jsc#PED-13019).
- platform/x86: hp-bioscfg: Fix error handling in hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: fix error reporting in hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: Fix memory leaks in attribute packages (jsc#PED-13019).
- platform/x86: hp-bioscfg: Fix reference leak (jsc#PED-13019).
- platform/x86: hp-bioscfg: Fix uninitialized variable errors (jsc#PED-13019).
- platform/x86: hp-bioscfg: int-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: Makefile (jsc#PED-13019).
- platform/x86: hp-bioscfg: move mutex_lock() down in hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: order-list-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: passwdobj-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: prevent a small buffer overflow (jsc#PED-13019).
- platform/x86: hp-bioscfg: Remove duplicate use of variable in inner loop (jsc#PED-13019).
- platform/x86: hp-bioscfg: Remove unused obj in hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: Removed needless asm-generic (jsc#PED-13019).
- platform/x86: hp-bioscfg: Replace the word HACK from source code (jsc#PED-13019).
- platform/x86: hp-bioscfg: Simplify return check in hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: spmobj-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: string-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: surestart-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: Update steps order list elements are evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Use kmemdup() to replace kmalloc + memcpy (jsc#PED-13019).
- platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes).
- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).
- platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes).
- platform/x86/amd/hsmp: acpi: Add sysfs files to display HSMP telemetry (jsc#PED-13094).
- platform/x86/amd/hsmp: Add new error code and error logs (jsc#PED-13094).
- platform/x86/amd/hsmp: Add support for HSMP protocol version 7 messages (jsc#PED-13094).
- platform/x86/amd/hsmp: Change generic plat_dev name to hsmp_pdev (jsc#PED-13094).
- platform/x86/amd/hsmp: Change the error type (jsc#PED-13094).
- platform/x86/amd/hsmp: Convert amd_hsmp_rdwr() to a function pointer (jsc#PED-13094).
- platform/x86/amd/hsmp: Create hsmp/ directory (jsc#PED-13094).
- platform/x86/amd/hsmp: Create separate ACPI, plat and common drivers (jsc#PED-13094).
- platform/x86/amd/hsmp: Create wrapper function init_acpi() (jsc#PED-13094).
- platform/x86/amd/hsmp: fix building with CONFIG_HWMON=m (jsc#PED-13094).
- platform/x86/amd/hsmp: Make amd_hsmp and hsmp_acpi as mutually exclusive drivers (jsc#PED-13094).
- platform/x86/amd/hsmp: Make hsmp_pdev static instead of global (jsc#PED-13094).
- platform/x86/amd/hsmp: mark hsmp_msg_desc_table as maybe_unused (git-fixes).
- platform/x86/amd/hsmp: Move ACPI code to acpi.c (jsc#PED-13094).
- platform/x86/amd/hsmp: Move platform device specific code to plat.c (jsc#PED-13094).
- platform/x86/amd/hsmp: Move structure and macros to header file (jsc#PED-13094).
- platform/x86/amd/hsmp: Report power via hwmon sensor (jsc#PED-13094).
- platform/x86/amd/hsmp: Use a single DRIVER_VERSION for all hsmp modules (jsc#PED-13094).
- platform/x86/amd/hsmp: Use dev_groups in the driver structure (jsc#PED-13094).
- platform/x86/amd/hsmp: Use name space while exporting module symbols (jsc#PED-13094).
- platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes).
- PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes).
- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).
- PM: sleep: Print PM debug messages during hibernation (git-fixes).
- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).
- pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes).
- power: reset: at91-reset: Optimize at91_reset() (git-fixes).
- power: supply: bq27xxx: Retrieve again when busy (stable-fixes).
- power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes).
- powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199).
- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).
- powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199).
- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).
- pstore: Change kmsg_bytes storage size to u32 (git-fixes).
- ptp: ocp: fix start time alignment in ptp_ocp_signal_set (git-fixes).
- ptp: ocp: reject unsupported periodic output flags (git-fixes).
- ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() (git-fixes).
- r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes).
- RDMA/core: Fix best page size finding when it can cross SG entries (git-fixes)
- RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)
- regulator: ad5398: Add device tree support (stable-fixes).
- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).
- regulator: max20086: Change enable gpio to optional (git-fixes).
- regulator: max20086: Fix MAX200086 chip id (git-fixes).
- regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes).
- rtc: at91rm9200: drop unused module alias (git-fixes).
- rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).
- rtc: cpcap: drop unused module alias (git-fixes).
- rtc: da9063: drop unused module alias (git-fixes).
- rtc: ds1307: stop disabling alarms on probe (stable-fixes).
- rtc: Fix offset calculation for .start_secs < 0 (git-fixes).
- rtc: jz4740: drop unused module alias (git-fixes).
- rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes).
- rtc: pm8xxx: drop unused module alias (git-fixes).
- rtc: rv3032: fix EERD location (stable-fixes).
- rtc: s3c: drop unused module alias (git-fixes).
- rtc: sh: assign correct interrupts with DT (git-fixes).
- rtc: stm32: drop unused module alias (git-fixes).
- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).
- s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226).
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).
- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).
- s390/pci: introduce lock to synchronize state of zpci_dev's (jsc#PED-10253 bsc#1244145).
- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).
- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).
- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).
- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).
- s390/pci: Serialize device addition and removal (bsc#1244145).
- s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228).
- scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).
- scsi: dc395x: Remove leftover if statement in reselect() (git-fixes).
- scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes).
- scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: Improve CDL control (git-fixes).
- scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: mpi3mr: Add level check to control event logging (git-fixes).
- scsi: mpt3sas: Fix _ctl_get_mpt_mctp_passthru_adapter() to return IOC pointer (git-fixes).
- scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes).
- scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes).
- scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels (git-fixes).
- scsi: st: ERASE does not change tape location (git-fixes).
- scsi: st: Restore some drive settings after reset (git-fixes).
- scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes).
- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).
- scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).
- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).
- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).
- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).
- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).
- serial: core: restore of_node information in sysfs (git-fixes).
- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).
- serial: imx: Restore original RXTL for console to fix data loss (git-fixes).
- serial: jsm: fix NPE during jsm_uart_port_init (git-fixes).
- serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes).
- serial: sh-sci: Save and restore more registers (git-fixes).
- serial: sh-sci: Update the suspend/resume support (stable-fixes).
- smb: client: allow more DFS referrals to be cached (git-fixes).
- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).
- smb: client: do not retry DFS targets on server shutdown (git-fixes).
- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).
- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).
- smb: client: fix DFS interlink failover (git-fixes).
- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- smb: client: fix return value of parse_dfs_referrals() (git-fixes).
- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).
- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).
- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).
- smb: client: improve purging of cached referrals (git-fixes).
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- smb: client: optimize referral walk on failed link targets (git-fixes).
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
- smb: client: parse DNS domain name from domain= option (git-fixes).
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- smb: client: refresh referral without acquiring refpath_lock (git-fixes).
- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).
- smb: client: Use str_yes_no() helper function (git-fixes).
- smb3: fix Open files on server counter going negative (git-fixes).
- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).
- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).
- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).
- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).
- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).
- spi-rockchip: Fix register out of bounds access (stable-fixes).
- spi: bcm63xx-hsspi: fix shared reset (git-fixes).
- spi: bcm63xx-spi: fix shared reset (git-fixes).
- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).
- spi: spi-sun4i: fix early activation (stable-fixes).
- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).
- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).
- spi: tegra210-quad: remove redundant error handling code (git-fixes).
- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).
- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).
- staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes).
- struct usci: hide additional member (git-fixes).
- SUNRPC: Do not allow waiting for exiting tasks (git-fixes).
- SUNRPC: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes).
- SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes).
- SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git-fixes).
- SUNRPC: rpcbind should never reset the port to the value '0' (git-fixes).
- svsm: Add header with SVSM_VTPM_CMD helpers (bsc#1241191).
- sysfb: Fix screen_info type check for VGA (git-fixes).
- tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).
- tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes).
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (git-fixes).
- tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (git-fixes).
- thermal/drivers/mediatek/lvts: Fix debugfs unregister on failure (git-fixes).
- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).
- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).
- thunderbolt: Do not double dequeue a configuration request (stable-fixes).
- thunderbolt: Fix a logic error in wake on connect (git-fixes).
- thunderbolt: Improve redrive mode handling (git-fixes).
- timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)
- timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)
- timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)
- timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)
- tpm: Add SNP SVSM vTPM driver (bsc#1241191).
- tpm: Make chip->{status,cancel,req_canceled} opt (bsc#1241191).
- trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes).
- tracing: Add __print_dynamic_array() helper (bsc#1243544).
- tracing: Add __string_len() example (bsc#1243544).
- tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes).
- tracing: Fix compilation warning on arm32 (bsc#1243551).
- tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes).
- tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes).
- truct dwc3 hide new member wakeup_pending_funcs (git-fixes).
- tty: serial: 8250_omap: fix TX with DMA for am33xx (git-fixes).
- ucsi_debugfs_entry: hide signedness change (git-fixes).
- udp: annotate data-races around up->pending (git-fixes).
- udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (git-fixes).
- udp: fix receiving fraglist GSO packets (git-fixes).
- udp: preserve the connected status if only UDP cmsg (git-fixes).
- uprobes: Use kzalloc to allocate xol area (git-fixes).
- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).
- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).
- usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).
- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).
- usb: misc: onboard_usb_dev: fix support for Cypress HX3 hubs (git-fixes).
- usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes).
- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).
- usb: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes).
- usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes).
- usb: typec: tcpm: move tcpm_queue_vdm_unlocked to asynchronous work (git-fixes).
- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).
- usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git-fixes).
- usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes).
- usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes).
- usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes).
- usb: typec: ucsi: Only enable supported notifications (git-fixes).
- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).
- usb: usbtmc: Fix timeout value in get_stb (git-fixes).
- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).
- usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes).
- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).
- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).
- vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626).
- vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626).
- vmxnet3: update MTU after device quiesce (bsc#1244626).
- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).
- watchdog: da9052_wdt: respect TWDMIN (stable-fixes).
- watchdog: exar: Shorten identity name to fit correctly (git-fixes).
- watchdog: fix watchdog may detect false positive of softlockup (stable-fixes).
- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes).
- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes).
- wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes).
- wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes).
- wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes).
- wifi: ath11k: do not wait when there is no vdev started (git-fixes).
- wifi: ath11k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).
- wifi: ath11k: fix ring-buffer corruption (git-fixes).
- wifi: ath11k: fix rx completion meta data corruption (git-fixes).
- wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes).
- wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes).
- wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847).
- wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes).
- wifi: ath12k: ACPI band edge channel power support (bsc#1240998).
- wifi: ath12k: ACPI CCA threshold support (bsc#1240998).
- wifi: ath12k: ACPI SAR support (bsc#1240998).
- wifi: ath12k: ACPI TAS support (bsc#1240998).
- wifi: ath12k: add 6 GHz params in peer assoc command (bsc#1240998).
- wifi: ath12k: Add additional checks for vif and sta iterators (bsc#1240998).
- wifi: ath12k: add ATH12K_DBG_WOW log level (bsc#1240998).
- wifi: ath12k: add basic WoW functionalities (bsc#1240998).
- wifi: ath12k: add channel 2 into 6 GHz channel list (bsc#1240998).
- wifi: ath12k: add EMA beacon support (bsc#1240998).
- wifi: ath12k: Add firmware coredump collection support (bsc#1240998).
- wifi: ath12k: Add htt_stats_dump file ops support (bsc#1240998).
- wifi: ath12k: add hw_link_id in ath12k_pdev (bsc#1240998).
- wifi: ath12k: Add lock to protect the hardware state (bsc#1240998).
- wifi: ath12k: add MBSSID beacon support (bsc#1240998).
- wifi: ath12k: Add missing htt_metadata flag in ath12k_dp_tx() (bsc#1240998).
- wifi: ath12k: add missing lockdep_assert_wiphy() for ath12k_mac_op_ functions (bsc#1240998).
- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).
- wifi: ath12k: add multi device support for WBM idle ring buffer setup (bsc#1240998).
- wifi: ath12k: add multiple radio support in a single MAC HW un/register (bsc#1240998).
- wifi: ath12k: add panic handler (bsc#1240998).
- wifi: ath12k: Add support to enable debugfs_htt_stats (bsc#1240998).
- wifi: ath12k: add support to handle beacon miss for WCN7850 (bsc#1240998).
- wifi: ath12k: Add support to parse requested stats_type (bsc#1240998).
- wifi: ath12k: add WoW net-detect functionality (bsc#1240998).
- wifi: ath12k: advertise driver capabilities for MBSSID and EMA (bsc#1240998).
- wifi: ath12k: allocate dummy net_device dynamically (bsc#1240998).
- wifi: ath12k: ath12k_mac_op_set_key(): fix uninitialized symbol 'ret' (bsc#1240998).
- wifi: ath12k: ath12k_mac_op_sta_state(): clean up update_wk cancellation (bsc#1240998).
- wifi: ath12k: ath12k_mac_set_key(): remove exit label (bsc#1240998).
- wifi: ath12k: Avoid -Wflex-array-member-not-at-end warnings (bsc#1240998).
- wifi: ath12k: avoid double SW2HW_MACID conversion (bsc#1240998).
- wifi: ath12k: avoid duplicated vdev down (bsc#1240998).
- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).
- wifi: ath12k: avoid redundant code in Rx cookie conversion init (bsc#1240998).
- wifi: ath12k: avoid stopping mac80211 queues in ath12k_core_restart() (bsc#1240998).
- wifi: ath12k: avoid unnecessary MSDU drop in the Rx error process (bsc#1240998).
- wifi: ath12k: Cache vdev configs before vdev create (bsc#1240998).
- wifi: ath12k: change supports_suspend to true for WCN7850 (bsc#1240998).
- wifi: ath12k: cleanup unneeded labels (bsc#1240998).
- wifi: ath12k: configure MBSSID parameters in AP mode (bsc#1240998).
- wifi: ath12k: configure MBSSID params in vdev create/start (bsc#1240998).
- wifi: ath12k: convert struct ath12k_sta::update_wk to use struct wiphy_work (bsc#1240998).
- wifi: ath12k: correct the capital word typo (bsc#1240998).
- wifi: ath12k: create a structure for WMI vdev up parameters (bsc#1240998).
- wifi: ath12k: debugfs: radar simulation support (bsc#1240998).
- wifi: ath12k: decrease MHI channel buffer length to 8KB (bsc#1240998).
- wifi: ath12k: delete NSS and TX power setting for monitor vdev (bsc#1240998).
- wifi: ath12k: displace the Tx and Rx descriptor in cookie conversion table (bsc#1240998).
- wifi: ath12k: do not dump SRNG statistics during resume (bsc#1240998).
- wifi: ath12k: do not process consecutive RDDM event (bsc#1240998).
- wifi: ath12k: do not use %pK in dmesg format strings (bsc#1240998).
- wifi: ath12k: Dump additional Tx PDEV HTT stats (bsc#1240998).
- wifi: ath12k: dynamic VLAN support (bsc#1240998).
- wifi: ath12k: dynamically update peer puncturing bitmap for STA (bsc#1240998).
- wifi: ath12k: enable service flag for survey dump stats (bsc#1240998).
- wifi: ath12k: enable WIPHY_FLAG_DISABLE_WEXT (bsc#1240998).
- wifi: ath12k: extend the link capable flag (bsc#1240998).
- wifi: ath12k: fetch correct radio based on vdev status (bsc#1240998).
- wifi: ath12k: Fetch regdb.bin file from board-2.bin (stable-fixes).
- wifi: ath12k: fix a possible dead lock caused by ab->base_lock (stable-fixes).
- wifi: ath12k: fix A-MSDU indication in monitor mode (bsc#1240998).
- wifi: ath12k: fix ack signal strength calculation (bsc#1240998).
- wifi: ath12k: fix ACPI warning when resume (bsc#1240998).
- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).
- wifi: ath12k: Fix buffer overflow in debugfs (bsc#1240998).
- wifi: ath12k: fix build vs old compiler (bsc#1240998).
- wifi: ath12k: fix calling correct function for rx monitor mode (bsc#1240998).
- wifi: ath12k: fix cleanup path after mhi init (git-fixes).
- wifi: ath12k: fix desc address calculation in wbm tx completion (bsc#1240998).
- wifi: ath12k: Fix devmem address prefix when logging (bsc#1240998).
- wifi: ath12k: fix driver initialization for WoW unsupported devices (bsc#1240998).
- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).
- wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes).
- wifi: ath12k: fix flush failure in recovery scenarios (bsc#1240998).
- wifi: ath12k: Fix for out-of bound access error (bsc#1240998).
- wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (git-fixes).
- wifi: ath12k: fix hal_rx_buf_return_buf_manager documentation (bsc#1240998).
- wifi: ath12k: fix incorrect CE addresses (stable-fixes).
- wifi: ath12k: fix invalid access to memory (git-fixes).
- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).
- wifi: ath12k: fix key cache handling (bsc#1240998).
- wifi: ath12k: fix legacy peer association due to missing HT or 6 GHz capabilities (bsc#1240998).
- wifi: ath12k: fix link capable flags (bsc#1240998).
- wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes).
- wifi: ath12k: fix mac id extraction when MSDU spillover in rx error path (bsc#1240998).
- wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes).
- wifi: ath12k: fix mbssid max interface advertisement (bsc#1240998).
- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).
- wifi: ath12k: fix missing endianness conversion in wmi_vdev_create_cmd() (bsc#1240998).
- wifi: ath12k: fix misspelling of 'dma' in num_rxmda_per_pdev (bsc#1240998).
- wifi: ath12k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath12k: fix NULL pointer access in ath12k_mac_op_get_survey() (bsc#1240998).
- wifi: ath12k: fix one more memcpy size error (bsc#1240998).
- wifi: ath12k: Fix pdev id sent to firmware for single phy devices (bsc#1240998).
- wifi: ath12k: fix per pdev debugfs registration (bsc#1240998).
- wifi: ath12k: fix reusing outside iterator in ath12k_wow_vif_set_wakeups() (bsc#1240998).
- wifi: ath12k: fix ring-buffer corruption (git-fixes).
- wifi: ath12k: fix skb_ext_desc leak in ath12k_dp_tx() error path (bsc#1240998).
- wifi: ath12k: fix Smatch warnings on ath12k_core_suspend() (bsc#1240998).
- wifi: ath12k: fix struct hal_rx_mpdu_start (bsc#1240998).
- wifi: ath12k: fix struct hal_rx_phyrx_rssi_legacy_info (bsc#1240998).
- wifi: ath12k: fix struct hal_rx_ppdu_end_user_stats (bsc#1240998).
- wifi: ath12k: fix struct hal_rx_ppdu_start (bsc#1240998).
- wifi: ath12k: fix survey dump collection in 6 GHz (bsc#1240998).
- wifi: ath12k: fix the ampdu id fetch in the HAL_RX_MPDU_START TLV (stable-fixes).
- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).
- wifi: ath12k: fix the stack frame size warning in ath12k_mac_op_hw_scan (bsc#1240998).
- wifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup() (bsc#1240998).
- wifi: ath12k: Fix WARN_ON during firmware crash in split-phy (bsc#1240998).
- wifi: ath12k: fix warning on DMA ring capabilities event (bsc#1240998).
- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).
- wifi: ath12k: flush all packets before suspend (bsc#1240998).
- wifi: ath12k: Handle error cases during extended skb allocation (git-fixes).
- wifi: ath12k: handle keepalive during WoWLAN suspend and resume (bsc#1240998).
- wifi: ath12k: handle symlink cleanup for per pdev debugfs dentry (bsc#1240998).
- wifi: ath12k: implement hardware data filter (bsc#1240998).
- wifi: ath12k: implement WoW enable and wakeup commands (bsc#1240998).
- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).
- wifi: ath12k: improve the rx descriptor error information (bsc#1240998).
- wifi: ath12k: initial debugfs support (bsc#1240998).
- wifi: ath12k: Introduce device index (bsc#1240998).
- wifi: ath12k: make read-only array svc_id static const (bsc#1240998).
- wifi: ath12k: Modify add and remove chanctx ops for single wiphy support (bsc#1240998).
- wifi: ath12k: modify ath12k mac start/stop ops for single wiphy (bsc#1240998).
- wifi: ath12k: modify ath12k_get_arvif_iter() for MLO (bsc#1240998).
- wifi: ath12k: modify ath12k_mac_op_bss_info_changed() for MLO (bsc#1240998).
- wifi: ath12k: modify ath12k_mac_op_set_key() for MLO (bsc#1240998).
- wifi: ath12k: modify ath12k_mac_vif_chan() for MLO (bsc#1240998).
- wifi: ath12k: modify link arvif creation and removal for MLO (bsc#1240998).
- wifi: ath12k: Modify print_array_to_buf() to support arrays with 1-based semantics (bsc#1240998).
- wifi: ath12k: modify regulatory support for single wiphy architecture (bsc#1240998).
- wifi: ath12k: modify remain on channel for single wiphy (bsc#1240998).
- wifi: ath12k: Modify rts threshold mac op for single wiphy (bsc#1240998).
- wifi: ath12k: Modify set and get antenna mac ops for single wiphy (bsc#1240998).
- wifi: ath12k: move txbaddr/rxbaddr into struct ath12k_dp (bsc#1240998).
- wifi: ath12k: no need to handle pktlog during suspend/resume (bsc#1240998).
- wifi: ath12k: Optimize the lock contention of used list in Rx data path (bsc#1240998).
- wifi: ath12k: pass ath12k_link_vif instead of vif/ahvif (bsc#1240998).
- wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes).
- wifi: ath12k: prepare sta data structure for MLO handling (bsc#1240998).
- wifi: ath12k: prepare vif config caching for MLO (bsc#1240998).
- wifi: ath12k: prepare vif data structure for MLO handling (bsc#1240998).
- wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash (bsc#1240998).
- wifi: ath12k: read single_chip_mlo_support parameter from QMI PHY capability (bsc#1240998).
- wifi: ath12k: rearrange IRQ enable/disable in reset path (bsc#1240998).
- wifi: ath12k: refactor arvif security parameter configuration (bsc#1240998).
- wifi: ath12k: refactor ath12k_hw_regs structure (stable-fixes).
- wifi: ath12k: Refactor data path cmem init (bsc#1240998).
- wifi: ath12k: Refactor error handler of Rxdma replenish (bsc#1240998).
- wifi: ath12k: Refactor idle ring descriptor setup (bsc#1240998).
- wifi: ath12k: refactor rx descriptor CMEM configuration (bsc#1240998).
- wifi: ath12k: Refactor Rxdma buffer replinish argument (bsc#1240998).
- wifi: ath12k: refactor SMPS configuration (bsc#1240998).
- wifi: ath12k: Refactor the hardware cookie conversion init (bsc#1240998).
- wifi: ath12k: Refactor the hardware recovery procedure (bsc#1240998).
- wifi: ath12k: Refactor the hardware state (bsc#1240998).
- wifi: ath12k: remove duplicate definition of MAX_RADIOS (bsc#1240998).
- wifi: ath12k: remove duplicate definitions in wmi.h (bsc#1240998).
- wifi: ath12k: remove invalid peer create logic (bsc#1240998).
- wifi: ath12k: remove MHI LOOPBACK channels (bsc#1240998).
- wifi: ath12k: remove obsolete struct wmi_start_scan_arg (bsc#1240998).
- wifi: ath12k: remove redundant peer delete for WCN7850 (bsc#1240998).
- wifi: ath12k: Remove unsupported tx monitor handling (bsc#1240998).
- wifi: ath12k: Remove unused ath12k_base from ath12k_hw (bsc#1240998).
- wifi: ath12k: Remove unused tcl_*_ring configuration (bsc#1240998).
- wifi: ath12k: remove unused variable monitor_flags (bsc#1240998).
- wifi: ath12k: remove unused variable monitor_present (bsc#1240998).
- wifi: ath12k: rename MBSSID fields in wmi_vdev_up_cmd (bsc#1240998).
- wifi: ath12k: Replace 'chip' with 'device' in hal Rx return buffer manager (bsc#1240998).
- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).
- wifi: ath12k: Resolve multicast packet drop by populating key_cipher in ath12k_install_key() (bsc#1240998).
- wifi: ath12k: restore ASPM for supported hardwares only (bsc#1240998).
- wifi: ath12k: scan statemachine changes for single wiphy (bsc#1240998).
- wifi: ath12k: set mlo_capable_flags based on QMI PHY capability (bsc#1240998).
- wifi: ath12k: skip sending vdev down for channel switch (bsc#1240998).
- wifi: ath12k: support ARP and NS offload (bsc#1240998).
- wifi: ath12k: Support BE OFDMA Pdev Rate Stats (bsc#1240998).
- wifi: ath12k: Support DMAC Reset Stats (bsc#1240998).
- wifi: ath12k: support get_survey mac op for single wiphy (bsc#1240998).
- wifi: ath12k: support GTK rekey offload (bsc#1240998).
- wifi: ath12k: Support pdev CCA Stats (bsc#1240998).
- wifi: ath12k: Support pdev error stats (bsc#1240998).
- wifi: ath12k: Support Pdev OBSS Stats (bsc#1240998).
- wifi: ath12k: Support Pdev Scheduled Algorithm Stats (bsc#1240998).
- wifi: ath12k: Support pdev Transmit Multi-user stats (bsc#1240998).
- wifi: ath12k: Support Ring and SFM stats (bsc#1240998).
- wifi: ath12k: Support Self-Generated Transmit stats (bsc#1240998).
- wifi: ath12k: support SMPS configuration for 6 GHz (bsc#1240998).
- wifi: ath12k: support suspend/resume (bsc#1240998).
- wifi: ath12k: Support TQM stats (bsc#1240998).
- wifi: ath12k: Support Transmit DE stats (bsc#1240998).
- wifi: ath12k: Support Transmit Scheduler stats (bsc#1240998).
- wifi: ath12k: switch to using wiphy_lock() and remove ar->conf_mutex (bsc#1240998).
- wifi: ath12k: unregister per pdev debugfs (bsc#1240998).
- wifi: ath12k: update ath12k_mac_op_conf_tx() for MLO (bsc#1240998).
- wifi: ath12k: update ath12k_mac_op_update_vif_offload() for MLO (bsc#1240998).
- wifi: ath12k: use 128 bytes aligned iova in transmit path for WCN7850 (bsc#1240998).
- wifi: ath12k: use correct MAX_RADIOS (bsc#1240998).
- wifi: ath12k: use tail MSDU to get MSDU information (bsc#1240998).
- wifi: ath12k: using msdu end descriptor to check for rx multicast packets (stable-fixes).
- wifi: ath12k: vdev statemachine changes for single wiphy (bsc#1240998).
- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).
- wifi: ath9k: return by of_get_mac_address (stable-fixes).
- wifi: carl9170: do not ping device which has failed to load firmware (git-fixes).
- wifi: cfg80211: allow IR in 20 MHz configurations (stable-fixes).
- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).
- wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes).
- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).
- wifi: iwlwifi: do not warn during reprobe (stable-fixes).
- wifi: iwlwifi: do not warn when if there is a FW error (stable-fixes).
- wifi: iwlwifi: fix debug actions order (stable-fixes).
- wifi: iwlwifi: fix the ECKV UEFI variable name (stable-fixes).
- wifi: iwlwifi: mark Br device not integrated (stable-fixes).
- wifi: iwlwifi: mvm: fix beacon CCK flag (stable-fixes).
- wifi: iwlwifi: mvm: fix setting the TK when associated (stable-fixes).
- wifi: iwlwifi: pcie: make sure to lock rxq->read (stable-fixes).
- wifi: iwlwifi: use correct IMR dump variable (stable-fixes).
- wifi: iwlwifi: w/a FW SMPS mode selection (stable-fixes).
- wifi: mac80211_hwsim: Fix MLD address translation (stable-fixes).
- wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes).
- wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes).
- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).
- wifi: mac80211: fix beacon interval calculation overflow (git-fixes).
- wifi: mac80211: fix warning on disconnect during failed ML reconf (stable-fixes).
- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).
- wifi: mac80211: set ieee80211_prep_tx_info::link_id upon Auth Rx (stable-fixes).
- wifi: mac80211: validate SCAN_FLAG_AP in scan request during MLO (stable-fixes).
- wifi: mac80211: VLAN traffic in multicast path (stable-fixes).
- wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes).
- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).
- wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes).
- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).
- wifi: mt76: mt7925: fix fails to enter low power mode in suspend state (stable-fixes).
- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).
- wifi: mt76: mt7925: introduce thermal protection (stable-fixes).
- wifi: mt76: mt7925: load the appropriate CLC data based on hardware type (stable-fixes).
- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).
- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).
- wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes).
- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).
- wifi: mt76: mt7996: revise TXS size (stable-fixes).
- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).
- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).
- wifi: mwifiex: Fix HT40 bandwidth issue (stable-fixes).
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).
- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).
- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).
- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).
- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).
- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (git-fixes).
- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).
- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).
- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).
- wifi: rtw89: 8922a: fix incorrect STA-ID in EHT MU PPDU (stable-fixes).
- wifi: rtw89: 8922a: fix TX fail with wrong VCO setting (stable-fixes).
- wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet (stable-fixes).
- wifi: rtw89: call power_on ahead before selecting firmware (stable-fixes).
- wifi: rtw89: fw: get sb_sel_ver via get_unaligned_le32() (stable-fixes).
- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).
- wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes).
- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).
- wifi: rtw89: phy: add dummy C2H event handler for report of TAS power (stable-fixes).
- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (stable-fixes).
- workqueue: Initialize wq_isolated_cpumask in workqueue_init_early() (bsc#1245101 jsc#PED-11934).
- x86: Start moving AMD node functionality out of AMD_NB (jsc#PED-13094).
- x86/acpi: Fix LAPIC/x2APIC parsing order (git-fixes).
- x86/amd_nb, hwmon: (k10temp): Simplify amd_pci_dev_to_node_id() (jsc#PED-13094).
- x86/amd_nb: Clean up early_is_amd_nb() (jsc#PED-13094).
- x86/amd_nb: Move SMN access code to a new amd_node driver (jsc#PED-13094).
- x86/amd_nb: Restrict init function to AMD-based systems (jsc#PED-13094).
- x86/amd_nb: Simplify function 4 search (jsc#PED-13094).
- x86/amd_nb: Simplify root device search (jsc#PED-13094).
- x86/amd_node: Add SMN offsets to exclusive region access (jsc#PED-13094).
- x86/amd_node: Add support for debugfs access to SMN registers (jsc#PED-13094).
- x86/amd_node: Remove dependency on AMD_NB (jsc#PED-13094).
- x86/amd_node: Update __amd_smn_rw() error paths (jsc#PED-13094).
- x86/amd_node: Use defines for SMN register offsets (jsc#PED-13094).
- x86/fred/signal: Prevent immediate repeat of single step trap on return from SIGTRAP handler (git-fixes).
- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).
- x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).
- x86/mce/amd: Remove shared threshold bank plumbing (jsc#PED-13094).
- x86/microcode: Consolidate the loader enablement checking (git-fixes).
- x86/microcode/AMD: Add get_patch_level() (git-fixes).
- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).
- x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes).
- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).
- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).
- x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes).
- x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes).
- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).
- x86/mm/init: Handle the special case of device private pages in add_pages(), to not increase max_pfn and trigger dma_addressing_limited() bounce buffers (git-fixes).
- x86/platform/amd: Move the <asm/amd_hsmp.h> header to <asm/amd/hsmp.h> (jsc#PED-13094).
- x86/sev: Add SVSM vTPM probe/send_command functions (bsc#1241191).
- x86/sev: Provide guest VMPL level to userspace (bsc#1241191).
- x86/sev: Register tpm-svsm platform device (bsc#1241191).
- x86/xen: fix balloon target initialization for PVH dom0 (git-fixes).
- xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)
- xen/x86: fix initial memory balloon target (git-fixes).
- xhci: dbc: Avoid event polling busyloop if pending rx transfers are inactive (git-fixes).
- xsk: always clear DMA mapping information when unmapping the pool (git-fixes).
Patchnames
SUSE-2025-2254,SUSE-SLE-Module-Public-Cloud-15-SP7-2025-2254
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).\n- CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728).\n- CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913).\n- CVE-2024-57995: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() (bsc#1237895).\n- CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982).\n- CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859).\n- CVE-2025-21868: kABI workaround for adding an header (bsc#1240180).\n- CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610).\n- CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577).\n- CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).\n- CVE-2025-21938: mptcp: fix \u0027scheduling while atomic\u0027 in mptcp_pm_nl_append_new_local_addr (bsc#1240723).\n- CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814).\n- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).\n- CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544).\n- CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572).\n- CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617).\n- CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573).\n- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).\n- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).\n- CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).\n- CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521).\n- CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725).\n- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).\n- CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850).\n- CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907).\n- CVE-2025-37837: iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent() (bsc#1242952).\n- CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946).\n- CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051).\n- CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982).\n- CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954).\n- CVE-2025-37874: net: ngbe: fix memory leak in ngbe_probe() error path (bsc#1242940).\n- CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060).\n- CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467).\n- CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475).\n- CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480).\n- CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551).\n- CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620).\n- CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628).\n- CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU\u0027s value (bsc#1243537).\n- CVE-2025-37938: tracing: Verify event formats that have \u0027%*p..\u0027 (bsc#1243544).\n- CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538).\n- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).\n- CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523).\n- CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572).\n- CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571).\n- CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542).\n- CVE-2025-37992: net_sched: Flush gso_skb list too during -\u003echange() (bsc#1243698).\n- CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827).\n- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).\n- CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836).\n- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).\n- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).\n- CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729).\n- CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999).\n- CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746).\n- CVE-2025-38055: perf/x86/intel: Fix segfault with PEBS-via-PT with sample_freq (bsc#1244747).\n- CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862).\n- CVE-2025-38060: bpf: abort verification if env-\u003ecur_state-\u003eloop_entry != NULL (bsc#1245155).\n- CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743).\n\nThe following non-security bugs were fixed:\n\n- accel/ivpu: Improve buffer object logging (git-fixes).\n- accel/ivpu: Use dma_resv_lock() instead of a custom mutex (git-fixes).\n- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).\n- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).\n- ACPI: Add missing prototype for non CONFIG_SUSPEND/CONFIG_X86 case (stable-fixes).\n- ACPI: battery: negate current when discharging (stable-fixes).\n- ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes).\n- ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes).\n- ACPI: HED: Always initialize before evged (stable-fixes).\n- ACPI: OSI: Stop advertising support for \u00273.0 _SCP Extensions\u0027 (git-fixes).\n- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).\n- ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes).\n- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).\n- ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes).\n- ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).\n- ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes).\n- ACPICA: Utilities: Fix spelling mistake \u0027Incremement\u0027 -\u003e \u0027Increment\u0027 (git-fixes).\n- ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes).\n- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).\n- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).\n- ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes).\n- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).\n- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes).\n- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).\n- ALSA: seq: Improve data consistency at polling (stable-fixes).\n- ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes).\n- ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes).\n- ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes).\n- ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).\n- ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).\n- ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes).\n- ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes).\n- ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes).\n- ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git-fixes).\n- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes).\n- ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes).\n- ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes).\n- ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes).\n- ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes).\n- ALSA: usb-audio: Skip setting clock selector for single connections (stable-fixes).\n- ALSA: usb-audio: Support multiple control interfaces (stable-fixes).\n- ALSA: usb-audio: Support read-only clock selector control (stable-fixes).\n- arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)\n- ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes).\n- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).\n- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).\n- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).\n- ASoC: cs42l43: Disable headphone clamps during type detection (stable-fixes).\n- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).\n- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).\n- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).\n- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).\n- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).\n- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).\n- ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY() (git-fixes).\n- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).\n- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).\n- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).\n- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).\n- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).\n- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).\n- ASoC: SOF: Intel: hda-bus: Use PIO mode on ACE2+ platforms (git-fixes).\n- ASoC: SOF: ipc4-pcm: Adjust pipeline_list-\u003epipelines allocation type (git-fixes).\n- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).\n- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).\n- ASoC: tas2764: Enable main IRQs (git-fixes).\n- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).\n- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).\n- ASoC: tas2764: Reinit cache on part reset (git-fixes).\n- ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes).\n- ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes).\n- ASoC: ti: omap-hdmi: Re-add dai_link-\u003eplatform to fix card init (git-fixes).\n- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes).\n- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes).\n- ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes).\n- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).\n- Bluetooth: btintel_pcie: Fix driver not posting maximum rx buffers (git-fixes).\n- Bluetooth: btintel_pcie: Increase the tx and rx descriptor count (git-fixes).\n- Bluetooth: btintel_pcie: Reduce driver buffer posting to prevent race condition (git-fixes).\n- Bluetooth: btintel: Check dsbr size from EFI variable (git-fixes).\n- Bluetooth: eir: Fix possible crashes on eir_create_adv_data (git-fixes).\n- Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes).\n- Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git-fixes).\n- Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes).\n- Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes).\n- Bluetooth: hci_event: Fix not using key encryption size when its known (git-fixes).\n- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).\n- Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes).\n- Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes).\n- Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).\n- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).\n- Bluetooth: MGMT: Fix sparse errors (git-fixes).\n- Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes).\n- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).\n- Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes).\n- Bluetooth: Remove pending ACL connection attempts (stable-fixes).\n- bnxt: properly flush XDP redirect lists (git-fixes).\n- bpf: Force uprobe bpf program to always return 0 (git-fixes).\n- btrfs: fix fsync of files with no hard links not persisting deletion (git-fixes).\n- btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes).\n- btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes).\n- btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes).\n- btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes).\n- btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes).\n- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).\n- bus: fsl-mc: fix double-free on mc_dev (git-fixes).\n- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).\n- bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes).\n- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).\n- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes).\n- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).\n- can: tcan4x5x: fix power regulator retrieval during probe (git-fixes).\n- ceph: allocate sparse_ext map only for sparse reads (git-fixes).\n- ceph: Fix incorrect flush end position calculation (git-fixes).\n- ceph: fix memory leaks in __ceph_sync_read() (git-fixes).\n- cgroup/cpuset: Do not allow creation of local partition over a remote one (bsc#1241166).\n- cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166).\n- cifs: change tcon status when need_reconnect is set on it (git-fixes).\n- clocksource: Fix brown-bag boolean thinko in (git-fixes)\n- clocksource: Make watchdog and suspend-timing multiplication (git-fixes)\n- crypto: lrw - Only add ecb if it is not already there (git-fixes).\n- crypto: lzo - Fix compression buffer overrun (stable-fixes).\n- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).\n- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).\n- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).\n- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).\n- crypto: qat - add shutdown handler to qat_420xx (git-fixes).\n- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).\n- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).\n- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).\n- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).\n- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).\n- crypto: xts - Only add ecb if it is not already there (git-fixes).\n- devlink: fix port dump cmd type (git-fixes).\n- devlink: Fix referring to hw_addr attribute during state validation (git-fixes).\n- dlm: mask sk_shutdown value (bsc#1228854).\n- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).\n- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).\n- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).\n- drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes).\n- drm: Add valid clones check (stable-fixes).\n- drm: bridge: adv7511: fill stream capabilities (stable-fixes).\n- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).\n- drm/amd: Adjust output for discovery error handling (git-fixes).\n- drm/amd/display: Add debugging message for brightness caps (bsc#1240650).\n- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).\n- drm/amd/display: Add support for disconnected eDP streams (stable-fixes).\n- drm/amd/display: calculate the remain segments for all pipes (stable-fixes).\n- drm/amd/display: Call FP Protect Before Mode Programming/Mode Support (stable-fixes).\n- drm/amd/display: check stream id dml21 wrapper to get plane_id (stable-fixes).\n- drm/amd/display: Configure DTBCLK_P with OPTC only for dcn401 (stable-fixes).\n- drm/amd/display: Correct timing_adjust_pending flag setting (stable-fixes).\n- drm/amd/display: Defer BW-optimization-blocked DRR adjustments (git-fixes).\n- drm/amd/display: Do not enable replay when vtotal update is pending (stable-fixes).\n- drm/amd/display: Do not treat wb connector as physical in create_validate_stream_for_sink (stable-fixes).\n- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).\n- drm/amd/display: Ensure DMCUB idle before reset on DCN31/DCN35 (stable-fixes).\n- drm/amd/display: Fix BT2020 YCbCr limited/full range input (stable-fixes).\n- drm/amd/display: fix dcn4x init failed (stable-fixes).\n- drm/amd/display: Fix default DC and AC levels (bsc#1240650).\n- drm/amd/display: Fix DMUB reset sequence for DCN401 (stable-fixes).\n- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).\n- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).\n- drm/amd/display: Fix p-state type when p-state is unsupported (stable-fixes).\n- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).\n- drm/amd/display: Guard against setting dispclk low when active (stable-fixes).\n- drm/amd/display: handle max_downscale_src_width fail check (stable-fixes).\n- drm/amd/display: Increase block_sequence array size (stable-fixes).\n- drm/amd/display: Initial psr_version with correct setting (stable-fixes).\n- drm/amd/display: not abort link train when bw is low (stable-fixes).\n- drm/amd/display: pass calculated dram_speed_mts to dml2 (stable-fixes).\n- drm/amd/display: Populate register address for dentist for dcn401 (stable-fixes).\n- drm/amd/display: Read LTTPR ALPM caps during link cap retrieval (stable-fixes).\n- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).\n- drm/amd/display: Request HW cursor on DCN3.2 with SubVP (stable-fixes).\n- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).\n- drm/amd/display: Support multiple options during psr entry (stable-fixes).\n- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).\n- drm/amd/display: Use Nominal vBlank If Provided Instead Of Capping It (stable-fixes).\n- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).\n- drm/amd/pm: Fetch current power limit from PMFW (stable-fixes).\n- drm/amd/pm: Skip P2S load for SMU v13.0.12 (stable-fixes).\n- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).\n- drm/amdgpu: adjust drm_firmware_drivers_only() handling (stable-fixes).\n- drm/amdgpu: Allow P2P access through XGMI (stable-fixes).\n- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).\n- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).\n- drm/amdgpu: Fix missing drain retry fault the last entry (stable-fixes).\n- drm/amdgpu: Fix the race condition for draining retry fault (stable-fixes).\n- drm/amdgpu: read back register after written for VCN v4.0.5 (stable-fixes).\n- drm/amdgpu: release xcp_mgr on exit (stable-fixes).\n- drm/amdgpu: remove all KFD fences from the BO on release (stable-fixes).\n- drm/amdgpu: reset psp-\u003ecmd to NULL after releasing the buffer (stable-fixes).\n- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).\n- drm/amdgpu: Skip pcie_replay_count sysfs creation for VF (stable-fixes).\n- drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).\n- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).\n- drm/amdgpu: Use active umc info from discovery (stable-fixes).\n- drm/amdgpu/discovery: check ip_discovery fw file available (stable-fixes).\n- drm/amdgpu/gfx11: do not read registers in mqd init (stable-fixes).\n- drm/amdgpu/gfx12: do not read registers in mqd init (stable-fixes).\n- drm/amdgpu/mes11: fix set_hw_resources_1 calculation (stable-fixes).\n- drm/amdkfd: Correct F8_MODE for gfx950 (git-fixes).\n- drm/amdkfd: fix missing L2 cache info in topology (stable-fixes).\n- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).\n- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).\n- drm/amdkfd: Set per-process flags only once for gfx9/10/11/12 (stable-fixes).\n- drm/amdkfd: set precise mem ops caps to disabled for gfx 11 and 12 (stable-fixes).\n- drm/ast: Find VBIOS mode from regular display size (stable-fixes).\n- drm/ast: Fix comment on modeset lock (git-fixes).\n- drm/atomic: clarify the rules around drm_atomic_state-\u003eallow_modeset (stable-fixes).\n- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).\n- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).\n- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).\n- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).\n- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).\n- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).\n- drm/buddy: fix issue that force_merge cannot free all roots (stable-fixes).\n- drm/etnaviv: Protect the scheduler\u0027s pending list with its lock (git-fixes).\n- drm/i915: fix build error some more (git-fixes).\n- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).\n- drm/i915/guc: Check if expecting reply before decrementing outstanding_submission_g2h (git-fixes).\n- drm/i915/guc: Handle race condition where wakeref count drops below 0 (git-fixes).\n- drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes).\n- drm/i915/psr: Fix using wrong mask in REG_FIELD_PREP (git-fixes).\n- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).\n- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).\n- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).\n- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).\n- drm/msm: Fix CP_RESET_CONTEXT_STATE bitfield names (git-fixes).\n- drm/msm/a6xx: Disable rgb565_predicator on Adreno 7c3 (git-fixes).\n- drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (git-fixes).\n- drm/msm/disp: Correct porch timing for SDM845 (git-fixes).\n- drm/msm/dpu: Clear CTL_FETCH_PIPE_ACTIVE before blend setup (git-fixes).\n- drm/msm/dpu: Clear CTL_FETCH_PIPE_ACTIVE on ctl_path reset (git-fixes).\n- drm/msm/dpu: enable SmartDMA on SC8180X (git-fixes).\n- drm/msm/dpu: enable SmartDMA on SM8150 (git-fixes).\n- drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes).\n- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).\n- drm/nouveau: fix the broken marco GSP_MSG_MAX_SIZE (stable-fixes).\n- drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes).\n- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).\n- drm/panel-simple: fix the warnings for the Evervision VGG644804 (git-fixes).\n- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).\n- drm/panic: add missing space (git-fixes).\n- drm/panthor: Fix GPU_COHERENCY_ACE[_LITE] definitions (git-fixes).\n- drm/panthor: Update panthor_mmu::irq::mask when needed (git-fixes).\n- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).\n- drm/rockchip: vop2: Improve display modes handling on RK3588 HDMI0 (stable-fixes).\n- drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).\n- drm/tegra: Assign plane type before registration (git-fixes).\n- drm/tegra: Fix a possible null pointer dereference (git-fixes).\n- drm/tegra: rgb: Fix the unbound reference count (git-fixes).\n- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).\n- drm/v3d: Add clock handling (stable-fixes).\n- drm/v3d: Avoid NULL pointer dereference in `v3d_job_update_stats()` (stable-fixes).\n- drm/vc4: tests: Use return instead of assert (git-fixes).\n- drm/vkms: Adjust vkms_state-\u003eactive_planes allocation type (git-fixes).\n- drm/vmwgfx: Add error path for xa_store in vmw_bo_add_detached_resource (git-fixes).\n- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).\n- drm/vmwgfx: Fix dumb buffer leak (git-fixes).\n- drm/xe: Create LRC BO without VM (git-fixes).\n- drm/xe: Do not attempt to bootstrap VF in execlists mode (stable-fixes).\n- drm/xe: Fix memset on iomem (git-fixes).\n- drm/xe: Fix xe_tile_init_noalloc() error propagation (stable-fixes).\n- drm/xe: Make xe_gt_freq part of the Documentation (git-fixes).\n- drm/xe: Move suballocator init to after display init (stable-fixes).\n- drm/xe: Nuke VM\u0027s mapping upon close (stable-fixes).\n- drm/xe: Process deferred GGTT node removals on device unwind (git-fixes).\n- drm/xe: Reject BO eviction if BO is bound to current VM (stable-fixes).\n- drm/xe: remove unmatched xe_vm_unlock() from __xe_exec_queue_init() (git-fixes).\n- drm/xe: Retry BO allocation (stable-fixes).\n- drm/xe: Rework eviction rejection of bound external bos (git-fixes).\n- drm/xe: Save the gt pointer in lrc and drop the tile (stable-fixes).\n- drm/xe: Stop ignoring errors from xe_ttm_stolen_mgr_init() (stable-fixes).\n- drm/xe: Wire up device shutdown handler (stable-fixes).\n- drm/xe: xe_gen_wa_oob: replace program_invocation_short_name (stable-fixes).\n- drm/xe/bmg: Update Wa_16023588340 (git-fixes).\n- drm/xe/d3cold: Set power state to D3Cold during s2idle/s3 (git-fixes).\n- drm/xe/debugfs: Add missing xe_pm_runtime_put in wedge_mode_set (stable-fixes).\n- drm/xe/debugfs: fixed the return value of wedged_mode_set (stable-fixes).\n- drm/xe/display: Add check for alloc_ordered_workqueue() (git-fixes).\n- drm/xe/gt: Update handling of xe_force_wake_get return (stable-fixes).\n- drm/xe/oa: Ensure that polled read returns latest data (stable-fixes).\n- drm/xe/pf: Create a link between PF and VF devices (stable-fixes).\n- drm/xe/pf: Reset GuC VF config when unprovisioning critical resource (stable-fixes).\n- drm/xe/relay: Do not use GFP_KERNEL for new transactions (stable-fixes).\n- drm/xe/sa: Always call drm_suballoc_manager_fini() (stable-fixes).\n- drm/xe/sched: stop re-submitting signalled jobs (git-fixes).\n- drm/xe/vf: Retry sending MMIO request to GUC on timeout error (stable-fixes).\n- drm/xe/vm: move rebind_work init earlier (git-fixes).\n- drm/xe/xe2hpg: Add Wa_22021007897 (stable-fixes).\n- dummycon: Trigger redraw when switching consoles with deferred takeover (git-fixes).\n- e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes).\n- efi/libstub: Describe missing \u0027out\u0027 parameter in efi_load_initrd (git-fixes).\n- fbcon: Make sure modelist not set on unregistered console (stable-fixes).\n- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).\n- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).\n- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).\n- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).\n- fbdev/efifb: Remove PM for parent device (bsc#1244261).\n- fgraph: Still initialize idle shadow stacks when starting (git-fixes).\n- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).\n- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).\n- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).\n- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).\n- firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes).\n- fpga: altera-cvp: Increase credit timeout (stable-fixes).\n- fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes).\n- gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).\n- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).\n- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).\n- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).\n- gpiolib: Revert \u0027Do not WARN on gpiod_put() for optional GPIO\u0027 (stable-fixes).\n- gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes).\n- gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes).\n- HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes).\n- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).\n- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).\n- HID: wacom: fix kobject reference count leak (git-fixes).\n- HID: wacom: fix memory leak on kobject creation failure (git-fixes).\n- HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes).\n- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).\n- hwmon: (dell-smm) Increment the number of fans (stable-fixes).\n- hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).\n- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).\n- hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes).\n- hwmon: (occ) fix unaligned accesses (git-fixes).\n- hwmon: (occ) Rework attribute registration for stack usage (git-fixes).\n- hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes).\n- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).\n- hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes).\n- i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes).\n- i2c: npcm: Add clock toggle recovery (stable-fixes).\n- i2c: pxa: fix call balance of i2c-\u003eclk handling routines (stable-fixes).\n- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).\n- i2c: robotfuzz-osif: disable zero-length read messages (git-fixes).\n- i2c: tegra: check msg length in SMBUS block read (bsc#1242086)\n- i2c: tiny-usb: disable zero-length read messages (git-fixes).\n- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).\n- i3c: master: svc: Fix missing STOP for master request (stable-fixes).\n- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).\n- i40e: retry VFLR handling if there is ongoing VF reset (git-fixes).\n- i40e: return false from i40e_reset_vf if reset is in progress (git-fixes).\n- IB/cm: Drop lockdep assert and WARN when freeing old msg (git-fixes)\n- ice: create new Tx scheduler nodes for new queues only (git-fixes).\n- ice: Fix LACP bonds without SRIOV environment (git-fixes).\n- ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes).\n- ice: fix Tx scheduler error handling in XDP callback (git-fixes).\n- ice: fix vf-\u003enum_mac count with port representors (git-fixes).\n- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).\n- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).\n- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).\n- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).\n- iio: filter: admv8818: fix band 4, state 15 (git-fixes).\n- iio: filter: admv8818: fix integer overflow (git-fixes).\n- iio: filter: admv8818: fix range calculation (git-fixes).\n- iio: filter: admv8818: Support frequencies \u003e= 2^32 (git-fixes).\n- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).\n- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).\n- ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650).\n- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).\n- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).\n- Input: sparcspkr - avoid unannotated fall-through (stable-fixes).\n- Input: xpad - add more controllers (stable-fixes).\n- intel_th: avoid using deprecated page-\u003emapping, index fields (stable-fixes).\n- iommu: Protect against overflow in iommu_pgsize() (git-fixes).\n- iommu: Skip PASID validation for devices without PASID capability (bsc#1244100)\n- iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)\n- ip_tunnel: annotate data-races around t-\u003eparms.link (git-fixes).\n- ip6mr: fix tables suspicious RCU usage (git-fixes).\n- ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes).\n- ipmr: fix tables suspicious RCU usage (git-fixes).\n- ipv4: Convert ip_route_input() to dscp_t (git-fixes).\n- ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes).\n- ipv6: save dontfrag in cork (git-fixes).\n- ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes).\n- isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).\n- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).\n- jffs2: check that raw node were preallocated before writing summary (git-fixes).\n- KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199).\n- KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225).\n- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).\n- loop: add file_start_write() and file_end_write() (git-fixes).\n- loop: Add sanity check for read/write_iter (git-fixes).\n- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).\n- md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes).\n- md/raid1: Add check for missing source disk in process_checks() (git-fixes).\n- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).\n- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).\n- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).\n- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).\n- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).\n- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).\n- media: cx231xx: set device_caps for 417 (stable-fixes).\n- media: cxusb: no longer judge rbuf when the write fails (git-fixes).\n- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).\n- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).\n- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).\n- media: imx-jpeg: Cleanup after an allocation error (git-fixes).\n- media: imx-jpeg: Drop the first error frames (git-fixes).\n- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).\n- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).\n- media: intel/ipu6: Fix dma mask for non-secure mode (git-fixes).\n- media: ipu6: Remove workaround for Meteor Lake ES2 (git-fixes).\n- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).\n- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).\n- media: ov2740: Move pm-runtime cleanup on probe-errors to proper place (git-fixes).\n- media: ov5675: suppress probe deferral errors (git-fixes).\n- media: ov8856: suppress probe deferral errors (git-fixes).\n- media: platform: mtk-mdp3: Remove unused mdp_get_plat_device (git-fixes).\n- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).\n- media: rkvdec: Fix frame size enumeration (git-fixes).\n- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).\n- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).\n- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).\n- media: uvcvideo: Fix deferred probing error (git-fixes).\n- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).\n- media: uvcvideo: Return the number of processed controls (git-fixes).\n- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).\n- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).\n- media: venus: Fix probe error handling (git-fixes).\n- media: verisilicon: Free post processor buffers on error (git-fixes).\n- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).\n- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).\n- media: vivid: Change the siize of the composing (git-fixes).\n- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).\n- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).\n- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).\n- mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551).\n- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).\n- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).\n- mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551).\n- mmc: Add quirk to disable DDR50 tuning (stable-fixes).\n- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).\n- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).\n- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).\n- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).\n- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).\n- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).\n- neighbour: Do not let neigh_forced_gc() disable preemption for long (git-fixes).\n- net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).\n- net_sched: prio: fix a race in prio_tune() (git-fixes).\n- net_sched: red: fix a race in __red_change() (git-fixes).\n- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)\n- net_sched: sch_sfq: reject invalid perturb period (git-fixes).\n- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)\n- net_sched: tbf: fix a race in tbf_change() (git-fixes).\n- net: add rcu safety to rtnl_prop_list_size() (git-fixes).\n- net: Fix TOCTOU issue in sk_is_readable() (git-fixes).\n- net: fix udp gso skb_segment after pull from frag_list (git-fixes).\n- net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes).\n- net: ice: Perform accurate aRFS flow match (git-fixes).\n- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes).\n- net: ipv4: fix a memleak in ip_setup_cork (git-fixes).\n- net: linkwatch: use system_unbound_wq (git-fixes).\n- net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).\n- net: mana: Record doorbell physical address in PF mode (bsc#1244229).\n- net: page_pool: fix warning code (git-fixes).\n- net: phy: clear phydev-\u003edevlink when the link is deleted (git-fixes).\n- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).\n- net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538)\n- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).\n- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).\n- net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes).\n- net: sched: consistently use rcu_replace_pointer() in taprio_change() (git-fixes).\n- net: sched: em_text: fix possible memory leak in em_text_destroy() (git-fixes).\n- net: sched: fix erspan_opt settings in cls_flower (git-fixes).\n- net: usb: aqc111: debug info before sanitation (git-fixes).\n- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).\n- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).\n- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes).\n- net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes).\n- net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes).\n- net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes).\n- net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes).\n- net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes).\n- net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).\n- net/mlx5: Fix return value when searching for existing flow group (git-fixes).\n- net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).\n- net/neighbor: clear error in case strict check is not set (git-fixes).\n- net/sched: fix use-after-free in taprio_dev_notifier (git-fixes).\n- netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).\n- netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes).\n- netlink: specs: dpll: replace underscores with dashes in names (git-fixes).\n- netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).\n- netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes).\n- NFC: nci: uart: Set tty-\u003edisc_data only in success path (git-fixes).\n- NFS: Do not allow waiting for exiting tasks (git-fixes).\n- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).\n- nfsd: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).\n- nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes).\n- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).\n- NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes).\n- NFSv4: Treat ENETUNREACH errors as fatal for state recovery (git-fixes).\n- ntp: Clamp maxerror and esterror to operating range (git-fixes)\n- ntp: Remove invalid cast in time offset math (git-fixes)\n- ntp: Safeguard against time_constant overflow (git-fixes)\n- nvme-fc: do not reference lsrsp after failure (bsc#1245193).\n- nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes).\n- nvme-pci: add quirks for device 126f:1001 (git-fixes).\n- nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).\n- nvme: always punt polled uring_cmd end_io work to task_work (git-fixes).\n- nvme: fix command limits status code (git-fixes).\n- nvme: fix implicit bool to flags conversion (git-fixes).\n- nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).\n- nvmet-fc: take tgtport refs for portentry (bsc#1245193).\n- nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193).\n- nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193).\n- nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).\n- nvmet-fcloop: do not wait for lport cleanup (bsc#1245193).\n- nvmet-fcloop: drop response if targetport is gone (bsc#1245193).\n- nvmet-fcloop: prevent double port deletion (bsc#1245193).\n- nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).\n- nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193).\n- nvmet-fcloop: remove nport from list on last user (bsc#1245193).\n- nvmet-fcloop: track ref counts for nports (bsc#1245193).\n- nvmet-fcloop: update refs on tfcp_req (bsc#1245193).\n- orangefs: Do not truncate file size (git-fixes).\n- page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes).\n- PCI: Add ACS quirk for Loongson PCIe (stable-fixes).\n- PCI: apple: Set only available ports up (git-fixes).\n- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).\n- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).\n- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).\n- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).\n- PCI: cadence: Fix runtime atomic count underflow (git-fixes).\n- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).\n- PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes).\n- PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes).\n- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).\n- PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).\n- PCI: Explicitly put devices into D0 when initializing (git-fixes).\n- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).\n- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).\n- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).\n- PCI/DPC: Initialize aer_err_info before using it (git-fixes).\n- PCI/DPC: Log Error Source ID only when valid (git-fixes).\n- PCI/DPC: Use defines with DPC reason fields (git-fixes).\n- PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes).\n- PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes).\n- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).\n- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).\n- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).\n- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes).\n- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).\n- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs \u003e 31 (git-fixes).\n- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).\n- pinctrl: bcm281xx: Use \u0027unsigned int\u0027 instead of bare \u0027unsigned\u0027 (stable-fixes).\n- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).\n- pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes).\n- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).\n- pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).\n- pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).\n- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).\n- platform/x86: amd: Use *-y instead of *-objs in Makefiles (jsc#PED-13094).\n- platform/x86: dell_rbu: Fix list usage (git-fixes).\n- platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes).\n- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes).\n- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).\n- platform/x86: hp-bioscfg: Annotate struct bios_args with __counted_by (jsc#PED-13019).\n- platform/x86: hp-bioscfg: biosattr-interface (jsc#PED-13019).\n- platform/x86: hp-bioscfg: bioscfg (jsc#PED-13019).\n- platform/x86: hp-bioscfg: bioscfg-h (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Change how enum possible values size is evaluated (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Change how order list size is evaluated (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Change how password encoding size is evaluated (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Change how prerequisites size is evaluated (jsc#PED-13019).\n- platform/x86: hp-bioscfg: enum-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: fix a signedness bug in hp_wmi_perform_query() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Fix error handling in hp_add_other_attributes() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: fix error reporting in hp_add_other_attributes() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Fix memory leaks in attribute packages (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Fix reference leak (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Fix uninitialized variable errors (jsc#PED-13019).\n- platform/x86: hp-bioscfg: int-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Makefile (jsc#PED-13019).\n- platform/x86: hp-bioscfg: move mutex_lock() down in hp_add_other_attributes() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: order-list-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: passwdobj-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: prevent a small buffer overflow (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Remove duplicate use of variable in inner loop (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Remove unused obj in hp_add_other_attributes() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Removed needless asm-generic (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Replace the word HACK from source code (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Simplify return check in hp_add_other_attributes() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: spmobj-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: string-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: surestart-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Update steps order list elements are evaluated (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Use kmemdup() to replace kmalloc + memcpy (jsc#PED-13019).\n- platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes).\n- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).\n- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes).\n- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).\n- platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes).\n- platform/x86/amd/hsmp: acpi: Add sysfs files to display HSMP telemetry (jsc#PED-13094).\n- platform/x86/amd/hsmp: Add new error code and error logs (jsc#PED-13094).\n- platform/x86/amd/hsmp: Add support for HSMP protocol version 7 messages (jsc#PED-13094).\n- platform/x86/amd/hsmp: Change generic plat_dev name to hsmp_pdev (jsc#PED-13094).\n- platform/x86/amd/hsmp: Change the error type (jsc#PED-13094).\n- platform/x86/amd/hsmp: Convert amd_hsmp_rdwr() to a function pointer (jsc#PED-13094).\n- platform/x86/amd/hsmp: Create hsmp/ directory (jsc#PED-13094).\n- platform/x86/amd/hsmp: Create separate ACPI, plat and common drivers (jsc#PED-13094).\n- platform/x86/amd/hsmp: Create wrapper function init_acpi() (jsc#PED-13094).\n- platform/x86/amd/hsmp: fix building with CONFIG_HWMON=m (jsc#PED-13094).\n- platform/x86/amd/hsmp: Make amd_hsmp and hsmp_acpi as mutually exclusive drivers (jsc#PED-13094).\n- platform/x86/amd/hsmp: Make hsmp_pdev static instead of global (jsc#PED-13094).\n- platform/x86/amd/hsmp: mark hsmp_msg_desc_table as maybe_unused (git-fixes).\n- platform/x86/amd/hsmp: Move ACPI code to acpi.c (jsc#PED-13094).\n- platform/x86/amd/hsmp: Move platform device specific code to plat.c (jsc#PED-13094).\n- platform/x86/amd/hsmp: Move structure and macros to header file (jsc#PED-13094).\n- platform/x86/amd/hsmp: Report power via hwmon sensor (jsc#PED-13094).\n- platform/x86/amd/hsmp: Use a single DRIVER_VERSION for all hsmp modules (jsc#PED-13094).\n- platform/x86/amd/hsmp: Use dev_groups in the driver structure (jsc#PED-13094).\n- platform/x86/amd/hsmp: Use name space while exporting module symbols (jsc#PED-13094).\n- platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes).\n- PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes).\n- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).\n- PM: sleep: Print PM debug messages during hibernation (git-fixes).\n- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).\n- pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes).\n- power: reset: at91-reset: Optimize at91_reset() (git-fixes).\n- power: supply: bq27xxx: Retrieve again when busy (stable-fixes).\n- power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes).\n- powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199).\n- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).\n- powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199).\n- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).\n- pstore: Change kmsg_bytes storage size to u32 (git-fixes).\n- ptp: ocp: fix start time alignment in ptp_ocp_signal_set (git-fixes).\n- ptp: ocp: reject unsupported periodic output flags (git-fixes).\n- ptp: remove ptp-\u003en_vclocks check logic in ptp_vclock_in_use() (git-fixes).\n- r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes).\n- RDMA/core: Fix best page size finding when it can cross SG entries (git-fixes)\n- RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)\n- regulator: ad5398: Add device tree support (stable-fixes).\n- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).\n- regulator: max20086: Change enable gpio to optional (git-fixes).\n- regulator: max20086: Fix MAX200086 chip id (git-fixes).\n- regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes).\n- rtc: at91rm9200: drop unused module alias (git-fixes).\n- rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).\n- rtc: cpcap: drop unused module alias (git-fixes).\n- rtc: da9063: drop unused module alias (git-fixes).\n- rtc: ds1307: stop disabling alarms on probe (stable-fixes).\n- rtc: Fix offset calculation for .start_secs \u0026lt; 0 (git-fixes).\n- rtc: jz4740: drop unused module alias (git-fixes).\n- rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes).\n- rtc: pm8xxx: drop unused module alias (git-fixes).\n- rtc: rv3032: fix EERD location (stable-fixes).\n- rtc: s3c: drop unused module alias (git-fixes).\n- rtc: sh: assign correct interrupts with DT (git-fixes).\n- rtc: stm32: drop unused module alias (git-fixes).\n- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).\n- s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226).\n- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).\n- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).\n- s390/pci: introduce lock to synchronize state of zpci_dev\u0027s (jsc#PED-10253 bsc#1244145).\n- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).\n- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).\n- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).\n- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).\n- s390/pci: Serialize device addition and removal (bsc#1244145).\n- s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228).\n- scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).\n- scsi: dc395x: Remove leftover if statement in reselect() (git-fixes).\n- scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes).\n- scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes).\n- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).\n- scsi: Improve CDL control (git-fixes).\n- scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).\n- scsi: mpi3mr: Add level check to control event logging (git-fixes).\n- scsi: mpt3sas: Fix _ctl_get_mpt_mctp_passthru_adapter() to return IOC pointer (git-fixes).\n- scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes).\n- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).\n- scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes).\n- scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes).\n- scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels (git-fixes).\n- scsi: st: ERASE does not change tape location (git-fixes).\n- scsi: st: Restore some drive settings after reset (git-fixes).\n- scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes).\n- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).\n- scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).\n- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).\n- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).\n- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).\n- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).\n- serial: core: restore of_node information in sysfs (git-fixes).\n- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).\n- serial: imx: Restore original RXTL for console to fix data loss (git-fixes).\n- serial: jsm: fix NPE during jsm_uart_port_init (git-fixes).\n- serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).\n- serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes).\n- serial: sh-sci: Save and restore more registers (git-fixes).\n- serial: sh-sci: Update the suspend/resume support (stable-fixes).\n- smb: client: allow more DFS referrals to be cached (git-fixes).\n- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).\n- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).\n- smb: client: do not retry DFS targets on server shutdown (git-fixes).\n- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).\n- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).\n- smb: client: fix DFS interlink failover (git-fixes).\n- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).\n- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).\n- smb: client: fix potential race in cifs_put_tcon() (git-fixes).\n- smb: client: fix return value of parse_dfs_referrals() (git-fixes).\n- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).\n- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).\n- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).\n- smb: client: improve purging of cached referrals (git-fixes).\n- smb: client: introduce av_for_each_entry() helper (git-fixes).\n- smb: client: optimize referral walk on failed link targets (git-fixes).\n- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).\n- smb: client: parse DNS domain name from domain= option (git-fixes).\n- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).\n- smb: client: refresh referral without acquiring refpath_lock (git-fixes).\n- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).\n- smb: client: Use str_yes_no() helper function (git-fixes).\n- smb3: fix Open files on server counter going negative (git-fixes).\n- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).\n- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).\n- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).\n- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).\n- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).\n- spi-rockchip: Fix register out of bounds access (stable-fixes).\n- spi: bcm63xx-hsspi: fix shared reset (git-fixes).\n- spi: bcm63xx-spi: fix shared reset (git-fixes).\n- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).\n- spi: spi-sun4i: fix early activation (stable-fixes).\n- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).\n- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).\n- spi: tegra210-quad: remove redundant error handling code (git-fixes).\n- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).\n- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).\n- staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes).\n- struct usci: hide additional member (git-fixes).\n- SUNRPC: Do not allow waiting for exiting tasks (git-fixes).\n- SUNRPC: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes).\n- SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes).\n- SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git-fixes).\n- SUNRPC: rpcbind should never reset the port to the value \u00270\u0027 (git-fixes).\n- svsm: Add header with SVSM_VTPM_CMD helpers (bsc#1241191).\n- sysfb: Fix screen_info type check for VGA (git-fixes).\n- tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).\n- tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes).\n- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (git-fixes).\n- tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).\n- tcp/dccp: complete lockless accesses to sk-\u003esk_max_ack_backlog (git-fixes).\n- thermal/drivers/mediatek/lvts: Fix debugfs unregister on failure (git-fixes).\n- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).\n- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).\n- thunderbolt: Do not double dequeue a configuration request (stable-fixes).\n- thunderbolt: Fix a logic error in wake on connect (git-fixes).\n- thunderbolt: Improve redrive mode handling (git-fixes).\n- timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)\n- timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)\n- timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)\n- timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)\n- tpm: Add SNP SVSM vTPM driver (bsc#1241191).\n- tpm: Make chip-\u003e{status,cancel,req_canceled} opt (bsc#1241191).\n- trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes).\n- tracing: Add __print_dynamic_array() helper (bsc#1243544).\n- tracing: Add __string_len() example (bsc#1243544).\n- tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes).\n- tracing: Fix compilation warning on arm32 (bsc#1243551).\n- tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes).\n- tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes).\n- truct dwc3 hide new member wakeup_pending_funcs (git-fixes).\n- tty: serial: 8250_omap: fix TX with DMA for am33xx (git-fixes).\n- ucsi_debugfs_entry: hide signedness change (git-fixes).\n- udp: annotate data-races around up-\u003epending (git-fixes).\n- udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (git-fixes).\n- udp: fix receiving fraglist GSO packets (git-fixes).\n- udp: preserve the connected status if only UDP cmsg (git-fixes).\n- uprobes: Use kzalloc to allocate xol area (git-fixes).\n- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).\n- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).\n- usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).\n- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).\n- usb: misc: onboard_usb_dev: fix support for Cypress HX3 hubs (git-fixes).\n- usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes).\n- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).\n- usb: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes).\n- usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes).\n- usb: typec: tcpm: move tcpm_queue_vdm_unlocked to asynchronous work (git-fixes).\n- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).\n- usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git-fixes).\n- usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes).\n- usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes).\n- usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes).\n- usb: typec: ucsi: Only enable supported notifications (git-fixes).\n- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).\n- usb: usbtmc: Fix timeout value in get_stb (git-fixes).\n- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).\n- usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes).\n- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).\n- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).\n- vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626).\n- vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626).\n- vmxnet3: update MTU after device quiesce (bsc#1244626).\n- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).\n- watchdog: da9052_wdt: respect TWDMIN (stable-fixes).\n- watchdog: exar: Shorten identity name to fit correctly (git-fixes).\n- watchdog: fix watchdog may detect false positive of softlockup (stable-fixes).\n- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes).\n- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes).\n- wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes).\n- wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes).\n- wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes).\n- wifi: ath11k: do not wait when there is no vdev started (git-fixes).\n- wifi: ath11k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).\n- wifi: ath11k: fix ring-buffer corruption (git-fixes).\n- wifi: ath11k: fix rx completion meta data corruption (git-fixes).\n- wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes).\n- wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes).\n- wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847).\n- wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes).\n- wifi: ath12k: ACPI band edge channel power support (bsc#1240998).\n- wifi: ath12k: ACPI CCA threshold support (bsc#1240998).\n- wifi: ath12k: ACPI SAR support (bsc#1240998).\n- wifi: ath12k: ACPI TAS support (bsc#1240998).\n- wifi: ath12k: add 6 GHz params in peer assoc command (bsc#1240998).\n- wifi: ath12k: Add additional checks for vif and sta iterators (bsc#1240998).\n- wifi: ath12k: add ATH12K_DBG_WOW log level (bsc#1240998).\n- wifi: ath12k: add basic WoW functionalities (bsc#1240998).\n- wifi: ath12k: add channel 2 into 6 GHz channel list (bsc#1240998).\n- wifi: ath12k: add EMA beacon support (bsc#1240998).\n- wifi: ath12k: Add firmware coredump collection support (bsc#1240998).\n- wifi: ath12k: Add htt_stats_dump file ops support (bsc#1240998).\n- wifi: ath12k: add hw_link_id in ath12k_pdev (bsc#1240998).\n- wifi: ath12k: Add lock to protect the hardware state (bsc#1240998).\n- wifi: ath12k: add MBSSID beacon support (bsc#1240998).\n- wifi: ath12k: Add missing htt_metadata flag in ath12k_dp_tx() (bsc#1240998).\n- wifi: ath12k: add missing lockdep_assert_wiphy() for ath12k_mac_op_ functions (bsc#1240998).\n- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).\n- wifi: ath12k: add multi device support for WBM idle ring buffer setup (bsc#1240998).\n- wifi: ath12k: add multiple radio support in a single MAC HW un/register (bsc#1240998).\n- wifi: ath12k: add panic handler (bsc#1240998).\n- wifi: ath12k: Add support to enable debugfs_htt_stats (bsc#1240998).\n- wifi: ath12k: add support to handle beacon miss for WCN7850 (bsc#1240998).\n- wifi: ath12k: Add support to parse requested stats_type (bsc#1240998).\n- wifi: ath12k: add WoW net-detect functionality (bsc#1240998).\n- wifi: ath12k: advertise driver capabilities for MBSSID and EMA (bsc#1240998).\n- wifi: ath12k: allocate dummy net_device dynamically (bsc#1240998).\n- wifi: ath12k: ath12k_mac_op_set_key(): fix uninitialized symbol \u0027ret\u0027 (bsc#1240998).\n- wifi: ath12k: ath12k_mac_op_sta_state(): clean up update_wk cancellation (bsc#1240998).\n- wifi: ath12k: ath12k_mac_set_key(): remove exit label (bsc#1240998).\n- wifi: ath12k: Avoid -Wflex-array-member-not-at-end warnings (bsc#1240998).\n- wifi: ath12k: avoid double SW2HW_MACID conversion (bsc#1240998).\n- wifi: ath12k: avoid duplicated vdev down (bsc#1240998).\n- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).\n- wifi: ath12k: avoid redundant code in Rx cookie conversion init (bsc#1240998).\n- wifi: ath12k: avoid stopping mac80211 queues in ath12k_core_restart() (bsc#1240998).\n- wifi: ath12k: avoid unnecessary MSDU drop in the Rx error process (bsc#1240998).\n- wifi: ath12k: Cache vdev configs before vdev create (bsc#1240998).\n- wifi: ath12k: change supports_suspend to true for WCN7850 (bsc#1240998).\n- wifi: ath12k: cleanup unneeded labels (bsc#1240998).\n- wifi: ath12k: configure MBSSID parameters in AP mode (bsc#1240998).\n- wifi: ath12k: configure MBSSID params in vdev create/start (bsc#1240998).\n- wifi: ath12k: convert struct ath12k_sta::update_wk to use struct wiphy_work (bsc#1240998).\n- wifi: ath12k: correct the capital word typo (bsc#1240998).\n- wifi: ath12k: create a structure for WMI vdev up parameters (bsc#1240998).\n- wifi: ath12k: debugfs: radar simulation support (bsc#1240998).\n- wifi: ath12k: decrease MHI channel buffer length to 8KB (bsc#1240998).\n- wifi: ath12k: delete NSS and TX power setting for monitor vdev (bsc#1240998).\n- wifi: ath12k: displace the Tx and Rx descriptor in cookie conversion table (bsc#1240998).\n- wifi: ath12k: do not dump SRNG statistics during resume (bsc#1240998).\n- wifi: ath12k: do not process consecutive RDDM event (bsc#1240998).\n- wifi: ath12k: do not use %pK in dmesg format strings (bsc#1240998).\n- wifi: ath12k: Dump additional Tx PDEV HTT stats (bsc#1240998).\n- wifi: ath12k: dynamic VLAN support (bsc#1240998).\n- wifi: ath12k: dynamically update peer puncturing bitmap for STA (bsc#1240998).\n- wifi: ath12k: enable service flag for survey dump stats (bsc#1240998).\n- wifi: ath12k: enable WIPHY_FLAG_DISABLE_WEXT (bsc#1240998).\n- wifi: ath12k: extend the link capable flag (bsc#1240998).\n- wifi: ath12k: fetch correct radio based on vdev status (bsc#1240998).\n- wifi: ath12k: Fetch regdb.bin file from board-2.bin (stable-fixes).\n- wifi: ath12k: fix a possible dead lock caused by ab-\u003ebase_lock (stable-fixes).\n- wifi: ath12k: fix A-MSDU indication in monitor mode (bsc#1240998).\n- wifi: ath12k: fix ack signal strength calculation (bsc#1240998).\n- wifi: ath12k: fix ACPI warning when resume (bsc#1240998).\n- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).\n- wifi: ath12k: Fix buffer overflow in debugfs (bsc#1240998).\n- wifi: ath12k: fix build vs old compiler (bsc#1240998).\n- wifi: ath12k: fix calling correct function for rx monitor mode (bsc#1240998).\n- wifi: ath12k: fix cleanup path after mhi init (git-fixes).\n- wifi: ath12k: fix desc address calculation in wbm tx completion (bsc#1240998).\n- wifi: ath12k: Fix devmem address prefix when logging (bsc#1240998).\n- wifi: ath12k: fix driver initialization for WoW unsupported devices (bsc#1240998).\n- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).\n- wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes).\n- wifi: ath12k: fix flush failure in recovery scenarios (bsc#1240998).\n- wifi: ath12k: Fix for out-of bound access error (bsc#1240998).\n- wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (git-fixes).\n- wifi: ath12k: fix hal_rx_buf_return_buf_manager documentation (bsc#1240998).\n- wifi: ath12k: fix incorrect CE addresses (stable-fixes).\n- wifi: ath12k: fix invalid access to memory (git-fixes).\n- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).\n- wifi: ath12k: fix key cache handling (bsc#1240998).\n- wifi: ath12k: fix legacy peer association due to missing HT or 6 GHz capabilities (bsc#1240998).\n- wifi: ath12k: fix link capable flags (bsc#1240998).\n- wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes).\n- wifi: ath12k: fix mac id extraction when MSDU spillover in rx error path (bsc#1240998).\n- wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes).\n- wifi: ath12k: fix mbssid max interface advertisement (bsc#1240998).\n- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).\n- wifi: ath12k: fix missing endianness conversion in wmi_vdev_create_cmd() (bsc#1240998).\n- wifi: ath12k: fix misspelling of \u0027dma\u0027 in num_rxmda_per_pdev (bsc#1240998).\n- wifi: ath12k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath12k: fix NULL pointer access in ath12k_mac_op_get_survey() (bsc#1240998).\n- wifi: ath12k: fix one more memcpy size error (bsc#1240998).\n- wifi: ath12k: Fix pdev id sent to firmware for single phy devices (bsc#1240998).\n- wifi: ath12k: fix per pdev debugfs registration (bsc#1240998).\n- wifi: ath12k: fix reusing outside iterator in ath12k_wow_vif_set_wakeups() (bsc#1240998).\n- wifi: ath12k: fix ring-buffer corruption (git-fixes).\n- wifi: ath12k: fix skb_ext_desc leak in ath12k_dp_tx() error path (bsc#1240998).\n- wifi: ath12k: fix Smatch warnings on ath12k_core_suspend() (bsc#1240998).\n- wifi: ath12k: fix struct hal_rx_mpdu_start (bsc#1240998).\n- wifi: ath12k: fix struct hal_rx_phyrx_rssi_legacy_info (bsc#1240998).\n- wifi: ath12k: fix struct hal_rx_ppdu_end_user_stats (bsc#1240998).\n- wifi: ath12k: fix struct hal_rx_ppdu_start (bsc#1240998).\n- wifi: ath12k: fix survey dump collection in 6 GHz (bsc#1240998).\n- wifi: ath12k: fix the ampdu id fetch in the HAL_RX_MPDU_START TLV (stable-fixes).\n- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).\n- wifi: ath12k: fix the stack frame size warning in ath12k_mac_op_hw_scan (bsc#1240998).\n- wifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup() (bsc#1240998).\n- wifi: ath12k: Fix WARN_ON during firmware crash in split-phy (bsc#1240998).\n- wifi: ath12k: fix warning on DMA ring capabilities event (bsc#1240998).\n- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).\n- wifi: ath12k: flush all packets before suspend (bsc#1240998).\n- wifi: ath12k: Handle error cases during extended skb allocation (git-fixes).\n- wifi: ath12k: handle keepalive during WoWLAN suspend and resume (bsc#1240998).\n- wifi: ath12k: handle symlink cleanup for per pdev debugfs dentry (bsc#1240998).\n- wifi: ath12k: implement hardware data filter (bsc#1240998).\n- wifi: ath12k: implement WoW enable and wakeup commands (bsc#1240998).\n- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).\n- wifi: ath12k: improve the rx descriptor error information (bsc#1240998).\n- wifi: ath12k: initial debugfs support (bsc#1240998).\n- wifi: ath12k: Introduce device index (bsc#1240998).\n- wifi: ath12k: make read-only array svc_id static const (bsc#1240998).\n- wifi: ath12k: Modify add and remove chanctx ops for single wiphy support (bsc#1240998).\n- wifi: ath12k: modify ath12k mac start/stop ops for single wiphy (bsc#1240998).\n- wifi: ath12k: modify ath12k_get_arvif_iter() for MLO (bsc#1240998).\n- wifi: ath12k: modify ath12k_mac_op_bss_info_changed() for MLO (bsc#1240998).\n- wifi: ath12k: modify ath12k_mac_op_set_key() for MLO (bsc#1240998).\n- wifi: ath12k: modify ath12k_mac_vif_chan() for MLO (bsc#1240998).\n- wifi: ath12k: modify link arvif creation and removal for MLO (bsc#1240998).\n- wifi: ath12k: Modify print_array_to_buf() to support arrays with 1-based semantics (bsc#1240998).\n- wifi: ath12k: modify regulatory support for single wiphy architecture (bsc#1240998).\n- wifi: ath12k: modify remain on channel for single wiphy (bsc#1240998).\n- wifi: ath12k: Modify rts threshold mac op for single wiphy (bsc#1240998).\n- wifi: ath12k: Modify set and get antenna mac ops for single wiphy (bsc#1240998).\n- wifi: ath12k: move txbaddr/rxbaddr into struct ath12k_dp (bsc#1240998).\n- wifi: ath12k: no need to handle pktlog during suspend/resume (bsc#1240998).\n- wifi: ath12k: Optimize the lock contention of used list in Rx data path (bsc#1240998).\n- wifi: ath12k: pass ath12k_link_vif instead of vif/ahvif (bsc#1240998).\n- wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes).\n- wifi: ath12k: prepare sta data structure for MLO handling (bsc#1240998).\n- wifi: ath12k: prepare vif config caching for MLO (bsc#1240998).\n- wifi: ath12k: prepare vif data structure for MLO handling (bsc#1240998).\n- wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash (bsc#1240998).\n- wifi: ath12k: read single_chip_mlo_support parameter from QMI PHY capability (bsc#1240998).\n- wifi: ath12k: rearrange IRQ enable/disable in reset path (bsc#1240998).\n- wifi: ath12k: refactor arvif security parameter configuration (bsc#1240998).\n- wifi: ath12k: refactor ath12k_hw_regs structure (stable-fixes).\n- wifi: ath12k: Refactor data path cmem init (bsc#1240998).\n- wifi: ath12k: Refactor error handler of Rxdma replenish (bsc#1240998).\n- wifi: ath12k: Refactor idle ring descriptor setup (bsc#1240998).\n- wifi: ath12k: refactor rx descriptor CMEM configuration (bsc#1240998).\n- wifi: ath12k: Refactor Rxdma buffer replinish argument (bsc#1240998).\n- wifi: ath12k: refactor SMPS configuration (bsc#1240998).\n- wifi: ath12k: Refactor the hardware cookie conversion init (bsc#1240998).\n- wifi: ath12k: Refactor the hardware recovery procedure (bsc#1240998).\n- wifi: ath12k: Refactor the hardware state (bsc#1240998).\n- wifi: ath12k: remove duplicate definition of MAX_RADIOS (bsc#1240998).\n- wifi: ath12k: remove duplicate definitions in wmi.h (bsc#1240998).\n- wifi: ath12k: remove invalid peer create logic (bsc#1240998).\n- wifi: ath12k: remove MHI LOOPBACK channels (bsc#1240998).\n- wifi: ath12k: remove obsolete struct wmi_start_scan_arg (bsc#1240998).\n- wifi: ath12k: remove redundant peer delete for WCN7850 (bsc#1240998).\n- wifi: ath12k: Remove unsupported tx monitor handling (bsc#1240998).\n- wifi: ath12k: Remove unused ath12k_base from ath12k_hw (bsc#1240998).\n- wifi: ath12k: Remove unused tcl_*_ring configuration (bsc#1240998).\n- wifi: ath12k: remove unused variable monitor_flags (bsc#1240998).\n- wifi: ath12k: remove unused variable monitor_present (bsc#1240998).\n- wifi: ath12k: rename MBSSID fields in wmi_vdev_up_cmd (bsc#1240998).\n- wifi: ath12k: Replace \u0027chip\u0027 with \u0027device\u0027 in hal Rx return buffer manager (bsc#1240998).\n- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).\n- wifi: ath12k: Resolve multicast packet drop by populating key_cipher in ath12k_install_key() (bsc#1240998).\n- wifi: ath12k: restore ASPM for supported hardwares only (bsc#1240998).\n- wifi: ath12k: scan statemachine changes for single wiphy (bsc#1240998).\n- wifi: ath12k: set mlo_capable_flags based on QMI PHY capability (bsc#1240998).\n- wifi: ath12k: skip sending vdev down for channel switch (bsc#1240998).\n- wifi: ath12k: support ARP and NS offload (bsc#1240998).\n- wifi: ath12k: Support BE OFDMA Pdev Rate Stats (bsc#1240998).\n- wifi: ath12k: Support DMAC Reset Stats (bsc#1240998).\n- wifi: ath12k: support get_survey mac op for single wiphy (bsc#1240998).\n- wifi: ath12k: support GTK rekey offload (bsc#1240998).\n- wifi: ath12k: Support pdev CCA Stats (bsc#1240998).\n- wifi: ath12k: Support pdev error stats (bsc#1240998).\n- wifi: ath12k: Support Pdev OBSS Stats (bsc#1240998).\n- wifi: ath12k: Support Pdev Scheduled Algorithm Stats (bsc#1240998).\n- wifi: ath12k: Support pdev Transmit Multi-user stats (bsc#1240998).\n- wifi: ath12k: Support Ring and SFM stats (bsc#1240998).\n- wifi: ath12k: Support Self-Generated Transmit stats (bsc#1240998).\n- wifi: ath12k: support SMPS configuration for 6 GHz (bsc#1240998).\n- wifi: ath12k: support suspend/resume (bsc#1240998).\n- wifi: ath12k: Support TQM stats (bsc#1240998).\n- wifi: ath12k: Support Transmit DE stats (bsc#1240998).\n- wifi: ath12k: Support Transmit Scheduler stats (bsc#1240998).\n- wifi: ath12k: switch to using wiphy_lock() and remove ar-\u003econf_mutex (bsc#1240998).\n- wifi: ath12k: unregister per pdev debugfs (bsc#1240998).\n- wifi: ath12k: update ath12k_mac_op_conf_tx() for MLO (bsc#1240998).\n- wifi: ath12k: update ath12k_mac_op_update_vif_offload() for MLO (bsc#1240998).\n- wifi: ath12k: use 128 bytes aligned iova in transmit path for WCN7850 (bsc#1240998).\n- wifi: ath12k: use correct MAX_RADIOS (bsc#1240998).\n- wifi: ath12k: use tail MSDU to get MSDU information (bsc#1240998).\n- wifi: ath12k: using msdu end descriptor to check for rx multicast packets (stable-fixes).\n- wifi: ath12k: vdev statemachine changes for single wiphy (bsc#1240998).\n- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).\n- wifi: ath9k: return by of_get_mac_address (stable-fixes).\n- wifi: carl9170: do not ping device which has failed to load firmware (git-fixes).\n- wifi: cfg80211: allow IR in 20 MHz configurations (stable-fixes).\n- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).\n- wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes).\n- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).\n- wifi: iwlwifi: do not warn during reprobe (stable-fixes).\n- wifi: iwlwifi: do not warn when if there is a FW error (stable-fixes).\n- wifi: iwlwifi: fix debug actions order (stable-fixes).\n- wifi: iwlwifi: fix the ECKV UEFI variable name (stable-fixes).\n- wifi: iwlwifi: mark Br device not integrated (stable-fixes).\n- wifi: iwlwifi: mvm: fix beacon CCK flag (stable-fixes).\n- wifi: iwlwifi: mvm: fix setting the TK when associated (stable-fixes).\n- wifi: iwlwifi: pcie: make sure to lock rxq-\u003eread (stable-fixes).\n- wifi: iwlwifi: use correct IMR dump variable (stable-fixes).\n- wifi: iwlwifi: w/a FW SMPS mode selection (stable-fixes).\n- wifi: mac80211_hwsim: Fix MLD address translation (stable-fixes).\n- wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes).\n- wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes).\n- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).\n- wifi: mac80211: fix beacon interval calculation overflow (git-fixes).\n- wifi: mac80211: fix warning on disconnect during failed ML reconf (stable-fixes).\n- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).\n- wifi: mac80211: set ieee80211_prep_tx_info::link_id upon Auth Rx (stable-fixes).\n- wifi: mac80211: validate SCAN_FLAG_AP in scan request during MLO (stable-fixes).\n- wifi: mac80211: VLAN traffic in multicast path (stable-fixes).\n- wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes).\n- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).\n- wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes).\n- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).\n- wifi: mt76: mt7925: fix fails to enter low power mode in suspend state (stable-fixes).\n- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).\n- wifi: mt76: mt7925: introduce thermal protection (stable-fixes).\n- wifi: mt76: mt7925: load the appropriate CLC data based on hardware type (stable-fixes).\n- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).\n- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).\n- wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes).\n- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).\n- wifi: mt76: mt7996: revise TXS size (stable-fixes).\n- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).\n- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).\n- wifi: mwifiex: Fix HT40 bandwidth issue (stable-fixes).\n- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).\n- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).\n- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).\n- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).\n- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).\n- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: fix the \u0027para\u0027 buffer size to avoid reading out of bounds (git-fixes).\n- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).\n- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).\n- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).\n- wifi: rtw89: 8922a: fix incorrect STA-ID in EHT MU PPDU (stable-fixes).\n- wifi: rtw89: 8922a: fix TX fail with wrong VCO setting (stable-fixes).\n- wifi: rtw89: add wiphy_lock() to work that isn\u0027t held wiphy_lock() yet (stable-fixes).\n- wifi: rtw89: call power_on ahead before selecting firmware (stable-fixes).\n- wifi: rtw89: fw: get sb_sel_ver via get_unaligned_le32() (stable-fixes).\n- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).\n- wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes).\n- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).\n- wifi: rtw89: phy: add dummy C2H event handler for report of TAS power (stable-fixes).\n- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (stable-fixes).\n- workqueue: Initialize wq_isolated_cpumask in workqueue_init_early() (bsc#1245101 jsc#PED-11934).\n- x86: Start moving AMD node functionality out of AMD_NB (jsc#PED-13094).\n- x86/acpi: Fix LAPIC/x2APIC parsing order (git-fixes).\n- x86/amd_nb, hwmon: (k10temp): Simplify amd_pci_dev_to_node_id() (jsc#PED-13094).\n- x86/amd_nb: Clean up early_is_amd_nb() (jsc#PED-13094).\n- x86/amd_nb: Move SMN access code to a new amd_node driver (jsc#PED-13094).\n- x86/amd_nb: Restrict init function to AMD-based systems (jsc#PED-13094).\n- x86/amd_nb: Simplify function 4 search (jsc#PED-13094).\n- x86/amd_nb: Simplify root device search (jsc#PED-13094).\n- x86/amd_node: Add SMN offsets to exclusive region access (jsc#PED-13094).\n- x86/amd_node: Add support for debugfs access to SMN registers (jsc#PED-13094).\n- x86/amd_node: Remove dependency on AMD_NB (jsc#PED-13094).\n- x86/amd_node: Update __amd_smn_rw() error paths (jsc#PED-13094).\n- x86/amd_node: Use defines for SMN register offsets (jsc#PED-13094).\n- x86/fred/signal: Prevent immediate repeat of single step trap on return from SIGTRAP handler (git-fixes).\n- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).\n- x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).\n- x86/mce/amd: Remove shared threshold bank plumbing (jsc#PED-13094).\n- x86/microcode: Consolidate the loader enablement checking (git-fixes).\n- x86/microcode/AMD: Add get_patch_level() (git-fixes).\n- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).\n- x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes).\n- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).\n- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).\n- x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes).\n- x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes).\n- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).\n- x86/mm/init: Handle the special case of device private pages in add_pages(), to not increase max_pfn and trigger dma_addressing_limited() bounce buffers (git-fixes).\n- x86/platform/amd: Move the \u0026lt;asm/amd_hsmp.h\u003e header to \u0026lt;asm/amd/hsmp.h\u003e (jsc#PED-13094).\n- x86/sev: Add SVSM vTPM probe/send_command functions (bsc#1241191).\n- x86/sev: Provide guest VMPL level to userspace (bsc#1241191).\n- x86/sev: Register tpm-svsm platform device (bsc#1241191).\n- x86/xen: fix balloon target initialization for PVH dom0 (git-fixes).\n- xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)\n- xen/x86: fix initial memory balloon target (git-fixes).\n- xhci: dbc: Avoid event polling busyloop if pending rx transfers are inactive (git-fixes).\n- xsk: always clear DMA mapping information when unmapping the pool (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2254,SUSE-SLE-Module-Public-Cloud-15-SP7-2025-2254",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02254-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02254-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502254-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02254-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040645.html"
},
{
"category": "self",
"summary": "SUSE Bug 1151679",
"url": "https://bugzilla.suse.com/1151679"
},
{
"category": "self",
"summary": "SUSE Bug 1151680",
"url": "https://bugzilla.suse.com/1151680"
},
{
"category": "self",
"summary": "SUSE Bug 1151794",
"url": "https://bugzilla.suse.com/1151794"
},
{
"category": "self",
"summary": "SUSE Bug 1151927",
"url": "https://bugzilla.suse.com/1151927"
},
{
"category": "self",
"summary": "SUSE Bug 1210025",
"url": "https://bugzilla.suse.com/1210025"
},
{
"category": "self",
"summary": "SUSE Bug 1211226",
"url": "https://bugzilla.suse.com/1211226"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1218184",
"url": "https://bugzilla.suse.com/1218184"
},
{
"category": "self",
"summary": "SUSE Bug 1220112",
"url": "https://bugzilla.suse.com/1220112"
},
{
"category": "self",
"summary": "SUSE Bug 1223008",
"url": "https://bugzilla.suse.com/1223008"
},
{
"category": "self",
"summary": "SUSE Bug 1226498",
"url": "https://bugzilla.suse.com/1226498"
},
{
"category": "self",
"summary": "SUSE Bug 1228478",
"url": "https://bugzilla.suse.com/1228478"
},
{
"category": "self",
"summary": "SUSE Bug 1228557",
"url": "https://bugzilla.suse.com/1228557"
},
{
"category": "self",
"summary": "SUSE Bug 1228854",
"url": "https://bugzilla.suse.com/1228854"
},
{
"category": "self",
"summary": "SUSE Bug 1229491",
"url": "https://bugzilla.suse.com/1229491"
},
{
"category": "self",
"summary": "SUSE Bug 1230337",
"url": "https://bugzilla.suse.com/1230337"
},
{
"category": "self",
"summary": "SUSE Bug 1231913",
"url": "https://bugzilla.suse.com/1231913"
},
{
"category": "self",
"summary": "SUSE Bug 1232504",
"url": "https://bugzilla.suse.com/1232504"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1233482",
"url": "https://bugzilla.suse.com/1233482"
},
{
"category": "self",
"summary": "SUSE Bug 1235064",
"url": "https://bugzilla.suse.com/1235064"
},
{
"category": "self",
"summary": "SUSE Bug 1235490",
"url": "https://bugzilla.suse.com/1235490"
},
{
"category": "self",
"summary": "SUSE Bug 1235728",
"url": "https://bugzilla.suse.com/1235728"
},
{
"category": "self",
"summary": "SUSE Bug 1235968",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1237200",
"url": "https://bugzilla.suse.com/1237200"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1237887",
"url": "https://bugzilla.suse.com/1237887"
},
{
"category": "self",
"summary": "SUSE Bug 1237895",
"url": "https://bugzilla.suse.com/1237895"
},
{
"category": "self",
"summary": "SUSE Bug 1237905",
"url": "https://bugzilla.suse.com/1237905"
},
{
"category": "self",
"summary": "SUSE Bug 1237910",
"url": "https://bugzilla.suse.com/1237910"
},
{
"category": "self",
"summary": "SUSE Bug 1237913",
"url": "https://bugzilla.suse.com/1237913"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238478",
"url": "https://bugzilla.suse.com/1238478"
},
{
"category": "self",
"summary": "SUSE Bug 1238495",
"url": "https://bugzilla.suse.com/1238495"
},
{
"category": "self",
"summary": "SUSE Bug 1238508",
"url": "https://bugzilla.suse.com/1238508"
},
{
"category": "self",
"summary": "SUSE Bug 1238741",
"url": "https://bugzilla.suse.com/1238741"
},
{
"category": "self",
"summary": "SUSE Bug 1238859",
"url": "https://bugzilla.suse.com/1238859"
},
{
"category": "self",
"summary": "SUSE Bug 1238965",
"url": "https://bugzilla.suse.com/1238965"
},
{
"category": "self",
"summary": "SUSE Bug 1238982",
"url": "https://bugzilla.suse.com/1238982"
},
{
"category": "self",
"summary": "SUSE Bug 1238995",
"url": "https://bugzilla.suse.com/1238995"
},
{
"category": "self",
"summary": "SUSE Bug 1239063",
"url": "https://bugzilla.suse.com/1239063"
},
{
"category": "self",
"summary": "SUSE Bug 1239090",
"url": "https://bugzilla.suse.com/1239090"
},
{
"category": "self",
"summary": "SUSE Bug 1239485",
"url": "https://bugzilla.suse.com/1239485"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1240170",
"url": "https://bugzilla.suse.com/1240170"
},
{
"category": "self",
"summary": "SUSE Bug 1240180",
"url": "https://bugzilla.suse.com/1240180"
},
{
"category": "self",
"summary": "SUSE Bug 1240577",
"url": "https://bugzilla.suse.com/1240577"
},
{
"category": "self",
"summary": "SUSE Bug 1240579",
"url": "https://bugzilla.suse.com/1240579"
},
{
"category": "self",
"summary": "SUSE Bug 1240589",
"url": "https://bugzilla.suse.com/1240589"
},
{
"category": "self",
"summary": "SUSE Bug 1240610",
"url": "https://bugzilla.suse.com/1240610"
},
{
"category": "self",
"summary": "SUSE Bug 1240650",
"url": "https://bugzilla.suse.com/1240650"
},
{
"category": "self",
"summary": "SUSE Bug 1240686",
"url": "https://bugzilla.suse.com/1240686"
},
{
"category": "self",
"summary": "SUSE Bug 1240696",
"url": "https://bugzilla.suse.com/1240696"
},
{
"category": "self",
"summary": "SUSE Bug 1240702",
"url": "https://bugzilla.suse.com/1240702"
},
{
"category": "self",
"summary": "SUSE Bug 1240710",
"url": "https://bugzilla.suse.com/1240710"
},
{
"category": "self",
"summary": "SUSE Bug 1240723",
"url": "https://bugzilla.suse.com/1240723"
},
{
"category": "self",
"summary": "SUSE Bug 1240798",
"url": "https://bugzilla.suse.com/1240798"
},
{
"category": "self",
"summary": "SUSE Bug 1240814",
"url": "https://bugzilla.suse.com/1240814"
},
{
"category": "self",
"summary": "SUSE Bug 1240823",
"url": "https://bugzilla.suse.com/1240823"
},
{
"category": "self",
"summary": "SUSE Bug 1240866",
"url": "https://bugzilla.suse.com/1240866"
},
{
"category": "self",
"summary": "SUSE Bug 1240998",
"url": "https://bugzilla.suse.com/1240998"
},
{
"category": "self",
"summary": "SUSE Bug 1241166",
"url": "https://bugzilla.suse.com/1241166"
},
{
"category": "self",
"summary": "SUSE Bug 1241191",
"url": "https://bugzilla.suse.com/1241191"
},
{
"category": "self",
"summary": "SUSE Bug 1241278",
"url": "https://bugzilla.suse.com/1241278"
},
{
"category": "self",
"summary": "SUSE Bug 1241298",
"url": "https://bugzilla.suse.com/1241298"
},
{
"category": "self",
"summary": "SUSE Bug 1241340",
"url": "https://bugzilla.suse.com/1241340"
},
{
"category": "self",
"summary": "SUSE Bug 1241388",
"url": "https://bugzilla.suse.com/1241388"
},
{
"category": "self",
"summary": "SUSE Bug 1241414",
"url": "https://bugzilla.suse.com/1241414"
},
{
"category": "self",
"summary": "SUSE Bug 1241457",
"url": "https://bugzilla.suse.com/1241457"
},
{
"category": "self",
"summary": "SUSE Bug 1241492",
"url": "https://bugzilla.suse.com/1241492"
},
{
"category": "self",
"summary": "SUSE Bug 1241519",
"url": "https://bugzilla.suse.com/1241519"
},
{
"category": "self",
"summary": "SUSE Bug 1241538",
"url": "https://bugzilla.suse.com/1241538"
},
{
"category": "self",
"summary": "SUSE Bug 1241544",
"url": "https://bugzilla.suse.com/1241544"
},
{
"category": "self",
"summary": "SUSE Bug 1241572",
"url": "https://bugzilla.suse.com/1241572"
},
{
"category": "self",
"summary": "SUSE Bug 1241576",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "self",
"summary": "SUSE Bug 1241590",
"url": "https://bugzilla.suse.com/1241590"
},
{
"category": "self",
"summary": "SUSE Bug 1241592",
"url": "https://bugzilla.suse.com/1241592"
},
{
"category": "self",
"summary": "SUSE Bug 1241595",
"url": "https://bugzilla.suse.com/1241595"
},
{
"category": "self",
"summary": "SUSE Bug 1241617",
"url": "https://bugzilla.suse.com/1241617"
},
{
"category": "self",
"summary": "SUSE Bug 1241625",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "self",
"summary": "SUSE Bug 1241635",
"url": "https://bugzilla.suse.com/1241635"
},
{
"category": "self",
"summary": "SUSE Bug 1241644",
"url": "https://bugzilla.suse.com/1241644"
},
{
"category": "self",
"summary": "SUSE Bug 1241654",
"url": "https://bugzilla.suse.com/1241654"
},
{
"category": "self",
"summary": "SUSE Bug 1241689",
"url": "https://bugzilla.suse.com/1241689"
},
{
"category": "self",
"summary": "SUSE Bug 1242035",
"url": "https://bugzilla.suse.com/1242035"
},
{
"category": "self",
"summary": "SUSE Bug 1242044",
"url": "https://bugzilla.suse.com/1242044"
},
{
"category": "self",
"summary": "SUSE Bug 1242086",
"url": "https://bugzilla.suse.com/1242086"
},
{
"category": "self",
"summary": "SUSE Bug 1242163",
"url": "https://bugzilla.suse.com/1242163"
},
{
"category": "self",
"summary": "SUSE Bug 1242343",
"url": "https://bugzilla.suse.com/1242343"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242501",
"url": "https://bugzilla.suse.com/1242501"
},
{
"category": "self",
"summary": "SUSE Bug 1242504",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "self",
"summary": "SUSE Bug 1242508",
"url": "https://bugzilla.suse.com/1242508"
},
{
"category": "self",
"summary": "SUSE Bug 1242512",
"url": "https://bugzilla.suse.com/1242512"
},
{
"category": "self",
"summary": "SUSE Bug 1242514",
"url": "https://bugzilla.suse.com/1242514"
},
{
"category": "self",
"summary": "SUSE Bug 1242515",
"url": "https://bugzilla.suse.com/1242515"
},
{
"category": "self",
"summary": "SUSE Bug 1242520",
"url": "https://bugzilla.suse.com/1242520"
},
{
"category": "self",
"summary": "SUSE Bug 1242521",
"url": "https://bugzilla.suse.com/1242521"
},
{
"category": "self",
"summary": "SUSE Bug 1242524",
"url": "https://bugzilla.suse.com/1242524"
},
{
"category": "self",
"summary": "SUSE Bug 1242529",
"url": "https://bugzilla.suse.com/1242529"
},
{
"category": "self",
"summary": "SUSE Bug 1242530",
"url": "https://bugzilla.suse.com/1242530"
},
{
"category": "self",
"summary": "SUSE Bug 1242531",
"url": "https://bugzilla.suse.com/1242531"
},
{
"category": "self",
"summary": "SUSE Bug 1242532",
"url": "https://bugzilla.suse.com/1242532"
},
{
"category": "self",
"summary": "SUSE Bug 1242556",
"url": "https://bugzilla.suse.com/1242556"
},
{
"category": "self",
"summary": "SUSE Bug 1242559",
"url": "https://bugzilla.suse.com/1242559"
},
{
"category": "self",
"summary": "SUSE Bug 1242563",
"url": "https://bugzilla.suse.com/1242563"
},
{
"category": "self",
"summary": "SUSE Bug 1242564",
"url": "https://bugzilla.suse.com/1242564"
},
{
"category": "self",
"summary": "SUSE Bug 1242565",
"url": "https://bugzilla.suse.com/1242565"
},
{
"category": "self",
"summary": "SUSE Bug 1242566",
"url": "https://bugzilla.suse.com/1242566"
},
{
"category": "self",
"summary": "SUSE Bug 1242567",
"url": "https://bugzilla.suse.com/1242567"
},
{
"category": "self",
"summary": "SUSE Bug 1242568",
"url": "https://bugzilla.suse.com/1242568"
},
{
"category": "self",
"summary": "SUSE Bug 1242569",
"url": "https://bugzilla.suse.com/1242569"
},
{
"category": "self",
"summary": "SUSE Bug 1242573",
"url": "https://bugzilla.suse.com/1242573"
},
{
"category": "self",
"summary": "SUSE Bug 1242574",
"url": "https://bugzilla.suse.com/1242574"
},
{
"category": "self",
"summary": "SUSE Bug 1242575",
"url": "https://bugzilla.suse.com/1242575"
},
{
"category": "self",
"summary": "SUSE Bug 1242577",
"url": "https://bugzilla.suse.com/1242577"
},
{
"category": "self",
"summary": "SUSE Bug 1242578",
"url": "https://bugzilla.suse.com/1242578"
},
{
"category": "self",
"summary": "SUSE Bug 1242584",
"url": "https://bugzilla.suse.com/1242584"
},
{
"category": "self",
"summary": "SUSE Bug 1242587",
"url": "https://bugzilla.suse.com/1242587"
},
{
"category": "self",
"summary": "SUSE Bug 1242591",
"url": "https://bugzilla.suse.com/1242591"
},
{
"category": "self",
"summary": "SUSE Bug 1242709",
"url": "https://bugzilla.suse.com/1242709"
},
{
"category": "self",
"summary": "SUSE Bug 1242724",
"url": "https://bugzilla.suse.com/1242724"
},
{
"category": "self",
"summary": "SUSE Bug 1242725",
"url": "https://bugzilla.suse.com/1242725"
},
{
"category": "self",
"summary": "SUSE Bug 1242727",
"url": "https://bugzilla.suse.com/1242727"
},
{
"category": "self",
"summary": "SUSE Bug 1242729",
"url": "https://bugzilla.suse.com/1242729"
},
{
"category": "self",
"summary": "SUSE Bug 1242758",
"url": "https://bugzilla.suse.com/1242758"
},
{
"category": "self",
"summary": "SUSE Bug 1242760",
"url": "https://bugzilla.suse.com/1242760"
},
{
"category": "self",
"summary": "SUSE Bug 1242761",
"url": "https://bugzilla.suse.com/1242761"
},
{
"category": "self",
"summary": "SUSE Bug 1242764",
"url": "https://bugzilla.suse.com/1242764"
},
{
"category": "self",
"summary": "SUSE Bug 1242766",
"url": "https://bugzilla.suse.com/1242766"
},
{
"category": "self",
"summary": "SUSE Bug 1242770",
"url": "https://bugzilla.suse.com/1242770"
},
{
"category": "self",
"summary": "SUSE Bug 1242781",
"url": "https://bugzilla.suse.com/1242781"
},
{
"category": "self",
"summary": "SUSE Bug 1242782",
"url": "https://bugzilla.suse.com/1242782"
},
{
"category": "self",
"summary": "SUSE Bug 1242785",
"url": "https://bugzilla.suse.com/1242785"
},
{
"category": "self",
"summary": "SUSE Bug 1242792",
"url": "https://bugzilla.suse.com/1242792"
},
{
"category": "self",
"summary": "SUSE Bug 1242834",
"url": "https://bugzilla.suse.com/1242834"
},
{
"category": "self",
"summary": "SUSE Bug 1242846",
"url": "https://bugzilla.suse.com/1242846"
},
{
"category": "self",
"summary": "SUSE Bug 1242849",
"url": "https://bugzilla.suse.com/1242849"
},
{
"category": "self",
"summary": "SUSE Bug 1242850",
"url": "https://bugzilla.suse.com/1242850"
},
{
"category": "self",
"summary": "SUSE Bug 1242863",
"url": "https://bugzilla.suse.com/1242863"
},
{
"category": "self",
"summary": "SUSE Bug 1242865",
"url": "https://bugzilla.suse.com/1242865"
},
{
"category": "self",
"summary": "SUSE Bug 1242871",
"url": "https://bugzilla.suse.com/1242871"
},
{
"category": "self",
"summary": "SUSE Bug 1242873",
"url": "https://bugzilla.suse.com/1242873"
},
{
"category": "self",
"summary": "SUSE Bug 1242906",
"url": "https://bugzilla.suse.com/1242906"
},
{
"category": "self",
"summary": "SUSE Bug 1242907",
"url": "https://bugzilla.suse.com/1242907"
},
{
"category": "self",
"summary": "SUSE Bug 1242908",
"url": "https://bugzilla.suse.com/1242908"
},
{
"category": "self",
"summary": "SUSE Bug 1242909",
"url": "https://bugzilla.suse.com/1242909"
},
{
"category": "self",
"summary": "SUSE Bug 1242930",
"url": "https://bugzilla.suse.com/1242930"
},
{
"category": "self",
"summary": "SUSE Bug 1242940",
"url": "https://bugzilla.suse.com/1242940"
},
{
"category": "self",
"summary": "SUSE Bug 1242943",
"url": "https://bugzilla.suse.com/1242943"
},
{
"category": "self",
"summary": "SUSE Bug 1242945",
"url": "https://bugzilla.suse.com/1242945"
},
{
"category": "self",
"summary": "SUSE Bug 1242946",
"url": "https://bugzilla.suse.com/1242946"
},
{
"category": "self",
"summary": "SUSE Bug 1242947",
"url": "https://bugzilla.suse.com/1242947"
},
{
"category": "self",
"summary": "SUSE Bug 1242948",
"url": "https://bugzilla.suse.com/1242948"
},
{
"category": "self",
"summary": "SUSE Bug 1242949",
"url": "https://bugzilla.suse.com/1242949"
},
{
"category": "self",
"summary": "SUSE Bug 1242952",
"url": "https://bugzilla.suse.com/1242952"
},
{
"category": "self",
"summary": "SUSE Bug 1242953",
"url": "https://bugzilla.suse.com/1242953"
},
{
"category": "self",
"summary": "SUSE Bug 1242954",
"url": "https://bugzilla.suse.com/1242954"
},
{
"category": "self",
"summary": "SUSE Bug 1242955",
"url": "https://bugzilla.suse.com/1242955"
},
{
"category": "self",
"summary": "SUSE Bug 1242957",
"url": "https://bugzilla.suse.com/1242957"
},
{
"category": "self",
"summary": "SUSE Bug 1242959",
"url": "https://bugzilla.suse.com/1242959"
},
{
"category": "self",
"summary": "SUSE Bug 1242961",
"url": "https://bugzilla.suse.com/1242961"
},
{
"category": "self",
"summary": "SUSE Bug 1242964",
"url": "https://bugzilla.suse.com/1242964"
},
{
"category": "self",
"summary": "SUSE Bug 1242966",
"url": "https://bugzilla.suse.com/1242966"
},
{
"category": "self",
"summary": "SUSE Bug 1242967",
"url": "https://bugzilla.suse.com/1242967"
},
{
"category": "self",
"summary": "SUSE Bug 1242973",
"url": "https://bugzilla.suse.com/1242973"
},
{
"category": "self",
"summary": "SUSE Bug 1242974",
"url": "https://bugzilla.suse.com/1242974"
},
{
"category": "self",
"summary": "SUSE Bug 1242977",
"url": "https://bugzilla.suse.com/1242977"
},
{
"category": "self",
"summary": "SUSE Bug 1242982",
"url": "https://bugzilla.suse.com/1242982"
},
{
"category": "self",
"summary": "SUSE Bug 1242990",
"url": "https://bugzilla.suse.com/1242990"
},
{
"category": "self",
"summary": "SUSE Bug 1243000",
"url": "https://bugzilla.suse.com/1243000"
},
{
"category": "self",
"summary": "SUSE Bug 1243006",
"url": "https://bugzilla.suse.com/1243006"
},
{
"category": "self",
"summary": "SUSE Bug 1243011",
"url": "https://bugzilla.suse.com/1243011"
},
{
"category": "self",
"summary": "SUSE Bug 1243015",
"url": "https://bugzilla.suse.com/1243015"
},
{
"category": "self",
"summary": "SUSE Bug 1243049",
"url": "https://bugzilla.suse.com/1243049"
},
{
"category": "self",
"summary": "SUSE Bug 1243051",
"url": "https://bugzilla.suse.com/1243051"
},
{
"category": "self",
"summary": "SUSE Bug 1243055",
"url": "https://bugzilla.suse.com/1243055"
},
{
"category": "self",
"summary": "SUSE Bug 1243060",
"url": "https://bugzilla.suse.com/1243060"
},
{
"category": "self",
"summary": "SUSE Bug 1243074",
"url": "https://bugzilla.suse.com/1243074"
},
{
"category": "self",
"summary": "SUSE Bug 1243076",
"url": "https://bugzilla.suse.com/1243076"
},
{
"category": "self",
"summary": "SUSE Bug 1243082",
"url": "https://bugzilla.suse.com/1243082"
},
{
"category": "self",
"summary": "SUSE Bug 1243330",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243456",
"url": "https://bugzilla.suse.com/1243456"
},
{
"category": "self",
"summary": "SUSE Bug 1243467",
"url": "https://bugzilla.suse.com/1243467"
},
{
"category": "self",
"summary": "SUSE Bug 1243469",
"url": "https://bugzilla.suse.com/1243469"
},
{
"category": "self",
"summary": "SUSE Bug 1243470",
"url": "https://bugzilla.suse.com/1243470"
},
{
"category": "self",
"summary": "SUSE Bug 1243471",
"url": "https://bugzilla.suse.com/1243471"
},
{
"category": "self",
"summary": "SUSE Bug 1243472",
"url": "https://bugzilla.suse.com/1243472"
},
{
"category": "self",
"summary": "SUSE Bug 1243473",
"url": "https://bugzilla.suse.com/1243473"
},
{
"category": "self",
"summary": "SUSE Bug 1243475",
"url": "https://bugzilla.suse.com/1243475"
},
{
"category": "self",
"summary": "SUSE Bug 1243476",
"url": "https://bugzilla.suse.com/1243476"
},
{
"category": "self",
"summary": "SUSE Bug 1243480",
"url": "https://bugzilla.suse.com/1243480"
},
{
"category": "self",
"summary": "SUSE Bug 1243506",
"url": "https://bugzilla.suse.com/1243506"
},
{
"category": "self",
"summary": "SUSE Bug 1243509",
"url": "https://bugzilla.suse.com/1243509"
},
{
"category": "self",
"summary": "SUSE Bug 1243511",
"url": "https://bugzilla.suse.com/1243511"
},
{
"category": "self",
"summary": "SUSE Bug 1243514",
"url": "https://bugzilla.suse.com/1243514"
},
{
"category": "self",
"summary": "SUSE Bug 1243515",
"url": "https://bugzilla.suse.com/1243515"
},
{
"category": "self",
"summary": "SUSE Bug 1243516",
"url": "https://bugzilla.suse.com/1243516"
},
{
"category": "self",
"summary": "SUSE Bug 1243517",
"url": "https://bugzilla.suse.com/1243517"
},
{
"category": "self",
"summary": "SUSE Bug 1243522",
"url": "https://bugzilla.suse.com/1243522"
},
{
"category": "self",
"summary": "SUSE Bug 1243523",
"url": "https://bugzilla.suse.com/1243523"
},
{
"category": "self",
"summary": "SUSE Bug 1243524",
"url": "https://bugzilla.suse.com/1243524"
},
{
"category": "self",
"summary": "SUSE Bug 1243528",
"url": "https://bugzilla.suse.com/1243528"
},
{
"category": "self",
"summary": "SUSE Bug 1243529",
"url": "https://bugzilla.suse.com/1243529"
},
{
"category": "self",
"summary": "SUSE Bug 1243530",
"url": "https://bugzilla.suse.com/1243530"
},
{
"category": "self",
"summary": "SUSE Bug 1243534",
"url": "https://bugzilla.suse.com/1243534"
},
{
"category": "self",
"summary": "SUSE Bug 1243536",
"url": "https://bugzilla.suse.com/1243536"
},
{
"category": "self",
"summary": "SUSE Bug 1243537",
"url": "https://bugzilla.suse.com/1243537"
},
{
"category": "self",
"summary": "SUSE Bug 1243538",
"url": "https://bugzilla.suse.com/1243538"
},
{
"category": "self",
"summary": "SUSE Bug 1243540",
"url": "https://bugzilla.suse.com/1243540"
},
{
"category": "self",
"summary": "SUSE Bug 1243542",
"url": "https://bugzilla.suse.com/1243542"
},
{
"category": "self",
"summary": "SUSE Bug 1243543",
"url": "https://bugzilla.suse.com/1243543"
},
{
"category": "self",
"summary": "SUSE Bug 1243544",
"url": "https://bugzilla.suse.com/1243544"
},
{
"category": "self",
"summary": "SUSE Bug 1243545",
"url": "https://bugzilla.suse.com/1243545"
},
{
"category": "self",
"summary": "SUSE Bug 1243548",
"url": "https://bugzilla.suse.com/1243548"
},
{
"category": "self",
"summary": "SUSE Bug 1243551",
"url": "https://bugzilla.suse.com/1243551"
},
{
"category": "self",
"summary": "SUSE Bug 1243559",
"url": "https://bugzilla.suse.com/1243559"
},
{
"category": "self",
"summary": "SUSE Bug 1243560",
"url": "https://bugzilla.suse.com/1243560"
},
{
"category": "self",
"summary": "SUSE Bug 1243562",
"url": "https://bugzilla.suse.com/1243562"
},
{
"category": "self",
"summary": "SUSE Bug 1243567",
"url": "https://bugzilla.suse.com/1243567"
},
{
"category": "self",
"summary": "SUSE Bug 1243571",
"url": "https://bugzilla.suse.com/1243571"
},
{
"category": "self",
"summary": "SUSE Bug 1243572",
"url": "https://bugzilla.suse.com/1243572"
},
{
"category": "self",
"summary": "SUSE Bug 1243573",
"url": "https://bugzilla.suse.com/1243573"
},
{
"category": "self",
"summary": "SUSE Bug 1243574",
"url": "https://bugzilla.suse.com/1243574"
},
{
"category": "self",
"summary": "SUSE Bug 1243575",
"url": "https://bugzilla.suse.com/1243575"
},
{
"category": "self",
"summary": "SUSE Bug 1243589",
"url": "https://bugzilla.suse.com/1243589"
},
{
"category": "self",
"summary": "SUSE Bug 1243620",
"url": "https://bugzilla.suse.com/1243620"
},
{
"category": "self",
"summary": "SUSE Bug 1243621",
"url": "https://bugzilla.suse.com/1243621"
},
{
"category": "self",
"summary": "SUSE Bug 1243624",
"url": "https://bugzilla.suse.com/1243624"
},
{
"category": "self",
"summary": "SUSE Bug 1243625",
"url": "https://bugzilla.suse.com/1243625"
},
{
"category": "self",
"summary": "SUSE Bug 1243626",
"url": "https://bugzilla.suse.com/1243626"
},
{
"category": "self",
"summary": "SUSE Bug 1243627",
"url": "https://bugzilla.suse.com/1243627"
},
{
"category": "self",
"summary": "SUSE Bug 1243628",
"url": "https://bugzilla.suse.com/1243628"
},
{
"category": "self",
"summary": "SUSE Bug 1243649",
"url": "https://bugzilla.suse.com/1243649"
},
{
"category": "self",
"summary": "SUSE Bug 1243659",
"url": "https://bugzilla.suse.com/1243659"
},
{
"category": "self",
"summary": "SUSE Bug 1243660",
"url": "https://bugzilla.suse.com/1243660"
},
{
"category": "self",
"summary": "SUSE Bug 1243664",
"url": "https://bugzilla.suse.com/1243664"
},
{
"category": "self",
"summary": "SUSE Bug 1243698",
"url": "https://bugzilla.suse.com/1243698"
},
{
"category": "self",
"summary": "SUSE Bug 1243774",
"url": "https://bugzilla.suse.com/1243774"
},
{
"category": "self",
"summary": "SUSE Bug 1243782",
"url": "https://bugzilla.suse.com/1243782"
},
{
"category": "self",
"summary": "SUSE Bug 1243823",
"url": "https://bugzilla.suse.com/1243823"
},
{
"category": "self",
"summary": "SUSE Bug 1243827",
"url": "https://bugzilla.suse.com/1243827"
},
{
"category": "self",
"summary": "SUSE Bug 1243832",
"url": "https://bugzilla.suse.com/1243832"
},
{
"category": "self",
"summary": "SUSE Bug 1243836",
"url": "https://bugzilla.suse.com/1243836"
},
{
"category": "self",
"summary": "SUSE Bug 1243847",
"url": "https://bugzilla.suse.com/1243847"
},
{
"category": "self",
"summary": "SUSE Bug 1244100",
"url": "https://bugzilla.suse.com/1244100"
},
{
"category": "self",
"summary": "SUSE Bug 1244145",
"url": "https://bugzilla.suse.com/1244145"
},
{
"category": "self",
"summary": "SUSE Bug 1244172",
"url": "https://bugzilla.suse.com/1244172"
},
{
"category": "self",
"summary": "SUSE Bug 1244174",
"url": "https://bugzilla.suse.com/1244174"
},
{
"category": "self",
"summary": "SUSE Bug 1244176",
"url": "https://bugzilla.suse.com/1244176"
},
{
"category": "self",
"summary": "SUSE Bug 1244229",
"url": "https://bugzilla.suse.com/1244229"
},
{
"category": "self",
"summary": "SUSE Bug 1244234",
"url": "https://bugzilla.suse.com/1244234"
},
{
"category": "self",
"summary": "SUSE Bug 1244241",
"url": "https://bugzilla.suse.com/1244241"
},
{
"category": "self",
"summary": "SUSE Bug 1244261",
"url": "https://bugzilla.suse.com/1244261"
},
{
"category": "self",
"summary": "SUSE Bug 1244274",
"url": "https://bugzilla.suse.com/1244274"
},
{
"category": "self",
"summary": "SUSE Bug 1244275",
"url": "https://bugzilla.suse.com/1244275"
},
{
"category": "self",
"summary": "SUSE Bug 1244277",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "self",
"summary": "SUSE Bug 1244309",
"url": "https://bugzilla.suse.com/1244309"
},
{
"category": "self",
"summary": "SUSE Bug 1244313",
"url": "https://bugzilla.suse.com/1244313"
},
{
"category": "self",
"summary": "SUSE Bug 1244337",
"url": "https://bugzilla.suse.com/1244337"
},
{
"category": "self",
"summary": "SUSE Bug 1244626",
"url": "https://bugzilla.suse.com/1244626"
},
{
"category": "self",
"summary": "SUSE Bug 1244725",
"url": "https://bugzilla.suse.com/1244725"
},
{
"category": "self",
"summary": "SUSE Bug 1244727",
"url": "https://bugzilla.suse.com/1244727"
},
{
"category": "self",
"summary": "SUSE Bug 1244729",
"url": "https://bugzilla.suse.com/1244729"
},
{
"category": "self",
"summary": "SUSE Bug 1244731",
"url": "https://bugzilla.suse.com/1244731"
},
{
"category": "self",
"summary": "SUSE Bug 1244732",
"url": "https://bugzilla.suse.com/1244732"
},
{
"category": "self",
"summary": "SUSE Bug 1244736",
"url": "https://bugzilla.suse.com/1244736"
},
{
"category": "self",
"summary": "SUSE Bug 1244737",
"url": "https://bugzilla.suse.com/1244737"
},
{
"category": "self",
"summary": "SUSE Bug 1244738",
"url": "https://bugzilla.suse.com/1244738"
},
{
"category": "self",
"summary": "SUSE Bug 1244739",
"url": "https://bugzilla.suse.com/1244739"
},
{
"category": "self",
"summary": "SUSE Bug 1244743",
"url": "https://bugzilla.suse.com/1244743"
},
{
"category": "self",
"summary": "SUSE Bug 1244746",
"url": "https://bugzilla.suse.com/1244746"
},
{
"category": "self",
"summary": "SUSE Bug 1244747",
"url": "https://bugzilla.suse.com/1244747"
},
{
"category": "self",
"summary": "SUSE Bug 1244759",
"url": "https://bugzilla.suse.com/1244759"
},
{
"category": "self",
"summary": "SUSE Bug 1244789",
"url": "https://bugzilla.suse.com/1244789"
},
{
"category": "self",
"summary": "SUSE Bug 1244862",
"url": "https://bugzilla.suse.com/1244862"
},
{
"category": "self",
"summary": "SUSE Bug 1244906",
"url": "https://bugzilla.suse.com/1244906"
},
{
"category": "self",
"summary": "SUSE Bug 1244938",
"url": "https://bugzilla.suse.com/1244938"
},
{
"category": "self",
"summary": "SUSE Bug 1244995",
"url": "https://bugzilla.suse.com/1244995"
},
{
"category": "self",
"summary": "SUSE Bug 1244996",
"url": "https://bugzilla.suse.com/1244996"
},
{
"category": "self",
"summary": "SUSE Bug 1244999",
"url": "https://bugzilla.suse.com/1244999"
},
{
"category": "self",
"summary": "SUSE Bug 1245001",
"url": "https://bugzilla.suse.com/1245001"
},
{
"category": "self",
"summary": "SUSE Bug 1245003",
"url": "https://bugzilla.suse.com/1245003"
},
{
"category": "self",
"summary": "SUSE Bug 1245004",
"url": "https://bugzilla.suse.com/1245004"
},
{
"category": "self",
"summary": "SUSE Bug 1245025",
"url": "https://bugzilla.suse.com/1245025"
},
{
"category": "self",
"summary": "SUSE Bug 1245042",
"url": "https://bugzilla.suse.com/1245042"
},
{
"category": "self",
"summary": "SUSE Bug 1245046",
"url": "https://bugzilla.suse.com/1245046"
},
{
"category": "self",
"summary": "SUSE Bug 1245078",
"url": "https://bugzilla.suse.com/1245078"
},
{
"category": "self",
"summary": "SUSE Bug 1245081",
"url": "https://bugzilla.suse.com/1245081"
},
{
"category": "self",
"summary": "SUSE Bug 1245082",
"url": "https://bugzilla.suse.com/1245082"
},
{
"category": "self",
"summary": "SUSE Bug 1245083",
"url": "https://bugzilla.suse.com/1245083"
},
{
"category": "self",
"summary": "SUSE Bug 1245101",
"url": "https://bugzilla.suse.com/1245101"
},
{
"category": "self",
"summary": "SUSE Bug 1245155",
"url": "https://bugzilla.suse.com/1245155"
},
{
"category": "self",
"summary": "SUSE Bug 1245183",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "self",
"summary": "SUSE Bug 1245193",
"url": "https://bugzilla.suse.com/1245193"
},
{
"category": "self",
"summary": "SUSE Bug 1245210",
"url": "https://bugzilla.suse.com/1245210"
},
{
"category": "self",
"summary": "SUSE Bug 1245217",
"url": "https://bugzilla.suse.com/1245217"
},
{
"category": "self",
"summary": "SUSE Bug 1245225",
"url": "https://bugzilla.suse.com/1245225"
},
{
"category": "self",
"summary": "SUSE Bug 1245226",
"url": "https://bugzilla.suse.com/1245226"
},
{
"category": "self",
"summary": "SUSE Bug 1245228",
"url": "https://bugzilla.suse.com/1245228"
},
{
"category": "self",
"summary": "SUSE Bug 1245431",
"url": "https://bugzilla.suse.com/1245431"
},
{
"category": "self",
"summary": "SUSE Bug 1245455",
"url": "https://bugzilla.suse.com/1245455"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52888 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53146 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26762 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26831 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49568 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50034 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50293 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50293/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56541 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56613 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56699 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57982 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57987 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57988 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57995 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58004 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58015 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58053 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58062 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58077 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58098 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58100 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21629 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21658 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21713 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21720 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21805 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21849 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21880 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21898 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21899 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21901 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21920 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21920/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21938 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21939 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21939/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21940 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21987 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22023 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22035 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22083 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22089 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22095 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22111 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22113 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22113/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22120 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22124 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23147 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23148 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23151 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23155 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23157 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23158 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23159 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23161 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23162 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37740 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37756 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37757 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37761 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37763 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37769 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37771 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37786 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37788 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37791 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37800 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37801 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37805 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37811 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37813 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37837 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37841 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37847 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37848 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37849 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37851 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37859 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37861 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37867 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37874 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37884 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37888 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37897 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37900 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37901 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37903 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37909 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37917 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37921 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37923 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37927 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37929 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37933 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37934 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37936 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37938 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37944 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37945 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37946 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37954 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37961 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37965 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37967 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37968 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37980 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37981 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37982 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37983 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37986 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37987 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37989 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37990 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37992 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37994 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37995 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37998 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38000 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38001 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38003 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38004 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38007 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38009 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38010 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38011 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38013 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38015 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38018 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38020 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38022 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38023 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38024 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38027 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38031 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38040 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38043 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38044 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38045 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38053 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38055 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38059 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38060 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38068 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38072 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38077 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38078 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38079 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38080 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38081 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38083 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38240 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40014/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-07-08T15:57:51Z",
"generator": {
"date": "2025-07-08T15:57:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02254-1",
"initial_release_date": "2025-07-08T15:57:51Z",
"revision_history": [
{
"date": "2025-07-08T15:57:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-6.4.0-150700.20.6.1.aarch64",
"product": {
"name": "cluster-md-kmp-azure-6.4.0-150700.20.6.1.aarch64",
"product_id": "cluster-md-kmp-azure-6.4.0-150700.20.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-6.4.0-150700.20.6.1.aarch64",
"product": {
"name": "dlm-kmp-azure-6.4.0-150700.20.6.1.aarch64",
"product_id": "dlm-kmp-azure-6.4.0-150700.20.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-6.4.0-150700.20.6.1.aarch64",
"product": {
"name": "gfs2-kmp-azure-6.4.0-150700.20.6.1.aarch64",
"product_id": "gfs2-kmp-azure-6.4.0-150700.20.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.4.0-150700.20.6.1.aarch64",
"product": {
"name": "kernel-azure-6.4.0-150700.20.6.1.aarch64",
"product_id": "kernel-azure-6.4.0-150700.20.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"product": {
"name": "kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"product_id": "kernel-azure-devel-6.4.0-150700.20.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.4.0-150700.20.6.1.aarch64",
"product": {
"name": "kernel-azure-extra-6.4.0-150700.20.6.1.aarch64",
"product_id": "kernel-azure-extra-6.4.0-150700.20.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-6.4.0-150700.20.6.1.aarch64",
"product": {
"name": "kernel-azure-optional-6.4.0-150700.20.6.1.aarch64",
"product_id": "kernel-azure-optional-6.4.0-150700.20.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"product": {
"name": "kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"product_id": "kernel-syms-azure-6.4.0-150700.20.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-6.4.0-150700.20.6.1.aarch64",
"product": {
"name": "kselftests-kmp-azure-6.4.0-150700.20.6.1.aarch64",
"product_id": "kselftests-kmp-azure-6.4.0-150700.20.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-6.4.0-150700.20.6.1.aarch64",
"product": {
"name": "ocfs2-kmp-azure-6.4.0-150700.20.6.1.aarch64",
"product_id": "ocfs2-kmp-azure-6.4.0-150700.20.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-6.4.0-150700.20.6.1.aarch64",
"product": {
"name": "reiserfs-kmp-azure-6.4.0-150700.20.6.1.aarch64",
"product_id": "reiserfs-kmp-azure-6.4.0-150700.20.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"product": {
"name": "kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"product_id": "kernel-devel-azure-6.4.0-150700.20.6.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"product": {
"name": "kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"product_id": "kernel-source-azure-6.4.0-150700.20.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-6.4.0-150700.20.6.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-6.4.0-150700.20.6.1.x86_64",
"product_id": "cluster-md-kmp-azure-6.4.0-150700.20.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-6.4.0-150700.20.6.1.x86_64",
"product": {
"name": "dlm-kmp-azure-6.4.0-150700.20.6.1.x86_64",
"product_id": "dlm-kmp-azure-6.4.0-150700.20.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-6.4.0-150700.20.6.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-6.4.0-150700.20.6.1.x86_64",
"product_id": "gfs2-kmp-azure-6.4.0-150700.20.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.4.0-150700.20.6.1.x86_64",
"product": {
"name": "kernel-azure-6.4.0-150700.20.6.1.x86_64",
"product_id": "kernel-azure-6.4.0-150700.20.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"product": {
"name": "kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"product_id": "kernel-azure-devel-6.4.0-150700.20.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.4.0-150700.20.6.1.x86_64",
"product": {
"name": "kernel-azure-extra-6.4.0-150700.20.6.1.x86_64",
"product_id": "kernel-azure-extra-6.4.0-150700.20.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-6.4.0-150700.20.6.1.x86_64",
"product": {
"name": "kernel-azure-optional-6.4.0-150700.20.6.1.x86_64",
"product_id": "kernel-azure-optional-6.4.0-150700.20.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-vdso-6.4.0-150700.20.6.1.x86_64",
"product": {
"name": "kernel-azure-vdso-6.4.0-150700.20.6.1.x86_64",
"product_id": "kernel-azure-vdso-6.4.0-150700.20.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-6.4.0-150700.20.6.1.x86_64",
"product": {
"name": "kernel-syms-azure-6.4.0-150700.20.6.1.x86_64",
"product_id": "kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-6.4.0-150700.20.6.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-6.4.0-150700.20.6.1.x86_64",
"product_id": "kselftests-kmp-azure-6.4.0-150700.20.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-6.4.0-150700.20.6.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-6.4.0-150700.20.6.1.x86_64",
"product_id": "ocfs2-kmp-azure-6.4.0-150700.20.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-6.4.0-150700.20.6.1.x86_64",
"product": {
"name": "reiserfs-kmp-azure-6.4.0-150700.20.6.1.x86_64",
"product_id": "reiserfs-kmp-azure-6.4.0-150700.20.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150700.20.6.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64"
},
"product_reference": "kernel-azure-6.4.0-150700.20.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150700.20.6.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64"
},
"product_reference": "kernel-azure-6.4.0-150700.20.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150700.20.6.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64"
},
"product_reference": "kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150700.20.6.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64"
},
"product_reference": "kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-6.4.0-150700.20.6.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch"
},
"product_reference": "kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-6.4.0-150700.20.6.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch"
},
"product_reference": "kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150700.20.6.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64"
},
"product_reference": "kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150700.20.6.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
},
"product_reference": "kernel-syms-azure-6.4.0-150700.20.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Only free buffer VA that is not NULL\n\nIn the MediaTek vcodec driver, while mtk_vcodec_mem_free() is mostly\ncalled only when the buffer to free exists, there are some instances\nthat didn\u0027t do the check and triggered warnings in practice.\n\nWe believe those checks were forgotten unintentionally. Add the checks\nback to fix the warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52888",
"url": "https://www.suse.com/security/cve/CVE-2023-52888"
},
{
"category": "external",
"summary": "SUSE Bug 1228557 for CVE-2023-52888",
"url": "https://bugzilla.suse.com/1228557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52888"
},
{
"cve": "CVE-2023-53146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()\n\nIn dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach dw2102_i2c_transfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 950e252cb469\n(\"[media] dw2102: limit messages to buffer size\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53146",
"url": "https://www.suse.com/security/cve/CVE-2023-53146"
},
{
"category": "external",
"summary": "SUSE Bug 1220112 for CVE-2023-53146",
"url": "https://bugzilla.suse.com/1220112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-53146"
},
{
"cve": "CVE-2024-26762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/pci: Skip to handle RAS errors if CXL.mem device is detached\n\nThe PCI AER model is an awkward fit for CXL error handling. While the\nexpectation is that a PCI device can escalate to link reset to recover\nfrom an AER event, the same reset on CXL amounts to a surprise memory\nhotplug of massive amounts of memory.\n\nAt present, the CXL error handler attempts some optimistic error\nhandling to unbind the device from the cxl_mem driver after reaping some\nRAS register values. This results in a \"hopeful\" attempt to unplug the\nmemory, but there is no guarantee that will succeed.\n\nA subsequent AER notification after the memdev unbind event can no\nlonger assume the registers are mapped. Check for memdev bind before\nreaping status register values to avoid crashes of the form:\n\n BUG: unable to handle page fault for address: ffa00000195e9100\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n [...]\n RIP: 0010:__cxl_handle_ras+0x30/0x110 [cxl_core]\n [...]\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x24/0x70\n ? page_fault_oops+0x82/0x160\n ? kernelmode_fixup_or_oops+0x84/0x110\n ? exc_page_fault+0x113/0x170\n ? asm_exc_page_fault+0x26/0x30\n ? __pfx_dpc_reset_link+0x10/0x10\n ? __cxl_handle_ras+0x30/0x110 [cxl_core]\n ? find_cxl_port+0x59/0x80 [cxl_core]\n cxl_handle_rp_ras+0xbc/0xd0 [cxl_core]\n cxl_error_detected+0x6c/0xf0 [cxl_core]\n report_error_detected+0xc7/0x1c0\n pci_walk_bus+0x73/0x90\n pcie_do_recovery+0x23f/0x330\n\nLonger term, the unbind and PCI_ERS_RESULT_DISCONNECT behavior might\nneed to be replaced with a new PCI_ERS_RESULT_PANIC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26762",
"url": "https://www.suse.com/security/cve/CVE-2024-26762"
},
{
"category": "external",
"summary": "SUSE Bug 1230337 for CVE-2024-26762",
"url": "https://bugzilla.suse.com/1230337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-26762"
},
{
"cve": "CVE-2024-26831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/handshake: Fix handshake_req_destroy_test1\n\nRecently, handshake_req_destroy_test1 started failing:\n\nExpected handshake_req_destroy_test == req, but\n handshake_req_destroy_test == 0000000000000000\n req == 0000000060f99b40\nnot ok 11 req_destroy works\n\nThis is because \"sock_release(sock)\" was replaced with \"fput(filp)\"\nto address a memory leak. Note that sock_release() is synchronous\nbut fput() usually delays the final close and clean-up.\n\nThe delay is not consequential in the other cases that were changed\nbut handshake_req_destroy_test1 is testing that handshake_req_cancel()\nfollowed by closing the file actually does call the -\u003ehp_destroy\nmethod. Thus the PTR_EQ test at the end has to be sure that the\nfinal close is complete before it checks the pointer.\n\nWe cannot use a completion here because if -\u003ehp_destroy is never\ncalled (ie, there is an API bug) then the test will hang.\n\nReported by: Guenter Roeck \u003clinux@roeck-us.net\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26831",
"url": "https://www.suse.com/security/cve/CVE-2024-26831"
},
{
"category": "external",
"summary": "SUSE Bug 1223008 for CVE-2024-26831",
"url": "https://bugzilla.suse.com/1223008"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-26831"
},
{
"cve": "CVE-2024-41085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/mem: Fix no cxl_nvd during pmem region auto-assembling\n\nWhen CXL subsystem is auto-assembling a pmem region during cxl\nendpoint port probing, always hit below calltrace.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000078\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n RIP: 0010:cxl_pmem_region_probe+0x22e/0x360 [cxl_pmem]\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x24/0x70\n ? page_fault_oops+0x82/0x160\n ? do_user_addr_fault+0x65/0x6b0\n ? exc_page_fault+0x7d/0x170\n ? asm_exc_page_fault+0x26/0x30\n ? cxl_pmem_region_probe+0x22e/0x360 [cxl_pmem]\n ? cxl_pmem_region_probe+0x1ac/0x360 [cxl_pmem]\n cxl_bus_probe+0x1b/0x60 [cxl_core]\n really_probe+0x173/0x410\n ? __pfx___device_attach_driver+0x10/0x10\n __driver_probe_device+0x80/0x170\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x90/0x120\n bus_for_each_drv+0x84/0xe0\n __device_attach+0xbc/0x1f0\n bus_probe_device+0x90/0xa0\n device_add+0x51c/0x710\n devm_cxl_add_pmem_region+0x1b5/0x380 [cxl_core]\n cxl_bus_probe+0x1b/0x60 [cxl_core]\n\nThe cxl_nvd of the memdev needs to be available during the pmem region\nprobe. Currently the cxl_nvd is registered after the endpoint port probe.\nThe endpoint probe, in the case of autoassembly of regions, can cause a\npmem region probe requiring the not yet available cxl_nvd. Adjust the\nsequence so this dependency is met.\n\nThis requires adding a port parameter to cxl_find_nvdimm_bridge() that\ncan be used to query the ancestor root port. The endpoint port is not\nyet available, but will share a common ancestor with its parent, so\nstart the query from there instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41085",
"url": "https://www.suse.com/security/cve/CVE-2024-41085"
},
{
"category": "external",
"summary": "SUSE Bug 1228478 for CVE-2024-41085",
"url": "https://bugzilla.suse.com/1228478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-41085"
},
{
"cve": "CVE-2024-43869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix event leak upon exec and file release\n\nThe perf pending task work is never waited upon the matching event\nrelease. In the case of a child event, released via free_event()\ndirectly, this can potentially result in a leaked event, such as in the\nfollowing scenario that doesn\u0027t even require a weak IRQ work\nimplementation to trigger:\n\nschedule()\n prepare_task_switch()\n=======\u003e \u003cNMI\u003e\n perf_event_overflow()\n event-\u003epending_sigtrap = ...\n irq_work_queue(\u0026event-\u003epending_irq)\n\u003c======= \u003c/NMI\u003e\n perf_event_task_sched_out()\n event_sched_out()\n event-\u003epending_sigtrap = 0;\n atomic_long_inc_not_zero(\u0026event-\u003erefcount)\n task_work_add(\u0026event-\u003epending_task)\n finish_lock_switch()\n=======\u003e \u003cIRQ\u003e\n perf_pending_irq()\n //do nothing, rely on pending task work\n\u003c======= \u003c/IRQ\u003e\n\nbegin_new_exec()\n perf_event_exit_task()\n perf_event_exit_event()\n // If is child event\n free_event()\n WARN(atomic_long_cmpxchg(\u0026event-\u003erefcount, 1, 0) != 1)\n // event is leaked\n\nSimilar scenarios can also happen with perf_event_remove_on_exec() or\nsimply against concurrent perf_event_release().\n\nFix this with synchonizing against the possibly remaining pending task\nwork while freeing the event, just like is done with remaining pending\nIRQ work. This means that the pending task callback neither need nor\nshould hold a reference to the event, preventing it from ever beeing\nfreed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43869",
"url": "https://www.suse.com/security/cve/CVE-2024-43869"
},
{
"category": "external",
"summary": "SUSE Bug 1229491 for CVE-2024-43869",
"url": "https://bugzilla.suse.com/1229491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-43869"
},
{
"cve": "CVE-2024-49568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the fields v2_ext_offset/\neid_cnt/ism_gid_cnt in proposal msg are from the remote client\nand can not be fully trusted. Especially the field v2_ext_offset,\nonce exceed the max value, there has the chance to access wrong\naddress, and crash may happen.\n\nThis patch checks the fields v2_ext_offset/eid_cnt/ism_gid_cnt\nbefore using them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49568",
"url": "https://www.suse.com/security/cve/CVE-2024-49568"
},
{
"category": "external",
"summary": "SUSE Bug 1235728 for CVE-2024-49568",
"url": "https://bugzilla.suse.com/1235728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-49568"
},
{
"cve": "CVE-2024-50034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC\n\nEric report a panic on IPPROTO_SMC, and give the facts\nthat when INET_PROTOSW_ICSK was set, icsk-\u003eicsk_sync_mss must be set too.\n\nBug: Unable to handle kernel NULL pointer dereference at virtual address\n0000000000000000\nMem abort info:\nESR = 0x0000000086000005\nEC = 0x21: IABT (current EL), IL = 32 bits\nSET = 0, FnV = 0\nEA = 0, S1PTW = 0\nFSC = 0x05: level 1 translation fault\nuser pgtable: 4k pages, 48-bit VAs, pgdp=00000001195d1000\n[0000000000000000] pgd=0800000109c46003, p4d=0800000109c46003,\npud=0000000000000000\nInternal error: Oops: 0000000086000005 [#1] PREEMPT SMP\nModules linked in:\nCPU: 1 UID: 0 PID: 8037 Comm: syz.3.265 Not tainted\n6.11.0-rc7-syzkaller-g5f5673607153 #0\nHardware name: Google Google Compute Engine/Google Compute Engine,\nBIOS Google 08/06/2024\npstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : 0x0\nlr : cipso_v4_sock_setattr+0x2a8/0x3c0 net/ipv4/cipso_ipv4.c:1910\nsp : ffff80009b887a90\nx29: ffff80009b887aa0 x28: ffff80008db94050 x27: 0000000000000000\nx26: 1fffe0001aa6f5b3 x25: dfff800000000000 x24: ffff0000db75da00\nx23: 0000000000000000 x22: ffff0000d8b78518 x21: 0000000000000000\nx20: ffff0000d537ad80 x19: ffff0000d8b78000 x18: 1fffe000366d79ee\nx17: ffff8000800614a8 x16: ffff800080569b84 x15: 0000000000000001\nx14: 000000008b336894 x13: 00000000cd96feaa x12: 0000000000000003\nx11: 0000000000040000 x10: 00000000000020a3 x9 : 1fffe0001b16f0f1\nx8 : 0000000000000000 x7 : 0000000000000000 x6 : 000000000000003f\nx5 : 0000000000000040 x4 : 0000000000000001 x3 : 0000000000000000\nx2 : 0000000000000002 x1 : 0000000000000000 x0 : ffff0000d8b78000\nCall trace:\n0x0\nnetlbl_sock_setattr+0x2e4/0x338 net/netlabel/netlabel_kapi.c:1000\nsmack_netlbl_add+0xa4/0x154 security/smack/smack_lsm.c:2593\nsmack_socket_post_create+0xa8/0x14c security/smack/smack_lsm.c:2973\nsecurity_socket_post_create+0x94/0xd4 security/security.c:4425\n__sock_create+0x4c8/0x884 net/socket.c:1587\nsock_create net/socket.c:1622 [inline]\n__sys_socket_create net/socket.c:1659 [inline]\n__sys_socket+0x134/0x340 net/socket.c:1706\n__do_sys_socket net/socket.c:1720 [inline]\n__se_sys_socket net/socket.c:1718 [inline]\n__arm64_sys_socket+0x7c/0x94 net/socket.c:1718\n__invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\ninvoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\nel0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\ndo_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\nel0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712\nel0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730\nel0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598\nCode: ???????? ???????? ???????? ???????? (????????)\n---[ end trace 0000000000000000 ]---\n\nThis patch add a toy implementation that performs a simple return to\nprevent such panic. This is because MSS can be set in sock_create_kern\nor smc_setsockopt, similar to how it\u0027s done in AF_SMC. However, for\nAF_SMC, there is currently no way to synchronize MSS within\n__sys_connect_file. This toy implementation lays the groundwork for us\nto support such feature for IPPROTO_SMC in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50034",
"url": "https://www.suse.com/security/cve/CVE-2024-50034"
},
{
"category": "external",
"summary": "SUSE Bug 1231913 for CVE-2024-50034",
"url": "https://bugzilla.suse.com/1231913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-50034"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.com/1232882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-50106"
},
{
"cve": "CVE-2024-50293",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50293"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: do not leave a dangling sk pointer in __smc_create()\n\nThanks to commit 4bbd360a5084 (\"socket: Print pf-\u003ecreate() when\nit does not clear sock-\u003esk on failure.\"), syzbot found an issue with AF_SMC:\n\nsmc_create must clear sock-\u003esk on failure, family: 43, type: 1, protocol: 0\n WARNING: CPU: 0 PID: 5827 at net/socket.c:1565 __sock_create+0x96f/0xa30 net/socket.c:1563\nModules linked in:\nCPU: 0 UID: 0 PID: 5827 Comm: syz-executor259 Not tainted 6.12.0-rc6-next-20241106-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:__sock_create+0x96f/0xa30 net/socket.c:1563\nCode: 03 00 74 08 4c 89 e7 e8 4f 3b 85 f8 49 8b 34 24 48 c7 c7 40 89 0c 8d 8b 54 24 04 8b 4c 24 0c 44 8b 44 24 08 e8 32 78 db f7 90 \u003c0f\u003e 0b 90 90 e9 d3 fd ff ff 89 e9 80 e1 07 fe c1 38 c1 0f 8c ee f7\nRSP: 0018:ffffc90003e4fda0 EFLAGS: 00010246\nRAX: 099c6f938c7f4700 RBX: 1ffffffff1a595fd RCX: ffff888034823c00\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 00000000ffffffe9 R08: ffffffff81567052 R09: 1ffff920007c9f50\nR10: dffffc0000000000 R11: fffff520007c9f51 R12: ffffffff8d2cafe8\nR13: 1ffffffff1a595fe R14: ffffffff9a789c40 R15: ffff8880764298c0\nFS: 000055557b518380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fa62ff43225 CR3: 0000000031628000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n sock_create net/socket.c:1616 [inline]\n __sys_socket_create net/socket.c:1653 [inline]\n __sys_socket+0x150/0x3c0 net/socket.c:1700\n __do_sys_socket net/socket.c:1714 [inline]\n __se_sys_socket net/socket.c:1712 [inline]\n\nFor reference, see commit 2d859aff775d (\"Merge branch\n\u0027do-not-leave-dangling-sk-pointers-in-pf-create-functions\u0027\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50293",
"url": "https://www.suse.com/security/cve/CVE-2024-50293"
},
{
"category": "external",
"summary": "SUSE Bug 1233482 for CVE-2024-50293",
"url": "https://bugzilla.suse.com/1233482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "important"
}
],
"title": "CVE-2024-50293"
},
{
"cve": "CVE-2024-56541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup()\n\nDuring ath12k module removal, in ath12k_core_deinit(),\nath12k_mac_destroy() un-registers ah-\u003ehw from mac80211 and frees\nthe ah-\u003ehw as well as all the ar\u0027s in it. After this\nath12k_core_soc_destroy()-\u003e ath12k_dp_free()-\u003e ath12k_dp_cc_cleanup()\ntries to access one of the freed ar\u0027s from pending skb.\n\nThis is because during mac destroy, driver failed to flush few\ndata packets, which were accessed later in ath12k_dp_cc_cleanup()\nand freed, but using ar from the packet led to this use-after-free.\n\nBUG: KASAN: use-after-free in ath12k_dp_cc_cleanup.part.0+0x5e2/0xd40 [ath12k]\nWrite of size 4 at addr ffff888150bd3514 by task modprobe/8926\nCPU: 0 UID: 0 PID: 8926 Comm: modprobe Not tainted\n6.11.0-rc2-wt-ath+ #1746\nHardware name: Intel(R) Client Systems NUC8i7HVK/NUC8i7HVB, BIOS\nHNKBLi70.86A.0067.2021.0528.1339 05/28/2021\n\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7d/0xe0\n print_address_description.constprop.0+0x33/0x3a0\n print_report+0xb5/0x260\n ? kasan_addr_to_slab+0x24/0x80\n kasan_report+0xd8/0x110\n ? ath12k_dp_cc_cleanup.part.0+0x5e2/0xd40 [ath12k]\n ? ath12k_dp_cc_cleanup.part.0+0x5e2/0xd40 [ath12k]\n kasan_check_range+0xf3/0x1a0\n __kasan_check_write+0x14/0x20\n ath12k_dp_cc_cleanup.part.0+0x5e2/0xd40 [ath12k]\n ath12k_dp_free+0x178/0x420 [ath12k]\n ath12k_core_stop+0x176/0x200 [ath12k]\n ath12k_core_deinit+0x13f/0x210 [ath12k]\n ath12k_pci_remove+0xad/0x1c0 [ath12k]\n pci_device_remove+0x9b/0x1b0\n device_remove+0xbf/0x150\n device_release_driver_internal+0x3c3/0x580\n ? __kasan_check_read+0x11/0x20\n driver_detach+0xc4/0x190\n bus_remove_driver+0x130/0x2a0\n driver_unregister+0x68/0x90\n pci_unregister_driver+0x24/0x240\n ? find_module_all+0x13e/0x1e0\n ath12k_pci_exit+0x10/0x20 [ath12k]\n __do_sys_delete_module+0x32c/0x580\n ? module_flags+0x2f0/0x2f0\n ? kmem_cache_free+0xf0/0x410\n ? __fput+0x56f/0xab0\n ? __fput+0x56f/0xab0\n ? debug_smp_processor_id+0x17/0x20\n __x64_sys_delete_module+0x4f/0x70\n x64_sys_call+0x522/0x9f0\n do_syscall_64+0x64/0x130\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\nRIP: 0033:0x7f8182c6ac8b\n\nCommit 24de1b7b231c (\"wifi: ath12k: fix flush failure in recovery\nscenarios\") added the change to decrement the pending packets count\nin case of recovery which make sense as ah-\u003ehw as well all\nar\u0027s in it are intact during recovery, but during core deinit there\nis no use in decrementing packets count or waking up the empty waitq\nas the module is going to be removed also ar\u0027s from pending skb\u0027s\ncan\u0027t be used and the packets should just be released back.\n\nTo fix this, avoid accessing ar from skb-\u003ecb when driver is being\nunregistered.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.1.1-00214-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56541",
"url": "https://www.suse.com/security/cve/CVE-2024-56541"
},
{
"category": "external",
"summary": "SUSE Bug 1235064 for CVE-2024-56541",
"url": "https://bugzilla.suse.com/1235064"
},
{
"category": "external",
"summary": "SUSE Bug 1247044 for CVE-2024-56541",
"url": "https://bugzilla.suse.com/1247044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "important"
}
],
"title": "CVE-2024-56541"
},
{
"cve": "CVE-2024-56613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56613"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: fix memory leak due to the overwritten vma-\u003enumab_state\n\n[Problem Description]\nWhen running the hackbench program of LTP, the following memory leak is\nreported by kmemleak.\n\n # /opt/ltp/testcases/bin/hackbench 20 thread 1000\n Running with 20*40 (== 800) tasks.\n\n # dmesg | grep kmemleak\n ...\n kmemleak: 480 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n kmemleak: 665 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n\n # cat /sys/kernel/debug/kmemleak\n unreferenced object 0xffff888cd8ca2c40 (size 64):\n comm \"hackbench\", pid 17142, jiffies 4299780315\n hex dump (first 32 bytes):\n ac 74 49 00 01 00 00 00 4c 84 49 00 01 00 00 00 .tI.....L.I.....\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc bff18fd4):\n [\u003cffffffff81419a89\u003e] __kmalloc_cache_noprof+0x2f9/0x3f0\n [\u003cffffffff8113f715\u003e] task_numa_work+0x725/0xa00\n [\u003cffffffff8110f878\u003e] task_work_run+0x58/0x90\n [\u003cffffffff81ddd9f8\u003e] syscall_exit_to_user_mode+0x1c8/0x1e0\n [\u003cffffffff81dd78d5\u003e] do_syscall_64+0x85/0x150\n [\u003cffffffff81e0012b\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n ...\n\nThis issue can be consistently reproduced on three different servers:\n * a 448-core server\n * a 256-core server\n * a 192-core server\n\n[Root Cause]\nSince multiple threads are created by the hackbench program (along with\nthe command argument \u0027thread\u0027), a shared vma might be accessed by two or\nmore cores simultaneously. When two or more cores observe that\nvma-\u003enumab_state is NULL at the same time, vma-\u003enumab_state will be\noverwritten.\n\nAlthough current code ensures that only one thread scans the VMAs in a\nsingle \u0027numa_scan_period\u0027, there might be a chance for another thread\nto enter in the next \u0027numa_scan_period\u0027 while we have not gotten till\nnumab_state allocation [1].\n\nNote that the command `/opt/ltp/testcases/bin/hackbench 50 process 1000`\ncannot the reproduce the issue. It is verified with 200+ test runs.\n\n[Solution]\nUse the cmpxchg atomic operation to ensure that only one thread executes\nthe vma-\u003enumab_state assignment.\n\n[1] https://lore.kernel.org/lkml/1794be3c-358c-4cdc-a43d-a1f841d91ef7@amd.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56613",
"url": "https://www.suse.com/security/cve/CVE-2024-56613"
},
{
"category": "external",
"summary": "SUSE Bug 1244176 for CVE-2024-56613",
"url": "https://bugzilla.suse.com/1244176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "low"
}
],
"title": "CVE-2024-56613"
},
{
"cve": "CVE-2024-56699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix potential double remove of hotplug slot\n\nIn commit 6ee600bfbe0f (\"s390/pci: remove hotplug slot when releasing the\ndevice\") the zpci_exit_slot() was moved from zpci_device_reserved() to\nzpci_release_device() with the intention of keeping the hotplug slot\naround until the device is actually removed.\n\nNow zpci_release_device() is only called once all references are\ndropped. Since the zPCI subsystem only drops its reference once the\ndevice is in the reserved state it follows that zpci_release_device()\nmust only deal with devices in the reserved state. Despite that it\ncontains code to tear down from both configured and standby state. For\nthe standby case this already includes the removal of the hotplug slot\nso would cause a double removal if a device was ever removed in\neither configured or standby state.\n\nInstead of causing a potential double removal in a case that should\nnever happen explicitly WARN_ON() if a device in non-reserved state is\nreleased and get rid of the dead code cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56699",
"url": "https://www.suse.com/security/cve/CVE-2024-56699"
},
{
"category": "external",
"summary": "SUSE Bug 1235490 for CVE-2024-56699",
"url": "https://bugzilla.suse.com/1235490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-56699"
},
{
"cve": "CVE-2024-57982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: state: fix out-of-bounds read during lookup\n\nlookup and resize can run in parallel.\n\nThe xfrm_state_hash_generation seqlock ensures a retry, but the hash\nfunctions can observe a hmask value that is too large for the new hlist\narray.\n\nrehash does:\n rcu_assign_pointer(net-\u003exfrm.state_bydst, ndst) [..]\n net-\u003exfrm.state_hmask = nhashmask;\n\nWhile state lookup does:\n h = xfrm_dst_hash(net, daddr, saddr, tmpl-\u003ereqid, encap_family);\n hlist_for_each_entry_rcu(x, net-\u003exfrm.state_bydst + h, bydst) {\n\nThis is only safe in case the update to state_bydst is larger than\nnet-\u003exfrm.xfrm_state_hmask (or if the lookup function gets\nserialized via state spinlock again).\n\nFix this by prefetching state_hmask and the associated pointers.\nThe xfrm_state_hash_generation seqlock retry will ensure that the pointer\nand the hmask will be consistent.\n\nThe existing helpers, like xfrm_dst_hash(), are now unsafe for RCU side,\nadd lockdep assertions to document that they are only safe for insert\nside.\n\nxfrm_state_lookup_byaddr() uses the spinlock rather than RCU.\nAFAICS this is an oversight from back when state lookup was converted to\nRCU, this lock should be replaced with RCU in a future patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57982",
"url": "https://www.suse.com/security/cve/CVE-2024-57982"
},
{
"category": "external",
"summary": "SUSE Bug 1237913 for CVE-2024-57982",
"url": "https://bugzilla.suse.com/1237913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-57982"
},
{
"cve": "CVE-2024-57987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57987"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: check for NULL in btrtl_setup_realtek()\n\nIf insert an USB dongle which chip is not maintained in ic_id_table, it\nwill hit the NULL point accessed. Add a null point check to avoid the\nKernel Oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57987",
"url": "https://www.suse.com/security/cve/CVE-2024-57987"
},
{
"category": "external",
"summary": "SUSE Bug 1237905 for CVE-2024-57987",
"url": "https://bugzilla.suse.com/1237905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-57987"
},
{
"cve": "CVE-2024-57988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57988"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btbcm: Fix NULL deref in btbcm_get_board_name()\n\ndevm_kstrdup() can return a NULL pointer on failure,but this\nreturned value in btbcm_get_board_name() is not checked.\nAdd NULL check in btbcm_get_board_name(), to handle kernel NULL\npointer dereference error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57988",
"url": "https://www.suse.com/security/cve/CVE-2024-57988"
},
{
"category": "external",
"summary": "SUSE Bug 1237910 for CVE-2024-57988",
"url": "https://bugzilla.suse.com/1237910"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-57988"
},
{
"cve": "CVE-2024-57995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev()\n\nIn ath12k_mac_assign_vif_to_vdev(), if arvif is created on a different\nradio, it gets deleted from that radio through a call to\nath12k_mac_unassign_link_vif(). This action frees the arvif pointer.\nSubsequently, there is a check involving arvif, which will result in a\nread-after-free scenario.\n\nFix this by moving this check after arvif is again assigned via call to\nath12k_mac_assign_link_vif().\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57995",
"url": "https://www.suse.com/security/cve/CVE-2024-57995"
},
{
"category": "external",
"summary": "SUSE Bug 1237895 for CVE-2024-57995",
"url": "https://bugzilla.suse.com/1237895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-57995"
},
{
"cve": "CVE-2024-58004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: intel/ipu6: remove cpu latency qos request on error\n\nFix cpu latency qos list corruption like below. It happens when\nwe do not remove cpu latency request on error path and free\ncorresponding memory.\n\n[ 30.634378] l7 kernel: list_add corruption. prev-\u003enext should be next (ffffffff9645e960), but was 0000000100100001. (prev=ffff8e9e877e20a8).\n[ 30.634388] l7 kernel: WARNING: CPU: 2 PID: 2008 at lib/list_debug.c:32 __list_add_valid_or_report+0x83/0xa0\n\u003csnip\u003e\n[ 30.634640] l7 kernel: Call Trace:\n[ 30.634650] l7 kernel: \u003cTASK\u003e\n[ 30.634659] l7 kernel: ? __list_add_valid_or_report+0x83/0xa0\n[ 30.634669] l7 kernel: ? __warn.cold+0x93/0xf6\n[ 30.634678] l7 kernel: ? __list_add_valid_or_report+0x83/0xa0\n[ 30.634690] l7 kernel: ? report_bug+0xff/0x140\n[ 30.634702] l7 kernel: ? handle_bug+0x58/0x90\n[ 30.634712] l7 kernel: ? exc_invalid_op+0x17/0x70\n[ 30.634723] l7 kernel: ? asm_exc_invalid_op+0x1a/0x20\n[ 30.634733] l7 kernel: ? __list_add_valid_or_report+0x83/0xa0\n[ 30.634742] l7 kernel: plist_add+0xdd/0x140\n[ 30.634754] l7 kernel: pm_qos_update_target+0xa0/0x1f0\n[ 30.634764] l7 kernel: cpu_latency_qos_update_request+0x61/0xc0\n[ 30.634773] l7 kernel: intel_dp_aux_xfer+0x4c7/0x6e0 [i915 1f824655ed04687c2b0d23dbce759fa785f6d033]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58004",
"url": "https://www.suse.com/security/cve/CVE-2024-58004"
},
{
"category": "external",
"summary": "SUSE Bug 1238508 for CVE-2024-58004",
"url": "https://bugzilla.suse.com/1238508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-58004"
},
{
"cve": "CVE-2024-58015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix for out-of bound access error\n\nSelfgen stats are placed in a buffer using print_array_to_buf_index() function.\nArray length parameter passed to the function is too big, resulting in possible\nout-of bound memory error.\nDecreasing buffer size by one fixes faulty upper bound of passed array.\n\nDiscovered in coverity scan, CID 1600742 and CID 1600758",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58015",
"url": "https://www.suse.com/security/cve/CVE-2024-58015"
},
{
"category": "external",
"summary": "SUSE Bug 1238995 for CVE-2024-58015",
"url": "https://bugzilla.suse.com/1238995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-58015"
},
{
"cve": "CVE-2024-58053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix handling of received connection abort\n\nFix the handling of a connection abort that we\u0027ve received. Though the\nabort is at the connection level, it needs propagating to the calls on that\nconnection. Whilst the propagation bit is performed, the calls aren\u0027t then\nwoken up to go and process their termination, and as no further input is\nforthcoming, they just hang.\n\nAlso add some tracing for the logging of connection aborts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58053",
"url": "https://www.suse.com/security/cve/CVE-2024-58053"
},
{
"category": "external",
"summary": "SUSE Bug 1238982 for CVE-2024-58053",
"url": "https://bugzilla.suse.com/1238982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-58053"
},
{
"cve": "CVE-2024-58062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: avoid NULL pointer dereference\n\nWhen iterating over the links of a vif, we need to make sure that the\npointer is valid (in other words - that the link exists) before\ndereferncing it.\nUse for_each_vif_active_link that also does the check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58062",
"url": "https://www.suse.com/security/cve/CVE-2024-58062"
},
{
"category": "external",
"summary": "SUSE Bug 1238965 for CVE-2024-58062",
"url": "https://bugzilla.suse.com/1238965"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-58062"
},
{
"cve": "CVE-2024-58077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: soc-pcm: don\u0027t use soc_pcm_ret() on .prepare callback\n\ncommit 1f5664351410 (\"ASoC: lower \"no backend DAIs enabled for ... Port\"\nlog severity\") ignores -EINVAL error message on common soc_pcm_ret().\nIt is used from many functions, ignoring -EINVAL is over-kill.\n\nThe reason why -EINVAL was ignored was it really should only be used\nupon invalid parameters coming from userspace and in that case we don\u0027t\nwant to log an error since we do not want to give userspace a way to do\na denial-of-service attack on the syslog / diskspace.\n\nSo don\u0027t use soc_pcm_ret() on .prepare callback is better idea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58077",
"url": "https://www.suse.com/security/cve/CVE-2024-58077"
},
{
"category": "external",
"summary": "SUSE Bug 1239090 for CVE-2024-58077",
"url": "https://bugzilla.suse.com/1239090"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-58077"
},
{
"cve": "CVE-2024-58098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: track changes_pkt_data property for global functions\n\nWhen processing calls to certain helpers, verifier invalidates all\npacket pointers in a current state. For example, consider the\nfollowing program:\n\n __attribute__((__noinline__))\n long skb_pull_data(struct __sk_buff *sk, __u32 len)\n {\n return bpf_skb_pull_data(sk, len);\n }\n\n SEC(\"tc\")\n int test_invalidate_checks(struct __sk_buff *sk)\n {\n int *p = (void *)(long)sk-\u003edata;\n if ((void *)(p + 1) \u003e (void *)(long)sk-\u003edata_end) return TCX_DROP;\n skb_pull_data(sk, 0);\n *p = 42;\n return TCX_PASS;\n }\n\nAfter a call to bpf_skb_pull_data() the pointer \u0027p\u0027 can\u0027t be used\nsafely. See function filter.c:bpf_helper_changes_pkt_data() for a list\nof such helpers.\n\nAt the moment verifier invalidates packet pointers when processing\nhelper function calls, and does not traverse global sub-programs when\nprocessing calls to global sub-programs. This means that calls to\nhelpers done from global sub-programs do not invalidate pointers in\nthe caller state. E.g. the program above is unsafe, but is not\nrejected by verifier.\n\nThis commit fixes the omission by computing field\nbpf_subprog_info-\u003echanges_pkt_data for each sub-program before main\nverification pass.\nchanges_pkt_data should be set if:\n- subprogram calls helper for which bpf_helper_changes_pkt_data\n returns true;\n- subprogram calls a global function,\n for which bpf_subprog_info-\u003echanges_pkt_data should be set.\n\nThe verifier.c:check_cfg() pass is modified to compute this\ninformation. The commit relies on depth first instruction traversal\ndone by check_cfg() and absence of recursive function calls:\n- check_cfg() would eventually visit every call to subprogram S in a\n state when S is fully explored;\n- when S is fully explored:\n - every direct helper call within S is explored\n (and thus changes_pkt_data is set if needed);\n - every call to subprogram S1 called by S was visited with S1 fully\n explored (and thus S inherits changes_pkt_data from S1).\n\nThe downside of such approach is that dead code elimination is not\ntaken into account: if a helper call inside global function is dead\nbecause of current configuration, verifier would conservatively assume\nthat the call occurs for the purpose of the changes_pkt_data\ncomputation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58098",
"url": "https://www.suse.com/security/cve/CVE-2024-58098"
},
{
"category": "external",
"summary": "SUSE Bug 1242565 for CVE-2024-58098",
"url": "https://bugzilla.suse.com/1242565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-58098"
},
{
"cve": "CVE-2024-58099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame\n\nAndrew and Nikolay reported connectivity issues with Cilium\u0027s service\nload-balancing in case of vmxnet3.\n\nIf a BPF program for native XDP adds an encapsulation header such as\nIPIP and transmits the packet out the same interface, then in case\nof vmxnet3 a corrupted packet is being sent and subsequently dropped\non the path.\n\nvmxnet3_xdp_xmit_frame() which is called e.g. via vmxnet3_run_xdp()\nthrough vmxnet3_xdp_xmit_back() calculates an incorrect DMA address:\n\n page = virt_to_page(xdpf-\u003edata);\n tbi-\u003edma_addr = page_pool_get_dma_addr(page) +\n VMXNET3_XDP_HEADROOM;\n dma_sync_single_for_device(\u0026adapter-\u003epdev-\u003edev,\n tbi-\u003edma_addr, buf_size,\n DMA_TO_DEVICE);\n\nThe above assumes a fixed offset (VMXNET3_XDP_HEADROOM), but the XDP\nBPF program could have moved xdp-\u003edata. While the passed buf_size is\ncorrect (xdpf-\u003elen), the dma_addr needs to have a dynamic offset which\ncan be calculated as xdpf-\u003edata - (void *)xdpf, that is, xdp-\u003edata -\nxdp-\u003edata_hard_start.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58099",
"url": "https://www.suse.com/security/cve/CVE-2024-58099"
},
{
"category": "external",
"summary": "SUSE Bug 1242035 for CVE-2024-58099",
"url": "https://bugzilla.suse.com/1242035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-58099"
},
{
"cve": "CVE-2024-58100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: check changes_pkt_data property for extension programs\n\nWhen processing calls to global sub-programs, verifier decides whether\nto invalidate all packet pointers in current state depending on the\nchanges_pkt_data property of the global sub-program.\n\nBecause of this, an extension program replacing a global sub-program\nmust be compatible with changes_pkt_data property of the sub-program\nbeing replaced.\n\nThis commit:\n- adds changes_pkt_data flag to struct bpf_prog_aux:\n - this flag is set in check_cfg() for main sub-program;\n - in jit_subprogs() for other sub-programs;\n- modifies bpf_check_attach_btf_id() to check changes_pkt_data flag;\n- moves call to check_attach_btf_id() after the call to check_cfg(),\n because it needs changes_pkt_data flag to be set:\n\n bpf_check:\n ... ...\n - check_attach_btf_id resolve_pseudo_ldimm64\n resolve_pseudo_ldimm64 --\u003e bpf_prog_is_offloaded\n bpf_prog_is_offloaded check_cfg\n check_cfg + check_attach_btf_id\n ... ...\n\nThe following fields are set by check_attach_btf_id():\n- env-\u003eops\n- prog-\u003eaux-\u003eattach_btf_trace\n- prog-\u003eaux-\u003eattach_func_name\n- prog-\u003eaux-\u003eattach_func_proto\n- prog-\u003eaux-\u003edst_trampoline\n- prog-\u003eaux-\u003emod\n- prog-\u003eaux-\u003esaved_dst_attach_type\n- prog-\u003eaux-\u003esaved_dst_prog_type\n- prog-\u003eexpected_attach_type\n\nNeither of these fields are used by resolve_pseudo_ldimm64() or\nbpf_prog_offload_verifier_prep() (for netronome and netdevsim\ndrivers), so the reordering is safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58100",
"url": "https://www.suse.com/security/cve/CVE-2024-58100"
},
{
"category": "external",
"summary": "SUSE Bug 1242564 for CVE-2024-58100",
"url": "https://bugzilla.suse.com/1242564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-58100"
},
{
"cve": "CVE-2024-58237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: consider that tail calls invalidate packet pointers\n\nTail-called programs could execute any of the helpers that invalidate\npacket pointers. Hence, conservatively assume that each tail call\ninvalidates packet pointers.\n\nMaking the change in bpf_helper_changes_pkt_data() automatically makes\nuse of check_cfg() logic that computes \u0027changes_pkt_data\u0027 effect for\nglobal sub-programs, such that the following program could be\nrejected:\n\n int tail_call(struct __sk_buff *sk)\n {\n \tbpf_tail_call_static(sk, \u0026jmp_table, 0);\n \treturn 0;\n }\n\n SEC(\"tc\")\n int not_safe(struct __sk_buff *sk)\n {\n \tint *p = (void *)(long)sk-\u003edata;\n \t... make p valid ...\n \ttail_call(sk);\n \t*p = 42; /* this is unsafe */\n \t...\n }\n\nThe tc_bpf2bpf.c:subprog_tc() needs change: mark it as a function that\ncan invalidate packet pointers. Otherwise, it can\u0027t be freplaced with\ntailcall_freplace.c:entry_freplace() that does a tail call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58237",
"url": "https://www.suse.com/security/cve/CVE-2024-58237"
},
{
"category": "external",
"summary": "SUSE Bug 1242574 for CVE-2024-58237",
"url": "https://bugzilla.suse.com/1242574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-58237"
},
{
"cve": "CVE-2025-21629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\n\nThe blamed commit disabled hardware offoad of IPv6 packets with\nextension headers on devices that advertise NETIF_F_IPV6_CSUM,\nbased on the definition of that feature in skbuff.h:\n\n * * - %NETIF_F_IPV6_CSUM\n * - Driver (device) is only able to checksum plain\n * TCP or UDP packets over IPv6. These are specifically\n * unencapsulated packets of the form IPv6|TCP or\n * IPv6|UDP where the Next Header field in the IPv6\n * header is either TCP or UDP. IPv6 extension headers\n * are not supported with this feature. This feature\n * cannot be set in features for a device with\n * NETIF_F_HW_CSUM also set. This feature is being\n * DEPRECATED (see below).\n\nThe change causes skb_warn_bad_offload to fire for BIG TCP\npackets.\n\n[ 496.310233] WARNING: CPU: 13 PID: 23472 at net/core/dev.c:3129 skb_warn_bad_offload+0xc4/0xe0\n\n[ 496.310297] ? skb_warn_bad_offload+0xc4/0xe0\n[ 496.310300] skb_checksum_help+0x129/0x1f0\n[ 496.310303] skb_csum_hwoffload_help+0x150/0x1b0\n[ 496.310306] validate_xmit_skb+0x159/0x270\n[ 496.310309] validate_xmit_skb_list+0x41/0x70\n[ 496.310312] sch_direct_xmit+0x5c/0x250\n[ 496.310317] __qdisc_run+0x388/0x620\n\nBIG TCP introduced an IPV6_TLV_JUMBO IPv6 extension header to\ncommunicate packet length, as this is an IPv6 jumbogram. But, the\nfeature is only enabled on devices that support BIG TCP TSO. The\nheader is only present for PF_PACKET taps like tcpdump, and not\ntransmitted by physical devices.\n\nFor this specific case of extension headers that are not\ntransmitted, return to the situation before the blamed commit\nand support hardware offload.\n\nipv6_has_hopopt_jumbo() tests not only whether this header is present,\nbut also that it is the only extension header before a terminal (L4)\nheader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21629",
"url": "https://www.suse.com/security/cve/CVE-2025-21629"
},
{
"category": "external",
"summary": "SUSE Bug 1235968 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "external",
"summary": "SUSE Bug 1244722 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1244722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "important"
}
],
"title": "CVE-2025-21629"
},
{
"cve": "CVE-2025-21658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: avoid NULL pointer dereference if no valid extent tree\n\n[BUG]\nSyzbot reported a crash with the following call trace:\n\n BTRFS info (device loop0): scrub: started on devid 1\n BUG: kernel NULL pointer dereference, address: 0000000000000208\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 106e70067 P4D 106e70067 PUD 107143067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 UID: 0 PID: 689 Comm: repro Kdump: loaded Tainted: G O 6.13.0-rc4-custom+ #206\n Tainted: [O]=OOT_MODULE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 02/02/2022\n RIP: 0010:find_first_extent_item+0x26/0x1f0 [btrfs]\n Call Trace:\n \u003cTASK\u003e\n scrub_find_fill_first_stripe+0x13d/0x3b0 [btrfs]\n scrub_simple_mirror+0x175/0x260 [btrfs]\n scrub_stripe+0x5d4/0x6c0 [btrfs]\n scrub_chunk+0xbb/0x170 [btrfs]\n scrub_enumerate_chunks+0x2f4/0x5f0 [btrfs]\n btrfs_scrub_dev+0x240/0x600 [btrfs]\n btrfs_ioctl+0x1dc8/0x2fa0 [btrfs]\n ? do_sys_openat2+0xa5/0xf0\n __x64_sys_ioctl+0x97/0xc0\n do_syscall_64+0x4f/0x120\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\n[CAUSE]\nThe reproducer is using a corrupted image where extent tree root is\ncorrupted, thus forcing to use \"rescue=all,ro\" mount option to mount the\nimage.\n\nThen it triggered a scrub, but since scrub relies on extent tree to find\nwhere the data/metadata extents are, scrub_find_fill_first_stripe()\nrelies on an non-empty extent root.\n\nBut unfortunately scrub_find_fill_first_stripe() doesn\u0027t really expect\nan NULL pointer for extent root, it use extent_root to grab fs_info and\ntriggered a NULL pointer dereference.\n\n[FIX]\nAdd an extra check for a valid extent root at the beginning of\nscrub_find_fill_first_stripe().\n\nThe new error path is introduced by 42437a6386ff (\"btrfs: introduce\nmount option rescue=ignorebadroots\"), but that\u0027s pretty old, and later\ncommit b979547513ff (\"btrfs: scrub: introduce helper to find and fill\nsector info for a scrub_stripe\") changed how we do scrub.\n\nSo for kernels older than 6.6, the fix will need manual backport.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21658",
"url": "https://www.suse.com/security/cve/CVE-2025-21658"
},
{
"category": "external",
"summary": "SUSE Bug 1236208 for CVE-2025-21658",
"url": "https://bugzilla.suse.com/1236208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21658"
},
{
"cve": "CVE-2025-21713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: Don\u0027t unset window if it was never set\n\nOn pSeries, when user attempts to use the same vfio container used by\ndifferent iommu group, the spapr_tce_set_window() returns -EPERM\nand the subsequent cleanup leads to the below crash.\n\n Kernel attempted to read user page (308) - exploit attempt?\n BUG: Kernel NULL pointer dereference on read at 0x00000308\n Faulting instruction address: 0xc0000000001ce358\n Oops: Kernel access of bad area, sig: 11 [#1]\n NIP: c0000000001ce358 LR: c0000000001ce05c CTR: c00000000005add0\n \u003csnip\u003e\n NIP [c0000000001ce358] spapr_tce_unset_window+0x3b8/0x510\n LR [c0000000001ce05c] spapr_tce_unset_window+0xbc/0x510\n Call Trace:\n spapr_tce_unset_window+0xbc/0x510 (unreliable)\n tce_iommu_attach_group+0x24c/0x340 [vfio_iommu_spapr_tce]\n vfio_container_attach_group+0xec/0x240 [vfio]\n vfio_group_fops_unl_ioctl+0x548/0xb00 [vfio]\n sys_ioctl+0x754/0x1580\n system_call_exception+0x13c/0x330\n system_call_vectored_common+0x15c/0x2ec\n \u003csnip\u003e\n --- interrupt: 3000\n\nFix this by having null check for the tbl passed to the\nspapr_tce_unset_window().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21713",
"url": "https://www.suse.com/security/cve/CVE-2025-21713"
},
{
"category": "external",
"summary": "SUSE Bug 1237887 for CVE-2025-21713",
"url": "https://bugzilla.suse.com/1237887"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21713"
},
{
"cve": "CVE-2025-21720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21720"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: delete intermediate secpath entry in packet offload mode\n\nPackets handled by hardware have added secpath as a way to inform XFRM\ncore code that this path was already handled. That secpath is not needed\nat all after policy is checked and it is removed later in the stack.\n\nHowever, in the case of IP forwarding is enabled (/proc/sys/net/ipv4/ip_forward),\nthat secpath is not removed and packets which already were handled are reentered\nto the driver TX path with xfrm_offload set.\n\nThe following kernel panic is observed in mlx5 in such case:\n\n mlx5_core 0000:04:00.0 enp4s0f0np0: Link up\n mlx5_core 0000:04:00.1 enp4s0f1np1: Link up\n Initializing XFRM netlink socket\n IPsec XFRM device driver\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor instruction fetch in kernel mode\n #PF: error_code(0x0010) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0010 [#1] PREEMPT SMP\n CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc1-alex #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n RIP: 0010:0x0\n Code: Unable to access opcode bytes at 0xffffffffffffffd6.\n RSP: 0018:ffffb87380003800 EFLAGS: 00010206\n RAX: ffff8df004e02600 RBX: ffffb873800038d8 RCX: 00000000ffff98cf\n RDX: ffff8df00733e108 RSI: ffff8df00521fb80 RDI: ffff8df001661f00\n RBP: ffffb87380003850 R08: ffff8df013980000 R09: 0000000000000010\n R10: 0000000000000002 R11: 0000000000000002 R12: ffff8df001661f00\n R13: ffff8df00521fb80 R14: ffff8df00733e108 R15: ffff8df011faf04e\n FS: 0000000000000000(0000) GS:ffff8df46b800000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffffffffffffd6 CR3: 0000000106384000 CR4: 0000000000350ef0\n Call Trace:\n \u003cIRQ\u003e\n ? show_regs+0x63/0x70\n ? __die_body+0x20/0x60\n ? __die+0x2b/0x40\n ? page_fault_oops+0x15c/0x550\n ? do_user_addr_fault+0x3ed/0x870\n ? exc_page_fault+0x7f/0x190\n ? asm_exc_page_fault+0x27/0x30\n mlx5e_ipsec_handle_tx_skb+0xe7/0x2f0 [mlx5_core]\n mlx5e_xmit+0x58e/0x1980 [mlx5_core]\n ? __fib_lookup+0x6a/0xb0\n dev_hard_start_xmit+0x82/0x1d0\n sch_direct_xmit+0xfe/0x390\n __dev_queue_xmit+0x6d8/0xee0\n ? __fib_lookup+0x6a/0xb0\n ? internal_add_timer+0x48/0x70\n ? mod_timer+0xe2/0x2b0\n neigh_resolve_output+0x115/0x1b0\n __neigh_update+0x26a/0xc50\n neigh_update+0x14/0x20\n arp_process+0x2cb/0x8e0\n ? __napi_build_skb+0x5e/0x70\n arp_rcv+0x11e/0x1c0\n ? dev_gro_receive+0x574/0x820\n __netif_receive_skb_list_core+0x1cf/0x1f0\n netif_receive_skb_list_internal+0x183/0x2a0\n napi_complete_done+0x76/0x1c0\n mlx5e_napi_poll+0x234/0x7a0 [mlx5_core]\n __napi_poll+0x2d/0x1f0\n net_rx_action+0x1a6/0x370\n ? atomic_notifier_call_chain+0x3b/0x50\n ? irq_int_handler+0x15/0x20 [mlx5_core]\n handle_softirqs+0xb9/0x2f0\n ? handle_irq_event+0x44/0x60\n irq_exit_rcu+0xdb/0x100\n common_interrupt+0x98/0xc0\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_common_interrupt+0x27/0x40\n RIP: 0010:pv_native_safe_halt+0xb/0x10\n Code: 09 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 0f 22\n 0f 1f 84 00 00 00 00 00 90 eb 07 0f 00 2d 7f e9 36 00 fb\n40 00 83 ff 07 77 21 89 ff ff 24 fd 88 3d a1 bd 0f 21 f8\n RSP: 0018:ffffffffbe603de8 EFLAGS: 00000202\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000f92f46680\n RDX: 0000000000000037 RSI: 00000000ffffffff RDI: 00000000000518d4\n RBP: ffffffffbe603df0 R08: 000000cd42e4dffb R09: ffffffffbe603d70\n R10: 0000004d80d62680 R11: 0000000000000001 R12: ffffffffbe60bf40\n R13: 0000000000000000 R14: 0000000000000000 R15: ffffffffbe60aff8\n ? default_idle+0x9/0x20\n arch_cpu_idle+0x9/0x10\n default_idle_call+0x29/0xf0\n do_idle+0x1f2/0x240\n cpu_startup_entry+0x2c/0x30\n rest_init+0xe7/0x100\n start_kernel+0x76b/0xb90\n x86_64_start_reservations+0x18/0x30\n x86_64_start_kernel+0xc0/0x110\n ? setup_ghcb+0xe/0x130\n common_startup_64+0x13e/0x141\n \u003c/TASK\u003e\n Modules linked in: esp4_offload esp4 xfrm_interface\nxfrm6_tunnel tunnel4 tunnel6 xfrm_user xfrm_algo binf\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21720",
"url": "https://www.suse.com/security/cve/CVE-2025-21720"
},
{
"category": "external",
"summary": "SUSE Bug 1238859 for CVE-2025-21720",
"url": "https://bugzilla.suse.com/1238859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21720"
},
{
"cve": "CVE-2025-21770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix potential memory leak in iopf_queue_remove_device()\n\nThe iopf_queue_remove_device() helper removes a device from the per-iommu\niopf queue when PRI is disabled on the device. It responds to all\noutstanding iopf\u0027s with an IOMMU_PAGE_RESP_INVALID code and detaches the\ndevice from the queue.\n\nHowever, it fails to release the group structure that represents a group\nof iopf\u0027s awaiting for a response after responding to the hardware. This\ncan cause a memory leak if iopf_queue_remove_device() is called with\npending iopf\u0027s.\n\nFix it by calling iopf_free_group() after the iopf group is responded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21770",
"url": "https://www.suse.com/security/cve/CVE-2025-21770"
},
{
"category": "external",
"summary": "SUSE Bug 1238495 for CVE-2025-21770",
"url": "https://bugzilla.suse.com/1238495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21770"
},
{
"cve": "CVE-2025-21805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rtrs: Add missing deinit() call\n\nA warning is triggered when repeatedly connecting and disconnecting the\nrnbd:\n list_add corruption. prev-\u003enext should be next (ffff88800b13e480), but was ffff88801ecd1338. (prev=ffff88801ecd1340).\n WARNING: CPU: 1 PID: 36562 at lib/list_debug.c:32 __list_add_valid_or_report+0x7f/0xa0\n Workqueue: ib_cm cm_work_handler [ib_cm]\n RIP: 0010:__list_add_valid_or_report+0x7f/0xa0\n ? __list_add_valid_or_report+0x7f/0xa0\n ib_register_event_handler+0x65/0x93 [ib_core]\n rtrs_srv_ib_dev_init+0x29/0x30 [rtrs_server]\n rtrs_ib_dev_find_or_add+0x124/0x1d0 [rtrs_core]\n __alloc_path+0x46c/0x680 [rtrs_server]\n ? rtrs_rdma_connect+0xa6/0x2d0 [rtrs_server]\n ? rcu_is_watching+0xd/0x40\n ? __mutex_lock+0x312/0xcf0\n ? get_or_create_srv+0xad/0x310 [rtrs_server]\n ? rtrs_rdma_connect+0xa6/0x2d0 [rtrs_server]\n rtrs_rdma_connect+0x23c/0x2d0 [rtrs_server]\n ? __lock_release+0x1b1/0x2d0\n cma_cm_event_handler+0x4a/0x1a0 [rdma_cm]\n cma_ib_req_handler+0x3a0/0x7e0 [rdma_cm]\n cm_process_work+0x28/0x1a0 [ib_cm]\n ? _raw_spin_unlock_irq+0x2f/0x50\n cm_req_handler+0x618/0xa60 [ib_cm]\n cm_work_handler+0x71/0x520 [ib_cm]\n\nCommit 667db86bcbe8 (\"RDMA/rtrs: Register ib event handler\") introduced a\nnew element .deinit but never used it at all. Fix it by invoking the\n`deinit()` to appropriately unregister the IB event handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21805",
"url": "https://www.suse.com/security/cve/CVE-2025-21805"
},
{
"category": "external",
"summary": "SUSE Bug 1238741 for CVE-2025-21805",
"url": "https://bugzilla.suse.com/1238741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21805"
},
{
"cve": "CVE-2025-21824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpu: host1x: Fix a use of uninitialized mutex\n\ncommit c8347f915e67 (\"gpu: host1x: Fix boot regression for Tegra\")\ncaused a use of uninitialized mutex leading to below warning when\nCONFIG_DEBUG_MUTEXES and CONFIG_DEBUG_LOCK_ALLOC are enabled.\n\n[ 41.662843] ------------[ cut here ]------------\n[ 41.663012] DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n[ 41.663035] WARNING: CPU: 4 PID: 794 at kernel/locking/mutex.c:587 __mutex_lock+0x670/0x878\n[ 41.663458] Modules linked in: rtw88_8822c(+) bluetooth(+) rtw88_pci rtw88_core mac80211 aquantia libarc4 crc_itu_t cfg80211 tegra194_cpufreq dwmac_tegra(+) arm_dsu_pmu stmmac_platform stmmac pcs_xpcs rfkill at24 host1x(+) tegra_bpmp_thermal ramoops reed_solomon fuse loop nfnetlink xfs mmc_block rpmb_core ucsi_ccg ina3221 crct10dif_ce xhci_tegra ghash_ce lm90 sha2_ce sha256_arm64 sha1_ce sdhci_tegra pwm_fan sdhci_pltfm sdhci gpio_keys rtc_tegra cqhci mmc_core phy_tegra_xusb i2c_tegra tegra186_gpc_dma i2c_tegra_bpmp spi_tegra114 dm_mirror dm_region_hash dm_log dm_mod\n[ 41.665078] CPU: 4 UID: 0 PID: 794 Comm: (udev-worker) Not tainted 6.11.0-29.31_1538613708.el10.aarch64+debug #1\n[ 41.665838] Hardware name: NVIDIA NVIDIA Jetson AGX Orin Developer Kit/Jetson, BIOS 36.3.0-gcid-35594366 02/26/2024\n[ 41.672555] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 41.679636] pc : __mutex_lock+0x670/0x878\n[ 41.683834] lr : __mutex_lock+0x670/0x878\n[ 41.688035] sp : ffff800084b77090\n[ 41.691446] x29: ffff800084b77160 x28: ffffdd4bebf7b000 x27: ffffdd4be96b1000\n[ 41.698799] x26: 1fffe0002308361c x25: 1ffff0001096ee18 x24: 0000000000000000\n[ 41.706149] x23: 0000000000000000 x22: 0000000000000002 x21: ffffdd4be6e3c7a0\n[ 41.713500] x20: ffff800084b770f0 x19: ffff00011841b1e8 x18: 0000000000000000\n[ 41.720675] x17: 0000000000000000 x16: 0000000000000000 x15: 0720072007200720\n[ 41.728023] x14: 0000000000000000 x13: 0000000000000001 x12: ffff6001a96eaab3\n[ 41.735375] x11: 1fffe001a96eaab2 x10: ffff6001a96eaab2 x9 : ffffdd4be4838bbc\n[ 41.742723] x8 : 00009ffe5691554e x7 : ffff000d4b755593 x6 : 0000000000000001\n[ 41.749985] x5 : ffff000d4b755590 x4 : 1fffe0001d88f001 x3 : dfff800000000000\n[ 41.756988] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff0000ec478000\n[ 41.764251] Call trace:\n[ 41.766695] __mutex_lock+0x670/0x878\n[ 41.770373] mutex_lock_nested+0x2c/0x40\n[ 41.774134] host1x_intr_start+0x54/0xf8 [host1x]\n[ 41.778863] host1x_runtime_resume+0x150/0x228 [host1x]\n[ 41.783935] pm_generic_runtime_resume+0x84/0xc8\n[ 41.788485] __rpm_callback+0xa0/0x478\n[ 41.792422] rpm_callback+0x15c/0x1a8\n[ 41.795922] rpm_resume+0x698/0xc08\n[ 41.799597] __pm_runtime_resume+0xa8/0x140\n[ 41.803621] host1x_probe+0x810/0xbc0 [host1x]\n[ 41.807909] platform_probe+0xcc/0x1a8\n[ 41.811845] really_probe+0x188/0x800\n[ 41.815347] __driver_probe_device+0x164/0x360\n[ 41.819810] driver_probe_device+0x64/0x1a8\n[ 41.823834] __driver_attach+0x180/0x490\n[ 41.827773] bus_for_each_dev+0x104/0x1a0\n[ 41.831797] driver_attach+0x44/0x68\n[ 41.835296] bus_add_driver+0x23c/0x4e8\n[ 41.839235] driver_register+0x15c/0x3a8\n[ 41.843170] __platform_register_drivers+0xa4/0x208\n[ 41.848159] tegra_host1x_init+0x4c/0xff8 [host1x]\n[ 41.853147] do_one_initcall+0xd4/0x380\n[ 41.856997] do_init_module+0x1dc/0x698\n[ 41.860758] load_module+0xc70/0x1300\n[ 41.864435] __do_sys_init_module+0x1a8/0x1d0\n[ 41.868721] __arm64_sys_init_module+0x74/0xb0\n[ 41.873183] invoke_syscall.constprop.0+0xdc/0x1e8\n[ 41.877997] do_el0_svc+0x154/0x1d0\n[ 41.881671] el0_svc+0x54/0x140\n[ 41.884820] el0t_64_sync_handler+0x120/0x130\n[ 41.889285] el0t_64_sync+0x1a4/0x1a8\n[ 41.892960] irq event stamp: 69737\n[ 41.896370] hardirqs last enabled at (69737): [\u003cffffdd4be6d7768c\u003e] _raw_spin_unlock_irqrestore+0x44/0xe8\n[ 41.905739] hardirqs last disabled at (69736):\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21824",
"url": "https://www.suse.com/security/cve/CVE-2025-21824"
},
{
"category": "external",
"summary": "SUSE Bug 1238478 for CVE-2025-21824",
"url": "https://bugzilla.suse.com/1238478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21824"
},
{
"cve": "CVE-2025-21842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\namdkfd: properly free gang_ctx_bo when failed to init user queue\n\nThe destructor of a gtt bo is declared as\nvoid amdgpu_amdkfd_free_gtt_mem(struct amdgpu_device *adev, void **mem_obj);\nWhich takes void** as the second parameter.\n\nGCC allows passing void* to the function because void* can be implicitly\ncasted to any other types, so it can pass compiling.\n\nHowever, passing this void* parameter into the function\u0027s\nexecution process(which expects void** and dereferencing void**)\nwill result in errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21842",
"url": "https://www.suse.com/security/cve/CVE-2025-21842"
},
{
"category": "external",
"summary": "SUSE Bug 1239063 for CVE-2025-21842",
"url": "https://bugzilla.suse.com/1239063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21842"
},
{
"cve": "CVE-2025-21849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gt: Use spin_lock_irqsave() in interruptible context\n\nspin_lock/unlock() functions used in interrupt contexts could\nresult in a deadlock, as seen in GitLab issue #13399,\nwhich occurs when interrupt comes in while holding a lock.\n\nTry to remedy the problem by saving irq state before spin lock\nacquisition.\n\nv2: add irqs\u0027 state save/restore calls to all locks/unlocks in\n signal_irq_work() execution (Maciej)\n\nv3: use with spin_lock_irqsave() in guc_lrc_desc_unpin() instead\n of other lock/unlock calls and add Fixes and Cc tags (Tvrtko);\n change title and commit message\n\n(cherry picked from commit c088387ddd6482b40f21ccf23db1125e8fa4af7e)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21849",
"url": "https://www.suse.com/security/cve/CVE-2025-21849"
},
{
"category": "external",
"summary": "SUSE Bug 1239485 for CVE-2025-21849",
"url": "https://bugzilla.suse.com/1239485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21849"
},
{
"cve": "CVE-2025-21868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: allow small head cache usage with large MAX_SKB_FRAGS values\n\nSabrina reported the following splat:\n\n WARNING: CPU: 0 PID: 1 at net/core/dev.c:6935 netif_napi_add_weight_locked+0x8f2/0xba0\n Modules linked in:\n CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.14.0-rc1-net-00092-g011b03359038 #996\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:netif_napi_add_weight_locked+0x8f2/0xba0\n Code: e8 c3 e6 6a fe 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc c7 44 24 10 ff ff ff ff e9 8f fb ff ff e8 9e e6 6a fe \u003c0f\u003e 0b e9 d3 fe ff ff e8 92 e6 6a fe 48 8b 04 24 be ff ff ff ff 48\n RSP: 0000:ffffc9000001fc60 EFLAGS: 00010293\n RAX: 0000000000000000 RBX: ffff88806ce48128 RCX: 1ffff11001664b9e\n RDX: ffff888008f00040 RSI: ffffffff8317ca42 RDI: ffff88800b325cb6\n RBP: ffff88800b325c40 R08: 0000000000000001 R09: ffffed100167502c\n R10: ffff88800b3a8163 R11: 0000000000000000 R12: ffff88800ac1c168\n R13: ffff88800ac1c168 R14: ffff88800ac1c168 R15: 0000000000000007\n FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffff888008201000 CR3: 0000000004c94001 CR4: 0000000000370ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n gro_cells_init+0x1ba/0x270\n xfrm_input_init+0x4b/0x2a0\n xfrm_init+0x38/0x50\n ip_rt_init+0x2d7/0x350\n ip_init+0xf/0x20\n inet_init+0x406/0x590\n do_one_initcall+0x9d/0x2e0\n do_initcalls+0x23b/0x280\n kernel_init_freeable+0x445/0x490\n kernel_init+0x20/0x1d0\n ret_from_fork+0x46/0x80\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n irq event stamp: 584330\n hardirqs last enabled at (584338): [\u003cffffffff8168bf87\u003e] __up_console_sem+0x77/0xb0\n hardirqs last disabled at (584345): [\u003cffffffff8168bf6c\u003e] __up_console_sem+0x5c/0xb0\n softirqs last enabled at (583242): [\u003cffffffff833ee96d\u003e] netlink_insert+0x14d/0x470\n softirqs last disabled at (583754): [\u003cffffffff8317c8cd\u003e] netif_napi_add_weight_locked+0x77d/0xba0\n\non kernel built with MAX_SKB_FRAGS=45, where SKB_WITH_OVERHEAD(1024)\nis smaller than GRO_MAX_HEAD.\n\nSuch built additionally contains the revert of the single page frag cache\nso that napi_get_frags() ends up using the page frag allocator, triggering\nthe splat.\n\nNote that the underlying issue is independent from the mentioned\nrevert; address it ensuring that the small head cache will fit either TCP\nand GRO allocation and updating napi_alloc_skb() and __netdev_alloc_skb()\nto select kmalloc() usage for any allocation fitting such cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21868",
"url": "https://www.suse.com/security/cve/CVE-2025-21868"
},
{
"category": "external",
"summary": "SUSE Bug 1240180 for CVE-2025-21868",
"url": "https://bugzilla.suse.com/1240180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21868"
},
{
"cve": "CVE-2025-21880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21880"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/userptr: fix EFAULT handling\n\nCurrently we treat EFAULT from hmm_range_fault() as a non-fatal error\nwhen called from xe_vm_userptr_pin() with the idea that we want to avoid\nkilling the entire vm and chucking an error, under the assumption that\nthe user just did an unmap or something, and has no intention of\nactually touching that memory from the GPU. At this point we have\nalready zapped the PTEs so any access should generate a page fault, and\nif the pin fails there also it will then become fatal.\n\nHowever it looks like it\u0027s possible for the userptr vma to still be on\nthe rebind list in preempt_rebind_work_func(), if we had to retry the\npin again due to something happening in the caller before we did the\nrebind step, but in the meantime needing to re-validate the userptr and\nthis time hitting the EFAULT.\n\nThis explains an internal user report of hitting:\n\n[ 191.738349] WARNING: CPU: 1 PID: 157 at drivers/gpu/drm/xe/xe_res_cursor.h:158 xe_pt_stage_bind.constprop.0+0x60a/0x6b0 [xe]\n[ 191.738551] Workqueue: xe-ordered-wq preempt_rebind_work_func [xe]\n[ 191.738616] RIP: 0010:xe_pt_stage_bind.constprop.0+0x60a/0x6b0 [xe]\n[ 191.738690] Call Trace:\n[ 191.738692] \u003cTASK\u003e\n[ 191.738694] ? show_regs+0x69/0x80\n[ 191.738698] ? __warn+0x93/0x1a0\n[ 191.738703] ? xe_pt_stage_bind.constprop.0+0x60a/0x6b0 [xe]\n[ 191.738759] ? report_bug+0x18f/0x1a0\n[ 191.738764] ? handle_bug+0x63/0xa0\n[ 191.738767] ? exc_invalid_op+0x19/0x70\n[ 191.738770] ? asm_exc_invalid_op+0x1b/0x20\n[ 191.738777] ? xe_pt_stage_bind.constprop.0+0x60a/0x6b0 [xe]\n[ 191.738834] ? ret_from_fork_asm+0x1a/0x30\n[ 191.738849] bind_op_prepare+0x105/0x7b0 [xe]\n[ 191.738906] ? dma_resv_reserve_fences+0x301/0x380\n[ 191.738912] xe_pt_update_ops_prepare+0x28c/0x4b0 [xe]\n[ 191.738966] ? kmemleak_alloc+0x4b/0x80\n[ 191.738973] ops_execute+0x188/0x9d0 [xe]\n[ 191.739036] xe_vm_rebind+0x4ce/0x5a0 [xe]\n[ 191.739098] ? trace_hardirqs_on+0x4d/0x60\n[ 191.739112] preempt_rebind_work_func+0x76f/0xd00 [xe]\n\nFollowed by NPD, when running some workload, since the sg was never\nactually populated but the vma is still marked for rebind when it should\nbe skipped for this special EFAULT case. This is confirmed to fix the\nuser report.\n\nv2 (MattB):\n - Move earlier.\nv3 (MattB):\n - Update the commit message to make it clear that this indeed fixes the\n issue.\n\n(cherry picked from commit 6b93cb98910c826c2e2004942f8b060311e43618)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21880",
"url": "https://www.suse.com/security/cve/CVE-2025-21880"
},
{
"category": "external",
"summary": "SUSE Bug 1240170 for CVE-2025-21880",
"url": "https://bugzilla.suse.com/1240170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21880"
},
{
"cve": "CVE-2025-21898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Avoid potential division by zero in function_stat_show()\n\nCheck whether denominator expression x * (x - 1) * 1000 mod {2^32, 2^64}\nproduce zero and skip stddev computation in that case.\n\nFor now don\u0027t care about rec-\u003ecounter * rec-\u003ecounter overflow because\nrec-\u003etime * rec-\u003etime overflow will likely happen earlier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21898",
"url": "https://www.suse.com/security/cve/CVE-2025-21898"
},
{
"category": "external",
"summary": "SUSE Bug 1240610 for CVE-2025-21898",
"url": "https://bugzilla.suse.com/1240610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21898"
},
{
"cve": "CVE-2025-21899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21899"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix bad hist from corrupting named_triggers list\n\nThe following commands causes a crash:\n\n ~# cd /sys/kernel/tracing/events/rcu/rcu_callback\n ~# echo \u0027hist:name=bad:keys=common_pid:onmax(bogus).save(common_pid)\u0027 \u003e trigger\n bash: echo: write error: Invalid argument\n ~# echo \u0027hist:name=bad:keys=common_pid\u0027 \u003e trigger\n\nBecause the following occurs:\n\nevent_trigger_write() {\n trigger_process_regex() {\n event_hist_trigger_parse() {\n\n data = event_trigger_alloc(..);\n\n event_trigger_register(.., data) {\n cmd_ops-\u003ereg(.., data, ..) [hist_register_trigger()] {\n data-\u003eops-\u003einit() [event_hist_trigger_init()] {\n save_named_trigger(name, data) {\n list_add(\u0026data-\u003enamed_list, \u0026named_triggers);\n }\n }\n }\n }\n\n ret = create_actions(); (return -EINVAL)\n if (ret)\n goto out_unreg;\n[..]\n ret = hist_trigger_enable(data, ...) {\n list_add_tail_rcu(\u0026data-\u003elist, \u0026file-\u003etriggers); \u003c\u003c\u003c---- SKIPPED!!! (this is important!)\n[..]\n out_unreg:\n event_hist_unregister(.., data) {\n cmd_ops-\u003eunreg(.., data, ..) [hist_unregister_trigger()] {\n list_for_each_entry(iter, \u0026file-\u003etriggers, list) {\n if (!hist_trigger_match(data, iter, named_data, false)) \u003c- never matches\n continue;\n [..]\n test = iter;\n }\n if (test \u0026\u0026 test-\u003eops-\u003efree) \u003c\u003c\u003c-- test is NULL\n\n test-\u003eops-\u003efree(test) [event_hist_trigger_free()] {\n [..]\n if (data-\u003ename)\n del_named_trigger(data) {\n list_del(\u0026data-\u003enamed_list); \u003c\u003c\u003c\u003c-- NEVER gets removed!\n }\n }\n }\n }\n\n [..]\n kfree(data); \u003c\u003c\u003c-- frees item but it is still on list\n\nThe next time a hist with name is registered, it causes an u-a-f bug and\nthe kernel can crash.\n\nMove the code around such that if event_trigger_register() succeeds, the\nnext thing called is hist_trigger_enable() which adds it to the list.\n\nA bunch of actions is called if get_named_trigger_data() returns false.\nBut that doesn\u0027t need to be called after event_trigger_register(), so it\ncan be moved up, allowing event_trigger_register() to be called just\nbefore hist_trigger_enable() keeping them together and allowing the\nfile-\u003etriggers to be properly populated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21899",
"url": "https://www.suse.com/security/cve/CVE-2025-21899"
},
{
"category": "external",
"summary": "SUSE Bug 1240577 for CVE-2025-21899",
"url": "https://bugzilla.suse.com/1240577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21899"
},
{
"cve": "CVE-2025-21901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Add sanity checks on rdev validity\n\nThere is a possibility that ulp_irq_stop and ulp_irq_start\ncallbacks will be called when the device is in detached state.\nThis can cause a crash due to NULL pointer dereference as\nthe rdev is already freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21901",
"url": "https://www.suse.com/security/cve/CVE-2025-21901"
},
{
"category": "external",
"summary": "SUSE Bug 1240579 for CVE-2025-21901",
"url": "https://bugzilla.suse.com/1240579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21901"
},
{
"cve": "CVE-2025-21911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: avoid deadlock on fence release\n\nDo scheduler queue fence release processing on a workqueue, rather\nthan in the release function itself.\n\nFixes deadlock issues such as the following:\n\n[ 607.400437] ============================================\n[ 607.405755] WARNING: possible recursive locking detected\n[ 607.415500] --------------------------------------------\n[ 607.420817] weston:zfq0/24149 is trying to acquire lock:\n[ 607.426131] ffff000017d041a0 (reservation_ww_class_mutex){+.+.}-{3:3}, at: pvr_gem_object_vunmap+0x40/0xc0 [powervr]\n[ 607.436728]\n but task is already holding lock:\n[ 607.442554] ffff000017d105a0 (reservation_ww_class_mutex){+.+.}-{3:3}, at: dma_buf_ioctl+0x250/0x554\n[ 607.451727]\n other info that might help us debug this:\n[ 607.458245] Possible unsafe locking scenario:\n\n[ 607.464155] CPU0\n[ 607.466601] ----\n[ 607.469044] lock(reservation_ww_class_mutex);\n[ 607.473584] lock(reservation_ww_class_mutex);\n[ 607.478114]\n *** DEADLOCK ***",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21911",
"url": "https://www.suse.com/security/cve/CVE-2025-21911"
},
{
"category": "external",
"summary": "SUSE Bug 1240589 for CVE-2025-21911",
"url": "https://bugzilla.suse.com/1240589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21911"
},
{
"cve": "CVE-2025-21920",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21920"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvlan: enforce underlying device type\n\nCurrently, VLAN devices can be created on top of non-ethernet devices.\n\nBesides the fact that it doesn\u0027t make much sense, this also causes a\nbug which leaks the address of a kernel function to usermode.\n\nWhen creating a VLAN device, we initialize GARP (garp_init_applicant)\nand MRP (mrp_init_applicant) for the underlying device.\n\nAs part of the initialization process, we add the multicast address of\neach applicant to the underlying device, by calling dev_mc_add.\n\n__dev_mc_add uses dev-\u003eaddr_len to determine the length of the new\nmulticast address.\n\nThis causes an out-of-bounds read if dev-\u003eaddr_len is greater than 6,\nsince the multicast addresses provided by GARP and MRP are only 6\nbytes long.\n\nThis behaviour can be reproduced using the following commands:\n\nip tunnel add gretest mode ip6gre local ::1 remote ::2 dev lo\nip l set up dev gretest\nip link add link gretest name vlantest type vlan id 100\n\nThen, the following command will display the address of garp_pdu_rcv:\n\nip maddr show | grep 01:80:c2:00:00:21\n\nFix the bug by enforcing the type of the underlying device during VLAN\ndevice initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21920",
"url": "https://www.suse.com/security/cve/CVE-2025-21920"
},
{
"category": "external",
"summary": "SUSE Bug 1240686 for CVE-2025-21920",
"url": "https://bugzilla.suse.com/1240686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21920"
},
{
"cve": "CVE-2025-21938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix \u0027scheduling while atomic\u0027 in mptcp_pm_nl_append_new_local_addr\n\nIf multiple connection requests attempt to create an implicit mptcp\nendpoint in parallel, more than one caller may end up in\nmptcp_pm_nl_append_new_local_addr because none found the address in\nlocal_addr_list during their call to mptcp_pm_nl_get_local_id. In this\ncase, the concurrent new_local_addr calls may delete the address entry\ncreated by the previous caller. These deletes use synchronize_rcu, but\nthis is not permitted in some of the contexts where this function may be\ncalled. During packet recv, the caller may be in a rcu read critical\nsection and have preemption disabled.\n\nAn example stack:\n\n BUG: scheduling while atomic: swapper/2/0/0x00000302\n\n Call Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:117 (discriminator 1))\n dump_stack (lib/dump_stack.c:124)\n __schedule_bug (kernel/sched/core.c:5943)\n schedule_debug.constprop.0 (arch/x86/include/asm/preempt.h:33 kernel/sched/core.c:5970)\n __schedule (arch/x86/include/asm/jump_label.h:27 include/linux/jump_label.h:207 kernel/sched/features.h:29 kernel/sched/core.c:6621)\n schedule (arch/x86/include/asm/preempt.h:84 kernel/sched/core.c:6804 kernel/sched/core.c:6818)\n schedule_timeout (kernel/time/timer.c:2160)\n wait_for_completion (kernel/sched/completion.c:96 kernel/sched/completion.c:116 kernel/sched/completion.c:127 kernel/sched/completion.c:148)\n __wait_rcu_gp (include/linux/rcupdate.h:311 kernel/rcu/update.c:444)\n synchronize_rcu (kernel/rcu/tree.c:3609)\n mptcp_pm_nl_append_new_local_addr (net/mptcp/pm_netlink.c:966 net/mptcp/pm_netlink.c:1061)\n mptcp_pm_nl_get_local_id (net/mptcp/pm_netlink.c:1164)\n mptcp_pm_get_local_id (net/mptcp/pm.c:420)\n subflow_check_req (net/mptcp/subflow.c:98 net/mptcp/subflow.c:213)\n subflow_v4_route_req (net/mptcp/subflow.c:305)\n tcp_conn_request (net/ipv4/tcp_input.c:7216)\n subflow_v4_conn_request (net/mptcp/subflow.c:651)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6709)\n tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1934)\n tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2334)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205 (discriminator 1))\n ip_local_deliver_finish (include/linux/rcupdate.h:813 net/ipv4/ip_input.c:234)\n ip_local_deliver (include/linux/netfilter.h:314 include/linux/netfilter.h:308 net/ipv4/ip_input.c:254)\n ip_sublist_rcv_finish (include/net/dst.h:461 net/ipv4/ip_input.c:580)\n ip_sublist_rcv (net/ipv4/ip_input.c:640)\n ip_list_rcv (net/ipv4/ip_input.c:675)\n __netif_receive_skb_list_core (net/core/dev.c:5583 net/core/dev.c:5631)\n netif_receive_skb_list_internal (net/core/dev.c:5685 net/core/dev.c:5774)\n napi_complete_done (include/linux/list.h:37 include/net/gro.h:449 include/net/gro.h:444 net/core/dev.c:6114)\n igb_poll (drivers/net/ethernet/intel/igb/igb_main.c:8244) igb\n __napi_poll (net/core/dev.c:6582)\n net_rx_action (net/core/dev.c:6653 net/core/dev.c:6787)\n handle_softirqs (kernel/softirq.c:553)\n __irq_exit_rcu (kernel/softirq.c:588 kernel/softirq.c:427 kernel/softirq.c:636)\n irq_exit_rcu (kernel/softirq.c:651)\n common_interrupt (arch/x86/kernel/irq.c:247 (discriminator 14))\n \u003c/IRQ\u003e\n\nThis problem seems particularly prevalent if the user advertises an\nendpoint that has a different external vs internal address. In the case\nwhere the external address is advertised and multiple connections\nalready exist, multiple subflow SYNs arrive in parallel which tends to\ntrigger the race during creation of the first local_addr_list entries\nwhich have the internal address instead.\n\nFix by skipping the replacement of an existing implicit local address if\ncalled via mptcp_pm_nl_get_local_id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21938",
"url": "https://www.suse.com/security/cve/CVE-2025-21938"
},
{
"category": "external",
"summary": "SUSE Bug 1240723 for CVE-2025-21938",
"url": "https://bugzilla.suse.com/1240723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21938"
},
{
"cve": "CVE-2025-21939",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21939"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/hmm: Don\u0027t dereference struct page pointers without notifier lock\n\nThe pnfs that we obtain from hmm_range_fault() point to pages that\nwe don\u0027t have a reference on, and the guarantee that they are still\nin the cpu page-tables is that the notifier lock must be held and the\nnotifier seqno is still valid.\n\nSo while building the sg table and marking the pages accesses / dirty\nwe need to hold this lock with a validated seqno.\n\nHowever, the lock is reclaim tainted which makes\nsg_alloc_table_from_pages_segment() unusable, since it internally\nallocates memory.\n\nInstead build the sg-table manually. For the non-iommu case\nthis might lead to fewer coalesces, but if that\u0027s a problem it can\nbe fixed up later in the resource cursor code. For the iommu case,\nthe whole sg-table may still be coalesced to a single contigous\ndevice va region.\n\nThis avoids marking pages that we don\u0027t own dirty and accessed, and\nit also avoid dereferencing struct pages that we don\u0027t own.\n\nv2:\n- Use assert to check whether hmm pfns are valid (Matthew Auld)\n- Take into account that large pages may cross range boundaries\n (Matthew Auld)\n\nv3:\n- Don\u0027t unnecessarily check for a non-freed sg-table. (Matthew Auld)\n- Add a missing up_read() in an error path. (Matthew Auld)\n\n(cherry picked from commit ea3e66d280ce2576664a862693d1da8fd324c317)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21939",
"url": "https://www.suse.com/security/cve/CVE-2025-21939"
},
{
"category": "external",
"summary": "SUSE Bug 1240710 for CVE-2025-21939",
"url": "https://bugzilla.suse.com/1240710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21939"
},
{
"cve": "CVE-2025-21940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix NULL Pointer Dereference in KFD queue\n\nThrough KFD IOCTL Fuzzing we encountered a NULL pointer derefrence\nwhen calling kfd_queue_acquire_buffers.\n\n(cherry picked from commit 049e5bf3c8406f87c3d8e1958e0a16804fa1d530)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21940",
"url": "https://www.suse.com/security/cve/CVE-2025-21940"
},
{
"category": "external",
"summary": "SUSE Bug 1240702 for CVE-2025-21940",
"url": "https://bugzilla.suse.com/1240702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21940"
},
{
"cve": "CVE-2025-21959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()\n\nSince commit b36e4523d4d5 (\"netfilter: nf_conncount: fix garbage\ncollection confirm race\"), `cpu` and `jiffies32` were introduced to\nthe struct nf_conncount_tuple.\n\nThe commit made nf_conncount_add() initialize `conn-\u003ecpu` and\n`conn-\u003ejiffies32` when allocating the struct.\nIn contrast, count_tree() was not changed to initialize them.\n\nBy commit 34848d5c896e (\"netfilter: nf_conncount: Split insert and\ntraversal\"), count_tree() was split and the relevant allocation\ncode now resides in insert_tree().\nInitialize `conn-\u003ecpu` and `conn-\u003ejiffies32` in insert_tree().\n\nBUG: KMSAN: uninit-value in find_or_evict net/netfilter/nf_conncount.c:117 [inline]\nBUG: KMSAN: uninit-value in __nf_conncount_add+0xd9c/0x2850 net/netfilter/nf_conncount.c:143\n find_or_evict net/netfilter/nf_conncount.c:117 [inline]\n __nf_conncount_add+0xd9c/0x2850 net/netfilter/nf_conncount.c:143\n count_tree net/netfilter/nf_conncount.c:438 [inline]\n nf_conncount_count+0x82f/0x1e80 net/netfilter/nf_conncount.c:521\n connlimit_mt+0x7f6/0xbd0 net/netfilter/xt_connlimit.c:72\n __nft_match_eval net/netfilter/nft_compat.c:403 [inline]\n nft_match_eval+0x1a5/0x300 net/netfilter/nft_compat.c:433\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x1a5/0x230 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook_slow_list+0x24d/0x860 net/netfilter/core.c:663\n NF_HOOK_LIST include/linux/netfilter.h:350 [inline]\n ip_sublist_rcv+0x17b7/0x17f0 net/ipv4/ip_input.c:633\n ip_list_rcv+0x9ef/0xa40 net/ipv4/ip_input.c:669\n __netif_receive_skb_list_ptype net/core/dev.c:5936 [inline]\n __netif_receive_skb_list_core+0x15c5/0x1670 net/core/dev.c:5983\n __netif_receive_skb_list net/core/dev.c:6035 [inline]\n netif_receive_skb_list_internal+0x1085/0x1700 net/core/dev.c:6126\n netif_receive_skb_list+0x5a/0x460 net/core/dev.c:6178\n xdp_recv_frames net/bpf/test_run.c:280 [inline]\n xdp_test_run_batch net/bpf/test_run.c:361 [inline]\n bpf_test_run_xdp_live+0x2e86/0x3480 net/bpf/test_run.c:390\n bpf_prog_test_run_xdp+0xf1d/0x1ae0 net/bpf/test_run.c:1316\n bpf_prog_test_run+0x5e5/0xa30 kernel/bpf/syscall.c:4407\n __sys_bpf+0x6aa/0xd90 kernel/bpf/syscall.c:5813\n __do_sys_bpf kernel/bpf/syscall.c:5902 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5900 [inline]\n __ia32_sys_bpf+0xa0/0xe0 kernel/bpf/syscall.c:5900\n ia32_sys_call+0x394d/0x4180 arch/x86/include/generated/asm/syscalls_32.h:358\n do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]\n __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/common.c:387\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/common.c:412\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:450\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4121 [inline]\n slab_alloc_node mm/slub.c:4164 [inline]\n kmem_cache_alloc_noprof+0x915/0xe10 mm/slub.c:4171\n insert_tree net/netfilter/nf_conncount.c:372 [inline]\n count_tree net/netfilter/nf_conncount.c:450 [inline]\n nf_conncount_count+0x1415/0x1e80 net/netfilter/nf_conncount.c:521\n connlimit_mt+0x7f6/0xbd0 net/netfilter/xt_connlimit.c:72\n __nft_match_eval net/netfilter/nft_compat.c:403 [inline]\n nft_match_eval+0x1a5/0x300 net/netfilter/nft_compat.c:433\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x1a5/0x230 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook_slow_list+0x24d/0x860 net/netfilter/core.c:663\n NF_HOOK_LIST include/linux/netfilter.h:350 [inline]\n ip_sublist_rcv+0x17b7/0x17f0 net/ipv4/ip_input.c:633\n ip_list_rcv+0x9ef/0xa40 net/ip\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21959",
"url": "https://www.suse.com/security/cve/CVE-2025-21959"
},
{
"category": "external",
"summary": "SUSE Bug 1240814 for CVE-2025-21959",
"url": "https://bugzilla.suse.com/1240814"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21959"
},
{
"cve": "CVE-2025-21987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21987"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: init return value in amdgpu_ttm_clear_buffer\n\nOtherwise an uninitialized value can be returned if\namdgpu_res_cleared returns true for all regions.\n\nPossibly closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3812\n\n(cherry picked from commit 7c62aacc3b452f73a1284198c81551035fac6d71)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21987",
"url": "https://www.suse.com/security/cve/CVE-2025-21987"
},
{
"category": "external",
"summary": "SUSE Bug 1240798 for CVE-2025-21987",
"url": "https://bugzilla.suse.com/1240798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21987"
},
{
"cve": "CVE-2025-21997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix an integer overflow in xp_create_and_assign_umem()\n\nSince the i and pool-\u003echunk_size variables are of type \u0027u32\u0027,\ntheir product can wrap around and then be cast to \u0027u64\u0027.\nThis can lead to two different XDP buffers pointing to the same\nmemory area.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21997",
"url": "https://www.suse.com/security/cve/CVE-2025-21997"
},
{
"category": "external",
"summary": "SUSE Bug 1240823 for CVE-2025-21997",
"url": "https://bugzilla.suse.com/1240823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-21997"
},
{
"cve": "CVE-2025-22005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().\n\nfib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything\nwhen it fails.\n\nCommit 7dd73168e273 (\"ipv6: Always allocate pcpu memory in a fib6_nh\")\nmoved fib_nh_common_init() before alloc_percpu_gfp() within fib6_nh_init()\nbut forgot to add cleanup for fib6_nh-\u003enh_common.nhc_pcpu_rth_output in\ncase it fails to allocate fib6_nh-\u003ert6i_pcpu, resulting in memleak.\n\nLet\u0027s call fib_nh_common_release() and clear nhc_pcpu_rth_output in the\nerror path.\n\nNote that we can remove the fib6_nh_release() call in nh_create_ipv6()\nlater in net-next.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22005",
"url": "https://www.suse.com/security/cve/CVE-2025-22005"
},
{
"category": "external",
"summary": "SUSE Bug 1240866 for CVE-2025-22005",
"url": "https://bugzilla.suse.com/1240866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-22005"
},
{
"cve": "CVE-2025-22023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Don\u0027t skip on Stopped - Length Invalid\n\nUp until commit d56b0b2ab142 (\"usb: xhci: ensure skipped isoc TDs are\nreturned when isoc ring is stopped\") in v6.11, the driver didn\u0027t skip\nmissed isochronous TDs when handling Stoppend and Stopped - Length\nInvalid events. Instead, it erroneously cleared the skip flag, which\nwould cause the ring to get stuck, as future events won\u0027t match the\nmissed TD which is never removed from the queue until it\u0027s cancelled.\n\nThis buggy logic seems to have been in place substantially unchanged\nsince the 3.x series over 10 years ago, which probably speaks first\nand foremost about relative rarity of this case in normal usage, but\nby the spec I see no reason why it shouldn\u0027t be possible.\n\nAfter d56b0b2ab142, TDs are immediately skipped when handling those\nStopped events. This poses a potential problem in case of Stopped -\nLength Invalid, which occurs either on completed TDs (likely already\ngiven back) or Link and No-Op TRBs. Such event won\u0027t be recognized\nas matching any TD (unless it\u0027s the rare Link TRB inside a TD) and\nwill result in skipping all pending TDs, giving them back possibly\nbefore they are done, risking isoc data loss and maybe UAF by HW.\n\nAs a compromise, don\u0027t skip and don\u0027t clear the skip flag on this\nkind of event. Then the next event will skip missed TDs. A downside\nof not handling Stopped - Length Invalid on a Link inside a TD is\nthat if the TD is cancelled, its actual length will not be updated\nto account for TRBs (silently) completed before the TD was stopped.\n\nI had no luck producing this sequence of completion events so there\nis no compelling demonstration of any resulting disaster. It may be\na very rare, obscure condition. The sole motivation for this patch\nis that if such unlikely event does occur, I\u0027d rather risk reporting\na cancelled partially done isoc frame as empty than gamble with UAF.\n\nThis will be fixed more properly by looking at Stopped event\u0027s TRB\npointer when making skipping decisions, but such rework is unlikely\nto be backported to v6.12, which will stay around for a few years.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22023",
"url": "https://www.suse.com/security/cve/CVE-2025-22023"
},
{
"category": "external",
"summary": "SUSE Bug 1241298 for CVE-2025-22023",
"url": "https://bugzilla.suse.com/1241298"
},
{
"category": "external",
"summary": "SUSE Bug 1246754 for CVE-2025-22023",
"url": "https://bugzilla.suse.com/1246754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "important"
}
],
"title": "CVE-2025-22023"
},
{
"cve": "CVE-2025-22035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22035"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix use-after-free in print_graph_function_flags during tracer switching\n\nKairui reported a UAF issue in print_graph_function_flags() during\nftrace stress testing [1]. This issue can be reproduced if puting a\n\u0027mdelay(10)\u0027 after \u0027mutex_unlock(\u0026trace_types_lock)\u0027 in s_start(),\nand executing the following script:\n\n $ echo function_graph \u003e current_tracer\n $ cat trace \u003e /dev/null \u0026\n $ sleep 5 # Ensure the \u0027cat\u0027 reaches the \u0027mdelay(10)\u0027 point\n $ echo timerlat \u003e current_tracer\n\nThe root cause lies in the two calls to print_graph_function_flags\nwithin print_trace_line during each s_show():\n\n * One through \u0027iter-\u003etrace-\u003eprint_line()\u0027;\n * Another through \u0027event-\u003efuncs-\u003etrace()\u0027, which is hidden in\n print_trace_fmt() before print_trace_line returns.\n\nTracer switching only updates the former, while the latter continues\nto use the print_line function of the old tracer, which in the script\nabove is print_graph_function_flags.\n\nMoreover, when switching from the \u0027function_graph\u0027 tracer to the\n\u0027timerlat\u0027 tracer, s_start only calls graph_trace_close of the\n\u0027function_graph\u0027 tracer to free \u0027iter-\u003eprivate\u0027, but does not set\nit to NULL. This provides an opportunity for \u0027event-\u003efuncs-\u003etrace()\u0027\nto use an invalid \u0027iter-\u003eprivate\u0027.\n\nTo fix this issue, set \u0027iter-\u003eprivate\u0027 to NULL immediately after\nfreeing it in graph_trace_close(), ensuring that an invalid pointer\nis not passed to other tracers. Additionally, clean up the unnecessary\n\u0027iter-\u003eprivate = NULL\u0027 during each \u0027cat trace\u0027 when using wakeup and\nirqsoff tracers.\n\n [1] https://lore.kernel.org/all/20231112150030.84609-1-ryncsn@gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22035",
"url": "https://www.suse.com/security/cve/CVE-2025-22035"
},
{
"category": "external",
"summary": "SUSE Bug 1241544 for CVE-2025-22035",
"url": "https://bugzilla.suse.com/1241544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-22035"
},
{
"cve": "CVE-2025-22066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: imx-card: Add NULL check in imx_card_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nimx_card_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22066",
"url": "https://www.suse.com/security/cve/CVE-2025-22066"
},
{
"category": "external",
"summary": "SUSE Bug 1241340 for CVE-2025-22066",
"url": "https://bugzilla.suse.com/1241340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-22066"
},
{
"cve": "CVE-2025-22083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint\n\nIf vhost_scsi_set_endpoint is called multiple times without a\nvhost_scsi_clear_endpoint between them, we can hit multiple bugs\nfound by Haoran Zhang:\n\n1. Use-after-free when no tpgs are found:\n\nThis fixes a use after free that occurs when vhost_scsi_set_endpoint is\ncalled more than once and calls after the first call do not find any\ntpgs to add to the vs_tpg. When vhost_scsi_set_endpoint first finds\ntpgs to add to the vs_tpg array match=true, so we will do:\n\nvhost_vq_set_backend(vq, vs_tpg);\n...\n\nkfree(vs-\u003evs_tpg);\nvs-\u003evs_tpg = vs_tpg;\n\nIf vhost_scsi_set_endpoint is called again and no tpgs are found\nmatch=false so we skip the vhost_vq_set_backend call leaving the\npointer to the vs_tpg we then free via:\n\nkfree(vs-\u003evs_tpg);\nvs-\u003evs_tpg = vs_tpg;\n\nIf a scsi request is then sent we do:\n\nvhost_scsi_handle_vq -\u003e vhost_scsi_get_req -\u003e vhost_vq_get_backend\n\nwhich sees the vs_tpg we just did a kfree on.\n\n2. Tpg dir removal hang:\n\nThis patch fixes an issue where we cannot remove a LIO/target layer\ntpg (and structs above it like the target) dir due to the refcount\ndropping to -1.\n\nThe problem is that if vhost_scsi_set_endpoint detects a tpg is already\nin the vs-\u003evs_tpg array or if the tpg has been removed so\ntarget_depend_item fails, the undepend goto handler will do\ntarget_undepend_item on all tpgs in the vs_tpg array dropping their\nrefcount to 0. At this time vs_tpg contains both the tpgs we have added\nin the current vhost_scsi_set_endpoint call as well as tpgs we added in\nprevious calls which are also in vs-\u003evs_tpg.\n\nLater, when vhost_scsi_clear_endpoint runs it will do\ntarget_undepend_item on all the tpgs in the vs-\u003evs_tpg which will drop\ntheir refcount to -1. Userspace will then not be able to remove the tpg\nand will hang when it tries to do rmdir on the tpg dir.\n\n3. Tpg leak:\n\nThis fixes a bug where we can leak tpgs and cause them to be\nun-removable because the target name is overwritten when\nvhost_scsi_set_endpoint is called multiple times but with different\ntarget names.\n\nThe bug occurs if a user has called VHOST_SCSI_SET_ENDPOINT and setup\na vhost-scsi device to target/tpg mapping, then calls\nVHOST_SCSI_SET_ENDPOINT again with a new target name that has tpgs we\nhaven\u0027t seen before (target1 has tpg1 but target2 has tpg2). When this\nhappens we don\u0027t teardown the old target tpg mapping and just overwrite\nthe target name and the vs-\u003evs_tpg array. Later when we do\nvhost_scsi_clear_endpoint, we are passed in either target1 or target2\u0027s\nname and we will only match that target\u0027s tpgs when we loop over the\nvs-\u003evs_tpg. We will then return from the function without doing\ntarget_undepend_item on the tpgs.\n\nBecause of all these bugs, it looks like being able to call\nvhost_scsi_set_endpoint multiple times was never supported. The major\nuser, QEMU, already has checks to prevent this use case. So to fix the\nissues, this patch prevents vhost_scsi_set_endpoint from being called\nif it\u0027s already successfully added tpgs. To add, remove or change the\ntpg config or target name, you must do a vhost_scsi_clear_endpoint\nfirst.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22083",
"url": "https://www.suse.com/security/cve/CVE-2025-22083"
},
{
"category": "external",
"summary": "SUSE Bug 1241414 for CVE-2025-22083",
"url": "https://bugzilla.suse.com/1241414"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-22083"
},
{
"cve": "CVE-2025-22089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Don\u0027t expose hw_counters outside of init net namespace\n\nCommit 467f432a521a (\"RDMA/core: Split port and device counter sysfs\nattributes\") accidentally almost exposed hw counters to non-init net\nnamespaces. It didn\u0027t expose them fully, as an attempt to read any of\nthose counters leads to a crash like this one:\n\n[42021.807566] BUG: kernel NULL pointer dereference, address: 0000000000000028\n[42021.814463] #PF: supervisor read access in kernel mode\n[42021.819549] #PF: error_code(0x0000) - not-present page\n[42021.824636] PGD 0 P4D 0\n[42021.827145] Oops: 0000 [#1] SMP PTI\n[42021.830598] CPU: 82 PID: 2843922 Comm: switchto-defaul Kdump: loaded Tainted: G S W I XXX\n[42021.841697] Hardware name: XXX\n[42021.849619] RIP: 0010:hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.855362] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 49 89 d0 4c 8b 5e 20 48 8b 8f b8 04 00 00 48 81 c7 f0 fa ff ff \u003c48\u003e 8b 41 28 48 29 ce 48 83 c6 d0 48 c1 ee 04 69 d6 ab aa aa aa 48\n[42021.873931] RSP: 0018:ffff97fe90f03da0 EFLAGS: 00010287\n[42021.879108] RAX: ffff9406988a8c60 RBX: ffff940e1072d438 RCX: 0000000000000000\n[42021.886169] RDX: ffff94085f1aa000 RSI: ffff93c6cbbdbcb0 RDI: ffff940c7517aef0\n[42021.893230] RBP: ffff97fe90f03e70 R08: ffff94085f1aa000 R09: 0000000000000000\n[42021.900294] R10: ffff94085f1aa000 R11: ffffffffc0775680 R12: ffffffff87ca2530\n[42021.907355] R13: ffff940651602840 R14: ffff93c6cbbdbcb0 R15: ffff94085f1aa000\n[42021.914418] FS: 00007fda1a3b9700(0000) GS:ffff94453fb80000(0000) knlGS:0000000000000000\n[42021.922423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[42021.928130] CR2: 0000000000000028 CR3: 00000042dcfb8003 CR4: 00000000003726f0\n[42021.935194] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[42021.942257] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[42021.949324] Call Trace:\n[42021.951756] \u003cTASK\u003e\n[42021.953842] [\u003cffffffff86c58674\u003e] ? show_regs+0x64/0x70\n[42021.959030] [\u003cffffffff86c58468\u003e] ? __die+0x78/0xc0\n[42021.963874] [\u003cffffffff86c9ef75\u003e] ? page_fault_oops+0x2b5/0x3b0\n[42021.969749] [\u003cffffffff87674b92\u003e] ? exc_page_fault+0x1a2/0x3c0\n[42021.975549] [\u003cffffffff87801326\u003e] ? asm_exc_page_fault+0x26/0x30\n[42021.981517] [\u003cffffffffc0775680\u003e] ? __pfx_show_hw_stats+0x10/0x10 [ib_core]\n[42021.988482] [\u003cffffffffc077564e\u003e] ? hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.995438] [\u003cffffffff86ac7f8e\u003e] dev_attr_show+0x1e/0x50\n[42022.000803] [\u003cffffffff86a3eeb1\u003e] sysfs_kf_seq_show+0x81/0xe0\n[42022.006508] [\u003cffffffff86a11134\u003e] seq_read_iter+0xf4/0x410\n[42022.011954] [\u003cffffffff869f4b2e\u003e] vfs_read+0x16e/0x2f0\n[42022.017058] [\u003cffffffff869f50ee\u003e] ksys_read+0x6e/0xe0\n[42022.022073] [\u003cffffffff8766f1ca\u003e] do_syscall_64+0x6a/0xa0\n[42022.027441] [\u003cffffffff8780013b\u003e] entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nThe problem can be reproduced using the following steps:\n ip netns add foo\n ip netns exec foo bash\n cat /sys/class/infiniband/mlx4_0/hw_counters/*\n\nThe panic occurs because of casting the device pointer into an\nib_device pointer using container_of() in hw_stat_device_show() is\nwrong and leads to a memory corruption.\n\nHowever the real problem is that hw counters should never been exposed\noutside of the non-init net namespace.\n\nFix this by saving the index of the corresponding attribute group\n(it might be 1 or 2 depending on the presence of driver-specific\nattributes) and zeroing the pointer to hw_counters group for compat\ndevices during the initialization.\n\nWith this fix applied hw_counters are not available in a non-init\nnet namespace:\n find /sys/class/infiniband/mlx4_0/ -name hw_counters\n /sys/class/infiniband/mlx4_0/ports/1/hw_counters\n /sys/class/infiniband/mlx4_0/ports/2/hw_counters\n /sys/class/infiniband/mlx4_0/hw_counters\n\n ip netns add foo\n ip netns exec foo bash\n find /sys/class/infiniband/mlx4_0/ -name hw_counters",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22089",
"url": "https://www.suse.com/security/cve/CVE-2025-22089"
},
{
"category": "external",
"summary": "SUSE Bug 1241538 for CVE-2025-22089",
"url": "https://bugzilla.suse.com/1241538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-22089"
},
{
"cve": "CVE-2025-22095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: brcmstb: Fix error path after a call to regulator_bulk_get()\n\nIf the regulator_bulk_get() returns an error and no regulators\nare created, we need to set their number to zero.\n\nIf we don\u0027t do this and the PCIe link up fails, a call to the\nregulator_bulk_free() will result in a kernel panic.\n\nWhile at it, print the error value, as we cannot return an error\nupwards as the kernel will WARN() on an error from add_bus().\n\n[kwilczynski: commit log, use comma in the message to match style with\nother similar messages]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22095",
"url": "https://www.suse.com/security/cve/CVE-2025-22095"
},
{
"category": "external",
"summary": "SUSE Bug 1241519 for CVE-2025-22095",
"url": "https://bugzilla.suse.com/1241519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-22095"
},
{
"cve": "CVE-2025-22111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22111"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF.\n\nSIOCBRDELIF is passed to dev_ioctl() first and later forwarded to\nbr_ioctl_call(), which causes unnecessary RTNL dance and the splat\nbelow [0] under RTNL pressure.\n\nLet\u0027s say Thread A is trying to detach a device from a bridge and\nThread B is trying to remove the bridge.\n\nIn dev_ioctl(), Thread A bumps the bridge device\u0027s refcnt by\nnetdev_hold() and releases RTNL because the following br_ioctl_call()\nalso re-acquires RTNL.\n\nIn the race window, Thread B could acquire RTNL and try to remove\nthe bridge device. Then, rtnl_unlock() by Thread B will release RTNL\nand wait for netdev_put() by Thread A.\n\nThread A, however, must hold RTNL after the unlock in dev_ifsioc(),\nwhich may take long under RTNL pressure, resulting in the splat by\nThread B.\n\n Thread A (SIOCBRDELIF) Thread B (SIOCBRDELBR)\n ---------------------- ----------------------\n sock_ioctl sock_ioctl\n `- sock_do_ioctl `- br_ioctl_call\n `- dev_ioctl `- br_ioctl_stub\n |- rtnl_lock |\n |- dev_ifsioc \u0027\n \u0027 |- dev = __dev_get_by_name(...)\n |- netdev_hold(dev, ...) .\n / |- rtnl_unlock ------. |\n | |- br_ioctl_call `---\u003e |- rtnl_lock\n Race | | `- br_ioctl_stub |- br_del_bridge\n Window | | | |- dev = __dev_get_by_name(...)\n | | | May take long | `- br_dev_delete(dev, ...)\n | | | under RTNL pressure | `- unregister_netdevice_queue(dev, ...)\n | | | | `- rtnl_unlock\n \\ | |- rtnl_lock \u003c-\u0027 `- netdev_run_todo\n | |- ... `- netdev_run_todo\n | `- rtnl_unlock |- __rtnl_unlock\n | |- netdev_wait_allrefs_any\n |- netdev_put(dev, ...) \u003c----------------\u0027\n Wait refcnt decrement\n and log splat below\n\nTo avoid blocking SIOCBRDELBR unnecessarily, let\u0027s not call\ndev_ioctl() for SIOCBRADDIF and SIOCBRDELIF.\n\nIn the dev_ioctl() path, we do the following:\n\n 1. Copy struct ifreq by get_user_ifreq in sock_do_ioctl()\n 2. Check CAP_NET_ADMIN in dev_ioctl()\n 3. Call dev_load() in dev_ioctl()\n 4. Fetch the master dev from ifr.ifr_name in dev_ifsioc()\n\n3. can be done by request_module() in br_ioctl_call(), so we move\n1., 2., and 4. to br_ioctl_stub().\n\nNote that 2. is also checked later in add_del_if(), but it\u0027s better\nperformed before RTNL.\n\nSIOCBRADDIF and SIOCBRDELIF have been processed in dev_ioctl() since\nthe pre-git era, and there seems to be no specific reason to process\nthem there.\n\n[0]:\nunregister_netdevice: waiting for wpan3 to become free. Usage count = 2\nref_tracker: wpan3@ffff8880662d8608 has 1/1 users at\n __netdev_tracker_alloc include/linux/netdevice.h:4282 [inline]\n netdev_hold include/linux/netdevice.h:4311 [inline]\n dev_ifsioc+0xc6a/0x1160 net/core/dev_ioctl.c:624\n dev_ioctl+0x255/0x10c0 net/core/dev_ioctl.c:826\n sock_do_ioctl+0x1ca/0x260 net/socket.c:1213\n sock_ioctl+0x23a/0x6c0 net/socket.c:1318\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl fs/ioctl.c:892 [inline]\n __x64_sys_ioctl+0x1a4/0x210 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcb/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22111",
"url": "https://www.suse.com/security/cve/CVE-2025-22111"
},
{
"category": "external",
"summary": "SUSE Bug 1241572 for CVE-2025-22111",
"url": "https://bugzilla.suse.com/1241572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-22111"
},
{
"cve": "CVE-2025-22113",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22113"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid journaling sb update on error if journal is destroying\n\nPresently we always BUG_ON if trying to start a transaction on a journal marked\nwith JBD2_UNMOUNT, since this should never happen. However, while ltp running\nstress tests, it was observed that in case of some error handling paths, it is\npossible for update_super_work to start a transaction after the journal is\ndestroyed eg:\n\n(umount)\next4_kill_sb\n kill_block_super\n generic_shutdown_super\n sync_filesystem /* commits all txns */\n evict_inodes\n /* might start a new txn */\n ext4_put_super\n\tflush_work(\u0026sbi-\u003es_sb_upd_work) /* flush the workqueue */\n jbd2_journal_destroy\n journal_kill_thread\n journal-\u003ej_flags |= JBD2_UNMOUNT;\n jbd2_journal_commit_transaction\n jbd2_journal_get_descriptor_buffer\n jbd2_journal_bmap\n ext4_journal_bmap\n ext4_map_blocks\n ...\n ext4_inode_error\n ext4_handle_error\n schedule_work(\u0026sbi-\u003es_sb_upd_work)\n\n /* work queue kicks in */\n update_super_work\n jbd2_journal_start\n start_this_handle\n BUG_ON(journal-\u003ej_flags \u0026\n JBD2_UNMOUNT)\n\nHence, introduce a new mount flag to indicate journal is destroying and only do\na journaled (and deferred) update of sb if this flag is not set. Otherwise, just\nfallback to an un-journaled commit.\n\nFurther, in the journal destroy path, we have the following sequence:\n\n 1. Set mount flag indicating journal is destroying\n 2. force a commit and wait for it\n 3. flush pending sb updates\n\nThis sequence is important as it ensures that, after this point, there is no sb\nupdate that might be journaled so it is safe to update the sb outside the\njournal. (To avoid race discussed in 2d01ddc86606)\n\nAlso, we don\u0027t need a similar check in ext4_grp_locked_error since it is only\ncalled from mballoc and AFAICT it would be always valid to schedule work here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22113",
"url": "https://www.suse.com/security/cve/CVE-2025-22113"
},
{
"category": "external",
"summary": "SUSE Bug 1241617 for CVE-2025-22113",
"url": "https://bugzilla.suse.com/1241617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-22113"
},
{
"cve": "CVE-2025-22119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: init wiphy_work before allocating rfkill fails\n\nsyzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1]\n\nAfter rfkill allocation fails, the wiphy release process will be performed,\nwhich will cause cfg80211_dev_free to access the uninitialized wiphy_work\nrelated data.\n\nMove the initialization of wiphy_work to before rfkill initialization to\navoid this issue.\n\n[1]\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn\u0027t initialize this object before use?\nturning off the locking correctness validator.\nCPU: 0 UID: 0 PID: 5935 Comm: syz-executor550 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n assign_lock_key kernel/locking/lockdep.c:983 [inline]\n register_lock_class+0xc39/0x1240 kernel/locking/lockdep.c:1297\n __lock_acquire+0x135/0x3c40 kernel/locking/lockdep.c:5103\n lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162\n cfg80211_dev_free+0x30/0x3d0 net/wireless/core.c:1196\n device_release+0xa1/0x240 drivers/base/core.c:2568\n kobject_cleanup lib/kobject.c:689 [inline]\n kobject_release lib/kobject.c:720 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1e4/0x5a0 lib/kobject.c:737\n put_device+0x1f/0x30 drivers/base/core.c:3774\n wiphy_free net/wireless/core.c:1224 [inline]\n wiphy_new_nm+0x1c1f/0x2160 net/wireless/core.c:562\n ieee80211_alloc_hw_nm+0x1b7a/0x2260 net/mac80211/main.c:835\n mac80211_hwsim_new_radio+0x1d6/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5185\n hwsim_new_radio_nl+0xb42/0x12b0 drivers/net/wireless/virtual/mac80211_hwsim.c:6242\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2533\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1338\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1882\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg net/socket.c:733 [inline]\n ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2573\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2627\n __sys_sendmsg+0x16e/0x220 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n\nClose: https://syzkaller.appspot.com/bug?extid=aaf0488c83d1d5f4f029",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22119",
"url": "https://www.suse.com/security/cve/CVE-2025-22119"
},
{
"category": "external",
"summary": "SUSE Bug 1241576 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "external",
"summary": "SUSE Bug 1241577 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "important"
}
],
"title": "CVE-2025-22119"
},
{
"cve": "CVE-2025-22120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: goto right label \u0027out_mmap_sem\u0027 in ext4_setattr()\n\nOtherwise, if ext4_inode_attach_jinode() fails, a hung task will\nhappen because filemap_invalidate_unlock() isn\u0027t called to unlock\nmapping-\u003einvalidate_lock. Like this:\n\nEXT4-fs error (device sda) in ext4_setattr:5557: Out of memory\nINFO: task fsstress:374 blocked for more than 122 seconds.\n Not tainted 6.14.0-rc1-next-20250206-xfstests-dirty #726\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:fsstress state:D stack:0 pid:374 tgid:374 ppid:373\n task_flags:0x440140 flags:0x00000000\nCall Trace:\n \u003cTASK\u003e\n __schedule+0x2c9/0x7f0\n schedule+0x27/0xa0\n schedule_preempt_disabled+0x15/0x30\n rwsem_down_read_slowpath+0x278/0x4c0\n down_read+0x59/0xb0\n page_cache_ra_unbounded+0x65/0x1b0\n filemap_get_pages+0x124/0x3e0\n filemap_read+0x114/0x3d0\n vfs_read+0x297/0x360\n ksys_read+0x6c/0xe0\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22120",
"url": "https://www.suse.com/security/cve/CVE-2025-22120"
},
{
"category": "external",
"summary": "SUSE Bug 1241592 for CVE-2025-22120",
"url": "https://bugzilla.suse.com/1241592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-22120"
},
{
"cve": "CVE-2025-22124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: fix wrong bitmap_limit for clustermd when write sb\n\nIn clustermd, separate write-intent-bitmaps are used for each cluster\nnode:\n\n0 4k 8k 12k\n-------------------------------------------------------------------\n| idle | md super | bm super [0] + bits |\n| bm bits[0, contd] | bm super[1] + bits | bm bits[1, contd] |\n| bm super[2] + bits | bm bits [2, contd] | bm super[3] + bits |\n| bm bits [3, contd] | | |\n\nSo in node 1, pg_index in __write_sb_page() could equal to\nbitmap-\u003estorage.file_pages. Then bitmap_limit will be calculated to\n0. md_super_write() will be called with 0 size.\nThat means the first 4k sb area of node 1 will never be updated\nthrough filemap_write_page().\nThis bug causes hang of mdadm/clustermd_tests/01r1_Grow_resize.\n\nHere use (pg_index % bitmap-\u003estorage.file_pages) to make calculation\nof bitmap_limit correct.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22124",
"url": "https://www.suse.com/security/cve/CVE-2025-22124"
},
{
"category": "external",
"summary": "SUSE Bug 1241595 for CVE-2025-22124",
"url": "https://bugzilla.suse.com/1241595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-22124"
},
{
"cve": "CVE-2025-23141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses\n\nAcquire a lock on kvm-\u003esrcu when userspace is getting MP state to handle a\nrather extreme edge case where \"accepting\" APIC events, i.e. processing\npending INIT or SIPI, can trigger accesses to guest memory. If the vCPU\nis in L2 with INIT *and* a TRIPLE_FAULT request pending, then getting MP\nstate will trigger a nested VM-Exit by way of -\u003echeck_nested_events(), and\nemuating the nested VM-Exit can access guest memory.\n\nThe splat was originally hit by syzkaller on a Google-internal kernel, and\nreproduced on an upstream kernel by hacking the triple_fault_event_test\nselftest to stuff a pending INIT, store an MSR on VM-Exit (to generate a\nmemory access on VMX), and do vcpu_mp_state_get() to trigger the scenario.\n\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3-b112d356288b-vmx/pi_lockdep_false_pos-lock #3 Not tainted\n -----------------------------\n include/linux/kvm_host.h:1058 suspicious rcu_dereference_check() usage!\n\n other info that might help us debug this:\n\n rcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by triple_fault_ev/1256:\n #0: ffff88810df5a330 (\u0026vcpu-\u003emutex){+.+.}-{4:4}, at: kvm_vcpu_ioctl+0x8b/0x9a0 [kvm]\n\n stack backtrace:\n CPU: 11 UID: 1000 PID: 1256 Comm: triple_fault_ev Not tainted 6.14.0-rc3-b112d356288b-vmx #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7f/0x90\n lockdep_rcu_suspicious+0x144/0x190\n kvm_vcpu_gfn_to_memslot+0x156/0x180 [kvm]\n kvm_vcpu_read_guest+0x3e/0x90 [kvm]\n read_and_check_msr_entry+0x2e/0x180 [kvm_intel]\n __nested_vmx_vmexit+0x550/0xde0 [kvm_intel]\n kvm_check_nested_events+0x1b/0x30 [kvm]\n kvm_apic_accept_events+0x33/0x100 [kvm]\n kvm_arch_vcpu_ioctl_get_mpstate+0x30/0x1d0 [kvm]\n kvm_vcpu_ioctl+0x33e/0x9a0 [kvm]\n __x64_sys_ioctl+0x8b/0xb0\n do_syscall_64+0x6c/0x170\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23141",
"url": "https://www.suse.com/security/cve/CVE-2025-23141"
},
{
"category": "external",
"summary": "SUSE Bug 1242782 for CVE-2025-23141",
"url": "https://bugzilla.suse.com/1242782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-23141"
},
{
"cve": "CVE-2025-23142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: detect and prevent references to a freed transport in sendmsg\n\nsctp_sendmsg() re-uses associations and transports when possible by\ndoing a lookup based on the socket endpoint and the message destination\naddress, and then sctp_sendmsg_to_asoc() sets the selected transport in\nall the message chunks to be sent.\n\nThere\u0027s a possible race condition if another thread triggers the removal\nof that selected transport, for instance, by explicitly unbinding an\naddress with setsockopt(SCTP_SOCKOPT_BINDX_REM), after the chunks have\nbeen set up and before the message is sent. This can happen if the send\nbuffer is full, during the period when the sender thread temporarily\nreleases the socket lock in sctp_wait_for_sndbuf().\n\nThis causes the access to the transport data in\nsctp_outq_select_transport(), when the association outqueue is flushed,\nto result in a use-after-free read.\n\nThis change avoids this scenario by having sctp_transport_free() signal\nthe freeing of the transport, tagging it as \"dead\". In order to do this,\nthe patch restores the \"dead\" bit in struct sctp_transport, which was\nremoved in\ncommit 47faa1e4c50e (\"sctp: remove the dead field of sctp_transport\").\n\nThen, in the scenario where the sender thread has released the socket\nlock in sctp_wait_for_sndbuf(), the bit is checked again after\nre-acquiring the socket lock to detect the deletion. This is done while\nholding a reference to the transport to prevent it from being freed in\nthe process.\n\nIf the transport was deleted while the socket lock was relinquished,\nsctp_sendmsg_to_asoc() will return -EAGAIN to let userspace retry the\nsend.\n\nThe bug was found by a private syzbot instance (see the error report [1]\nand the C reproducer that triggers it [2]).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23142",
"url": "https://www.suse.com/security/cve/CVE-2025-23142"
},
{
"category": "external",
"summary": "SUSE Bug 1242760 for CVE-2025-23142",
"url": "https://bugzilla.suse.com/1242760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-23142"
},
{
"cve": "CVE-2025-23144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23144"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbacklight: led_bl: Hold led_access lock when calling led_sysfs_disable()\n\nLockdep detects the following issue on led-backlight removal:\n [ 142.315935] ------------[ cut here ]------------\n [ 142.315954] WARNING: CPU: 2 PID: 292 at drivers/leds/led-core.c:455 led_sysfs_enable+0x54/0x80\n ...\n [ 142.500725] Call trace:\n [ 142.503176] led_sysfs_enable+0x54/0x80 (P)\n [ 142.507370] led_bl_remove+0x80/0xa8 [led_bl]\n [ 142.511742] platform_remove+0x30/0x58\n [ 142.515501] device_remove+0x54/0x90\n ...\n\nIndeed, led_sysfs_enable() has to be called with the led_access\nlock held.\n\nHold the lock when calling led_sysfs_disable().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23144",
"url": "https://www.suse.com/security/cve/CVE-2025-23144"
},
{
"category": "external",
"summary": "SUSE Bug 1242568 for CVE-2025-23144",
"url": "https://bugzilla.suse.com/1242568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-23144"
},
{
"cve": "CVE-2025-23146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: ene-kb3930: Fix a potential NULL pointer dereference\n\nThe off_gpios could be NULL. Add missing check in the kb3930_probe().\nThis is similar to the issue fixed in commit b1ba8bcb2d1f\n(\"backlight: hx8357: Fix potential NULL pointer dereference\").\n\nThis was detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23146",
"url": "https://www.suse.com/security/cve/CVE-2025-23146"
},
{
"category": "external",
"summary": "SUSE Bug 1242559 for CVE-2025-23146",
"url": "https://bugzilla.suse.com/1242559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-23146"
},
{
"cve": "CVE-2025-23147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: Add NULL pointer check in i3c_master_queue_ibi()\n\nThe I3C master driver may receive an IBI from a target device that has not\nbeen probed yet. In such cases, the master calls `i3c_master_queue_ibi()`\nto queue an IBI work task, leading to \"Unable to handle kernel read from\nunreadable memory\" and resulting in a kernel panic.\n\nTypical IBI handling flow:\n1. The I3C master scans target devices and probes their respective drivers.\n2. The target device driver calls `i3c_device_request_ibi()` to enable IBI\n and assigns `dev-\u003eibi = ibi`.\n3. The I3C master receives an IBI from the target device and calls\n `i3c_master_queue_ibi()` to queue the target device driver\u0027s IBI\n handler task.\n\nHowever, since target device events are asynchronous to the I3C probe\nsequence, step 3 may occur before step 2, causing `dev-\u003eibi` to be `NULL`,\nleading to a kernel panic.\n\nAdd a NULL pointer check in `i3c_master_queue_ibi()` to prevent accessing\nan uninitialized `dev-\u003eibi`, ensuring stability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23147",
"url": "https://www.suse.com/security/cve/CVE-2025-23147"
},
{
"category": "external",
"summary": "SUSE Bug 1242530 for CVE-2025-23147",
"url": "https://bugzilla.suse.com/1242530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-23147"
},
{
"cve": "CVE-2025-23148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()\n\nsoc_dev_attr-\u003erevision could be NULL, thus,\na pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23148",
"url": "https://www.suse.com/security/cve/CVE-2025-23148"
},
{
"category": "external",
"summary": "SUSE Bug 1242578 for CVE-2025-23148",
"url": "https://bugzilla.suse.com/1242578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-23148"
},
{
"cve": "CVE-2025-23149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: do not start chip while suspended\n\nChecking TPM_CHIP_FLAG_SUSPENDED after the call to tpm_find_get_ops() can\nlead to a spurious tpm_chip_start() call:\n\n[35985.503771] i2c i2c-1: Transfer while suspended\n[35985.503796] WARNING: CPU: 0 PID: 74 at drivers/i2c/i2c-core.h:56 __i2c_transfer+0xbe/0x810\n[35985.503802] Modules linked in:\n[35985.503808] CPU: 0 UID: 0 PID: 74 Comm: hwrng Tainted: G W 6.13.0-next-20250203-00005-gfa0cb5642941 #19 9c3d7f78192f2d38e32010ac9c90fdc71109ef6f\n[35985.503814] Tainted: [W]=WARN\n[35985.503817] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[35985.503819] RIP: 0010:__i2c_transfer+0xbe/0x810\n[35985.503825] Code: 30 01 00 00 4c 89 f7 e8 40 fe d8 ff 48 8b 93 80 01 00 00 48 85 d2 75 03 49 8b 16 48 c7 c7 0a fb 7c a7 48 89 c6 e8 32 ad b0 fe \u003c0f\u003e 0b b8 94 ff ff ff e9 33 04 00 00 be 02 00 00 00 83 fd 02 0f 5\n[35985.503828] RSP: 0018:ffffa106c0333d30 EFLAGS: 00010246\n[35985.503833] RAX: 074ba64aa20f7000 RBX: ffff8aa4c1167120 RCX: 0000000000000000\n[35985.503836] RDX: 0000000000000000 RSI: ffffffffa77ab0e4 RDI: 0000000000000001\n[35985.503838] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\n[35985.503841] R10: 0000000000000004 R11: 00000001000313d5 R12: ffff8aa4c10f1820\n[35985.503843] R13: ffff8aa4c0e243c0 R14: ffff8aa4c1167250 R15: ffff8aa4c1167120\n[35985.503846] FS: 0000000000000000(0000) GS:ffff8aa4eae00000(0000) knlGS:0000000000000000\n[35985.503849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[35985.503852] CR2: 00007fab0aaf1000 CR3: 0000000105328000 CR4: 00000000003506f0\n[35985.503855] Call Trace:\n[35985.503859] \u003cTASK\u003e\n[35985.503863] ? __warn+0xd4/0x260\n[35985.503868] ? __i2c_transfer+0xbe/0x810\n[35985.503874] ? report_bug+0xf3/0x210\n[35985.503882] ? handle_bug+0x63/0xb0\n[35985.503887] ? exc_invalid_op+0x16/0x50\n[35985.503892] ? asm_exc_invalid_op+0x16/0x20\n[35985.503904] ? __i2c_transfer+0xbe/0x810\n[35985.503913] tpm_cr50_i2c_transfer_message+0x24/0xf0\n[35985.503920] tpm_cr50_i2c_read+0x8e/0x120\n[35985.503928] tpm_cr50_request_locality+0x75/0x170\n[35985.503935] tpm_chip_start+0x116/0x160\n[35985.503942] tpm_try_get_ops+0x57/0x90\n[35985.503948] tpm_find_get_ops+0x26/0xd0\n[35985.503955] tpm_get_random+0x2d/0x80\n\nDon\u0027t move forward with tpm_chip_start() inside tpm_try_get_ops(), unless\nTPM_CHIP_FLAG_SUSPENDED is not set. tpm_find_get_ops() will return NULL in\nsuch a failure case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23149",
"url": "https://www.suse.com/security/cve/CVE-2025-23149"
},
{
"category": "external",
"summary": "SUSE Bug 1242758 for CVE-2025-23149",
"url": "https://bugzilla.suse.com/1242758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-23149"
},
{
"cve": "CVE-2025-23151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Fix race between unprepare and queue_buf\n\nA client driver may use mhi_unprepare_from_transfer() to quiesce\nincoming data during the client driver\u0027s tear down. The client driver\nmight also be processing data at the same time, resulting in a call to\nmhi_queue_buf() which will invoke mhi_gen_tre(). If mhi_gen_tre() runs\nafter mhi_unprepare_from_transfer() has torn down the channel, a panic\nwill occur due to an invalid dereference leading to a page fault.\n\nThis occurs because mhi_gen_tre() does not verify the channel state\nafter locking it. Fix this by having mhi_gen_tre() confirm the channel\nstate is valid, or return error to avoid accessing deinitialized data.\n\n[mani: added stable tag]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23151",
"url": "https://www.suse.com/security/cve/CVE-2025-23151"
},
{
"category": "external",
"summary": "SUSE Bug 1242512 for CVE-2025-23151",
"url": "https://bugzilla.suse.com/1242512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-23151"
},
{
"cve": "CVE-2025-23155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23155"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: Fix accessing freed irq affinity_hint\n\nThe cpumask should not be a local variable, since its pointer is saved\nto irq_desc and may be accessed from procfs.\nTo fix it, use the persistent mask cpumask_of(cpu#).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23155",
"url": "https://www.suse.com/security/cve/CVE-2025-23155"
},
{
"category": "external",
"summary": "SUSE Bug 1242573 for CVE-2025-23155",
"url": "https://bugzilla.suse.com/1242573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-23155"
},
{
"cve": "CVE-2025-23156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: refactor hfi packet parsing logic\n\nwords_count denotes the number of words in total payload, while data\npoints to payload of various property within it. When words_count\nreaches last word, data can access memory beyond the total payload. This\ncan lead to OOB access. With this patch, the utility api for handling\nindividual properties now returns the size of data consumed. Accordingly\nremaining bytes are calculated before parsing the payload, thereby\neliminates the OOB access possibilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23156",
"url": "https://www.suse.com/security/cve/CVE-2025-23156"
},
{
"category": "external",
"summary": "SUSE Bug 1242569 for CVE-2025-23156",
"url": "https://bugzilla.suse.com/1242569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-23156"
},
{
"cve": "CVE-2025-23157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: add check to avoid out of bound access\n\nThere is a possibility that init_codecs is invoked multiple times during\nmanipulated payload from video firmware. In such case, if codecs_count\ncan get incremented to value more than MAX_CODEC_NUM, there can be OOB\naccess. Reset the count so that it always starts from beginning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23157",
"url": "https://www.suse.com/security/cve/CVE-2025-23157"
},
{
"category": "external",
"summary": "SUSE Bug 1242532 for CVE-2025-23157",
"url": "https://bugzilla.suse.com/1242532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-23157"
},
{
"cve": "CVE-2025-23158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add check to handle incorrect queue size\n\nqsize represents size of shared queued between driver and video\nfirmware. Firmware can modify this value to an invalid large value. In\nsuch situation, empty_space will be bigger than the space actually\navailable. Since new_wr_idx is not checked, so the following code will\nresult in an OOB write.\n...\nqsize = qhdr-\u003eq_size\n\nif (wr_idx \u003e= rd_idx)\n empty_space = qsize - (wr_idx - rd_idx)\n....\nif (new_wr_idx \u003c qsize) {\n memcpy(wr_ptr, packet, dwords \u003c\u003c 2) --\u003e OOB write\n\nAdd check to ensure qsize is within the allocated size while\nreading and writing packets into the queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23158",
"url": "https://www.suse.com/security/cve/CVE-2025-23158"
},
{
"category": "external",
"summary": "SUSE Bug 1242531 for CVE-2025-23158",
"url": "https://bugzilla.suse.com/1242531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-23158"
},
{
"cve": "CVE-2025-23159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add a check to handle OOB in sfr region\n\nsfr-\u003ebuf_size is in shared memory and can be modified by malicious user.\nOOB write is possible when the size is made higher than actual sfr data\nbuffer. Cap the size to allocated size for such cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23159",
"url": "https://www.suse.com/security/cve/CVE-2025-23159"
},
{
"category": "external",
"summary": "SUSE Bug 1242529 for CVE-2025-23159",
"url": "https://bugzilla.suse.com/1242529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-23159"
},
{
"cve": "CVE-2025-23161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type\n\nThe access to the PCI config space via pci_ops::read and pci_ops::write is\na low-level hardware access. The functions can be accessed with disabled\ninterrupts even on PREEMPT_RT. The pci_lock is a raw_spinlock_t for this\npurpose.\n\nA spinlock_t becomes a sleeping lock on PREEMPT_RT, so it cannot be\nacquired with disabled interrupts. The vmd_dev::cfg_lock is accessed in\nthe same context as the pci_lock.\n\nMake vmd_dev::cfg_lock a raw_spinlock_t type so it can be used with\ninterrupts disabled.\n\nThis was reported as:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n Call Trace:\n rt_spin_lock+0x4e/0x130\n vmd_pci_read+0x8d/0x100 [vmd]\n pci_user_read_config_byte+0x6f/0xe0\n pci_read_config+0xfe/0x290\n sysfs_kf_bin_read+0x68/0x90\n\n[bigeasy: reword commit message]\nTested-off-by: Luis Claudio R. Goncalves \u003clgoncalv@redhat.com\u003e\n[kwilczynski: commit log]\n[bhelgaas: add back report info from\nhttps://lore.kernel.org/lkml/20241218115951.83062-1-ryotkkr98@gmail.com/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23161",
"url": "https://www.suse.com/security/cve/CVE-2025-23161"
},
{
"category": "external",
"summary": "SUSE Bug 1242792 for CVE-2025-23161",
"url": "https://bugzilla.suse.com/1242792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-23161"
},
{
"cve": "CVE-2025-23162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/vf: Don\u0027t try to trigger a full GT reset if VF\n\nVFs don\u0027t have access to the GDRST(0x941c) register that driver\nuses to reset a GT. Attempt to trigger a reset using debugfs:\n\n $ cat /sys/kernel/debug/dri/0000:00:02.1/gt0/force_reset\n\nor due to a hang condition detected by the driver leads to:\n\n [ ] xe 0000:00:02.1: [drm] GT0: trying reset from force_reset [xe]\n [ ] xe 0000:00:02.1: [drm] GT0: reset queued\n [ ] xe 0000:00:02.1: [drm] GT0: reset started\n [ ] ------------[ cut here ]------------\n [ ] xe 0000:00:02.1: [drm] GT0: VF is trying to write 0x1 to an inaccessible register 0x941c+0x0\n [ ] WARNING: CPU: 3 PID: 3069 at drivers/gpu/drm/xe/xe_gt_sriov_vf.c:996 xe_gt_sriov_vf_write32+0xc6/0x580 [xe]\n [ ] RIP: 0010:xe_gt_sriov_vf_write32+0xc6/0x580 [xe]\n [ ] Call Trace:\n [ ] \u003cTASK\u003e\n [ ] ? show_regs+0x6c/0x80\n [ ] ? __warn+0x93/0x1c0\n [ ] ? xe_gt_sriov_vf_write32+0xc6/0x580 [xe]\n [ ] ? report_bug+0x182/0x1b0\n [ ] ? handle_bug+0x6e/0xb0\n [ ] ? exc_invalid_op+0x18/0x80\n [ ] ? asm_exc_invalid_op+0x1b/0x20\n [ ] ? xe_gt_sriov_vf_write32+0xc6/0x580 [xe]\n [ ] ? xe_gt_sriov_vf_write32+0xc6/0x580 [xe]\n [ ] ? xe_gt_tlb_invalidation_reset+0xef/0x110 [xe]\n [ ] ? __mutex_unlock_slowpath+0x41/0x2e0\n [ ] xe_mmio_write32+0x64/0x150 [xe]\n [ ] do_gt_reset+0x2f/0xa0 [xe]\n [ ] gt_reset_worker+0x14e/0x1e0 [xe]\n [ ] process_one_work+0x21c/0x740\n [ ] worker_thread+0x1db/0x3c0\n\nFix that by sending H2G VF_RESET(0x5507) action instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23162",
"url": "https://www.suse.com/security/cve/CVE-2025-23162"
},
{
"category": "external",
"summary": "SUSE Bug 1242834 for CVE-2025-23162",
"url": "https://bugzilla.suse.com/1242834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-23162"
},
{
"cve": "CVE-2025-37738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: ignore xattrs past end\n\nOnce inside \u0027ext4_xattr_inode_dec_ref_all\u0027 we should\nignore xattrs entries past the \u0027end\u0027 entry.\n\nThis fixes the following KASAN reported issue:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\nRead of size 4 at addr ffff888012c120c4 by task repro/2065\n\nCPU: 1 UID: 0 PID: 2065 Comm: repro Not tainted 6.13.0-rc2+ #11\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x1fd/0x300\n ? tcp_gro_dev_warn+0x260/0x260\n ? _printk+0xc0/0x100\n ? read_lock_is_recursive+0x10/0x10\n ? irq_work_queue+0x72/0xf0\n ? __virt_addr_valid+0x17b/0x4b0\n print_address_description+0x78/0x390\n print_report+0x107/0x1f0\n ? __virt_addr_valid+0x17b/0x4b0\n ? __virt_addr_valid+0x3ff/0x4b0\n ? __phys_addr+0xb5/0x160\n ? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n kasan_report+0xcc/0x100\n ? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n ? ext4_xattr_delete_inode+0xd30/0xd30\n ? __ext4_journal_ensure_credits+0x5f0/0x5f0\n ? __ext4_journal_ensure_credits+0x2b/0x5f0\n ? inode_update_timestamps+0x410/0x410\n ext4_xattr_delete_inode+0xb64/0xd30\n ? ext4_truncate+0xb70/0xdc0\n ? ext4_expand_extra_isize_ea+0x1d20/0x1d20\n ? __ext4_mark_inode_dirty+0x670/0x670\n ? ext4_journal_check_start+0x16f/0x240\n ? ext4_inode_is_fast_symlink+0x2f2/0x3a0\n ext4_evict_inode+0xc8c/0xff0\n ? ext4_inode_is_fast_symlink+0x3a0/0x3a0\n ? do_raw_spin_unlock+0x53/0x8a0\n ? ext4_inode_is_fast_symlink+0x3a0/0x3a0\n evict+0x4ac/0x950\n ? proc_nr_inodes+0x310/0x310\n ? trace_ext4_drop_inode+0xa2/0x220\n ? _raw_spin_unlock+0x1a/0x30\n ? iput+0x4cb/0x7e0\n do_unlinkat+0x495/0x7c0\n ? try_break_deleg+0x120/0x120\n ? 0xffffffff81000000\n ? __check_object_size+0x15a/0x210\n ? strncpy_from_user+0x13e/0x250\n ? getname_flags+0x1dc/0x530\n __x64_sys_unlinkat+0xc8/0xf0\n do_syscall_64+0x65/0x110\n entry_SYSCALL_64_after_hwframe+0x67/0x6f\nRIP: 0033:0x434ffd\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 8\nRSP: 002b:00007ffc50fa7b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000107\nRAX: ffffffffffffffda RBX: 00007ffc50fa7e18 RCX: 0000000000434ffd\nRDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000005\nRBP: 00007ffc50fa7be0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001\nR13: 00007ffc50fa7e08 R14: 00000000004bbf30 R15: 0000000000000001\n \u003c/TASK\u003e\n\nThe buggy address belongs to the object at ffff888012c12000\n which belongs to the cache filp of size 360\nThe buggy address is located 196 bytes inside of\n freed 360-byte region [ffff888012c12000, ffff888012c12168)\n\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12c12\nhead: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0\nflags: 0x40(head|node=0|zone=0)\npage_type: f5(slab)\nraw: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nraw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nhead: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000001 ffffea00004b0481 ffffffffffffffff 0000000000000000\nhead: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888012c11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888012c12000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n\u003e ffff888012c12080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888012c12100: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc\n ffff888012c12180: fc fc fc fc fc fc fc fc fc\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37738",
"url": "https://www.suse.com/security/cve/CVE-2025-37738"
},
{
"category": "external",
"summary": "SUSE Bug 1242846 for CVE-2025-37738",
"url": "https://bugzilla.suse.com/1242846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37738"
},
{
"cve": "CVE-2025-37740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add sanity check for agwidth in dbMount\n\nThe width in dmapctl of the AG is zero, it trigger a divide error when\ncalculating the control page level in dbAllocAG.\n\nTo avoid this issue, add a check for agwidth in dbAllocAG.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37740",
"url": "https://www.suse.com/security/cve/CVE-2025-37740"
},
{
"category": "external",
"summary": "SUSE Bug 1243006 for CVE-2025-37740",
"url": "https://bugzilla.suse.com/1243006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37740"
},
{
"cve": "CVE-2025-37741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Prevent copying of nlink with value 0 from disk inode\n\nsyzbot report a deadlock in diFree. [1]\n\nWhen calling \"ioctl$LOOP_SET_STATUS64\", the offset value passed in is 4,\nwhich does not match the mounted loop device, causing the mapping of the\nmounted loop device to be invalidated.\n\nWhen creating the directory and creating the inode of iag in diReadSpecial(),\nread the page of fixed disk inode (AIT) in raw mode in read_metapage(), the\nmetapage data it returns is corrupted, which causes the nlink value of 0 to be\nassigned to the iag inode when executing copy_from_dinode(), which ultimately\ncauses a deadlock when entering diFree().\n\nTo avoid this, first check the nlink value of dinode before setting iag inode.\n\n[1]\nWARNING: possible recursive locking detected\n6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0 Not tainted\n--------------------------------------------\nsyz-executor301/5309 is trying to acquire lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n\nbut task is already holding lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026(imap-\u003eim_aglock[index]));\n lock(\u0026(imap-\u003eim_aglock[index]));\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n5 locks held by syz-executor301/5309:\n #0: ffff8880422a4420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:515\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:850 [inline]\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: filename_create+0x260/0x540 fs/namei.c:4026\n #2: ffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2460 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocAG+0x4b7/0x1e50 fs/jfs/jfs_imap.c:1669\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2477 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocAG+0x869/0x1e50 fs/jfs/jfs_imap.c:1669\n\nstack backtrace:\nCPU: 0 UID: 0 PID: 5309 Comm: syz-executor301 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_deadlock_bug+0x483/0x620 kernel/locking/lockdep.c:3037\n check_deadlock kernel/locking/lockdep.c:3089 [inline]\n validate_chain+0x15e2/0x5920 kernel/locking/lockdep.c:3891\n __lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5202\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825\n __mutex_lock_common kernel/locking/mutex.c:608 [inline]\n __mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752\n diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n jfs_evict_inode+0x32d/0x440 fs/jfs/inode.c:156\n evict+0x4e8/0x9b0 fs/inode.c:725\n diFreeSpecial fs/jfs/jfs_imap.c:552 [inline]\n duplicateIXtree+0x3c6/0x550 fs/jfs/jfs_imap.c:3022\n diNewIAG fs/jfs/jfs_imap.c:2597 [inline]\n diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n diAllocAG+0x17dc/0x1e50 fs/jfs/jfs_imap.c:1669\n diAlloc+0x1d2/0x1630 fs/jfs/jfs_imap.c:1590\n ialloc+0x8f/0x900 fs/jfs/jfs_inode.c:56\n jfs_mkdir+0x1c5/0xba0 fs/jfs/namei.c:225\n vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257\n do_mkdirat+0x264/0x3a0 fs/namei.c:4280\n __do_sys_mkdirat fs/namei.c:4295 [inline]\n __se_sys_mkdirat fs/namei.c:4293 [inline]\n __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293\n do_syscall_x64 arch/x86/en\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37741",
"url": "https://www.suse.com/security/cve/CVE-2025-37741"
},
{
"category": "external",
"summary": "SUSE Bug 1243015 for CVE-2025-37741",
"url": "https://bugzilla.suse.com/1243015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37741"
},
{
"cve": "CVE-2025-37742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix uninit-value access of imap allocated in the diMount() function\n\nsyzbot reports that hex_dump_to_buffer is using uninit-value:\n\n=====================================================\nBUG: KMSAN: uninit-value in hex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nhex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nprint_hex_dump+0x13d/0x3e0 lib/hexdump.c:276\ndiFree+0x5ba/0x4350 fs/jfs/jfs_imap.c:876\njfs_evict_inode+0x510/0x550 fs/jfs/inode.c:156\nevict+0x723/0xd10 fs/inode.c:796\niput_final fs/inode.c:1946 [inline]\niput+0x97b/0xdb0 fs/inode.c:1972\ntxUpdateMap+0xf3e/0x1150 fs/jfs/jfs_txnmgr.c:2367\ntxLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline]\njfs_lazycommit+0x627/0x11d0 fs/jfs/jfs_txnmgr.c:2733\nkthread+0x6b9/0xef0 kernel/kthread.c:464\nret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:148\nret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nUninit was created at:\nslab_post_alloc_hook mm/slub.c:4121 [inline]\nslab_alloc_node mm/slub.c:4164 [inline]\n__kmalloc_cache_noprof+0x8e3/0xdf0 mm/slub.c:4320\nkmalloc_noprof include/linux/slab.h:901 [inline]\ndiMount+0x61/0x7f0 fs/jfs/jfs_imap.c:105\njfs_mount+0xa8e/0x11d0 fs/jfs/jfs_mount.c:176\njfs_fill_super+0xa47/0x17c0 fs/jfs/super.c:523\nget_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636\nget_tree_bdev+0x37/0x50 fs/super.c:1659\njfs_get_tree+0x34/0x40 fs/jfs/super.c:635\nvfs_get_tree+0xb1/0x5a0 fs/super.c:1814\ndo_new_mount+0x71f/0x15e0 fs/namespace.c:3560\npath_mount+0x742/0x1f10 fs/namespace.c:3887\ndo_mount fs/namespace.c:3900 [inline]\n__do_sys_mount fs/namespace.c:4111 [inline]\n__se_sys_mount+0x71f/0x800 fs/namespace.c:4088\n__x64_sys_mount+0xe4/0x150 fs/namespace.c:4088\nx64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\n=====================================================\n\nThe reason is that imap is not properly initialized after memory\nallocation. It will cause the snprintf() function to write uninitialized\ndata into linebuf within hex_dump_to_buffer().\n\nFix this by using kzalloc instead of kmalloc to clear its content at the\nbeginning in diMount().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37742",
"url": "https://www.suse.com/security/cve/CVE-2025-37742"
},
{
"category": "external",
"summary": "SUSE Bug 1243011 for CVE-2025-37742",
"url": "https://bugzilla.suse.com/1243011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37742"
},
{
"cve": "CVE-2025-37743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Avoid memory leak while enabling statistics\n\nDriver uses monitor destination rings for extended statistics mode and\nstandalone monitor mode. In extended statistics mode, TLVs are parsed from\nthe buffer received from the monitor destination ring and assigned to the\nppdu_info structure to update per-packet statistics. In standalone monitor\nmode, along with per-packet statistics, the packet data (payload) is\ncaptured, and the driver updates per MSDU to mac80211.\n\nWhen the AP interface is enabled, only extended statistics mode is\nactivated. As part of enabling monitor rings for collecting statistics,\nthe driver subscribes to HAL_RX_MPDU_START TLV in the filter\nconfiguration. This TLV is received from the monitor destination ring, and\nkzalloc for the mon_mpdu object occurs, which is not freed, leading to a\nmemory leak. The kzalloc for the mon_mpdu object is only required while\nenabling the standalone monitor interface. This causes a memory leak while\nenabling extended statistics mode in the driver.\n\nFix this memory leak by removing the kzalloc for the mon_mpdu object in\nthe HAL_RX_MPDU_START TLV handling. Additionally, remove the standalone\nmonitor mode handlings in the HAL_MON_BUF_ADDR and HAL_RX_MSDU_END TLVs.\nThese TLV tags will be handled properly when enabling standalone monitor\nmode in the future.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37743",
"url": "https://www.suse.com/security/cve/CVE-2025-37743"
},
{
"category": "external",
"summary": "SUSE Bug 1242163 for CVE-2025-37743",
"url": "https://bugzilla.suse.com/1242163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37743"
},
{
"cve": "CVE-2025-37747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37747",
"url": "https://www.suse.com/security/cve/CVE-2025-37747"
},
{
"category": "external",
"summary": "SUSE Bug 1242520 for CVE-2025-37747",
"url": "https://bugzilla.suse.com/1242520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37747"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "important"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/huc: Fix fence not released on early probe errors\n\nHuC delayed loading fence, introduced with commit 27536e03271da\n(\"drm/i915/huc: track delayed HuC load with a fence\"), is registered with\nobject tracker early on driver probe but unregistered only from driver\nremove, which is not called on early probe errors. Since its memory is\nallocated under devres, then released anyway, it may happen to be\nallocated again to the fence and reused on future driver probes, resulting\nin kernel warnings that taint the kernel:\n\n\u003c4\u003e [309.731371] ------------[ cut here ]------------\n\u003c3\u003e [309.731373] ODEBUG: init destroyed (active state 0) object: ffff88813d7dd2e0 object type: i915_sw_fence hint: sw_fence_dummy_notify+0x0/0x20 [i915]\n\u003c4\u003e [309.731575] WARNING: CPU: 2 PID: 3161 at lib/debugobjects.c:612 debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731693] CPU: 2 UID: 0 PID: 3161 Comm: i915_module_loa Tainted: G U 6.14.0-CI_DRM_16362-gf0fd77956987+ #1\n...\n\u003c4\u003e [309.731700] RIP: 0010:debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731728] Call Trace:\n\u003c4\u003e [309.731730] \u003cTASK\u003e\n...\n\u003c4\u003e [309.731949] __debug_object_init+0x17b/0x1c0\n\u003c4\u003e [309.731957] debug_object_init+0x34/0x50\n\u003c4\u003e [309.732126] __i915_sw_fence_init+0x34/0x60 [i915]\n\u003c4\u003e [309.732256] intel_huc_init_early+0x4b/0x1d0 [i915]\n\u003c4\u003e [309.732468] intel_uc_init_early+0x61/0x680 [i915]\n\u003c4\u003e [309.732667] intel_gt_common_init_early+0x105/0x130 [i915]\n\u003c4\u003e [309.732804] intel_root_gt_init_early+0x63/0x80 [i915]\n\u003c4\u003e [309.732938] i915_driver_probe+0x1fa/0xeb0 [i915]\n\u003c4\u003e [309.733075] i915_pci_probe+0xe6/0x220 [i915]\n\u003c4\u003e [309.733198] local_pci_probe+0x44/0xb0\n\u003c4\u003e [309.733203] pci_device_probe+0xf4/0x270\n\u003c4\u003e [309.733209] really_probe+0xee/0x3c0\n\u003c4\u003e [309.733215] __driver_probe_device+0x8c/0x180\n\u003c4\u003e [309.733219] driver_probe_device+0x24/0xd0\n\u003c4\u003e [309.733223] __driver_attach+0x10f/0x220\n\u003c4\u003e [309.733230] bus_for_each_dev+0x7d/0xe0\n\u003c4\u003e [309.733236] driver_attach+0x1e/0x30\n\u003c4\u003e [309.733239] bus_add_driver+0x151/0x290\n\u003c4\u003e [309.733244] driver_register+0x5e/0x130\n\u003c4\u003e [309.733247] __pci_register_driver+0x7d/0x90\n\u003c4\u003e [309.733251] i915_pci_register_driver+0x23/0x30 [i915]\n\u003c4\u003e [309.733413] i915_init+0x34/0x120 [i915]\n\u003c4\u003e [309.733655] do_one_initcall+0x62/0x3f0\n\u003c4\u003e [309.733667] do_init_module+0x97/0x2a0\n\u003c4\u003e [309.733671] load_module+0x25ff/0x2890\n\u003c4\u003e [309.733688] init_module_from_file+0x97/0xe0\n\u003c4\u003e [309.733701] idempotent_init_module+0x118/0x330\n\u003c4\u003e [309.733711] __x64_sys_finit_module+0x77/0x100\n\u003c4\u003e [309.733715] x64_sys_call+0x1f37/0x2650\n\u003c4\u003e [309.733719] do_syscall_64+0x91/0x180\n\u003c4\u003e [309.733763] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\u003c4\u003e [309.733792] \u003c/TASK\u003e\n...\n\u003c4\u003e [309.733806] ---[ end trace 0000000000000000 ]---\n\nThat scenario is most easily reproducible with\nigt@i915_module_load@reload-with-fault-injection.\n\nFix the issue by moving the cleanup step to driver release path.\n\n(cherry picked from commit 795dbde92fe5c6996a02a5b579481de73035e7bf)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37754",
"url": "https://www.suse.com/security/cve/CVE-2025-37754"
},
{
"category": "external",
"summary": "SUSE Bug 1242524 for CVE-2025-37754",
"url": "https://bugzilla.suse.com/1242524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37754"
},
{
"cve": "CVE-2025-37756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tls: explicitly disallow disconnect\n\nsyzbot discovered that it can disconnect a TLS socket and then\nrun into all sort of unexpected corner cases. I have a vague\nrecollection of Eric pointing this out to us a long time ago.\nSupporting disconnect is really hard, for one thing if offload\nis enabled we\u0027d need to wait for all packets to be _acked_.\nDisconnect is not commonly used, disallow it.\n\nThe immediate problem syzbot run into is the warning in the strp,\nbut that\u0027s just the easiest bug to trigger:\n\n WARNING: CPU: 0 PID: 5834 at net/tls/tls_strp.c:486 tls_strp_msg_load+0x72e/0xa80 net/tls/tls_strp.c:486\n RIP: 0010:tls_strp_msg_load+0x72e/0xa80 net/tls/tls_strp.c:486\n Call Trace:\n \u003cTASK\u003e\n tls_rx_rec_wait+0x280/0xa60 net/tls/tls_sw.c:1363\n tls_sw_recvmsg+0x85c/0x1c30 net/tls/tls_sw.c:2043\n inet6_recvmsg+0x2c9/0x730 net/ipv6/af_inet6.c:678\n sock_recvmsg_nosec net/socket.c:1023 [inline]\n sock_recvmsg+0x109/0x280 net/socket.c:1045\n __sys_recvfrom+0x202/0x380 net/socket.c:2237",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37756",
"url": "https://www.suse.com/security/cve/CVE-2025-37756"
},
{
"category": "external",
"summary": "SUSE Bug 1242515 for CVE-2025-37756",
"url": "https://bugzilla.suse.com/1242515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37756"
},
{
"cve": "CVE-2025-37757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37757"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix memory leak in tipc_link_xmit\n\nIn case the backlog transmit queue for system-importance messages is overloaded,\ntipc_link_xmit() returns -ENOBUFS but the skb list is not purged. This leads to\nmemory leak and failure when a skb is allocated.\n\nThis commit fixes this issue by purging the skb list before tipc_link_xmit()\nreturns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37757",
"url": "https://www.suse.com/security/cve/CVE-2025-37757"
},
{
"category": "external",
"summary": "SUSE Bug 1242521 for CVE-2025-37757",
"url": "https://bugzilla.suse.com/1242521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37757"
},
{
"cve": "CVE-2025-37758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()\n\ndevm_ioremap() returns NULL on error. Currently, pxa_ata_probe() does\nnot check for this case, which can result in a NULL pointer dereference.\n\nAdd NULL check after devm_ioremap() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37758",
"url": "https://www.suse.com/security/cve/CVE-2025-37758"
},
{
"category": "external",
"summary": "SUSE Bug 1242514 for CVE-2025-37758",
"url": "https://bugzilla.suse.com/1242514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37758"
},
{
"cve": "CVE-2025-37761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Fix an out-of-bounds shift when invalidating TLB\n\nWhen the size of the range invalidated is larger than\nrounddown_pow_of_two(ULONG_MAX),\nThe function macro roundup_pow_of_two(length) will hit an out-of-bounds\nshift [1].\n\nUse a full TLB invalidation for such cases.\nv2:\n- Use a define for the range size limit over which we use a full\n TLB invalidation. (Lucas)\n- Use a better calculation of the limit.\n\n[1]:\n[ 39.202421] ------------[ cut here ]------------\n[ 39.202657] UBSAN: shift-out-of-bounds in ./include/linux/log2.h:57:13\n[ 39.202673] shift exponent 64 is too large for 64-bit type \u0027long unsigned int\u0027\n[ 39.202688] CPU: 8 UID: 0 PID: 3129 Comm: xe_exec_system_ Tainted: G U 6.14.0+ #10\n[ 39.202690] Tainted: [U]=USER\n[ 39.202690] Hardware name: ASUS System Product Name/PRIME B560M-A AC, BIOS 2001 02/01/2023\n[ 39.202691] Call Trace:\n[ 39.202692] \u003cTASK\u003e\n[ 39.202695] dump_stack_lvl+0x6e/0xa0\n[ 39.202699] ubsan_epilogue+0x5/0x30\n[ 39.202701] __ubsan_handle_shift_out_of_bounds.cold+0x61/0xe6\n[ 39.202705] xe_gt_tlb_invalidation_range.cold+0x1d/0x3a [xe]\n[ 39.202800] ? find_held_lock+0x2b/0x80\n[ 39.202803] ? mark_held_locks+0x40/0x70\n[ 39.202806] xe_svm_invalidate+0x459/0x700 [xe]\n[ 39.202897] drm_gpusvm_notifier_invalidate+0x4d/0x70 [drm_gpusvm]\n[ 39.202900] __mmu_notifier_release+0x1f5/0x270\n[ 39.202905] exit_mmap+0x40e/0x450\n[ 39.202912] __mmput+0x45/0x110\n[ 39.202914] exit_mm+0xc5/0x130\n[ 39.202916] do_exit+0x21c/0x500\n[ 39.202918] ? lockdep_hardirqs_on_prepare+0xdb/0x190\n[ 39.202920] do_group_exit+0x36/0xa0\n[ 39.202922] get_signal+0x8f8/0x900\n[ 39.202926] arch_do_signal_or_restart+0x35/0x100\n[ 39.202930] syscall_exit_to_user_mode+0x1fc/0x290\n[ 39.202932] do_syscall_64+0xa1/0x180\n[ 39.202934] ? do_user_addr_fault+0x59f/0x8a0\n[ 39.202937] ? lock_release+0xd2/0x2a0\n[ 39.202939] ? do_user_addr_fault+0x5a9/0x8a0\n[ 39.202942] ? trace_hardirqs_off+0x4b/0xc0\n[ 39.202944] ? clear_bhb_loop+0x25/0x80\n[ 39.202946] ? clear_bhb_loop+0x25/0x80\n[ 39.202947] ? clear_bhb_loop+0x25/0x80\n[ 39.202950] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 39.202952] RIP: 0033:0x7fa945e543e1\n[ 39.202961] Code: Unable to access opcode bytes at 0x7fa945e543b7.\n[ 39.202962] RSP: 002b:00007ffca8fb4170 EFLAGS: 00000293\n[ 39.202963] RAX: 000000000000003d RBX: 0000000000000000 RCX: 00007fa945e543e3\n[ 39.202964] RDX: 0000000000000000 RSI: 00007ffca8fb41ac RDI: 00000000ffffffff\n[ 39.202964] RBP: 00007ffca8fb4190 R08: 0000000000000000 R09: 00007fa945f600a0\n[ 39.202965] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000\n[ 39.202966] R13: 00007fa9460dd310 R14: 00007ffca8fb41ac R15: 0000000000000000\n[ 39.202970] \u003c/TASK\u003e\n[ 39.202970] ---[ end trace ]---\n\n(cherry picked from commit b88f48f86500bc0b44b4f73ac66d500a40d320ad)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37761",
"url": "https://www.suse.com/security/cve/CVE-2025-37761"
},
{
"category": "external",
"summary": "SUSE Bug 1242724 for CVE-2025-37761",
"url": "https://bugzilla.suse.com/1242724"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37761"
},
{
"cve": "CVE-2025-37763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: take paired job reference\n\nFor paired jobs, have the fragment job take a reference on the\ngeometry job, so that the geometry job cannot be freed until\nthe fragment job has finished with it.\n\nThe geometry job structure is accessed when the fragment job is being\nprepared by the GPU scheduler. Taking the reference prevents the\ngeometry job being freed until the fragment job no longer requires it.\n\nFixes a use after free bug detected by KASAN:\n\n[ 124.256386] BUG: KASAN: slab-use-after-free in pvr_queue_prepare_job+0x108/0x868 [powervr]\n[ 124.264893] Read of size 1 at addr ffff0000084cb960 by task kworker/u16:4/63",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37763",
"url": "https://www.suse.com/security/cve/CVE-2025-37763"
},
{
"category": "external",
"summary": "SUSE Bug 1242508 for CVE-2025-37763",
"url": "https://bugzilla.suse.com/1242508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37763"
},
{
"cve": "CVE-2025-37764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: fix firmware memory leaks\n\nFree the memory used to hold the results of firmware image processing\nwhen the module is unloaded.\n\nFix the related issue of the same memory being leaked if processing\nof the firmware image fails during module load.\n\nEnsure all firmware GEM objects are destroyed if firmware image\nprocessing fails.\n\nFixes memory leaks on powervr module unload detected by Kmemleak:\n\nunreferenced object 0xffff000042e20000 (size 94208):\n comm \"modprobe\", pid 470, jiffies 4295277154\n hex dump (first 32 bytes):\n 02 ae 7f ed bf 45 84 00 3c 5b 1f ed 9f 45 45 05 .....E..\u003c[...EE.\n d5 4f 5d 14 6c 00 3d 23 30 d0 3a 4a 66 0e 48 c8 .O].l.=#0.:Jf.H.\n backtrace (crc dd329dec):\n kmemleak_alloc+0x30/0x40\n ___kmalloc_large_node+0x140/0x188\n __kmalloc_large_node_noprof+0x2c/0x13c\n __kmalloc_noprof+0x48/0x4c0\n pvr_fw_init+0xaa4/0x1f50 [powervr]\n\nunreferenced object 0xffff000042d20000 (size 20480):\n comm \"modprobe\", pid 470, jiffies 4295277154\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 09 00 00 00 0b 00 00 00 ................\n 00 00 00 00 00 00 00 00 07 00 00 00 08 00 00 00 ................\n backtrace (crc 395b02e3):\n kmemleak_alloc+0x30/0x40\n ___kmalloc_large_node+0x140/0x188\n __kmalloc_large_node_noprof+0x2c/0x13c\n __kmalloc_noprof+0x48/0x4c0\n pvr_fw_init+0xb0c/0x1f50 [powervr]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37764",
"url": "https://www.suse.com/security/cve/CVE-2025-37764"
},
{
"category": "external",
"summary": "SUSE Bug 1242577 for CVE-2025-37764",
"url": "https://bugzilla.suse.com/1242577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37764"
},
{
"cve": "CVE-2025-37765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: prime: fix ttm_bo_delayed_delete oops\n\nFix an oops in ttm_bo_delayed_delete which results from dererencing a\ndangling pointer:\n\nOops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [#1] PREEMPT SMP\nCPU: 4 UID: 0 PID: 1082 Comm: kworker/u65:2 Not tainted 6.14.0-rc4-00267-g505460b44513-dirty #216\nHardware name: LENOVO 82N6/LNVNB161216, BIOS GKCN65WW 01/16/2024\nWorkqueue: ttm ttm_bo_delayed_delete [ttm]\nRIP: 0010:dma_resv_iter_first_unlocked+0x55/0x290\nCode: 31 f6 48 c7 c7 00 2b fa aa e8 97 bd 52 ff e8 a2 c1 53 00 5a 85 c0 74 48 e9 88 01 00 00 4c 89 63 20 4d 85 e4 0f 84 30 01 00 00 \u003c41\u003e 8b 44 24 10 c6 43 2c 01 48 89 df 89 43 28 e8 97 fd ff ff 4c 8b\nRSP: 0018:ffffbf9383473d60 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: ffffbf9383473d88 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffbf9383473d78 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 6b6b6b6b6b6b6b6b\nR13: ffffa003bbf78580 R14: ffffa003a6728040 R15: 00000000000383cc\nFS: 0000000000000000(0000) GS:ffffa00991c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000758348024dd0 CR3: 000000012c259000 CR4: 0000000000f50ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x26\n ? die_addr+0x3d/0x70\n ? exc_general_protection+0x159/0x460\n ? asm_exc_general_protection+0x27/0x30\n ? dma_resv_iter_first_unlocked+0x55/0x290\n dma_resv_wait_timeout+0x56/0x100\n ttm_bo_delayed_delete+0x69/0xb0 [ttm]\n process_one_work+0x217/0x5c0\n worker_thread+0x1c8/0x3d0\n ? apply_wqattrs_cleanup.part.0+0xc0/0xc0\n kthread+0x10b/0x240\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork+0x40/0x70\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThe cause of this is:\n\n- drm_prime_gem_destroy calls dma_buf_put(dma_buf) which releases the\n reference to the shared dma_buf. The reference count is 0, so the\n dma_buf is destroyed, which in turn decrements the corresponding\n amdgpu_bo reference count to 0, and the amdgpu_bo is destroyed -\n calling drm_gem_object_release then dma_resv_fini (which destroys the\n reservation object), then finally freeing the amdgpu_bo.\n\n- nouveau_bo obj-\u003ebo.base.resv is now a dangling pointer to the memory\n formerly allocated to the amdgpu_bo.\n\n- nouveau_gem_object_del calls ttm_bo_put(\u0026nvbo-\u003ebo) which calls\n ttm_bo_release, which schedules ttm_bo_delayed_delete.\n\n- ttm_bo_delayed_delete runs and dereferences the dangling resv pointer,\n resulting in a general protection fault.\n\nFix this by moving the drm_prime_gem_destroy call from\nnouveau_gem_object_del to nouveau_bo_del_ttm. This ensures that it will\nbe run after ttm_bo_delayed_delete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37765",
"url": "https://www.suse.com/security/cve/CVE-2025-37765"
},
{
"category": "external",
"summary": "SUSE Bug 1242761 for CVE-2025-37765",
"url": "https://bugzilla.suse.com/1242761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37765"
},
{
"cve": "CVE-2025-37766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37766",
"url": "https://www.suse.com/security/cve/CVE-2025-37766"
},
{
"category": "external",
"summary": "SUSE Bug 1242785 for CVE-2025-37766",
"url": "https://bugzilla.suse.com/1242785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37766"
},
{
"cve": "CVE-2025-37767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37767",
"url": "https://www.suse.com/security/cve/CVE-2025-37767"
},
{
"category": "external",
"summary": "SUSE Bug 1242501 for CVE-2025-37767",
"url": "https://bugzilla.suse.com/1242501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37767"
},
{
"cve": "CVE-2025-37768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37768",
"url": "https://www.suse.com/security/cve/CVE-2025-37768"
},
{
"category": "external",
"summary": "SUSE Bug 1242567 for CVE-2025-37768",
"url": "https://bugzilla.suse.com/1242567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37768"
},
{
"cve": "CVE-2025-37769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm/smu11: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n(cherry picked from commit da7dc714a8f8e1c9fc33c57cd63583779a3bef71)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37769",
"url": "https://www.suse.com/security/cve/CVE-2025-37769"
},
{
"category": "external",
"summary": "SUSE Bug 1242587 for CVE-2025-37769",
"url": "https://bugzilla.suse.com/1242587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37769"
},
{
"cve": "CVE-2025-37770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37770",
"url": "https://www.suse.com/security/cve/CVE-2025-37770"
},
{
"category": "external",
"summary": "SUSE Bug 1242764 for CVE-2025-37770",
"url": "https://bugzilla.suse.com/1242764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37770"
},
{
"cve": "CVE-2025-37771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37771",
"url": "https://www.suse.com/security/cve/CVE-2025-37771"
},
{
"category": "external",
"summary": "SUSE Bug 1242781 for CVE-2025-37771",
"url": "https://bugzilla.suse.com/1242781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37771"
},
{
"cve": "CVE-2025-37772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix workqueue crash in cma_netevent_work_handler\n\nstruct rdma_cm_id has member \"struct work_struct net_work\"\nthat is reused for enqueuing cma_netevent_work_handler()s\nonto cma_wq.\n\nBelow crash[1] can occur if more than one call to\ncma_netevent_callback() occurs in quick succession,\nwhich further enqueues cma_netevent_work_handler()s for the\nsame rdma_cm_id, overwriting any previously queued work-item(s)\nthat was just scheduled to run i.e. there is no guarantee\nthe queued work item may run between two successive calls\nto cma_netevent_callback() and the 2nd INIT_WORK would overwrite\nthe 1st work item (for the same rdma_cm_id), despite grabbing\nid_table_lock during enqueue.\n\nAlso drgn analysis [2] indicates the work item was likely overwritten.\n\nFix this by moving the INIT_WORK() to __rdma_create_id(),\nso that it doesn\u0027t race with any existing queue_work() or\nits worker thread.\n\n[1] Trimmed crash stack:\n=============================================\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nkworker/u256:6 ... 6.12.0-0...\nWorkqueue: cma_netevent_work_handler [rdma_cm] (rdma_cm)\nRIP: 0010:process_one_work+0xba/0x31a\nCall Trace:\n worker_thread+0x266/0x3a0\n kthread+0xcf/0x100\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x1a/0x30\n=============================================\n\n[2] drgn crash analysis:\n\n\u003e\u003e\u003e trace = prog.crashed_thread().stack_trace()\n\u003e\u003e\u003e trace\n(0) crash_setup_regs (./arch/x86/include/asm/kexec.h:111:15)\n(1) __crash_kexec (kernel/crash_core.c:122:4)\n(2) panic (kernel/panic.c:399:3)\n(3) oops_end (arch/x86/kernel/dumpstack.c:382:3)\n...\n(8) process_one_work (kernel/workqueue.c:3168:2)\n(9) process_scheduled_works (kernel/workqueue.c:3310:3)\n(10) worker_thread (kernel/workqueue.c:3391:4)\n(11) kthread (kernel/kthread.c:389:9)\n\nLine workqueue.c:3168 for this kernel version is in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n\n\u003e\u003e\u003e trace[8][\"work\"]\n*(struct work_struct *)0xffff92577d0a21d8 = {\n\t.data = (atomic_long_t){\n\t\t.counter = (s64)536870912, \u003c=== Note\n\t},\n\t.entry = (struct list_head){\n\t\t.next = (struct list_head *)0xffff924d075924c0,\n\t\t.prev = (struct list_head *)0xffff924d075924c0,\n\t},\n\t.func = (work_func_t)cma_netevent_work_handler+0x0 = 0xffffffffc2cec280,\n}\n\nSuspicion is that pwq is NULL:\n\u003e\u003e\u003e trace[8][\"pwq\"]\n(struct pool_workqueue *)\u003cabsent\u003e\n\nIn process_one_work(), pwq is assigned from:\nstruct pool_workqueue *pwq = get_work_pwq(work);\n\nand get_work_pwq() is:\nstatic struct pool_workqueue *get_work_pwq(struct work_struct *work)\n{\n \tunsigned long data = atomic_long_read(\u0026work-\u003edata);\n\n \tif (data \u0026 WORK_STRUCT_PWQ)\n \t\treturn work_struct_pwq(data);\n \telse\n \t\treturn NULL;\n}\n\nWORK_STRUCT_PWQ is 0x4:\n\u003e\u003e\u003e print(repr(prog[\u0027WORK_STRUCT_PWQ\u0027]))\nObject(prog, \u0027enum work_flags\u0027, value=4)\n\nBut work-\u003edata is 536870912 which is 0x20000000.\nSo, get_work_pwq() returns NULL and we crash in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n=============================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37772",
"url": "https://www.suse.com/security/cve/CVE-2025-37772"
},
{
"category": "external",
"summary": "SUSE Bug 1242563 for CVE-2025-37772",
"url": "https://bugzilla.suse.com/1242563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37772"
},
{
"cve": "CVE-2025-37781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: cros-ec-tunnel: defer probe if parent EC is not present\n\nWhen i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent\ndevice will not be found, leading to NULL pointer dereference.\n\nThat can also be reproduced by unbinding the controller driver and then\nloading i2c-cros-ec-tunnel module (or binding the device).\n\n[ 271.991245] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 271.998215] #PF: supervisor read access in kernel mode\n[ 272.003351] #PF: error_code(0x0000) - not-present page\n[ 272.008485] PGD 0 P4D 0\n[ 272.011022] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 272.015207] CPU: 0 UID: 0 PID: 3859 Comm: insmod Tainted: G S 6.15.0-rc1-00004-g44722359ed83 #30 PREEMPT(full) 3c7fb39a552e7d949de2ad921a7d6588d3a4fdc5\n[ 272.030312] Tainted: [S]=CPU_OUT_OF_SPEC\n[ 272.034233] Hardware name: HP Berknip/Berknip, BIOS Google_Berknip.13434.356.0 05/17/2021\n[ 272.042400] RIP: 0010:ec_i2c_probe+0x2b/0x1c0 [i2c_cros_ec_tunnel]\n[ 272.048577] Code: 1f 44 00 00 41 57 41 56 41 55 41 54 53 48 83 ec 10 65 48 8b 05 06 a0 6c e7 48 89 44 24 08 4c 8d 7f 10 48 8b 47 50 4c 8b 60 78 \u003c49\u003e 83 7c 24 58 00 0f 84 2f 01 00 00 48 89 fb be 30 06 00 00 4c 9\n[ 272.067317] RSP: 0018:ffffa32082a03940 EFLAGS: 00010282\n[ 272.072541] RAX: ffff969580b6a810 RBX: ffff969580b68c10 RCX: 0000000000000000\n[ 272.079672] RDX: 0000000000000000 RSI: 0000000000000282 RDI: ffff969580b68c00\n[ 272.086804] RBP: 00000000fffffdfb R08: 0000000000000000 R09: 0000000000000000\n[ 272.093936] R10: 0000000000000000 R11: ffffffffc0600000 R12: 0000000000000000\n[ 272.101067] R13: ffffffffa666fbb8 R14: ffffffffc05b5528 R15: ffff969580b68c10\n[ 272.108198] FS: 00007b930906fc40(0000) GS:ffff969603149000(0000) knlGS:0000000000000000\n[ 272.116282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 272.122024] CR2: 0000000000000058 CR3: 000000012631c000 CR4: 00000000003506f0\n[ 272.129155] Call Trace:\n[ 272.131606] \u003cTASK\u003e\n[ 272.133709] ? acpi_dev_pm_attach+0xdd/0x110\n[ 272.137985] platform_probe+0x69/0xa0\n[ 272.141652] really_probe+0x152/0x310\n[ 272.145318] __driver_probe_device+0x77/0x110\n[ 272.149678] driver_probe_device+0x1e/0x190\n[ 272.153864] __driver_attach+0x10b/0x1e0\n[ 272.157790] ? driver_attach+0x20/0x20\n[ 272.161542] bus_for_each_dev+0x107/0x150\n[ 272.165553] bus_add_driver+0x15d/0x270\n[ 272.169392] driver_register+0x65/0x110\n[ 272.173232] ? cleanup_module+0xa80/0xa80 [i2c_cros_ec_tunnel 3a00532f3f4af4a9eade753f86b0f8dd4e4e5698]\n[ 272.182617] do_one_initcall+0x110/0x350\n[ 272.186543] ? security_kernfs_init_security+0x49/0xd0\n[ 272.191682] ? __kernfs_new_node+0x1b9/0x240\n[ 272.195954] ? security_kernfs_init_security+0x49/0xd0\n[ 272.201093] ? __kernfs_new_node+0x1b9/0x240\n[ 272.205365] ? kernfs_link_sibling+0x105/0x130\n[ 272.209810] ? kernfs_next_descendant_post+0x1c/0xa0\n[ 272.214773] ? kernfs_activate+0x57/0x70\n[ 272.218699] ? kernfs_add_one+0x118/0x160\n[ 272.222710] ? __kernfs_create_file+0x71/0xa0\n[ 272.227069] ? sysfs_add_bin_file_mode_ns+0xd6/0x110\n[ 272.232033] ? internal_create_group+0x453/0x4a0\n[ 272.236651] ? __vunmap_range_noflush+0x214/0x2d0\n[ 272.241355] ? __free_frozen_pages+0x1dc/0x420\n[ 272.245799] ? free_vmap_area_noflush+0x10a/0x1c0\n[ 272.250505] ? load_module+0x1509/0x16f0\n[ 272.254431] do_init_module+0x60/0x230\n[ 272.258181] __se_sys_finit_module+0x27a/0x370\n[ 272.262627] do_syscall_64+0x6a/0xf0\n[ 272.266206] ? do_syscall_64+0x76/0xf0\n[ 272.269956] ? irqentry_exit_to_user_mode+0x79/0x90\n[ 272.274836] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n[ 272.279887] RIP: 0033:0x7b9309168d39\n[ 272.283466] Code: 5b 41 5c 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d af 40 0c 00 f7 d8 64 89 01 8\n[ 272.302210] RSP: 002b:00007fff50f1a288 EFLAGS: 00000246 ORIG_RAX: 000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37781",
"url": "https://www.suse.com/security/cve/CVE-2025-37781"
},
{
"category": "external",
"summary": "SUSE Bug 1242575 for CVE-2025-37781",
"url": "https://bugzilla.suse.com/1242575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37781"
},
{
"cve": "CVE-2025-37782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37782"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37782",
"url": "https://www.suse.com/security/cve/CVE-2025-37782"
},
{
"category": "external",
"summary": "SUSE Bug 1242770 for CVE-2025-37782",
"url": "https://bugzilla.suse.com/1242770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37782"
},
{
"cve": "CVE-2025-37786",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37786"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: free routing table on probe failure\n\nIf complete = true in dsa_tree_setup(), it means that we are the last\nswitch of the tree which is successfully probing, and we should be\nsetting up all switches from our probe path.\n\nAfter \"complete\" becomes true, dsa_tree_setup_cpu_ports() or any\nsubsequent function may fail. If that happens, the entire tree setup is\nin limbo: the first N-1 switches have successfully finished probing\n(doing nothing but having allocated persistent memory in the tree\u0027s\ndst-\u003eports, and maybe dst-\u003ertable), and switch N failed to probe, ending\nthe tree setup process before anything is tangible from the user\u0027s PoV.\n\nIf switch N fails to probe, its memory (ports) will be freed and removed\nfrom dst-\u003eports. However, the dst-\u003ertable elements pointing to its ports,\nas created by dsa_link_touch(), will remain there, and will lead to\nuse-after-free if dereferenced.\n\nIf dsa_tree_setup_switches() returns -EPROBE_DEFER, which is entirely\npossible because that is where ds-\u003eops-\u003esetup() is, we get a kasan\nreport like this:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mv88e6xxx_setup_upstream_port+0x240/0x568\nRead of size 8 at addr ffff000004f56020 by task kworker/u8:3/42\n\nCall trace:\n __asan_report_load8_noabort+0x20/0x30\n mv88e6xxx_setup_upstream_port+0x240/0x568\n mv88e6xxx_setup+0xebc/0x1eb0\n dsa_register_switch+0x1af4/0x2ae0\n mv88e6xxx_register_switch+0x1b8/0x2a8\n mv88e6xxx_probe+0xc4c/0xf60\n mdio_probe+0x78/0xb8\n really_probe+0x2b8/0x5a8\n __driver_probe_device+0x164/0x298\n driver_probe_device+0x78/0x258\n __device_attach_driver+0x274/0x350\n\nAllocated by task 42:\n __kasan_kmalloc+0x84/0xa0\n __kmalloc_cache_noprof+0x298/0x490\n dsa_switch_touch_ports+0x174/0x3d8\n dsa_register_switch+0x800/0x2ae0\n mv88e6xxx_register_switch+0x1b8/0x2a8\n mv88e6xxx_probe+0xc4c/0xf60\n mdio_probe+0x78/0xb8\n really_probe+0x2b8/0x5a8\n __driver_probe_device+0x164/0x298\n driver_probe_device+0x78/0x258\n __device_attach_driver+0x274/0x350\n\nFreed by task 42:\n __kasan_slab_free+0x48/0x68\n kfree+0x138/0x418\n dsa_register_switch+0x2694/0x2ae0\n mv88e6xxx_register_switch+0x1b8/0x2a8\n mv88e6xxx_probe+0xc4c/0xf60\n mdio_probe+0x78/0xb8\n really_probe+0x2b8/0x5a8\n __driver_probe_device+0x164/0x298\n driver_probe_device+0x78/0x258\n __device_attach_driver+0x274/0x350\n\nThe simplest way to fix the bug is to delete the routing table in its\nentirety. dsa_tree_setup_routing_table() has no problem in regenerating\nit even if we deleted links between ports other than those of switch N,\nbecause dsa_link_touch() first checks whether the port pair already\nexists in dst-\u003ertable, allocating if not.\n\nThe deletion of the routing table in its entirety already exists in\ndsa_tree_teardown(), so refactor that into a function that can also be\ncalled from the tree setup error path.\n\nIn my analysis of the commit to blame, it is the one which added\ndsa_link elements to dst-\u003ertable. Prior to that, each switch had its own\nds-\u003ertable which is freed when the switch fails to probe. But the tree\nis potentially persistent memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37786",
"url": "https://www.suse.com/security/cve/CVE-2025-37786"
},
{
"category": "external",
"summary": "SUSE Bug 1242725 for CVE-2025-37786",
"url": "https://bugzilla.suse.com/1242725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37786"
},
{
"cve": "CVE-2025-37788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path\n\nIn the for loop used to allocate the loc_array and bmap for each port, a\nmemory leak is possible when the allocation for loc_array succeeds,\nbut the allocation for bmap fails. This is because when the control flow\ngoes to the label free_eth_finfo, only the allocations starting from\n(i-1)th iteration are freed.\n\nFix that by freeing the loc_array in the bmap allocation error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37788",
"url": "https://www.suse.com/security/cve/CVE-2025-37788"
},
{
"category": "external",
"summary": "SUSE Bug 1242766 for CVE-2025-37788",
"url": "https://bugzilla.suse.com/1242766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37788"
},
{
"cve": "CVE-2025-37791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll()\n\nrpl is passed as a pointer to ethtool_cmis_module_poll(), so the correct\nsize of rpl is sizeof(*rpl) which should be just 1 byte. Using the\npointer size instead can cause stack corruption:\n\nKernel panic - not syncing: stack-protector: Kernel stack is corrupted in: ethtool_cmis_wait_for_cond+0xf4/0x100\nCPU: 72 UID: 0 PID: 4440 Comm: kworker/72:2 Kdump: loaded Tainted: G OE 6.11.0 #24\nTainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\nHardware name: Dell Inc. PowerEdge R760/04GWWM, BIOS 1.6.6 09/20/2023\nWorkqueue: events module_flash_fw_work\nCall Trace:\n \u003cTASK\u003e\n panic+0x339/0x360\n ? ethtool_cmis_wait_for_cond+0xf4/0x100\n ? __pfx_status_success+0x10/0x10\n ? __pfx_status_fail+0x10/0x10\n __stack_chk_fail+0x10/0x10\n ethtool_cmis_wait_for_cond+0xf4/0x100\n ethtool_cmis_cdb_execute_cmd+0x1fc/0x330\n ? __pfx_status_fail+0x10/0x10\n cmis_cdb_module_features_get+0x6d/0xd0\n ethtool_cmis_cdb_init+0x8a/0xd0\n ethtool_cmis_fw_update+0x46/0x1d0\n module_flash_fw_work+0x17/0xa0\n process_one_work+0x179/0x390\n worker_thread+0x239/0x340\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xcc/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2d/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37791",
"url": "https://www.suse.com/security/cve/CVE-2025-37791"
},
{
"category": "external",
"summary": "SUSE Bug 1242729 for CVE-2025-37791",
"url": "https://bugzilla.suse.com/1242729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37791"
},
{
"cve": "CVE-2025-37792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: Prevent potential NULL dereference\n\nThe btrtl_initialize() function checks that rtl_load_file() either\nhad an error or it loaded a zero length file. However, if it loaded\na zero length file then the error code is not set correctly. It\nresults in an error pointer vs NULL bug, followed by a NULL pointer\ndereference. This was detected by Smatch:\n\ndrivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to \u0027ERR_PTR\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37792",
"url": "https://www.suse.com/security/cve/CVE-2025-37792"
},
{
"category": "external",
"summary": "SUSE Bug 1242591 for CVE-2025-37792",
"url": "https://bugzilla.suse.com/1242591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37792"
},
{
"cve": "CVE-2025-37793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\navs_component_probe() does not check for this case, which results in a\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37793",
"url": "https://www.suse.com/security/cve/CVE-2025-37793"
},
{
"category": "external",
"summary": "SUSE Bug 1242584 for CVE-2025-37793",
"url": "https://bugzilla.suse.com/1242584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37793"
},
{
"cve": "CVE-2025-37794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Purge vif txq in ieee80211_do_stop()\n\nAfter ieee80211_do_stop() SKB from vif\u0027s txq could still be processed.\nIndeed another concurrent vif schedule_and_wake_txq call could cause\nthose packets to be dequeued (see ieee80211_handle_wake_tx_queue())\nwithout checking the sdata current state.\n\nBecause vif.drv_priv is now cleared in this function, this could lead to\ndriver crash.\n\nFor example in ath12k, ahvif is store in vif.drv_priv. Thus if\nath12k_mac_op_tx() is called after ieee80211_do_stop(), ahvif-\u003eah can be\nNULL, leading the ath12k_warn(ahvif-\u003eah,...) call in this function to\ntrigger the NULL deref below.\n\n Unable to handle kernel paging request at virtual address dfffffc000000001\n KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n batman_adv: bat0: Interface deactivated: brbh1337\n Mem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n [dfffffc000000001] address between user and kernel address ranges\n Internal error: Oops: 0000000096000004 [#1] SMP\n CPU: 1 UID: 0 PID: 978 Comm: lbd Not tainted 6.13.0-g633f875b8f1e #114\n Hardware name: HW (DT)\n pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k]\n lr : ath12k_mac_op_tx+0x174/0x29b8 [ath12k]\n sp : ffffffc086ace450\n x29: ffffffc086ace450 x28: 0000000000000000 x27: 1ffffff810d59ca4\n x26: ffffff801d05f7c0 x25: 0000000000000000 x24: 000000004000001e\n x23: ffffff8009ce4926 x22: ffffff801f9c0800 x21: ffffff801d05f7f0\n x20: ffffff8034a19f40 x19: 0000000000000000 x18: ffffff801f9c0958\n x17: ffffff800bc0a504 x16: dfffffc000000000 x15: ffffffc086ace4f8\n x14: ffffff801d05f83c x13: 0000000000000000 x12: ffffffb003a0bf03\n x11: 0000000000000000 x10: ffffffb003a0bf02 x9 : ffffff8034a19f40\n x8 : ffffff801d05f818 x7 : 1ffffff0069433dc x6 : ffffff8034a19ee0\n x5 : ffffff801d05f7f0 x4 : 0000000000000000 x3 : 0000000000000001\n x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000008\n Call trace:\n ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k] (P)\n ieee80211_handle_wake_tx_queue+0x16c/0x260\n ieee80211_queue_skb+0xeec/0x1d20\n ieee80211_tx+0x200/0x2c8\n ieee80211_xmit+0x22c/0x338\n __ieee80211_subif_start_xmit+0x7e8/0xc60\n ieee80211_subif_start_xmit+0xc4/0xee0\n __ieee80211_subif_start_xmit_8023.isra.0+0x854/0x17a0\n ieee80211_subif_start_xmit_8023+0x124/0x488\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n br_dev_queue_push_xmit+0x120/0x4a8\n __br_forward+0xe4/0x2b0\n deliver_clone+0x5c/0xd0\n br_flood+0x398/0x580\n br_dev_xmit+0x454/0x9f8\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n ip6_finish_output2+0xc28/0x1b60\n __ip6_finish_output+0x38c/0x638\n ip6_output+0x1b4/0x338\n ip6_local_out+0x7c/0xa8\n ip6_send_skb+0x7c/0x1b0\n ip6_push_pending_frames+0x94/0xd0\n rawv6_sendmsg+0x1a98/0x2898\n inet_sendmsg+0x94/0xe0\n __sys_sendto+0x1e4/0x308\n __arm64_sys_sendto+0xc4/0x140\n do_el0_svc+0x110/0x280\n el0_svc+0x20/0x60\n el0t_64_sync_handler+0x104/0x138\n el0t_64_sync+0x154/0x158\n\nTo avoid that, empty vif\u0027s txq at ieee80211_do_stop() so no packet could\nbe dequeued after ieee80211_do_stop() (new packets cannot be queued\nbecause SDATA_STATE_RUNNING is cleared at this point).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37794",
"url": "https://www.suse.com/security/cve/CVE-2025-37794"
},
{
"category": "external",
"summary": "SUSE Bug 1242566 for CVE-2025-37794",
"url": "https://bugzilla.suse.com/1242566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37794"
},
{
"cve": "CVE-2025-37796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: at76c50x: fix use after free access in at76_disconnect\n\nThe memory pointed to by priv is freed at the end of at76_delete_device\nfunction (using ieee80211_free_hw). But the code then accesses the udev\nfield of the freed object to put the USB device. This may also lead to a\nmemory leak of the usb device. Fix this by using udev from interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37796",
"url": "https://www.suse.com/security/cve/CVE-2025-37796"
},
{
"category": "external",
"summary": "SUSE Bug 1242727 for CVE-2025-37796",
"url": "https://bugzilla.suse.com/1242727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37796"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix potential NULL pointer dereference in dev_uevent()\n\nIf userspace reads \"uevent\" device attribute at the same time as another\nthreads unbinds the device from its driver, change to dev-\u003edriver from a\nvalid pointer to NULL may result in crash. Fix this by using READ_ONCE()\nwhen fetching the pointer, and take bus\u0027 drivers klist lock to make sure\ndriver instance will not disappear while we access it.\n\nUse WRITE_ONCE() when setting the driver pointer to ensure there is no\ntearing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37800",
"url": "https://www.suse.com/security/cve/CVE-2025-37800"
},
{
"category": "external",
"summary": "SUSE Bug 1242849 for CVE-2025-37800",
"url": "https://bugzilla.suse.com/1242849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37800"
},
{
"cve": "CVE-2025-37801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37801"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-imx: Add check for spi_imx_setupxfer()\n\nAdd check for the return value of spi_imx_setupxfer().\nspi_imx-\u003erx and spi_imx-\u003etx function pointer can be NULL when\nspi_imx_setupxfer() return error, and make NULL pointer dereference.\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n Call trace:\n 0x0\n spi_imx_pio_transfer+0x50/0xd8\n spi_imx_transfer_one+0x18c/0x858\n spi_transfer_one_message+0x43c/0x790\n __spi_pump_transfer_message+0x238/0x5d4\n __spi_sync+0x2b0/0x454\n spi_write_then_read+0x11c/0x200",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37801",
"url": "https://www.suse.com/security/cve/CVE-2025-37801"
},
{
"category": "external",
"summary": "SUSE Bug 1242850 for CVE-2025-37801",
"url": "https://bugzilla.suse.com/1242850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37801"
},
{
"cve": "CVE-2025-37805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsound/virtio: Fix cancel_sync warnings on uninitialized work_structs\n\nBetty reported hitting the following warning:\n\n[ 8.709131][ T221] WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182\n...\n[ 8.713282][ T221] Call trace:\n[ 8.713365][ T221] __flush_work+0x8d0/0x914\n[ 8.713468][ T221] __cancel_work_sync+0xac/0xfc\n[ 8.713570][ T221] cancel_work_sync+0x24/0x34\n[ 8.713667][ T221] virtsnd_remove+0xa8/0xf8 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.713868][ T221] virtsnd_probe+0x48c/0x664 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.714035][ T221] virtio_dev_probe+0x28c/0x390\n[ 8.714139][ T221] really_probe+0x1bc/0x4c8\n...\n\nIt seems we\u0027re hitting the error path in virtsnd_probe(), which\ntriggers a virtsnd_remove() which iterates over the substreams\ncalling cancel_work_sync() on the elapsed_period work_struct.\n\nLooking at the code, from earlier in:\nvirtsnd_probe()-\u003evirtsnd_build_devs()-\u003evirtsnd_pcm_parse_cfg()\n\nWe set snd-\u003ensubstreams, allocate the snd-\u003esubstreams, and if\nwe then hit an error on the info allocation or something in\nvirtsnd_ctl_query_info() fails, we will exit without having\ninitialized the elapsed_period work_struct.\n\nWhen that error path unwinds we then call virtsnd_remove()\nwhich as long as the substreams array is allocated, will iterate\nthrough calling cancel_work_sync() on the uninitialized work\nstruct hitting this warning.\n\nTakashi Iwai suggested this fix, which initializes the substreams\nstructure right after allocation, so that if we hit the error\npaths we avoid trying to cleanup uninitialized data.\n\nNote: I have not yet managed to reproduce the issue myself, so\nthis patch has had limited testing.\n\nFeedback or thoughts would be appreciated!",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37805",
"url": "https://www.suse.com/security/cve/CVE-2025-37805"
},
{
"category": "external",
"summary": "SUSE Bug 1242930 for CVE-2025-37805",
"url": "https://bugzilla.suse.com/1242930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37805"
},
{
"cve": "CVE-2025-37810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: check that event count does not exceed event buffer length\n\nThe event count is read from register DWC3_GEVNTCOUNT.\nThere is a check for the count being zero, but not for exceeding the\nevent buffer length.\nCheck that event count does not exceed event buffer length,\navoiding an out-of-bounds access when memcpy\u0027ing the event.\nCrash log:\nUnable to handle kernel paging request at virtual address ffffffc0129be000\npc : __memcpy+0x114/0x180\nlr : dwc3_check_event_buf+0xec/0x348\nx3 : 0000000000000030 x2 : 000000000000dfc4\nx1 : ffffffc0129be000 x0 : ffffff87aad60080\nCall trace:\n__memcpy+0x114/0x180\ndwc3_interrupt+0x24/0x34",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37810",
"url": "https://www.suse.com/security/cve/CVE-2025-37810"
},
{
"category": "external",
"summary": "SUSE Bug 1242906 for CVE-2025-37810",
"url": "https://bugzilla.suse.com/1242906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37810"
},
{
"cve": "CVE-2025-37811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: chipidea: ci_hdrc_imx: fix usbmisc handling\n\nusbmisc is an optional device property so it is totally valid for the\ncorresponding data-\u003eusbmisc_data to have a NULL value.\n\nCheck that before dereferencing the pointer.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37811",
"url": "https://www.suse.com/security/cve/CVE-2025-37811"
},
{
"category": "external",
"summary": "SUSE Bug 1242907 for CVE-2025-37811",
"url": "https://bugzilla.suse.com/1242907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37811"
},
{
"cve": "CVE-2025-37812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: Fix deadlock when using NCM gadget\n\nThe cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit\n58f2fcb3a845 (\"usb: cdnsp: Fix deadlock issue during using NCM gadget\").\n\nUnder PREEMPT_RT the deadlock can be readily triggered by heavy network\ntraffic, for example using \"iperf --bidir\" over NCM ethernet link.\n\nThe deadlock occurs because the threaded interrupt handler gets\npreempted by a softirq, but both are protected by the same spinlock.\nPrevent deadlock by disabling softirq during threaded irq handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37812",
"url": "https://www.suse.com/security/cve/CVE-2025-37812"
},
{
"category": "external",
"summary": "SUSE Bug 1242908 for CVE-2025-37812",
"url": "https://bugzilla.suse.com/1242908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37812"
},
{
"cve": "CVE-2025-37813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix invalid pointer dereference in Etron workaround\n\nThis check is performed before prepare_transfer() and prepare_ring(), so\nenqueue can already point at the final link TRB of a segment. And indeed\nit will, some 0.4% of times this code is called.\n\nThen enqueue + 1 is an invalid pointer. It will crash the kernel right\naway or load some junk which may look like a link TRB and cause the real\nlink TRB to be replaced with a NOOP. This wouldn\u0027t end well.\n\nUse a functionally equivalent test which doesn\u0027t dereference the pointer\nand always gives correct result.\n\nSomething has crashed my machine twice in recent days while playing with\nan Etron HC, and a control transfer stress test ran for confirmation has\njust crashed it again. The same test passes with this patch applied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37813",
"url": "https://www.suse.com/security/cve/CVE-2025-37813"
},
{
"category": "external",
"summary": "SUSE Bug 1242909 for CVE-2025-37813",
"url": "https://bugzilla.suse.com/1242909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37813"
},
{
"cve": "CVE-2025-37814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: Require CAP_SYS_ADMIN for all usages of TIOCL_SELMOUSEREPORT\n\nThis requirement was overeagerly loosened in commit 2f83e38a095f\n(\"tty: Permit some TIOCL_SETSEL modes without CAP_SYS_ADMIN\"), but as\nit turns out,\n\n (1) the logic I implemented there was inconsistent (apologies!),\n\n (2) TIOCL_SELMOUSEREPORT might actually be a small security risk\n after all, and\n\n (3) TIOCL_SELMOUSEREPORT is only meant to be used by the mouse\n daemon (GPM or Consolation), which runs as CAP_SYS_ADMIN\n already.\n\nIn more detail:\n\n1. The previous patch has inconsistent logic:\n\n In commit 2f83e38a095f (\"tty: Permit some TIOCL_SETSEL modes\n without CAP_SYS_ADMIN\"), we checked for sel_mode ==\n TIOCL_SELMOUSEREPORT, but overlooked that the lower four bits of\n this \"mode\" parameter were actually used as an additional way to\n pass an argument. So the patch did actually still require\n CAP_SYS_ADMIN, if any of the mouse button bits are set, but did not\n require it if none of the mouse buttons bits are set.\n\n This logic is inconsistent and was not intentional. We should have\n the same policies for using TIOCL_SELMOUSEREPORT independent of the\n value of the \"hidden\" mouse button argument.\n\n I sent a separate documentation patch to the man page list with\n more details on TIOCL_SELMOUSEREPORT:\n https://lore.kernel.org/all/20250223091342.35523-2-gnoack3000@gmail.com/\n\n2. TIOCL_SELMOUSEREPORT is indeed a potential security risk which can\n let an attacker simulate \"keyboard\" input to command line\n applications on the same terminal, like TIOCSTI and some other\n TIOCLINUX \"selection mode\" IOCTLs.\n\n By enabling mouse reporting on a terminal and then injecting mouse\n reports through TIOCL_SELMOUSEREPORT, an attacker can simulate\n mouse movements on the same terminal, similar to the TIOCSTI\n keystroke injection attacks that were previously possible with\n TIOCSTI and other TIOCL_SETSEL selection modes.\n\n Many programs (including libreadline/bash) are then prone to\n misinterpret these mouse reports as normal keyboard input because\n they do not expect input in the X11 mouse protocol form. The\n attacker does not have complete control over the escape sequence,\n but they can at least control the values of two consecutive bytes\n in the binary mouse reporting escape sequence.\n\n I went into more detail on that in the discussion at\n https://lore.kernel.org/all/20250221.0a947528d8f3@gnoack.org/\n\n It is not equally trivial to simulate arbitrary keystrokes as it\n was with TIOCSTI (commit 83efeeeb3d04 (\"tty: Allow TIOCSTI to be\n disabled\")), but the general mechanism is there, and together with\n the small number of existing legit use cases (see below), it would\n be better to revert back to requiring CAP_SYS_ADMIN for\n TIOCL_SELMOUSEREPORT, as it was already the case before\n commit 2f83e38a095f (\"tty: Permit some TIOCL_SETSEL modes without\n CAP_SYS_ADMIN\").\n\n3. TIOCL_SELMOUSEREPORT is only used by the mouse daemons (GPM or\n Consolation), and they are the only legit use case:\n\n To quote console_codes(4):\n\n The mouse tracking facility is intended to return\n xterm(1)-compatible mouse status reports. Because the console\n driver has no way to know the device or type of the mouse, these\n reports are returned in the console input stream only when the\n virtual terminal driver receives a mouse update ioctl. These\n ioctls must be generated by a mouse-aware user-mode application\n such as the gpm(8) daemon.\n\n Jared Finder has also confirmed in\n https://lore.kernel.org/all/491f3df9de6593df8e70dbe77614b026@finder.org/\n that Emacs does not call TIOCL_SELMOUSEREPORT directly, and it\n would be difficult to find good reasons for doing that, given that\n it would interfere with the reports that GPM is sending.\n\n More information on the interaction between GPM, terminals and th\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37814",
"url": "https://www.suse.com/security/cve/CVE-2025-37814"
},
{
"category": "external",
"summary": "SUSE Bug 1242865 for CVE-2025-37814",
"url": "https://bugzilla.suse.com/1242865"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37814"
},
{
"cve": "CVE-2025-37815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration\n\nResolve kernel panic while accessing IRQ handler associated with the\ngenerated IRQ. This is done by acquiring the spinlock and storing the\ncurrent interrupt state before handling the interrupt request using\ngeneric_handle_irq.\n\nA previous fix patch was submitted where \u0027generic_handle_irq\u0027 was\nreplaced with \u0027handle_nested_irq\u0027. However, this change also causes\nthe kernel panic where after determining which GPIO triggered the\ninterrupt and attempting to call handle_nested_irq with the mapped\nIRQ number, leads to a failure in locating the registered handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37815",
"url": "https://www.suse.com/security/cve/CVE-2025-37815"
},
{
"category": "external",
"summary": "SUSE Bug 1242871 for CVE-2025-37815",
"url": "https://bugzilla.suse.com/1242871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37815"
},
{
"cve": "CVE-2025-37816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37816"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmei: vsc: Fix fortify-panic caused by invalid counted_by() use\n\ngcc 15 honors the __counted_by(len) attribute on vsc_tp_packet.buf[]\nand the vsc-tp.c code is using this in a wrong way. len does not contain\nthe available size in the buffer, it contains the actual packet length\n*without* the crc. So as soon as vsc_tp_xfer() tries to add the crc to\nbuf[] the fortify-panic handler gets triggered:\n\n[ 80.842193] memcpy: detected buffer overflow: 4 byte write of buffer size 0\n[ 80.842243] WARNING: CPU: 4 PID: 272 at lib/string_helpers.c:1032 __fortify_report+0x45/0x50\n...\n[ 80.843175] __fortify_panic+0x9/0xb\n[ 80.843186] vsc_tp_xfer.cold+0x67/0x67 [mei_vsc_hw]\n[ 80.843210] ? seqcount_lockdep_reader_access.constprop.0+0x82/0x90\n[ 80.843229] ? lockdep_hardirqs_on+0x7c/0x110\n[ 80.843250] mei_vsc_hw_start+0x98/0x120 [mei_vsc]\n[ 80.843270] mei_reset+0x11d/0x420 [mei]\n\nThe easiest fix would be to just drop the counted-by but with the exception\nof the ack buffer in vsc_tp_xfer_helper() which only contains enough room\nfor the packet-header, all other uses of vsc_tp_packet always use a buffer\nof VSC_TP_MAX_XFER_SIZE bytes for the packet.\n\nInstead of just dropping the counted-by, split the vsc_tp_packet struct\ndefinition into a header and a full-packet definition and use a fixed\nsize buf[] in the packet definition, this way fortify-source buffer\noverrun checking still works when enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37816",
"url": "https://www.suse.com/security/cve/CVE-2025-37816"
},
{
"category": "external",
"summary": "SUSE Bug 1242863 for CVE-2025-37816",
"url": "https://bugzilla.suse.com/1242863"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37816"
},
{
"cve": "CVE-2025-37819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()\n\nWith ACPI in place, gicv2m_get_fwnode() is registered with the pci\nsubsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime\nduring a PCI host bridge probe. But, the call back is wrongly marked as\n__init, causing it to be freed, while being registered with the PCI\nsubsystem and could trigger:\n\n Unable to handle kernel paging request at virtual address ffff8000816c0400\n gicv2m_get_fwnode+0x0/0x58 (P)\n pci_set_bus_msi_domain+0x74/0x88\n pci_register_host_bridge+0x194/0x548\n\nThis is easily reproducible on a Juno board with ACPI boot.\n\nRetain the function for later use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37819",
"url": "https://www.suse.com/security/cve/CVE-2025-37819"
},
{
"category": "external",
"summary": "SUSE Bug 1242873 for CVE-2025-37819",
"url": "https://bugzilla.suse.com/1242873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37819"
},
{
"cve": "CVE-2025-37836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix reference leak in pci_register_host_bridge()\n\nIf device_register() fails, call put_device() to give up the reference to\navoid a memory leak, per the comment at device_register().\n\nFound by code review.\n\n[bhelgaas: squash Dan Carpenter\u0027s double free fix from\nhttps://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37836",
"url": "https://www.suse.com/security/cve/CVE-2025-37836"
},
{
"category": "external",
"summary": "SUSE Bug 1242957 for CVE-2025-37836",
"url": "https://bugzilla.suse.com/1242957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37836"
},
{
"cve": "CVE-2025-37837",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37837"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent()\n\nTwo WARNINGs are observed when SMMU driver rolls back upon failure:\n arm-smmu-v3.9.auto: Failed to register iommu\n arm-smmu-v3.9.auto: probe with driver arm-smmu-v3 failed with error -22\n ------------[ cut here ]------------\n WARNING: CPU: 5 PID: 1 at kernel/dma/mapping.c:74 dmam_free_coherent+0xc0/0xd8\n Call trace:\n dmam_free_coherent+0xc0/0xd8 (P)\n tegra241_vintf_free_lvcmdq+0x74/0x188\n tegra241_cmdqv_remove_vintf+0x60/0x148\n tegra241_cmdqv_remove+0x48/0xc8\n arm_smmu_impl_remove+0x28/0x60\n devm_action_release+0x1c/0x40\n ------------[ cut here ]------------\n 128 pages are still in use!\n WARNING: CPU: 16 PID: 1 at mm/page_alloc.c:6902 free_contig_range+0x18c/0x1c8\n Call trace:\n free_contig_range+0x18c/0x1c8 (P)\n cma_release+0x154/0x2f0\n dma_free_contiguous+0x38/0xa0\n dma_direct_free+0x10c/0x248\n dma_free_attrs+0x100/0x290\n dmam_free_coherent+0x78/0xd8\n tegra241_vintf_free_lvcmdq+0x74/0x160\n tegra241_cmdqv_remove+0x98/0x198\n arm_smmu_impl_remove+0x28/0x60\n devm_action_release+0x1c/0x40\n\nThis is because the LVCMDQ queue memory are managed by devres, while that\ndmam_free_coherent() is called in the context of devm_action_release().\n\nJason pointed out that \"arm_smmu_impl_probe() has mis-ordered the devres\ncallbacks if ops-\u003edevice_remove() is going to be manually freeing things\nthat probe allocated\":\nhttps://lore.kernel.org/linux-iommu/20250407174408.GB1722458@nvidia.com/\n\nIn fact, tegra241_cmdqv_init_structures() only allocates memory resources\nwhich means any failure that it generates would be similar to -ENOMEM, so\nthere is no point in having that \"falling back to standard SMMU\" routine,\nas the standard SMMU would likely fail to allocate memory too.\n\nRemove the unwind part in tegra241_cmdqv_init_structures(), and return a\nproper error code to ask SMMU driver to call tegra241_cmdqv_remove() via\nimpl_ops-\u003edevice_remove(). Then, drop tegra241_vintf_free_lvcmdq() since\ndevres will take care of that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37837",
"url": "https://www.suse.com/security/cve/CVE-2025-37837"
},
{
"category": "external",
"summary": "SUSE Bug 1242952 for CVE-2025-37837",
"url": "https://bugzilla.suse.com/1242952"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37837"
},
{
"cve": "CVE-2025-37839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb-\u003es_sequence check\n\nJournal emptiness is not determined by sb-\u003es_sequence == 0 but rather by\nsb-\u003es_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37839",
"url": "https://www.suse.com/security/cve/CVE-2025-37839"
},
{
"category": "external",
"summary": "SUSE Bug 1242990 for CVE-2025-37839",
"url": "https://bugzilla.suse.com/1242990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37839"
},
{
"cve": "CVE-2025-37840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: fix PM resume warning\n\nFixed warning on PM resume as shown below caused due to uninitialized\nstruct nand_operation that checks chip select field :\nWARN_ON(op-\u003ecs \u003e= nanddev_ntargets(\u0026chip-\u003ebase)\n\n[ 14.588522] ------------[ cut here ]------------\n[ 14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8\n[ 14.588553] Modules linked in: bdc udc_core\n[ 14.588579] CPU: 0 UID: 0 PID: 1392 Comm: rtcwake Tainted: G W 6.14.0-rc4-g5394eea10651 #16\n[ 14.588590] Tainted: [W]=WARN\n[ 14.588593] Hardware name: Broadcom STB (Flattened Device Tree)\n[ 14.588598] Call trace:\n[ 14.588604] dump_backtrace from show_stack+0x18/0x1c\n[ 14.588622] r7:00000009 r6:0000008b r5:60000153 r4:c0fa558c\n[ 14.588625] show_stack from dump_stack_lvl+0x70/0x7c\n[ 14.588639] dump_stack_lvl from dump_stack+0x18/0x1c\n[ 14.588653] r5:c08d40b0 r4:c1003cb0\n[ 14.588656] dump_stack from __warn+0x84/0xe4\n[ 14.588668] __warn from warn_slowpath_fmt+0x18c/0x194\n[ 14.588678] r7:c08d40b0 r6:c1003cb0 r5:00000000 r4:00000000\n[ 14.588681] warn_slowpath_fmt from nand_reset_op+0x1e0/0x1f8\n[ 14.588695] r8:70c40dff r7:89705f41 r6:36b4a597 r5:c26c9444 r4:c26b0048\n[ 14.588697] nand_reset_op from brcmnand_resume+0x13c/0x150\n[ 14.588714] r9:00000000 r8:00000000 r7:c24f8010 r6:c228a3f8 r5:c26c94bc r4:c26b0040\n[ 14.588717] brcmnand_resume from platform_pm_resume+0x34/0x54\n[ 14.588735] r5:00000010 r4:c0840a50\n[ 14.588738] platform_pm_resume from dpm_run_callback+0x5c/0x14c\n[ 14.588757] dpm_run_callback from device_resume+0xc0/0x324\n[ 14.588776] r9:c24f8054 r8:c24f80a0 r7:00000000 r6:00000000 r5:00000010 r4:c24f8010\n[ 14.588779] device_resume from dpm_resume+0x130/0x160\n[ 14.588799] r9:c22539e4 r8:00000010 r7:c22bebb0 r6:c24f8010 r5:c22539dc r4:c22539b0\n[ 14.588802] dpm_resume from dpm_resume_end+0x14/0x20\n[ 14.588822] r10:c2204e40 r9:00000000 r8:c228a3fc r7:00000000 r6:00000003 r5:c228a414\n[ 14.588826] r4:00000010\n[ 14.588828] dpm_resume_end from suspend_devices_and_enter+0x274/0x6f8\n[ 14.588848] r5:c228a414 r4:00000000\n[ 14.588851] suspend_devices_and_enter from pm_suspend+0x228/0x2bc\n[ 14.588868] r10:c3502910 r9:c3501f40 r8:00000004 r7:c228a438 r6:c0f95e18 r5:00000000\n[ 14.588871] r4:00000003\n[ 14.588874] pm_suspend from state_store+0x74/0xd0\n[ 14.588889] r7:c228a438 r6:c0f934c8 r5:00000003 r4:00000003\n[ 14.588892] state_store from kobj_attr_store+0x1c/0x28\n[ 14.588913] r9:00000000 r8:00000000 r7:f09f9f08 r6:00000004 r5:c3502900 r4:c0283250\n[ 14.588916] kobj_attr_store from sysfs_kf_write+0x40/0x4c\n[ 14.588936] r5:c3502900 r4:c0d92a48\n[ 14.588939] sysfs_kf_write from kernfs_fop_write_iter+0x104/0x1f0\n[ 14.588956] r5:c3502900 r4:c3501f40\n[ 14.588960] kernfs_fop_write_iter from vfs_write+0x250/0x420\n[ 14.588980] r10:c0e14b48 r9:00000000 r8:c25f5780 r7:00443398 r6:f09f9f68 r5:c34f7f00\n[ 14.588983] r4:c042a88c\n[ 14.588987] vfs_write from ksys_write+0x74/0xe4\n[ 14.589005] r10:00000004 r9:c25f5780 r8:c02002fA0 r7:00000000 r6:00000000 r5:c34f7f00\n[ 14.589008] r4:c34f7f00\n[ 14.589011] ksys_write from sys_write+0x10/0x14\n[ 14.589029] r7:00000004 r6:004421c0 r5:00443398 r4:00000004\n[ 14.589032] sys_write from ret_fast_syscall+0x0/0x5c\n[ 14.589044] Exception stack(0xf09f9fa8 to 0xf09f9ff0)\n[ 14.589050] 9fa0: 00000004 00443398 00000004 00443398 00000004 00000001\n[ 14.589056] 9fc0: 00000004 00443398 004421c0 00000004 b6ecbd58 00000008 bebfbc38 0043eb78\n[ 14.589062] 9fe0: 00440eb0 bebfbaf8 b6de18a0 b6e579e8\n[ 14.589065] ---[ end trace 0000000000000000 ]---\n\nThe fix uses the higher level nand_reset(chip, chipnr); where chipnr = 0, when\ndoing PM resume operation in compliance with the controller support for single\ndie nand chip. Switching from nand_reset_op() to nan\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37840",
"url": "https://www.suse.com/security/cve/CVE-2025-37840"
},
{
"category": "external",
"summary": "SUSE Bug 1242953 for CVE-2025-37840",
"url": "https://bugzilla.suse.com/1242953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37840"
},
{
"cve": "CVE-2025-37841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npm: cpupower: bench: Prevent NULL dereference on malloc failure\n\nIf malloc returns NULL due to low memory, \u0027config\u0027 pointer can be NULL.\nAdd a check to prevent NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37841",
"url": "https://www.suse.com/security/cve/CVE-2025-37841"
},
{
"category": "external",
"summary": "SUSE Bug 1242974 for CVE-2025-37841",
"url": "https://bugzilla.suse.com/1242974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37841"
},
{
"cve": "CVE-2025-37844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: avoid NULL pointer dereference in dbg call\n\ncifs_server_dbg() implies server to be non-NULL so\nmove call under condition to avoid NULL pointer dereference.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37844",
"url": "https://www.suse.com/security/cve/CVE-2025-37844"
},
{
"category": "external",
"summary": "SUSE Bug 1242946 for CVE-2025-37844",
"url": "https://bugzilla.suse.com/1242946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37844"
},
{
"cve": "CVE-2025-37847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix deadlock in ivpu_ms_cleanup()\n\nFix deadlock in ivpu_ms_cleanup() by preventing runtime resume after\nfile_priv-\u003ems_lock is acquired.\n\nDuring a failure in runtime resume, a cold boot is executed, which\ncalls ivpu_ms_cleanup_all(). This function calls ivpu_ms_cleanup()\nthat acquires file_priv-\u003ems_lock and causes the deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37847",
"url": "https://www.suse.com/security/cve/CVE-2025-37847"
},
{
"category": "external",
"summary": "SUSE Bug 1242947 for CVE-2025-37847",
"url": "https://bugzilla.suse.com/1242947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37847"
},
{
"cve": "CVE-2025-37848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix PM related deadlocks in MS IOCTLs\n\nPrevent runtime resume/suspend while MS IOCTLs are in progress.\nFailed suspend will call ivpu_ms_cleanup() that would try to acquire\nfile_priv-\u003ems_lock, which is already held by the IOCTLs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37848",
"url": "https://www.suse.com/security/cve/CVE-2025-37848"
},
{
"category": "external",
"summary": "SUSE Bug 1242943 for CVE-2025-37848",
"url": "https://bugzilla.suse.com/1242943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37848"
},
{
"cve": "CVE-2025-37849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Tear down vGIC on failed vCPU creation\n\nIf kvm_arch_vcpu_create() fails to share the vCPU page with the\nhypervisor, we propagate the error back to the ioctl but leave the\nvGIC vCPU data initialised. Note only does this leak the corresponding\nmemory when the vCPU is destroyed but it can also lead to use-after-free\nif the redistributor device handling tries to walk into the vCPU.\n\nAdd the missing cleanup to kvm_arch_vcpu_create(), ensuring that the\nvGIC vCPU structures are destroyed on error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37849",
"url": "https://www.suse.com/security/cve/CVE-2025-37849"
},
{
"category": "external",
"summary": "SUSE Bug 1243000 for CVE-2025-37849",
"url": "https://bugzilla.suse.com/1243000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37849"
},
{
"cve": "CVE-2025-37850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()\n\nWith CONFIG_COMPILE_TEST \u0026\u0026 !CONFIG_HAVE_CLK, pwm_mediatek_config() has a\ndivide-by-zero in the following line:\n\n\tdo_div(resolution, clk_get_rate(pc-\u003eclk_pwms[pwm-\u003ehwpwm]));\n\ndue to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate()\nreturns zero.\n\nThis is presumably just a theoretical problem: COMPILE_TEST overrides\nthe dependency on RALINK which would select COMMON_CLK. Regardless it\u0027s\na good idea to check for the error explicitly to avoid divide-by-zero.\n\nFixes the following warning:\n\n drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section\n\n[ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37850",
"url": "https://www.suse.com/security/cve/CVE-2025-37850"
},
{
"category": "external",
"summary": "SUSE Bug 1242955 for CVE-2025-37850",
"url": "https://bugzilla.suse.com/1242955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37850"
},
{
"cve": "CVE-2025-37851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: Add \u0027plane\u0027 value check\n\nFunction dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB\nof the enum parameter plane.\n\nThe value of this parameter is initialized in dss_init_overlays and in the\ncurrent state of the code it cannot take this value so it\u0027s not a real\nproblem.\n\nFor the purposes of defensive coding it wouldn\u0027t be superfluous to check\nthe parameter value, because some functions down the call stack process\nthis value correctly and some not.\n\nFor example, in dispc_ovl_setup_global_alpha it may lead to buffer\noverflow.\n\nAdd check for this value.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37851",
"url": "https://www.suse.com/security/cve/CVE-2025-37851"
},
{
"category": "external",
"summary": "SUSE Bug 1242977 for CVE-2025-37851",
"url": "https://bugzilla.suse.com/1242977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37851"
},
{
"cve": "CVE-2025-37852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create()\n\nAdd error handling to propagate amdgpu_cgs_create_device() failures\nto the caller. When amdgpu_cgs_create_device() fails, release hwmgr\nand return -ENOMEM to prevent null pointer dereference.\n\n[v1]-\u003e[v2]: Change error code from -EINVAL to -ENOMEM. Free hwmgr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37852",
"url": "https://www.suse.com/security/cve/CVE-2025-37852"
},
{
"category": "external",
"summary": "SUSE Bug 1243074 for CVE-2025-37852",
"url": "https://bugzilla.suse.com/1243074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37852"
},
{
"cve": "CVE-2025-37853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: debugfs hang_hws skip GPU with MES\n\ndebugfs hang_hws is used by GPU reset test with HWS, for MES this crash\nthe kernel with NULL pointer access because dqm-\u003epacket_mgr is not setup\nfor MES path.\n\nSkip GPU with MES for now, MES hang_hws debugfs interface will be\nsupported later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37853",
"url": "https://www.suse.com/security/cve/CVE-2025-37853"
},
{
"category": "external",
"summary": "SUSE Bug 1243076 for CVE-2025-37853",
"url": "https://bugzilla.suse.com/1243076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37853"
},
{
"cve": "CVE-2025-37854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix mode1 reset crash issue\n\nIf HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal\nuser space to abort the processes. After process abort exit, user queues\nstill use the GPU to access system memory before h/w is reset while KFD\ncleanup worker free system memory and free VRAM.\n\nThere is use-after-free race bug that KFD allocate and reuse the freed\nsystem memory, and user queue write to the same system memory to corrupt\nthe data structure and cause driver crash.\n\nTo fix this race, KFD cleanup worker terminate user queues, then flush\nreset_domain wq to wait for any GPU ongoing reset complete, and then\nfree outstanding BOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37854",
"url": "https://www.suse.com/security/cve/CVE-2025-37854"
},
{
"category": "external",
"summary": "SUSE Bug 1243082 for CVE-2025-37854",
"url": "https://bugzilla.suse.com/1243082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37854"
},
{
"cve": "CVE-2025-37858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Prevent integer overflow in AG size calculation\n\nThe JFS filesystem calculates allocation group (AG) size using 1 \u003c\u003c\nl2agsize in dbExtendFS(). When l2agsize exceeds 31 (possible with \u003e2TB\naggregates on 32-bit systems), this 32-bit shift operation causes undefined\nbehavior and improper AG sizing.\n\nOn 32-bit architectures:\n- Left-shifting 1 by 32+ bits results in 0 due to integer overflow\n- This creates invalid AG sizes (0 or garbage values) in\nsbi-\u003ebmap-\u003edb_agsize\n- Subsequent block allocations would reference invalid AG structures\n- Could lead to:\n - Filesystem corruption during extend operations\n - Kernel crashes due to invalid memory accesses\n - Security vulnerabilities via malformed on-disk structures\n\nFix by casting to s64 before shifting:\nbmp-\u003edb_agsize = (s64)1 \u003c\u003c l2agsize;\n\nThis ensures 64-bit arithmetic even on 32-bit architectures. The cast\nmatches the data type of db_agsize (s64) and follows similar patterns in\nJFS block calculation code.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37858",
"url": "https://www.suse.com/security/cve/CVE-2025-37858"
},
{
"category": "external",
"summary": "SUSE Bug 1243049 for CVE-2025-37858",
"url": "https://bugzilla.suse.com/1243049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37858"
},
{
"cve": "CVE-2025-37859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npage_pool: avoid infinite loop to schedule delayed worker\n\nWe noticed the kworker in page_pool_release_retry() was waken\nup repeatedly and infinitely in production because of the\nbuggy driver causing the inflight less than 0 and warning\nus in page_pool_inflight()[1].\n\nSince the inflight value goes negative, it means we should\nnot expect the whole page_pool to get back to work normally.\n\nThis patch mitigates the adverse effect by not rescheduling\nthe kworker when detecting the inflight negative in\npage_pool_release_retry().\n\n[1]\n[Mon Feb 10 20:36:11 2025] ------------[ cut here ]------------\n[Mon Feb 10 20:36:11 2025] Negative(-51446) inflight packet-pages\n...\n[Mon Feb 10 20:36:11 2025] Call Trace:\n[Mon Feb 10 20:36:11 2025] page_pool_release_retry+0x23/0x70\n[Mon Feb 10 20:36:11 2025] process_one_work+0x1b1/0x370\n[Mon Feb 10 20:36:11 2025] worker_thread+0x37/0x3a0\n[Mon Feb 10 20:36:11 2025] kthread+0x11a/0x140\n[Mon Feb 10 20:36:11 2025] ? process_one_work+0x370/0x370\n[Mon Feb 10 20:36:11 2025] ? __kthread_cancel_work+0x40/0x40\n[Mon Feb 10 20:36:11 2025] ret_from_fork+0x35/0x40\n[Mon Feb 10 20:36:11 2025] ---[ end trace ebffe800f33e7e34 ]---\nNote: before this patch, the above calltrace would flood the\ndmesg due to repeated reschedule of release_dw kworker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37859",
"url": "https://www.suse.com/security/cve/CVE-2025-37859"
},
{
"category": "external",
"summary": "SUSE Bug 1243051 for CVE-2025-37859",
"url": "https://bugzilla.suse.com/1243051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37859"
},
{
"cve": "CVE-2025-37861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue\n\nWhen the task management thread processes reply queues while the reset\nthread resets them, the task management thread accesses an invalid queue ID\n(0xFFFF), set by the reset thread, which points to unallocated memory,\ncausing a crash.\n\nAdd flag \u0027io_admin_reset_sync\u0027 to synchronize access between the reset,\nI/O, and admin threads. Before a reset, the reset handler sets this flag to\nblock I/O and admin processing threads. If any thread bypasses the initial\ncheck, the reset thread waits up to 10 seconds for processing to finish. If\nthe wait exceeds 10 seconds, the controller is marked as unrecoverable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37861",
"url": "https://www.suse.com/security/cve/CVE-2025-37861"
},
{
"category": "external",
"summary": "SUSE Bug 1243055 for CVE-2025-37861",
"url": "https://bugzilla.suse.com/1243055"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37861"
},
{
"cve": "CVE-2025-37862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: pidff: Fix null pointer dereference in pidff_find_fields\n\nThis function triggered a null pointer dereference if used to search for\na report that isn\u0027t implemented on the device. This happened both for\noptional and required reports alike.\n\nThe same logic was applied to pidff_find_special_field and although\npidff_init_fields should return an error earlier if one of the required\nreports is missing, future modifications could change this logic and\nresurface this possible null pointer dereference again.\n\nLKML bug report:\nhttps://lore.kernel.org/all/CAL-gK7f5=R0nrrQdPtaZZr1fd-cdAMbDMuZ_NLA8vM0SX+nGSw@mail.gmail.com",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37862",
"url": "https://www.suse.com/security/cve/CVE-2025-37862"
},
{
"category": "external",
"summary": "SUSE Bug 1242982 for CVE-2025-37862",
"url": "https://bugzilla.suse.com/1242982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37862"
},
{
"cve": "CVE-2025-37865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported\n\nRussell King reports that on the ZII dev rev B, deleting a bridge VLAN\nfrom a user port fails with -ENOENT:\nhttps://lore.kernel.org/netdev/Z_lQXNP0s5-IiJzd@shell.armlinux.org.uk/\n\nThis comes from mv88e6xxx_port_vlan_leave() -\u003e mv88e6xxx_mst_put(),\nwhich tries to find an MST entry in \u0026chip-\u003emsts associated with the SID,\nbut fails and returns -ENOENT as such.\n\nBut we know that this chip does not support MST at all, so that is not\nsurprising. The question is why does the guard in mv88e6xxx_mst_put()\nnot exit early:\n\n\tif (!sid)\n\t\treturn 0;\n\nAnd the answer seems to be simple: the sid comes from vlan.sid which\nsupposedly was previously populated by mv88e6xxx_vtu_get().\nBut some chip-\u003einfo-\u003eops-\u003evtu_getnext() implementations do not populate\nvlan.sid, for example see mv88e6185_g1_vtu_getnext(). In that case,\nlater in mv88e6xxx_port_vlan_leave() we are using a garbage sid which is\njust residual stack memory.\n\nTesting for sid == 0 covers all cases of a non-bridge VLAN or a bridge\nVLAN mapped to the default MSTI. For some chips, SID 0 is valid and\ninstalled by mv88e6xxx_stu_setup(). A chip which does not support the\nSTU would implicitly only support mapping all VLANs to the default MSTI,\nso although SID 0 is not valid, it would be sufficient, if we were to\nzero-initialize the vlan structure, to fix the bug, due to the\ncoincidence that a test for vlan.sid == 0 already exists and leads to\nthe same (correct) behavior.\n\nAnother option which would be sufficient would be to add a test for\nmv88e6xxx_has_stu() inside mv88e6xxx_mst_put(), symmetric to the one\nwhich already exists in mv88e6xxx_mst_get(). But that placement means\nthe caller will have to dereference vlan.sid, which means it will access\nuninitialized memory, which is not nice even if it ignores it later.\n\nSo we end up making both modifications, in order to not rely just on the\nsid == 0 coincidence, but also to avoid having uninitialized structure\nfields which might get temporarily accessed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37865",
"url": "https://www.suse.com/security/cve/CVE-2025-37865"
},
{
"category": "external",
"summary": "SUSE Bug 1242954 for CVE-2025-37865",
"url": "https://bugzilla.suse.com/1242954"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37865"
},
{
"cve": "CVE-2025-37867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Silence oversized kvmalloc() warning\n\nsyzkaller triggered an oversized kvmalloc() warning.\nSilence it by adding __GFP_NOWARN.\n\nsyzkaller log:\n WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node_noprof+0x175/0x180\n CPU: 7 UID: 0 PID: 518 Comm: c_repro Not tainted 6.11.0-rc6+ #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__kvmalloc_node_noprof+0x175/0x180\n RSP: 0018:ffffc90001e67c10 EFLAGS: 00010246\n RAX: 0000000000000100 RBX: 0000000000000400 RCX: ffffffff8149d46b\n RDX: 0000000000000000 RSI: ffff8881030fae80 RDI: 0000000000000002\n RBP: 000000712c800000 R08: 0000000000000100 R09: 0000000000000000\n R10: ffffc90001e67c10 R11: 0030ae0601000000 R12: 0000000000000000\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000\n FS: 00007fde79159740(0000) GS:ffff88813bdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000180 CR3: 0000000105eb4005 CR4: 00000000003706b0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ib_umem_odp_get+0x1f6/0x390\n mlx5_ib_reg_user_mr+0x1e8/0x450\n ib_uverbs_reg_mr+0x28b/0x440\n ib_uverbs_write+0x7d3/0xa30\n vfs_write+0x1ac/0x6c0\n ksys_write+0x134/0x170\n ? __sanitizer_cov_trace_pc+0x1c/0x50\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37867",
"url": "https://www.suse.com/security/cve/CVE-2025-37867"
},
{
"category": "external",
"summary": "SUSE Bug 1242948 for CVE-2025-37867",
"url": "https://bugzilla.suse.com/1242948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37867"
},
{
"cve": "CVE-2025-37868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/userptr: fix notifier vs folio deadlock\n\nUser is reporting what smells like notifier vs folio deadlock, where\nmigrate_pages_batch() on core kernel side is holding folio lock(s) and\nthen interacting with the mappings of it, however those mappings are\ntied to some userptr, which means calling into the notifier callback and\ngrabbing the notifier lock. With perfect timing it looks possible that\nthe pages we pulled from the hmm fault can get sniped by\nmigrate_pages_batch() at the same time that we are holding the notifier\nlock to mark the pages as accessed/dirty, but at this point we also want\nto grab the folio locks(s) to mark them as dirty, but if they are\ncontended from notifier/migrate_pages_batch side then we deadlock since\nfolio lock won\u0027t be dropped until we drop the notifier lock.\n\nFortunately the mark_page_accessed/dirty is not really needed in the\nfirst place it seems and should have already been done by hmm fault, so\njust remove it.\n\n(cherry picked from commit bd7c0cb695e87c0e43247be8196b4919edbe0e85)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37868",
"url": "https://www.suse.com/security/cve/CVE-2025-37868"
},
{
"category": "external",
"summary": "SUSE Bug 1242966 for CVE-2025-37868",
"url": "https://bugzilla.suse.com/1242966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37868"
},
{
"cve": "CVE-2025-37869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Use local fence in error path of xe_migrate_clear\n\nThe intent of the error path in xe_migrate_clear is to wait on locally\ngenerated fence and then return. The code is waiting on m-\u003efence which\ncould be the local fence but this is only stable under the job mutex\nleading to a possible UAF. Fix code to wait on local fence.\n\n(cherry picked from commit 762b7e95362170b3e13a8704f38d5e47eca4ba74)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37869",
"url": "https://www.suse.com/security/cve/CVE-2025-37869"
},
{
"category": "external",
"summary": "SUSE Bug 1242967 for CVE-2025-37869",
"url": "https://bugzilla.suse.com/1242967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37869"
},
{
"cve": "CVE-2025-37871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: decrease sc_count directly if fail to queue dl_recall\n\nA deadlock warning occurred when invoking nfs4_put_stid following a failed\ndl_recall queue operation:\n T1 T2\n nfs4_laundromat\n nfs4_get_client_reaplist\n nfs4_anylock_blockers\n__break_lease\n spin_lock // ctx-\u003eflc_lock\n spin_lock // clp-\u003ecl_lock\n nfs4_lockowner_has_blockers\n locks_owner_has_blockers\n spin_lock // flctx-\u003eflc_lock\n nfsd_break_deleg_cb\n nfsd_break_one_deleg\n nfs4_put_stid\n refcount_dec_and_lock\n spin_lock // clp-\u003ecl_lock\n\nWhen a file is opened, an nfs4_delegation is allocated with sc_count\ninitialized to 1, and the file_lease holds a reference to the delegation.\nThe file_lease is then associated with the file through kernel_setlease.\n\nThe disassociation is performed in nfsd4_delegreturn via the following\ncall chain:\nnfsd4_delegreturn --\u003e destroy_delegation --\u003e destroy_unhashed_deleg --\u003e\nnfs4_unlock_deleg_lease --\u003e kernel_setlease --\u003e generic_delete_lease\nThe corresponding sc_count reference will be released after this\ndisassociation.\n\nSince nfsd_break_one_deleg executes while holding the flc_lock, the\ndisassociation process becomes blocked when attempting to acquire flc_lock\nin generic_delete_lease. This means:\n1) sc_count in nfsd_break_one_deleg will not be decremented to 0;\n2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to\nacquire cl_lock;\n3) Consequently, no deadlock condition is created.\n\nGiven that sc_count in nfsd_break_one_deleg remains non-zero, we can\nsafely perform refcount_dec on sc_count directly. This approach\neffectively avoids triggering deadlock warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37871",
"url": "https://www.suse.com/security/cve/CVE-2025-37871"
},
{
"category": "external",
"summary": "SUSE Bug 1242949 for CVE-2025-37871",
"url": "https://bugzilla.suse.com/1242949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37871"
},
{
"cve": "CVE-2025-37873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix missing ring index trim on error path\n\nCommit under Fixes converted tx_prod to be free running but missed\nmasking it on the Tx error path. This crashes on error conditions,\nfor example when DMA mapping fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37873",
"url": "https://www.suse.com/security/cve/CVE-2025-37873"
},
{
"category": "external",
"summary": "SUSE Bug 1242961 for CVE-2025-37873",
"url": "https://bugzilla.suse.com/1242961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37873"
},
{
"cve": "CVE-2025-37874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37874"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ngbe: fix memory leak in ngbe_probe() error path\n\nWhen ngbe_sw_init() is called, memory is allocated for wx-\u003erss_key\nin wx_init_rss_key(). However, in ngbe_probe() function, the subsequent\nerror paths after ngbe_sw_init() don\u0027t free the rss_key. Fix that by\nfreeing it in error path along with wx-\u003emac_table.\n\nAlso change the label to which execution jumps when ngbe_sw_init()\nfails, because otherwise, it could lead to a double free for rss_key,\nwhen the mac_table allocation fails in wx_sw_init().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37874",
"url": "https://www.suse.com/security/cve/CVE-2025-37874"
},
{
"category": "external",
"summary": "SUSE Bug 1242940 for CVE-2025-37874",
"url": "https://bugzilla.suse.com/1242940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37874"
},
{
"cve": "CVE-2025-37875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix PTM cycle trigger logic\n\nWriting to clear the PTM status \u0027valid\u0027 bit while the PTM cycle is\ntriggered results in unreliable PTM operation. To fix this, clear the\nPTM \u0027trigger\u0027 and status after each PTM transaction.\n\nThe issue can be reproduced with the following:\n\n$ sudo phc2sys -R 1000 -O 0 -i tsn0 -m\n\nNote: 1000 Hz (-R 1000) is unrealistically large, but provides a way to\nquickly reproduce the issue.\n\nPHC2SYS exits with:\n\n\"ioctl PTP_OFFSET_PRECISE: Connection timed out\" when the PTM transaction\n fails\n\nThis patch also fixes a hang in igc_probe() when loading the igc\ndriver in the kdump kernel on systems supporting PTM.\n\nThe igc driver running in the base kernel enables PTM trigger in\nigc_probe(). Therefore the driver is always in PTM trigger mode,\nexcept in brief periods when manually triggering a PTM cycle.\n\nWhen a crash occurs, the NIC is reset while PTM trigger is enabled.\nDue to a hardware problem, the NIC is subsequently in a bad busmaster\nstate and doesn\u0027t handle register reads/writes. When running\nigc_probe() in the kdump kernel, the first register access to a NIC\nregister hangs driver probing and ultimately breaks kdump.\n\nWith this patch, igc has PTM trigger disabled most of the time,\nand the trigger is only enabled for very brief (10 - 100 us) periods\nwhen manually triggering a PTM cycle. Chances that a crash occurs\nduring a PTM trigger are not 0, but extremely reduced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37875",
"url": "https://www.suse.com/security/cve/CVE-2025-37875"
},
{
"category": "external",
"summary": "SUSE Bug 1242959 for CVE-2025-37875",
"url": "https://bugzilla.suse.com/1242959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37875"
},
{
"cve": "CVE-2025-37881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()\n\nThe variable d-\u003ename, returned by devm_kasprintf(), could be NULL.\nA pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37881",
"url": "https://www.suse.com/security/cve/CVE-2025-37881"
},
{
"category": "external",
"summary": "SUSE Bug 1242973 for CVE-2025-37881",
"url": "https://bugzilla.suse.com/1242973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37881"
},
{
"cve": "CVE-2025-37884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix deadlock between rcu_tasks_trace and event_mutex.\n\nFix the following deadlock:\nCPU A\n_free_event()\n perf_kprobe_destroy()\n mutex_lock(\u0026event_mutex)\n perf_trace_event_unreg()\n synchronize_rcu_tasks_trace()\n\nThere are several paths where _free_event() grabs event_mutex\nand calls sync_rcu_tasks_trace. Above is one such case.\n\nCPU B\nbpf_prog_test_run_syscall()\n rcu_read_lock_trace()\n bpf_prog_run_pin_on_cpu()\n bpf_prog_load()\n bpf_tracing_func_proto()\n trace_set_clr_event()\n mutex_lock(\u0026event_mutex)\n\nDelegate trace_set_clr_event() to workqueue to avoid\nsuch lock dependency.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37884",
"url": "https://www.suse.com/security/cve/CVE-2025-37884"
},
{
"category": "external",
"summary": "SUSE Bug 1243060 for CVE-2025-37884",
"url": "https://bugzilla.suse.com/1243060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37884"
},
{
"cve": "CVE-2025-37888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table()\n\nAdd NULL check for mlx5_get_flow_namespace() returns in\nmlx5_create_inner_ttc_table() and mlx5_create_ttc_table() to prevent\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37888",
"url": "https://www.suse.com/security/cve/CVE-2025-37888"
},
{
"category": "external",
"summary": "SUSE Bug 1242964 for CVE-2025-37888",
"url": "https://bugzilla.suse.com/1242964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37888"
},
{
"cve": "CVE-2025-37889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Consistently treat platform_max as control value\n\nThis reverts commit 9bdd10d57a88 (\"ASoC: ops: Shift tested values in\nsnd_soc_put_volsw() by +min\"), and makes some additional related\nupdates.\n\nThere are two ways the platform_max could be interpreted; the maximum\nregister value, or the maximum value the control can be set to. The\npatch moved from treating the value as a control value to a register\none. When the patch was applied it was technically correct as\nsnd_soc_limit_volume() also used the register interpretation. However,\neven then most of the other usages treated platform_max as a\ncontrol value, and snd_soc_limit_volume() has since been updated to\nalso do so in commit fb9ad24485087 (\"ASoC: ops: add correct range\ncheck for limiting volume\"). That patch however, missed updating\nsnd_soc_put_volsw() back to the control interpretation, and fixing\nsnd_soc_info_volsw_range(). The control interpretation makes more\nsense as limiting is typically done from the machine driver, so it is\nappropriate to use the customer facing representation rather than the\ninternal codec representation. Update all the code to consistently use\nthis interpretation of platform_max.\n\nFinally, also add some comments to the soc_mixer_control struct to\nhopefully avoid further patches switching between the two approaches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37889",
"url": "https://www.suse.com/security/cve/CVE-2025-37889"
},
{
"category": "external",
"summary": "SUSE Bug 1242945 for CVE-2025-37889",
"url": "https://bugzilla.suse.com/1242945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37889"
},
{
"cve": "CVE-2025-37890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], we have a UAF case when an hfsc class\nhas a netem child qdisc. The crux of the issue is that hfsc is assuming\nthat checking for cl-\u003eqdisc-\u003eq.qlen == 0 guarantees that it hasn\u0027t inserted\nthe class in the vttree or eltree (which is not true for the netem\nduplicate case).\n\nThis patch checks the n_active class variable to make sure that the code\nwon\u0027t insert the class in the vttree or eltree twice, catering for the\nreentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37890",
"url": "https://www.suse.com/security/cve/CVE-2025-37890"
},
{
"category": "external",
"summary": "SUSE Bug 1243330 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "external",
"summary": "SUSE Bug 1245791 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1245791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "important"
}
],
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-37891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ump: Fix buffer overflow at UMP SysEx message conversion\n\nThe conversion function from MIDI 1.0 to UMP packet contains an\ninternal buffer to keep the incoming MIDI bytes, and its size is 4, as\nit was supposed to be the max size for a MIDI1 UMP packet data.\nHowever, the implementation overlooked that SysEx is handled in a\ndifferent format, and it can be up to 6 bytes, as found in\ndo_convert_to_ump(). It leads eventually to a buffer overflow, and\nmay corrupt the memory when a longer SysEx message is received.\n\nThe fix is simply to extend the buffer size to 6 to fit with the SysEx\nUMP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37891",
"url": "https://www.suse.com/security/cve/CVE-2025-37891"
},
{
"category": "external",
"summary": "SUSE Bug 1243589 for CVE-2025-37891",
"url": "https://bugzilla.suse.com/1243589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37891"
},
{
"cve": "CVE-2025-37892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: inftlcore: Add error check for inftl_read_oob()\n\nIn INFTL_findwriteunit(), the return value of inftl_read_oob()\nneed to be checked. A proper implementation can be\nfound in INFTL_deleteblock(). The status will be set as\nSECTOR_IGNORE to break from the while-loop correctly\nif the inftl_read_oob() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37892",
"url": "https://www.suse.com/security/cve/CVE-2025-37892"
},
{
"category": "external",
"summary": "SUSE Bug 1243536 for CVE-2025-37892",
"url": "https://bugzilla.suse.com/1243536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37892"
},
{
"cve": "CVE-2025-37897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37897"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: plfxlc: Remove erroneous assert in plfxlc_mac_release\n\nplfxlc_mac_release() asserts that mac-\u003elock is held. This assertion is\nincorrect, because even if it was possible, it would not be the valid\nbehaviour. The function is used when probe fails or after the device is\ndisconnected. In both cases mac-\u003elock can not be held as the driver is\nnot working with the device at the moment. All functions that use mac-\u003elock\nunlock it just after it was held. There is also no need to hold mac-\u003elock\nfor plfxlc_mac_release() itself, as mac data is not affected, except for\nmac-\u003eflags, which is modified atomically.\n\nThis bug leads to the following warning:\n================================================================\nWARNING: CPU: 0 PID: 127 at drivers/net/wireless/purelifi/plfxlc/mac.c:106 plfxlc_mac_release+0x7d/0xa0\nModules linked in:\nCPU: 0 PID: 127 Comm: kworker/0:2 Not tainted 6.1.124-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:plfxlc_mac_release+0x7d/0xa0 drivers/net/wireless/purelifi/plfxlc/mac.c:106\nCall Trace:\n \u003cTASK\u003e\n probe+0x941/0xbd0 drivers/net/wireless/purelifi/plfxlc/usb.c:694\n usb_probe_interface+0x5c0/0xaf0 drivers/usb/core/driver.c:396\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_set_configuration+0x19dd/0x2020 drivers/usb/core/message.c:2165\n usb_generic_driver_probe+0x84/0x140 drivers/usb/core/generic.c:238\n usb_probe_device+0x130/0x260 drivers/usb/core/driver.c:293\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_new_device+0xbdd/0x18f0 drivers/usb/core/hub.c:2620\n hub_port_connect drivers/usb/core/hub.c:5477 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5617 [inline]\n port_event drivers/usb/core/hub.c:5773 [inline]\n hub_event+0x2efe/0x5730 drivers/usb/core/hub.c:5855\n process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292\n worker_thread+0xa47/0x1200 kernel/workqueue.c:2439\n kthread+0x28d/0x320 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n \u003c/TASK\u003e\n================================================================\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37897",
"url": "https://www.suse.com/security/cve/CVE-2025-37897"
},
{
"category": "external",
"summary": "SUSE Bug 1243534 for CVE-2025-37897",
"url": "https://bugzilla.suse.com/1243534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "low"
}
],
"title": "CVE-2025-37897"
},
{
"cve": "CVE-2025-37900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix two issues in iommu_copy_struct_from_user()\n\nIn the review for iommu_copy_struct_to_user() helper, Matt pointed out that\na NULL pointer should be rejected prior to dereferencing it:\nhttps://lore.kernel.org/all/86881827-8E2D-461C-BDA3-FA8FD14C343C@nvidia.com\n\nAnd Alok pointed out a typo at the same time:\nhttps://lore.kernel.org/all/480536af-6830-43ce-a327-adbd13dc3f1d@oracle.com\n\nSince both issues were copied from iommu_copy_struct_from_user(), fix them\nfirst in the current header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37900",
"url": "https://www.suse.com/security/cve/CVE-2025-37900"
},
{
"category": "external",
"summary": "SUSE Bug 1243560 for CVE-2025-37900",
"url": "https://bugzilla.suse.com/1243560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37900"
},
{
"cve": "CVE-2025-37901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs\n\nOn Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not\nhave a corresponding MPM pin and should not be handled inside the MPM\ndriver. The IRQ domain hierarchy is always applied, so it\u0027s required to\nexplicitly disconnect the hierarchy for those. The pinctrl-msm driver marks\nthese with GPIO_NO_WAKE_IRQ. qcom-pdc has a check for this, but\nirq-qcom-mpm is currently missing the check. This is causing crashes when\nsetting up interrupts for non-wake GPIOs:\n\n root@rb1:~# gpiomon -c gpiochip1 10\n irq: IRQ159: trimming hierarchy from :soc@0:interrupt-controller@f200000-1\n Unable to handle kernel paging request at virtual address ffff8000a1dc3820\n Hardware name: Qualcomm Technologies, Inc. Robotics RB1 (DT)\n pc : mpm_set_type+0x80/0xcc\n lr : mpm_set_type+0x5c/0xcc\n Call trace:\n mpm_set_type+0x80/0xcc (P)\n qcom_mpm_set_type+0x64/0x158\n irq_chip_set_type_parent+0x20/0x38\n msm_gpio_irq_set_type+0x50/0x530\n __irq_set_trigger+0x60/0x184\n __setup_irq+0x304/0x6bc\n request_threaded_irq+0xc8/0x19c\n edge_detector_setup+0x260/0x364\n linereq_create+0x420/0x5a8\n gpio_ioctl+0x2d4/0x6c0\n\nFix this by copying the check for GPIO_NO_WAKE_IRQ from qcom-pdc.c, so that\nMPM is removed entirely from the hierarchy for non-wake GPIOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37901",
"url": "https://www.suse.com/security/cve/CVE-2025-37901"
},
{
"category": "external",
"summary": "SUSE Bug 1243559 for CVE-2025-37901",
"url": "https://bugzilla.suse.com/1243559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37901"
},
{
"cve": "CVE-2025-37903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free in hdcp\n\nThe HDCP code in amdgpu_dm_hdcp.c copies pointers to amdgpu_dm_connector\nobjects without incrementing the kref reference counts. When using a\nUSB-C dock, and the dock is unplugged, the corresponding\namdgpu_dm_connector objects are freed, creating dangling pointers in the\nHDCP code. When the dock is plugged back, the dangling pointers are\ndereferenced, resulting in a slab-use-after-free:\n\n[ 66.775837] BUG: KASAN: slab-use-after-free in event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776171] Read of size 4 at addr ffff888127804120 by task kworker/0:1/10\n\n[ 66.776179] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.14.0-rc7-00180-g54505f727a38-dirty #233\n[ 66.776183] Hardware name: HP HP Pavilion Aero Laptop 13-be0xxx/8916, BIOS F.17 12/18/2024\n[ 66.776186] Workqueue: events event_property_validate [amdgpu]\n[ 66.776494] Call Trace:\n[ 66.776496] \u003cTASK\u003e\n[ 66.776497] dump_stack_lvl+0x70/0xa0\n[ 66.776504] print_report+0x175/0x555\n[ 66.776507] ? __virt_addr_valid+0x243/0x450\n[ 66.776510] ? kasan_complete_mode_report_info+0x66/0x1c0\n[ 66.776515] kasan_report+0xeb/0x1c0\n[ 66.776518] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776819] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777121] __asan_report_load4_noabort+0x14/0x20\n[ 66.777124] event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777342] ? __lock_acquire+0x6b40/0x6b40\n[ 66.777347] ? enable_assr+0x250/0x250 [amdgpu]\n[ 66.777571] process_one_work+0x86b/0x1510\n[ 66.777575] ? pwq_dec_nr_in_flight+0xcf0/0xcf0\n[ 66.777578] ? assign_work+0x16b/0x280\n[ 66.777580] ? lock_is_held_type+0xa3/0x130\n[ 66.777583] worker_thread+0x5c0/0xfa0\n[ 66.777587] ? process_one_work+0x1510/0x1510\n[ 66.777588] kthread+0x3a2/0x840\n[ 66.777591] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777594] ? trace_hardirqs_on+0x4f/0x60\n[ 66.777597] ? _raw_spin_unlock_irq+0x27/0x60\n[ 66.777599] ? calculate_sigpending+0x77/0xa0\n[ 66.777602] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777605] ret_from_fork+0x40/0x90\n[ 66.777607] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777609] ret_from_fork_asm+0x11/0x20\n[ 66.777614] \u003c/TASK\u003e\n\n[ 66.777643] Allocated by task 10:\n[ 66.777646] kasan_save_stack+0x39/0x60\n[ 66.777649] kasan_save_track+0x14/0x40\n[ 66.777652] kasan_save_alloc_info+0x37/0x50\n[ 66.777655] __kasan_kmalloc+0xbb/0xc0\n[ 66.777658] __kmalloc_cache_noprof+0x1c8/0x4b0\n[ 66.777661] dm_dp_add_mst_connector+0xdd/0x5c0 [amdgpu]\n[ 66.777880] drm_dp_mst_port_add_connector+0x47e/0x770 [drm_display_helper]\n[ 66.777892] drm_dp_send_link_address+0x1554/0x2bf0 [drm_display_helper]\n[ 66.777901] drm_dp_check_and_send_link_address+0x187/0x1f0 [drm_display_helper]\n[ 66.777909] drm_dp_mst_link_probe_work+0x2b8/0x410 [drm_display_helper]\n[ 66.777917] process_one_work+0x86b/0x1510\n[ 66.777919] worker_thread+0x5c0/0xfa0\n[ 66.777922] kthread+0x3a2/0x840\n[ 66.777925] ret_from_fork+0x40/0x90\n[ 66.777927] ret_from_fork_asm+0x11/0x20\n\n[ 66.777932] Freed by task 1713:\n[ 66.777935] kasan_save_stack+0x39/0x60\n[ 66.777938] kasan_save_track+0x14/0x40\n[ 66.777940] kasan_save_free_info+0x3b/0x60\n[ 66.777944] __kasan_slab_free+0x52/0x70\n[ 66.777946] kfree+0x13f/0x4b0\n[ 66.777949] dm_dp_mst_connector_destroy+0xfa/0x150 [amdgpu]\n[ 66.778179] drm_connector_free+0x7d/0xb0\n[ 66.778184] drm_mode_object_put.part.0+0xee/0x160\n[ 66.778188] drm_mode_object_put+0x37/0x50\n[ 66.778191] drm_atomic_state_default_clear+0x220/0xd60\n[ 66.778194] __drm_atomic_state_free+0x16e/0x2a0\n[ 66.778197] drm_mode_atomic_ioctl+0x15ed/0x2ba0\n[ 66.778200] drm_ioctl_kernel+0x17a/0x310\n[ 66.778203] drm_ioctl+0x584/0xd10\n[ 66.778206] amdgpu_drm_ioctl+0xd2/0x1c0 [amdgpu]\n[ 66.778375] __x64_sys_ioctl+0x139/0x1a0\n[ 66.778378] x64_sys_call+0xee7/0xfb0\n[ 66.778381] \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37903",
"url": "https://www.suse.com/security/cve/CVE-2025-37903"
},
{
"category": "external",
"summary": "SUSE Bug 1243562 for CVE-2025-37903",
"url": "https://bugzilla.suse.com/1243562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37903"
},
{
"cve": "CVE-2025-37905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Balance device refcount when destroying devices\n\nUsing device_find_child() to lookup the proper SCMI device to destroy\ncauses an unbalance in device refcount, since device_find_child() calls an\nimplicit get_device(): this, in turns, inhibits the call of the provided\nrelease methods upon devices destruction.\n\nAs a consequence, one of the structures that is not freed properly upon\ndestruction is the internal struct device_private dev-\u003ep populated by the\ndrivers subsystem core.\n\nKMemleak detects this situation since loading/unloding some SCMI driver\ncauses related devices to be created/destroyed without calling any\ndevice_release method.\n\nunreferenced object 0xffff00000f583800 (size 512):\n comm \"insmod\", pid 227, jiffies 4294912190\n hex dump (first 32 bytes):\n 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........\n ff ff ff ff ff ff ff ff 60 36 1d 8a 00 80 ff ff ........`6......\n backtrace (crc 114e2eed):\n kmemleak_alloc+0xbc/0xd8\n __kmalloc_cache_noprof+0x2dc/0x398\n device_add+0x954/0x12d0\n device_register+0x28/0x40\n __scmi_device_create.part.0+0x1bc/0x380\n scmi_device_create+0x2d0/0x390\n scmi_create_protocol_devices+0x74/0xf8\n scmi_device_request_notifier+0x1f8/0x2a8\n notifier_call_chain+0x110/0x3b0\n blocking_notifier_call_chain+0x70/0xb0\n scmi_driver_register+0x350/0x7f0\n 0xffff80000a3b3038\n do_one_initcall+0x12c/0x730\n do_init_module+0x1dc/0x640\n load_module+0x4b20/0x5b70\n init_module_from_file+0xec/0x158\n\n$ ./scripts/faddr2line ./vmlinux device_add+0x954/0x12d0\ndevice_add+0x954/0x12d0:\nkmalloc_noprof at include/linux/slab.h:901\n(inlined by) kzalloc_noprof at include/linux/slab.h:1037\n(inlined by) device_private_init at drivers/base/core.c:3510\n(inlined by) device_add at drivers/base/core.c:3561\n\nBalance device refcount by issuing a put_device() on devices found via\ndevice_find_child().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37905",
"url": "https://www.suse.com/security/cve/CVE-2025-37905"
},
{
"category": "external",
"summary": "SUSE Bug 1243456 for CVE-2025-37905",
"url": "https://bugzilla.suse.com/1243456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37905"
},
{
"cve": "CVE-2025-37909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: lan743x: Fix memleak issue when GSO enabled\n\nAlways map the `skb` to the LS descriptor. Previously skb was\nmapped to EXT descriptor when the number of fragments is zero with\nGSO enabled. Mapping the skb to EXT descriptor prevents it from\nbeing freed, leading to a memory leak",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37909",
"url": "https://www.suse.com/security/cve/CVE-2025-37909"
},
{
"category": "external",
"summary": "SUSE Bug 1243467 for CVE-2025-37909",
"url": "https://bugzilla.suse.com/1243467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37909"
},
{
"cve": "CVE-2025-37911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix out-of-bound memcpy() during ethtool -w\n\nWhen retrieving the FW coredump using ethtool, it can sometimes cause\nmemory corruption:\n\nBUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nCorrupted memory at 0x000000008f0f30e8 [ ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ] (in kfence-#45):\n__bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nethtool_get_dump_data+0xdc/0x1a0\n__dev_ethtool+0xa1e/0x1af0\ndev_ethtool+0xa8/0x170\ndev_ioctl+0x1b5/0x580\nsock_do_ioctl+0xab/0xf0\nsock_ioctl+0x1ce/0x2e0\n__x64_sys_ioctl+0x87/0xc0\ndo_syscall_64+0x5c/0xf0\nentry_SYSCALL_64_after_hwframe+0x78/0x80\n\n...\n\nThis happens when copying the coredump segment list in\nbnxt_hwrm_dbg_dma_data() with the HWRM_DBG_COREDUMP_LIST FW command.\nThe info-\u003edest_buf buffer is allocated based on the number of coredump\nsegments returned by the FW. The segment list is then DMA\u0027ed by\nthe FW and the length of the DMA is returned by FW. The driver then\ncopies this DMA\u0027ed segment list to info-\u003edest_buf.\n\nIn some cases, this DMA length may exceed the info-\u003edest_buf length\nand cause the above BUG condition. Fix it by capping the copy\nlength to not exceed the length of info-\u003edest_buf. The extra\nDMA data contains no useful information.\n\nThis code path is shared for the HWRM_DBG_COREDUMP_LIST and the\nHWRM_DBG_COREDUMP_RETRIEVE FW commands. The buffering is different\nfor these 2 FW commands. To simplify the logic, we need to move\nthe line to adjust the buffer length for HWRM_DBG_COREDUMP_RETRIEVE\nup, so that the new check to cap the copy length will work for both\ncommands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37911",
"url": "https://www.suse.com/security/cve/CVE-2025-37911"
},
{
"category": "external",
"summary": "SUSE Bug 1243469 for CVE-2025-37911",
"url": "https://bugzilla.suse.com/1243469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37911"
},
{
"cve": "CVE-2025-37912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()\n\nAs mentioned in the commit baeb705fd6a7 (\"ice: always check VF VSI\npointer values\"), we need to perform a null pointer check on the return\nvalue of ice_get_vf_vsi() before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37912",
"url": "https://www.suse.com/security/cve/CVE-2025-37912"
},
{
"category": "external",
"summary": "SUSE Bug 1243470 for CVE-2025-37912",
"url": "https://bugzilla.suse.com/1243470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37912"
},
{
"cve": "CVE-2025-37913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: qfq: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of qfq, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nThis patch checks whether the class was already added to the agg-\u003eactive\nlist (cl_is_active) before doing the addition to cater for the reentrant\ncase.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37913",
"url": "https://www.suse.com/security/cve/CVE-2025-37913"
},
{
"category": "external",
"summary": "SUSE Bug 1243471 for CVE-2025-37913",
"url": "https://bugzilla.suse.com/1243471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37913"
},
{
"cve": "CVE-2025-37914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: ets: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of ets, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether\nthe class was already added to the active_list (cl_is_active) before\ndoing the addition to cater for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37914",
"url": "https://www.suse.com/security/cve/CVE-2025-37914"
},
{
"category": "external",
"summary": "SUSE Bug 1243472 for CVE-2025-37914",
"url": "https://bugzilla.suse.com/1243472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37914"
},
{
"cve": "CVE-2025-37915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: drr: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of drr, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether the\nclass was already added to the active_list (cl_is_active) before adding\nto the list to cover for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37915",
"url": "https://www.suse.com/security/cve/CVE-2025-37915"
},
{
"category": "external",
"summary": "SUSE Bug 1243473 for CVE-2025-37915",
"url": "https://bugzilla.suse.com/1243473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37915"
},
{
"cve": "CVE-2025-37917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll\n\nUse spin_lock_irqsave and spin_unlock_irqrestore instead of spin_lock\nand spin_unlock in mtk_star_emac driver to avoid spinlock recursion\noccurrence that can happen when enabling the DMA interrupts again in\nrx/tx poll.\n\n```\nBUG: spinlock recursion on CPU#0, swapper/0/0\n lock: 0xffff00000db9cf20, .magic: dead4ead, .owner: swapper/0/0,\n .owner_cpu: 0\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted\n 6.15.0-rc2-next-20250417-00001-gf6a27738686c-dirty #28 PREEMPT\nHardware name: MediaTek MT8365 Open Platform EVK (DT)\nCall trace:\n show_stack+0x18/0x24 (C)\n dump_stack_lvl+0x60/0x80\n dump_stack+0x18/0x24\n spin_dump+0x78/0x88\n do_raw_spin_lock+0x11c/0x120\n _raw_spin_lock+0x20/0x2c\n mtk_star_handle_irq+0xc0/0x22c [mtk_star_emac]\n __handle_irq_event_percpu+0x48/0x140\n handle_irq_event+0x4c/0xb0\n handle_fasteoi_irq+0xa0/0x1bc\n handle_irq_desc+0x34/0x58\n generic_handle_domain_irq+0x1c/0x28\n gic_handle_irq+0x4c/0x120\n do_interrupt_handler+0x50/0x84\n el1_interrupt+0x34/0x68\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x6c/0x70\n regmap_mmio_read32le+0xc/0x20 (P)\n _regmap_bus_reg_read+0x6c/0xac\n _regmap_read+0x60/0xdc\n regmap_read+0x4c/0x80\n mtk_star_rx_poll+0x2f4/0x39c [mtk_star_emac]\n __napi_poll+0x38/0x188\n net_rx_action+0x164/0x2c0\n handle_softirqs+0x100/0x244\n __do_softirq+0x14/0x20\n ____do_softirq+0x10/0x20\n call_on_irq_stack+0x24/0x64\n do_softirq_own_stack+0x1c/0x40\n __irq_exit_rcu+0xd4/0x10c\n irq_exit_rcu+0x10/0x1c\n el1_interrupt+0x38/0x68\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x6c/0x70\n cpuidle_enter_state+0xac/0x320 (P)\n cpuidle_enter+0x38/0x50\n do_idle+0x1e4/0x260\n cpu_startup_entry+0x34/0x3c\n rest_init+0xdc/0xe0\n console_on_rootfs+0x0/0x6c\n __primary_switched+0x88/0x90\n```",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37917",
"url": "https://www.suse.com/security/cve/CVE-2025-37917"
},
{
"category": "external",
"summary": "SUSE Bug 1243475 for CVE-2025-37917",
"url": "https://bugzilla.suse.com/1243475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37917"
},
{
"cve": "CVE-2025-37918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: avoid NULL pointer dereference in skb_dequeue()\n\nA NULL pointer dereference can occur in skb_dequeue() when processing a\nQCA firmware crash dump on WCN7851 (0489:e0f3).\n\n[ 93.672166] Bluetooth: hci0: ACL memdump size(589824)\n\n[ 93.672475] BUG: kernel NULL pointer dereference, address: 0000000000000008\n[ 93.672517] Workqueue: hci0 hci_devcd_rx [bluetooth]\n[ 93.672598] RIP: 0010:skb_dequeue+0x50/0x80\n\nThe issue stems from handle_dump_pkt_qca() returning 0 even when a dump\npacket is successfully processed. This is because it incorrectly\nforwards the return value of hci_devcd_init() (which returns 0 on\nsuccess). As a result, the caller (btusb_recv_acl_qca() or\nbtusb_recv_evt_qca()) assumes the packet was not handled and passes it\nto hci_recv_frame(), leading to premature kfree() of the skb.\n\nLater, hci_devcd_rx() attempts to dequeue the same skb from the dump\nqueue, resulting in a NULL pointer dereference.\n\nFix this by:\n1. Making handle_dump_pkt_qca() return 0 on success and negative errno\n on failure, consistent with kernel conventions.\n2. Splitting dump packet detection into separate functions for ACL\n and event packets for better structure and readability.\n\nThis ensures dump packets are properly identified and consumed, avoiding\ndouble handling and preventing NULL pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37918",
"url": "https://www.suse.com/security/cve/CVE-2025-37918"
},
{
"category": "external",
"summary": "SUSE Bug 1243476 for CVE-2025-37918",
"url": "https://bugzilla.suse.com/1243476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37918"
},
{
"cve": "CVE-2025-37921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: vnifilter: Fix unlocked deletion of default FDB entry\n\nWhen a VNI is deleted from a VXLAN device in \u0027vnifilter\u0027 mode, the FDB\nentry associated with the default remote (assuming one was configured)\nis deleted without holding the hash lock. This is wrong and will result\nin a warning [1] being generated by the lockdep annotation that was\nadded by commit ebe642067455 (\"vxlan: Create wrappers for FDB lookup\").\n\nReproducer:\n\n # ip link add vx0 up type vxlan dstport 4789 external vnifilter local 192.0.2.1\n # bridge vni add vni 10010 remote 198.51.100.1 dev vx0\n # bridge vni del vni 10010 dev vx0\n\nFix by acquiring the hash lock before the deletion and releasing it\nafterwards. Blame the original commit that introduced the issue rather\nthan the one that exposed it.\n\n[1]\nWARNING: CPU: 3 PID: 392 at drivers/net/vxlan/vxlan_core.c:417 vxlan_find_mac+0x17f/0x1a0\n[...]\nRIP: 0010:vxlan_find_mac+0x17f/0x1a0\n[...]\nCall Trace:\n \u003cTASK\u003e\n __vxlan_fdb_delete+0xbe/0x560\n vxlan_vni_delete_group+0x2ba/0x940\n vxlan_vni_del.isra.0+0x15f/0x580\n vxlan_process_vni_filter+0x38b/0x7b0\n vxlan_vnifilter_process+0x3bb/0x510\n rtnetlink_rcv_msg+0x2f7/0xb70\n netlink_rcv_skb+0x131/0x360\n netlink_unicast+0x426/0x710\n netlink_sendmsg+0x75a/0xc20\n __sock_sendmsg+0xc1/0x150\n ____sys_sendmsg+0x5aa/0x7b0\n ___sys_sendmsg+0xfc/0x180\n __sys_sendmsg+0x121/0x1b0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37921",
"url": "https://www.suse.com/security/cve/CVE-2025-37921"
},
{
"category": "external",
"summary": "SUSE Bug 1243480 for CVE-2025-37921",
"url": "https://bugzilla.suse.com/1243480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37921"
},
{
"cve": "CVE-2025-37923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix oob write in trace_seq_to_buffer()\n\nsyzbot reported this bug:\n==================================================================\nBUG: KASAN: slab-out-of-bounds in trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\nBUG: KASAN: slab-out-of-bounds in tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\nWrite of size 4507 at addr ffff888032b6b000 by task syz.2.320/7260\n\nCPU: 1 UID: 0 PID: 7260 Comm: syz.2.320 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xc3/0x670 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n __asan_memcpy+0x3c/0x60 mm/kasan/shadow.c:106\n trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\n tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\n ....\n==================================================================\n\nIt has been reported that trace_seq_to_buffer() tries to copy more data\nthan PAGE_SIZE to buf. Therefore, to prevent this, we should use the\nsmaller of trace_seq_used(\u0026iter-\u003eseq) and PAGE_SIZE as an argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37923",
"url": "https://www.suse.com/security/cve/CVE-2025-37923"
},
{
"category": "external",
"summary": "SUSE Bug 1243551 for CVE-2025-37923",
"url": "https://bugzilla.suse.com/1243551"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37923"
},
{
"cve": "CVE-2025-37925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: reject on-disk inodes of an unsupported type\n\nSyzbot has reported the following BUG:\n\nkernel BUG at fs/inode.c:668!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted 6.12.0-rc4-syzkaller-00085-g4e46774408d9 #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\nRIP: 0010:clear_inode+0x168/0x190\nCode: 4c 89 f7 e8 ba fe e5 ff e9 61 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 7c c1 4c 89 f7 e8 90 ff e5 ff eb b7\n 0b e8 01 5d 7f ff 90 0f 0b e8 f9 5c 7f ff 90 0f 0b e8 f1 5c 7f\nRSP: 0018:ffffc900027dfae8 EFLAGS: 00010093\nRAX: ffffffff82157a87 RBX: 0000000000000001 RCX: ffff888104d4b980\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\nRBP: ffffc900027dfc90 R08: ffffffff82157977 R09: fffff520004fbf38\nR10: dffffc0000000000 R11: fffff520004fbf38 R12: dffffc0000000000\nR13: ffff88811315bc00 R14: ffff88811315bda8 R15: ffff88811315bb80\nFS: 0000000000000000(0000) GS:ffff888135f00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005565222e0578 CR3: 0000000026ef0000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n ? __die_body+0x5f/0xb0\n ? die+0x9e/0xc0\n ? do_trap+0x15a/0x3a0\n ? clear_inode+0x168/0x190\n ? do_error_trap+0x1dc/0x2c0\n ? clear_inode+0x168/0x190\n ? __pfx_do_error_trap+0x10/0x10\n ? report_bug+0x3cd/0x500\n ? handle_invalid_op+0x34/0x40\n ? clear_inode+0x168/0x190\n ? exc_invalid_op+0x38/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? clear_inode+0x57/0x190\n ? clear_inode+0x167/0x190\n ? clear_inode+0x168/0x190\n ? clear_inode+0x167/0x190\n jfs_evict_inode+0xb5/0x440\n ? __pfx_jfs_evict_inode+0x10/0x10\n evict+0x4ea/0x9b0\n ? __pfx_evict+0x10/0x10\n ? iput+0x713/0xa50\n txUpdateMap+0x931/0xb10\n ? __pfx_txUpdateMap+0x10/0x10\n jfs_lazycommit+0x49a/0xb80\n ? _raw_spin_unlock_irqrestore+0x8f/0x140\n ? lockdep_hardirqs_on+0x99/0x150\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_default_wake_function+0x10/0x10\n ? __kthread_parkme+0x169/0x1d0\n ? __pfx_jfs_lazycommit+0x10/0x10\n kthread+0x2f2/0x390\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4d/0x80\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nThis happens when \u0027clear_inode()\u0027 makes an attempt to finalize an underlying\nJFS inode of unknown type. According to JFS layout description from\nhttps://jfs.sourceforge.net/project/pub/jfslayout.pdf, inode types from 5 to\n15 are reserved for future extensions and should not be encountered on a valid\nfilesystem. So add an extra check for valid inode type in \u0027copy_from_dinode()\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37925",
"url": "https://www.suse.com/security/cve/CVE-2025-37925"
},
{
"category": "external",
"summary": "SUSE Bug 1241654 for CVE-2025-37925",
"url": "https://bugzilla.suse.com/1241654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37925"
},
{
"cve": "CVE-2025-37927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid\n\nThere is a string parsing logic error which can lead to an overflow of hid\nor uid buffers. Comparing ACPIID_LEN against a total string length doesn\u0027t\ntake into account the lengths of individual hid and uid buffers so the\ncheck is insufficient in some cases. For example if the length of hid\nstring is 4 and the length of the uid string is 260, the length of str\nwill be equal to ACPIID_LEN + 1 but uid string will overflow uid buffer\nwhich size is 256.\n\nThe same applies to the hid string with length 13 and uid string with\nlength 250.\n\nCheck the length of hid and uid strings separately to prevent\nbuffer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37927",
"url": "https://www.suse.com/security/cve/CVE-2025-37927"
},
{
"category": "external",
"summary": "SUSE Bug 1243620 for CVE-2025-37927",
"url": "https://bugzilla.suse.com/1243620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37927"
},
{
"cve": "CVE-2025-37928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-bufio: don\u0027t schedule in atomic context\n\nA BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and\ntry_verify_in_tasklet are enabled.\n[ 129.444685][ T934] BUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2421\n[ 129.444723][ T934] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 934, name: kworker/1:4\n[ 129.444740][ T934] preempt_count: 201, expected: 0\n[ 129.444756][ T934] RCU nest depth: 0, expected: 0\n[ 129.444781][ T934] Preemption disabled at:\n[ 129.444789][ T934] [\u003cffffffd816231900\u003e] shrink_work+0x21c/0x248\n[ 129.445167][ T934] kernel BUG at kernel/sched/walt/walt_debug.c:16!\n[ 129.445183][ T934] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ 129.445204][ T934] Skip md ftrace buffer dump for: 0x1609e0\n[ 129.447348][ T934] CPU: 1 PID: 934 Comm: kworker/1:4 Tainted: G W OE 6.6.56-android15-8-o-g6f82312b30b9-debug #1 1400000003000000474e5500b3187743670464e8\n[ 129.447362][ T934] Hardware name: Qualcomm Technologies, Inc. Parrot QRD, Alpha-M (DT)\n[ 129.447373][ T934] Workqueue: dm_bufio_cache shrink_work\n[ 129.447394][ T934] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 129.447406][ T934] pc : android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug]\n[ 129.447435][ T934] lr : __traceiter_android_rvh_schedule_bug+0x44/0x6c\n[ 129.447451][ T934] sp : ffffffc0843dbc90\n[ 129.447459][ T934] x29: ffffffc0843dbc90 x28: ffffffffffffffff x27: 0000000000000c8b\n[ 129.447479][ T934] x26: 0000000000000040 x25: ffffff804b3d6260 x24: ffffffd816232b68\n[ 129.447497][ T934] x23: ffffff805171c5b4 x22: 0000000000000000 x21: ffffffd816231900\n[ 129.447517][ T934] x20: ffffff80306ba898 x19: 0000000000000000 x18: ffffffc084159030\n[ 129.447535][ T934] x17: 00000000d2b5dd1f x16: 00000000d2b5dd1f x15: ffffffd816720358\n[ 129.447554][ T934] x14: 0000000000000004 x13: ffffff89ef978000 x12: 0000000000000003\n[ 129.447572][ T934] x11: ffffffd817a823c4 x10: 0000000000000202 x9 : 7e779c5735de9400\n[ 129.447591][ T934] x8 : ffffffd81560d004 x7 : 205b5d3938373434 x6 : ffffffd8167397c8\n[ 129.447610][ T934] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffffffc0843db9e0\n[ 129.447629][ T934] x2 : 0000000000002f15 x1 : 0000000000000000 x0 : 0000000000000000\n[ 129.447647][ T934] Call trace:\n[ 129.447655][ T934] android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug 1400000003000000474e550080cce8a8a78606b6]\n[ 129.447681][ T934] __might_resched+0x190/0x1a8\n[ 129.447694][ T934] shrink_work+0x180/0x248\n[ 129.447706][ T934] process_one_work+0x260/0x624\n[ 129.447718][ T934] worker_thread+0x28c/0x454\n[ 129.447729][ T934] kthread+0x118/0x158\n[ 129.447742][ T934] ret_from_fork+0x10/0x20\n[ 129.447761][ T934] Code: ???????? ???????? ???????? d2b5dd1f (d4210000)\n[ 129.447772][ T934] ---[ end trace 0000000000000000 ]---\n\ndm_bufio_lock will call spin_lock_bh when try_verify_in_tasklet\nis enabled, and __scan will be called in atomic context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37928",
"url": "https://www.suse.com/security/cve/CVE-2025-37928"
},
{
"category": "external",
"summary": "SUSE Bug 1243621 for CVE-2025-37928",
"url": "https://bugzilla.suse.com/1243621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37928"
},
{
"cve": "CVE-2025-37929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays\n\nCommit a5951389e58d (\"arm64: errata: Add newer ARM cores to the\nspectre_bhb_loop_affected() lists\") added some additional CPUs to the\nSpectre-BHB workaround, including some new arrays for designs that\nrequire new \u0027k\u0027 values for the workaround to be effective.\n\nUnfortunately, the new arrays omitted the sentinel entry and so\nis_midr_in_range_list() will walk off the end when it doesn\u0027t find a\nmatch. With UBSAN enabled, this leads to a crash during boot when\nis_midr_in_range_list() is inlined (which was more common prior to\nc8c2647e69be (\"arm64: Make _midr_in_range_list() an exported\nfunction\")):\n\n | Internal error: aarch64 BRK: 00000000f2000001 [#1] PREEMPT SMP\n | pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n | pc : spectre_bhb_loop_affected+0x28/0x30\n | lr : is_spectre_bhb_affected+0x170/0x190\n | [...]\n | Call trace:\n | spectre_bhb_loop_affected+0x28/0x30\n | update_cpu_capabilities+0xc0/0x184\n | init_cpu_features+0x188/0x1a4\n | cpuinfo_store_boot_cpu+0x4c/0x60\n | smp_prepare_boot_cpu+0x38/0x54\n | start_kernel+0x8c/0x478\n | __primary_switched+0xc8/0xd4\n | Code: 6b09011f 54000061 52801080 d65f03c0 (d4200020)\n | ---[ end trace 0000000000000000 ]---\n | Kernel panic - not syncing: aarch64 BRK: Fatal exception\n\nAdd the missing sentinel entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37929",
"url": "https://www.suse.com/security/cve/CVE-2025-37929"
},
{
"category": "external",
"summary": "SUSE Bug 1243624 for CVE-2025-37929",
"url": "https://bugzilla.suse.com/1243624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37929"
},
{
"cve": "CVE-2025-37930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()\n\nNouveau is mostly designed in a way that it\u0027s expected that fences only\never get signaled through nouveau_fence_signal(). However, in at least\none other place, nouveau_fence_done(), can signal fences, too. If that\nhappens (race) a signaled fence remains in the pending list for a while,\nuntil it gets removed by nouveau_fence_update().\n\nShould nouveau_fence_context_kill() run in the meantime, this would be\na bug because the function would attempt to set an error code on an\nalready signaled fence.\n\nHave nouveau_fence_context_kill() check for a fence being signaled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37930",
"url": "https://www.suse.com/security/cve/CVE-2025-37930"
},
{
"category": "external",
"summary": "SUSE Bug 1243625 for CVE-2025-37930",
"url": "https://bugzilla.suse.com/1243625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37930"
},
{
"cve": "CVE-2025-37931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: adjust subpage bit start based on sectorsize\n\nWhen running machines with 64k page size and a 16k nodesize we started\nseeing tree log corruption in production. This turned out to be because\nwe were not writing out dirty blocks sometimes, so this in fact affects\nall metadata writes.\n\nWhen writing out a subpage EB we scan the subpage bitmap for a dirty\nrange. If the range isn\u0027t dirty we do\n\n\tbit_start++;\n\nto move onto the next bit. The problem is the bitmap is based on the\nnumber of sectors that an EB has. So in this case, we have a 64k\npagesize, 16k nodesize, but a 4k sectorsize. This means our bitmap is 4\nbits for every node. With a 64k page size we end up with 4 nodes per\npage.\n\nTo make this easier this is how everything looks\n\n[0 16k 32k 48k ] logical address\n[0 4 8 12 ] radix tree offset\n[ 64k page ] folio\n[ 16k eb ][ 16k eb ][ 16k eb ][ 16k eb ] extent buffers\n[ | | | | | | | | | | | | | | | | ] bitmap\n\nNow we use all of our addressing based on fs_info-\u003esectorsize_bits, so\nas you can see the above our 16k eb-\u003estart turns into radix entry 4.\n\nWhen we find a dirty range for our eb, we correctly do bit_start +=\nsectors_per_node, because if we start at bit 0, the next bit for the\nnext eb is 4, to correspond to eb-\u003estart 16k.\n\nHowever if our range is clean, we will do bit_start++, which will now\nput us offset from our radix tree entries.\n\nIn our case, assume that the first time we check the bitmap the block is\nnot dirty, we increment bit_start so now it == 1, and then we loop\naround and check again. This time it is dirty, and we go to find that\nstart using the following equation\n\n\tstart = folio_start + bit_start * fs_info-\u003esectorsize;\n\nso in the case above, eb-\u003estart 0 is now dirty, and we calculate start\nas\n\n\t0 + 1 * fs_info-\u003esectorsize = 4096\n\t4096 \u003e\u003e 12 = 1\n\nNow we\u0027re looking up the radix tree for 1, and we won\u0027t find an eb.\nWhat\u0027s worse is now we\u0027re using bit_start == 1, so we do bit_start +=\nsectors_per_node, which is now 5. If that eb is dirty we will run into\nthe same thing, we will look at an offset that is not populated in the\nradix tree, and now we\u0027re skipping the writeout of dirty extent buffers.\n\nThe best fix for this is to not use sectorsize_bits to address nodes,\nbut that\u0027s a larger change. Since this is a fs corruption problem fix\nit simply by always using sectors_per_node to increment the start bit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37931",
"url": "https://www.suse.com/security/cve/CVE-2025-37931"
},
{
"category": "external",
"summary": "SUSE Bug 1243626 for CVE-2025-37931",
"url": "https://bugzilla.suse.com/1243626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37931"
},
{
"cve": "CVE-2025-37932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_qlen_notify() idempotent\n\nhtb_qlen_notify() always deactivates the HTB class and in fact could\ntrigger a warning if it is already deactivated. Therefore, it is not\nidempotent and not friendly to its callers, like fq_codel_dequeue().\n\nLet\u0027s make it idempotent to ease qdisc_tree_reduce_backlog() callers\u0027\nlife.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37932",
"url": "https://www.suse.com/security/cve/CVE-2025-37932"
},
{
"category": "external",
"summary": "SUSE Bug 1243627 for CVE-2025-37932",
"url": "https://bugzilla.suse.com/1243627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37932"
},
{
"cve": "CVE-2025-37933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37933"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteon_ep: Fix host hang issue during device reboot\n\nWhen the host loses heartbeat messages from the device,\nthe driver calls the device-specific ndo_stop function,\nwhich frees the resources. If the driver is unloaded in\nthis scenario, it calls ndo_stop again, attempting to free\nresources that have already been freed, leading to a host\nhang issue. To resolve this, dev_close should be called\ninstead of the device-specific stop function.dev_close\ninternally calls ndo_stop to stop the network interface\nand performs additional cleanup tasks. During the driver\nunload process, if the device is already down, ndo_stop\nis not called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37933",
"url": "https://www.suse.com/security/cve/CVE-2025-37933"
},
{
"category": "external",
"summary": "SUSE Bug 1243628 for CVE-2025-37933",
"url": "https://bugzilla.suse.com/1243628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37933"
},
{
"cve": "CVE-2025-37934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction\n\nActually check if the passed pointers are valid, before writing to them.\nThis also fixes a USBAN warning:\nUBSAN: invalid-load in ../sound/soc/fsl/imx-card.c:687:25\nload of value 255 is not a valid value for type \u0027_Bool\u0027\n\nThis is because playback_only is uninitialized and is not written to, as\nthe playback-only property is absent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37934",
"url": "https://www.suse.com/security/cve/CVE-2025-37934"
},
{
"category": "external",
"summary": "SUSE Bug 1243548 for CVE-2025-37934",
"url": "https://bugzilla.suse.com/1243548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37934"
},
{
"cve": "CVE-2025-37936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU\u0027s value.\n\nWhen generating the MSR_IA32_PEBS_ENABLE value that will be loaded on\nVM-Entry to a KVM guest, mask the value with the vCPU\u0027s desired PEBS_ENABLE\nvalue. Consulting only the host kernel\u0027s host vs. guest masks results in\nrunning the guest with PEBS enabled even when the guest doesn\u0027t want to use\nPEBS. Because KVM uses perf events to proxy the guest virtual PMU, simply\nlooking at exclude_host can\u0027t differentiate between events created by host\nuserspace, and events created by KVM on behalf of the guest.\n\nRunning the guest with PEBS unexpectedly enabled typically manifests as\ncrashes due to a near-infinite stream of #PFs. E.g. if the guest hasn\u0027t\nwritten MSR_IA32_DS_AREA, the CPU will hit page faults on address \u00270\u0027 when\ntrying to record PEBS events.\n\nThe issue is most easily reproduced by running `perf kvm top` from before\ncommit 7b100989b4f6 (\"perf evlist: Remove __evlist__add_default\") (after\nwhich, `perf kvm top` effectively stopped using PEBS).\tThe userspace side\nof perf creates a guest-only PEBS event, which intel_guest_get_msrs()\nmisconstrues a guest-*owned* PEBS event.\n\nArguably, this is a userspace bug, as enabling PEBS on guest-only events\nsimply cannot work, and userspace can kill VMs in many other ways (there\nis no danger to the host). However, even if this is considered to be bad\nuserspace behavior, there\u0027s zero downside to perf/KVM restricting PEBS to\nguest-owned events.\n\nNote, commit 854250329c02 (\"KVM: x86/pmu: Disable guest PEBS temporarily\nin two rare situations\") fixed the case where host userspace is profiling\nKVM *and* userspace, but missed the case where userspace is profiling only\nKVM.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37936",
"url": "https://www.suse.com/security/cve/CVE-2025-37936"
},
{
"category": "external",
"summary": "SUSE Bug 1243537 for CVE-2025-37936",
"url": "https://bugzilla.suse.com/1243537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37936"
},
{
"cve": "CVE-2025-37937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds()\n\nIf dib8000_set_dds()\u0027s call to dib8000_read32() returns zero, the result\nis a divide-by-zero. Prevent that from happening.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/media/dvb-frontends/dib8000.o: warning: objtool: dib8000_tune() falls through to next function dib8096p_cfg_DibRx()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37937",
"url": "https://www.suse.com/security/cve/CVE-2025-37937"
},
{
"category": "external",
"summary": "SUSE Bug 1243540 for CVE-2025-37937",
"url": "https://bugzilla.suse.com/1243540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37937"
},
{
"cve": "CVE-2025-37938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Verify event formats that have \"%*p..\"\n\nThe trace event verifier checks the formats of trace events to make sure\nthat they do not point at memory that is not in the trace event itself or\nin data that will never be freed. If an event references data that was\nallocated when the event triggered and that same data is freed before the\nevent is read, then the kernel can crash by reading freed memory.\n\nThe verifier runs at boot up (or module load) and scans the print formats\nof the events and checks their arguments to make sure that dereferenced\npointers are safe. If the format uses \"%*p..\" the verifier will ignore it,\nand that could be dangerous. Cover this case as well.\n\nAlso add to the sample code a use case of \"%*pbl\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37938",
"url": "https://www.suse.com/security/cve/CVE-2025-37938"
},
{
"category": "external",
"summary": "SUSE Bug 1243544 for CVE-2025-37938",
"url": "https://bugzilla.suse.com/1243544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37938"
},
{
"cve": "CVE-2025-37943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi\n\nIn certain cases, hardware might provide packets with a\nlength greater than the maximum native Wi-Fi header length.\nThis can lead to accessing and modifying fields in the header\nwithin the ath12k_dp_rx_h_undecap_nwifi function for\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type and\npotentially resulting in invalid data access and memory corruption.\n\nAdd a sanity check before processing the SKB to prevent invalid\ndata access in the undecap native Wi-Fi function for the\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37943",
"url": "https://www.suse.com/security/cve/CVE-2025-37943"
},
{
"category": "external",
"summary": "SUSE Bug 1243509 for CVE-2025-37943",
"url": "https://bugzilla.suse.com/1243509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37943"
},
{
"cve": "CVE-2025-37944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process\n\nCurrently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry\nto fetch the next entry from the destination ring. This is incorrect because\nath12k_hal_srng_src_get_next_entry is intended for source rings, not destination\nrings. This leads to invalid entry fetches, causing potential data corruption or\ncrashes due to accessing incorrect memory locations. This happens because the\nsource ring and destination ring have different handling mechanisms and using\nthe wrong function results in incorrect pointer arithmetic and ring management.\n\nTo fix this issue, replace the call to ath12k_hal_srng_src_get_next_entry with\nath12k_hal_srng_dst_get_next_entry in ath12k_dp_mon_srng_process. This ensures\nthat the correct function is used for fetching entries from the destination\nring, preventing invalid memory accesses.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37944",
"url": "https://www.suse.com/security/cve/CVE-2025-37944"
},
{
"category": "external",
"summary": "SUSE Bug 1243530 for CVE-2025-37944",
"url": "https://bugzilla.suse.com/1243530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37944"
},
{
"cve": "CVE-2025-37945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY\n\nDSA has 2 kinds of drivers:\n\n1. Those who call dsa_switch_suspend() and dsa_switch_resume() from\n their device PM ops: qca8k-8xxx, bcm_sf2, microchip ksz\n2. Those who don\u0027t: all others. The above methods should be optional.\n\nFor type 1, dsa_switch_suspend() calls dsa_user_suspend() -\u003e phylink_stop(),\nand dsa_switch_resume() calls dsa_user_resume() -\u003e phylink_start().\nThese seem good candidates for setting mac_managed_pm = true because\nthat is essentially its definition [1], but that does not seem to be the\nbiggest problem for now, and is not what this change focuses on.\n\nTalking strictly about the 2nd category of DSA drivers here (which\ndo not have MAC managed PM, meaning that for their attached PHYs,\nmdio_bus_phy_suspend() and mdio_bus_phy_resume() should run in full),\nI have noticed that the following warning from mdio_bus_phy_resume() is\ntriggered:\n\n\tWARN_ON(phydev-\u003estate != PHY_HALTED \u0026\u0026 phydev-\u003estate != PHY_READY \u0026\u0026\n\t\tphydev-\u003estate != PHY_UP);\n\nbecause the PHY state machine is running.\n\nIt\u0027s running as a result of a previous dsa_user_open() -\u003e ... -\u003e\nphylink_start() -\u003e phy_start() having been initiated by the user.\n\nThe previous mdio_bus_phy_suspend() was supposed to have called\nphy_stop_machine(), but it didn\u0027t. So this is why the PHY is in state\nPHY_NOLINK by the time mdio_bus_phy_resume() runs.\n\nmdio_bus_phy_suspend() did not call phy_stop_machine() because for\nphylink, the phydev-\u003eadjust_link function pointer is NULL. This seems a\ntechnicality introduced by commit fddd91016d16 (\"phylib: fix PAL state\nmachine restart on resume\"). That commit was written before phylink\nexisted, and was intended to avoid crashing with consumer drivers which\ndon\u0027t use the PHY state machine - phylink always does, when using a PHY.\nBut phylink itself has historically not been developed with\nsuspend/resume in mind, and apparently not tested too much in that\nscenario, allowing this bug to exist unnoticed for so long. Plus, prior\nto the WARN_ON(), it would have likely been invisible.\n\nThis issue is not in fact restricted to type 2 DSA drivers (according to\nthe above ad-hoc classification), but can be extrapolated to any MAC\ndriver with phylink and MDIO-bus-managed PHY PM ops. DSA is just where\nthe issue was reported. Assuming mac_managed_pm is set correctly, a\nquick search indicates the following other drivers might be affected:\n\n$ grep -Zlr PHYLINK_NETDEV drivers/ | xargs -0 grep -L mac_managed_pm\ndrivers/net/ethernet/atheros/ag71xx.c\ndrivers/net/ethernet/microchip/sparx5/sparx5_main.c\ndrivers/net/ethernet/microchip/lan966x/lan966x_main.c\ndrivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c\ndrivers/net/ethernet/freescale/fs_enet/fs_enet-main.c\ndrivers/net/ethernet/freescale/dpaa/dpaa_eth.c\ndrivers/net/ethernet/freescale/ucc_geth.c\ndrivers/net/ethernet/freescale/enetc/enetc_pf_common.c\ndrivers/net/ethernet/marvell/mvpp2/mvpp2_main.c\ndrivers/net/ethernet/marvell/mvneta.c\ndrivers/net/ethernet/marvell/prestera/prestera_main.c\ndrivers/net/ethernet/mediatek/mtk_eth_soc.c\ndrivers/net/ethernet/altera/altera_tse_main.c\ndrivers/net/ethernet/wangxun/txgbe/txgbe_phy.c\ndrivers/net/ethernet/meta/fbnic/fbnic_phylink.c\ndrivers/net/ethernet/tehuti/tn40_phy.c\ndrivers/net/ethernet/mscc/ocelot_net.c\n\nMake the existing conditions dependent on the PHY device having a\nphydev-\u003ephy_link_change() implementation equal to the default\nphy_link_change() provided by phylib. Otherwise, we implicitly know that\nthe phydev has the phylink-provided phylink_phy_change() callback, and\nwhen phylink is used, the PHY state machine always needs to be stopped/\nstarted on the suspend/resume path. The code is structured as such that\nif phydev-\u003ephy_link_change() is absent, it is a matter of time until the\nkernel will crash - no need to further complicate the test.\n\nThus, for the situation where the PM is not managed b\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37945",
"url": "https://www.suse.com/security/cve/CVE-2025-37945"
},
{
"category": "external",
"summary": "SUSE Bug 1243538 for CVE-2025-37945",
"url": "https://bugzilla.suse.com/1243538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37945"
},
{
"cve": "CVE-2025-37946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37946"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs\n\nWith commit bcb5d6c76903 (\"s390/pci: introduce lock to synchronize state\nof zpci_dev\u0027s\") the code to ignore power off of a PF that has child VFs\nwas changed from a direct return to a goto to the unlock and\npci_dev_put() section. The change however left the existing pci_dev_put()\nuntouched resulting in a doubple put. This can subsequently cause a use\nafter free if the struct pci_dev is released in an unexpected state.\nFix this by removing the extra pci_dev_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37946",
"url": "https://www.suse.com/security/cve/CVE-2025-37946"
},
{
"category": "external",
"summary": "SUSE Bug 1243506 for CVE-2025-37946",
"url": "https://bugzilla.suse.com/1243506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37946"
},
{
"cve": "CVE-2025-37948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Add BHB mitigation to the epilogue for cBPF programs\n\nA malicious BPF program may manipulate the branch history to influence\nwhat the hardware speculates will happen next.\n\nOn exit from a BPF program, emit the BHB mititgation sequence.\n\nThis is only applied for \u0027classic\u0027 cBPF programs that are loaded by\nseccomp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37948",
"url": "https://www.suse.com/security/cve/CVE-2025-37948"
},
{
"category": "external",
"summary": "SUSE Bug 1243649 for CVE-2025-37948",
"url": "https://bugzilla.suse.com/1243649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37948"
},
{
"cve": "CVE-2025-37951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Add job to pending list if the reset was skipped\n\nWhen a CL/CSD job times out, we check if the GPU has made any progress\nsince the last timeout. If so, instead of resetting the hardware, we skip\nthe reset and let the timer get rearmed. This gives long-running jobs a\nchance to complete.\n\nHowever, when `timedout_job()` is called, the job in question is removed\nfrom the pending list, which means it won\u0027t be automatically freed through\n`free_job()`. Consequently, when we skip the reset and keep the job\nrunning, the job won\u0027t be freed when it finally completes.\n\nThis situation leads to a memory leak, as exposed in [1] and [2].\n\nSimilarly to commit 704d3d60fec4 (\"drm/etnaviv: don\u0027t block scheduler when\nGPU is still active\"), this patch ensures the job is put back on the\npending list when extending the timeout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37951",
"url": "https://www.suse.com/security/cve/CVE-2025-37951"
},
{
"category": "external",
"summary": "SUSE Bug 1243659 for CVE-2025-37951",
"url": "https://bugzilla.suse.com/1243659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37951"
},
{
"cve": "CVE-2025-37953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_deactivate() idempotent\n\nAlan reported a NULL pointer dereference in htb_next_rb_node()\nafter we made htb_qlen_notify() idempotent.\n\nIt turns out in the following case it introduced some regression:\n\nhtb_dequeue_tree():\n |-\u003e fq_codel_dequeue()\n |-\u003e qdisc_tree_reduce_backlog()\n |-\u003e htb_qlen_notify()\n |-\u003e htb_deactivate()\n |-\u003e htb_next_rb_node()\n |-\u003e htb_deactivate()\n\nFor htb_next_rb_node(), after calling the 1st htb_deactivate(), the\nclprio[prio]-\u003eptr could be already set to NULL, which means\nhtb_next_rb_node() is vulnerable here.\n\nFor htb_deactivate(), although we checked qlen before calling it, in\ncase of qlen==0 after qdisc_tree_reduce_backlog(), we may call it again\nwhich triggers the warning inside.\n\nTo fix the issues here, we need to:\n\n1) Make htb_deactivate() idempotent, that is, simply return if we\n already call it before.\n2) Make htb_next_rb_node() safe against ptr==NULL.\n\nMany thanks to Alan for testing and for the reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37953",
"url": "https://www.suse.com/security/cve/CVE-2025-37953"
},
{
"category": "external",
"summary": "SUSE Bug 1243543 for CVE-2025-37953",
"url": "https://bugzilla.suse.com/1243543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37953"
},
{
"cve": "CVE-2025-37954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Avoid race in open_cached_dir with lease breaks\n\nA pre-existing valid cfid returned from find_or_create_cached_dir might\nrace with a lease break, meaning open_cached_dir doesn\u0027t consider it\nvalid, and thinks it\u0027s newly-constructed. This leaks a dentry reference\nif the allocation occurs before the queued lease break work runs.\n\nAvoid the race by extending holding the cfid_list_lock across\nfind_or_create_cached_dir and when the result is checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37954",
"url": "https://www.suse.com/security/cve/CVE-2025-37954"
},
{
"category": "external",
"summary": "SUSE Bug 1243664 for CVE-2025-37954",
"url": "https://bugzilla.suse.com/1243664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37954"
},
{
"cve": "CVE-2025-37959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Scrub packet on bpf_redirect_peer\n\nWhen bpf_redirect_peer is used to redirect packets to a device in\nanother network namespace, the skb isn\u0027t scrubbed. That can lead skb\ninformation from one namespace to be \"misused\" in another namespace.\n\nAs one example, this is causing Cilium to drop traffic when using\nbpf_redirect_peer to redirect packets that just went through IPsec\ndecryption to a container namespace. The following pwru trace shows (1)\nthe packet path from the host\u0027s XFRM layer to the container\u0027s XFRM\nlayer where it\u0027s dropped and (2) the number of active skb extensions at\neach function.\n\n NETNS MARK IFACE TUPLE FUNC\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm4_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 gro_cells_receive\n .active_extensions = (__u8)2,\n [...]\n 4026533547 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 skb_do_redirect\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv_core\n .active_extensions = (__u8)2,\n [...]\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 udp_queue_rcv_one_skb\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_policy_check\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 security_xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 kfree_skb_reason(SKB_DROP_REASON_XFRM_POLICY)\n .active_extensions = (__u8)2,\n\nIn this case, there are no XFRM policies in the container\u0027s network\nnamespace so the drop is unexpected. When we decrypt the IPsec packet,\nthe XFRM state used for decryption is set in the skb extensions. This\ninformation is preserved across the netns switch. When we reach the\nXFRM policy check in the container\u0027s netns, __xfrm_policy_check drops\nthe packet with LINUX_MIB_XFRMINNOPOLS because a (container-side) XFRM\npolicy can\u0027t be found that matches the (host-side) XFRM state used for\ndecryption.\n\nThis patch fixes this by scrubbing the packet when using\nbpf_redirect_peer, as is done on typical netns switches via veth\ndevices except skb-\u003emark and skb-\u003etstamp are not zeroed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37959",
"url": "https://www.suse.com/security/cve/CVE-2025-37959"
},
{
"category": "external",
"summary": "SUSE Bug 1243517 for CVE-2025-37959",
"url": "https://bugzilla.suse.com/1243517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37959"
},
{
"cve": "CVE-2025-37961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix uninit-value for saddr in do_output_route4\n\nsyzbot reports for uninit-value for the saddr argument [1].\ncommit 4754957f04f5 (\"ipvs: do not use random local source address for\ntunnels\") already implies that the input value of saddr\nshould be ignored but the code is still reading it which can prevent\nto connect the route. Fix it by changing the argument to ret_saddr.\n\n[1]\nBUG: KMSAN: uninit-value in do_output_route4+0x42c/0x4d0 net/netfilter/ipvs/ip_vs_xmit.c:147\n do_output_route4+0x42c/0x4d0 net/netfilter/ipvs/ip_vs_xmit.c:147\n __ip_vs_get_out_rt+0x403/0x21d0 net/netfilter/ipvs/ip_vs_xmit.c:330\n ip_vs_tunnel_xmit+0x205/0x2380 net/netfilter/ipvs/ip_vs_xmit.c:1136\n ip_vs_in_hook+0x1aa5/0x35b0 net/netfilter/ipvs/ip_vs_core.c:2063\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf7/0x400 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n __ip_local_out+0x758/0x7e0 net/ipv4/ip_output.c:118\n ip_local_out net/ipv4/ip_output.c:127 [inline]\n ip_send_skb+0x6a/0x3c0 net/ipv4/ip_output.c:1501\n udp_send_skb+0xfda/0x1b70 net/ipv4/udp.c:1195\n udp_sendmsg+0x2fe3/0x33c0 net/ipv4/udp.c:1483\n inet_sendmsg+0x1fc/0x280 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x267/0x380 net/socket.c:727\n ____sys_sendmsg+0x91b/0xda0 net/socket.c:2566\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2620\n __sys_sendmmsg+0x41d/0x880 net/socket.c:2702\n __compat_sys_sendmmsg net/compat.c:360 [inline]\n __do_compat_sys_sendmmsg net/compat.c:367 [inline]\n __se_compat_sys_sendmmsg net/compat.c:364 [inline]\n __ia32_compat_sys_sendmmsg+0xc8/0x140 net/compat.c:364\n ia32_sys_call+0x3ffa/0x41f0 arch/x86/include/generated/asm/syscalls_32.h:346\n do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline]\n __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/syscall_32.c:306\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:331\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:369\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4167 [inline]\n slab_alloc_node mm/slub.c:4210 [inline]\n __kmalloc_cache_noprof+0x8fa/0xe00 mm/slub.c:4367\n kmalloc_noprof include/linux/slab.h:905 [inline]\n ip_vs_dest_dst_alloc net/netfilter/ipvs/ip_vs_xmit.c:61 [inline]\n __ip_vs_get_out_rt+0x35d/0x21d0 net/netfilter/ipvs/ip_vs_xmit.c:323\n ip_vs_tunnel_xmit+0x205/0x2380 net/netfilter/ipvs/ip_vs_xmit.c:1136\n ip_vs_in_hook+0x1aa5/0x35b0 net/netfilter/ipvs/ip_vs_core.c:2063\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf7/0x400 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n __ip_local_out+0x758/0x7e0 net/ipv4/ip_output.c:118\n ip_local_out net/ipv4/ip_output.c:127 [inline]\n ip_send_skb+0x6a/0x3c0 net/ipv4/ip_output.c:1501\n udp_send_skb+0xfda/0x1b70 net/ipv4/udp.c:1195\n udp_sendmsg+0x2fe3/0x33c0 net/ipv4/udp.c:1483\n inet_sendmsg+0x1fc/0x280 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x267/0x380 net/socket.c:727\n ____sys_sendmsg+0x91b/0xda0 net/socket.c:2566\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2620\n __sys_sendmmsg+0x41d/0x880 net/socket.c:2702\n __compat_sys_sendmmsg net/compat.c:360 [inline]\n __do_compat_sys_sendmmsg net/compat.c:367 [inline]\n __se_compat_sys_sendmmsg net/compat.c:364 [inline]\n __ia32_compat_sys_sendmmsg+0xc8/0x140 net/compat.c:364\n ia32_sys_call+0x3ffa/0x41f0 arch/x86/include/generated/asm/syscalls_32.h:346\n do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline]\n __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/syscall_32.c:306\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:331\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:369\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n\nCPU: 0 UID: 0 PID: 22408 Comm: syz.4.5165 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(undef)\nHardware name: Google Google Compute Engi\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37961",
"url": "https://www.suse.com/security/cve/CVE-2025-37961"
},
{
"category": "external",
"summary": "SUSE Bug 1243523 for CVE-2025-37961",
"url": "https://bugzilla.suse.com/1243523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37961"
},
{
"cve": "CVE-2025-37963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Only mitigate cBPF programs loaded by unprivileged users\n\nSupport for eBPF programs loaded by unprivileged users is typically\ndisabled. This means only cBPF programs need to be mitigated for BHB.\n\nIn addition, only mitigate cBPF programs that were loaded by an\nunprivileged user. Privileged users can also load the same program\nvia eBPF, making the mitigation pointless.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37963",
"url": "https://www.suse.com/security/cve/CVE-2025-37963"
},
{
"category": "external",
"summary": "SUSE Bug 1243660 for CVE-2025-37963",
"url": "https://bugzilla.suse.com/1243660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "low"
}
],
"title": "CVE-2025-37963"
},
{
"cve": "CVE-2025-37965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix invalid context error in dml helper\n\n[Why]\n\"BUG: sleeping function called from invalid context\" error.\nafter:\n\"drm/amd/display: Protect FPU in dml2_validate()/dml21_validate()\"\n\nThe populate_dml_plane_cfg_from_plane_state() uses the GFP_KERNEL flag\nfor memory allocation, which shouldn\u0027t be used in atomic contexts.\n\nThe allocation is needed only for using another helper function\nget_scaler_data_for_plane().\n\n[How]\nModify helpers to pass a pointer to scaler_data within existing context,\neliminating the need for dynamic memory allocation/deallocation\nand copying.\n\n(cherry picked from commit bd3e84bc98f81b44f2c43936bdadc3241d654259)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37965",
"url": "https://www.suse.com/security/cve/CVE-2025-37965"
},
{
"category": "external",
"summary": "SUSE Bug 1244174 for CVE-2025-37965",
"url": "https://bugzilla.suse.com/1244174"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37965"
},
{
"cve": "CVE-2025-37967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37967"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: displayport: Fix deadlock\n\nThis patch introduces the ucsi_con_mutex_lock / ucsi_con_mutex_unlock\nfunctions to the UCSI driver. ucsi_con_mutex_lock ensures the connector\nmutex is only locked if a connection is established and the partner pointer\nis valid. This resolves a deadlock scenario where\nucsi_displayport_remove_partner holds con-\u003emutex waiting for\ndp_altmode_work to complete while dp_altmode_work attempts to acquire it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37967",
"url": "https://www.suse.com/security/cve/CVE-2025-37967"
},
{
"category": "external",
"summary": "SUSE Bug 1243572 for CVE-2025-37967",
"url": "https://bugzilla.suse.com/1243572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37967"
},
{
"cve": "CVE-2025-37968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: opt3001: fix deadlock due to concurrent flag access\n\nThe threaded IRQ function in this driver is reading the flag twice: once to\nlock a mutex and once to unlock it. Even though the code setting the flag\nis designed to prevent it, there are subtle cases where the flag could be\ntrue at the mutex_lock stage and false at the mutex_unlock stage. This\nresults in the mutex not being unlocked, resulting in a deadlock.\n\nFix it by making the opt3001_irq() code generally more robust, reading the\nflag into a variable and using the variable value at both stages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37968",
"url": "https://www.suse.com/security/cve/CVE-2025-37968"
},
{
"category": "external",
"summary": "SUSE Bug 1243571 for CVE-2025-37968",
"url": "https://bugzilla.suse.com/1243571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37968"
},
{
"cve": "CVE-2025-37969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo\n\nPrevent st_lsm6dsx_read_tagged_fifo from falling in an infinite loop in\ncase pattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37969",
"url": "https://www.suse.com/security/cve/CVE-2025-37969"
},
{
"category": "external",
"summary": "SUSE Bug 1243574 for CVE-2025-37969",
"url": "https://bugzilla.suse.com/1243574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37969"
},
{
"cve": "CVE-2025-37970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo\n\nPrevent st_lsm6dsx_read_fifo from falling in an infinite loop in case\npattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37970",
"url": "https://www.suse.com/security/cve/CVE-2025-37970"
},
{
"category": "external",
"summary": "SUSE Bug 1243575 for CVE-2025-37970",
"url": "https://bugzilla.suse.com/1243575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37970"
},
{
"cve": "CVE-2025-37972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: mtk-pmic-keys - fix possible null pointer dereference\n\nIn mtk_pmic_keys_probe, the regs parameter is only set if the button is\nparsed in the device tree. However, on hardware where the button is left\nfloating, that node will most likely be removed not to enable that\ninput. In that case the code will try to dereference a null pointer.\n\nLet\u0027s use the regs struct instead as it is defined for all supported\nplatforms. Note that it is ok setting the key reg even if that latter is\ndisabled as the interrupt won\u0027t be enabled anyway.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37972",
"url": "https://www.suse.com/security/cve/CVE-2025-37972"
},
{
"category": "external",
"summary": "SUSE Bug 1243573 for CVE-2025-37972",
"url": "https://bugzilla.suse.com/1243573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37972"
},
{
"cve": "CVE-2025-37973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation\n\nCurrently during the multi-link element defragmentation process, the\nmulti-link element length added to the total IEs length when calculating\nthe length of remaining IEs after the multi-link element in\ncfg80211_defrag_mle(). This could lead to out-of-bounds access if the\nmulti-link element or its corresponding fragment elements are the last\nelements in the IEs buffer.\n\nTo address this issue, correctly calculate the remaining IEs length by\ndeducting the multi-link element end offset from total IEs end offset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37973",
"url": "https://www.suse.com/security/cve/CVE-2025-37973"
},
{
"category": "external",
"summary": "SUSE Bug 1244172 for CVE-2025-37973",
"url": "https://bugzilla.suse.com/1244172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37973"
},
{
"cve": "CVE-2025-37978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: integrity: Do not call set_page_dirty_lock()\n\nPlacing multiple protection information buffers inside the same page\ncan lead to oopses because set_page_dirty_lock() can\u0027t be called from\ninterrupt context.\n\nSince a protection information buffer is not backed by a file there is\nno point in setting its page dirty, there is nothing to synchronize.\nDrop the call to set_page_dirty_lock() and remove the last argument to\nbio_integrity_unpin_bvec().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37978",
"url": "https://www.suse.com/security/cve/CVE-2025-37978"
},
{
"category": "external",
"summary": "SUSE Bug 1243516 for CVE-2025-37978",
"url": "https://bugzilla.suse.com/1243516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37978"
},
{
"cve": "CVE-2025-37979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: Fix sc7280 lpass potential buffer overflow\n\nCase values introduced in commit\n5f78e1fb7a3e (\"ASoC: qcom: Add driver support for audioreach solution\")\ncause out of bounds access in arrays of sc7280 driver data (e.g. in case\nof RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()).\n\nRedefine LPASS_MAX_PORTS to consider the maximum possible port id for\nq6dsp as sc7280 driver utilizes some of those values.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37979",
"url": "https://www.suse.com/security/cve/CVE-2025-37979"
},
{
"category": "external",
"summary": "SUSE Bug 1243545 for CVE-2025-37979",
"url": "https://bugzilla.suse.com/1243545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37979"
},
{
"cve": "CVE-2025-37980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix resource leak in blk_register_queue() error path\n\nWhen registering a queue fails after blk_mq_sysfs_register() is\nsuccessful but the function later encounters an error, we need\nto clean up the blk_mq_sysfs resources.\n\nAdd the missing blk_mq_sysfs_unregister() call in the error path\nto properly clean up these resources and prevent a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37980",
"url": "https://www.suse.com/security/cve/CVE-2025-37980"
},
{
"category": "external",
"summary": "SUSE Bug 1243522 for CVE-2025-37980",
"url": "https://bugzilla.suse.com/1243522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37980"
},
{
"cve": "CVE-2025-37981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: smartpqi: Use is_kdump_kernel() to check for kdump\n\nThe smartpqi driver checks the reset_devices variable to determine\nwhether special adjustments need to be made for kdump. This has the\neffect that after a regular kexec reboot, some driver parameters such as\nmax_transfer_size are much lower than usual. More importantly, kexec\nreboot tests have revealed memory corruption caused by the driver log\nbeing written to system memory after a kexec.\n\nFix this by testing is_kdump_kernel() rather than reset_devices where\nappropriate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37981",
"url": "https://www.suse.com/security/cve/CVE-2025-37981"
},
{
"category": "external",
"summary": "SUSE Bug 1243514 for CVE-2025-37981",
"url": "https://bugzilla.suse.com/1243514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37981"
},
{
"cve": "CVE-2025-37982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wl1251: fix memory leak in wl1251_tx_work\n\nThe skb dequeued from tx_queue is lost when wl1251_ps_elp_wakeup fails\nwith a -ETIMEDOUT error. Fix that by queueing the skb back to tx_queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37982",
"url": "https://www.suse.com/security/cve/CVE-2025-37982"
},
{
"category": "external",
"summary": "SUSE Bug 1243524 for CVE-2025-37982",
"url": "https://bugzilla.suse.com/1243524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37982"
},
{
"cve": "CVE-2025-37983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqibfs: fix _another_ leak\n\nfailure to allocate inode =\u003e leaked dentry...\n\nthis one had been there since the initial merge; to be fair,\nif we are that far OOM, the odds of failing at that particular\nallocation are low...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37983",
"url": "https://www.suse.com/security/cve/CVE-2025-37983"
},
{
"category": "external",
"summary": "SUSE Bug 1243567 for CVE-2025-37983",
"url": "https://bugzilla.suse.com/1243567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37983"
},
{
"cve": "CVE-2025-37985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: wdm: close race between wdm_open and wdm_wwan_port_stop\n\nClearing WDM_WWAN_IN_USE must be the last action or\nwe can open a chardev whose URBs are still poisoned",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37985",
"url": "https://www.suse.com/security/cve/CVE-2025-37985"
},
{
"category": "external",
"summary": "SUSE Bug 1243529 for CVE-2025-37985",
"url": "https://bugzilla.suse.com/1243529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37985"
},
{
"cve": "CVE-2025-37986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Invalidate USB device pointers on partner unregistration\n\nTo avoid using invalid USB device pointers after a Type-C partner\ndisconnects, this patch clears the pointers upon partner unregistration.\nThis ensures a clean state for future connections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37986",
"url": "https://www.suse.com/security/cve/CVE-2025-37986"
},
{
"category": "external",
"summary": "SUSE Bug 1243515 for CVE-2025-37986",
"url": "https://bugzilla.suse.com/1243515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37986"
},
{
"cve": "CVE-2025-37987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37987"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: Prevent possible adminq overflow/stuck condition\n\nThe pds_core\u0027s adminq is protected by the adminq_lock, which prevents\nmore than 1 command to be posted onto it at any one time. This makes it\nso the client drivers cannot simultaneously post adminq commands.\nHowever, the completions happen in a different context, which means\nmultiple adminq commands can be posted sequentially and all waiting\non completion.\n\nOn the FW side, the backing adminq request queue is only 16 entries\nlong and the retry mechanism and/or overflow/stuck prevention is\nlacking. This can cause the adminq to get stuck, so commands are no\nlonger processed and completions are no longer sent by the FW.\n\nAs an initial fix, prevent more than 16 outstanding adminq commands so\nthere\u0027s no way to cause the adminq from getting stuck. This works\nbecause the backing adminq request queue will never have more than 16\npending adminq commands, so it will never overflow. This is done by\nreducing the adminq depth to 16.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37987",
"url": "https://www.suse.com/security/cve/CVE-2025-37987"
},
{
"category": "external",
"summary": "SUSE Bug 1243542 for CVE-2025-37987",
"url": "https://bugzilla.suse.com/1243542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37987"
},
{
"cve": "CVE-2025-37989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: leds: fix memory leak\n\nA network restart test on a router led to an out-of-memory condition,\nwhich was traced to a memory leak in the PHY LED trigger code.\n\nThe root cause is misuse of the devm API. The registration function\n(phy_led_triggers_register) is called from phy_attach_direct, not\nphy_probe, and the unregister function (phy_led_triggers_unregister)\nis called from phy_detach, not phy_remove. This means the register and\nunregister functions can be called multiple times for the same PHY\ndevice, but devm-allocated memory is not freed until the driver is\nunbound.\n\nThis also prevents kmemleak from detecting the leak, as the devm API\ninternally stores the allocated pointer.\n\nFix this by replacing devm_kzalloc/devm_kcalloc with standard\nkzalloc/kcalloc, and add the corresponding kfree calls in the unregister\npath.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37989",
"url": "https://www.suse.com/security/cve/CVE-2025-37989"
},
{
"category": "external",
"summary": "SUSE Bug 1243511 for CVE-2025-37989",
"url": "https://bugzilla.suse.com/1243511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37989"
},
{
"cve": "CVE-2025-37990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()\n\nThe function brcmf_usb_dl_writeimage() calls the function\nbrcmf_usb_dl_cmd() but dose not check its return value. The\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized if the\nfunction brcmf_usb_dl_cmd() fails. It is dangerous to use\nuninitialized variables in the conditions.\n\nAdd error handling for brcmf_usb_dl_cmd() to jump to error\nhandling path if the brcmf_usb_dl_cmd() fails and the\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized.\n\nImprove the error message to report more detailed error\ninformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37990",
"url": "https://www.suse.com/security/cve/CVE-2025-37990"
},
{
"category": "external",
"summary": "SUSE Bug 1243528 for CVE-2025-37990",
"url": "https://bugzilla.suse.com/1243528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37990"
},
{
"cve": "CVE-2025-37992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: Flush gso_skb list too during -\u003echange()\n\nPreviously, when reducing a qdisc\u0027s limit via the -\u003echange() operation, only\nthe main skb queue was trimmed, potentially leaving packets in the gso_skb\nlist. This could result in NULL pointer dereference when we only check\nsch-\u003elimit against sch-\u003eq.qlen.\n\nThis patch introduces a new helper, qdisc_dequeue_internal(), which ensures\nboth the gso_skb list and the main queue are properly flushed when trimming\nexcess packets. All relevant qdiscs (codel, fq, fq_codel, fq_pie, hhf, pie)\nare updated to use this helper in their -\u003echange() routines.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37992",
"url": "https://www.suse.com/security/cve/CVE-2025-37992"
},
{
"category": "external",
"summary": "SUSE Bug 1243698 for CVE-2025-37992",
"url": "https://bugzilla.suse.com/1243698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37992"
},
{
"cve": "CVE-2025-37994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: displayport: Fix NULL pointer access\n\nThis patch ensures that the UCSI driver waits for all pending tasks in the\nucsi_displayport_work workqueue to finish executing before proceeding with\nthe partner removal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37994",
"url": "https://www.suse.com/security/cve/CVE-2025-37994"
},
{
"category": "external",
"summary": "SUSE Bug 1243823 for CVE-2025-37994",
"url": "https://bugzilla.suse.com/1243823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37994"
},
{
"cve": "CVE-2025-37995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmodule: ensure that kobject_put() is safe for module type kobjects\n\nIn \u0027lookup_or_create_module_kobject()\u0027, an internal kobject is created\nusing \u0027module_ktype\u0027. So call to \u0027kobject_put()\u0027 on error handling\npath causes an attempt to use an uninitialized completion pointer in\n\u0027module_kobject_release()\u0027. In this scenario, we just want to release\nkobject without an extra synchronization required for a regular module\nunloading process, so adding an extra check whether \u0027complete()\u0027 is\nactually required makes \u0027kobject_put()\u0027 safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37995",
"url": "https://www.suse.com/security/cve/CVE-2025-37995"
},
{
"category": "external",
"summary": "SUSE Bug 1243827 for CVE-2025-37995",
"url": "https://bugzilla.suse.com/1243827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-37995"
},
{
"cve": "CVE-2025-37997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: fix region locking in hash types\n\nRegion locking introduced in v5.6-rc4 contained three macros to handle\nthe region locks: ahash_bucket_start(), ahash_bucket_end() which gave\nback the start and end hash bucket values belonging to a given region\nlock and ahash_region() which should give back the region lock belonging\nto a given hash bucket. The latter was incorrect which can lead to a\nrace condition between the garbage collector and adding new elements\nwhen a hash type of set is defined with timeouts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37997",
"url": "https://www.suse.com/security/cve/CVE-2025-37997"
},
{
"category": "external",
"summary": "SUSE Bug 1243832 for CVE-2025-37997",
"url": "https://bugzilla.suse.com/1243832"
},
{
"category": "external",
"summary": "SUSE Bug 1245774 for CVE-2025-37997",
"url": "https://bugzilla.suse.com/1245774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "important"
}
],
"title": "CVE-2025-37997"
},
{
"cve": "CVE-2025-37998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: Fix unsafe attribute parsing in output_userspace()\n\nThis patch replaces the manual Netlink attribute iteration in\noutput_userspace() with nla_for_each_nested(), which ensures that only\nwell-formed attributes are processed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37998",
"url": "https://www.suse.com/security/cve/CVE-2025-37998"
},
{
"category": "external",
"summary": "SUSE Bug 1243836 for CVE-2025-37998",
"url": "https://bugzilla.suse.com/1243836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "low"
}
],
"title": "CVE-2025-37998"
},
{
"cve": "CVE-2025-38000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38000"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()\n\nWhen enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the\nchild qdisc\u0027s peek() operation before incrementing sch-\u003eq.qlen and\nsch-\u003eqstats.backlog. If the child qdisc uses qdisc_peek_dequeued(), this may\ntrigger an immediate dequeue and potential packet drop. In such cases,\nqdisc_tree_reduce_backlog() is called, but the HFSC qdisc\u0027s qlen and backlog\nhave not yet been updated, leading to inconsistent queue accounting. This\ncan leave an empty HFSC class in the active list, causing further\nconsequences like use-after-free.\n\nThis patch fixes the bug by moving the increment of sch-\u003eq.qlen and\nsch-\u003eqstats.backlog before the call to the child qdisc\u0027s peek() operation.\nThis ensures that queue length and backlog are always accurate when packet\ndrops or dequeues are triggered during the peek.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38000",
"url": "https://www.suse.com/security/cve/CVE-2025-38000"
},
{
"category": "external",
"summary": "SUSE Bug 1244277 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "external",
"summary": "SUSE Bug 1245775 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1245775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "important"
}
],
"title": "CVE-2025-38000"
},
{
"cve": "CVE-2025-38001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Address reentrant enqueue adding class to eltree twice\n\nSavino says:\n \"We are writing to report that this recent patch\n (141d34391abbb315d68556b7c67ad97885407547) [1]\n can be bypassed, and a UAF can still occur when HFSC is utilized with\n NETEM.\n\n The patch only checks the cl-\u003ecl_nactive field to determine whether\n it is the first insertion or not [2], but this field is only\n incremented by init_vf [3].\n\n By using HFSC_RSC (which uses init_ed) [4], it is possible to bypass the\n check and insert the class twice in the eltree.\n Under normal conditions, this would lead to an infinite loop in\n hfsc_dequeue for the reasons we already explained in this report [5].\n\n However, if TBF is added as root qdisc and it is configured with a\n very low rate,\n it can be utilized to prevent packets from being dequeued.\n This behavior can be exploited to perform subsequent insertions in the\n HFSC eltree and cause a UAF.\"\n\nTo fix both the UAF and the infinite loop, with netem as an hfsc child,\ncheck explicitly in hfsc_enqueue whether the class is already in the eltree\nwhenever the HFSC_RSC flag is set.\n\n[1] https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=141d34391abbb315d68556b7c67ad97885407547\n[2] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L1572\n[3] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L677\n[4] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L1574\n[5] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/T/#u",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38001",
"url": "https://www.suse.com/security/cve/CVE-2025-38001"
},
{
"category": "external",
"summary": "SUSE Bug 1244234 for CVE-2025-38001",
"url": "https://bugzilla.suse.com/1244234"
},
{
"category": "external",
"summary": "SUSE Bug 1244235 for CVE-2025-38001",
"url": "https://bugzilla.suse.com/1244235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "important"
}
],
"title": "CVE-2025-38001"
},
{
"cve": "CVE-2025-38003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38003"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: add missing rcu read protection for procfs content\n\nWhen the procfs content is generated for a bcm_op which is in the process\nto be removed the procfs output might show unreliable data (UAF).\n\nAs the removal of bcm_op\u0027s is already implemented with rcu handling this\npatch adds the missing rcu_read_lock() and makes sure the list entries\nare properly removed under rcu protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38003",
"url": "https://www.suse.com/security/cve/CVE-2025-38003"
},
{
"category": "external",
"summary": "SUSE Bug 1244275 for CVE-2025-38003",
"url": "https://bugzilla.suse.com/1244275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38003"
},
{
"cve": "CVE-2025-38004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: add locking for bcm_op runtime updates\n\nThe CAN broadcast manager (CAN BCM) can send a sequence of CAN frames via\nhrtimer. The content and also the length of the sequence can be changed\nresp reduced at runtime where the \u0027currframe\u0027 counter is then set to zero.\n\nAlthough this appeared to be a safe operation the updates of \u0027currframe\u0027\ncan be triggered from user space and hrtimer context in bcm_can_tx().\nAnderson Nascimento created a proof of concept that triggered a KASAN\nslab-out-of-bounds read access which can be prevented with a spin_lock_bh.\n\nAt the rework of bcm_can_tx() the \u0027count\u0027 variable has been moved into\nthe protected section as this variable can be modified from both contexts\ntoo.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38004",
"url": "https://www.suse.com/security/cve/CVE-2025-38004"
},
{
"category": "external",
"summary": "SUSE Bug 1244274 for CVE-2025-38004",
"url": "https://bugzilla.suse.com/1244274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38004"
},
{
"cve": "CVE-2025-38005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: k3-udma: Add missing locking\n\nRecent kernels complain about a missing lock in k3-udma.c when the lock\nvalidator is enabled:\n\n[ 4.128073] WARNING: CPU: 0 PID: 746 at drivers/dma/ti/../virt-dma.h:169 udma_start.isra.0+0x34/0x238\n[ 4.137352] CPU: 0 UID: 0 PID: 746 Comm: kworker/0:3 Not tainted 6.12.9-arm64 #28\n[ 4.144867] Hardware name: pp-v12 (DT)\n[ 4.148648] Workqueue: events udma_check_tx_completion\n[ 4.153841] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 4.160834] pc : udma_start.isra.0+0x34/0x238\n[ 4.165227] lr : udma_start.isra.0+0x30/0x238\n[ 4.169618] sp : ffffffc083cabcf0\n[ 4.172963] x29: ffffffc083cabcf0 x28: 0000000000000000 x27: ffffff800001b005\n[ 4.180167] x26: ffffffc0812f0000 x25: 0000000000000000 x24: 0000000000000000\n[ 4.187370] x23: 0000000000000001 x22: 00000000e21eabe9 x21: ffffff8000fa0670\n[ 4.194571] x20: ffffff8001b6bf00 x19: ffffff8000fa0430 x18: ffffffc083b95030\n[ 4.201773] x17: 0000000000000000 x16: 00000000f0000000 x15: 0000000000000048\n[ 4.208976] x14: 0000000000000048 x13: 0000000000000000 x12: 0000000000000001\n[ 4.216179] x11: ffffffc08151a240 x10: 0000000000003ea1 x9 : ffffffc08046ab68\n[ 4.223381] x8 : ffffffc083cabac0 x7 : ffffffc081df3718 x6 : 0000000000029fc8\n[ 4.230583] x5 : ffffffc0817ee6d8 x4 : 0000000000000bc0 x3 : 0000000000000000\n[ 4.237784] x2 : 0000000000000000 x1 : 00000000001fffff x0 : 0000000000000000\n[ 4.244986] Call trace:\n[ 4.247463] udma_start.isra.0+0x34/0x238\n[ 4.251509] udma_check_tx_completion+0xd0/0xdc\n[ 4.256076] process_one_work+0x244/0x3fc\n[ 4.260129] process_scheduled_works+0x6c/0x74\n[ 4.264610] worker_thread+0x150/0x1dc\n[ 4.268398] kthread+0xd8/0xe8\n[ 4.271492] ret_from_fork+0x10/0x20\n[ 4.275107] irq event stamp: 220\n[ 4.278363] hardirqs last enabled at (219): [\u003cffffffc080a27c7c\u003e] _raw_spin_unlock_irq+0x38/0x50\n[ 4.287183] hardirqs last disabled at (220): [\u003cffffffc080a1c154\u003e] el1_dbg+0x24/0x50\n[ 4.294879] softirqs last enabled at (182): [\u003cffffffc080037e68\u003e] handle_softirqs+0x1c0/0x3cc\n[ 4.303437] softirqs last disabled at (177): [\u003cffffffc080010170\u003e] __do_softirq+0x1c/0x28\n[ 4.311559] ---[ end trace 0000000000000000 ]---\n\nThis commit adds the missing locking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38005",
"url": "https://www.suse.com/security/cve/CVE-2025-38005"
},
{
"category": "external",
"summary": "SUSE Bug 1244727 for CVE-2025-38005",
"url": "https://bugzilla.suse.com/1244727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38005"
},
{
"cve": "CVE-2025-38007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: uclogic: Add NULL check in uclogic_input_configured()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nuclogic_input_configured() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38007",
"url": "https://www.suse.com/security/cve/CVE-2025-38007"
},
{
"category": "external",
"summary": "SUSE Bug 1244938 for CVE-2025-38007",
"url": "https://bugzilla.suse.com/1244938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38007"
},
{
"cve": "CVE-2025-38009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: disable napi on driver removal\n\nA warning on driver removal started occurring after commit 9dd05df8403b\n(\"net: warn if NAPI instance wasn\u0027t shut down\"). Disable tx napi before\ndeleting it in mt76_dma_cleanup().\n\n WARNING: CPU: 4 PID: 18828 at net/core/dev.c:7288 __netif_napi_del_locked+0xf0/0x100\n CPU: 4 UID: 0 PID: 18828 Comm: modprobe Not tainted 6.15.0-rc4 #4 PREEMPT(lazy)\n Hardware name: ASUS System Product Name/PRIME X670E-PRO WIFI, BIOS 3035 09/05/2024\n RIP: 0010:__netif_napi_del_locked+0xf0/0x100\n Call Trace:\n \u003cTASK\u003e\n mt76_dma_cleanup+0x54/0x2f0 [mt76]\n mt7921_pci_remove+0xd5/0x190 [mt7921e]\n pci_device_remove+0x47/0xc0\n device_release_driver_internal+0x19e/0x200\n driver_detach+0x48/0x90\n bus_remove_driver+0x6d/0xf0\n pci_unregister_driver+0x2e/0xb0\n __do_sys_delete_module.isra.0+0x197/0x2e0\n do_syscall_64+0x7b/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nTested with mt7921e but the same pattern can be actually applied to other\nmt76 drivers calling mt76_dma_cleanup() during removal. Tx napi is enabled\nin their *_dma_init() functions and only toggled off and on again inside\ntheir suspend/resume/reset paths. So it should be okay to disable tx\nnapi in such a generic way.\n\nFound by Linux Verification Center (linuxtesting.org).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38009",
"url": "https://www.suse.com/security/cve/CVE-2025-38009"
},
{
"category": "external",
"summary": "SUSE Bug 1244995 for CVE-2025-38009",
"url": "https://bugzilla.suse.com/1244995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "low"
}
],
"title": "CVE-2025-38009"
},
{
"cve": "CVE-2025-38010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: tegra: xusb: Use a bitmask for UTMI pad power state tracking\n\nThe current implementation uses bias_pad_enable as a reference count to\nmanage the shared bias pad for all UTMI PHYs. However, during system\nsuspension with connected USB devices, multiple power-down requests for\nthe UTMI pad result in a mismatch in the reference count, which in turn\nproduces warnings such as:\n\n[ 237.762967] WARNING: CPU: 10 PID: 1618 at tegra186_utmi_pad_power_down+0x160/0x170\n[ 237.763103] Call trace:\n[ 237.763104] tegra186_utmi_pad_power_down+0x160/0x170\n[ 237.763107] tegra186_utmi_phy_power_off+0x10/0x30\n[ 237.763110] phy_power_off+0x48/0x100\n[ 237.763113] tegra_xusb_enter_elpg+0x204/0x500\n[ 237.763119] tegra_xusb_suspend+0x48/0x140\n[ 237.763122] platform_pm_suspend+0x2c/0xb0\n[ 237.763125] dpm_run_callback.isra.0+0x20/0xa0\n[ 237.763127] __device_suspend+0x118/0x330\n[ 237.763129] dpm_suspend+0x10c/0x1f0\n[ 237.763130] dpm_suspend_start+0x88/0xb0\n[ 237.763132] suspend_devices_and_enter+0x120/0x500\n[ 237.763135] pm_suspend+0x1ec/0x270\n\nThe root cause was traced back to the dynamic power-down changes\nintroduced in commit a30951d31b25 (\"xhci: tegra: USB2 pad power controls\"),\nwhere the UTMI pad was being powered down without verifying its current\nstate. This unbalanced behavior led to discrepancies in the reference\ncount.\n\nTo rectify this issue, this patch replaces the single reference counter\nwith a bitmask, renamed to utmi_pad_enabled. Each bit in the mask\ncorresponds to one of the four USB2 PHYs, allowing us to track each pad\u0027s\nenablement status individually.\n\nWith this change:\n - The bias pad is powered on only when the mask is clear.\n - Each UTMI pad is powered on or down based on its corresponding bit\n in the mask, preventing redundant operations.\n - The overall power state of the shared bias pad is maintained\n correctly during suspend/resume cycles.\n\nThe mutex used to prevent race conditions during UTMI pad enable/disable\noperations has been moved from the tegra186_utmi_bias_pad_power_on/off\nfunctions to the parent functions tegra186_utmi_pad_power_on/down. This\nchange ensures that there are no race conditions when updating the bitmask.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38010",
"url": "https://www.suse.com/security/cve/CVE-2025-38010"
},
{
"category": "external",
"summary": "SUSE Bug 1244996 for CVE-2025-38010",
"url": "https://bugzilla.suse.com/1244996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "low"
}
],
"title": "CVE-2025-38010"
},
{
"cve": "CVE-2025-38011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: csa unmap use uninterruptible lock\n\nAfter process exit to unmap csa and free GPU vm, if signal is accepted\nand then waiting to take vm lock is interrupted and return, it causes\nmemory leaking and below warning backtrace.\n\nChange to use uninterruptible wait lock fix the issue.\n\nWARNING: CPU: 69 PID: 167800 at amd/amdgpu/amdgpu_kms.c:1525\n amdgpu_driver_postclose_kms+0x294/0x2a0 [amdgpu]\n Call Trace:\n \u003cTASK\u003e\n drm_file_free.part.0+0x1da/0x230 [drm]\n drm_close_helper.isra.0+0x65/0x70 [drm]\n drm_release+0x6a/0x120 [drm]\n amdgpu_drm_release+0x51/0x60 [amdgpu]\n __fput+0x9f/0x280\n ____fput+0xe/0x20\n task_work_run+0x67/0xa0\n do_exit+0x217/0x3c0\n do_group_exit+0x3b/0xb0\n get_signal+0x14a/0x8d0\n arch_do_signal_or_restart+0xde/0x100\n exit_to_user_mode_loop+0xc1/0x1a0\n exit_to_user_mode_prepare+0xf4/0x100\n syscall_exit_to_user_mode+0x17/0x40\n do_syscall_64+0x69/0xc0\n\n(cherry picked from commit 7dbbfb3c171a6f63b01165958629c9c26abf38ab)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38011",
"url": "https://www.suse.com/security/cve/CVE-2025-38011"
},
{
"category": "external",
"summary": "SUSE Bug 1244729 for CVE-2025-38011",
"url": "https://bugzilla.suse.com/1244729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38011"
},
{
"cve": "CVE-2025-38013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request\n\nMake sure that n_channels is set after allocating the\nstruct cfg80211_registered_device::int_scan_req member. Seen with\nsyzkaller:\n\nUBSAN: array-index-out-of-bounds in net/mac80211/scan.c:1208:5\nindex 0 is out of range for type \u0027struct ieee80211_channel *[] __counted_by(n_channels)\u0027 (aka \u0027struct ieee80211_channel *[]\u0027)\n\nThis was missed in the initial conversions because I failed to locate\nthe allocation likely due to the \"sizeof(void *)\" not matching the\n\"channels\" array type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38013",
"url": "https://www.suse.com/security/cve/CVE-2025-38013"
},
{
"category": "external",
"summary": "SUSE Bug 1244731 for CVE-2025-38013",
"url": "https://bugzilla.suse.com/1244731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38013"
},
{
"cve": "CVE-2025-38014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Refactor remove call with idxd_cleanup() helper\n\nThe idxd_cleanup() helper cleans up perfmon, interrupts, internals and\nso on. Refactor remove call with the idxd_cleanup() helper to avoid code\nduplication. Note, this also fixes the missing put_device() for idxd\ngroups, enginces and wqs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38014",
"url": "https://www.suse.com/security/cve/CVE-2025-38014"
},
{
"category": "external",
"summary": "SUSE Bug 1244732 for CVE-2025-38014",
"url": "https://bugzilla.suse.com/1244732"
},
{
"category": "external",
"summary": "SUSE Bug 1244733 for CVE-2025-38014",
"url": "https://bugzilla.suse.com/1244733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38014"
},
{
"cve": "CVE-2025-38015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: fix memory leak in error handling path of idxd_alloc\n\nMemory allocated for idxd is not freed if an error occurs during\nidxd_alloc(). To fix it, free the allocated memory in the reverse order\nof allocation before exiting the function in case of an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38015",
"url": "https://www.suse.com/security/cve/CVE-2025-38015"
},
{
"category": "external",
"summary": "SUSE Bug 1244789 for CVE-2025-38015",
"url": "https://bugzilla.suse.com/1244789"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38015"
},
{
"cve": "CVE-2025-38018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: fix kernel panic when alloc_page failed\n\nWe cannot set frag_list to NULL pointer when alloc_page failed.\nIt will be used in tls_strp_check_queue_ok when the next time\ntls_strp_read_sock is called.\n\nThis is because we don\u0027t reset full_len in tls_strp_flush_anchor_copy()\nso the recv path will try to continue handling the partial record\non the next call but we dettached the rcvq from the frag list.\nAlternative fix would be to reset full_len.\n\nUnable to handle kernel NULL pointer dereference\nat virtual address 0000000000000028\n Call trace:\n tls_strp_check_rcv+0x128/0x27c\n tls_strp_data_ready+0x34/0x44\n tls_data_ready+0x3c/0x1f0\n tcp_data_ready+0x9c/0xe4\n tcp_data_queue+0xf6c/0x12d0\n tcp_rcv_established+0x52c/0x798",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38018",
"url": "https://www.suse.com/security/cve/CVE-2025-38018"
},
{
"category": "external",
"summary": "SUSE Bug 1244999 for CVE-2025-38018",
"url": "https://bugzilla.suse.com/1244999"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38018"
},
{
"cve": "CVE-2025-38020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Disable MACsec offload for uplink representor profile\n\nMACsec offload is not supported in switchdev mode for uplink\nrepresentors. When switching to the uplink representor profile, the\nMACsec offload feature must be cleared from the netdevice\u0027s features.\n\nIf left enabled, attempts to add offloads result in a null pointer\ndereference, as the uplink representor does not support MACsec offload\neven though the feature bit remains set.\n\nClear NETIF_F_HW_MACSEC in mlx5e_fix_uplink_rep_features().\n\nKernel log:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000000f: 0000 [#1] SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000078-0x000000000000007f]\nCPU: 29 UID: 0 PID: 4714 Comm: ip Not tainted 6.14.0-rc4_for_upstream_debug_2025_03_02_17_35 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nRIP: 0010:__mutex_lock+0x128/0x1dd0\nCode: d0 7c 08 84 d2 0f 85 ad 15 00 00 8b 35 91 5c fe 03 85 f6 75 29 49 8d 7e 60 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 a6 15 00 00 4d 3b 76 60 0f 85 fd 0b 00 00 65 ff\nRSP: 0018:ffff888147a4f160 EFLAGS: 00010206\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000001\nRDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000078\nRBP: ffff888147a4f2e0 R08: ffffffffa05d2c19 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: 0000000000000018 R15: ffff888152de0000\nFS: 00007f855e27d800(0000) GS:ffff88881ee80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000004e5768 CR3: 000000013ae7c005 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x3d/0xa0\n ? exc_general_protection+0x144/0x220\n ? asm_exc_general_protection+0x22/0x30\n ? mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n ? __mutex_lock+0x128/0x1dd0\n ? lockdep_set_lock_cmp_fn+0x190/0x190\n ? mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n ? mutex_lock_io_nested+0x1ae0/0x1ae0\n ? lock_acquire+0x1c2/0x530\n ? macsec_upd_offload+0x145/0x380\n ? lockdep_hardirqs_on_prepare+0x400/0x400\n ? kasan_save_stack+0x30/0x40\n ? kasan_save_stack+0x20/0x40\n ? kasan_save_track+0x10/0x30\n ? __kasan_kmalloc+0x77/0x90\n ? __kmalloc_noprof+0x249/0x6b0\n ? genl_family_rcv_msg_attrs_parse.constprop.0+0xb5/0x240\n ? mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n ? mlx5e_macsec_add_rxsa+0x11a0/0x11a0 [mlx5_core]\n macsec_update_offload+0x26c/0x820\n ? macsec_set_mac_address+0x4b0/0x4b0\n ? lockdep_hardirqs_on_prepare+0x284/0x400\n ? _raw_spin_unlock_irqrestore+0x47/0x50\n macsec_upd_offload+0x2c8/0x380\n ? macsec_update_offload+0x820/0x820\n ? __nla_parse+0x22/0x30\n ? genl_family_rcv_msg_attrs_parse.constprop.0+0x15e/0x240\n genl_family_rcv_msg_doit+0x1cc/0x2a0\n ? genl_family_rcv_msg_attrs_parse.constprop.0+0x240/0x240\n ? cap_capable+0xd4/0x330\n genl_rcv_msg+0x3ea/0x670\n ? genl_family_rcv_msg_dumpit+0x2a0/0x2a0\n ? lockdep_set_lock_cmp_fn+0x190/0x190\n ? macsec_update_offload+0x820/0x820\n netlink_rcv_skb+0x12b/0x390\n ? genl_family_rcv_msg_dumpit+0x2a0/0x2a0\n ? netlink_ack+0xd80/0xd80\n ? rwsem_down_read_slowpath+0xf90/0xf90\n ? netlink_deliver_tap+0xcd/0xac0\n ? netlink_deliver_tap+0x155/0xac0\n ? _copy_from_iter+0x1bb/0x12c0\n genl_rcv+0x24/0x40\n netlink_unicast+0x440/0x700\n ? netlink_attachskb+0x760/0x760\n ? lock_acquire+0x1c2/0x530\n ? __might_fault+0xbb/0x170\n netlink_sendmsg+0x749/0xc10\n ? netlink_unicast+0x700/0x700\n ? __might_fault+0xbb/0x170\n ? netlink_unicast+0x700/0x700\n __sock_sendmsg+0xc5/0x190\n ____sys_sendmsg+0x53f/0x760\n ? import_iovec+0x7/0x10\n ? kernel_sendmsg+0x30/0x30\n ? __copy_msghdr+0x3c0/0x3c0\n ? filter_irq_stacks+0x90/0x90\n ? stack_depot_save_flags+0x28/0xa30\n ___sys_sen\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38020",
"url": "https://www.suse.com/security/cve/CVE-2025-38020"
},
{
"category": "external",
"summary": "SUSE Bug 1245001 for CVE-2025-38020",
"url": "https://bugzilla.suse.com/1245001"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38020"
},
{
"cve": "CVE-2025-38022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38022"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Fix \"KASAN: slab-use-after-free Read in ib_register_device\" problem\n\nCall Trace:\n\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xc3/0x670 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n strlen+0x93/0xa0 lib/string.c:420\n __fortify_strlen include/linux/fortify-string.h:268 [inline]\n get_kobj_path_length lib/kobject.c:118 [inline]\n kobject_get_path+0x3f/0x2a0 lib/kobject.c:158\n kobject_uevent_env+0x289/0x1870 lib/kobject_uevent.c:545\n ib_register_device drivers/infiniband/core/device.c:1472 [inline]\n ib_register_device+0x8cf/0xe00 drivers/infiniband/core/device.c:1393\n rxe_register_device+0x275/0x320 drivers/infiniband/sw/rxe/rxe_verbs.c:1552\n rxe_net_add+0x8e/0xe0 drivers/infiniband/sw/rxe/rxe_net.c:550\n rxe_newlink+0x70/0x190 drivers/infiniband/sw/rxe/rxe.c:225\n nldev_newlink+0x3a3/0x680 drivers/infiniband/core/nldev.c:1796\n rdma_nl_rcv_msg+0x387/0x6e0 drivers/infiniband/core/netlink.c:195\n rdma_nl_rcv_skb.constprop.0.isra.0+0x2e5/0x450\n netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n netlink_unicast+0x53a/0x7f0 net/netlink/af_netlink.c:1339\n netlink_sendmsg+0x8d1/0xdd0 net/netlink/af_netlink.c:1883\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg net/socket.c:727 [inline]\n ____sys_sendmsg+0xa95/0xc70 net/socket.c:2566\n ___sys_sendmsg+0x134/0x1d0 net/socket.c:2620\n __sys_sendmsg+0x16d/0x220 net/socket.c:2652\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x260 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThis problem is similar to the problem that the\ncommit 1d6a9e7449e2 (\"RDMA/core: Fix use-after-free when rename device name\")\nfixes.\n\nThe root cause is: the function ib_device_rename() renames the name with\nlock. But in the function kobject_uevent(), this name is accessed without\nlock protection at the same time.\n\nThe solution is to add the lock protection when this name is accessed in\nthe function kobject_uevent().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38022",
"url": "https://www.suse.com/security/cve/CVE-2025-38022"
},
{
"category": "external",
"summary": "SUSE Bug 1245003 for CVE-2025-38022",
"url": "https://bugzilla.suse.com/1245003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38022"
},
{
"cve": "CVE-2025-38023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: handle failure of nfs_get_lock_context in unlock path\n\nWhen memory is insufficient, the allocation of nfs_lock_context in\nnfs_get_lock_context() fails and returns -ENOMEM. If we mistakenly treat\nan nfs4_unlockdata structure (whose l_ctx member has been set to -ENOMEM)\nas valid and proceed to execute rpc_run_task(), this will trigger a NULL\npointer dereference in nfs4_locku_prepare. For example:\n\nBUG: kernel NULL pointer dereference, address: 000000000000000c\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] SMP PTI\nCPU: 15 UID: 0 PID: 12 Comm: kworker/u64:0 Not tainted 6.15.0-rc2-dirty #60\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40\nWorkqueue: rpciod rpc_async_schedule\nRIP: 0010:nfs4_locku_prepare+0x35/0xc2\nCode: 89 f2 48 89 fd 48 c7 c7 68 69 ef b5 53 48 8b 8e 90 00 00 00 48 89 f3\nRSP: 0018:ffffbbafc006bdb8 EFLAGS: 00010246\nRAX: 000000000000004b RBX: ffff9b964fc1fa00 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: fffffffffffffff4 RDI: ffff9ba53fddbf40\nRBP: ffff9ba539934000 R08: 0000000000000000 R09: ffffbbafc006bc38\nR10: ffffffffb6b689c8 R11: 0000000000000003 R12: ffff9ba539934030\nR13: 0000000000000001 R14: 0000000004248060 R15: ffffffffb56d1c30\nFS: 0000000000000000(0000) GS:ffff9ba5881f0000(0000) knlGS:00000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000000000000c CR3: 000000093f244000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n __rpc_execute+0xbc/0x480\n rpc_async_schedule+0x2f/0x40\n process_one_work+0x232/0x5d0\n worker_thread+0x1da/0x3d0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x10d/0x240\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nModules linked in:\nCR2: 000000000000000c\n---[ end trace 0000000000000000 ]---\n\nFree the allocated nfs4_unlockdata when nfs_get_lock_context() fails and\nreturn NULL to terminate subsequent rpc_run_task, preventing NULL pointer\ndereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38023",
"url": "https://www.suse.com/security/cve/CVE-2025-38023"
},
{
"category": "external",
"summary": "SUSE Bug 1245004 for CVE-2025-38023",
"url": "https://bugzilla.suse.com/1245004"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38023"
},
{
"cve": "CVE-2025-38024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug\n\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x7d/0xa0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xcf/0x610 mm/kasan/report.c:489\n kasan_report+0xb5/0xe0 mm/kasan/report.c:602\n rxe_queue_cleanup+0xd0/0xe0 drivers/infiniband/sw/rxe/rxe_queue.c:195\n rxe_cq_cleanup+0x3f/0x50 drivers/infiniband/sw/rxe/rxe_cq.c:132\n __rxe_cleanup+0x168/0x300 drivers/infiniband/sw/rxe/rxe_pool.c:232\n rxe_create_cq+0x22e/0x3a0 drivers/infiniband/sw/rxe/rxe_verbs.c:1109\n create_cq+0x658/0xb90 drivers/infiniband/core/uverbs_cmd.c:1052\n ib_uverbs_create_cq+0xc7/0x120 drivers/infiniband/core/uverbs_cmd.c:1095\n ib_uverbs_write+0x969/0xc90 drivers/infiniband/core/uverbs_main.c:679\n vfs_write fs/read_write.c:677 [inline]\n vfs_write+0x26a/0xcc0 fs/read_write.c:659\n ksys_write+0x1b8/0x200 fs/read_write.c:731\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xaa/0x1b0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nIn the function rxe_create_cq, when rxe_cq_from_init fails, the function\nrxe_cleanup will be called to handle the allocated resources. In fact,\nsome memory resources have already been freed in the function\nrxe_cq_from_init. Thus, this problem will occur.\n\nThe solution is to let rxe_cleanup do all the work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38024",
"url": "https://www.suse.com/security/cve/CVE-2025-38024"
},
{
"category": "external",
"summary": "SUSE Bug 1245025 for CVE-2025-38024",
"url": "https://bugzilla.suse.com/1245025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38024"
},
{
"cve": "CVE-2025-38027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38027"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: max20086: fix invalid memory access\n\nmax20086_parse_regulators_dt() calls of_regulator_match() using an\narray of struct of_regulator_match allocated on the stack for the\nmatches argument.\n\nof_regulator_match() calls devm_of_regulator_put_matches(), which calls\ndevres_alloc() to allocate a struct devm_of_regulator_matches which will\nbe de-allocated using devm_of_regulator_put_matches().\n\nstruct devm_of_regulator_matches is populated with the stack allocated\nmatches array.\n\nIf the device fails to probe, devm_of_regulator_put_matches() will be\ncalled and will try to call of_node_put() on that stack pointer,\ngenerating the following dmesg entries:\n\nmax20086 6-0028: Failed to read DEVICE_ID reg: -121\nkobject: \u0027\\xc0$\\xa5\\x03\u0027 (000000002cebcb7a): is not initialized, yet\nkobject_put() is being called.\n\nFollowed by a stack trace matching the call flow described above.\n\nSwitch to allocating the matches array using devm_kcalloc() to\navoid accessing the stack pointer long after it\u0027s out of scope.\n\nThis also has the advantage of allowing multiple max20086 to probe\nwithout overriding the data stored inside the global of_regulator_match.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38027",
"url": "https://www.suse.com/security/cve/CVE-2025-38027"
},
{
"category": "external",
"summary": "SUSE Bug 1245042 for CVE-2025-38027",
"url": "https://bugzilla.suse.com/1245042"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38027"
},
{
"cve": "CVE-2025-38031",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38031"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: do not leak refcount in reorder_work\n\nA recent patch that addressed a UAF introduced a reference count leak:\nthe parallel_data refcount is incremented unconditionally, regardless\nof the return value of queue_work(). If the work item is already queued,\nthe incremented refcount is never decremented.\n\nFix this by checking the return value of queue_work() and decrementing\nthe refcount when necessary.\n\nResolves:\n\nUnreferenced object 0xffff9d9f421e3d80 (size 192):\n comm \"cryptomgr_probe\", pid 157, jiffies 4294694003\n hex dump (first 32 bytes):\n 80 8b cf 41 9f 9d ff ff b8 97 e0 89 ff ff ff ff ...A............\n d0 97 e0 89 ff ff ff ff 19 00 00 00 1f 88 23 00 ..............#.\n backtrace (crc 838fb36):\n __kmalloc_cache_noprof+0x284/0x320\n padata_alloc_pd+0x20/0x1e0\n padata_alloc_shell+0x3b/0xa0\n 0xffffffffc040a54d\n cryptomgr_probe+0x43/0xc0\n kthread+0xf6/0x1f0\n ret_from_fork+0x2f/0x50\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38031",
"url": "https://www.suse.com/security/cve/CVE-2025-38031"
},
{
"category": "external",
"summary": "SUSE Bug 1245046 for CVE-2025-38031",
"url": "https://bugzilla.suse.com/1245046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38031"
},
{
"cve": "CVE-2025-38040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38040"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: mctrl_gpio: split disable_ms into sync and no_sync APIs\n\nThe following splat has been observed on a SAMA5D27 platform using\natmel_serial:\n\nBUG: sleeping function called from invalid context at kernel/irq/manage.c:738\nin_atomic(): 1, irqs_disabled(): 128, non_block: 0, pid: 27, name: kworker/u5:0\npreempt_count: 1, expected: 0\nINFO: lockdep is turned off.\nirq event stamp: 0\nhardirqs last enabled at (0): [\u003c00000000\u003e] 0x0\nhardirqs last disabled at (0): [\u003cc01588f0\u003e] copy_process+0x1c4c/0x7bec\nsoftirqs last enabled at (0): [\u003cc0158944\u003e] copy_process+0x1ca0/0x7bec\nsoftirqs last disabled at (0): [\u003c00000000\u003e] 0x0\nCPU: 0 UID: 0 PID: 27 Comm: kworker/u5:0 Not tainted 6.13.0-rc7+ #74\nHardware name: Atmel SAMA5\nWorkqueue: hci0 hci_power_on [bluetooth]\nCall trace:\n unwind_backtrace from show_stack+0x18/0x1c\n show_stack from dump_stack_lvl+0x44/0x70\n dump_stack_lvl from __might_resched+0x38c/0x598\n __might_resched from disable_irq+0x1c/0x48\n disable_irq from mctrl_gpio_disable_ms+0x74/0xc0\n mctrl_gpio_disable_ms from atmel_disable_ms.part.0+0x80/0x1f4\n atmel_disable_ms.part.0 from atmel_set_termios+0x764/0x11e8\n atmel_set_termios from uart_change_line_settings+0x15c/0x994\n uart_change_line_settings from uart_set_termios+0x2b0/0x668\n uart_set_termios from tty_set_termios+0x600/0x8ec\n tty_set_termios from ttyport_set_flow_control+0x188/0x1e0\n ttyport_set_flow_control from wilc_setup+0xd0/0x524 [hci_wilc]\n wilc_setup [hci_wilc] from hci_dev_open_sync+0x330/0x203c [bluetooth]\n hci_dev_open_sync [bluetooth] from hci_dev_do_open+0x40/0xb0 [bluetooth]\n hci_dev_do_open [bluetooth] from hci_power_on+0x12c/0x664 [bluetooth]\n hci_power_on [bluetooth] from process_one_work+0x998/0x1a38\n process_one_work from worker_thread+0x6e0/0xfb4\n worker_thread from kthread+0x3d4/0x484\n kthread from ret_from_fork+0x14/0x28\n\nThis warning is emitted when trying to toggle, at the highest level,\nsome flow control (with serdev_device_set_flow_control) in a device\ndriver. At the lowest level, the atmel_serial driver is using\nserial_mctrl_gpio lib to enable/disable the corresponding IRQs\naccordingly. The warning emitted by CONFIG_DEBUG_ATOMIC_SLEEP is due to\ndisable_irq (called in mctrl_gpio_disable_ms) being possibly called in\nsome atomic context (some tty drivers perform modem lines configuration\nin regions protected by port lock).\n\nSplit mctrl_gpio_disable_ms into two differents APIs, a non-blocking one\nand a blocking one. Replace mctrl_gpio_disable_ms calls with the\nrelevant version depending on whether the call is protected by some port\nlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38040",
"url": "https://www.suse.com/security/cve/CVE-2025-38040"
},
{
"category": "external",
"summary": "SUSE Bug 1245078 for CVE-2025-38040",
"url": "https://bugzilla.suse.com/1245078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38040"
},
{
"cve": "CVE-2025-38043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_ffa: Set dma_mask for ffa devices\n\nSet dma_mask for FFA devices, otherwise DMA allocation using the device pointer\nlead to following warning:\n\nWARNING: CPU: 1 PID: 1 at kernel/dma/mapping.c:597 dma_alloc_attrs+0xe0/0x124",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38043",
"url": "https://www.suse.com/security/cve/CVE-2025-38043"
},
{
"category": "external",
"summary": "SUSE Bug 1245081 for CVE-2025-38043",
"url": "https://bugzilla.suse.com/1245081"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38043"
},
{
"cve": "CVE-2025-38044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx231xx: set device_caps for 417\n\nThe video_device for the MPEG encoder did not set device_caps.\n\nAdd this, otherwise the video device can\u0027t be registered (you get a\nWARN_ON instead).\n\nNot seen before since currently 417 support is disabled, but I found\nthis while experimenting with it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38044",
"url": "https://www.suse.com/security/cve/CVE-2025-38044"
},
{
"category": "external",
"summary": "SUSE Bug 1245082 for CVE-2025-38044",
"url": "https://bugzilla.suse.com/1245082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38044"
},
{
"cve": "CVE-2025-38045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix debug actions order\n\nThe order of actions taken for debug was implemented incorrectly.\nNow we implemented the dump split and do the FW reset only in the\nmiddle of the dump (rather than the FW killing itself on error.)\nAs a result, some of the actions taken when applying the config\nwill now crash the device, so we need to fix the order.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38045",
"url": "https://www.suse.com/security/cve/CVE-2025-38045"
},
{
"category": "external",
"summary": "SUSE Bug 1245083 for CVE-2025-38045",
"url": "https://bugzilla.suse.com/1245083"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38045"
},
{
"cve": "CVE-2025-38053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix null-ptr-deref in idpf_features_check\n\nidpf_features_check is used to validate the TX packet. skb header\nlength is compared with the hardware supported value received from\nthe device control plane. The value is stored in the adapter structure\nand to access it, vport pointer is used. During reset all the vports\nare released and the vport pointer that the netdev private structure\npoints to is NULL.\n\nTo avoid null-ptr-deref, store the max header length value in netdev\nprivate structure. This also helps to cache the value and avoid\naccessing adapter pointer in hot path.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000068\n...\nRIP: 0010:idpf_features_check+0x6d/0xe0 [idpf]\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x154/0x520\n ? exc_page_fault+0x76/0x190\n ? asm_exc_page_fault+0x26/0x30\n ? idpf_features_check+0x6d/0xe0 [idpf]\n netif_skb_features+0x88/0x310\n validate_xmit_skb+0x2a/0x2b0\n validate_xmit_skb_list+0x4c/0x70\n sch_direct_xmit+0x19d/0x3a0\n __dev_queue_xmit+0xb74/0xe70\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38053",
"url": "https://www.suse.com/security/cve/CVE-2025-38053"
},
{
"category": "external",
"summary": "SUSE Bug 1244746 for CVE-2025-38053",
"url": "https://bugzilla.suse.com/1244746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38053"
},
{
"cve": "CVE-2025-38055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel: Fix segfault with PEBS-via-PT with sample_freq\n\nCurrently, using PEBS-via-PT with a sample frequency instead of a sample\nperiod, causes a segfault. For example:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000195\n \u003cNMI\u003e\n ? __die_body.cold+0x19/0x27\n ? page_fault_oops+0xca/0x290\n ? exc_page_fault+0x7e/0x1b0\n ? asm_exc_page_fault+0x26/0x30\n ? intel_pmu_pebs_event_update_no_drain+0x40/0x60\n ? intel_pmu_pebs_event_update_no_drain+0x32/0x60\n intel_pmu_drain_pebs_icl+0x333/0x350\n handle_pmi_common+0x272/0x3c0\n intel_pmu_handle_irq+0x10a/0x2e0\n perf_event_nmi_handler+0x2a/0x50\n\nThat happens because intel_pmu_pebs_event_update_no_drain() assumes all the\npebs_enabled bits represent counter indexes, which is not always the case.\nIn this particular case, bits 60 and 61 are set for PEBS-via-PT purposes.\n\nThe behaviour of PEBS-via-PT with sample frequency is questionable because\nalthough a PMI is generated (PEBS_PMI_AFTER_EACH_RECORD), the period is not\nadjusted anyway.\n\nPutting that aside, fix intel_pmu_pebs_event_update_no_drain() by passing\nthe mask of counter bits instead of \u0027size\u0027. Note, prior to the Fixes\ncommit, \u0027size\u0027 would be limited to the maximum counter index, so the issue\nwas not hit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38055",
"url": "https://www.suse.com/security/cve/CVE-2025-38055"
},
{
"category": "external",
"summary": "SUSE Bug 1244747 for CVE-2025-38055",
"url": "https://bugzilla.suse.com/1244747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38055"
},
{
"cve": "CVE-2025-38057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nespintcp: fix skb leaks\n\nA few error paths are missing a kfree_skb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38057",
"url": "https://www.suse.com/security/cve/CVE-2025-38057"
},
{
"category": "external",
"summary": "SUSE Bug 1244862 for CVE-2025-38057",
"url": "https://bugzilla.suse.com/1244862"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38057"
},
{
"cve": "CVE-2025-38059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: avoid NULL pointer dereference if no valid csum tree\n\n[BUG]\nWhen trying read-only scrub on a btrfs with rescue=idatacsums mount\noption, it will crash with the following call trace:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000208\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n CPU: 1 UID: 0 PID: 835 Comm: btrfs Tainted: G O 6.15.0-rc3-custom+ #236 PREEMPT(full)\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 02/02/2022\n RIP: 0010:btrfs_lookup_csums_bitmap+0x49/0x480 [btrfs]\n Call Trace:\n \u003cTASK\u003e\n scrub_find_fill_first_stripe+0x35b/0x3d0 [btrfs]\n scrub_simple_mirror+0x175/0x290 [btrfs]\n scrub_stripe+0x5f7/0x6f0 [btrfs]\n scrub_chunk+0x9a/0x150 [btrfs]\n scrub_enumerate_chunks+0x333/0x660 [btrfs]\n btrfs_scrub_dev+0x23e/0x600 [btrfs]\n btrfs_ioctl+0x1dcf/0x2f80 [btrfs]\n __x64_sys_ioctl+0x97/0xc0\n do_syscall_64+0x4f/0x120\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n[CAUSE]\nMount option \"rescue=idatacsums\" will completely skip loading the csum\ntree, so that any data read will not find any data csum thus we will\nignore data checksum verification.\n\nNormally call sites utilizing csum tree will check the fs state flag\nNO_DATA_CSUMS bit, but unfortunately scrub does not check that bit at all.\n\nThis results in scrub to call btrfs_search_slot() on a NULL pointer\nand triggered above crash.\n\n[FIX]\nCheck both extent and csum tree root before doing any tree search.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38059",
"url": "https://www.suse.com/security/cve/CVE-2025-38059"
},
{
"category": "external",
"summary": "SUSE Bug 1244759 for CVE-2025-38059",
"url": "https://bugzilla.suse.com/1244759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38059"
},
{
"cve": "CVE-2025-38060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: copy_verifier_state() should copy \u0027loop_entry\u0027 field\n\nThe bpf_verifier_state.loop_entry state should be copied by\ncopy_verifier_state(). Otherwise, .loop_entry values from unrelated\nstates would poison env-\u003ecur_state.\n\nAdditionally, env-\u003estack should not contain any states with\n.loop_entry != NULL. The states in env-\u003estack are yet to be verified,\nwhile .loop_entry is set for states that reached an equivalent state.\nThis means that env-\u003ecur_state-\u003eloop_entry should always be NULL after\npop_stack().\n\nSee the selftest in the next commit for an example of the program that\nis not safe yet is accepted by verifier w/o this fix.\n\nThis change has some verification performance impact for selftests:\n\nFile Program Insns (A) Insns (B) Insns (DIFF) States (A) States (B) States (DIFF)\n---------------------------------- ---------------------------- --------- --------- -------------- ---------- ---------- -------------\narena_htab.bpf.o arena_htab_llvm 717 426 -291 (-40.59%) 57 37 -20 (-35.09%)\narena_htab_asm.bpf.o arena_htab_asm 597 445 -152 (-25.46%) 47 37 -10 (-21.28%)\narena_list.bpf.o arena_list_del 309 279 -30 (-9.71%) 23 14 -9 (-39.13%)\niters.bpf.o iter_subprog_check_stacksafe 155 141 -14 (-9.03%) 15 14 -1 (-6.67%)\niters.bpf.o iter_subprog_iters 1094 1003 -91 (-8.32%) 88 83 -5 (-5.68%)\niters.bpf.o loop_state_deps2 479 725 +246 (+51.36%) 46 63 +17 (+36.96%)\nkmem_cache_iter.bpf.o open_coded_iter 63 59 -4 (-6.35%) 7 6 -1 (-14.29%)\nverifier_bits_iter.bpf.o max_words 92 84 -8 (-8.70%) 8 7 -1 (-12.50%)\nverifier_iterating_callbacks.bpf.o cond_break2 113 107 -6 (-5.31%) 12 12 +0 (+0.00%)\n\nAnd significant negative impact for sched_ext:\n\nFile Program Insns (A) Insns (B) Insns (DIFF) States (A) States (B) States (DIFF)\n----------------- ---------------------- --------- --------- -------------------- ---------- ---------- ------------------\nbpf.bpf.o lavd_init 7039 14723 +7684 (+109.16%) 490 1139 +649 (+132.45%)\nbpf.bpf.o layered_dispatch 11485 10548 -937 (-8.16%) 848 762 -86 (-10.14%)\nbpf.bpf.o layered_dump 7422 1000001 +992579 (+13373.47%) 681 31178 +30497 (+4478.27%)\nbpf.bpf.o layered_enqueue 16854 71127 +54273 (+322.02%) 1611 6450 +4839 (+300.37%)\nbpf.bpf.o p2dq_dispatch 665 791 +126 (+18.95%) 68 78 +10 (+14.71%)\nbpf.bpf.o p2dq_init 2343 2980 +637 (+27.19%) 201 237 +36 (+17.91%)\nbpf.bpf.o refresh_layer_cpumasks 16487 674760 +658273 (+3992.68%) 1770 65370 +63600 (+3593.22%)\nbpf.bpf.o rusty_select_cpu 1937 40872 +38935 (+2010.07%) 177 3210 +3033 (+1713.56%)\nscx_central.bpf.o central_dispatch 636 2687 +2051 (+322.48%) 63 227 +164 (+260.32%)\nscx_nest.bpf.o nest_init 636 815 +179 (+28.14%) 60 73 +13 (+21.67%)\nscx_qmap.bpf.o qmap_dispatch \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38060",
"url": "https://www.suse.com/security/cve/CVE-2025-38060"
},
{
"category": "external",
"summary": "SUSE Bug 1245155 for CVE-2025-38060",
"url": "https://bugzilla.suse.com/1245155"
},
{
"category": "external",
"summary": "SUSE Bug 1245156 for CVE-2025-38060",
"url": "https://bugzilla.suse.com/1245156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "important"
}
],
"title": "CVE-2025-38060"
},
{
"cve": "CVE-2025-38065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: Do not truncate file size\n\n\u0027len\u0027 is used to store the result of i_size_read(), so making \u0027len\u0027\na size_t results in truncation to 4GiB on 32-bit systems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38065",
"url": "https://www.suse.com/security/cve/CVE-2025-38065"
},
{
"category": "external",
"summary": "SUSE Bug 1244906 for CVE-2025-38065",
"url": "https://bugzilla.suse.com/1244906"
},
{
"category": "external",
"summary": "SUSE Bug 1244907 for CVE-2025-38065",
"url": "https://bugzilla.suse.com/1244907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "important"
}
],
"title": "CVE-2025-38065"
},
{
"cve": "CVE-2025-38068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: lzo - Fix compression buffer overrun\n\nUnlike the decompression code, the compression code in LZO never\nchecked for output overruns. It instead assumes that the caller\nalways provides enough buffer space, disregarding the buffer length\nprovided by the caller.\n\nAdd a safe compression interface that checks for the end of buffer\nbefore each write. Use the safe interface in crypto/lzo.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38068",
"url": "https://www.suse.com/security/cve/CVE-2025-38068"
},
{
"category": "external",
"summary": "SUSE Bug 1245210 for CVE-2025-38068",
"url": "https://bugzilla.suse.com/1245210"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38068"
},
{
"cve": "CVE-2025-38072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibnvdimm/labels: Fix divide error in nd_label_data_init()\n\nIf a faulty CXL memory device returns a broken zero LSA size in its\nmemory device information (Identify Memory Device (Opcode 4000h), CXL\nspec. 3.1, 8.2.9.9.1.1), a divide error occurs in the libnvdimm\ndriver:\n\n Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:nd_label_data_init+0x10e/0x800 [libnvdimm]\n\nCode and flow:\n\n1) CXL Command 4000h returns LSA size = 0\n2) config_size is assigned to zero LSA size (CXL pmem driver):\n\ndrivers/cxl/pmem.c: .config_size = mds-\u003elsa_size,\n\n3) max_xfer is set to zero (nvdimm driver):\n\ndrivers/nvdimm/label.c: max_xfer = min_t(size_t, ndd-\u003ensarea.max_xfer, config_size);\n\n4) A subsequent DIV_ROUND_UP() causes a division by zero:\n\ndrivers/nvdimm/label.c: /* Make our initial read size a multiple of max_xfer size */\ndrivers/nvdimm/label.c: read_size = min(DIV_ROUND_UP(read_size, max_xfer) * max_xfer,\ndrivers/nvdimm/label.c- config_size);\n\nFix this by checking the config size parameter by extending an\nexisting check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38072",
"url": "https://www.suse.com/security/cve/CVE-2025-38072"
},
{
"category": "external",
"summary": "SUSE Bug 1244743 for CVE-2025-38072",
"url": "https://bugzilla.suse.com/1244743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38072"
},
{
"cve": "CVE-2025-38077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store()\n\nIf the \u0027buf\u0027 array received from the user contains an empty string, the\n\u0027length\u0027 variable will be zero. Accessing the \u0027buf\u0027 array element with\nindex \u0027length - 1\u0027 will result in a buffer overflow.\n\nAdd a check for an empty string.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38077",
"url": "https://www.suse.com/security/cve/CVE-2025-38077"
},
{
"category": "external",
"summary": "SUSE Bug 1244736 for CVE-2025-38077",
"url": "https://bugzilla.suse.com/1244736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38077"
},
{
"cve": "CVE-2025-38078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: Fix race of buffer access at PCM OSS layer\n\nThe PCM OSS layer tries to clear the buffer with the silence data at\ninitialization (or reconfiguration) of a stream with the explicit call\nof snd_pcm_format_set_silence() with runtime-\u003edma_area. But this may\nlead to a UAF because the accessed runtime-\u003edma_area might be freed\nconcurrently, as it\u0027s performed outside the PCM ops.\n\nFor avoiding it, move the code into the PCM core and perform it inside\nthe buffer access lock, so that it won\u0027t be changed during the\noperation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38078",
"url": "https://www.suse.com/security/cve/CVE-2025-38078"
},
{
"category": "external",
"summary": "SUSE Bug 1244737 for CVE-2025-38078",
"url": "https://bugzilla.suse.com/1244737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38078"
},
{
"cve": "CVE-2025-38079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_hash - fix double free in hash_accept\n\nIf accept(2) is called on socket type algif_hash with\nMSG_MORE flag set and crypto_ahash_import fails,\nsk2 is freed. However, it is also freed in af_alg_release,\nleading to slab-use-after-free error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38079",
"url": "https://www.suse.com/security/cve/CVE-2025-38079"
},
{
"category": "external",
"summary": "SUSE Bug 1245217 for CVE-2025-38079",
"url": "https://bugzilla.suse.com/1245217"
},
{
"category": "external",
"summary": "SUSE Bug 1245218 for CVE-2025-38079",
"url": "https://bugzilla.suse.com/1245218"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "important"
}
],
"title": "CVE-2025-38079"
},
{
"cve": "CVE-2025-38080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Increase block_sequence array size\n\n[Why]\nIt\u0027s possible to generate more than 50 steps in hwss_build_fast_sequence,\nfor example with a 6-pipe asic where all pipes are in one MPC chain. This\noverflows the block_sequence buffer and corrupts block_sequence_steps,\ncausing a crash.\n\n[How]\nExpand block_sequence to 100 items. A naive upper bound on the possible\nnumber of steps for a 6-pipe asic, ignoring the potential for steps to be\nmutually exclusive, is 91 with current code, therefore 100 is sufficient.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38080",
"url": "https://www.suse.com/security/cve/CVE-2025-38080"
},
{
"category": "external",
"summary": "SUSE Bug 1244738 for CVE-2025-38080",
"url": "https://bugzilla.suse.com/1244738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38080"
},
{
"cve": "CVE-2025-38081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38081"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi-rockchip: Fix register out of bounds access\n\nDo not write native chip select stuff for GPIO chip selects.\nGPIOs can be numbered much higher than native CS.\nAlso, it makes no sense.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38081",
"url": "https://www.suse.com/security/cve/CVE-2025-38081"
},
{
"category": "external",
"summary": "SUSE Bug 1244739 for CVE-2025-38081",
"url": "https://bugzilla.suse.com/1244739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38081"
},
{
"cve": "CVE-2025-38083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: prio: fix a race in prio_tune()\n\nGerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer\nfires at the wrong time.\n\nThe race is as follows:\n\nCPU 0 CPU 1\n[1]: lock root\n[2]: qdisc_tree_flush_backlog()\n[3]: unlock root\n |\n | [5]: lock root\n | [6]: rehash\n | [7]: qdisc_tree_reduce_backlog()\n |\n[4]: qdisc_put()\n\nThis can be abused to underflow a parent\u0027s qlen.\n\nCalling qdisc_purge_queue() instead of qdisc_tree_flush_backlog()\nshould fix the race, because all packets will be purged from the qdisc\nbefore releasing the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38083",
"url": "https://www.suse.com/security/cve/CVE-2025-38083"
},
{
"category": "external",
"summary": "SUSE Bug 1245183 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "external",
"summary": "SUSE Bug 1245350 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "important"
}
],
"title": "CVE-2025-38083"
},
{
"cve": "CVE-2025-38104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV\n\nRLCG Register Access is a way for virtual functions to safely access GPU\nregisters in a virtualized environment., including TLB flushes and\nregister reads. When multiple threads or VFs try to access the same\nregisters simultaneously, it can lead to race conditions. By using the\nRLCG interface, the driver can serialize access to the registers. This\nmeans that only one thread can access the registers at a time,\npreventing conflicts and ensuring that operations are performed\ncorrectly. Additionally, when a low-priority task holds a mutex that a\nhigh-priority task needs, ie., If a thread holding a spinlock tries to\nacquire a mutex, it can lead to priority inversion. register access in\namdgpu_virt_rlcg_reg_rw especially in a fast code path is critical.\n\nThe call stack shows that the function amdgpu_virt_rlcg_reg_rw is being\ncalled, which attempts to acquire the mutex. This function is invoked\nfrom amdgpu_sriov_wreg, which in turn is called from\ngmc_v11_0_flush_gpu_tlb.\n\nThe [ BUG: Invalid wait context ] indicates that a thread is trying to\nacquire a mutex while it is in a context that does not allow it to sleep\n(like holding a spinlock).\n\nFixes the below:\n\n[ 253.013423] =============================\n[ 253.013434] [ BUG: Invalid wait context ]\n[ 253.013446] 6.12.0-amdstaging-drm-next-lol-050225 #14 Tainted: G U OE\n[ 253.013464] -----------------------------\n[ 253.013475] kworker/0:1/10 is trying to lock:\n[ 253.013487] ffff9f30542e3cf8 (\u0026adev-\u003evirt.rlcg_reg_lock){+.+.}-{3:3}, at: amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.013815] other info that might help us debug this:\n[ 253.013827] context-{4:4}\n[ 253.013835] 3 locks held by kworker/0:1/10:\n[ 253.013847] #0: ffff9f3040050f58 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x3f5/0x680\n[ 253.013877] #1: ffffb789c008be40 ((work_completion)(\u0026wfc.work)){+.+.}-{0:0}, at: process_one_work+0x1d6/0x680\n[ 253.013905] #2: ffff9f3054281838 (\u0026adev-\u003egmc.invalidate_lock){+.+.}-{2:2}, at: gmc_v11_0_flush_gpu_tlb+0x198/0x4f0 [amdgpu]\n[ 253.014154] stack backtrace:\n[ 253.014164] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G U OE 6.12.0-amdstaging-drm-next-lol-050225 #14\n[ 253.014189] Tainted: [U]=USER, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n[ 253.014203] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/18/2024\n[ 253.014224] Workqueue: events work_for_cpu_fn\n[ 253.014241] Call Trace:\n[ 253.014250] \u003cTASK\u003e\n[ 253.014260] dump_stack_lvl+0x9b/0xf0\n[ 253.014275] dump_stack+0x10/0x20\n[ 253.014287] __lock_acquire+0xa47/0x2810\n[ 253.014303] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014321] lock_acquire+0xd1/0x300\n[ 253.014333] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014562] ? __lock_acquire+0xa6b/0x2810\n[ 253.014578] __mutex_lock+0x85/0xe20\n[ 253.014591] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014782] ? sched_clock_noinstr+0x9/0x10\n[ 253.014795] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014808] ? local_clock_noinstr+0xe/0xc0\n[ 253.014822] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015012] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.015029] mutex_lock_nested+0x1b/0x30\n[ 253.015044] ? mutex_lock_nested+0x1b/0x30\n[ 253.015057] amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015249] amdgpu_sriov_wreg+0xc5/0xd0 [amdgpu]\n[ 253.015435] gmc_v11_0_flush_gpu_tlb+0x44b/0x4f0 [amdgpu]\n[ 253.015667] gfx_v11_0_hw_init+0x499/0x29c0 [amdgpu]\n[ 253.015901] ? __pfx_smu_v13_0_update_pcie_parameters+0x10/0x10 [amdgpu]\n[ 253.016159] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.016173] ? smu_hw_init+0x18d/0x300 [amdgpu]\n[ 253.016403] amdgpu_device_init+0x29ad/0x36a0 [amdgpu]\n[ 253.016614] amdgpu_driver_load_kms+0x1a/0xc0 [amdgpu]\n[ 253.0170\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38104",
"url": "https://www.suse.com/security/cve/CVE-2025-38104"
},
{
"category": "external",
"summary": "SUSE Bug 1241635 for CVE-2025-38104",
"url": "https://bugzilla.suse.com/1241635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38104"
},
{
"cve": "CVE-2025-38240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38240"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr\n\nThe function mtk_dp_wait_hpd_asserted() may be called before the\n`mtk_dp-\u003edrm_dev` pointer is assigned in mtk_dp_bridge_attach().\nSpecifically it can be called via this callpath:\n - mtk_edp_wait_hpd_asserted\n - [panel probe]\n - dp_aux_ep_probe\n\nUsing \"drm\" level prints anywhere in this callpath causes a NULL\npointer dereference. Change the error message directly in\nmtk_dp_wait_hpd_asserted() to dev_err() to avoid this. Also change the\nerror messages in mtk_dp_parse_capabilities(), which is called by\nmtk_dp_wait_hpd_asserted().\n\nWhile touching these prints, also add the error code to them to make\nfuture debugging easier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38240",
"url": "https://www.suse.com/security/cve/CVE-2025-38240"
},
{
"category": "external",
"summary": "SUSE Bug 1241457 for CVE-2025-38240",
"url": "https://bugzilla.suse.com/1241457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-38240"
},
{
"cve": "CVE-2025-39735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix slab-out-of-bounds read in ea_get()\n\nDuring the \"size_check\" label in ea_get(), the code checks if the extended\nattribute list (xattr) size matches ea_size. If not, it logs\n\"ea_get: invalid extended attribute\" and calls print_hex_dump().\n\nHere, EALIST_SIZE(ea_buf-\u003exattr) returns 4110417968, which exceeds\nINT_MAX (2,147,483,647). Then ea_size is clamped:\n\n\tint size = clamp_t(int, ea_size, 0, EALIST_SIZE(ea_buf-\u003exattr));\n\nAlthough clamp_t aims to bound ea_size between 0 and 4110417968, the upper\nlimit is treated as an int, causing an overflow above 2^31 - 1. This leads\n\"size\" to wrap around and become negative (-184549328).\n\nThe \"size\" is then passed to print_hex_dump() (called \"len\" in\nprint_hex_dump()), it is passed as type size_t (an unsigned\ntype), this is then stored inside a variable called\n\"int remaining\", which is then assigned to \"int linelen\" which\nis then passed to hex_dump_to_buffer(). In print_hex_dump()\nthe for loop, iterates through 0 to len-1, where len is\n18446744073525002176, calling hex_dump_to_buffer()\non each iteration:\n\n\tfor (i = 0; i \u003c len; i += rowsize) {\n\t\tlinelen = min(remaining, rowsize);\n\t\tremaining -= rowsize;\n\n\t\thex_dump_to_buffer(ptr + i, linelen, rowsize, groupsize,\n\t\t\t\t linebuf, sizeof(linebuf), ascii);\n\n\t\t...\n\t}\n\nThe expected stopping condition (i \u003c len) is effectively broken\nsince len is corrupted and very large. This eventually leads to\nthe \"ptr+i\" being passed to hex_dump_to_buffer() to get closer\nto the end of the actual bounds of \"ptr\", eventually an out of\nbounds access is done in hex_dump_to_buffer() in the following\nfor loop:\n\n\tfor (j = 0; j \u003c len; j++) {\n\t\t\tif (linebuflen \u003c lx + 2)\n\t\t\t\tgoto overflow2;\n\t\t\tch = ptr[j];\n\t\t...\n\t}\n\nTo fix this we should validate \"EALIST_SIZE(ea_buf-\u003exattr)\"\nbefore it is utilised.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39735",
"url": "https://www.suse.com/security/cve/CVE-2025-39735"
},
{
"category": "external",
"summary": "SUSE Bug 1241625 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "external",
"summary": "SUSE Bug 1241699 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "important"
}
],
"title": "CVE-2025-39735"
},
{
"cve": "CVE-2025-40014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq()\n\nIf speed_hz \u003c AMD_SPI_MIN_HZ, amd_set_spi_freq() iterates over the\nentire amd_spi_freq array without breaking out early, causing \u0027i\u0027 to go\nbeyond the array bounds.\n\nFix that by stopping the loop when it gets to the last entry, so the low\nspeed_hz value gets clamped up to AMD_SPI_MIN_HZ.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/spi/spi-amd.o: error: objtool: amd_set_spi_freq() falls through to next function amd_spi_set_opcode()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40014",
"url": "https://www.suse.com/security/cve/CVE-2025-40014"
},
{
"category": "external",
"summary": "SUSE Bug 1241644 for CVE-2025-40014",
"url": "https://bugzilla.suse.com/1241644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.6.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T15:57:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-40014"
}
]
}
suse-su-2025:01964-1
Vulnerability from csaf_suse
Published
2025-06-16 14:54
Modified
2025-06-16 14:54
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).
- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).
- CVE-2024-50162: bpf: selftests: send packet to devmap redirect XDP (bsc#1233075).
- CVE-2024-50163: bpf: Make sure internal and UAPI bpf_redirect flags do not overlap (bsc#1233098).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074).
- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).
- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).
- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).
- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).
- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).
- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).
- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).
- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).
- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).
- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).
- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).
- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).
- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).
- CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742).
- CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108).
- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).
- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).
- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).
- CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181).
- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).
- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).
- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).
- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).
- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).
- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).
- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).
- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).
- CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576).
- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).
- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).
- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).
- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error (bsc#1240720).
- CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713).
- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).
- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).
- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level > 2 (bsc#1240742).
- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).
- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).
- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).
- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).
- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).
- CVE-2025-21969: kABI workaround for l2cap_conn changes (bsc#1240784).
- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).
- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).
- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).
- CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809).
- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).
- CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811).
- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).
- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).
- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).
- CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944).
- CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934).
- CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936).
- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22029: exec: fix the racy usage of fs_struct->in_exec (bsc#1241378).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426).
- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).
- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).
- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).
- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416).
- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).
- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).
- CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548).
- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).
- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578).
- CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593).
- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).
- CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451).
- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
- CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626).
The following non-security bugs were fixed:
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).
- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable-fixes).
- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes).
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).
- ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes).
- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git-fixes).
- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).
- ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes).
- ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).
- ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044).
- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).
- ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes).
- ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
- ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable-fixes).
- ASoC: Use of_property_read_bool() (stable-fixes).
- ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes).
- ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes).
- ASoC: fsl_audmix: register card device depends on 'dais' property (stable-fixes).
- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).
- ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes).
- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes).
- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes).
- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git-fixes).
- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).
- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).
- Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes).
- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes).
- Bluetooth: hci_uart: Fix another race during initialization (git-fixes).
- Bluetooth: hci_uart: fix race during initialization (stable-fixes).
- Bluetooth: l2cap: Check encryption key size on incoming connection (git-fixes).
- Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes).
- Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes).
- pci: Drop PCI patch that caused a regression (bsc#1241123)
- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable-fixes).
- HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).
- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).
- Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git-fixes).
- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
- Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes).
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
- Input: xpad - fix two controller table values (git-fixes).
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
- KVM: arm64: Mark some header functions as inline (git-fixes).
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).
- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
- KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).
- KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (git-fixes).
- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
- OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961)
- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git-fixes).
- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).
- PCI: Fix reference leak in pci_register_host_bridge() (git-fixes).
- PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes).
- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes).
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes)
- RDMA/core: Fix 'KASAN: slab-use-after-free Read in ib_register_device' problem (git-fixes)
- RDMA/core: Silence oversized kvmalloc() warning (git-fixes)
- RDMA/hns: Fix wrong maximum DMA segment size (git-fixes)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- RDMA/mana_ib: Ensure variable err is initialized (git-fixes).
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- RDMA/rxe: Fix 'trying to register non-static key in rxe_qp_do_cleanup' bug (git-fixes)
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes)
- mm: Revert commit (bsc#1241051)
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).
- USB: VLI disk crashes if LPM is used (stable-fixes).
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).
- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).
- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).
- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).
- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).
- USB: wdm: add annotation (git-fixes).
- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes).
- USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes).
- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes).
- RDMA: Update patch RDMA-core-Don-t-expose-hw_counters-outside-of-init-n.patch (git-fixes bsc#1239925).
- kABI: Update patch kABI-fix-for-RDMA-core-Don-t-expose-hw_counters-outs.patch (git-fixes bsc#1239925).
- nvme: Update patch nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch (git-fixes bsc#1235149).
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes).
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- affs: do not write overlarge OFS data block size fields (git-fixes).
- affs: generate OFS sequence numbers starting at 1 (git-fixes).
- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
- afs: Make it possible to find the volumes that are using a server (git-fixes).
- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes).
- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)
- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)
- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)
- arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes)
- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)
- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)
- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)
- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- arm64: insn: Add support for encoding DSB (git-fixes)
- arm64: mm: Correct the update of max_pfn (git-fixes)
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).
- asus-laptop: Fix an uninitialized variable (git-fixes).
- ata: libata-sata: Save all fields from sense data descriptor (git-fixes).
- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).
- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).
- ata: libata-scsi: Improve CDL control (git-fixes).
- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes).
- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes).
- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).
- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).
- badblocks: Fix error shitf ops (git-fixes).
- badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes).
- badblocks: fix missing bad blocks on retry in _badblocks_check() (git-fixes).
- badblocks: fix the using of MAX_BADBLOCKS (git-fixes).
- badblocks: return error directly when setting badblocks exceeds 512 (git-fixes).
- badblocks: return error if any badblock set fails (git-fixes).
- blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes).
- block: change blk_mq_add_to_batch() third argument type to bool (git-fixes).
- block: fix 'kmem_cache of name 'bio-108' already exists' (git-fixes).
- block: fix conversion of GPT partition name to 7-bit (git-fixes).
- block: fix resource leak in blk_register_queue() error path (git-fixes).
- block: integrity: Do not call set_page_dirty_lock() (git-fixes).
- block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
- bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes).
- bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes).
- bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes).
- bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes).
- bpf: Check size for BTF-based ctx access of pointer members (git-fixes).
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).
- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes).
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- bpf: add find_containing_subprog() utility function (bsc#1241590).
- bpf: avoid holding freeze_mutex during mmap operation (git-fixes).
- bpf: check changes_pkt_data property for extension programs (bsc#1241590).
- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).
- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).
- bpf: fix potential error return (git-fixes).
- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).
- bpf: track changes_pkt_data property for global functions (bsc#1241590).
- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes).
- btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204).
- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).
- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).
- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
- btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151).
- btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204).
- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
- btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204).
- btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204).
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- can: bcm: add missing rcu read protection for procfs content (git-fixes).
- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).
- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).
- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).
- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).
- can: slcan: allow reception of short error messages (git-fixes).
- cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes).
- char: misc: register chrdev region with all possible minors (git-fixes).
- check-for-config-changes: Fix flag name typo
- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).
- cifs: change tcon status when need_reconnect is set on it (git-fixes).
- cifs: reduce warning log level for server not advertising interfaces (git-fixes).
- counter: fix privdata alignment (git-fixes).
- counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes).
- counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes).
- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052)
- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052)
- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052)
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes).
- crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes).
- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).
- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git-fixes).
- devlink: fix port new reply cmd type (git-fixes).
- dm-bufio: do not schedule in atomic context (git-fixes).
- dm-ebs: fix prefetch-vs-suspend race (git-fixes).
- dm-integrity: fix a warning on invalid table line (git-fixes).
- dm-integrity: set ti->error on memory allocation failure (git-fixes).
- dm-verity: fix prefetch-vs-suspend race (git-fixes).
- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).
- dm: always update the array size in realloc_argv on success (git-fixes).
- dm: fix copying after src array boundaries (git-fixes).
- dma-buf: insert memory barrier before updating num_fences (git-fixes).
- dmaengine: Revert 'dmaengine: dmatest: Fix dmatest waiting less when interrupted' (git-fixes).
- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).
- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).
- drivers: base: devres: Allow to release group on device release (stable-fixes).
- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
- drm/amd/display: Copy AUX read reply data whenever length > 0 (git-fixes).
- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
- drm/amd/display: Fix gpu reset in multidisplay config (git-fixes).
- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).
- drm/amd/display: Force full update in gpu reset (stable-fixes).
- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).
- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).
- drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
- drm/amd/pm/smu11: Prevent division by zero (git-fixes).
- drm/amd/pm: Prevent division by zero (git-fixes).
- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
- drm/amd: Handle being compiled without SI or CIK support better (stable-fixes).
- drm/amd: Keep display off while going into S4 (stable-fixes).
- drm/amdgpu/dma_buf: fix page_link check (git-fixes).
- drm/amdgpu/gfx11: fix num_mec (git-fixes).
- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
- drm/amdkfd: Fix mode1 reset crash issue (stable-fixes).
- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes).
- drm/amdkfd: clamp queue size to minimum (stable-fixes).
- drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes).
- drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes).
- drm/dp_mst: Add a helper to queue a topology probe (stable-fixes).
- drm/dp_mst: Factor out function to queue a topology probe work (stable-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
- drm/fdinfo: Protect against driver unbind (git-fixes).
- drm/i915/dg2: wait for HuC load completion before running selftests (stable-fixes).
- drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes).
- drm/i915/huc: Fix fence not released on early probe errors (git-fixes).
- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' (git-fixes).
- drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes).
- drm/i915: Disable RPG during live selftest (git-fixes).
- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable-fixes).
- drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable-fixes).
- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).
- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).
- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).
- drm/sti: remove duplicate object names (git-fixes).
- drm/tests: Add helper to create mock crtc (stable-fixes).
- drm/tests: Add helper to create mock plane (stable-fixes).
- drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git-fixes).
- drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: helpers: Add atomic helpers (stable-fixes).
- drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable-fixes).
- drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes).
- drm/tests: helpers: Fix compiler warning (git-fixes).
- drm/tests: modes: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes).
- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).
- drm: allow encoder mode_set even when connectors change for crtc (stable-fixes).
- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes).
- drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes).
- drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes).
- e1000e: change k1 configuration on MTP and later platforms (git-fixes).
- eth: bnxt: fix missing ring index trim on error path (git-fixes).
- ethtool: Fix context creation with no parameters (git-fixes).
- ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes).
- ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git-fixes).
- ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes).
- ethtool: fix setting key and resetting indir at once (git-fixes).
- ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes).
- ethtool: netlink: do not return SQI value if link is down (git-fixes).
- ethtool: plca: fix plca enable data type while parsing the value (git-fixes).
- ethtool: rss: echo the context number back (git-fixes).
- exfat: do not fallback to buffered write (git-fixes).
- exfat: drop ->i_size_ondisk (git-fixes).
- exfat: fix potential wrong error return from get_block (git-fixes).
- exfat: fix soft lockup in exfat_clear_bitmap (git-fixes).
- exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes).
- exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes).
- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).
- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).
- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).
- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).
- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).
- ext4: goto right label 'out_mmap_sem' in ext4_setattr() (bsc#1242556).
- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).
- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).
- ext4: protect ext4_release_dquot against freezing (bsc#1242335).
- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536).
- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).
- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538).
- fbdev: omapfb: Add 'plane' value check (stable-fixes).
- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).
- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).
- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (git-fixes).
- fs/jfs: Prevent integer overflow in AG size calculation (git-fixes).
- fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes).
- fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250).
- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528).
- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).
- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).
- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).
- gpio: tegra186: fix resource handling in ACPI probe path (git-fixes).
- gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes).
- gve: handle overflow when reporting TX consumed descriptors (git-fixes).
- gve: set xdp redirect target only when it is available (git-fixes).
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable-fixes).
- i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes).
- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).
- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).
- ice: Add check for devm_kzalloc() (git-fixes).
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).
- ice: fix reservation of resources for RDMA when disabled (git-fixes).
- ice: stop truncating queue ids when checking (git-fixes).
- idpf: check error for register_netdev() on init (git-fixes).
- idpf: fix adapter NULL pointer dereference on reboot (git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- igb: reject invalid external timestamp requests for 82580-based HW (git-fixes).
- igc: add lock preventing multiple simultaneous PTM transactions (git-fixes).
- igc: cleanup PTP module if probe fails (git-fixes).
- igc: fix PTM cycle trigger logic (git-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes).
- igc: increase wait time before retrying PTM (git-fixes).
- igc: move ktime snapshot into PTM retry loop (git-fixes).
- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).
- iio: adc: ad7606: fix serial register access (git-fixes).
- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).
- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).
- iio: adis16201: Correct inclinometer channel resolution (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).
- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).
- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).
- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- ipv4: Fix incorrect source address in Record Route option (git-fixes).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).
- ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr (git-fixes).
- ipv4: fix source address selection with route leak (git-fixes).
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes).
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
- ipv6: Align behavior across nexthops during path selection (git-fixes).
- ipv6: Do not consider link down nexthops in path selection (git-fixes).
- ipv6: Start path selection from the first nexthop (git-fixes).
- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).
- irqchip/davinci: Remove leftover header (git-fixes).
- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes).
- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).
- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).
- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).
- jbd2: fix off-by-one while erasing journal (bsc#1242344).
- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).
- jbd2: increase IO priority for writing revoke records (bsc#1242332).
- jbd2: increase the journal IO's priority (bsc#1242537).
- jbd2: remove wrong sb->s_sequence check (bsc#1242343).
- jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes).
- jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes).
- jfs: add sanity check for agwidth in dbMount (git-fixes).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- kABI workaround for powercap update (bsc#1241010).
- kernel-binary: Support livepatch_rt with merged RT branch
- kernel-obs-qa: Use srchash for dependency as well
- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes).
- kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes).
- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes).
- libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__default_new() to perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309).
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: LOOP_SET_FD: send uevents for partitions (git-fixes).
- loop: aio inherit the ioprio of original request (git-fixes).
- loop: do not require ->write_iter for writable files in loop_configure (git-fixes).
- loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes).
- loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes).
- md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212)
- md/raid1,raid10: do not ignore IO flags (git-fixes).
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- md: add a new callback pers->bitmap_sector() (git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md: preserve KABI in struct md_personality v2 (git-fixes).
- media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes).
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).
- mei: me: add panther lake H DID (stable-fixes).
- misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes).
- misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes).
- mm/readahead: fix large folio support in async readahead (bsc#1242321).
- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).
- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).
- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).
- mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable-fixes).
- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes).
- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).
- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).
- mptcp: refine opt_mp_capable determination (git-fixes).
- mptcp: relax check on MPC passive fallback (git-fixes).
- mptcp: strict validation before using mp_opt->hmac (git-fixes).
- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).
- mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- mtd: rawnand: Add status chack in r852_ready() (git-fixes).
- neighbour: delete redundant judgment statements (git-fixes).
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).
- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
- net/mlx5: Fill out devlink dev info only for PFs (git-fixes).
- net/mlx5: IRQ, Fix null string in debug print (git-fixes).
- net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git-fixes).
- net/mlx5: Start health poll after enable hca (git-fixes).
- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
- net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes).
- net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes).
- net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes).
- net/tcp: refactor tcp_inet6_sk() (git-fixes).
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).
- net: Handle napi_schedule() calls from non-interrupt (git-fixes).
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).
- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
- net: annotate data-races around sk->sk_dst_pending_confirm (git-fixes).
- net: annotate data-races around sk->sk_tx_queue_mapping (git-fixes).
- net: blackhole_dev: fix build warning for ethh set but not used (git-fixes).
- net: do not dump stack on queue timeout (git-fixes).
- net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes).
- net: ethtool: Fix RSS setting (git-fixes).
- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
- net: mana: Switch to page pool for jumbo frames (git-fixes).
- net: mark racy access on sk->sk_rcvbuf (git-fixes).
- net: phy: leds: fix memory leak (git-fixes).
- net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).
- net: sctp: fix skb leak in sctp_inq_free() (git-fixes).
- net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes).
- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).
- net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes).
- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).
- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- netpoll: Ensure clean state on setup failures (git-fixes).
- netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes).
- nfs: add missing selections of CONFIG_CRC32 (git-fixes).
- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).
- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).
- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes).
- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).
- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).
- ntb: Force physically contiguous allocation of rx ring buffers (git-fixes).
- ntb: intel: Fix using link status DB's (git-fixes).
- ntb: reduce stack usage in idt_scan_mws (stable-fixes).
- ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes).
- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).
- ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes).
- ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes).
- ntb_perf: Fix printk format (git-fixes).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
- nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes).
- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).
- nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes).
- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).
- nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).
- nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git-fixes).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
- nvme: multipath: fix return value of nvme_available_path (git-fixes).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvme: unblock ctrl state transition for firmware update (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvmet-fcloop: swap list_add_tail arguments (git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).
- objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git-fixes).
- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).
- objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes).
- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
- padata: do not leak refcount in reorder_work (git-fixes).
- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- perf tools: annotate asm_pure_loop.S (bsc#1239906).
- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).
- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)
- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)
- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)
- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).
- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).
- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).
- platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes).
- platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes).
- platform/x86: ISST: Correct command storage data length (git-fixes).
- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).
- platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes).
- pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes).
- powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes).
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010).
- powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010).
- powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes).
- powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes).
- powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes).
- powerpc/boot: Check for ld-option support (bsc#1215199).
- powerpc/boot: Fix dash warning (bsc#1215199).
- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes).
- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes).
- pwm: rcar: Improve register calculation (git-fixes).
- qibfs: fix _another_ leak (git-fixes)
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- rcu: Introduce rcu_cpu_online() (git-fixes)
- regulator: max20086: fix invalid memory access (git-fixes).
- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).
- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).
- rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013).
- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
- s390/cio: Fix CHPID 'configure' attribute caching (git-fixes bsc#1240979).
- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978).
- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)
- scsi: Improve CDL control (git-fixes).
- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
- scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes).
- scsi: hisi_sas: Enable force phy when SATA disk directly connected (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes).
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).
- scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag (git-fixes).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: mpi3mr: Fix locking in an error path (git-fixes).
- scsi: mpt3sas: Fix a locking bug in an error path (git-fixes).
- scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).
- scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes).
- sctp: Fix undefined behavior in left shift operation (git-fixes).
- sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes).
- sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes).
- sctp: fix association labeling in the duplicate COOKIE-ECHO case (git-fixes).
- sctp: fix busy polling (git-fixes).
- sctp: prefer struct_size over open coded arithmetic (git-fixes).
- sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes).
- security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375).
- selftests/bpf: Add a few tests to cover (git-fixes).
- selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes).
- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).
- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).
- selftests/bpf: test for changing packet data from global functions (bsc#1241590).
- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).
- selftests/futex: futex_waitv wouldblock test should fail (git-fixes).
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
- selftests/mm: generate a temporary mountpoint for cgroup filesystem (git-fixes).
- selinux: Implement mptcp_add_subflow hook (bsc#1240375).
- serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes).
- serial: msm: Configure correct working mode before starting earlycon (git-fixes).
- serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes).
- smb3: fix Open files on server counter going negative (git-fixes).
- smb: client: Use str_yes_no() helper function (git-fixes).
- smb: client: allow more DFS referrals to be cached (git-fixes).
- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).
- smb: client: do not retry DFS targets on server shutdown (git-fixes).
- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).
- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).
- smb: client: fix DFS interlink failover (git-fixes).
- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
- smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265).
- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).
- smb: client: fix open_cached_dir retries with 'hard' mount option (bsc#1240616).
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- smb: client: fix return value of parse_dfs_referrals() (git-fixes).
- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).
- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).
- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).
- smb: client: improve purging of cached referrals (git-fixes).
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- smb: client: optimize referral walk on failed link targets (git-fixes).
- smb: client: parse DNS domain name from domain= option (git-fixes).
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- smb: client: refresh referral without acquiring refpath_lock (git-fixes).
- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).
- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).
- spi: tegra114: Use value to check for invalid delays (git-fixes).
- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).
- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).
- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).
- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).
- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).
- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).
- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).
- string: Add load_unaligned_zeropad() code path to sized_strscpy() (git-fixes).
- tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes).
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).
- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).
- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).
- tools/hv: update route parsing in kvp daemon (git-fixes).
- tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175).
- tools/power turbostat: report CoreThr per measurement interval (git-fixes).
- topology: Set capacity_freq_ref in all cases (bsc#1238052)
- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).
- tpm: tis: Double the timeout B to 4s (bsc#1235870).
- tpm_tis: Move CRC check to generic send routine (bsc#1235870).
- tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870).
- tty: n_tty: use uint for space returned by tty_write_room() (git-fixes).
- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).
- tty: serial: 8250: Add some more device IDs (stable-fixes).
- tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes).
- tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes).
- ublk: set_params: properly check if parameters can be applied (git-fixes).
- ucsi_ccg: Do not show failed to get FW build information error (git-fixes).
- udf: Fix inode_getblk() return value (bsc#1242313).
- udf: Skip parent dir link count update if corrupted (bsc#1242315).
- udf: Verify inode link counts before performing rename (bsc#1242314).
- usb: cdns3: Fix deadlock when using NCM gadget (git-fixes).
- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).
- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git-fixes).
- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git-fixes).
- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).
- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).
- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).
- usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes).
- usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes).
- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).
- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).
- usb: gadget: f_ecm: Add get_status callback (git-fixes).
- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).
- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).
- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).
- usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func (stable-fixes).
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).
- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).
- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).
- usb: uhci-platform: Make the clock really optional (git-fixes).
- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).
- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).
- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).
- usb: xhci: correct debug message page size calculation (git-fixes).
- usbnet:fix NPE during rx_complete (git-fixes).
- vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes).
- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).
- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).
- virtchnl: make proto and filter action count unsigned (git-fixes).
- virtio_console: fix missing byte order handling for cols and rows (git-fixes).
- vmxnet3: Fix tx queue race condition with XDP (bsc#1241394).
- vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394).
- wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes).
- wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes).
- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes).
- wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable-fixes).
- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).
- wifi: brcmfmac: keep power during suspend if board requires it (stable-fixes).
- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).
- wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes).
- wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes).
- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes).
- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).
- wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (git-fixes).
- wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable-fixes).
- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).
- wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes).
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).
- x86/bugs: Add RSB mitigation document (git-fixes).
- x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes).
- x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes).
- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).
- x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes).
- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).
- x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes).
- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).
- x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes).
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes).
- x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes).
- x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes).
- x86/microcode/AMD: Split load_microcode_amd() (git-fixes).
- x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes).
- x86/microcode/intel: Set new revision only after a successful update (git-fixes).
- x86/microcode: Remove the driver announcement and version (git-fixes).
- x86/microcode: Rework early revisions reporting (git-fixes).
- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).
- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).
- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).
- x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes).
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- xenfs/xensyms: respect hypervisor's 'next' indication (git-fixes).
- xfs: flush inodegc before swapon (git-fixes).
- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).
- xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550).
- xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550).
- xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550).
- xhci: split free interrupter into separate remove and free parts (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- xsk: Do not assume metadata is always requested in TX completion (git-fixes).
- zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167).
Patchnames
SUSE-2025-1964,SUSE-SLE-Module-Live-Patching-15-SP6-2025-1964,SUSE-SLE-Module-RT-15-SP6-2025-1964,openSUSE-SLE-15.6-2025-1964
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).\n- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).\n- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).\n- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).\n- CVE-2024-50162: bpf: selftests: send packet to devmap redirect XDP (bsc#1233075).\n- CVE-2024-50163: bpf: Make sure internal and UAPI bpf_redirect flags do not overlap (bsc#1233098).\n- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).\n- CVE-2024-53124: net: fix data-races around sk-\u003esk_forward_alloc (bsc#1234074).\n- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).\n- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).\n- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).\n- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).\n- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).\n- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).\n- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).\n- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).\n- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).\n- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).\n- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).\n- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1237312).\n- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).\n- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).\n- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).\n- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).\n- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).\n- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).\n- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).\n- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).\n- CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742).\n- CVE-2025-21812: ax25: rcu protect dev-\u003eax25_ptr (bsc#1238471).\n- CVE-2025-21814: ptp: Ensure info-\u003eenable callback is always set (bsc#1238473).\n- CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108).\n- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).\n- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).\n- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).\n- CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181).\n- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).\n- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).\n- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).\n- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).\n- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).\n- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).\n- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).\n- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).\n- CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576).\n- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).\n- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).\n- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).\n- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).\n- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).\n- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error (bsc#1240720).\n- CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713).\n- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).\n- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).\n- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level \u003e 2 (bsc#1240742).\n- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).\n- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).\n- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).\n- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).\n- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).\n- CVE-2025-21969: kABI workaround for l2cap_conn changes (bsc#1240784).\n- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).\n- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).\n- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).\n- CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809).\n- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).\n- CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811).\n- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).\n- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).\n- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).\n- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).\n- CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944).\n- CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934).\n- CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936).\n- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).\n- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).\n- CVE-2025-22029: exec: fix the racy usage of fs_struct-\u003ein_exec (bsc#1241378).\n- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).\n- CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426).\n- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).\n- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).\n- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).\n- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).\n- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).\n- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).\n- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).\n- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).\n- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).\n- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).\n- CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416).\n- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).\n- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).\n- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).\n- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).\n- CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548).\n- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).\n- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).\n- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578).\n- CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593).\n- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).\n- CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451).\n- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).\n- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).\n- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).\n- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).\n- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).\n- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).\n- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).\n- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).\n- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).\n- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).\n- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).\n- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).\n- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).\n- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).\n- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).\n- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).\n- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).\n- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).\n- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).\n- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).\n- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).\n- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).\n- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).\n- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).\n- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).\n- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).\n- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).\n- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).\n- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).\n- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).\n- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).\n- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).\n- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).\n- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).\n- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).\n- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).\n- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).\n- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).\n- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).\n- CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626).\n\nThe following non-security bugs were fixed:\n\n- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).\n- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).\n- ACPI: PPTT: Fix processor subtable walk (git-fixes).\n- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable-fixes).\n- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes).\n- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).\n- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).\n- ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git-fixes).\n- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).\n- ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes).\n- ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes).\n- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).\n- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).\n- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).\n- ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044).\n- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).\n- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).\n- ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes).\n- ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes).\n- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).\n- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).\n- ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable-fixes).\n- ASoC: Use of_property_read_bool() (stable-fixes).\n- ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes).\n- ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes).\n- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes).\n- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes).\n- ASoC: fsl_audmix: register card device depends on \u0027dais\u0027 property (stable-fixes).\n- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).\n- ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes).\n- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes).\n- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes).\n- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git-fixes).\n- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).\n- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).\n- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).\n- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).\n- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).\n- Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes).\n- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).\n- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).\n- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes).\n- Bluetooth: hci_uart: Fix another race during initialization (git-fixes).\n- Bluetooth: hci_uart: fix race during initialization (stable-fixes).\n- Bluetooth: l2cap: Check encryption key size on incoming connection (git-fixes).\n- Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes).\n- Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes).\n- pci: Drop PCI patch that caused a regression (bsc#1241123)\n- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).\n- HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable-fixes).\n- HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes).\n- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).\n- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).\n- IB/cm: use rwlock for MAD agent lock (git-fixes)\n- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).\n- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).\n- Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git-fixes).\n- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).\n- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).\n- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).\n- Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes).\n- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).\n- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).\n- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).\n- Input: xpad - fix two controller table values (git-fixes).\n- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).\n- KVM: SVM: Drop DEBUGCTL[5:2] from guest\u0027s effective value (git-fixes).\n- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).\n- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).\n- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).\n- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).\n- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).\n- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).\n- KVM: arm64: Mark some header functions as inline (git-fixes).\n- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).\n- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).\n- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).\n- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).\n- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).\n- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).\n- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).\n- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).\n- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).\n- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).\n- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).\n- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).\n- KVM: x86/xen: Use guest\u0027s copy of pvclock when starting timer (git-fixes).\n- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).\n- KVM: x86: Do not take kvm-\u003elock when iterating over vCPUs in suspend notifier (git-fixes).\n- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).\n- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn\u0027t supported by KVM (git-fixes).\n- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).\n- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).\n- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).\n- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).\n- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).\n- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).\n- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn\u0027t up (git-fixes).\n- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).\n- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).\n- OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961)\n- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git-fixes).\n- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).\n- PCI: Fix reference leak in pci_register_host_bridge() (git-fixes).\n- PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes).\n- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes).\n- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)\n- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes)\n- RDMA/core: Fix \u0027KASAN: slab-use-after-free Read in ib_register_device\u0027 problem (git-fixes)\n- RDMA/core: Silence oversized kvmalloc() warning (git-fixes)\n- RDMA/hns: Fix wrong maximum DMA segment size (git-fixes)\n- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)\n- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)\n- RDMA/mana_ib: Ensure variable err is initialized (git-fixes).\n- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)\n- RDMA/rxe: Fix \u0027trying to register non-static key in rxe_qp_do_cleanup\u0027 bug (git-fixes)\n- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)\n- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes)\n- mm: Revert commit (bsc#1241051)\n- Squashfs: check return result of sb_min_blocksize (git-fixes).\n- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).\n- USB: VLI disk crashes if LPM is used (stable-fixes).\n- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).\n- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).\n- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).\n- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).\n- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).\n- USB: wdm: add annotation (git-fixes).\n- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes).\n- USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes).\n- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes).\n- RDMA: Update patch RDMA-core-Don-t-expose-hw_counters-outside-of-init-n.patch (git-fixes bsc#1239925).\n- kABI: Update patch kABI-fix-for-RDMA-core-Don-t-expose-hw_counters-outs.patch (git-fixes bsc#1239925).\n- nvme: Update patch nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch (git-fixes bsc#1235149).\n- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).\n- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes).\n- add bug reference for an existing hv_netvsc change (bsc#1243737).\n- affs: do not write overlarge OFS data block size fields (git-fixes).\n- affs: generate OFS sequence numbers starting at 1 (git-fixes).\n- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).\n- afs: Make it possible to find the volumes that are using a server (git-fixes).\n- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes).\n- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)\n- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)\n- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)\n- arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes)\n- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)\n- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)\n- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)\n- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)\n- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)\n- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)\n- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)\n- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)\n- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)\n- arm64: insn: Add support for encoding DSB (git-fixes)\n- arm64: mm: Correct the update of max_pfn (git-fixes)\n- arm64: proton-pack: Add new CPUs \u0027k\u0027 values for branch mitigation (git-fixes)\n- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)\n- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)\n- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).\n- asus-laptop: Fix an uninitialized variable (git-fixes).\n- ata: libata-sata: Save all fields from sense data descriptor (git-fixes).\n- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).\n- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).\n- ata: libata-scsi: Improve CDL control (git-fixes).\n- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes).\n- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes).\n- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).\n- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).\n- badblocks: Fix error shitf ops (git-fixes).\n- badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes).\n- badblocks: fix missing bad blocks on retry in _badblocks_check() (git-fixes).\n- badblocks: fix the using of MAX_BADBLOCKS (git-fixes).\n- badblocks: return error directly when setting badblocks exceeds 512 (git-fixes).\n- badblocks: return error if any badblock set fails (git-fixes).\n- blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes).\n- block: change blk_mq_add_to_batch() third argument type to bool (git-fixes).\n- block: fix \u0027kmem_cache of name \u0027bio-108\u0027 already exists\u0027 (git-fixes).\n- block: fix conversion of GPT partition name to 7-bit (git-fixes).\n- block: fix resource leak in blk_register_queue() error path (git-fixes).\n- block: integrity: Do not call set_page_dirty_lock() (git-fixes).\n- block: make sure -\u003enr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes).\n- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).\n- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).\n- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).\n- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).\n- bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes).\n- bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes).\n- bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes).\n- bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes).\n- bpf: Check size for BTF-based ctx access of pointer members (git-fixes).\n- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).\n- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes).\n- bpf: Scrub packet on bpf_redirect_peer (git-fixes).\n- bpf: add find_containing_subprog() utility function (bsc#1241590).\n- bpf: avoid holding freeze_mutex during mmap operation (git-fixes).\n- bpf: check changes_pkt_data property for extension programs (bsc#1241590).\n- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).\n- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).\n- bpf: fix potential error return (git-fixes).\n- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).\n- bpf: track changes_pkt_data property for global functions (bsc#1241590).\n- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes).\n- btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204).\n- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).\n- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).\n- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).\n- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).\n- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).\n- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).\n- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).\n- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).\n- btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151).\n- btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204).\n- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).\n- btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204).\n- btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204).\n- can: bcm: add locking for bcm_op runtime updates (git-fixes).\n- can: bcm: add missing rcu read protection for procfs content (git-fixes).\n- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).\n- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).\n- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).\n- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).\n- can: slcan: allow reception of short error messages (git-fixes).\n- cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes).\n- char: misc: register chrdev region with all possible minors (git-fixes).\n- check-for-config-changes: Fix flag name typo\n- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).\n- cifs: change tcon status when need_reconnect is set on it (git-fixes).\n- cifs: reduce warning log level for server not advertising interfaces (git-fixes).\n- counter: fix privdata alignment (git-fixes).\n- counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes).\n- counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes).\n- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052)\n- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052)\n- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052)\n- crypto: algif_hash - fix double free in hash_accept (git-fixes).\n- crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes).\n- crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes).\n- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).\n- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git-fixes).\n- devlink: fix port new reply cmd type (git-fixes).\n- dm-bufio: do not schedule in atomic context (git-fixes).\n- dm-ebs: fix prefetch-vs-suspend race (git-fixes).\n- dm-integrity: fix a warning on invalid table line (git-fixes).\n- dm-integrity: set ti-\u003eerror on memory allocation failure (git-fixes).\n- dm-verity: fix prefetch-vs-suspend race (git-fixes).\n- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).\n- dm: always update the array size in realloc_argv on success (git-fixes).\n- dm: fix copying after src array boundaries (git-fixes).\n- dma-buf: insert memory barrier before updating num_fences (git-fixes).\n- dmaengine: Revert \u0027dmaengine: dmatest: Fix dmatest waiting less when interrupted\u0027 (git-fixes).\n- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).\n- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).\n- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).\n- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).\n- dmaengine: idxd: Fix -\u003epoll() return value (git-fixes).\n- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).\n- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).\n- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).\n- dmaengine: mediatek: drop unused variable (git-fixes).\n- dmaengine: ti: k3-udma: Add missing locking (git-fixes).\n- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).\n- drivers: base: devres: Allow to release group on device release (stable-fixes).\n- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).\n- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).\n- drm/amd/display: Copy AUX read reply data whenever length \u003e 0 (git-fixes).\n- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).\n- drm/amd/display: Fix gpu reset in multidisplay config (git-fixes).\n- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).\n- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).\n- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).\n- drm/amd/display: Force full update in gpu reset (stable-fixes).\n- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).\n- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).\n- drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes).\n- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).\n- drm/amd/pm/smu11: Prevent division by zero (git-fixes).\n- drm/amd/pm: Prevent division by zero (git-fixes).\n- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).\n- drm/amd: Handle being compiled without SI or CIK support better (stable-fixes).\n- drm/amd: Keep display off while going into S4 (stable-fixes).\n- drm/amdgpu/dma_buf: fix page_link check (git-fixes).\n- drm/amdgpu/gfx11: fix num_mec (git-fixes).\n- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).\n- drm/amdgpu: fix pm notifier handling (git-fixes).\n- drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes).\n- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).\n- drm/amdkfd: Fix mode1 reset crash issue (stable-fixes).\n- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes).\n- drm/amdkfd: clamp queue size to minimum (stable-fixes).\n- drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes).\n- drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes).\n- drm/dp_mst: Add a helper to queue a topology probe (stable-fixes).\n- drm/dp_mst: Factor out function to queue a topology probe work (stable-fixes).\n- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).\n- drm/fdinfo: Protect against driver unbind (git-fixes).\n- drm/i915/dg2: wait for HuC load completion before running selftests (stable-fixes).\n- drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes).\n- drm/i915/huc: Fix fence not released on early probe errors (git-fixes).\n- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions\u0027 (git-fixes).\n- drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes).\n- drm/i915: Disable RPG during live selftest (git-fixes).\n- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable-fixes).\n- drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable-fixes).\n- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).\n- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).\n- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).\n- drm/sti: remove duplicate object names (git-fixes).\n- drm/tests: Add helper to create mock crtc (stable-fixes).\n- drm/tests: Add helper to create mock plane (stable-fixes).\n- drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git-fixes).\n- drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes).\n- drm/tests: helpers: Add atomic helpers (stable-fixes).\n- drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable-fixes).\n- drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes).\n- drm/tests: helpers: Fix compiler warning (git-fixes).\n- drm/tests: modes: Fix drm_display_mode memory leak (git-fixes).\n- drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes).\n- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).\n- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).\n- drm: allow encoder mode_set even when connectors change for crtc (stable-fixes).\n- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes).\n- drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes).\n- drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes).\n- drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes).\n- drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes).\n- e1000e: change k1 configuration on MTP and later platforms (git-fixes).\n- eth: bnxt: fix missing ring index trim on error path (git-fixes).\n- ethtool: Fix context creation with no parameters (git-fixes).\n- ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes).\n- ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git-fixes).\n- ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes).\n- ethtool: fix setting key and resetting indir at once (git-fixes).\n- ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes).\n- ethtool: netlink: do not return SQI value if link is down (git-fixes).\n- ethtool: plca: fix plca enable data type while parsing the value (git-fixes).\n- ethtool: rss: echo the context number back (git-fixes).\n- exfat: do not fallback to buffered write (git-fixes).\n- exfat: drop -\u003ei_size_ondisk (git-fixes).\n- exfat: fix potential wrong error return from get_block (git-fixes).\n- exfat: fix soft lockup in exfat_clear_bitmap (git-fixes).\n- exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes).\n- exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes).\n- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).\n- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).\n- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).\n- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).\n- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).\n- ext4: goto right label \u0027out_mmap_sem\u0027 in ext4_setattr() (bsc#1242556).\n- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).\n- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).\n- ext4: protect ext4_release_dquot against freezing (bsc#1242335).\n- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536).\n- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).\n- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538).\n- fbdev: omapfb: Add \u0027plane\u0027 value check (stable-fixes).\n- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).\n- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).\n- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (git-fixes).\n- fs/jfs: Prevent integer overflow in AG size calculation (git-fixes).\n- fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes).\n- fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250).\n- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528).\n- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).\n- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).\n- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).\n- gpio: tegra186: fix resource handling in ACPI probe path (git-fixes).\n- gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes).\n- gve: handle overflow when reporting TX consumed descriptors (git-fixes).\n- gve: set xdp redirect target only when it is available (git-fixes).\n- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes).\n- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).\n- hv_netvsc: Remove rmsg_pgcnt (git-fixes).\n- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).\n- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable-fixes).\n- i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes).\n- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).\n- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).\n- ice: Add check for devm_kzalloc() (git-fixes).\n- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).\n- ice: fix reservation of resources for RDMA when disabled (git-fixes).\n- ice: stop truncating queue ids when checking (git-fixes).\n- idpf: check error for register_netdev() on init (git-fixes).\n- idpf: fix adapter NULL pointer dereference on reboot (git-fixes).\n- idpf: fix offloads support for encapsulated packets (git-fixes).\n- idpf: fix potential memory leak on kcalloc() failure (git-fixes).\n- idpf: protect shutdown from reset (git-fixes).\n- igb: reject invalid external timestamp requests for 82580-based HW (git-fixes).\n- igc: add lock preventing multiple simultaneous PTM transactions (git-fixes).\n- igc: cleanup PTP module if probe fails (git-fixes).\n- igc: fix PTM cycle trigger logic (git-fixes).\n- igc: fix lock order in igc_ptp_reset (git-fixes).\n- igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes).\n- igc: increase wait time before retrying PTM (git-fixes).\n- igc: move ktime snapshot into PTM retry loop (git-fixes).\n- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).\n- iio: adc: ad7606: fix serial register access (git-fixes).\n- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).\n- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).\n- iio: adis16201: Correct inclinometer channel resolution (git-fixes).\n- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).\n- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).\n- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).\n- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).\n- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).\n- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).\n- ipv4/route: avoid unused-but-set-variable warning (git-fixes).\n- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).\n- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).\n- ipv4: Fix incorrect source address in Record Route option (git-fixes).\n- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).\n- ipv4: fib: annotate races around nh-\u003enh_saddr_genid and nh-\u003enh_saddr (git-fixes).\n- ipv4: fix source address selection with route leak (git-fixes).\n- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).\n- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).\n- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes).\n- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).\n- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).\n- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).\n- ipv6: Align behavior across nexthops during path selection (git-fixes).\n- ipv6: Do not consider link down nexthops in path selection (git-fixes).\n- ipv6: Start path selection from the first nexthop (git-fixes).\n- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).\n- irqchip/davinci: Remove leftover header (git-fixes).\n- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes).\n- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).\n- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).\n- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).\n- jbd2: fix off-by-one while erasing journal (bsc#1242344).\n- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).\n- jbd2: increase IO priority for writing revoke records (bsc#1242332).\n- jbd2: increase the journal IO\u0027s priority (bsc#1242537).\n- jbd2: remove wrong sb-\u003es_sequence check (bsc#1242343).\n- jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes).\n- jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes).\n- jfs: add sanity check for agwidth in dbMount (git-fixes).\n- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).\n- jiffies: Define secs_to_jiffies() (bsc#1242993).\n- kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).\n- kABI workaround for powercap update (bsc#1241010).\n- kernel-binary: Support livepatch_rt with merged RT branch\n- kernel-obs-qa: Use srchash for dependency as well\n- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes).\n- kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes).\n- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes).\n- libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__default_new() to perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309).\n- loop: Add sanity check for read/write_iter (git-fixes).\n- loop: LOOP_SET_FD: send uevents for partitions (git-fixes).\n- loop: aio inherit the ioprio of original request (git-fixes).\n- loop: do not require -\u003ewrite_iter for writable files in loop_configure (git-fixes).\n- loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes).\n- loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes).\n- md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212)\n- md/raid1,raid10: do not ignore IO flags (git-fixes).\n- md/raid10: fix missing discard IO accounting (git-fixes).\n- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).\n- md/raid1: Add check for missing source disk in process_checks() (git-fixes).\n- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).\n- md/raid5: implement pers-\u003ebitmap_sector() (git-fixes).\n- md: add a new callback pers-\u003ebitmap_sector() (git-fixes).\n- md: ensure resync is prioritized over recovery (git-fixes).\n- md: fix mddev uaf while iterating all_mddevs list (git-fixes).\n- md: preserve KABI in struct md_personality v2 (git-fixes).\n- media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes).\n- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).\n- mei: me: add panther lake H DID (stable-fixes).\n- misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes).\n- misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes).\n- mm/readahead: fix large folio support in async readahead (bsc#1242321).\n- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).\n- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).\n- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).\n- mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable-fixes).\n- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes).\n- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).\n- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).\n- mptcp: refine opt_mp_capable determination (git-fixes).\n- mptcp: relax check on MPC passive fallback (git-fixes).\n- mptcp: strict validation before using mp_opt-\u003ehmac (git-fixes).\n- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).\n- mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes).\n- mtd: phram: Add the kernel lock down check (bsc#1232649).\n- mtd: rawnand: Add status chack in r852_ready() (git-fixes).\n- neighbour: delete redundant judgment statements (git-fixes).\n- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).\n- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).\n- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).\n- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).\n- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).\n- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).\n- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).\n- net/mlx5: Fill out devlink dev info only for PFs (git-fixes).\n- net/mlx5: IRQ, Fix null string in debug print (git-fixes).\n- net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git-fixes).\n- net/mlx5: Start health poll after enable hca (git-fixes).\n- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).\n- net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes).\n- net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes).\n- net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes).\n- net/tcp: refactor tcp_inet6_sk() (git-fixes).\n- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).\n- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).\n- net: Handle napi_schedule() calls from non-interrupt (git-fixes).\n- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).\n- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).\n- net: annotate data-races around sk-\u003esk_dst_pending_confirm (git-fixes).\n- net: annotate data-races around sk-\u003esk_tx_queue_mapping (git-fixes).\n- net: blackhole_dev: fix build warning for ethh set but not used (git-fixes).\n- net: do not dump stack on queue timeout (git-fixes).\n- net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes).\n- net: ethtool: Fix RSS setting (git-fixes).\n- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).\n- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).\n- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).\n- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).\n- net: mana: Switch to page pool for jumbo frames (git-fixes).\n- net: mark racy access on sk-\u003esk_rcvbuf (git-fixes).\n- net: phy: leds: fix memory leak (git-fixes).\n- net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes).\n- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).\n- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).\n- net: sctp: fix skb leak in sctp_inq_free() (git-fixes).\n- net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes).\n- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).\n- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).\n- net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes).\n- net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes).\n- net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes).\n- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).\n- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).\n- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).\n- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).\n- netdev-genl: avoid empty messages in queue dump (git-fixes).\n- netdev: fix repeated netlink messages in queue dump (git-fixes).\n- netlink: annotate data-races around sk-\u003esk_err (git-fixes).\n- netpoll: Ensure clean state on setup failures (git-fixes).\n- netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes).\n- nfs: add missing selections of CONFIG_CRC32 (git-fixes).\n- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).\n- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).\n- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).\n- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).\n- nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes).\n- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).\n- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).\n- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).\n- ntb: Force physically contiguous allocation of rx ring buffers (git-fixes).\n- ntb: intel: Fix using link status DB\u0027s (git-fixes).\n- ntb: reduce stack usage in idt_scan_mws (stable-fixes).\n- ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes).\n- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).\n- ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes).\n- ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes).\n- ntb_perf: Fix printk format (git-fixes).\n- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).\n- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).\n- nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes).\n- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).\n- nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes).\n- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).\n- nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes).\n- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).\n- nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes).\n- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).\n- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).\n- nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git-fixes).\n- nvme: Add \u0027partial_nid\u0027 quirk (bsc#1241148).\n- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).\n- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).\n- nvme: multipath: fix return value of nvme_available_path (git-fixes).\n- nvme: re-read ANA log page after ns scan completes (git-fixes).\n- nvme: requeue namespace scan on missed AENs (git-fixes).\n- nvme: unblock ctrl state transition for firmware update (git-fixes).\n- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).\n- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).\n- nvmet-fc: put ref when assoc-\u003edel_work is already scheduled (git-fixes).\n- nvmet-fc: take tgtport reference only once (git-fixes).\n- nvmet-fc: update tgtport ref per assoc (git-fixes).\n- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).\n- nvmet-fcloop: add ref counting to lport (git-fixes).\n- nvmet-fcloop: replace kref with refcount (git-fixes).\n- nvmet-fcloop: swap list_add_tail arguments (git-fixes).\n- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).\n- objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git-fixes).\n- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).\n- objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes).\n- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).\n- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).\n- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).\n- padata: do not leak refcount in reorder_work (git-fixes).\n- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).\n- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).\n- perf tools: annotate asm_pure_loop.S (bsc#1239906).\n- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).\n- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)\n- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)\n- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)\n- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)\n- phy: Fix error handling in tegra_xusb_port_init (git-fixes).\n- phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).\n- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).\n- phy: tegra: xusb: remove a stray unlock (git-fixes).\n- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).\n- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).\n- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).\n- platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes).\n- platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes).\n- platform/x86: ISST: Correct command storage data length (git-fixes).\n- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).\n- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).\n- platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes).\n- pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes).\n- powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes).\n- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).\n- powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010).\n- powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010).\n- powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes).\n- powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes).\n- powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes).\n- powerpc/boot: Check for ld-option support (bsc#1215199).\n- powerpc/boot: Fix dash warning (bsc#1215199).\n- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).\n- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes).\n- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes).\n- pwm: rcar: Improve register calculation (git-fixes).\n- qibfs: fix _another_ leak (git-fixes)\n- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)\n- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)\n- rcu: Break rcu_node_0 --\u003e \u0026rq-\u003e__lock order (git-fixes)\n- rcu: Introduce rcu_cpu_online() (git-fixes)\n- regulator: max20086: fix invalid memory access (git-fixes).\n- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).\n- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).\n- rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013).\n- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).\n- s390/cio: Fix CHPID \u0027configure\u0027 attribute caching (git-fixes bsc#1240979).\n- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978).\n- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)\n- scsi: Improve CDL control (git-fixes).\n- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).\n- scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes).\n- scsi: hisi_sas: Enable force phy when SATA disk directly connected (git-fixes).\n- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).\n- scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes).\n- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).\n- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).\n- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).\n- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).\n- scsi: lpfc: Fix spelling mistake \u0027Toplogy\u0027 -\u003e \u0027Topology\u0027 (bsc#1242993).\n- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).\n- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).\n- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).\n- scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp-\u003enlp_flag (git-fixes).\n- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).\n- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).\n- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).\n- scsi: mpi3mr: Fix locking in an error path (git-fixes).\n- scsi: mpt3sas: Fix a locking bug in an error path (git-fixes).\n- scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes).\n- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).\n- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).\n- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).\n- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).\n- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).\n- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).\n- scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes).\n- sctp: Fix undefined behavior in left shift operation (git-fixes).\n- sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes).\n- sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).\n- sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes).\n- sctp: fix association labeling in the duplicate COOKIE-ECHO case (git-fixes).\n- sctp: fix busy polling (git-fixes).\n- sctp: prefer struct_size over open coded arithmetic (git-fixes).\n- sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes).\n- security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375).\n- selftests/bpf: Add a few tests to cover (git-fixes).\n- selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes).\n- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).\n- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).\n- selftests/bpf: test for changing packet data from global functions (bsc#1241590).\n- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).\n- selftests/futex: futex_waitv wouldblock test should fail (git-fixes).\n- selftests/mm: fix incorrect buffer-\u003emirror size in hmm2 double_map test (bsc#1242203).\n- selftests/mm: generate a temporary mountpoint for cgroup filesystem (git-fixes).\n- selinux: Implement mptcp_add_subflow hook (bsc#1240375).\n- serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes).\n- serial: msm: Configure correct working mode before starting earlycon (git-fixes).\n- serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes).\n- smb3: fix Open files on server counter going negative (git-fixes).\n- smb: client: Use str_yes_no() helper function (git-fixes).\n- smb: client: allow more DFS referrals to be cached (git-fixes).\n- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).\n- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).\n- smb: client: do not retry DFS targets on server shutdown (git-fixes).\n- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).\n- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).\n- smb: client: fix DFS interlink failover (git-fixes).\n- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).\n- smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265).\n- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).\n- smb: client: fix open_cached_dir retries with \u0027hard\u0027 mount option (bsc#1240616).\n- smb: client: fix potential race in cifs_put_tcon() (git-fixes).\n- smb: client: fix return value of parse_dfs_referrals() (git-fixes).\n- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).\n- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).\n- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).\n- smb: client: improve purging of cached referrals (git-fixes).\n- smb: client: introduce av_for_each_entry() helper (git-fixes).\n- smb: client: optimize referral walk on failed link targets (git-fixes).\n- smb: client: parse DNS domain name from domain= option (git-fixes).\n- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).\n- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).\n- smb: client: refresh referral without acquiring refpath_lock (git-fixes).\n- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).\n- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).\n- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).\n- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).\n- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).\n- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).\n- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).\n- spi: tegra114: Use value to check for invalid delays (git-fixes).\n- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).\n- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).\n- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).\n- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).\n- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).\n- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).\n- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).\n- string: Add load_unaligned_zeropad() code path to sized_strscpy() (git-fixes).\n- tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes).\n- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).\n- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).\n- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).\n- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).\n- tools/hv: update route parsing in kvp daemon (git-fixes).\n- tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175).\n- tools/power turbostat: report CoreThr per measurement interval (git-fixes).\n- topology: Set capacity_freq_ref in all cases (bsc#1238052)\n- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).\n- tpm: tis: Double the timeout B to 4s (bsc#1235870).\n- tpm_tis: Move CRC check to generic send routine (bsc#1235870).\n- tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870).\n- tty: n_tty: use uint for space returned by tty_write_room() (git-fixes).\n- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).\n- tty: serial: 8250: Add some more device IDs (stable-fixes).\n- tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes).\n- tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes).\n- ublk: set_params: properly check if parameters can be applied (git-fixes).\n- ucsi_ccg: Do not show failed to get FW build information error (git-fixes).\n- udf: Fix inode_getblk() return value (bsc#1242313).\n- udf: Skip parent dir link count update if corrupted (bsc#1242315).\n- udf: Verify inode link counts before performing rename (bsc#1242314).\n- usb: cdns3: Fix deadlock when using NCM gadget (git-fixes).\n- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).\n- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git-fixes).\n- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git-fixes).\n- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).\n- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).\n- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).\n- usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes).\n- usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes).\n- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).\n- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).\n- usb: gadget: f_ecm: Add get_status callback (git-fixes).\n- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).\n- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).\n- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).\n- usb: host: xhci-plat: mvebu: use -\u003equirks instead of -\u003einit_quirk() func (stable-fixes).\n- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).\n- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).\n- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).\n- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).\n- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).\n- usb: uhci-platform: Make the clock really optional (git-fixes).\n- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).\n- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).\n- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).\n- usb: xhci: correct debug message page size calculation (git-fixes).\n- usbnet:fix NPE during rx_complete (git-fixes).\n- vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes).\n- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).\n- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).\n- virtchnl: make proto and filter action count unsigned (git-fixes).\n- virtio_console: fix missing byte order handling for cols and rows (git-fixes).\n- vmxnet3: Fix tx queue race condition with XDP (bsc#1241394).\n- vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394).\n- wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes).\n- wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes).\n- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes).\n- wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable-fixes).\n- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).\n- wifi: brcmfmac: keep power during suspend if board requires it (stable-fixes).\n- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).\n- wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes).\n- wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes).\n- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes).\n- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).\n- wifi: mac80211: Update skb\u0027s control block key in ieee80211_tx_dequeue() (git-fixes).\n- wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes).\n- wifi: mt76: disable napi on driver removal (git-fixes).\n- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable-fixes).\n- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).\n- wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes).\n- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).\n- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).\n- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).\n- x86/bugs: Add RSB mitigation document (git-fixes).\n- x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes).\n- x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes).\n- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).\n- x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes).\n- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).\n- x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes).\n- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).\n- x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes).\n- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).\n- x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes).\n- x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes).\n- x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes).\n- x86/microcode/AMD: Split load_microcode_amd() (git-fixes).\n- x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes).\n- x86/microcode/intel: Set new revision only after a successful update (git-fixes).\n- x86/microcode: Remove the driver announcement and version (git-fixes).\n- x86/microcode: Rework early revisions reporting (git-fixes).\n- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).\n- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).\n- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).\n- x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes).\n- x86/xen: move xen_reserve_extra_memory() (git-fixes).\n- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).\n- xen: Change xen-acpi-processor dom0 dependency (git-fixes).\n- xenfs/xensyms: respect hypervisor\u0027s \u0027next\u0027 indication (git-fixes).\n- xfs: flush inodegc before swapon (git-fixes).\n- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).\n- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).\n- xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550).\n- xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550).\n- xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550).\n- xhci: split free interrupter into separate remove and free parts (git-fixes).\n- xsk: Add truesize to skb_add_rx_frag() (git-fixes).\n- xsk: Do not assume metadata is always requested in TX completion (git-fixes).\n- zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1964,SUSE-SLE-Module-Live-Patching-15-SP6-2025-1964,SUSE-SLE-Module-RT-15-SP6-2025-1964,openSUSE-SLE-15.6-2025-1964",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01964-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01964-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501964-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01964-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021531.html"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1220112",
"url": "https://bugzilla.suse.com/1220112"
},
{
"category": "self",
"summary": "SUSE Bug 1223096",
"url": "https://bugzilla.suse.com/1223096"
},
{
"category": "self",
"summary": "SUSE Bug 1223809",
"url": "https://bugzilla.suse.com/1223809"
},
{
"category": "self",
"summary": "SUSE Bug 1224013",
"url": "https://bugzilla.suse.com/1224013"
},
{
"category": "self",
"summary": "SUSE Bug 1224597",
"url": "https://bugzilla.suse.com/1224597"
},
{
"category": "self",
"summary": "SUSE Bug 1224757",
"url": "https://bugzilla.suse.com/1224757"
},
{
"category": "self",
"summary": "SUSE Bug 1226498",
"url": "https://bugzilla.suse.com/1226498"
},
{
"category": "self",
"summary": "SUSE Bug 1228659",
"url": "https://bugzilla.suse.com/1228659"
},
{
"category": "self",
"summary": "SUSE Bug 1229491",
"url": "https://bugzilla.suse.com/1229491"
},
{
"category": "self",
"summary": "SUSE Bug 1230581",
"url": "https://bugzilla.suse.com/1230581"
},
{
"category": "self",
"summary": "SUSE Bug 1230764",
"url": "https://bugzilla.suse.com/1230764"
},
{
"category": "self",
"summary": "SUSE Bug 1231016",
"url": "https://bugzilla.suse.com/1231016"
},
{
"category": "self",
"summary": "SUSE Bug 1231103",
"url": "https://bugzilla.suse.com/1231103"
},
{
"category": "self",
"summary": "SUSE Bug 1231910",
"url": "https://bugzilla.suse.com/1231910"
},
{
"category": "self",
"summary": "SUSE Bug 1232493",
"url": "https://bugzilla.suse.com/1232493"
},
{
"category": "self",
"summary": "SUSE Bug 1232649",
"url": "https://bugzilla.suse.com/1232649"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1233075",
"url": "https://bugzilla.suse.com/1233075"
},
{
"category": "self",
"summary": "SUSE Bug 1233098",
"url": "https://bugzilla.suse.com/1233098"
},
{
"category": "self",
"summary": "SUSE Bug 1233192",
"url": "https://bugzilla.suse.com/1233192"
},
{
"category": "self",
"summary": "SUSE Bug 1234074",
"url": "https://bugzilla.suse.com/1234074"
},
{
"category": "self",
"summary": "SUSE Bug 1234154",
"url": "https://bugzilla.suse.com/1234154"
},
{
"category": "self",
"summary": "SUSE Bug 1234157",
"url": "https://bugzilla.suse.com/1234157"
},
{
"category": "self",
"summary": "SUSE Bug 1234698",
"url": "https://bugzilla.suse.com/1234698"
},
{
"category": "self",
"summary": "SUSE Bug 1235149",
"url": "https://bugzilla.suse.com/1235149"
},
{
"category": "self",
"summary": "SUSE Bug 1235501",
"url": "https://bugzilla.suse.com/1235501"
},
{
"category": "self",
"summary": "SUSE Bug 1235526",
"url": "https://bugzilla.suse.com/1235526"
},
{
"category": "self",
"summary": "SUSE Bug 1235550",
"url": "https://bugzilla.suse.com/1235550"
},
{
"category": "self",
"summary": "SUSE Bug 1235870",
"url": "https://bugzilla.suse.com/1235870"
},
{
"category": "self",
"summary": "SUSE Bug 1235968",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "self",
"summary": "SUSE Bug 1236086",
"url": "https://bugzilla.suse.com/1236086"
},
{
"category": "self",
"summary": "SUSE Bug 1236142",
"url": "https://bugzilla.suse.com/1236142"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1236704",
"url": "https://bugzilla.suse.com/1236704"
},
{
"category": "self",
"summary": "SUSE Bug 1237111",
"url": "https://bugzilla.suse.com/1237111"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1237874",
"url": "https://bugzilla.suse.com/1237874"
},
{
"category": "self",
"summary": "SUSE Bug 1237882",
"url": "https://bugzilla.suse.com/1237882"
},
{
"category": "self",
"summary": "SUSE Bug 1238052",
"url": "https://bugzilla.suse.com/1238052"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238471",
"url": "https://bugzilla.suse.com/1238471"
},
{
"category": "self",
"summary": "SUSE Bug 1238473",
"url": "https://bugzilla.suse.com/1238473"
},
{
"category": "self",
"summary": "SUSE Bug 1238527",
"url": "https://bugzilla.suse.com/1238527"
},
{
"category": "self",
"summary": "SUSE Bug 1238565",
"url": "https://bugzilla.suse.com/1238565"
},
{
"category": "self",
"summary": "SUSE Bug 1238714",
"url": "https://bugzilla.suse.com/1238714"
},
{
"category": "self",
"summary": "SUSE Bug 1238737",
"url": "https://bugzilla.suse.com/1238737"
},
{
"category": "self",
"summary": "SUSE Bug 1238742",
"url": "https://bugzilla.suse.com/1238742"
},
{
"category": "self",
"summary": "SUSE Bug 1238745",
"url": "https://bugzilla.suse.com/1238745"
},
{
"category": "self",
"summary": "SUSE Bug 1238746",
"url": "https://bugzilla.suse.com/1238746"
},
{
"category": "self",
"summary": "SUSE Bug 1238774",
"url": "https://bugzilla.suse.com/1238774"
},
{
"category": "self",
"summary": "SUSE Bug 1238862",
"url": "https://bugzilla.suse.com/1238862"
},
{
"category": "self",
"summary": "SUSE Bug 1238961",
"url": "https://bugzilla.suse.com/1238961"
},
{
"category": "self",
"summary": "SUSE Bug 1238970",
"url": "https://bugzilla.suse.com/1238970"
},
{
"category": "self",
"summary": "SUSE Bug 1238983",
"url": "https://bugzilla.suse.com/1238983"
},
{
"category": "self",
"summary": "SUSE Bug 1238990",
"url": "https://bugzilla.suse.com/1238990"
},
{
"category": "self",
"summary": "SUSE Bug 1238992",
"url": "https://bugzilla.suse.com/1238992"
},
{
"category": "self",
"summary": "SUSE Bug 1239066",
"url": "https://bugzilla.suse.com/1239066"
},
{
"category": "self",
"summary": "SUSE Bug 1239079",
"url": "https://bugzilla.suse.com/1239079"
},
{
"category": "self",
"summary": "SUSE Bug 1239108",
"url": "https://bugzilla.suse.com/1239108"
},
{
"category": "self",
"summary": "SUSE Bug 1239470",
"url": "https://bugzilla.suse.com/1239470"
},
{
"category": "self",
"summary": "SUSE Bug 1239475",
"url": "https://bugzilla.suse.com/1239475"
},
{
"category": "self",
"summary": "SUSE Bug 1239476",
"url": "https://bugzilla.suse.com/1239476"
},
{
"category": "self",
"summary": "SUSE Bug 1239487",
"url": "https://bugzilla.suse.com/1239487"
},
{
"category": "self",
"summary": "SUSE Bug 1239510",
"url": "https://bugzilla.suse.com/1239510"
},
{
"category": "self",
"summary": "SUSE Bug 1239684",
"url": "https://bugzilla.suse.com/1239684"
},
{
"category": "self",
"summary": "SUSE Bug 1239691",
"url": "https://bugzilla.suse.com/1239691"
},
{
"category": "self",
"summary": "SUSE Bug 1239906",
"url": "https://bugzilla.suse.com/1239906"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1239997",
"url": "https://bugzilla.suse.com/1239997"
},
{
"category": "self",
"summary": "SUSE Bug 1240167",
"url": "https://bugzilla.suse.com/1240167"
},
{
"category": "self",
"summary": "SUSE Bug 1240168",
"url": "https://bugzilla.suse.com/1240168"
},
{
"category": "self",
"summary": "SUSE Bug 1240171",
"url": "https://bugzilla.suse.com/1240171"
},
{
"category": "self",
"summary": "SUSE Bug 1240176",
"url": "https://bugzilla.suse.com/1240176"
},
{
"category": "self",
"summary": "SUSE Bug 1240181",
"url": "https://bugzilla.suse.com/1240181"
},
{
"category": "self",
"summary": "SUSE Bug 1240184",
"url": "https://bugzilla.suse.com/1240184"
},
{
"category": "self",
"summary": "SUSE Bug 1240185",
"url": "https://bugzilla.suse.com/1240185"
},
{
"category": "self",
"summary": "SUSE Bug 1240375",
"url": "https://bugzilla.suse.com/1240375"
},
{
"category": "self",
"summary": "SUSE Bug 1240557",
"url": "https://bugzilla.suse.com/1240557"
},
{
"category": "self",
"summary": "SUSE Bug 1240575",
"url": "https://bugzilla.suse.com/1240575"
},
{
"category": "self",
"summary": "SUSE Bug 1240576",
"url": "https://bugzilla.suse.com/1240576"
},
{
"category": "self",
"summary": "SUSE Bug 1240581",
"url": "https://bugzilla.suse.com/1240581"
},
{
"category": "self",
"summary": "SUSE Bug 1240582",
"url": "https://bugzilla.suse.com/1240582"
},
{
"category": "self",
"summary": "SUSE Bug 1240583",
"url": "https://bugzilla.suse.com/1240583"
},
{
"category": "self",
"summary": "SUSE Bug 1240584",
"url": "https://bugzilla.suse.com/1240584"
},
{
"category": "self",
"summary": "SUSE Bug 1240585",
"url": "https://bugzilla.suse.com/1240585"
},
{
"category": "self",
"summary": "SUSE Bug 1240587",
"url": "https://bugzilla.suse.com/1240587"
},
{
"category": "self",
"summary": "SUSE Bug 1240590",
"url": "https://bugzilla.suse.com/1240590"
},
{
"category": "self",
"summary": "SUSE Bug 1240591",
"url": "https://bugzilla.suse.com/1240591"
},
{
"category": "self",
"summary": "SUSE Bug 1240592",
"url": "https://bugzilla.suse.com/1240592"
},
{
"category": "self",
"summary": "SUSE Bug 1240593",
"url": "https://bugzilla.suse.com/1240593"
},
{
"category": "self",
"summary": "SUSE Bug 1240594",
"url": "https://bugzilla.suse.com/1240594"
},
{
"category": "self",
"summary": "SUSE Bug 1240595",
"url": "https://bugzilla.suse.com/1240595"
},
{
"category": "self",
"summary": "SUSE Bug 1240596",
"url": "https://bugzilla.suse.com/1240596"
},
{
"category": "self",
"summary": "SUSE Bug 1240600",
"url": "https://bugzilla.suse.com/1240600"
},
{
"category": "self",
"summary": "SUSE Bug 1240612",
"url": "https://bugzilla.suse.com/1240612"
},
{
"category": "self",
"summary": "SUSE Bug 1240616",
"url": "https://bugzilla.suse.com/1240616"
},
{
"category": "self",
"summary": "SUSE Bug 1240639",
"url": "https://bugzilla.suse.com/1240639"
},
{
"category": "self",
"summary": "SUSE Bug 1240643",
"url": "https://bugzilla.suse.com/1240643"
},
{
"category": "self",
"summary": "SUSE Bug 1240647",
"url": "https://bugzilla.suse.com/1240647"
},
{
"category": "self",
"summary": "SUSE Bug 1240655",
"url": "https://bugzilla.suse.com/1240655"
},
{
"category": "self",
"summary": "SUSE Bug 1240691",
"url": "https://bugzilla.suse.com/1240691"
},
{
"category": "self",
"summary": "SUSE Bug 1240700",
"url": "https://bugzilla.suse.com/1240700"
},
{
"category": "self",
"summary": "SUSE Bug 1240701",
"url": "https://bugzilla.suse.com/1240701"
},
{
"category": "self",
"summary": "SUSE Bug 1240703",
"url": "https://bugzilla.suse.com/1240703"
},
{
"category": "self",
"summary": "SUSE Bug 1240708",
"url": "https://bugzilla.suse.com/1240708"
},
{
"category": "self",
"summary": "SUSE Bug 1240709",
"url": "https://bugzilla.suse.com/1240709"
},
{
"category": "self",
"summary": "SUSE Bug 1240712",
"url": "https://bugzilla.suse.com/1240712"
},
{
"category": "self",
"summary": "SUSE Bug 1240713",
"url": "https://bugzilla.suse.com/1240713"
},
{
"category": "self",
"summary": "SUSE Bug 1240714",
"url": "https://bugzilla.suse.com/1240714"
},
{
"category": "self",
"summary": "SUSE Bug 1240715",
"url": "https://bugzilla.suse.com/1240715"
},
{
"category": "self",
"summary": "SUSE Bug 1240716",
"url": "https://bugzilla.suse.com/1240716"
},
{
"category": "self",
"summary": "SUSE Bug 1240717",
"url": "https://bugzilla.suse.com/1240717"
},
{
"category": "self",
"summary": "SUSE Bug 1240718",
"url": "https://bugzilla.suse.com/1240718"
},
{
"category": "self",
"summary": "SUSE Bug 1240719",
"url": "https://bugzilla.suse.com/1240719"
},
{
"category": "self",
"summary": "SUSE Bug 1240720",
"url": "https://bugzilla.suse.com/1240720"
},
{
"category": "self",
"summary": "SUSE Bug 1240722",
"url": "https://bugzilla.suse.com/1240722"
},
{
"category": "self",
"summary": "SUSE Bug 1240727",
"url": "https://bugzilla.suse.com/1240727"
},
{
"category": "self",
"summary": "SUSE Bug 1240739",
"url": "https://bugzilla.suse.com/1240739"
},
{
"category": "self",
"summary": "SUSE Bug 1240740",
"url": "https://bugzilla.suse.com/1240740"
},
{
"category": "self",
"summary": "SUSE Bug 1240742",
"url": "https://bugzilla.suse.com/1240742"
},
{
"category": "self",
"summary": "SUSE Bug 1240779",
"url": "https://bugzilla.suse.com/1240779"
},
{
"category": "self",
"summary": "SUSE Bug 1240783",
"url": "https://bugzilla.suse.com/1240783"
},
{
"category": "self",
"summary": "SUSE Bug 1240784",
"url": "https://bugzilla.suse.com/1240784"
},
{
"category": "self",
"summary": "SUSE Bug 1240785",
"url": "https://bugzilla.suse.com/1240785"
},
{
"category": "self",
"summary": "SUSE Bug 1240795",
"url": "https://bugzilla.suse.com/1240795"
},
{
"category": "self",
"summary": "SUSE Bug 1240796",
"url": "https://bugzilla.suse.com/1240796"
},
{
"category": "self",
"summary": "SUSE Bug 1240797",
"url": "https://bugzilla.suse.com/1240797"
},
{
"category": "self",
"summary": "SUSE Bug 1240799",
"url": "https://bugzilla.suse.com/1240799"
},
{
"category": "self",
"summary": "SUSE Bug 1240801",
"url": "https://bugzilla.suse.com/1240801"
},
{
"category": "self",
"summary": "SUSE Bug 1240802",
"url": "https://bugzilla.suse.com/1240802"
},
{
"category": "self",
"summary": "SUSE Bug 1240806",
"url": "https://bugzilla.suse.com/1240806"
},
{
"category": "self",
"summary": "SUSE Bug 1240808",
"url": "https://bugzilla.suse.com/1240808"
},
{
"category": "self",
"summary": "SUSE Bug 1240809",
"url": "https://bugzilla.suse.com/1240809"
},
{
"category": "self",
"summary": "SUSE Bug 1240811",
"url": "https://bugzilla.suse.com/1240811"
},
{
"category": "self",
"summary": "SUSE Bug 1240812",
"url": "https://bugzilla.suse.com/1240812"
},
{
"category": "self",
"summary": "SUSE Bug 1240813",
"url": "https://bugzilla.suse.com/1240813"
},
{
"category": "self",
"summary": "SUSE Bug 1240815",
"url": "https://bugzilla.suse.com/1240815"
},
{
"category": "self",
"summary": "SUSE Bug 1240816",
"url": "https://bugzilla.suse.com/1240816"
},
{
"category": "self",
"summary": "SUSE Bug 1240819",
"url": "https://bugzilla.suse.com/1240819"
},
{
"category": "self",
"summary": "SUSE Bug 1240821",
"url": "https://bugzilla.suse.com/1240821"
},
{
"category": "self",
"summary": "SUSE Bug 1240825",
"url": "https://bugzilla.suse.com/1240825"
},
{
"category": "self",
"summary": "SUSE Bug 1240829",
"url": "https://bugzilla.suse.com/1240829"
},
{
"category": "self",
"summary": "SUSE Bug 1240835",
"url": "https://bugzilla.suse.com/1240835"
},
{
"category": "self",
"summary": "SUSE Bug 1240866",
"url": "https://bugzilla.suse.com/1240866"
},
{
"category": "self",
"summary": "SUSE Bug 1240873",
"url": "https://bugzilla.suse.com/1240873"
},
{
"category": "self",
"summary": "SUSE Bug 1240934",
"url": "https://bugzilla.suse.com/1240934"
},
{
"category": "self",
"summary": "SUSE Bug 1240936",
"url": "https://bugzilla.suse.com/1240936"
},
{
"category": "self",
"summary": "SUSE Bug 1240937",
"url": "https://bugzilla.suse.com/1240937"
},
{
"category": "self",
"summary": "SUSE Bug 1240938",
"url": "https://bugzilla.suse.com/1240938"
},
{
"category": "self",
"summary": "SUSE Bug 1240940",
"url": "https://bugzilla.suse.com/1240940"
},
{
"category": "self",
"summary": "SUSE Bug 1240942",
"url": "https://bugzilla.suse.com/1240942"
},
{
"category": "self",
"summary": "SUSE Bug 1240943",
"url": "https://bugzilla.suse.com/1240943"
},
{
"category": "self",
"summary": "SUSE Bug 1240944",
"url": "https://bugzilla.suse.com/1240944"
},
{
"category": "self",
"summary": "SUSE Bug 1240966",
"url": "https://bugzilla.suse.com/1240966"
},
{
"category": "self",
"summary": "SUSE Bug 1240978",
"url": "https://bugzilla.suse.com/1240978"
},
{
"category": "self",
"summary": "SUSE Bug 1240979",
"url": "https://bugzilla.suse.com/1240979"
},
{
"category": "self",
"summary": "SUSE Bug 1241010",
"url": "https://bugzilla.suse.com/1241010"
},
{
"category": "self",
"summary": "SUSE Bug 1241038",
"url": "https://bugzilla.suse.com/1241038"
},
{
"category": "self",
"summary": "SUSE Bug 1241051",
"url": "https://bugzilla.suse.com/1241051"
},
{
"category": "self",
"summary": "SUSE Bug 1241123",
"url": "https://bugzilla.suse.com/1241123"
},
{
"category": "self",
"summary": "SUSE Bug 1241148",
"url": "https://bugzilla.suse.com/1241148"
},
{
"category": "self",
"summary": "SUSE Bug 1241151",
"url": "https://bugzilla.suse.com/1241151"
},
{
"category": "self",
"summary": "SUSE Bug 1241167",
"url": "https://bugzilla.suse.com/1241167"
},
{
"category": "self",
"summary": "SUSE Bug 1241175",
"url": "https://bugzilla.suse.com/1241175"
},
{
"category": "self",
"summary": "SUSE Bug 1241204",
"url": "https://bugzilla.suse.com/1241204"
},
{
"category": "self",
"summary": "SUSE Bug 1241250",
"url": "https://bugzilla.suse.com/1241250"
},
{
"category": "self",
"summary": "SUSE Bug 1241265",
"url": "https://bugzilla.suse.com/1241265"
},
{
"category": "self",
"summary": "SUSE Bug 1241266",
"url": "https://bugzilla.suse.com/1241266"
},
{
"category": "self",
"summary": "SUSE Bug 1241280",
"url": "https://bugzilla.suse.com/1241280"
},
{
"category": "self",
"summary": "SUSE Bug 1241282",
"url": "https://bugzilla.suse.com/1241282"
},
{
"category": "self",
"summary": "SUSE Bug 1241305",
"url": "https://bugzilla.suse.com/1241305"
},
{
"category": "self",
"summary": "SUSE Bug 1241332",
"url": "https://bugzilla.suse.com/1241332"
},
{
"category": "self",
"summary": "SUSE Bug 1241333",
"url": "https://bugzilla.suse.com/1241333"
},
{
"category": "self",
"summary": "SUSE Bug 1241340",
"url": "https://bugzilla.suse.com/1241340"
},
{
"category": "self",
"summary": "SUSE Bug 1241341",
"url": "https://bugzilla.suse.com/1241341"
},
{
"category": "self",
"summary": "SUSE Bug 1241343",
"url": "https://bugzilla.suse.com/1241343"
},
{
"category": "self",
"summary": "SUSE Bug 1241344",
"url": "https://bugzilla.suse.com/1241344"
},
{
"category": "self",
"summary": "SUSE Bug 1241347",
"url": "https://bugzilla.suse.com/1241347"
},
{
"category": "self",
"summary": "SUSE Bug 1241351",
"url": "https://bugzilla.suse.com/1241351"
},
{
"category": "self",
"summary": "SUSE Bug 1241357",
"url": "https://bugzilla.suse.com/1241357"
},
{
"category": "self",
"summary": "SUSE Bug 1241361",
"url": "https://bugzilla.suse.com/1241361"
},
{
"category": "self",
"summary": "SUSE Bug 1241369",
"url": "https://bugzilla.suse.com/1241369"
},
{
"category": "self",
"summary": "SUSE Bug 1241371",
"url": "https://bugzilla.suse.com/1241371"
},
{
"category": "self",
"summary": "SUSE Bug 1241373",
"url": "https://bugzilla.suse.com/1241373"
},
{
"category": "self",
"summary": "SUSE Bug 1241376",
"url": "https://bugzilla.suse.com/1241376"
},
{
"category": "self",
"summary": "SUSE Bug 1241378",
"url": "https://bugzilla.suse.com/1241378"
},
{
"category": "self",
"summary": "SUSE Bug 1241394",
"url": "https://bugzilla.suse.com/1241394"
},
{
"category": "self",
"summary": "SUSE Bug 1241402",
"url": "https://bugzilla.suse.com/1241402"
},
{
"category": "self",
"summary": "SUSE Bug 1241412",
"url": "https://bugzilla.suse.com/1241412"
},
{
"category": "self",
"summary": "SUSE Bug 1241413",
"url": "https://bugzilla.suse.com/1241413"
},
{
"category": "self",
"summary": "SUSE Bug 1241416",
"url": "https://bugzilla.suse.com/1241416"
},
{
"category": "self",
"summary": "SUSE Bug 1241424",
"url": "https://bugzilla.suse.com/1241424"
},
{
"category": "self",
"summary": "SUSE Bug 1241426",
"url": "https://bugzilla.suse.com/1241426"
},
{
"category": "self",
"summary": "SUSE Bug 1241433",
"url": "https://bugzilla.suse.com/1241433"
},
{
"category": "self",
"summary": "SUSE Bug 1241436",
"url": "https://bugzilla.suse.com/1241436"
},
{
"category": "self",
"summary": "SUSE Bug 1241441",
"url": "https://bugzilla.suse.com/1241441"
},
{
"category": "self",
"summary": "SUSE Bug 1241442",
"url": "https://bugzilla.suse.com/1241442"
},
{
"category": "self",
"summary": "SUSE Bug 1241443",
"url": "https://bugzilla.suse.com/1241443"
},
{
"category": "self",
"summary": "SUSE Bug 1241448",
"url": "https://bugzilla.suse.com/1241448"
},
{
"category": "self",
"summary": "SUSE Bug 1241451",
"url": "https://bugzilla.suse.com/1241451"
},
{
"category": "self",
"summary": "SUSE Bug 1241452",
"url": "https://bugzilla.suse.com/1241452"
},
{
"category": "self",
"summary": "SUSE Bug 1241456",
"url": "https://bugzilla.suse.com/1241456"
},
{
"category": "self",
"summary": "SUSE Bug 1241457",
"url": "https://bugzilla.suse.com/1241457"
},
{
"category": "self",
"summary": "SUSE Bug 1241458",
"url": "https://bugzilla.suse.com/1241458"
},
{
"category": "self",
"summary": "SUSE Bug 1241459",
"url": "https://bugzilla.suse.com/1241459"
},
{
"category": "self",
"summary": "SUSE Bug 1241492",
"url": "https://bugzilla.suse.com/1241492"
},
{
"category": "self",
"summary": "SUSE Bug 1241519",
"url": "https://bugzilla.suse.com/1241519"
},
{
"category": "self",
"summary": "SUSE Bug 1241525",
"url": "https://bugzilla.suse.com/1241525"
},
{
"category": "self",
"summary": "SUSE Bug 1241526",
"url": "https://bugzilla.suse.com/1241526"
},
{
"category": "self",
"summary": "SUSE Bug 1241528",
"url": "https://bugzilla.suse.com/1241528"
},
{
"category": "self",
"summary": "SUSE Bug 1241533",
"url": "https://bugzilla.suse.com/1241533"
},
{
"category": "self",
"summary": "SUSE Bug 1241537",
"url": "https://bugzilla.suse.com/1241537"
},
{
"category": "self",
"summary": "SUSE Bug 1241538",
"url": "https://bugzilla.suse.com/1241538"
},
{
"category": "self",
"summary": "SUSE Bug 1241541",
"url": "https://bugzilla.suse.com/1241541"
},
{
"category": "self",
"summary": "SUSE Bug 1241545",
"url": "https://bugzilla.suse.com/1241545"
},
{
"category": "self",
"summary": "SUSE Bug 1241547",
"url": "https://bugzilla.suse.com/1241547"
},
{
"category": "self",
"summary": "SUSE Bug 1241548",
"url": "https://bugzilla.suse.com/1241548"
},
{
"category": "self",
"summary": "SUSE Bug 1241550",
"url": "https://bugzilla.suse.com/1241550"
},
{
"category": "self",
"summary": "SUSE Bug 1241573",
"url": "https://bugzilla.suse.com/1241573"
},
{
"category": "self",
"summary": "SUSE Bug 1241574",
"url": "https://bugzilla.suse.com/1241574"
},
{
"category": "self",
"summary": "SUSE Bug 1241575",
"url": "https://bugzilla.suse.com/1241575"
},
{
"category": "self",
"summary": "SUSE Bug 1241576",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "self",
"summary": "SUSE Bug 1241578",
"url": "https://bugzilla.suse.com/1241578"
},
{
"category": "self",
"summary": "SUSE Bug 1241590",
"url": "https://bugzilla.suse.com/1241590"
},
{
"category": "self",
"summary": "SUSE Bug 1241593",
"url": "https://bugzilla.suse.com/1241593"
},
{
"category": "self",
"summary": "SUSE Bug 1241595",
"url": "https://bugzilla.suse.com/1241595"
},
{
"category": "self",
"summary": "SUSE Bug 1241596",
"url": "https://bugzilla.suse.com/1241596"
},
{
"category": "self",
"summary": "SUSE Bug 1241597",
"url": "https://bugzilla.suse.com/1241597"
},
{
"category": "self",
"summary": "SUSE Bug 1241598",
"url": "https://bugzilla.suse.com/1241598"
},
{
"category": "self",
"summary": "SUSE Bug 1241599",
"url": "https://bugzilla.suse.com/1241599"
},
{
"category": "self",
"summary": "SUSE Bug 1241601",
"url": "https://bugzilla.suse.com/1241601"
},
{
"category": "self",
"summary": "SUSE Bug 1241625",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "self",
"summary": "SUSE Bug 1241626",
"url": "https://bugzilla.suse.com/1241626"
},
{
"category": "self",
"summary": "SUSE Bug 1241627",
"url": "https://bugzilla.suse.com/1241627"
},
{
"category": "self",
"summary": "SUSE Bug 1241635",
"url": "https://bugzilla.suse.com/1241635"
},
{
"category": "self",
"summary": "SUSE Bug 1241638",
"url": "https://bugzilla.suse.com/1241638"
},
{
"category": "self",
"summary": "SUSE Bug 1241640",
"url": "https://bugzilla.suse.com/1241640"
},
{
"category": "self",
"summary": "SUSE Bug 1241644",
"url": "https://bugzilla.suse.com/1241644"
},
{
"category": "self",
"summary": "SUSE Bug 1241648",
"url": "https://bugzilla.suse.com/1241648"
},
{
"category": "self",
"summary": "SUSE Bug 1241654",
"url": "https://bugzilla.suse.com/1241654"
},
{
"category": "self",
"summary": "SUSE Bug 1241657",
"url": "https://bugzilla.suse.com/1241657"
},
{
"category": "self",
"summary": "SUSE Bug 1242006",
"url": "https://bugzilla.suse.com/1242006"
},
{
"category": "self",
"summary": "SUSE Bug 1242012",
"url": "https://bugzilla.suse.com/1242012"
},
{
"category": "self",
"summary": "SUSE Bug 1242035",
"url": "https://bugzilla.suse.com/1242035"
},
{
"category": "self",
"summary": "SUSE Bug 1242044",
"url": "https://bugzilla.suse.com/1242044"
},
{
"category": "self",
"summary": "SUSE Bug 1242172",
"url": "https://bugzilla.suse.com/1242172"
},
{
"category": "self",
"summary": "SUSE Bug 1242203",
"url": "https://bugzilla.suse.com/1242203"
},
{
"category": "self",
"summary": "SUSE Bug 1242283",
"url": "https://bugzilla.suse.com/1242283"
},
{
"category": "self",
"summary": "SUSE Bug 1242307",
"url": "https://bugzilla.suse.com/1242307"
},
{
"category": "self",
"summary": "SUSE Bug 1242313",
"url": "https://bugzilla.suse.com/1242313"
},
{
"category": "self",
"summary": "SUSE Bug 1242314",
"url": "https://bugzilla.suse.com/1242314"
},
{
"category": "self",
"summary": "SUSE Bug 1242315",
"url": "https://bugzilla.suse.com/1242315"
},
{
"category": "self",
"summary": "SUSE Bug 1242321",
"url": "https://bugzilla.suse.com/1242321"
},
{
"category": "self",
"summary": "SUSE Bug 1242326",
"url": "https://bugzilla.suse.com/1242326"
},
{
"category": "self",
"summary": "SUSE Bug 1242327",
"url": "https://bugzilla.suse.com/1242327"
},
{
"category": "self",
"summary": "SUSE Bug 1242328",
"url": "https://bugzilla.suse.com/1242328"
},
{
"category": "self",
"summary": "SUSE Bug 1242332",
"url": "https://bugzilla.suse.com/1242332"
},
{
"category": "self",
"summary": "SUSE Bug 1242333",
"url": "https://bugzilla.suse.com/1242333"
},
{
"category": "self",
"summary": "SUSE Bug 1242335",
"url": "https://bugzilla.suse.com/1242335"
},
{
"category": "self",
"summary": "SUSE Bug 1242336",
"url": "https://bugzilla.suse.com/1242336"
},
{
"category": "self",
"summary": "SUSE Bug 1242342",
"url": "https://bugzilla.suse.com/1242342"
},
{
"category": "self",
"summary": "SUSE Bug 1242343",
"url": "https://bugzilla.suse.com/1242343"
},
{
"category": "self",
"summary": "SUSE Bug 1242344",
"url": "https://bugzilla.suse.com/1242344"
},
{
"category": "self",
"summary": "SUSE Bug 1242345",
"url": "https://bugzilla.suse.com/1242345"
},
{
"category": "self",
"summary": "SUSE Bug 1242346",
"url": "https://bugzilla.suse.com/1242346"
},
{
"category": "self",
"summary": "SUSE Bug 1242347",
"url": "https://bugzilla.suse.com/1242347"
},
{
"category": "self",
"summary": "SUSE Bug 1242348",
"url": "https://bugzilla.suse.com/1242348"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242417",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "self",
"summary": "SUSE Bug 1242501",
"url": "https://bugzilla.suse.com/1242501"
},
{
"category": "self",
"summary": "SUSE Bug 1242502",
"url": "https://bugzilla.suse.com/1242502"
},
{
"category": "self",
"summary": "SUSE Bug 1242506",
"url": "https://bugzilla.suse.com/1242506"
},
{
"category": "self",
"summary": "SUSE Bug 1242507",
"url": "https://bugzilla.suse.com/1242507"
},
{
"category": "self",
"summary": "SUSE Bug 1242509",
"url": "https://bugzilla.suse.com/1242509"
},
{
"category": "self",
"summary": "SUSE Bug 1242510",
"url": "https://bugzilla.suse.com/1242510"
},
{
"category": "self",
"summary": "SUSE Bug 1242512",
"url": "https://bugzilla.suse.com/1242512"
},
{
"category": "self",
"summary": "SUSE Bug 1242513",
"url": "https://bugzilla.suse.com/1242513"
},
{
"category": "self",
"summary": "SUSE Bug 1242514",
"url": "https://bugzilla.suse.com/1242514"
},
{
"category": "self",
"summary": "SUSE Bug 1242520",
"url": "https://bugzilla.suse.com/1242520"
},
{
"category": "self",
"summary": "SUSE Bug 1242523",
"url": "https://bugzilla.suse.com/1242523"
},
{
"category": "self",
"summary": "SUSE Bug 1242524",
"url": "https://bugzilla.suse.com/1242524"
},
{
"category": "self",
"summary": "SUSE Bug 1242526",
"url": "https://bugzilla.suse.com/1242526"
},
{
"category": "self",
"summary": "SUSE Bug 1242528",
"url": "https://bugzilla.suse.com/1242528"
},
{
"category": "self",
"summary": "SUSE Bug 1242529",
"url": "https://bugzilla.suse.com/1242529"
},
{
"category": "self",
"summary": "SUSE Bug 1242530",
"url": "https://bugzilla.suse.com/1242530"
},
{
"category": "self",
"summary": "SUSE Bug 1242531",
"url": "https://bugzilla.suse.com/1242531"
},
{
"category": "self",
"summary": "SUSE Bug 1242532",
"url": "https://bugzilla.suse.com/1242532"
},
{
"category": "self",
"summary": "SUSE Bug 1242534",
"url": "https://bugzilla.suse.com/1242534"
},
{
"category": "self",
"summary": "SUSE Bug 1242535",
"url": "https://bugzilla.suse.com/1242535"
},
{
"category": "self",
"summary": "SUSE Bug 1242536",
"url": "https://bugzilla.suse.com/1242536"
},
{
"category": "self",
"summary": "SUSE Bug 1242537",
"url": "https://bugzilla.suse.com/1242537"
},
{
"category": "self",
"summary": "SUSE Bug 1242538",
"url": "https://bugzilla.suse.com/1242538"
},
{
"category": "self",
"summary": "SUSE Bug 1242539",
"url": "https://bugzilla.suse.com/1242539"
},
{
"category": "self",
"summary": "SUSE Bug 1242540",
"url": "https://bugzilla.suse.com/1242540"
},
{
"category": "self",
"summary": "SUSE Bug 1242546",
"url": "https://bugzilla.suse.com/1242546"
},
{
"category": "self",
"summary": "SUSE Bug 1242556",
"url": "https://bugzilla.suse.com/1242556"
},
{
"category": "self",
"summary": "SUSE Bug 1242559",
"url": "https://bugzilla.suse.com/1242559"
},
{
"category": "self",
"summary": "SUSE Bug 1242563",
"url": "https://bugzilla.suse.com/1242563"
},
{
"category": "self",
"summary": "SUSE Bug 1242564",
"url": "https://bugzilla.suse.com/1242564"
},
{
"category": "self",
"summary": "SUSE Bug 1242565",
"url": "https://bugzilla.suse.com/1242565"
},
{
"category": "self",
"summary": "SUSE Bug 1242566",
"url": "https://bugzilla.suse.com/1242566"
},
{
"category": "self",
"summary": "SUSE Bug 1242567",
"url": "https://bugzilla.suse.com/1242567"
},
{
"category": "self",
"summary": "SUSE Bug 1242568",
"url": "https://bugzilla.suse.com/1242568"
},
{
"category": "self",
"summary": "SUSE Bug 1242569",
"url": "https://bugzilla.suse.com/1242569"
},
{
"category": "self",
"summary": "SUSE Bug 1242574",
"url": "https://bugzilla.suse.com/1242574"
},
{
"category": "self",
"summary": "SUSE Bug 1242575",
"url": "https://bugzilla.suse.com/1242575"
},
{
"category": "self",
"summary": "SUSE Bug 1242578",
"url": "https://bugzilla.suse.com/1242578"
},
{
"category": "self",
"summary": "SUSE Bug 1242584",
"url": "https://bugzilla.suse.com/1242584"
},
{
"category": "self",
"summary": "SUSE Bug 1242585",
"url": "https://bugzilla.suse.com/1242585"
},
{
"category": "self",
"summary": "SUSE Bug 1242587",
"url": "https://bugzilla.suse.com/1242587"
},
{
"category": "self",
"summary": "SUSE Bug 1242591",
"url": "https://bugzilla.suse.com/1242591"
},
{
"category": "self",
"summary": "SUSE Bug 1242596",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "self",
"summary": "SUSE Bug 1242709",
"url": "https://bugzilla.suse.com/1242709"
},
{
"category": "self",
"summary": "SUSE Bug 1242710",
"url": "https://bugzilla.suse.com/1242710"
},
{
"category": "self",
"summary": "SUSE Bug 1242727",
"url": "https://bugzilla.suse.com/1242727"
},
{
"category": "self",
"summary": "SUSE Bug 1242758",
"url": "https://bugzilla.suse.com/1242758"
},
{
"category": "self",
"summary": "SUSE Bug 1242760",
"url": "https://bugzilla.suse.com/1242760"
},
{
"category": "self",
"summary": "SUSE Bug 1242761",
"url": "https://bugzilla.suse.com/1242761"
},
{
"category": "self",
"summary": "SUSE Bug 1242762",
"url": "https://bugzilla.suse.com/1242762"
},
{
"category": "self",
"summary": "SUSE Bug 1242763",
"url": "https://bugzilla.suse.com/1242763"
},
{
"category": "self",
"summary": "SUSE Bug 1242764",
"url": "https://bugzilla.suse.com/1242764"
},
{
"category": "self",
"summary": "SUSE Bug 1242766",
"url": "https://bugzilla.suse.com/1242766"
},
{
"category": "self",
"summary": "SUSE Bug 1242770",
"url": "https://bugzilla.suse.com/1242770"
},
{
"category": "self",
"summary": "SUSE Bug 1242778",
"url": "https://bugzilla.suse.com/1242778"
},
{
"category": "self",
"summary": "SUSE Bug 1242781",
"url": "https://bugzilla.suse.com/1242781"
},
{
"category": "self",
"summary": "SUSE Bug 1242782",
"url": "https://bugzilla.suse.com/1242782"
},
{
"category": "self",
"summary": "SUSE Bug 1242785",
"url": "https://bugzilla.suse.com/1242785"
},
{
"category": "self",
"summary": "SUSE Bug 1242786",
"url": "https://bugzilla.suse.com/1242786"
},
{
"category": "self",
"summary": "SUSE Bug 1242792",
"url": "https://bugzilla.suse.com/1242792"
},
{
"category": "self",
"summary": "SUSE Bug 1242831",
"url": "https://bugzilla.suse.com/1242831"
},
{
"category": "self",
"summary": "SUSE Bug 1242852",
"url": "https://bugzilla.suse.com/1242852"
},
{
"category": "self",
"summary": "SUSE Bug 1242854",
"url": "https://bugzilla.suse.com/1242854"
},
{
"category": "self",
"summary": "SUSE Bug 1242856",
"url": "https://bugzilla.suse.com/1242856"
},
{
"category": "self",
"summary": "SUSE Bug 1242859",
"url": "https://bugzilla.suse.com/1242859"
},
{
"category": "self",
"summary": "SUSE Bug 1242860",
"url": "https://bugzilla.suse.com/1242860"
},
{
"category": "self",
"summary": "SUSE Bug 1242861",
"url": "https://bugzilla.suse.com/1242861"
},
{
"category": "self",
"summary": "SUSE Bug 1242866",
"url": "https://bugzilla.suse.com/1242866"
},
{
"category": "self",
"summary": "SUSE Bug 1242867",
"url": "https://bugzilla.suse.com/1242867"
},
{
"category": "self",
"summary": "SUSE Bug 1242868",
"url": "https://bugzilla.suse.com/1242868"
},
{
"category": "self",
"summary": "SUSE Bug 1242871",
"url": "https://bugzilla.suse.com/1242871"
},
{
"category": "self",
"summary": "SUSE Bug 1242873",
"url": "https://bugzilla.suse.com/1242873"
},
{
"category": "self",
"summary": "SUSE Bug 1242875",
"url": "https://bugzilla.suse.com/1242875"
},
{
"category": "self",
"summary": "SUSE Bug 1242906",
"url": "https://bugzilla.suse.com/1242906"
},
{
"category": "self",
"summary": "SUSE Bug 1242908",
"url": "https://bugzilla.suse.com/1242908"
},
{
"category": "self",
"summary": "SUSE Bug 1242924",
"url": "https://bugzilla.suse.com/1242924"
},
{
"category": "self",
"summary": "SUSE Bug 1242930",
"url": "https://bugzilla.suse.com/1242930"
},
{
"category": "self",
"summary": "SUSE Bug 1242944",
"url": "https://bugzilla.suse.com/1242944"
},
{
"category": "self",
"summary": "SUSE Bug 1242945",
"url": "https://bugzilla.suse.com/1242945"
},
{
"category": "self",
"summary": "SUSE Bug 1242948",
"url": "https://bugzilla.suse.com/1242948"
},
{
"category": "self",
"summary": "SUSE Bug 1242949",
"url": "https://bugzilla.suse.com/1242949"
},
{
"category": "self",
"summary": "SUSE Bug 1242951",
"url": "https://bugzilla.suse.com/1242951"
},
{
"category": "self",
"summary": "SUSE Bug 1242953",
"url": "https://bugzilla.suse.com/1242953"
},
{
"category": "self",
"summary": "SUSE Bug 1242955",
"url": "https://bugzilla.suse.com/1242955"
},
{
"category": "self",
"summary": "SUSE Bug 1242957",
"url": "https://bugzilla.suse.com/1242957"
},
{
"category": "self",
"summary": "SUSE Bug 1242959",
"url": "https://bugzilla.suse.com/1242959"
},
{
"category": "self",
"summary": "SUSE Bug 1242961",
"url": "https://bugzilla.suse.com/1242961"
},
{
"category": "self",
"summary": "SUSE Bug 1242962",
"url": "https://bugzilla.suse.com/1242962"
},
{
"category": "self",
"summary": "SUSE Bug 1242973",
"url": "https://bugzilla.suse.com/1242973"
},
{
"category": "self",
"summary": "SUSE Bug 1242974",
"url": "https://bugzilla.suse.com/1242974"
},
{
"category": "self",
"summary": "SUSE Bug 1242977",
"url": "https://bugzilla.suse.com/1242977"
},
{
"category": "self",
"summary": "SUSE Bug 1242985",
"url": "https://bugzilla.suse.com/1242985"
},
{
"category": "self",
"summary": "SUSE Bug 1242990",
"url": "https://bugzilla.suse.com/1242990"
},
{
"category": "self",
"summary": "SUSE Bug 1242993",
"url": "https://bugzilla.suse.com/1242993"
},
{
"category": "self",
"summary": "SUSE Bug 1243000",
"url": "https://bugzilla.suse.com/1243000"
},
{
"category": "self",
"summary": "SUSE Bug 1243006",
"url": "https://bugzilla.suse.com/1243006"
},
{
"category": "self",
"summary": "SUSE Bug 1243011",
"url": "https://bugzilla.suse.com/1243011"
},
{
"category": "self",
"summary": "SUSE Bug 1243015",
"url": "https://bugzilla.suse.com/1243015"
},
{
"category": "self",
"summary": "SUSE Bug 1243044",
"url": "https://bugzilla.suse.com/1243044"
},
{
"category": "self",
"summary": "SUSE Bug 1243049",
"url": "https://bugzilla.suse.com/1243049"
},
{
"category": "self",
"summary": "SUSE Bug 1243056",
"url": "https://bugzilla.suse.com/1243056"
},
{
"category": "self",
"summary": "SUSE Bug 1243074",
"url": "https://bugzilla.suse.com/1243074"
},
{
"category": "self",
"summary": "SUSE Bug 1243076",
"url": "https://bugzilla.suse.com/1243076"
},
{
"category": "self",
"summary": "SUSE Bug 1243077",
"url": "https://bugzilla.suse.com/1243077"
},
{
"category": "self",
"summary": "SUSE Bug 1243082",
"url": "https://bugzilla.suse.com/1243082"
},
{
"category": "self",
"summary": "SUSE Bug 1243090",
"url": "https://bugzilla.suse.com/1243090"
},
{
"category": "self",
"summary": "SUSE Bug 1243330",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243456",
"url": "https://bugzilla.suse.com/1243456"
},
{
"category": "self",
"summary": "SUSE Bug 1243469",
"url": "https://bugzilla.suse.com/1243469"
},
{
"category": "self",
"summary": "SUSE Bug 1243470",
"url": "https://bugzilla.suse.com/1243470"
},
{
"category": "self",
"summary": "SUSE Bug 1243471",
"url": "https://bugzilla.suse.com/1243471"
},
{
"category": "self",
"summary": "SUSE Bug 1243472",
"url": "https://bugzilla.suse.com/1243472"
},
{
"category": "self",
"summary": "SUSE Bug 1243473",
"url": "https://bugzilla.suse.com/1243473"
},
{
"category": "self",
"summary": "SUSE Bug 1243476",
"url": "https://bugzilla.suse.com/1243476"
},
{
"category": "self",
"summary": "SUSE Bug 1243509",
"url": "https://bugzilla.suse.com/1243509"
},
{
"category": "self",
"summary": "SUSE Bug 1243511",
"url": "https://bugzilla.suse.com/1243511"
},
{
"category": "self",
"summary": "SUSE Bug 1243513",
"url": "https://bugzilla.suse.com/1243513"
},
{
"category": "self",
"summary": "SUSE Bug 1243515",
"url": "https://bugzilla.suse.com/1243515"
},
{
"category": "self",
"summary": "SUSE Bug 1243516",
"url": "https://bugzilla.suse.com/1243516"
},
{
"category": "self",
"summary": "SUSE Bug 1243517",
"url": "https://bugzilla.suse.com/1243517"
},
{
"category": "self",
"summary": "SUSE Bug 1243519",
"url": "https://bugzilla.suse.com/1243519"
},
{
"category": "self",
"summary": "SUSE Bug 1243522",
"url": "https://bugzilla.suse.com/1243522"
},
{
"category": "self",
"summary": "SUSE Bug 1243524",
"url": "https://bugzilla.suse.com/1243524"
},
{
"category": "self",
"summary": "SUSE Bug 1243528",
"url": "https://bugzilla.suse.com/1243528"
},
{
"category": "self",
"summary": "SUSE Bug 1243529",
"url": "https://bugzilla.suse.com/1243529"
},
{
"category": "self",
"summary": "SUSE Bug 1243530",
"url": "https://bugzilla.suse.com/1243530"
},
{
"category": "self",
"summary": "SUSE Bug 1243534",
"url": "https://bugzilla.suse.com/1243534"
},
{
"category": "self",
"summary": "SUSE Bug 1243536",
"url": "https://bugzilla.suse.com/1243536"
},
{
"category": "self",
"summary": "SUSE Bug 1243539",
"url": "https://bugzilla.suse.com/1243539"
},
{
"category": "self",
"summary": "SUSE Bug 1243540",
"url": "https://bugzilla.suse.com/1243540"
},
{
"category": "self",
"summary": "SUSE Bug 1243541",
"url": "https://bugzilla.suse.com/1243541"
},
{
"category": "self",
"summary": "SUSE Bug 1243543",
"url": "https://bugzilla.suse.com/1243543"
},
{
"category": "self",
"summary": "SUSE Bug 1243545",
"url": "https://bugzilla.suse.com/1243545"
},
{
"category": "self",
"summary": "SUSE Bug 1243547",
"url": "https://bugzilla.suse.com/1243547"
},
{
"category": "self",
"summary": "SUSE Bug 1243559",
"url": "https://bugzilla.suse.com/1243559"
},
{
"category": "self",
"summary": "SUSE Bug 1243560",
"url": "https://bugzilla.suse.com/1243560"
},
{
"category": "self",
"summary": "SUSE Bug 1243562",
"url": "https://bugzilla.suse.com/1243562"
},
{
"category": "self",
"summary": "SUSE Bug 1243567",
"url": "https://bugzilla.suse.com/1243567"
},
{
"category": "self",
"summary": "SUSE Bug 1243573",
"url": "https://bugzilla.suse.com/1243573"
},
{
"category": "self",
"summary": "SUSE Bug 1243574",
"url": "https://bugzilla.suse.com/1243574"
},
{
"category": "self",
"summary": "SUSE Bug 1243575",
"url": "https://bugzilla.suse.com/1243575"
},
{
"category": "self",
"summary": "SUSE Bug 1243589",
"url": "https://bugzilla.suse.com/1243589"
},
{
"category": "self",
"summary": "SUSE Bug 1243621",
"url": "https://bugzilla.suse.com/1243621"
},
{
"category": "self",
"summary": "SUSE Bug 1243624",
"url": "https://bugzilla.suse.com/1243624"
},
{
"category": "self",
"summary": "SUSE Bug 1243625",
"url": "https://bugzilla.suse.com/1243625"
},
{
"category": "self",
"summary": "SUSE Bug 1243626",
"url": "https://bugzilla.suse.com/1243626"
},
{
"category": "self",
"summary": "SUSE Bug 1243627",
"url": "https://bugzilla.suse.com/1243627"
},
{
"category": "self",
"summary": "SUSE Bug 1243649",
"url": "https://bugzilla.suse.com/1243649"
},
{
"category": "self",
"summary": "SUSE Bug 1243657",
"url": "https://bugzilla.suse.com/1243657"
},
{
"category": "self",
"summary": "SUSE Bug 1243658",
"url": "https://bugzilla.suse.com/1243658"
},
{
"category": "self",
"summary": "SUSE Bug 1243659",
"url": "https://bugzilla.suse.com/1243659"
},
{
"category": "self",
"summary": "SUSE Bug 1243660",
"url": "https://bugzilla.suse.com/1243660"
},
{
"category": "self",
"summary": "SUSE Bug 1243664",
"url": "https://bugzilla.suse.com/1243664"
},
{
"category": "self",
"summary": "SUSE Bug 1243737",
"url": "https://bugzilla.suse.com/1243737"
},
{
"category": "self",
"summary": "SUSE Bug 1243805",
"url": "https://bugzilla.suse.com/1243805"
},
{
"category": "self",
"summary": "SUSE Bug 1243963",
"url": "https://bugzilla.suse.com/1243963"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53034 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53146 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27018 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27415 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35840 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46713 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46763 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46865 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50038 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50038/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50162 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50163 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50223 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53124 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53135 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53139 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54458 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56641 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56702 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57998 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58001 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58018 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58068 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58070 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58071 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58088 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58093 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58094 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58095 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58096 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58096/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58097 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58098 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58100 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21629 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21648 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21683 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21696 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21707 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21729 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21806 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21808 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21863 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21867 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21884 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21894 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21895 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21904 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21906 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21908 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21908/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21909 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21910 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21916 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21917 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21919 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21922 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21923 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21924 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21926 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21927 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21934 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21935 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21936 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21941 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21950 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21956 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21961 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21962 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21964 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21966 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21968 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21971 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21975 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21980 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21981 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21991 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21992 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21993 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21995 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21996 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21999 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22001 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22003 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22004 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22007 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22008 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22009 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22010 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22013 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22015 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22016 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22017 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22018 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22020 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22025 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22027 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22029 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22030 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22033 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22033/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22036 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22044 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22045 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22050 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22050/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22053 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22055 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22056 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22058 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22060 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22062 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22063 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22064 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22064/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22070 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22075 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22080 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22086 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22088 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22089 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22090 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22090/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22093 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22095 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22097 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22102 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22102/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22105 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22105/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22106 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22107 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22107/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22108 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22109 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22115 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22116 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22116/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22121 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22124 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22126 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22128 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22128/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-2312 page",
"url": "https://www.suse.com/security/cve/CVE-2025-2312/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23129 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23131 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23133 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23136 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23138 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23145 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23147 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23148 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23150 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23151 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23157 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23158 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23159 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23161 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37740 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37748 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37769 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37771 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37785 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37788 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37789 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37799 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37803 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37805 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37809 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37841 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37849 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37851 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37860 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37867 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37879 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37897 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37900 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37901 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37903 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37929 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37944 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37949 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37954 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37958 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37974 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37980 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37982 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37983 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37986 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37989 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37990 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38152 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38240 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39728 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40325 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40325/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-06-16T14:54:13Z",
"generator": {
"date": "2025-06-16T14:54:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01964-1",
"initial_release_date": "2025-06-16T14:54:13Z",
"revision_history": [
{
"date": "2025-06-16T14:54:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-150600.10.39.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"product_id": "kernel-source-rt-6.4.0-150600.10.39.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"product_id": "cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"product_id": "dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"product_id": "gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"product_id": "kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-150600.10.39.1.x86_64",
"product_id": "kernel-rt-6.4.0-150600.10.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"product_id": "kernel-rt-devel-6.4.0-150600.10.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"product_id": "kernel-rt-extra-6.4.0-150600.10.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-150600.10.39.1.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-150600.10.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"product_id": "kernel-rt-optional-6.4.0-150600.10.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"product_id": "kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"product_id": "kernel-rt_debug-6.4.0-150600.10.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"product_id": "kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"product_id": "kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"product_id": "kernel-syms-rt-6.4.0-150600.10.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"product_id": "kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"product_id": "ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"product_id": "reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP6",
"product": {
"name": "SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-150600.10.39.1.noarch as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-150600.10.39.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-150600.10.39.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-6.4.0-150600.10.39.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-150600.10.39.1.noarch as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-6.4.0-150600.10.39.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-150600.10.39.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-150600.10.39.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-150600.10.39.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-extra-6.4.0-150600.10.39.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-optional-6.4.0-150600.10.39.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-6.4.0-150600.10.39.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-150600.10.39.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-6.4.0-150600.10.39.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
},
"product_reference": "reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans\n\nThere is a kernel API ntb_mw_clear_trans() would pass 0 to both addr and\nsize. This would make xlate_pos negative.\n\n[ 23.734156] switchtec switchtec0: MW 0: part 0 addr 0x0000000000000000 size 0x0000000000000000\n[ 23.734158] ================================================================================\n[ 23.734172] UBSAN: shift-out-of-bounds in drivers/ntb/hw/mscc/ntb_hw_switchtec.c:293:7\n[ 23.734418] shift exponent -1 is negative\n\nEnsuring xlate_pos is a positive or zero before BIT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53034",
"url": "https://www.suse.com/security/cve/CVE-2023-53034"
},
{
"category": "external",
"summary": "SUSE Bug 1241341 for CVE-2023-53034",
"url": "https://bugzilla.suse.com/1241341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-53034"
},
{
"cve": "CVE-2023-53146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()\n\nIn dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach dw2102_i2c_transfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 950e252cb469\n(\"[media] dw2102: limit messages to buffer size\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53146",
"url": "https://www.suse.com/security/cve/CVE-2023-53146"
},
{
"category": "external",
"summary": "SUSE Bug 1220112 for CVE-2023-53146",
"url": "https://bugzilla.suse.com/1220112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-53146"
},
{
"cve": "CVE-2024-27018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: br_netfilter: skip conntrack input hook for promisc packets\n\nFor historical reasons, when bridge device is in promisc mode, packets\nthat are directed to the taps follow bridge input hook path. This patch\nadds a workaround to reset conntrack for these packets.\n\nJianbo Liu reports warning splats in their test infrastructure where\ncloned packets reach the br_netfilter input hook to confirm the\nconntrack object.\n\nScratch one bit from BR_INPUT_SKB_CB to annotate that this packet has\nreached the input hook because it is passed up to the bridge device to\nreach the taps.\n\n[ 57.571874] WARNING: CPU: 1 PID: 0 at net/bridge/br_netfilter_hooks.c:616 br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.572749] Modules linked in: xt_MASQUERADE nf_conntrack_netlink nfnetlink iptable_nat xt_addrtype xt_conntrack nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_isc si ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core mlx5ctl mlx5_core\n[ 57.575158] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.8.0+ #19\n[ 57.575700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 57.576662] RIP: 0010:br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.577195] Code: fe ff ff 41 bd 04 00 00 00 be 04 00 00 00 e9 4a ff ff ff be 04 00 00 00 48 89 ef e8 f3 a9 3c e1 66 83 ad b4 00 00 00 04 eb 91 \u003c0f\u003e 0b e9 f1 fe ff ff 0f 0b e9 df fe ff ff 48 89 df e8 b3 53 47 e1\n[ 57.578722] RSP: 0018:ffff88885f845a08 EFLAGS: 00010202\n[ 57.579207] RAX: 0000000000000002 RBX: ffff88812dfe8000 RCX: 0000000000000000\n[ 57.579830] RDX: ffff88885f845a60 RSI: ffff8881022dc300 RDI: 0000000000000000\n[ 57.580454] RBP: ffff88885f845a60 R08: 0000000000000001 R09: 0000000000000003\n[ 57.581076] R10: 00000000ffff1300 R11: 0000000000000002 R12: 0000000000000000\n[ 57.581695] R13: ffff8881047ffe00 R14: ffff888108dbee00 R15: ffff88814519b800\n[ 57.582313] FS: 0000000000000000(0000) GS:ffff88885f840000(0000) knlGS:0000000000000000\n[ 57.583040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 57.583564] CR2: 000000c4206aa000 CR3: 0000000103847001 CR4: 0000000000370eb0\n[ 57.584194] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[ 57.584820] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[ 57.585440] Call Trace:\n[ 57.585721] \u003cIRQ\u003e\n[ 57.585976] ? __warn+0x7d/0x130\n[ 57.586323] ? br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.586811] ? report_bug+0xf1/0x1c0\n[ 57.587177] ? handle_bug+0x3f/0x70\n[ 57.587539] ? exc_invalid_op+0x13/0x60\n[ 57.587929] ? asm_exc_invalid_op+0x16/0x20\n[ 57.588336] ? br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.588825] nf_hook_slow+0x3d/0xd0\n[ 57.589188] ? br_handle_vlan+0x4b/0x110\n[ 57.589579] br_pass_frame_up+0xfc/0x150\n[ 57.589970] ? br_port_flags_change+0x40/0x40\n[ 57.590396] br_handle_frame_finish+0x346/0x5e0\n[ 57.590837] ? ipt_do_table+0x32e/0x430\n[ 57.591221] ? br_handle_local_finish+0x20/0x20\n[ 57.591656] br_nf_hook_thresh+0x4b/0xf0 [br_netfilter]\n[ 57.592286] ? br_handle_local_finish+0x20/0x20\n[ 57.592802] br_nf_pre_routing_finish+0x178/0x480 [br_netfilter]\n[ 57.593348] ? br_handle_local_finish+0x20/0x20\n[ 57.593782] ? nf_nat_ipv4_pre_routing+0x25/0x60 [nf_nat]\n[ 57.594279] br_nf_pre_routing+0x24c/0x550 [br_netfilter]\n[ 57.594780] ? br_nf_hook_thresh+0xf0/0xf0 [br_netfilter]\n[ 57.595280] br_handle_frame+0x1f3/0x3d0\n[ 57.595676] ? br_handle_local_finish+0x20/0x20\n[ 57.596118] ? br_handle_frame_finish+0x5e0/0x5e0\n[ 57.596566] __netif_receive_skb_core+0x25b/0xfc0\n[ 57.597017] ? __napi_build_skb+0x37/0x40\n[ 57.597418] __netif_receive_skb_list_core+0xfb/0x220",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27018",
"url": "https://www.suse.com/security/cve/CVE-2024-27018"
},
{
"category": "external",
"summary": "SUSE Bug 1223809 for CVE-2024-27018",
"url": "https://bugzilla.suse.com/1223809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-27018"
},
{
"cve": "CVE-2024-27415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27415"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: bridge: confirm multicast packets before passing them up the stack\n\nconntrack nf_confirm logic cannot handle cloned skbs referencing\nthe same nf_conn entry, which will happen for multicast (broadcast)\nframes on bridges.\n\n Example:\n macvlan0\n |\n br0\n / \\\n ethX ethY\n\n ethX (or Y) receives a L2 multicast or broadcast packet containing\n an IP packet, flow is not yet in conntrack table.\n\n 1. skb passes through bridge and fake-ip (br_netfilter)Prerouting.\n -\u003e skb-\u003e_nfct now references a unconfirmed entry\n 2. skb is broad/mcast packet. bridge now passes clones out on each bridge\n interface.\n 3. skb gets passed up the stack.\n 4. In macvlan case, macvlan driver retains clone(s) of the mcast skb\n and schedules a work queue to send them out on the lower devices.\n\n The clone skb-\u003e_nfct is not a copy, it is the same entry as the\n original skb. The macvlan rx handler then returns RX_HANDLER_PASS.\n 5. Normal conntrack hooks (in NF_INET_LOCAL_IN) confirm the orig skb.\n\nThe Macvlan broadcast worker and normal confirm path will race.\n\nThis race will not happen if step 2 already confirmed a clone. In that\ncase later steps perform skb_clone() with skb-\u003e_nfct already confirmed (in\nhash table). This works fine.\n\nBut such confirmation won\u0027t happen when eb/ip/nftables rules dropped the\npackets before they reached the nf_confirm step in postrouting.\n\nPablo points out that nf_conntrack_bridge doesn\u0027t allow use of stateful\nnat, so we can safely discard the nf_conn entry and let inet call\nconntrack again.\n\nThis doesn\u0027t work for bridge netfilter: skb could have a nat\ntransformation. Also bridge nf prevents re-invocation of inet prerouting\nvia \u0027sabotage_in\u0027 hook.\n\nWork around this problem by explicit confirmation of the entry at LOCAL_IN\ntime, before upper layer has a chance to clone the unconfirmed entry.\n\nThe downside is that this disables NAT and conntrack helpers.\n\nAlternative fix would be to add locking to all code parts that deal with\nunconfirmed packets, but even if that could be done in a sane way this\nopens up other problems, for example:\n\n-m physdev --physdev-out eth0 -j SNAT --snat-to 1.2.3.4\n-m physdev --physdev-out eth1 -j SNAT --snat-to 1.2.3.5\n\nFor multicast case, only one of such conflicting mappings will be\ncreated, conntrack only handles 1:1 NAT mappings.\n\nUsers should set create a setup that explicitly marks such traffic\nNOTRACK (conntrack bypass) to avoid this, but we cannot auto-bypass\nthem, ruleset might have accept rules for untracked traffic already,\nso user-visible behaviour would change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27415",
"url": "https://www.suse.com/security/cve/CVE-2024-27415"
},
{
"category": "external",
"summary": "SUSE Bug 1224757 for CVE-2024-27415",
"url": "https://bugzilla.suse.com/1224757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-27415"
},
{
"cve": "CVE-2024-28956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28956"
}
],
"notes": [
{
"category": "general",
"text": "Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28956",
"url": "https://www.suse.com/security/cve/CVE-2024-28956"
},
{
"category": "external",
"summary": "SUSE Bug 1242006 for CVE-2024-28956",
"url": "https://bugzilla.suse.com/1242006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-28956"
},
{
"cve": "CVE-2024-35840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()\n\nsubflow_finish_connect() uses four fields (backup, join_id, thmac, none)\nthat may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set\nin mptcp_parse_option()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35840",
"url": "https://www.suse.com/security/cve/CVE-2024-35840"
},
{
"category": "external",
"summary": "SUSE Bug 1224597 for CVE-2024-35840",
"url": "https://bugzilla.suse.com/1224597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-35840"
},
{
"cve": "CVE-2024-43869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix event leak upon exec and file release\n\nThe perf pending task work is never waited upon the matching event\nrelease. In the case of a child event, released via free_event()\ndirectly, this can potentially result in a leaked event, such as in the\nfollowing scenario that doesn\u0027t even require a weak IRQ work\nimplementation to trigger:\n\nschedule()\n prepare_task_switch()\n=======\u003e \u003cNMI\u003e\n perf_event_overflow()\n event-\u003epending_sigtrap = ...\n irq_work_queue(\u0026event-\u003epending_irq)\n\u003c======= \u003c/NMI\u003e\n perf_event_task_sched_out()\n event_sched_out()\n event-\u003epending_sigtrap = 0;\n atomic_long_inc_not_zero(\u0026event-\u003erefcount)\n task_work_add(\u0026event-\u003epending_task)\n finish_lock_switch()\n=======\u003e \u003cIRQ\u003e\n perf_pending_irq()\n //do nothing, rely on pending task work\n\u003c======= \u003c/IRQ\u003e\n\nbegin_new_exec()\n perf_event_exit_task()\n perf_event_exit_event()\n // If is child event\n free_event()\n WARN(atomic_long_cmpxchg(\u0026event-\u003erefcount, 1, 0) != 1)\n // event is leaked\n\nSimilar scenarios can also happen with perf_event_remove_on_exec() or\nsimply against concurrent perf_event_release().\n\nFix this with synchonizing against the possibly remaining pending task\nwork while freeing the event, just like is done with remaining pending\nIRQ work. This means that the pending task callback neither need nor\nshould hold a reference to the event, preventing it from ever beeing\nfreed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43869",
"url": "https://www.suse.com/security/cve/CVE-2024-43869"
},
{
"category": "external",
"summary": "SUSE Bug 1229491 for CVE-2024-43869",
"url": "https://bugzilla.suse.com/1229491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-43869"
},
{
"cve": "CVE-2024-46713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/aux: Fix AUX buffer serialization\n\nOle reported that event-\u003emmap_mutex is strictly insufficient to\nserialize the AUX buffer, add a per RB mutex to fully serialize it.\n\nNote that in the lock order comment the perf_event::mmap_mutex order\nwas already wrong, that is, it nesting under mmap_lock is not new with\nthis patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46713",
"url": "https://www.suse.com/security/cve/CVE-2024-46713"
},
{
"category": "external",
"summary": "SUSE Bug 1230581 for CVE-2024-46713",
"url": "https://bugzilla.suse.com/1230581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-46713"
},
{
"cve": "CVE-2024-46763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfou: Fix null-ptr-deref in GRO.\n\nWe observed a null-ptr-deref in fou_gro_receive() while shutting down\na host. [0]\n\nThe NULL pointer is sk-\u003esk_user_data, and the offset 8 is of protocol\nin struct fou.\n\nWhen fou_release() is called due to netns dismantle or explicit tunnel\nteardown, udp_tunnel_sock_release() sets NULL to sk-\u003esk_user_data.\nThen, the tunnel socket is destroyed after a single RCU grace period.\n\nSo, in-flight udp4_gro_receive() could find the socket and execute the\nFOU GRO handler, where sk-\u003esk_user_data could be NULL.\n\nLet\u0027s use rcu_dereference_sk_user_data() in fou_from_sock() and add NULL\nchecks in FOU GRO handlers.\n\n[0]:\nBUG: kernel NULL pointer dereference, address: 0000000000000008\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 80000001032f4067 P4D 80000001032f4067 PUD 103240067 PMD 0\nSMP PTI\nCPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.10.216-204.855.amzn2.x86_64 #1\nHardware name: Amazon EC2 c5.large/, BIOS 1.0 10/16/2017\nRIP: 0010:fou_gro_receive (net/ipv4/fou.c:233) [fou]\nCode: 41 5f c3 cc cc cc cc e8 e7 2e 69 f4 0f 1f 80 00 00 00 00 0f 1f 44 00 00 49 89 f8 41 54 48 89 f7 48 89 d6 49 8b 80 88 02 00 00 \u003c0f\u003e b6 48 08 0f b7 42 4a 66 25 fd fd 80 cc 02 66 89 42 4a 0f b6 42\nRSP: 0018:ffffa330c0003d08 EFLAGS: 00010297\nRAX: 0000000000000000 RBX: ffff93d9e3a6b900 RCX: 0000000000000010\nRDX: ffff93d9e3a6b900 RSI: ffff93d9e3a6b900 RDI: ffff93dac2e24d08\nRBP: ffff93d9e3a6b900 R08: ffff93dacbce6400 R09: 0000000000000002\nR10: 0000000000000000 R11: ffffffffb5f369b0 R12: ffff93dacbce6400\nR13: ffff93dac2e24d08 R14: 0000000000000000 R15: ffffffffb4edd1c0\nFS: 0000000000000000(0000) GS:ffff93daee800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 0000000102140001 CR4: 00000000007706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cIRQ\u003e\n ? show_trace_log_lvl (arch/x86/kernel/dumpstack.c:259)\n ? __die_body.cold (arch/x86/kernel/dumpstack.c:478 arch/x86/kernel/dumpstack.c:420)\n ? no_context (arch/x86/mm/fault.c:752)\n ? exc_page_fault (arch/x86/include/asm/irqflags.h:49 arch/x86/include/asm/irqflags.h:89 arch/x86/mm/fault.c:1435 arch/x86/mm/fault.c:1483)\n ? asm_exc_page_fault (arch/x86/include/asm/idtentry.h:571)\n ? fou_gro_receive (net/ipv4/fou.c:233) [fou]\n udp_gro_receive (include/linux/netdevice.h:2552 net/ipv4/udp_offload.c:559)\n udp4_gro_receive (net/ipv4/udp_offload.c:604)\n inet_gro_receive (net/ipv4/af_inet.c:1549 (discriminator 7))\n dev_gro_receive (net/core/dev.c:6035 (discriminator 4))\n napi_gro_receive (net/core/dev.c:6170)\n ena_clean_rx_irq (drivers/amazon/net/ena/ena_netdev.c:1558) [ena]\n ena_io_poll (drivers/amazon/net/ena/ena_netdev.c:1742) [ena]\n napi_poll (net/core/dev.c:6847)\n net_rx_action (net/core/dev.c:6917)\n __do_softirq (arch/x86/include/asm/jump_label.h:25 include/linux/jump_label.h:200 include/trace/events/irq.h:142 kernel/softirq.c:299)\n asm_call_irq_on_stack (arch/x86/entry/entry_64.S:809)\n\u003c/IRQ\u003e\n do_softirq_own_stack (arch/x86/include/asm/irq_stack.h:27 arch/x86/include/asm/irq_stack.h:77 arch/x86/kernel/irq_64.c:77)\n irq_exit_rcu (kernel/softirq.c:393 kernel/softirq.c:423 kernel/softirq.c:435)\n common_interrupt (arch/x86/kernel/irq.c:239)\n asm_common_interrupt (arch/x86/include/asm/idtentry.h:626)\nRIP: 0010:acpi_idle_do_entry (arch/x86/include/asm/irqflags.h:49 arch/x86/include/asm/irqflags.h:89 drivers/acpi/processor_idle.c:114 drivers/acpi/processor_idle.c:575)\nCode: 8b 15 d1 3c c4 02 ed c3 cc cc cc cc 65 48 8b 04 25 40 ef 01 00 48 8b 00 a8 08 75 eb 0f 1f 44 00 00 0f 00 2d d5 09 55 00 fb f4 \u003cfa\u003e c3 cc cc cc cc e9 be fc ff ff 66 66 2e 0f 1f 84 00 00 00 00 00\nRSP: 0018:ffffffffb5603e58 EFLAGS: 00000246\nRAX: 0000000000004000 RBX: ffff93dac0929c00 RCX: ffff93daee833900\nRDX: ffff93daee800000 RSI: ffff93d\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46763",
"url": "https://www.suse.com/security/cve/CVE-2024-46763"
},
{
"category": "external",
"summary": "SUSE Bug 1230764 for CVE-2024-46763",
"url": "https://bugzilla.suse.com/1230764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-46763"
},
{
"cve": "CVE-2024-46865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfou: fix initialization of grc\n\nThe grc must be initialize first. There can be a condition where if\nfou is NULL, goto out will be executed and grc would be used\nuninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46865",
"url": "https://www.suse.com/security/cve/CVE-2024-46865"
},
{
"category": "external",
"summary": "SUSE Bug 1231103 for CVE-2024-46865",
"url": "https://bugzilla.suse.com/1231103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-46865"
},
{
"cve": "CVE-2024-50038",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50038"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xtables: avoid NFPROTO_UNSPEC where needed\n\nsyzbot managed to call xt_cluster match via ebtables:\n\n WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780\n [..]\n ebt_do_table+0x174b/0x2a40\n\nModule registers to NFPROTO_UNSPEC, but it assumes ipv4/ipv6 packet\nprocessing. As this is only useful to restrict locally terminating\nTCP/UDP traffic, register this for ipv4 and ipv6 family only.\n\nPablo points out that this is a general issue, direct users of the\nset/getsockopt interface can call into targets/matches that were only\nintended for use with ip(6)tables.\n\nCheck all UNSPEC matches and targets for similar issues:\n\n- matches and targets are fine except if they assume skb_network_header()\n is valid -- this is only true when called from inet layer: ip(6) stack\n pulls the ip/ipv6 header into linear data area.\n- targets that return XT_CONTINUE or other xtables verdicts must be\n restricted too, they are incompatbile with the ebtables traverser, e.g.\n EBT_CONTINUE is a completely different value than XT_CONTINUE.\n\nMost matches/targets are changed to register for NFPROTO_IPV4/IPV6, as\nthey are provided for use by ip(6)tables.\n\nThe MARK target is also used by arptables, so register for NFPROTO_ARP too.\n\nWhile at it, bail out if connbytes fails to enable the corresponding\nconntrack family.\n\nThis change passes the selftests in iptables.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50038",
"url": "https://www.suse.com/security/cve/CVE-2024-50038"
},
{
"category": "external",
"summary": "SUSE Bug 1231910 for CVE-2024-50038",
"url": "https://bugzilla.suse.com/1231910"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50038"
},
{
"cve": "CVE-2024-50083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix mptcp DSS corruption due to large pmtu xmit\n\nSyzkaller was able to trigger a DSS corruption:\n\n TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 5227 at net/mptcp/protocol.c:695 __mptcp_move_skbs_from_subflow+0x20a9/0x21f0 net/mptcp/protocol.c:695\n Modules linked in:\n CPU: 0 UID: 0 PID: 5227 Comm: syz-executor350 Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\n RIP: 0010:__mptcp_move_skbs_from_subflow+0x20a9/0x21f0 net/mptcp/protocol.c:695\n Code: 0f b6 dc 31 ff 89 de e8 b5 dd ea f5 89 d8 48 81 c4 50 01 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 98 da ea f5 90 \u003c0f\u003e 0b 90 e9 47 ff ff ff e8 8a da ea f5 90 0f 0b 90 e9 99 e0 ff ff\n RSP: 0018:ffffc90000006db8 EFLAGS: 00010246\n RAX: ffffffff8ba9df18 RBX: 00000000000055f0 RCX: ffff888030023c00\n RDX: 0000000000000100 RSI: 00000000000081e5 RDI: 00000000000055f0\n RBP: 1ffff110062bf1ae R08: ffffffff8ba9cf12 R09: 1ffff110062bf1b8\n R10: dffffc0000000000 R11: ffffed10062bf1b9 R12: 0000000000000000\n R13: dffffc0000000000 R14: 00000000700cec61 R15: 00000000000081e5\n FS: 000055556679c380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020287000 CR3: 0000000077892000 CR4: 00000000003506f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cIRQ\u003e\n move_skbs_to_msk net/mptcp/protocol.c:811 [inline]\n mptcp_data_ready+0x29c/0xa90 net/mptcp/protocol.c:854\n subflow_data_ready+0x34a/0x920 net/mptcp/subflow.c:1490\n tcp_data_queue+0x20fd/0x76c0 net/ipv4/tcp_input.c:5283\n tcp_rcv_established+0xfba/0x2020 net/ipv4/tcp_input.c:6237\n tcp_v4_do_rcv+0x96d/0xc70 net/ipv4/tcp_ipv4.c:1915\n tcp_v4_rcv+0x2dc0/0x37f0 net/ipv4/tcp_ipv4.c:2350\n ip_protocol_deliver_rcu+0x22e/0x440 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n __netif_receive_skb_one_core net/core/dev.c:5662 [inline]\n __netif_receive_skb+0x2bf/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6107\n __napi_poll+0xcb/0x490 net/core/dev.c:6771\n napi_poll net/core/dev.c:6840 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6962\n handle_softirqs+0x2c5/0x980 kernel/softirq.c:554\n do_softirq+0x11b/0x1e0 kernel/softirq.c:455\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:382\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x1764/0x3e80 net/core/dev.c:4451\n dev_queue_xmit include/linux/netdevice.h:3094 [inline]\n neigh_hh_output include/net/neighbour.h:526 [inline]\n neigh_output include/net/neighbour.h:540 [inline]\n ip_finish_output2+0xd41/0x1390 net/ipv4/ip_output.c:236\n ip_local_out net/ipv4/ip_output.c:130 [inline]\n __ip_queue_xmit+0x118c/0x1b80 net/ipv4/ip_output.c:536\n __tcp_transmit_skb+0x2544/0x3b30 net/ipv4/tcp_output.c:1466\n tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline]\n tcp_mtu_probe net/ipv4/tcp_output.c:2547 [inline]\n tcp_write_xmit+0x641d/0x6bf0 net/ipv4/tcp_output.c:2752\n __tcp_push_pending_frames+0x9b/0x360 net/ipv4/tcp_output.c:3015\n tcp_push_pending_frames include/net/tcp.h:2107 [inline]\n tcp_data_snd_check net/ipv4/tcp_input.c:5714 [inline]\n tcp_rcv_established+0x1026/0x2020 net/ipv4/tcp_input.c:6239\n tcp_v4_do_rcv+0x96d/0xc70 net/ipv4/tcp_ipv4.c:1915\n sk_backlog_rcv include/net/sock.h:1113 [inline]\n __release_sock+0x214/0x350 net/core/sock.c:3072\n release_sock+0x61/0x1f0 net/core/sock.c:3626\n mptcp_push_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50083",
"url": "https://www.suse.com/security/cve/CVE-2024-50083"
},
{
"category": "external",
"summary": "SUSE Bug 1232493 for CVE-2024-50083",
"url": "https://bugzilla.suse.com/1232493"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50083"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.com/1232882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50106"
},
{
"cve": "CVE-2024-50162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: devmap: provide rxq after redirect\n\nrxq contains a pointer to the device from where\nthe redirect happened. Currently, the BPF program\nthat was executed after a redirect via BPF_MAP_TYPE_DEVMAP*\ndoes not have it set.\n\nThis is particularly bad since accessing ingress_ifindex, e.g.\n\nSEC(\"xdp\")\nint prog(struct xdp_md *pkt)\n{\n return bpf_redirect_map(\u0026dev_redirect_map, 0, 0);\n}\n\nSEC(\"xdp/devmap\")\nint prog_after_redirect(struct xdp_md *pkt)\n{\n bpf_printk(\"ifindex %i\", pkt-\u003eingress_ifindex);\n return XDP_PASS;\n}\n\ndepends on access to rxq, so a NULL pointer gets dereferenced:\n\n\u003c1\u003e[ 574.475170] BUG: kernel NULL pointer dereference, address: 0000000000000000\n\u003c1\u003e[ 574.475188] #PF: supervisor read access in kernel mode\n\u003c1\u003e[ 574.475194] #PF: error_code(0x0000) - not-present page\n\u003c6\u003e[ 574.475199] PGD 0 P4D 0\n\u003c4\u003e[ 574.475207] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n\u003c4\u003e[ 574.475217] CPU: 4 UID: 0 PID: 217 Comm: kworker/4:1 Not tainted 6.11.0-rc5-reduced-00859-g780801200300 #23\n\u003c4\u003e[ 574.475226] Hardware name: Intel(R) Client Systems NUC13ANHi7/NUC13ANBi7, BIOS ANRPL357.0026.2023.0314.1458 03/14/2023\n\u003c4\u003e[ 574.475231] Workqueue: mld mld_ifc_work\n\u003c4\u003e[ 574.475247] RIP: 0010:bpf_prog_5e13354d9cf5018a_prog_after_redirect+0x17/0x3c\n\u003c4\u003e[ 574.475257] Code: cc cc cc cc cc cc cc 80 00 00 00 cc cc cc cc cc cc cc cc f3 0f 1e fa 0f 1f 44 00 00 66 90 55 48 89 e5 f3 0f 1e fa 48 8b 57 20 \u003c48\u003e 8b 52 00 8b 92 e0 00 00 00 48 bf f8 a6 d5 c4 5d a0 ff ff be 0b\n\u003c4\u003e[ 574.475263] RSP: 0018:ffffa62440280c98 EFLAGS: 00010206\n\u003c4\u003e[ 574.475269] RAX: ffffa62440280cd8 RBX: 0000000000000001 RCX: 0000000000000000\n\u003c4\u003e[ 574.475274] RDX: 0000000000000000 RSI: ffffa62440549048 RDI: ffffa62440280ce0\n\u003c4\u003e[ 574.475278] RBP: ffffa62440280c98 R08: 0000000000000002 R09: 0000000000000001\n\u003c4\u003e[ 574.475281] R10: ffffa05dc8b98000 R11: ffffa05f577fca40 R12: ffffa05dcab24000\n\u003c4\u003e[ 574.475285] R13: ffffa62440280ce0 R14: ffffa62440549048 R15: ffffa62440549000\n\u003c4\u003e[ 574.475289] FS: 0000000000000000(0000) GS:ffffa05f4f700000(0000) knlGS:0000000000000000\n\u003c4\u003e[ 574.475294] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n\u003c4\u003e[ 574.475298] CR2: 0000000000000000 CR3: 000000025522e000 CR4: 0000000000f50ef0\n\u003c4\u003e[ 574.475303] PKRU: 55555554\n\u003c4\u003e[ 574.475306] Call Trace:\n\u003c4\u003e[ 574.475313] \u003cIRQ\u003e\n\u003c4\u003e[ 574.475318] ? __die+0x23/0x70\n\u003c4\u003e[ 574.475329] ? page_fault_oops+0x180/0x4c0\n\u003c4\u003e[ 574.475339] ? skb_pp_cow_data+0x34c/0x490\n\u003c4\u003e[ 574.475346] ? kmem_cache_free+0x257/0x280\n\u003c4\u003e[ 574.475357] ? exc_page_fault+0x67/0x150\n\u003c4\u003e[ 574.475368] ? asm_exc_page_fault+0x26/0x30\n\u003c4\u003e[ 574.475381] ? bpf_prog_5e13354d9cf5018a_prog_after_redirect+0x17/0x3c\n\u003c4\u003e[ 574.475386] bq_xmit_all+0x158/0x420\n\u003c4\u003e[ 574.475397] __dev_flush+0x30/0x90\n\u003c4\u003e[ 574.475407] veth_poll+0x216/0x250 [veth]\n\u003c4\u003e[ 574.475421] __napi_poll+0x28/0x1c0\n\u003c4\u003e[ 574.475430] net_rx_action+0x32d/0x3a0\n\u003c4\u003e[ 574.475441] handle_softirqs+0xcb/0x2c0\n\u003c4\u003e[ 574.475451] do_softirq+0x40/0x60\n\u003c4\u003e[ 574.475458] \u003c/IRQ\u003e\n\u003c4\u003e[ 574.475461] \u003cTASK\u003e\n\u003c4\u003e[ 574.475464] __local_bh_enable_ip+0x66/0x70\n\u003c4\u003e[ 574.475471] __dev_queue_xmit+0x268/0xe40\n\u003c4\u003e[ 574.475480] ? selinux_ip_postroute+0x213/0x420\n\u003c4\u003e[ 574.475491] ? alloc_skb_with_frags+0x4a/0x1d0\n\u003c4\u003e[ 574.475502] ip6_finish_output2+0x2be/0x640\n\u003c4\u003e[ 574.475512] ? nf_hook_slow+0x42/0xf0\n\u003c4\u003e[ 574.475521] ip6_finish_output+0x194/0x300\n\u003c4\u003e[ 574.475529] ? __pfx_ip6_finish_output+0x10/0x10\n\u003c4\u003e[ 574.475538] mld_sendpack+0x17c/0x240\n\u003c4\u003e[ 574.475548] mld_ifc_work+0x192/0x410\n\u003c4\u003e[ 574.475557] process_one_work+0x15d/0x380\n\u003c4\u003e[ 574.475566] worker_thread+0x29d/0x3a0\n\u003c4\u003e[ 574.475573] ? __pfx_worker_thread+0x10/0x10\n\u003c4\u003e[ 574.475580] ? __pfx_worker_thread+0x10/0x10\n\u003c4\u003e[ 574.475587] kthread+0xcd/0x100\n\u003c4\u003e[ 574.475597] ? __pfx_kthread+0x10/0x10\n\u003c4\u003e[ 574.475606] ret_from_fork+0x31/0x50\n\u003c4\u003e[ 574.475615] ? __pfx_kthread+0x10/0x10\n\u003c4\u003e[ 574.475623] ret_from_fork_asm+0x1a/0x\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50162",
"url": "https://www.suse.com/security/cve/CVE-2024-50162"
},
{
"category": "external",
"summary": "SUSE Bug 1233075 for CVE-2024-50162",
"url": "https://bugzilla.suse.com/1233075"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50162"
},
{
"cve": "CVE-2024-50163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50163"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Make sure internal and UAPI bpf_redirect flags don\u0027t overlap\n\nThe bpf_redirect_info is shared between the SKB and XDP redirect paths,\nand the two paths use the same numeric flag values in the ri-\u003eflags\nfield (specifically, BPF_F_BROADCAST == BPF_F_NEXTHOP). This means that\nif skb bpf_redirect_neigh() is used with a non-NULL params argument and,\nsubsequently, an XDP redirect is performed using the same\nbpf_redirect_info struct, the XDP path will get confused and end up\ncrashing, which syzbot managed to trigger.\n\nWith the stack-allocated bpf_redirect_info, the structure is no longer\nshared between the SKB and XDP paths, so the crash doesn\u0027t happen\nanymore. However, different code paths using identically-numbered flag\nvalues in the same struct field still seems like a bit of a mess, so\nthis patch cleans that up by moving the flag definitions together and\nredefining the three flags in BPF_F_REDIRECT_INTERNAL to not overlap\nwith the flags used for XDP. It also adds a BUILD_BUG_ON() check to make\nsure the overlap is not re-introduced by mistake.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50163",
"url": "https://www.suse.com/security/cve/CVE-2024-50163"
},
{
"category": "external",
"summary": "SUSE Bug 1233098 for CVE-2024-50163",
"url": "https://bugzilla.suse.com/1233098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50163"
},
{
"cve": "CVE-2024-50223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50223"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: Fix the potential null pointer dereference in task_numa_work()\n\nWhen running stress-ng-vm-segv test, we found a null pointer dereference\nerror in task_numa_work(). Here is the backtrace:\n\n [323676.066985] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ......\n [323676.067108] CPU: 35 PID: 2694524 Comm: stress-ng-vm-se\n ......\n [323676.067113] pstate: 23401009 (nzCv daif +PAN -UAO +TCO +DIT +SSBS BTYPE=--)\n [323676.067115] pc : vma_migratable+0x1c/0xd0\n [323676.067122] lr : task_numa_work+0x1ec/0x4e0\n [323676.067127] sp : ffff8000ada73d20\n [323676.067128] x29: ffff8000ada73d20 x28: 0000000000000000 x27: 000000003e89f010\n [323676.067130] x26: 0000000000080000 x25: ffff800081b5c0d8 x24: ffff800081b27000\n [323676.067133] x23: 0000000000010000 x22: 0000000104d18cc0 x21: ffff0009f7158000\n [323676.067135] x20: 0000000000000000 x19: 0000000000000000 x18: ffff8000ada73db8\n [323676.067138] x17: 0001400000000000 x16: ffff800080df40b0 x15: 0000000000000035\n [323676.067140] x14: ffff8000ada73cc8 x13: 1fffe0017cc72001 x12: ffff8000ada73cc8\n [323676.067142] x11: ffff80008001160c x10: ffff000be639000c x9 : ffff8000800f4ba4\n [323676.067145] x8 : ffff000810375000 x7 : ffff8000ada73974 x6 : 0000000000000001\n [323676.067147] x5 : 0068000b33e26707 x4 : 0000000000000001 x3 : ffff0009f7158000\n [323676.067149] x2 : 0000000000000041 x1 : 0000000000004400 x0 : 0000000000000000\n [323676.067152] Call trace:\n [323676.067153] vma_migratable+0x1c/0xd0\n [323676.067155] task_numa_work+0x1ec/0x4e0\n [323676.067157] task_work_run+0x78/0xd8\n [323676.067161] do_notify_resume+0x1ec/0x290\n [323676.067163] el0_svc+0x150/0x160\n [323676.067167] el0t_64_sync_handler+0xf8/0x128\n [323676.067170] el0t_64_sync+0x17c/0x180\n [323676.067173] Code: d2888001 910003fd f9000bf3 aa0003f3 (f9401000)\n [323676.067177] SMP: stopping secondary CPUs\n [323676.070184] Starting crashdump kernel...\n\nstress-ng-vm-segv in stress-ng is used to stress test the SIGSEGV error\nhandling function of the system, which tries to cause a SIGSEGV error on\nreturn from unmapping the whole address space of the child process.\n\nNormally this program will not cause kernel crashes. But before the\nmunmap system call returns to user mode, a potential task_numa_work()\nfor numa balancing could be added and executed. In this scenario, since the\nchild process has no vma after munmap, the vma_next() in task_numa_work()\nwill return a null pointer even if the vma iterator restarts from 0.\n\nRecheck the vma pointer before dereferencing it in task_numa_work().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50223",
"url": "https://www.suse.com/security/cve/CVE-2024-50223"
},
{
"category": "external",
"summary": "SUSE Bug 1233192 for CVE-2024-50223",
"url": "https://bugzilla.suse.com/1233192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50223"
},
{
"cve": "CVE-2024-53124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix data-races around sk-\u003esk_forward_alloc\n\nSyzkaller reported this warning:\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0\n Modules linked in:\n CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.12.0-rc5 #26\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n RIP: 0010:inet_sock_destruct+0x1c5/0x1e0\n Code: 24 12 4c 89 e2 5b 48 c7 c7 98 ec bb 82 41 5c e9 d1 18 17 ff 4c 89 e6 5b 48 c7 c7 d0 ec bb 82 41 5c e9 bf 18 17 ff 0f 0b eb 83 \u003c0f\u003e 0b eb 97 0f 0b eb 87 0f 0b e9 68 ff ff ff 66 66 2e 0f 1f 84 00\n RSP: 0018:ffffc9000008bd90 EFLAGS: 00010206\n RAX: 0000000000000300 RBX: ffff88810b172a90 RCX: 0000000000000007\n RDX: 0000000000000002 RSI: 0000000000000300 RDI: ffff88810b172a00\n RBP: ffff88810b172a00 R08: ffff888104273c00 R09: 0000000000100007\n R10: 0000000000020000 R11: 0000000000000006 R12: ffff88810b172a00\n R13: 0000000000000004 R14: 0000000000000000 R15: ffff888237c31f78\n FS: 0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ffc63fecac8 CR3: 000000000342e000 CR4: 00000000000006f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x88/0x130\n ? inet_sock_destruct+0x1c5/0x1e0\n ? report_bug+0x18e/0x1a0\n ? handle_bug+0x53/0x90\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? inet_sock_destruct+0x1c5/0x1e0\n __sk_destruct+0x2a/0x200\n rcu_do_batch+0x1aa/0x530\n ? rcu_do_batch+0x13b/0x530\n rcu_core+0x159/0x2f0\n handle_softirqs+0xd3/0x2b0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n run_ksoftirqd+0x25/0x30\n smpboot_thread_fn+0xdd/0x1d0\n kthread+0xd3/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n\nIts possible that two threads call tcp_v6_do_rcv()/sk_forward_alloc_add()\nconcurrently when sk-\u003esk_state == TCP_LISTEN with sk-\u003esk_lock unlocked,\nwhich triggers a data-race around sk-\u003esk_forward_alloc:\ntcp_v6_rcv\n tcp_v6_do_rcv\n skb_clone_and_charge_r\n sk_rmem_schedule\n __sk_mem_schedule\n sk_forward_alloc_add()\n skb_set_owner_r\n sk_mem_charge\n sk_forward_alloc_add()\n __kfree_skb\n skb_release_all\n skb_release_head_state\n sock_rfree\n sk_mem_uncharge\n sk_forward_alloc_add()\n sk_mem_reclaim\n // set local var reclaimable\n __sk_mem_reclaim\n sk_forward_alloc_add()\n\nIn this syzkaller testcase, two threads call\ntcp_v6_do_rcv() with skb-\u003etruesize=768, the sk_forward_alloc changes like\nthis:\n (cpu 1) | (cpu 2) | sk_forward_alloc\n ... | ... | 0\n __sk_mem_schedule() | | +4096 = 4096\n | __sk_mem_schedule() | +4096 = 8192\n sk_mem_charge() | | -768 = 7424\n | sk_mem_charge() | -768 = 6656\n ... | ... |\n sk_mem_uncharge() | | +768 = 7424\n reclaimable=7424 | |\n | sk_mem_uncharge() | +768 = 8192\n | reclaimable=8192 |\n __sk_mem_reclaim() | | -4096 = 4096\n | __sk_mem_reclaim() | -8192 = -4096 != 0\n\nThe skb_clone_and_charge_r() should not be called in tcp_v6_do_rcv() when\nsk-\u003esk_state is TCP_LISTEN, it happens later in tcp_v6_syn_recv_sock().\nFix the same issue in dccp_v6_do_rcv().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53124",
"url": "https://www.suse.com/security/cve/CVE-2024-53124"
},
{
"category": "external",
"summary": "SUSE Bug 1234074 for CVE-2024-53124",
"url": "https://bugzilla.suse.com/1234074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-53124"
},
{
"cve": "CVE-2024-53135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN\n\nHide KVM\u0027s pt_mode module param behind CONFIG_BROKEN, i.e. disable support\nfor virtualizing Intel PT via guest/host mode unless BROKEN=y. There are\nmyriad bugs in the implementation, some of which are fatal to the guest,\nand others which put the stability and health of the host at risk.\n\nFor guest fatalities, the most glaring issue is that KVM fails to ensure\ntracing is disabled, and *stays* disabled prior to VM-Enter, which is\nnecessary as hardware disallows loading (the guest\u0027s) RTIT_CTL if tracing\nis enabled (enforced via a VMX consistency check). Per the SDM:\n\n If the logical processor is operating with Intel PT enabled (if\n IA32_RTIT_CTL.TraceEn = 1) at the time of VM entry, the \"load\n IA32_RTIT_CTL\" VM-entry control must be 0.\n\nOn the host side, KVM doesn\u0027t validate the guest CPUID configuration\nprovided by userspace, and even worse, uses the guest configuration to\ndecide what MSRs to save/load at VM-Enter and VM-Exit. E.g. configuring\nguest CPUID to enumerate more address ranges than are supported in hardware\nwill result in KVM trying to passthrough, save, and load non-existent MSRs,\nwhich generates a variety of WARNs, ToPA ERRORs in the host, a potential\ndeadlock, etc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53135",
"url": "https://www.suse.com/security/cve/CVE-2024-53135"
},
{
"category": "external",
"summary": "SUSE Bug 1234154 for CVE-2024-53135",
"url": "https://bugzilla.suse.com/1234154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-53135"
},
{
"cve": "CVE-2024-53139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53139"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: fix possible UAF in sctp_v6_available()\n\nA lockdep report [1] with CONFIG_PROVE_RCU_LIST=y hints\nthat sctp_v6_available() is calling dev_get_by_index_rcu()\nand ipv6_chk_addr() without holding rcu.\n\n[1]\n =============================\n WARNING: suspicious RCU usage\n 6.12.0-rc5-virtme #1216 Tainted: G W\n -----------------------------\n net/core/dev.c:876 RCU-list traversed in non-reader section!!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by sctp_hello/31495:\n #0: ffff9f1ebbdb7418 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sctp_bind (./arch/x86/include/asm/jump_label.h:27 net/sctp/socket.c:315) sctp\n\nstack backtrace:\n CPU: 7 UID: 0 PID: 31495 Comm: sctp_hello Tainted: G W 6.12.0-rc5-virtme #1216\n Tainted: [W]=WARN\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl (lib/dump_stack.c:123)\n lockdep_rcu_suspicious (kernel/locking/lockdep.c:6822)\n dev_get_by_index_rcu (net/core/dev.c:876 (discriminator 7))\n sctp_v6_available (net/sctp/ipv6.c:701) sctp\n sctp_do_bind (net/sctp/socket.c:400 (discriminator 1)) sctp\n sctp_bind (net/sctp/socket.c:320) sctp\n inet6_bind_sk (net/ipv6/af_inet6.c:465)\n ? security_socket_bind (security/security.c:4581 (discriminator 1))\n __sys_bind (net/socket.c:1848 net/socket.c:1869)\n ? do_user_addr_fault (./include/linux/rcupdate.h:347 ./include/linux/rcupdate.h:880 ./include/linux/mm.h:729 arch/x86/mm/fault.c:1340)\n ? do_user_addr_fault (./arch/x86/include/asm/preempt.h:84 (discriminator 13) ./include/linux/rcupdate.h:98 (discriminator 13) ./include/linux/rcupdate.h:882 (discriminator 13) ./include/linux/mm.h:729 (discriminator 13) arch/x86/mm/fault.c:1340 (discriminator 13))\n __x64_sys_bind (net/socket.c:1877 (discriminator 1) net/socket.c:1875 (discriminator 1) net/socket.c:1875 (discriminator 1))\n do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n RIP: 0033:0x7f59b934a1e7\n Code: 44 00 00 48 8b 15 39 8c 0c 00 f7 d8 64 89 02 b8 ff ff ff ff eb bd 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 31 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 09 8c 0c 00 f7 d8 64 89 01 48\nAll code\n========\n 0:\t44 00 00 \tadd %r8b,(%rax)\n 3:\t48 8b 15 39 8c 0c 00 \tmov 0xc8c39(%rip),%rdx # 0xc8c43\n a:\tf7 d8 \tneg %eax\n c:\t64 89 02 \tmov %eax,%fs:(%rdx)\n f:\tb8 ff ff ff ff \tmov $0xffffffff,%eax\n 14:\teb bd \tjmp 0xffffffffffffffd3\n 16:\t66 2e 0f 1f 84 00 00 \tcs nopw 0x0(%rax,%rax,1)\n 1d:\t00 00 00\n 20:\t0f 1f 00 \tnopl (%rax)\n 23:\tb8 31 00 00 00 \tmov $0x31,%eax\n 28:\t0f 05 \tsyscall\n 2a:*\t48 3d 01 f0 ff ff \tcmp $0xfffffffffffff001,%rax\t\t\u003c-- trapping instruction\n 30:\t73 01 \tjae 0x33\n 32:\tc3 \tret\n 33:\t48 8b 0d 09 8c 0c 00 \tmov 0xc8c09(%rip),%rcx # 0xc8c43\n 3a:\tf7 d8 \tneg %eax\n 3c:\t64 89 01 \tmov %eax,%fs:(%rcx)\n 3f:\t48 \trex.W\n\nCode starting with the faulting instruction\n===========================================\n 0:\t48 3d 01 f0 ff ff \tcmp $0xfffffffffffff001,%rax\n 6:\t73 01 \tjae 0x9\n 8:\tc3 \tret\n 9:\t48 8b 0d 09 8c 0c 00 \tmov 0xc8c09(%rip),%rcx # 0xc8c19\n 10:\tf7 d8 \tneg %eax\n 12:\t64 89 01 \tmov %eax,%fs:(%rcx)\n 15:\t48 \trex.W\n RSP: 002b:00007ffe2d0ad398 EFLAGS: 00000202 ORIG_RAX: 0000000000000031\n RAX: ffffffffffffffda RBX: 00007ffe2d0ad3d0 RCX: 00007f59b934a1e7\n RDX: 000000000000001c RSI: 00007ffe2d0ad3d0 RDI: 0000000000000005\n RBP: 0000000000000005 R08: 1999999999999999 R09: 0000000000000000\n R10: 00007f59b9253298 R11: 000000000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53139",
"url": "https://www.suse.com/security/cve/CVE-2024-53139"
},
{
"category": "external",
"summary": "SUSE Bug 1234157 for CVE-2024-53139",
"url": "https://bugzilla.suse.com/1234157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-53139"
},
{
"cve": "CVE-2024-54458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: bsg: Set bsg_queue to NULL after removal\n\nCurrently, this does not cause any issues, but I believe it is necessary to\nset bsg_queue to NULL after removing it to prevent potential use-after-free\n(UAF) access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54458",
"url": "https://www.suse.com/security/cve/CVE-2024-54458"
},
{
"category": "external",
"summary": "SUSE Bug 1238992 for CVE-2024-54458",
"url": "https://bugzilla.suse.com/1238992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-54458"
},
{
"cve": "CVE-2024-56641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56641"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: initialize close_work early to avoid warning\n\nWe encountered a warning that close_work was canceled before\ninitialization.\n\n WARNING: CPU: 7 PID: 111103 at kernel/workqueue.c:3047 __flush_work+0x19e/0x1b0\n Workqueue: events smc_lgr_terminate_work [smc]\n RIP: 0010:__flush_work+0x19e/0x1b0\n Call Trace:\n ? __wake_up_common+0x7a/0x190\n ? work_busy+0x80/0x80\n __cancel_work_timer+0xe3/0x160\n smc_close_cancel_work+0x1a/0x70 [smc]\n smc_close_active_abort+0x207/0x360 [smc]\n __smc_lgr_terminate.part.38+0xc8/0x180 [smc]\n process_one_work+0x19e/0x340\n worker_thread+0x30/0x370\n ? process_one_work+0x340/0x340\n kthread+0x117/0x130\n ? __kthread_cancel_work+0x50/0x50\n ret_from_fork+0x22/0x30\n\nThis is because when smc_close_cancel_work is triggered, e.g. the RDMA\ndriver is rmmod and the LGR is terminated, the conn-\u003eclose_work is\nflushed before initialization, resulting in WARN_ON(!work-\u003efunc).\n\n__smc_lgr_terminate | smc_connect_{rdma|ism}\n-------------------------------------------------------------\n | smc_conn_create\n\t\t\t\t| \\- smc_lgr_register_conn\nfor conn in lgr-\u003econns_all |\n\\- smc_conn_kill |\n \\- smc_close_active_abort |\n \\- smc_close_cancel_work |\n \\- cancel_work_sync |\n \\- __flush_work |\n\t (close_work) |\n\t | smc_close_init\n\t | \\- INIT_WORK(\u0026close_work)\n\nSo fix this by initializing close_work before establishing the\nconnection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56641",
"url": "https://www.suse.com/security/cve/CVE-2024-56641"
},
{
"category": "external",
"summary": "SUSE Bug 1235526 for CVE-2024-56641",
"url": "https://bugzilla.suse.com/1235526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56641"
},
{
"cve": "CVE-2024-56702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Mark raw_tp arguments with PTR_MAYBE_NULL\n\nArguments to a raw tracepoint are tagged as trusted, which carries the\nsemantics that the pointer will be non-NULL. However, in certain cases,\na raw tracepoint argument may end up being NULL. More context about this\nissue is available in [0].\n\nThus, there is a discrepancy between the reality, that raw_tp arguments\ncan actually be NULL, and the verifier\u0027s knowledge, that they are never\nNULL, causing explicit NULL checks to be deleted, and accesses to such\npointers potentially crashing the kernel.\n\nTo fix this, mark raw_tp arguments as PTR_MAYBE_NULL, and then special\ncase the dereference and pointer arithmetic to permit it, and allow\npassing them into helpers/kfuncs; these exceptions are made for raw_tp\nprograms only. Ensure that we don\u0027t do this when ref_obj_id \u003e 0, as in\nthat case this is an acquired object and doesn\u0027t need such adjustment.\n\nThe reason we do mask_raw_tp_trusted_reg logic is because other will\nrecheck in places whether the register is a trusted_reg, and then\nconsider our register as untrusted when detecting the presence of the\nPTR_MAYBE_NULL flag.\n\nTo allow safe dereference, we enable PROBE_MEM marking when we see loads\ninto trusted pointers with PTR_MAYBE_NULL.\n\nWhile trusted raw_tp arguments can also be passed into helpers or kfuncs\nwhere such broken assumption may cause issues, a future patch set will\ntackle their case separately, as PTR_TO_BTF_ID (without PTR_TRUSTED) can\nalready be passed into helpers and causes similar problems. Thus, they\nare left alone for now.\n\nIt is possible that these checks also permit passing non-raw_tp args\nthat are trusted PTR_TO_BTF_ID with null marking. In such a case,\nallowing dereference when pointer is NULL expands allowed behavior, so\nwon\u0027t regress existing programs, and the case of passing these into\nhelpers is the same as above and will be dealt with later.\n\nAlso update the failure case in tp_btf_nullable selftest to capture the\nnew behavior, as the verifier will no longer cause an error when\ndirectly dereference a raw tracepoint argument marked as __nullable.\n\n [0]: https://lore.kernel.org/bpf/ZrCZS6nisraEqehw@jlelli-thinkpadt14gen4.remote.csb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56702",
"url": "https://www.suse.com/security/cve/CVE-2024-56702"
},
{
"category": "external",
"summary": "SUSE Bug 1235501 for CVE-2024-56702",
"url": "https://bugzilla.suse.com/1235501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56702"
},
{
"cve": "CVE-2024-57924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: relax assertions on failure to encode file handles\n\nEncoding file handles is usually performed by a filesystem \u003eencode_fh()\nmethod that may fail for various reasons.\n\nThe legacy users of exportfs_encode_fh(), namely, nfsd and\nname_to_handle_at(2) syscall are ready to cope with the possibility\nof failure to encode a file handle.\n\nThere are a few other users of exportfs_encode_{fh,fid}() that\ncurrently have a WARN_ON() assertion when -\u003eencode_fh() fails.\nRelax those assertions because they are wrong.\n\nThe second linked bug report states commit 16aac5ad1fa9 (\"ovl: support\nencoding non-decodable file handles\") in v6.6 as the regressing commit,\nbut this is not accurate.\n\nThe aforementioned commit only increases the chances of the assertion\nand allows triggering the assertion with the reproducer using overlayfs,\ninotify and drop_caches.\n\nTriggering this assertion was always possible with other filesystems and\nother reasons of -\u003eencode_fh() failures and more particularly, it was\nalso possible with the exact same reproducer using overlayfs that is\nmounted with options index=on,nfs_export=on also on kernels \u003c v6.6.\nTherefore, I am not listing the aforementioned commit as a Fixes commit.\n\nBackport hint: this patch will have a trivial conflict applying to\nv6.6.y, and other trivial conflicts applying to stable kernels \u003c v6.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57924",
"url": "https://www.suse.com/security/cve/CVE-2024-57924"
},
{
"category": "external",
"summary": "SUSE Bug 1236086 for CVE-2024-57924",
"url": "https://bugzilla.suse.com/1236086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57924"
},
{
"cve": "CVE-2024-57998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nOPP: add index check to assert to avoid buffer overflow in _read_freq()\n\nPass the freq index to the assert function to make sure\nwe do not read a freq out of the opp-\u003erates[] table when called\nfrom the indexed variants:\ndev_pm_opp_find_freq_exact_indexed() or\ndev_pm_opp_find_freq_ceil/floor_indexed().\n\nAdd a secondary parameter to the assert function, unused\nfor assert_single_clk() then add assert_clk_index() which\nwill check for the clock index when called from the _indexed()\nfind functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57998",
"url": "https://www.suse.com/security/cve/CVE-2024-57998"
},
{
"category": "external",
"summary": "SUSE Bug 1238527 for CVE-2024-57998",
"url": "https://bugzilla.suse.com/1238527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57998"
},
{
"cve": "CVE-2024-58001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: handle a symlink read error correctly\n\nPatch series \"Convert ocfs2 to use folios\".\n\nMark did a conversion of ocfs2 to use folios and sent it to me as a\ngiant patch for review ;-)\n\nSo I\u0027ve redone it as individual patches, and credited Mark for the patches\nwhere his code is substantially the same. It\u0027s not a bad way to do it;\nhis patch had some bugs and my patches had some bugs. Hopefully all our\nbugs were different from each other. And hopefully Mark likes all the\nchanges I made to his code!\n\n\nThis patch (of 23):\n\nIf we can\u0027t read the buffer, be sure to unlock the page before returning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58001",
"url": "https://www.suse.com/security/cve/CVE-2024-58001"
},
{
"category": "external",
"summary": "SUSE Bug 1239079 for CVE-2024-58001",
"url": "https://bugzilla.suse.com/1239079"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "low"
}
],
"title": "CVE-2024-58001"
},
{
"cve": "CVE-2024-58018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm: correctly calculate the available space of the GSP cmdq buffer\n\nr535_gsp_cmdq_push() waits for the available page in the GSP cmdq\nbuffer when handling a large RPC request. When it sees at least one\navailable page in the cmdq, it quits the waiting with the amount of\nfree buffer pages in the queue.\n\nUnfortunately, it always takes the [write pointer, buf_size) as\navailable buffer pages before rolling back and wrongly calculates the\nsize of the data should be copied. Thus, it can overwrite the RPC\nrequest that GSP is currently reading, which causes GSP hang due\nto corrupted RPC request:\n\n[ 549.209389] ------------[ cut here ]------------\n[ 549.214010] WARNING: CPU: 8 PID: 6314 at drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c:116 r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.225678] Modules linked in: nvkm(E+) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) mlx5_ib(E) amd64_edac(E) edac_mce_amd(E) kvm_amd(E) ib_uverbs(E) kvm(E) ib_core(E) acpi_ipmi(E) ipmi_si(E) mxm_wmi(E) ipmi_devintf(E) rapl(E) i2c_piix4(E) wmi_bmof(E) joydev(E) ptdma(E) acpi_cpufreq(E) k10temp(E) pcspkr(E) ipmi_msghandler(E) xfs(E) libcrc32c(E) ast(E) i2c_algo_bit(E) crct10dif_pclmul(E) drm_shmem_helper(E) nvme_tcp(E) crc32_pclmul(E) ahci(E) drm_kms_helper(E) libahci(E) nvme_fabrics(E) crc32c_intel(E) nvme(E) cdc_ether(E) mlx5_core(E) nvme_core(E) usbnet(E) drm(E) libata(E) ccp(E) ghash_clmulni_intel(E) mii(E) t10_pi(E) mlxfw(E) sp5100_tco(E) psample(E) pci_hyperv_intf(E) wmi(E) dm_multipath(E) sunrpc(E) dm_mirror(E) dm_region_hash(E) dm_log(E) dm_mod(E) be2iscsi(E) bnx2i(E) cnic(E) uio(E) cxgb4i(E) cxgb4(E) tls(E) libcxgbi(E) libcxgb(E) qla4xxx(E)\n[ 549.225752] iscsi_boot_sysfs(E) iscsi_tcp(E) libiscsi_tcp(E) libiscsi(E) scsi_transport_iscsi(E) fuse(E) [last unloaded: gsp_log(E)]\n[ 549.326293] CPU: 8 PID: 6314 Comm: insmod Tainted: G E 6.9.0-rc6+ #1\n[ 549.334039] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[ 549.341781] RIP: 0010:r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.347343] Code: 08 00 00 89 da c1 e2 0c 48 8d ac 11 00 10 00 00 48 8b 0c 24 48 85 c9 74 1f c1 e0 0c 4c 8d 6d 30 83 e8 30 89 01 e9 68 ff ff ff \u003c0f\u003e 0b 49 c7 c5 92 ff ff ff e9 5a ff ff ff ba ff ff ff ff be c0 0c\n[ 549.366090] RSP: 0018:ffffacbccaaeb7d0 EFLAGS: 00010246\n[ 549.371315] RAX: 0000000000000000 RBX: 0000000000000012 RCX: 0000000000923e28\n[ 549.378451] RDX: 0000000000000000 RSI: 0000000055555554 RDI: ffffacbccaaeb730\n[ 549.385590] RBP: 0000000000000001 R08: ffff8bd14d235f70 R09: ffff8bd14d235f70\n[ 549.392721] R10: 0000000000000002 R11: ffff8bd14d233864 R12: 0000000000000020\n[ 549.399854] R13: ffffacbccaaeb818 R14: 0000000000000020 R15: ffff8bb298c67000\n[ 549.406988] FS: 00007f5179244740(0000) GS:ffff8bd14d200000(0000) knlGS:0000000000000000\n[ 549.415076] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 549.420829] CR2: 00007fa844000010 CR3: 00000001567dc005 CR4: 0000000000770ef0\n[ 549.427963] PKRU: 55555554\n[ 549.430672] Call Trace:\n[ 549.433126] \u003cTASK\u003e\n[ 549.435233] ? __warn+0x7f/0x130\n[ 549.438473] ? r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.443426] ? report_bug+0x18a/0x1a0\n[ 549.447098] ? handle_bug+0x3c/0x70\n[ 549.450589] ? exc_invalid_op+0x14/0x70\n[ 549.454430] ? asm_exc_invalid_op+0x16/0x20\n[ 549.458619] ? r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.463565] r535_gsp_msg_recv+0x46/0x230 [nvkm]\n[ 549.468257] r535_gsp_rpc_push+0x106/0x160 [nvkm]\n[ 549.473033] r535_gsp_rpc_rm_ctrl_push+0x40/0x130 [nvkm]\n[ 549.478422] nvidia_grid_init_vgpu_types+0xbc/0xe0 [nvkm]\n[ 549.483899] nvidia_grid_init+0xb1/0xd0 [nvkm]\n[ 549.488420] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 549.493213] nvkm_device_pci_probe+0x305/0x420 [nvkm]\n[ 549.498338] local_pci_probe+0x46/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58018",
"url": "https://www.suse.com/security/cve/CVE-2024-58018"
},
{
"category": "external",
"summary": "SUSE Bug 1238990 for CVE-2024-58018",
"url": "https://bugzilla.suse.com/1238990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58018"
},
{
"cve": "CVE-2024-58068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nOPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized\n\nIf a driver calls dev_pm_opp_find_bw_ceil/floor() the retrieve bandwidth\nfrom the OPP table but the bandwidth table was not created because the\ninterconnect properties were missing in the OPP consumer node, the\nkernel will crash with:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000004\n...\npc : _read_bw+0x8/0x10\nlr : _opp_table_find_key+0x9c/0x174\n...\nCall trace:\n _read_bw+0x8/0x10 (P)\n _opp_table_find_key+0x9c/0x174 (L)\n _find_key+0x98/0x168\n dev_pm_opp_find_bw_ceil+0x50/0x88\n...\n\nIn order to fix the crash, create an assert function to check\nif the bandwidth table was created before trying to get a\nbandwidth with _read_bw().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58068",
"url": "https://www.suse.com/security/cve/CVE-2024-58068"
},
{
"category": "external",
"summary": "SUSE Bug 1238961 for CVE-2024-58068",
"url": "https://bugzilla.suse.com/1238961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58068"
},
{
"cve": "CVE-2024-58070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT\n\nIn PREEMPT_RT, kmalloc(GFP_ATOMIC) is still not safe in non preemptible\ncontext. bpf_mem_alloc must be used in PREEMPT_RT. This patch is\nto enforce bpf_mem_alloc in the bpf_local_storage when CONFIG_PREEMPT_RT\nis enabled.\n\n[ 35.118559] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 35.118566] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1832, name: test_progs\n[ 35.118569] preempt_count: 1, expected: 0\n[ 35.118571] RCU nest depth: 1, expected: 1\n[ 35.118577] INFO: lockdep is turned off.\n ...\n[ 35.118647] __might_resched+0x433/0x5b0\n[ 35.118677] rt_spin_lock+0xc3/0x290\n[ 35.118700] ___slab_alloc+0x72/0xc40\n[ 35.118723] __kmalloc_noprof+0x13f/0x4e0\n[ 35.118732] bpf_map_kzalloc+0xe5/0x220\n[ 35.118740] bpf_selem_alloc+0x1d2/0x7b0\n[ 35.118755] bpf_local_storage_update+0x2fa/0x8b0\n[ 35.118784] bpf_sk_storage_get_tracing+0x15a/0x1d0\n[ 35.118791] bpf_prog_9a118d86fca78ebb_trace_inet_sock_set_state+0x44/0x66\n[ 35.118795] bpf_trace_run3+0x222/0x400\n[ 35.118820] __bpf_trace_inet_sock_set_state+0x11/0x20\n[ 35.118824] trace_inet_sock_set_state+0x112/0x130\n[ 35.118830] inet_sk_state_store+0x41/0x90\n[ 35.118836] tcp_set_state+0x3b3/0x640\n\nThere is no need to adjust the gfp_flags passing to the\nbpf_mem_cache_alloc_flags() which only honors the GFP_KERNEL.\nThe verifier has ensured GFP_KERNEL is passed only in sleepable context.\n\nIt has been an old issue since the first introduction of the\nbpf_local_storage ~5 years ago, so this patch targets the bpf-next.\n\nbpf_mem_alloc is needed to solve it, so the Fixes tag is set\nto the commit when bpf_mem_alloc was first used in the bpf_local_storage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58070",
"url": "https://www.suse.com/security/cve/CVE-2024-58070"
},
{
"category": "external",
"summary": "SUSE Bug 1238983 for CVE-2024-58070",
"url": "https://bugzilla.suse.com/1238983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58070"
},
{
"cve": "CVE-2024-58071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58071"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: prevent adding a device which is already a team device lower\n\nPrevent adding a device which is already a team device lower,\ne.g. adding veth0 if vlan1 was already added and veth0 is a lower of\nvlan1.\n\nThis is not useful in practice and can lead to recursive locking:\n\n$ ip link add veth0 type veth peer name veth1\n$ ip link set veth0 up\n$ ip link set veth1 up\n$ ip link add link veth0 name veth0.1 type vlan protocol 802.1Q id 1\n$ ip link add team0 type team\n$ ip link set veth0.1 down\n$ ip link set veth0.1 master team0\nteam0: Port device veth0.1 added\n$ ip link set veth0 down\n$ ip link set veth0 master team0\n\n============================================\nWARNING: possible recursive locking detected\n6.13.0-rc2-virtme-00441-ga14a429069bb #46 Not tainted\n--------------------------------------------\nip/7684 is trying to acquire lock:\nffff888016848e00 (team-\u003eteam_lock_key){+.+.}-{4:4}, at: team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n\nbut task is already holding lock:\nffff888016848e00 (team-\u003eteam_lock_key){+.+.}-{4:4}, at: team_add_slave (drivers/net/team/team_core.c:1147 drivers/net/team/team_core.c:1977)\n\nother info that might help us debug this:\nPossible unsafe locking scenario:\n\nCPU0\n----\nlock(team-\u003eteam_lock_key);\nlock(team-\u003eteam_lock_key);\n\n*** DEADLOCK ***\n\nMay be due to missing lock nesting notation\n\n2 locks held by ip/7684:\n\nstack backtrace:\nCPU: 3 UID: 0 PID: 7684 Comm: ip Not tainted 6.13.0-rc2-virtme-00441-ga14a429069bb #46\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:122)\nprint_deadlock_bug.cold (kernel/locking/lockdep.c:3040)\n__lock_acquire (kernel/locking/lockdep.c:3893 kernel/locking/lockdep.c:5226)\n? netlink_broadcast_filtered (net/netlink/af_netlink.c:1548)\nlock_acquire.part.0 (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? trace_lock_acquire (./include/trace/events/lock.h:24 (discriminator 2))\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? lock_acquire (kernel/locking/lockdep.c:5822)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n__mutex_lock (kernel/locking/mutex.c:587 kernel/locking/mutex.c:735)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? fib_sync_up (net/ipv4/fib_semantics.c:2167)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\nteam_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\nnotifier_call_chain (kernel/notifier.c:85)\ncall_netdevice_notifiers_info (net/core/dev.c:1996)\n__dev_notify_flags (net/core/dev.c:8993)\n? __dev_change_flags (net/core/dev.c:8975)\ndev_change_flags (net/core/dev.c:9027)\nvlan_device_event (net/8021q/vlan.c:85 net/8021q/vlan.c:470)\n? br_device_event (net/bridge/br.c:143)\nnotifier_call_chain (kernel/notifier.c:85)\ncall_netdevice_notifiers_info (net/core/dev.c:1996)\ndev_open (net/core/dev.c:1519 net/core/dev.c:1505)\nteam_add_slave (drivers/net/team/team_core.c:1219 drivers/net/team/team_core.c:1977)\n? __pfx_team_add_slave (drivers/net/team/team_core.c:1972)\ndo_set_master (net/core/rtnetlink.c:2917)\ndo_setlink.isra.0 (net/core/rtnetlink.c:3117)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58071",
"url": "https://www.suse.com/security/cve/CVE-2024-58071"
},
{
"category": "external",
"summary": "SUSE Bug 1238970 for CVE-2024-58071",
"url": "https://bugzilla.suse.com/1238970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58071"
},
{
"cve": "CVE-2024-58088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix deadlock when freeing cgroup storage\n\nThe following commit\nbc235cdb423a (\"bpf: Prevent deadlock from recursive bpf_task_storage_[get|delete]\")\nfirst introduced deadlock prevention for fentry/fexit programs attaching\non bpf_task_storage helpers. That commit also employed the logic in map\nfree path in its v6 version.\n\nLater bpf_cgrp_storage was first introduced in\nc4bcfb38a95e (\"bpf: Implement cgroup storage available to non-cgroup-attached bpf progs\")\nwhich faces the same issue as bpf_task_storage, instead of its busy\ncounter, NULL was passed to bpf_local_storage_map_free() which opened\na window to cause deadlock:\n\n\t\u003cTASK\u003e\n\t\t(acquiring local_storage-\u003elock)\n\t_raw_spin_lock_irqsave+0x3d/0x50\n\tbpf_local_storage_update+0xd1/0x460\n\tbpf_cgrp_storage_get+0x109/0x130\n\tbpf_prog_a4d4a370ba857314_cgrp_ptr+0x139/0x170\n\t? __bpf_prog_enter_recur+0x16/0x80\n\tbpf_trampoline_6442485186+0x43/0xa4\n\tcgroup_storage_ptr+0x9/0x20\n\t\t(holding local_storage-\u003elock)\n\tbpf_selem_unlink_storage_nolock.constprop.0+0x135/0x160\n\tbpf_selem_unlink_storage+0x6f/0x110\n\tbpf_local_storage_map_free+0xa2/0x110\n\tbpf_map_free_deferred+0x5b/0x90\n\tprocess_one_work+0x17c/0x390\n\tworker_thread+0x251/0x360\n\tkthread+0xd2/0x100\n\tret_from_fork+0x34/0x50\n\tret_from_fork_asm+0x1a/0x30\n\t\u003c/TASK\u003e\n\nProgs:\n - A: SEC(\"fentry/cgroup_storage_ptr\")\n - cgid (BPF_MAP_TYPE_HASH)\n\tRecord the id of the cgroup the current task belonging\n\tto in this hash map, using the address of the cgroup\n\tas the map key.\n - cgrpa (BPF_MAP_TYPE_CGRP_STORAGE)\n\tIf current task is a kworker, lookup the above hash\n\tmap using function parameter @owner as the key to get\n\tits corresponding cgroup id which is then used to get\n\ta trusted pointer to the cgroup through\n\tbpf_cgroup_from_id(). This trusted pointer can then\n\tbe passed to bpf_cgrp_storage_get() to finally trigger\n\tthe deadlock issue.\n - B: SEC(\"tp_btf/sys_enter\")\n - cgrpb (BPF_MAP_TYPE_CGRP_STORAGE)\n\tThe only purpose of this prog is to fill Prog A\u0027s\n\thash map by calling bpf_cgrp_storage_get() for as\n\tmany userspace tasks as possible.\n\nSteps to reproduce:\n - Run A;\n - while (true) { Run B; Destroy B; }\n\nFix this issue by passing its busy counter to the free procedure so\nit can be properly incremented before storage/smap locking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58088",
"url": "https://www.suse.com/security/cve/CVE-2024-58088"
},
{
"category": "external",
"summary": "SUSE Bug 1239510 for CVE-2024-58088",
"url": "https://bugzilla.suse.com/1239510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58088"
},
{
"cve": "CVE-2024-58093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/ASPM: Fix link state exit during switch upstream function removal\n\nBefore 456d8aa37d0f (\"PCI/ASPM: Disable ASPM on MFD function removal to\navoid use-after-free\"), we would free the ASPM link only after the last\nfunction on the bus pertaining to the given link was removed.\n\nThat was too late. If function 0 is removed before sibling function,\nlink-\u003edownstream would point to free\u0027d memory after.\n\nAfter above change, we freed the ASPM parent link state upon any function\nremoval on the bus pertaining to a given link.\n\nThat is too early. If the link is to a PCIe switch with MFD on the upstream\nport, then removing functions other than 0 first would free a link which\nstill remains parent_link to the remaining downstream ports.\n\nThe resulting GPFs are especially frequent during hot-unplug, because\npciehp removes devices on the link bus in reverse order.\n\nOn that switch, function 0 is the virtual P2P bridge to the internal bus.\nFree exactly when function 0 is removed -- before the parent link is\nobsolete, but after all subordinate links are gone.\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58093",
"url": "https://www.suse.com/security/cve/CVE-2024-58093"
},
{
"category": "external",
"summary": "SUSE Bug 1241347 for CVE-2024-58093",
"url": "https://bugzilla.suse.com/1241347"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58093"
},
{
"cve": "CVE-2024-58094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add check read-only before truncation in jfs_truncate_nolock()\n\nAdded a check for \"read-only\" mode in the `jfs_truncate_nolock`\nfunction to avoid errors related to writing to a read-only\nfilesystem.\n\nCall stack:\n\nblock_write_begin() {\n jfs_write_failed() {\n jfs_truncate() {\n jfs_truncate_nolock() {\n txEnd() {\n ...\n log = JFS_SBI(tblk-\u003esb)-\u003elog;\n // (log == NULL)\n\nIf the `isReadOnly(ip)` condition is triggered in\n`jfs_truncate_nolock`, the function execution will stop, and no\nfurther data modification will occur. Instead, the `xtTruncate`\nfunction will be called with the \"COMMIT_WMAP\" flag, preventing\nmodifications in \"read-only\" mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58094",
"url": "https://www.suse.com/security/cve/CVE-2024-58094"
},
{
"category": "external",
"summary": "SUSE Bug 1241443 for CVE-2024-58094",
"url": "https://bugzilla.suse.com/1241443"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58094"
},
{
"cve": "CVE-2024-58095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add check read-only before txBeginAnon() call\n\nAdded a read-only check before calling `txBeginAnon` in `extAlloc`\nand `extRecord`. This prevents modification attempts on a read-only\nmounted filesystem, avoiding potential errors or crashes.\n\nCall trace:\n txBeginAnon+0xac/0x154\n extAlloc+0xe8/0xdec fs/jfs/jfs_extent.c:78\n jfs_get_block+0x340/0xb98 fs/jfs/inode.c:248\n __block_write_begin_int+0x580/0x166c fs/buffer.c:2128\n __block_write_begin fs/buffer.c:2177 [inline]\n block_write_begin+0x98/0x11c fs/buffer.c:2236\n jfs_write_begin+0x44/0x88 fs/jfs/inode.c:299",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58095",
"url": "https://www.suse.com/security/cve/CVE-2024-58095"
},
{
"category": "external",
"summary": "SUSE Bug 1241442 for CVE-2024-58095",
"url": "https://bugzilla.suse.com/1241442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58095"
},
{
"cve": "CVE-2024-58096",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58096"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: add srng-\u003elock for ath11k_hal_srng_* in monitor mode\n\nath11k_hal_srng_* should be used with srng-\u003elock to protect srng data.\n\nFor ath11k_dp_rx_mon_dest_process() and ath11k_dp_full_mon_process_rx(),\nthey use ath11k_hal_srng_* for many times but never call srng-\u003elock.\n\nSo when running (full) monitor mode, warning will occur:\nRIP: 0010:ath11k_hal_srng_dst_peek+0x18/0x30 [ath11k]\nCall Trace:\n ? ath11k_hal_srng_dst_peek+0x18/0x30 [ath11k]\n ath11k_dp_rx_process_mon_status+0xc45/0x1190 [ath11k]\n ? idr_alloc_u32+0x97/0xd0\n ath11k_dp_rx_process_mon_rings+0x32a/0x550 [ath11k]\n ath11k_dp_service_srng+0x289/0x5a0 [ath11k]\n ath11k_pcic_ext_grp_napi_poll+0x30/0xd0 [ath11k]\n __napi_poll+0x30/0x1f0\n net_rx_action+0x198/0x320\n __do_softirq+0xdd/0x319\n\nSo add srng-\u003elock for them to avoid such warnings.\n\nInorder to fetch the srng-\u003elock, should change srng\u0027s definition from\n\u0027void\u0027 to \u0027struct hal_srng\u0027. And initialize them elsewhere to prevent\none line of code from being too long. This is consistent with other ring\nprocess functions, such as ath11k_dp_process_rx().\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30\nTested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58096",
"url": "https://www.suse.com/security/cve/CVE-2024-58096"
},
{
"category": "external",
"summary": "SUSE Bug 1241344 for CVE-2024-58096",
"url": "https://bugzilla.suse.com/1241344"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58096"
},
{
"cve": "CVE-2024-58097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix RCU stall while reaping monitor destination ring\n\nWhile processing the monitor destination ring, MSDUs are reaped from the\nlink descriptor based on the corresponding buf_id.\n\nHowever, sometimes the driver cannot obtain a valid buffer corresponding\nto the buf_id received from the hardware. This causes an infinite loop\nin the destination processing, resulting in a kernel crash.\n\nkernel log:\nath11k_pci 0000:58:00.0: data msdu_pop: invalid buf_id 309\nath11k_pci 0000:58:00.0: data dp_rx_monitor_link_desc_return failed\nath11k_pci 0000:58:00.0: data msdu_pop: invalid buf_id 309\nath11k_pci 0000:58:00.0: data dp_rx_monitor_link_desc_return failed\n\nFix this by skipping the problematic buf_id and reaping the next entry,\nreplacing the break with the next MSDU processing.\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30\nTested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58097",
"url": "https://www.suse.com/security/cve/CVE-2024-58097"
},
{
"category": "external",
"summary": "SUSE Bug 1241343 for CVE-2024-58097",
"url": "https://bugzilla.suse.com/1241343"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58097"
},
{
"cve": "CVE-2024-58098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: track changes_pkt_data property for global functions\n\nWhen processing calls to certain helpers, verifier invalidates all\npacket pointers in a current state. For example, consider the\nfollowing program:\n\n __attribute__((__noinline__))\n long skb_pull_data(struct __sk_buff *sk, __u32 len)\n {\n return bpf_skb_pull_data(sk, len);\n }\n\n SEC(\"tc\")\n int test_invalidate_checks(struct __sk_buff *sk)\n {\n int *p = (void *)(long)sk-\u003edata;\n if ((void *)(p + 1) \u003e (void *)(long)sk-\u003edata_end) return TCX_DROP;\n skb_pull_data(sk, 0);\n *p = 42;\n return TCX_PASS;\n }\n\nAfter a call to bpf_skb_pull_data() the pointer \u0027p\u0027 can\u0027t be used\nsafely. See function filter.c:bpf_helper_changes_pkt_data() for a list\nof such helpers.\n\nAt the moment verifier invalidates packet pointers when processing\nhelper function calls, and does not traverse global sub-programs when\nprocessing calls to global sub-programs. This means that calls to\nhelpers done from global sub-programs do not invalidate pointers in\nthe caller state. E.g. the program above is unsafe, but is not\nrejected by verifier.\n\nThis commit fixes the omission by computing field\nbpf_subprog_info-\u003echanges_pkt_data for each sub-program before main\nverification pass.\nchanges_pkt_data should be set if:\n- subprogram calls helper for which bpf_helper_changes_pkt_data\n returns true;\n- subprogram calls a global function,\n for which bpf_subprog_info-\u003echanges_pkt_data should be set.\n\nThe verifier.c:check_cfg() pass is modified to compute this\ninformation. The commit relies on depth first instruction traversal\ndone by check_cfg() and absence of recursive function calls:\n- check_cfg() would eventually visit every call to subprogram S in a\n state when S is fully explored;\n- when S is fully explored:\n - every direct helper call within S is explored\n (and thus changes_pkt_data is set if needed);\n - every call to subprogram S1 called by S was visited with S1 fully\n explored (and thus S inherits changes_pkt_data from S1).\n\nThe downside of such approach is that dead code elimination is not\ntaken into account: if a helper call inside global function is dead\nbecause of current configuration, verifier would conservatively assume\nthat the call occurs for the purpose of the changes_pkt_data\ncomputation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58098",
"url": "https://www.suse.com/security/cve/CVE-2024-58098"
},
{
"category": "external",
"summary": "SUSE Bug 1242565 for CVE-2024-58098",
"url": "https://bugzilla.suse.com/1242565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58098"
},
{
"cve": "CVE-2024-58099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame\n\nAndrew and Nikolay reported connectivity issues with Cilium\u0027s service\nload-balancing in case of vmxnet3.\n\nIf a BPF program for native XDP adds an encapsulation header such as\nIPIP and transmits the packet out the same interface, then in case\nof vmxnet3 a corrupted packet is being sent and subsequently dropped\non the path.\n\nvmxnet3_xdp_xmit_frame() which is called e.g. via vmxnet3_run_xdp()\nthrough vmxnet3_xdp_xmit_back() calculates an incorrect DMA address:\n\n page = virt_to_page(xdpf-\u003edata);\n tbi-\u003edma_addr = page_pool_get_dma_addr(page) +\n VMXNET3_XDP_HEADROOM;\n dma_sync_single_for_device(\u0026adapter-\u003epdev-\u003edev,\n tbi-\u003edma_addr, buf_size,\n DMA_TO_DEVICE);\n\nThe above assumes a fixed offset (VMXNET3_XDP_HEADROOM), but the XDP\nBPF program could have moved xdp-\u003edata. While the passed buf_size is\ncorrect (xdpf-\u003elen), the dma_addr needs to have a dynamic offset which\ncan be calculated as xdpf-\u003edata - (void *)xdpf, that is, xdp-\u003edata -\nxdp-\u003edata_hard_start.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58099",
"url": "https://www.suse.com/security/cve/CVE-2024-58099"
},
{
"category": "external",
"summary": "SUSE Bug 1242035 for CVE-2024-58099",
"url": "https://bugzilla.suse.com/1242035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58099"
},
{
"cve": "CVE-2024-58100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: check changes_pkt_data property for extension programs\n\nWhen processing calls to global sub-programs, verifier decides whether\nto invalidate all packet pointers in current state depending on the\nchanges_pkt_data property of the global sub-program.\n\nBecause of this, an extension program replacing a global sub-program\nmust be compatible with changes_pkt_data property of the sub-program\nbeing replaced.\n\nThis commit:\n- adds changes_pkt_data flag to struct bpf_prog_aux:\n - this flag is set in check_cfg() for main sub-program;\n - in jit_subprogs() for other sub-programs;\n- modifies bpf_check_attach_btf_id() to check changes_pkt_data flag;\n- moves call to check_attach_btf_id() after the call to check_cfg(),\n because it needs changes_pkt_data flag to be set:\n\n bpf_check:\n ... ...\n - check_attach_btf_id resolve_pseudo_ldimm64\n resolve_pseudo_ldimm64 --\u003e bpf_prog_is_offloaded\n bpf_prog_is_offloaded check_cfg\n check_cfg + check_attach_btf_id\n ... ...\n\nThe following fields are set by check_attach_btf_id():\n- env-\u003eops\n- prog-\u003eaux-\u003eattach_btf_trace\n- prog-\u003eaux-\u003eattach_func_name\n- prog-\u003eaux-\u003eattach_func_proto\n- prog-\u003eaux-\u003edst_trampoline\n- prog-\u003eaux-\u003emod\n- prog-\u003eaux-\u003esaved_dst_attach_type\n- prog-\u003eaux-\u003esaved_dst_prog_type\n- prog-\u003eexpected_attach_type\n\nNeither of these fields are used by resolve_pseudo_ldimm64() or\nbpf_prog_offload_verifier_prep() (for netronome and netdevsim\ndrivers), so the reordering is safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58100",
"url": "https://www.suse.com/security/cve/CVE-2024-58100"
},
{
"category": "external",
"summary": "SUSE Bug 1242564 for CVE-2024-58100",
"url": "https://bugzilla.suse.com/1242564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58100"
},
{
"cve": "CVE-2024-58237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: consider that tail calls invalidate packet pointers\n\nTail-called programs could execute any of the helpers that invalidate\npacket pointers. Hence, conservatively assume that each tail call\ninvalidates packet pointers.\n\nMaking the change in bpf_helper_changes_pkt_data() automatically makes\nuse of check_cfg() logic that computes \u0027changes_pkt_data\u0027 effect for\nglobal sub-programs, such that the following program could be\nrejected:\n\n int tail_call(struct __sk_buff *sk)\n {\n \tbpf_tail_call_static(sk, \u0026jmp_table, 0);\n \treturn 0;\n }\n\n SEC(\"tc\")\n int not_safe(struct __sk_buff *sk)\n {\n \tint *p = (void *)(long)sk-\u003edata;\n \t... make p valid ...\n \ttail_call(sk);\n \t*p = 42; /* this is unsafe */\n \t...\n }\n\nThe tc_bpf2bpf.c:subprog_tc() needs change: mark it as a function that\ncan invalidate packet pointers. Otherwise, it can\u0027t be freplaced with\ntailcall_freplace.c:entry_freplace() that does a tail call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58237",
"url": "https://www.suse.com/security/cve/CVE-2024-58237"
},
{
"category": "external",
"summary": "SUSE Bug 1242574 for CVE-2024-58237",
"url": "https://bugzilla.suse.com/1242574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58237"
},
{
"cve": "CVE-2025-21629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\n\nThe blamed commit disabled hardware offoad of IPv6 packets with\nextension headers on devices that advertise NETIF_F_IPV6_CSUM,\nbased on the definition of that feature in skbuff.h:\n\n * * - %NETIF_F_IPV6_CSUM\n * - Driver (device) is only able to checksum plain\n * TCP or UDP packets over IPv6. These are specifically\n * unencapsulated packets of the form IPv6|TCP or\n * IPv6|UDP where the Next Header field in the IPv6\n * header is either TCP or UDP. IPv6 extension headers\n * are not supported with this feature. This feature\n * cannot be set in features for a device with\n * NETIF_F_HW_CSUM also set. This feature is being\n * DEPRECATED (see below).\n\nThe change causes skb_warn_bad_offload to fire for BIG TCP\npackets.\n\n[ 496.310233] WARNING: CPU: 13 PID: 23472 at net/core/dev.c:3129 skb_warn_bad_offload+0xc4/0xe0\n\n[ 496.310297] ? skb_warn_bad_offload+0xc4/0xe0\n[ 496.310300] skb_checksum_help+0x129/0x1f0\n[ 496.310303] skb_csum_hwoffload_help+0x150/0x1b0\n[ 496.310306] validate_xmit_skb+0x159/0x270\n[ 496.310309] validate_xmit_skb_list+0x41/0x70\n[ 496.310312] sch_direct_xmit+0x5c/0x250\n[ 496.310317] __qdisc_run+0x388/0x620\n\nBIG TCP introduced an IPV6_TLV_JUMBO IPv6 extension header to\ncommunicate packet length, as this is an IPv6 jumbogram. But, the\nfeature is only enabled on devices that support BIG TCP TSO. The\nheader is only present for PF_PACKET taps like tcpdump, and not\ntransmitted by physical devices.\n\nFor this specific case of extension headers that are not\ntransmitted, return to the situation before the blamed commit\nand support hardware offload.\n\nipv6_has_hopopt_jumbo() tests not only whether this header is present,\nbut also that it is the only extension header before a terminal (L4)\nheader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21629",
"url": "https://www.suse.com/security/cve/CVE-2025-21629"
},
{
"category": "external",
"summary": "SUSE Bug 1235968 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "external",
"summary": "SUSE Bug 1244722 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1244722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-21629"
},
{
"cve": "CVE-2025-21648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\n\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\nresizing hashtable because __GFP_NOWARN is unset. See:\n\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\n\nNote: hashtable resize is only possible from init_netns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21648",
"url": "https://www.suse.com/security/cve/CVE-2025-21648"
},
{
"category": "external",
"summary": "SUSE Bug 1236142 for CVE-2025-21648",
"url": "https://bugzilla.suse.com/1236142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21648"
},
{
"cve": "CVE-2025-21683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix bpf_sk_select_reuseport() memory leak\n\nAs pointed out in the original comment, lookup in sockmap can return a TCP\nESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUSEPORT_EBPF\nset before it was ESTABLISHED. In other words, a non-NULL sk_reuseport_cb\ndoes not imply a non-refcounted socket.\n\nDrop sk\u0027s reference in both error paths.\n\nunreferenced object 0xffff888101911800 (size 2048):\n comm \"test_progs\", pid 44109, jiffies 4297131437\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 80 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 9336483b):\n __kmalloc_noprof+0x3bf/0x560\n __reuseport_alloc+0x1d/0x40\n reuseport_alloc+0xca/0x150\n reuseport_attach_prog+0x87/0x140\n sk_reuseport_attach_bpf+0xc8/0x100\n sk_setsockopt+0x1181/0x1990\n do_sock_setsockopt+0x12b/0x160\n __sys_setsockopt+0x7b/0xc0\n __x64_sys_setsockopt+0x1b/0x30\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21683",
"url": "https://www.suse.com/security/cve/CVE-2025-21683"
},
{
"category": "external",
"summary": "SUSE Bug 1236704 for CVE-2025-21683",
"url": "https://bugzilla.suse.com/1236704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "low"
}
],
"title": "CVE-2025-21683"
},
{
"cve": "CVE-2025-21696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21696"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: clear uffd-wp PTE/PMD state on mremap()\n\nWhen mremap()ing a memory region previously registered with userfaultfd as\nwrite-protected but without UFFD_FEATURE_EVENT_REMAP, an inconsistency in\nflag clearing leads to a mismatch between the vma flags (which have\nuffd-wp cleared) and the pte/pmd flags (which do not have uffd-wp\ncleared). This mismatch causes a subsequent mprotect(PROT_WRITE) to\ntrigger a warning in page_table_check_pte_flags() due to setting the pte\nto writable while uffd-wp is still set.\n\nFix this by always explicitly clearing the uffd-wp pte/pmd flags on any\nsuch mremap() so that the values are consistent with the existing clearing\nof VM_UFFD_WP. Be careful to clear the logical flag regardless of its\nphysical form; a PTE bit, a swap PTE bit, or a PTE marker. Cover PTE,\nhuge PMD and hugetlb paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21696",
"url": "https://www.suse.com/security/cve/CVE-2025-21696"
},
{
"category": "external",
"summary": "SUSE Bug 1237111 for CVE-2025-21696",
"url": "https://bugzilla.suse.com/1237111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21696"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21707"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: consolidate suboption status\n\nMPTCP maintains the received sub-options status is the bitmask carrying\nthe received suboptions and in several bitfields carrying per suboption\nadditional info.\n\nZeroing the bitmask before parsing is not enough to ensure a consistent\nstatus, and the MPTCP code has to additionally clear some bitfiled\ndepending on the actually parsed suboption.\n\nThe above schema is fragile, and syzbot managed to trigger a path where\na relevant bitfield is not cleared/initialized:\n\n BUG: KMSAN: uninit-value in __mptcp_expand_seq net/mptcp/options.c:1030 [inline]\n BUG: KMSAN: uninit-value in mptcp_expand_seq net/mptcp/protocol.h:864 [inline]\n BUG: KMSAN: uninit-value in ack_update_msk net/mptcp/options.c:1060 [inline]\n BUG: KMSAN: uninit-value in mptcp_incoming_options+0x2036/0x3d30 net/mptcp/options.c:1209\n __mptcp_expand_seq net/mptcp/options.c:1030 [inline]\n mptcp_expand_seq net/mptcp/protocol.h:864 [inline]\n ack_update_msk net/mptcp/options.c:1060 [inline]\n mptcp_incoming_options+0x2036/0x3d30 net/mptcp/options.c:1209\n tcp_data_queue+0xb4/0x7be0 net/ipv4/tcp_input.c:5233\n tcp_rcv_established+0x1061/0x2510 net/ipv4/tcp_input.c:6264\n tcp_v4_do_rcv+0x7f3/0x11a0 net/ipv4/tcp_ipv4.c:1916\n tcp_v4_rcv+0x51df/0x5750 net/ipv4/tcp_ipv4.c:2351\n ip_protocol_deliver_rcu+0x2a3/0x13d0 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:460 [inline]\n ip_rcv_finish+0x4a2/0x520 net/ipv4/ip_input.c:447\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_rcv+0xcd/0x380 net/ipv4/ip_input.c:567\n __netif_receive_skb_one_core net/core/dev.c:5704 [inline]\n __netif_receive_skb+0x319/0xa00 net/core/dev.c:5817\n process_backlog+0x4ad/0xa50 net/core/dev.c:6149\n __napi_poll+0xe7/0x980 net/core/dev.c:6902\n napi_poll net/core/dev.c:6971 [inline]\n net_rx_action+0xa5a/0x19b0 net/core/dev.c:7093\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4493\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_hh_output include/net/neighbour.h:523 [inline]\n neigh_output include/net/neighbour.h:537 [inline]\n ip_finish_output2+0x187c/0x1b70 net/ipv4/ip_output.c:236\n __ip_finish_output+0x287/0x810\n ip_finish_output+0x4b/0x600 net/ipv4/ip_output.c:324\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip_output+0x15f/0x3f0 net/ipv4/ip_output.c:434\n dst_output include/net/dst.h:450 [inline]\n ip_local_out net/ipv4/ip_output.c:130 [inline]\n __ip_queue_xmit+0x1f2a/0x20d0 net/ipv4/ip_output.c:536\n ip_queue_xmit+0x60/0x80 net/ipv4/ip_output.c:550\n __tcp_transmit_skb+0x3cea/0x4900 net/ipv4/tcp_output.c:1468\n tcp_transmit_skb net/ipv4/tcp_output.c:1486 [inline]\n tcp_write_xmit+0x3b90/0x9070 net/ipv4/tcp_output.c:2829\n __tcp_push_pending_frames+0xc4/0x380 net/ipv4/tcp_output.c:3012\n tcp_send_fin+0x9f6/0xf50 net/ipv4/tcp_output.c:3618\n __tcp_close+0x140c/0x1550 net/ipv4/tcp.c:3130\n __mptcp_close_ssk+0x74e/0x16f0 net/mptcp/protocol.c:2496\n mptcp_close_ssk+0x26b/0x2c0 net/mptcp/protocol.c:2550\n mptcp_pm_nl_rm_addr_or_subflow+0x635/0xd10 net/mptcp/pm_netlink.c:889\n mptcp_pm_nl_rm_subflow_received net/mptcp/pm_netlink.c:924 [inline]\n mptcp_pm_flush_addrs_and_subflows net/mptcp/pm_netlink.c:1688 [inline]\n mptcp_nl_flush_addrs_list net/mptcp/pm_netlink.c:1709 [inline]\n mptcp_pm_nl_flush_addrs_doit+0xe10/0x1630 net/mptcp/pm_netlink.c:1750\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21707",
"url": "https://www.suse.com/security/cve/CVE-2025-21707"
},
{
"category": "external",
"summary": "SUSE Bug 1238862 for CVE-2025-21707",
"url": "https://bugzilla.suse.com/1238862"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21707"
},
{
"cve": "CVE-2025-21729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21729"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: fix race between cancel_hw_scan and hw_scan completion\n\nThe rtwdev-\u003escanning flag isn\u0027t protected by mutex originally, so\ncancel_hw_scan can pass the condition, but suddenly hw_scan completion\nunset the flag and calls ieee80211_scan_completed() that will free\nlocal-\u003ehw_scan_req. Then, cancel_hw_scan raises null-ptr-deref and\nuse-after-free. Fix it by moving the check condition to where\nprotected by mutex.\n\n KASAN: null-ptr-deref in range [0x0000000000000088-0x000000000000008f]\n CPU: 2 PID: 6922 Comm: kworker/2:2 Tainted: G OE\n Hardware name: LENOVO 2356AD1/2356AD1, BIOS G7ETB6WW (2.76 ) 09/10/2019\n Workqueue: events cfg80211_conn_work [cfg80211]\n RIP: 0010:rtw89_fw_h2c_scan_offload_be+0xc33/0x13c3 [rtw89_core]\n Code: 00 45 89 6c 24 1c 0f 85 23 01 00 00 48 8b 85 20 ff ff ff 48 8d\n RSP: 0018:ffff88811fd9f068 EFLAGS: 00010206\n RAX: dffffc0000000000 RBX: ffff88811fd9f258 RCX: 0000000000000001\n RDX: 0000000000000011 RSI: 0000000000000001 RDI: 0000000000000089\n RBP: ffff88811fd9f170 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff88811fd9f108 R11: 0000000000000000 R12: ffff88810e47f960\n R13: 0000000000000000 R14: 000000000000ffff R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8881d6f00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007531dfca55b0 CR3: 00000001be296004 CR4: 00000000001706e0\n Call Trace:\n \u003cTASK\u003e\n ? show_regs+0x61/0x73\n ? __die_body+0x20/0x73\n ? die_addr+0x4f/0x7b\n ? exc_general_protection+0x191/0x1db\n ? asm_exc_general_protection+0x27/0x30\n ? rtw89_fw_h2c_scan_offload_be+0xc33/0x13c3 [rtw89_core]\n ? rtw89_fw_h2c_scan_offload_be+0x458/0x13c3 [rtw89_core]\n ? __pfx_rtw89_fw_h2c_scan_offload_be+0x10/0x10 [rtw89_core]\n ? do_raw_spin_lock+0x75/0xdb\n ? __pfx_do_raw_spin_lock+0x10/0x10\n rtw89_hw_scan_offload+0xb5e/0xbf7 [rtw89_core]\n ? _raw_spin_unlock+0xe/0x24\n ? __mutex_lock.constprop.0+0x40c/0x471\n ? __pfx_rtw89_hw_scan_offload+0x10/0x10 [rtw89_core]\n ? __mutex_lock_slowpath+0x13/0x1f\n ? mutex_lock+0xa2/0xdc\n ? __pfx_mutex_lock+0x10/0x10\n rtw89_hw_scan_abort+0x58/0xb7 [rtw89_core]\n rtw89_ops_cancel_hw_scan+0x120/0x13b [rtw89_core]\n ieee80211_scan_cancel+0x468/0x4d0 [mac80211]\n ieee80211_prep_connection+0x858/0x899 [mac80211]\n ieee80211_mgd_auth+0xbea/0xdde [mac80211]\n ? __pfx_ieee80211_mgd_auth+0x10/0x10 [mac80211]\n ? cfg80211_find_elem+0x15/0x29 [cfg80211]\n ? is_bss+0x1b7/0x1d7 [cfg80211]\n ieee80211_auth+0x18/0x27 [mac80211]\n cfg80211_mlme_auth+0x3bb/0x3e7 [cfg80211]\n cfg80211_conn_do_work+0x410/0xb81 [cfg80211]\n ? __pfx_cfg80211_conn_do_work+0x10/0x10 [cfg80211]\n ? __kasan_check_read+0x11/0x1f\n ? psi_group_change+0x8bc/0x944\n ? __kasan_check_write+0x14/0x22\n ? mutex_lock+0x8e/0xdc\n ? __pfx_mutex_lock+0x10/0x10\n ? __pfx___radix_tree_lookup+0x10/0x10\n cfg80211_conn_work+0x245/0x34d [cfg80211]\n ? __pfx_cfg80211_conn_work+0x10/0x10 [cfg80211]\n ? update_cfs_rq_load_avg+0x3bc/0x3d7\n ? sched_clock_noinstr+0x9/0x1a\n ? sched_clock+0x10/0x24\n ? sched_clock_cpu+0x7e/0x42e\n ? newidle_balance+0x796/0x937\n ? __pfx_sched_clock_cpu+0x10/0x10\n ? __pfx_newidle_balance+0x10/0x10\n ? __kasan_check_read+0x11/0x1f\n ? psi_group_change+0x8bc/0x944\n ? _raw_spin_unlock+0xe/0x24\n ? raw_spin_rq_unlock+0x47/0x54\n ? raw_spin_rq_unlock_irq+0x9/0x1f\n ? finish_task_switch.isra.0+0x347/0x586\n ? __schedule+0x27bf/0x2892\n ? mutex_unlock+0x80/0xd0\n ? do_raw_spin_lock+0x75/0xdb\n ? __pfx___schedule+0x10/0x10\n process_scheduled_works+0x58c/0x821\n worker_thread+0x4c7/0x586\n ? __kasan_check_read+0x11/0x1f\n kthread+0x285/0x294\n ? __pfx_worker_thread+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x6f\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21729",
"url": "https://www.suse.com/security/cve/CVE-2025-21729"
},
{
"category": "external",
"summary": "SUSE Bug 1237874 for CVE-2025-21729",
"url": "https://bugzilla.suse.com/1237874"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21729"
},
{
"cve": "CVE-2025-21755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21755"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21755",
"url": "https://www.suse.com/security/cve/CVE-2025-21755"
},
{
"category": "external",
"summary": "SUSE Bug 1237882 for CVE-2025-21755",
"url": "https://bugzilla.suse.com/1237882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21755"
},
{
"cve": "CVE-2025-21758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: add RCU protection to mld_newpack()\n\nmld_newpack() can be called without RTNL or RCU being held.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21758",
"url": "https://www.suse.com/security/cve/CVE-2025-21758"
},
{
"category": "external",
"summary": "SUSE Bug 1238737 for CVE-2025-21758",
"url": "https://bugzilla.suse.com/1238737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21758"
},
{
"cve": "CVE-2025-21768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels\n\nSome lwtunnels have a dst cache for post-transformation dst.\nIf the packet destination did not change we may end up recording\na reference to the lwtunnel in its own cache, and the lwtunnel\nstate will never be freed.\n\nDiscovered by the ioam6.sh test, kmemleak was recently fixed\nto catch per-cpu memory leaks. I\u0027m not sure if rpl and seg6\ncan actually hit this, but in principle I don\u0027t see why not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21768",
"url": "https://www.suse.com/security/cve/CVE-2025-21768"
},
{
"category": "external",
"summary": "SUSE Bug 1238714 for CVE-2025-21768",
"url": "https://bugzilla.suse.com/1238714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21768"
},
{
"cve": "CVE-2025-21787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: better TEAM_OPTION_TYPE_STRING validation\n\nsyzbot reported following splat [1]\n\nMake sure user-provided data contains one nul byte.\n\n[1]\n BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inline]\n BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714\n string_nocheck lib/vsprintf.c:633 [inline]\n string+0x3ec/0x5f0 lib/vsprintf.c:714\n vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843\n __request_module+0x252/0x9f0 kernel/module/kmod.c:149\n team_mode_get drivers/net/team/team_core.c:480 [inline]\n team_change_mode drivers/net/team/team_core.c:607 [inline]\n team_mode_option_set+0x437/0x970 drivers/net/team/team_core.c:1401\n team_option_set drivers/net/team/team_core.c:375 [inline]\n team_nl_options_set_doit+0x1339/0x1f90 drivers/net/team/team_core.c:2662\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x1214/0x12c0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2543\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:733\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2573\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2627\n __sys_sendmsg net/socket.c:2659 [inline]\n __do_sys_sendmsg net/socket.c:2664 [inline]\n __se_sys_sendmsg net/socket.c:2662 [inline]\n __x64_sys_sendmsg+0x212/0x3c0 net/socket.c:2662\n x64_sys_call+0x2ed6/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21787",
"url": "https://www.suse.com/security/cve/CVE-2025-21787"
},
{
"category": "external",
"summary": "SUSE Bug 1238774 for CVE-2025-21787",
"url": "https://bugzilla.suse.com/1238774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21787"
},
{
"cve": "CVE-2025-21792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt\n\nIf an AX25 device is bound to a socket by setting the SO_BINDTODEVICE\nsocket option, a refcount leak will occur in ax25_release().\n\nCommit 9fd75b66b8f6 (\"ax25: Fix refcount leaks caused by ax25_cb_del()\")\nadded decrement of device refcounts in ax25_release(). In order for that\nto work correctly the refcounts must already be incremented when the\ndevice is bound to the socket. An AX25 device can be bound to a socket\nby either calling ax25_bind() or setting SO_BINDTODEVICE socket option.\nIn both cases the refcounts should be incremented, but in fact it is done\nonly in ax25_bind().\n\nThis bug leads to the following issue reported by Syzkaller:\n\n================================================================\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 1 PID: 5932 at lib/refcount.c:31 refcount_warn_saturate+0x1ed/0x210 lib/refcount.c:31\nModules linked in:\nCPU: 1 UID: 0 PID: 5932 Comm: syz-executor424 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:refcount_warn_saturate+0x1ed/0x210 lib/refcount.c:31\nCall Trace:\n \u003cTASK\u003e\n __refcount_dec include/linux/refcount.h:336 [inline]\n refcount_dec include/linux/refcount.h:351 [inline]\n ref_tracker_free+0x710/0x820 lib/ref_tracker.c:236\n netdev_tracker_free include/linux/netdevice.h:4156 [inline]\n netdev_put include/linux/netdevice.h:4173 [inline]\n netdev_put include/linux/netdevice.h:4169 [inline]\n ax25_release+0x33f/0xa10 net/ax25/af_ax25.c:1069\n __sock_release+0xb0/0x270 net/socket.c:640\n sock_close+0x1c/0x30 net/socket.c:1408\n ...\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n ...\n \u003c/TASK\u003e\n================================================================\n\nFix the implementation of ax25_setsockopt() by adding increment of\nrefcounts for the new device bound, and decrement of refcounts for\nthe old unbound device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21792",
"url": "https://www.suse.com/security/cve/CVE-2025-21792"
},
{
"category": "external",
"summary": "SUSE Bug 1238745 for CVE-2025-21792",
"url": "https://bugzilla.suse.com/1238745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21792"
},
{
"cve": "CVE-2025-21806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21806"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: let net.core.dev_weight always be non-zero\n\nThe following problem was encountered during stability test:\n\n(NULL net_device): NAPI poll function process_backlog+0x0/0x530 \\\n\treturned 1, exceeding its budget of 0.\n------------[ cut here ]------------\nlist_add double add: new=ffff88905f746f48, prev=ffff88905f746f48, \\\n\tnext=ffff88905f746e40.\nWARNING: CPU: 18 PID: 5462 at lib/list_debug.c:35 \\\n\t__list_add_valid_or_report+0xf3/0x130\nCPU: 18 UID: 0 PID: 5462 Comm: ping Kdump: loaded Not tainted 6.13.0-rc7+\nRIP: 0010:__list_add_valid_or_report+0xf3/0x130\nCall Trace:\n? __warn+0xcd/0x250\n? __list_add_valid_or_report+0xf3/0x130\nenqueue_to_backlog+0x923/0x1070\nnetif_rx_internal+0x92/0x2b0\n__netif_rx+0x15/0x170\nloopback_xmit+0x2ef/0x450\ndev_hard_start_xmit+0x103/0x490\n__dev_queue_xmit+0xeac/0x1950\nip_finish_output2+0x6cc/0x1620\nip_output+0x161/0x270\nip_push_pending_frames+0x155/0x1a0\nraw_sendmsg+0xe13/0x1550\n__sys_sendto+0x3bf/0x4e0\n__x64_sys_sendto+0xdc/0x1b0\ndo_syscall_64+0x5b/0x170\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe reproduction command is as follows:\n sysctl -w net.core.dev_weight=0\n ping 127.0.0.1\n\nThis is because when the napi\u0027s weight is set to 0, process_backlog() may\nreturn 0 and clear the NAPI_STATE_SCHED bit of napi-\u003estate, causing this\nnapi to be re-polled in net_rx_action() until __do_softirq() times out.\nSince the NAPI_STATE_SCHED bit has been cleared, napi_schedule_rps() can\nbe retriggered in enqueue_to_backlog(), causing this issue.\n\nMaking the napi\u0027s weight always non-zero solves this problem.\n\nTriggering this issue requires system-wide admin (setting is\nnot namespaced).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21806",
"url": "https://www.suse.com/security/cve/CVE-2025-21806"
},
{
"category": "external",
"summary": "SUSE Bug 1238746 for CVE-2025-21806",
"url": "https://bugzilla.suse.com/1238746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21806"
},
{
"cve": "CVE-2025-21808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21808"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: xdp: Disallow attaching device-bound programs in generic mode\n\nDevice-bound programs are used to support RX metadata kfuncs. These\nkfuncs are driver-specific and rely on the driver context to read the\nmetadata. This means they can\u0027t work in generic XDP mode. However, there\nis no check to disallow such programs from being attached in generic\nmode, in which case the metadata kfuncs will be called in an invalid\ncontext, leading to crashes.\n\nFix this by adding a check to disallow attaching device-bound programs\nin generic mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21808",
"url": "https://www.suse.com/security/cve/CVE-2025-21808"
},
{
"category": "external",
"summary": "SUSE Bug 1238742 for CVE-2025-21808",
"url": "https://bugzilla.suse.com/1238742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21808"
},
{
"cve": "CVE-2025-21812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: rcu protect dev-\u003eax25_ptr\n\nsyzbot found a lockdep issue [1].\n\nWe should remove ax25 RTNL dependency in ax25_setsockopt()\n\nThis should also fix a variety of possible UAF in ax25.\n\n[1]\n\nWARNING: possible circular locking dependency detected\n6.13.0-rc3-syzkaller-00762-g9268abe611b0 #0 Not tainted\n------------------------------------------------------\nsyz.5.1818/12806 is trying to acquire lock:\n ffffffff8fcb3988 (rtnl_mutex){+.+.}-{4:4}, at: ax25_setsockopt+0xa55/0xe90 net/ax25/af_ax25.c:680\n\nbut task is already holding lock:\n ffff8880617ac258 (sk_lock-AF_AX25){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1618 [inline]\n ffff8880617ac258 (sk_lock-AF_AX25){+.+.}-{0:0}, at: ax25_setsockopt+0x209/0xe90 net/ax25/af_ax25.c:574\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (sk_lock-AF_AX25){+.+.}-{0:0}:\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5849\n lock_sock_nested+0x48/0x100 net/core/sock.c:3642\n lock_sock include/net/sock.h:1618 [inline]\n ax25_kill_by_device net/ax25/af_ax25.c:101 [inline]\n ax25_device_event+0x24d/0x580 net/ax25/af_ax25.c:146\n notifier_call_chain+0x1a5/0x3f0 kernel/notifier.c:85\n __dev_notify_flags+0x207/0x400\n dev_change_flags+0xf0/0x1a0 net/core/dev.c:9026\n dev_ifsioc+0x7c8/0xe70 net/core/dev_ioctl.c:563\n dev_ioctl+0x719/0x1340 net/core/dev_ioctl.c:820\n sock_do_ioctl+0x240/0x460 net/socket.c:1234\n sock_ioctl+0x626/0x8e0 net/socket.c:1339\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n-\u003e #0 (rtnl_mutex){+.+.}-{4:4}:\n check_prev_add kernel/locking/lockdep.c:3161 [inline]\n check_prevs_add kernel/locking/lockdep.c:3280 [inline]\n validate_chain+0x18ef/0x5920 kernel/locking/lockdep.c:3904\n __lock_acquire+0x1397/0x2100 kernel/locking/lockdep.c:5226\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5849\n __mutex_lock_common kernel/locking/mutex.c:585 [inline]\n __mutex_lock+0x1ac/0xee0 kernel/locking/mutex.c:735\n ax25_setsockopt+0xa55/0xe90 net/ax25/af_ax25.c:680\n do_sock_setsockopt+0x3af/0x720 net/socket.c:2324\n __sys_setsockopt net/socket.c:2349 [inline]\n __do_sys_setsockopt net/socket.c:2355 [inline]\n __se_sys_setsockopt net/socket.c:2352 [inline]\n __x64_sys_setsockopt+0x1ee/0x280 net/socket.c:2352\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nother info that might help us debug this:\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(sk_lock-AF_AX25);\n lock(rtnl_mutex);\n lock(sk_lock-AF_AX25);\n lock(rtnl_mutex);\n\n *** DEADLOCK ***\n\n1 lock held by syz.5.1818/12806:\n #0: ffff8880617ac258 (sk_lock-AF_AX25){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1618 [inline]\n #0: ffff8880617ac258 (sk_lock-AF_AX25){+.+.}-{0:0}, at: ax25_setsockopt+0x209/0xe90 net/ax25/af_ax25.c:574\n\nstack backtrace:\nCPU: 1 UID: 0 PID: 12806 Comm: syz.5.1818 Not tainted 6.13.0-rc3-syzkaller-00762-g9268abe611b0 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_circular_bug+0x13a/0x1b0 kernel/locking/lockdep.c:2074\n check_noncircular+0x36a/0x4a0 kernel/locking/lockdep.c:2206\n check_prev_add kernel/locking/lockdep.c:3161 [inline]\n check_prevs_add kernel/lockin\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21812",
"url": "https://www.suse.com/security/cve/CVE-2025-21812"
},
{
"category": "external",
"summary": "SUSE Bug 1238471 for CVE-2025-21812",
"url": "https://bugzilla.suse.com/1238471"
},
{
"category": "external",
"summary": "SUSE Bug 1240736 for CVE-2025-21812",
"url": "https://bugzilla.suse.com/1240736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-21812"
},
{
"cve": "CVE-2025-21814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: Ensure info-\u003eenable callback is always set\n\nThe ioctl and sysfs handlers unconditionally call the -\u003eenable callback.\nNot all drivers implement that callback, leading to NULL dereferences.\nExample of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c.\n\nInstead use a dummy callback if no better was specified by the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21814",
"url": "https://www.suse.com/security/cve/CVE-2025-21814"
},
{
"category": "external",
"summary": "SUSE Bug 1238473 for CVE-2025-21814",
"url": "https://bugzilla.suse.com/1238473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21814"
},
{
"cve": "CVE-2025-21833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Avoid use of NULL after WARN_ON_ONCE\n\nThere is a WARN_ON_ONCE to catch an unlikely situation when\ndomain_remove_dev_pasid can\u0027t find the `pasid`. In case it nevertheless\nhappens we must avoid using a NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21833",
"url": "https://www.suse.com/security/cve/CVE-2025-21833"
},
{
"category": "external",
"summary": "SUSE Bug 1239108 for CVE-2025-21833",
"url": "https://bugzilla.suse.com/1239108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21833"
},
{
"cve": "CVE-2025-21836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/kbuf: reallocate buf lists on upgrade\n\nIORING_REGISTER_PBUF_RING can reuse an old struct io_buffer_list if it\nwas created for legacy selected buffer and has been emptied. It violates\nthe requirement that most of the field should stay stable after publish.\nAlways reallocate it instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21836",
"url": "https://www.suse.com/security/cve/CVE-2025-21836"
},
{
"category": "external",
"summary": "SUSE Bug 1239066 for CVE-2025-21836",
"url": "https://bugzilla.suse.com/1239066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21836"
},
{
"cve": "CVE-2025-21852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Add rx_skb of kfree_skb to raw_tp_null_args[].\n\nYan Zhai reported a BPF prog could trigger a null-ptr-deref [0]\nin trace_kfree_skb if the prog does not check if rx_sk is NULL.\n\nCommit c53795d48ee8 (\"net: add rx_sk to trace_kfree_skb\") added\nrx_sk to trace_kfree_skb, but rx_sk is optional and could be NULL.\n\nLet\u0027s add kfree_skb to raw_tp_null_args[] to let the BPF verifier\nvalidate such a prog and prevent the issue.\n\nNow we fail to load such a prog:\n\n libbpf: prog \u0027drop\u0027: -- BEGIN PROG LOAD LOG --\n 0: R1=ctx() R10=fp0\n ; int BPF_PROG(drop, struct sk_buff *skb, void *location, @ kfree_skb_sk_null.bpf.c:21\n 0: (79) r3 = *(u64 *)(r1 +24)\n func \u0027kfree_skb\u0027 arg3 has btf_id 5253 type STRUCT \u0027sock\u0027\n 1: R1=ctx() R3_w=trusted_ptr_or_null_sock(id=1)\n ; bpf_printk(\"sk: %d, %d\\n\", sk, sk-\u003e__sk_common.skc_family); @ kfree_skb_sk_null.bpf.c:24\n 1: (69) r4 = *(u16 *)(r3 +16)\n R3 invalid mem access \u0027trusted_ptr_or_null_\u0027\n processed 2 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0\n -- END PROG LOAD LOG --\n\nNote this fix requires commit 838a10bd2ebf (\"bpf: Augment raw_tp\narguments with PTR_MAYBE_NULL\").\n\n[0]:\nBUG: kernel NULL pointer dereference, address: 0000000000000010\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 0 P4D 0\nPREEMPT SMP\nRIP: 0010:bpf_prog_5e21a6db8fcff1aa_drop+0x10/0x2d\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x1f/0x60\n ? page_fault_oops+0x148/0x420\n ? search_bpf_extables+0x5b/0x70\n ? fixup_exception+0x27/0x2c0\n ? exc_page_fault+0x75/0x170\n ? asm_exc_page_fault+0x22/0x30\n ? bpf_prog_5e21a6db8fcff1aa_drop+0x10/0x2d\n bpf_trace_run4+0x68/0xd0\n ? unix_stream_connect+0x1f4/0x6f0\n sk_skb_reason_drop+0x90/0x120\n unix_stream_connect+0x1f4/0x6f0\n __sys_connect+0x7f/0xb0\n __x64_sys_connect+0x14/0x20\n do_syscall_64+0x47/0xc30\n entry_SYSCALL_64_after_hwframe+0x4b/0x53",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21852",
"url": "https://www.suse.com/security/cve/CVE-2025-21852"
},
{
"category": "external",
"summary": "SUSE Bug 1239487 for CVE-2025-21852",
"url": "https://bugzilla.suse.com/1239487"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21852"
},
{
"cve": "CVE-2025-21853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: avoid holding freeze_mutex during mmap operation\n\nWe use map-\u003efreeze_mutex to prevent races between map_freeze() and\nmemory mapping BPF map contents with writable permissions. The way we\nnaively do this means we\u0027ll hold freeze_mutex for entire duration of all\nthe mm and VMA manipulations, which is completely unnecessary. This can\npotentially also lead to deadlocks, as reported by syzbot in [0].\n\nSo, instead, hold freeze_mutex only during writeability checks, bump\n(proactively) \"write active\" count for the map, unlock the mutex and\nproceed with mmap logic. And only if something went wrong during mmap\nlogic, then undo that \"write active\" counter increment.\n\n [0] https://lore.kernel.org/bpf/678dcbc9.050a0220.303755.0066.GAE@google.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21853",
"url": "https://www.suse.com/security/cve/CVE-2025-21853"
},
{
"category": "external",
"summary": "SUSE Bug 1239476 for CVE-2025-21853",
"url": "https://bugzilla.suse.com/1239476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21853"
},
{
"cve": "CVE-2025-21854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsockmap, vsock: For connectible sockets allow only connected\n\nsockmap expects all vsocks to have a transport assigned, which is expressed\nin vsock_proto::psock_update_sk_prot(). However, there is an edge case\nwhere an unconnected (connectible) socket may lose its previously assigned\ntransport. This is handled with a NULL check in the vsock/BPF recv path.\n\nAnother design detail is that listening vsocks are not supposed to have any\ntransport assigned at all. Which implies they are not supported by the\nsockmap. But this is complicated by the fact that a socket, before\nswitching to TCP_LISTEN, may have had some transport assigned during a\nfailed connect() attempt. Hence, we may end up with a listening vsock in a\nsockmap, which blows up quickly:\n\nKASAN: null-ptr-deref in range [0x0000000000000120-0x0000000000000127]\nCPU: 7 UID: 0 PID: 56 Comm: kworker/7:0 Not tainted 6.14.0-rc1+\nWorkqueue: vsock-loopback vsock_loopback_work\nRIP: 0010:vsock_read_skb+0x4b/0x90\nCall Trace:\n sk_psock_verdict_data_ready+0xa4/0x2e0\n virtio_transport_recv_pkt+0x1ca8/0x2acc\n vsock_loopback_work+0x27d/0x3f0\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x35a/0x700\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n\nFor connectible sockets, instead of relying solely on the state of\nvsk-\u003etransport, tell sockmap to only allow those representing established\nconnections. This aligns with the behaviour for AF_INET and AF_UNIX.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21854",
"url": "https://www.suse.com/security/cve/CVE-2025-21854"
},
{
"category": "external",
"summary": "SUSE Bug 1239470 for CVE-2025-21854",
"url": "https://bugzilla.suse.com/1239470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21854"
},
{
"cve": "CVE-2025-21863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: prevent opcode speculation\n\nsqe-\u003eopcode is used for different tables, make sure we santitise it\nagainst speculations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21863",
"url": "https://www.suse.com/security/cve/CVE-2025-21863"
},
{
"category": "external",
"summary": "SUSE Bug 1239475 for CVE-2025-21863",
"url": "https://bugzilla.suse.com/1239475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21863"
},
{
"cve": "CVE-2025-21867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, test_run: Fix use-after-free issue in eth_skb_pkt_type()\n\nKMSAN reported a use-after-free issue in eth_skb_pkt_type()[1]. The\ncause of the issue was that eth_skb_pkt_type() accessed skb\u0027s data\nthat didn\u0027t contain an Ethernet header. This occurs when\nbpf_prog_test_run_xdp() passes an invalid value as the user_data\nargument to bpf_test_init().\n\nFix this by returning an error when user_data is less than ETH_HLEN in\nbpf_test_init(). Additionally, remove the check for \"if (user_size \u003e\nsize)\" as it is unnecessary.\n\n[1]\nBUG: KMSAN: use-after-free in eth_skb_pkt_type include/linux/etherdevice.h:627 [inline]\nBUG: KMSAN: use-after-free in eth_type_trans+0x4ee/0x980 net/ethernet/eth.c:165\n eth_skb_pkt_type include/linux/etherdevice.h:627 [inline]\n eth_type_trans+0x4ee/0x980 net/ethernet/eth.c:165\n __xdp_build_skb_from_frame+0x5a8/0xa50 net/core/xdp.c:635\n xdp_recv_frames net/bpf/test_run.c:272 [inline]\n xdp_test_run_batch net/bpf/test_run.c:361 [inline]\n bpf_test_run_xdp_live+0x2954/0x3330 net/bpf/test_run.c:390\n bpf_prog_test_run_xdp+0x148e/0x1b10 net/bpf/test_run.c:1318\n bpf_prog_test_run+0x5b7/0xa30 kernel/bpf/syscall.c:4371\n __sys_bpf+0x6a6/0xe20 kernel/bpf/syscall.c:5777\n __do_sys_bpf kernel/bpf/syscall.c:5866 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5864 [inline]\n __x64_sys_bpf+0xa4/0xf0 kernel/bpf/syscall.c:5864\n x64_sys_call+0x2ea0/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:322\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n free_pages_prepare mm/page_alloc.c:1056 [inline]\n free_unref_page+0x156/0x1320 mm/page_alloc.c:2657\n __free_pages+0xa3/0x1b0 mm/page_alloc.c:4838\n bpf_ringbuf_free kernel/bpf/ringbuf.c:226 [inline]\n ringbuf_map_free+0xff/0x1e0 kernel/bpf/ringbuf.c:235\n bpf_map_free kernel/bpf/syscall.c:838 [inline]\n bpf_map_free_deferred+0x17c/0x310 kernel/bpf/syscall.c:862\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa2b/0x1b60 kernel/workqueue.c:3310\n worker_thread+0xedf/0x1550 kernel/workqueue.c:3391\n kthread+0x535/0x6b0 kernel/kthread.c:389\n ret_from_fork+0x6e/0x90 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nCPU: 1 UID: 0 PID: 17276 Comm: syz.1.16450 Not tainted 6.12.0-05490-g9bb88c659673 #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21867",
"url": "https://www.suse.com/security/cve/CVE-2025-21867"
},
{
"category": "external",
"summary": "SUSE Bug 1240181 for CVE-2025-21867",
"url": "https://bugzilla.suse.com/1240181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21867"
},
{
"cve": "CVE-2025-21873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: bsg: Fix crash when arpmb command fails\n\nIf the device doesn\u0027t support arpmb we\u0027ll crash due to copying user data in\nbsg_transport_sg_io_fn().\n\nIn the case where ufs_bsg_exec_advanced_rpmb_req() returns an error, do not\nset the job\u0027s reply_len.\n\nMemory crash backtrace:\n3,1290,531166405,-;ufshcd 0000:00:12.5: ARPMB OP failed: error code -22\n\n4,1308,531166555,-;Call Trace:\n\n4,1309,531166559,-; \u003cTASK\u003e\n\n4,1310,531166565,-; ? show_regs+0x6d/0x80\n\n4,1311,531166575,-; ? die+0x37/0xa0\n\n4,1312,531166583,-; ? do_trap+0xd4/0xf0\n\n4,1313,531166593,-; ? do_error_trap+0x71/0xb0\n\n4,1314,531166601,-; ? usercopy_abort+0x6c/0x80\n\n4,1315,531166610,-; ? exc_invalid_op+0x52/0x80\n\n4,1316,531166622,-; ? usercopy_abort+0x6c/0x80\n\n4,1317,531166630,-; ? asm_exc_invalid_op+0x1b/0x20\n\n4,1318,531166643,-; ? usercopy_abort+0x6c/0x80\n\n4,1319,531166652,-; __check_heap_object+0xe3/0x120\n\n4,1320,531166661,-; check_heap_object+0x185/0x1d0\n\n4,1321,531166670,-; __check_object_size.part.0+0x72/0x150\n\n4,1322,531166679,-; __check_object_size+0x23/0x30\n\n4,1323,531166688,-; bsg_transport_sg_io_fn+0x314/0x3b0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21873",
"url": "https://www.suse.com/security/cve/CVE-2025-21873"
},
{
"category": "external",
"summary": "SUSE Bug 1240184 for CVE-2025-21873",
"url": "https://bugzilla.suse.com/1240184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21873"
},
{
"cve": "CVE-2025-21875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: always handle address removal under msk socket lock\n\nSyzkaller reported a lockdep splat in the PM control path:\n\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sock_owned_by_me include/net/sock.h:1711 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Modules linked in:\n CPU: 0 UID: 0 PID: 6693 Comm: syz.0.205 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\n RIP: 0010:sock_owned_by_me include/net/sock.h:1711 [inline]\n RIP: 0010:msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n RIP: 0010:mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ca 7b d3 f5 eb b9 e8 c3 7b d3 f5 90 0f 0b 90 e9 dd fb ff ff e8 b5 7b d3 f5 90 \u003c0f\u003e 0b 90 e9 3e fb ff ff 44 89 f1 80 e1 07 38 c1 0f 8c eb fb ff ff\n RSP: 0000:ffffc900034f6f60 EFLAGS: 00010283\n RAX: ffffffff8bee3c2b RBX: 0000000000000001 RCX: 0000000000080000\n RDX: ffffc90004d42000 RSI: 000000000000a407 RDI: 000000000000a408\n RBP: ffffc900034f7030 R08: ffffffff8bee37f6 R09: 0100000000000000\n R10: dffffc0000000000 R11: ffffed100bcc62e4 R12: ffff88805e6316e0\n R13: ffff88805e630c00 R14: dffffc0000000000 R15: ffff88805e630c00\n FS: 00007f7e9a7e96c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000001b2fd18ff8 CR3: 0000000032c24000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n mptcp_pm_remove_addr+0x103/0x1d0 net/mptcp/pm.c:59\n mptcp_pm_remove_anno_addr+0x1f4/0x2f0 net/mptcp/pm_netlink.c:1486\n mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_netlink.c:1518 [inline]\n mptcp_pm_nl_del_addr_doit+0x118d/0x1af0 net/mptcp/pm_netlink.c:1629\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb1f/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x206/0x480 net/netlink/af_netlink.c:2543\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:733\n ____sys_sendmsg+0x53a/0x860 net/socket.c:2573\n ___sys_sendmsg net/socket.c:2627 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f7e9998cde9\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f7e9a7e9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f7e99ba5fa0 RCX: 00007f7e9998cde9\n RDX: 000000002000c094 RSI: 0000400000000000 RDI: 0000000000000007\n RBP: 00007f7e99a0e2a0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 0000000000000000 R14: 00007f7e99ba5fa0 R15: 00007fff49231088\n\nIndeed the PM can try to send a RM_ADDR over a msk without acquiring\nfirst the msk socket lock.\n\nThe bugged code-path comes from an early optimization: when there\nare no subflows, the PM should (usually) not send RM_ADDR\nnotifications.\n\nThe above statement is incorrect, as without locks another process\ncould concur\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21875",
"url": "https://www.suse.com/security/cve/CVE-2025-21875"
},
{
"category": "external",
"summary": "SUSE Bug 1240168 for CVE-2025-21875",
"url": "https://bugzilla.suse.com/1240168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21875"
},
{
"cve": "CVE-2025-21881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuprobes: Reject the shared zeropage in uprobe_write_opcode()\n\nWe triggered the following crash in syzkaller tests:\n\n BUG: Bad page state in process syz.7.38 pfn:1eff3\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1eff3\n flags: 0x3fffff00004004(referenced|reserved|node=0|zone=1|lastcpupid=0x1fffff)\n raw: 003fffff00004004 ffffe6c6c07bfcc8 ffffe6c6c07bfcc8 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000fffffffe 0000000000000000\n page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x32/0x50\n bad_page+0x69/0xf0\n free_unref_page_prepare+0x401/0x500\n free_unref_page+0x6d/0x1b0\n uprobe_write_opcode+0x460/0x8e0\n install_breakpoint.part.0+0x51/0x80\n register_for_each_vma+0x1d9/0x2b0\n __uprobe_register+0x245/0x300\n bpf_uprobe_multi_link_attach+0x29b/0x4f0\n link_create+0x1e2/0x280\n __sys_bpf+0x75f/0xac0\n __x64_sys_bpf+0x1a/0x30\n do_syscall_64+0x56/0x100\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\n BUG: Bad rss-counter state mm:00000000452453e0 type:MM_FILEPAGES val:-1\n\nThe following syzkaller test case can be used to reproduce:\n\n r2 = creat(\u0026(0x7f0000000000)=\u0027./file0\\x00\u0027, 0x8)\n write$nbd(r2, \u0026(0x7f0000000580)=ANY=[], 0x10)\n r4 = openat(0xffffffffffffff9c, \u0026(0x7f0000000040)=\u0027./file0\\x00\u0027, 0x42, 0x0)\n mmap$IORING_OFF_SQ_RING(\u0026(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0)\n r5 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r5, 0xc018aa3f, \u0026(0x7f0000000040)={0xaa, 0x20})\n r6 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r6, 0xc018aa3f, \u0026(0x7f0000000140))\n ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, \u0026(0x7f0000000100)={{\u0026(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x2})\n ioctl$UFFDIO_ZEROPAGE(r5, 0xc020aa04, \u0026(0x7f0000000000)={{\u0026(0x7f0000ffd000/0x1000)=nil, 0x1000}})\n r7 = bpf$PROG_LOAD(0x5, \u0026(0x7f0000000140)={0x2, 0x3, \u0026(0x7f0000000200)=ANY=[@ANYBLOB=\"1800000000120000000000000000000095\"], \u0026(0x7f0000000000)=\u0027GPL\\x00\u0027, 0x7, 0x0, 0x0, 0x0, 0x0, \u0027\\x00\u0027, 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)\n bpf$BPF_LINK_CREATE_XDP(0x1c, \u0026(0x7f0000000040)={r7, 0x0, 0x30, 0x1e, @val=@uprobe_multi={\u0026(0x7f0000000080)=\u0027./file0\\x00\u0027, \u0026(0x7f0000000100)=[0x2], 0x0, 0x0, 0x1}}, 0x40)\n\nThe cause is that zero pfn is set to the PTE without increasing the RSS\ncount in mfill_atomic_pte_zeropage() and the refcount of zero folio does\nnot increase accordingly. Then, the operation on the same pfn is performed\nin uprobe_write_opcode()-\u003e__replace_page() to unconditional decrease the\nRSS count and old_folio\u0027s refcount.\n\nTherefore, two bugs are introduced:\n\n 1. The RSS count is incorrect, when process exit, the check_mm() report\n error \"Bad rss-count\".\n\n 2. The reserved folio (zero folio) is freed when folio-\u003erefcount is zero,\n then free_pages_prepare-\u003efree_page_is_bad() report error\n \"Bad page state\".\n\nThere is more, the following warning could also theoretically be triggered:\n\n __replace_page()\n -\u003e ...\n -\u003e folio_remove_rmap_pte()\n -\u003e VM_WARN_ON_FOLIO(is_zero_folio(folio), folio)\n\nConsidering that uprobe hit on the zero folio is a very rare case, just\nreject zero old folio immediately after get_user_page_vma_remote().\n\n[ mingo: Cleaned up the changelog ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21881",
"url": "https://www.suse.com/security/cve/CVE-2025-21881"
},
{
"category": "external",
"summary": "SUSE Bug 1240185 for CVE-2025-21881",
"url": "https://bugzilla.suse.com/1240185"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21881"
},
{
"cve": "CVE-2025-21884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: better track kernel sockets lifetime\n\nWhile kernel sockets are dismantled during pernet_operations-\u003eexit(),\ntheir freeing can be delayed by any tx packets still held in qdisc\nor device queues, due to skb_set_owner_w() prior calls.\n\nThis then trigger the following warning from ref_tracker_dir_exit() [1]\n\nTo fix this, make sure that kernel sockets own a reference on net-\u003epassive.\n\nAdd sk_net_refcnt_upgrade() helper, used whenever a kernel socket\nis converted to a refcounted one.\n\n[1]\n\n[ 136.263918][ T35] ref_tracker: net notrefcnt@ffff8880638f01e0 has 1/2 users at\n[ 136.263918][ T35] sk_alloc+0x2b3/0x370\n[ 136.263918][ T35] inet6_create+0x6ce/0x10f0\n[ 136.263918][ T35] __sock_create+0x4c0/0xa30\n[ 136.263918][ T35] inet_ctl_sock_create+0xc2/0x250\n[ 136.263918][ T35] igmp6_net_init+0x39/0x390\n[ 136.263918][ T35] ops_init+0x31e/0x590\n[ 136.263918][ T35] setup_net+0x287/0x9e0\n[ 136.263918][ T35] copy_net_ns+0x33f/0x570\n[ 136.263918][ T35] create_new_namespaces+0x425/0x7b0\n[ 136.263918][ T35] unshare_nsproxy_namespaces+0x124/0x180\n[ 136.263918][ T35] ksys_unshare+0x57d/0xa70\n[ 136.263918][ T35] __x64_sys_unshare+0x38/0x40\n[ 136.263918][ T35] do_syscall_64+0xf3/0x230\n[ 136.263918][ T35] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 136.263918][ T35]\n[ 136.343488][ T35] ref_tracker: net notrefcnt@ffff8880638f01e0 has 1/2 users at\n[ 136.343488][ T35] sk_alloc+0x2b3/0x370\n[ 136.343488][ T35] inet6_create+0x6ce/0x10f0\n[ 136.343488][ T35] __sock_create+0x4c0/0xa30\n[ 136.343488][ T35] inet_ctl_sock_create+0xc2/0x250\n[ 136.343488][ T35] ndisc_net_init+0xa7/0x2b0\n[ 136.343488][ T35] ops_init+0x31e/0x590\n[ 136.343488][ T35] setup_net+0x287/0x9e0\n[ 136.343488][ T35] copy_net_ns+0x33f/0x570\n[ 136.343488][ T35] create_new_namespaces+0x425/0x7b0\n[ 136.343488][ T35] unshare_nsproxy_namespaces+0x124/0x180\n[ 136.343488][ T35] ksys_unshare+0x57d/0xa70\n[ 136.343488][ T35] __x64_sys_unshare+0x38/0x40\n[ 136.343488][ T35] do_syscall_64+0xf3/0x230\n[ 136.343488][ T35] entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21884",
"url": "https://www.suse.com/security/cve/CVE-2025-21884"
},
{
"category": "external",
"summary": "SUSE Bug 1240171 for CVE-2025-21884",
"url": "https://bugzilla.suse.com/1240171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21884"
},
{
"cve": "CVE-2025-21887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up\n\nThe issue was caused by dput(upper) being called before\novl_dentry_update_reval(), while upper-\u003ed_flags was still\naccessed in ovl_dentry_remote().\n\nMove dput(upper) after its last use to prevent use-after-free.\n\nBUG: KASAN: slab-use-after-free in ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\nBUG: KASAN: slab-use-after-free in ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\n ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n ovl_link_up fs/overlayfs/copy_up.c:610 [inline]\n ovl_copy_up_one+0x2105/0x3490 fs/overlayfs/copy_up.c:1170\n ovl_copy_up_flags+0x18d/0x200 fs/overlayfs/copy_up.c:1223\n ovl_rename+0x39e/0x18c0 fs/overlayfs/dir.c:1136\n vfs_rename+0xf84/0x20a0 fs/namei.c:4893\n...\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21887",
"url": "https://www.suse.com/security/cve/CVE-2025-21887"
},
{
"category": "external",
"summary": "SUSE Bug 1240176 for CVE-2025-21887",
"url": "https://bugzilla.suse.com/1240176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21887"
},
{
"cve": "CVE-2025-21889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Add RCU read lock protection to perf_iterate_ctx()\n\nThe perf_iterate_ctx() function performs RCU list traversal but\ncurrently lacks RCU read lock protection. This causes lockdep warnings\nwhen running perf probe with unshare(1) under CONFIG_PROVE_RCU_LIST=y:\n\n\tWARNING: suspicious RCU usage\n\tkernel/events/core.c:8168 RCU-list traversed in non-reader section!!\n\n\t Call Trace:\n\t lockdep_rcu_suspicious\n\t ? perf_event_addr_filters_apply\n\t perf_iterate_ctx\n\t perf_event_exec\n\t begin_new_exec\n\t ? load_elf_phdrs\n\t load_elf_binary\n\t ? lock_acquire\n\t ? find_held_lock\n\t ? bprm_execve\n\t bprm_execve\n\t do_execveat_common.isra.0\n\t __x64_sys_execve\n\t do_syscall_64\n\t entry_SYSCALL_64_after_hwframe\n\nThis protection was previously present but was removed in commit\nbd2756811766 (\"perf: Rewrite core context handling\"). Add back the\nnecessary rcu_read_lock()/rcu_read_unlock() pair around\nperf_iterate_ctx() call in perf_event_exec().\n\n[ mingo: Use scoped_guard() as suggested by Peter ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21889",
"url": "https://www.suse.com/security/cve/CVE-2025-21889"
},
{
"category": "external",
"summary": "SUSE Bug 1240167 for CVE-2025-21889",
"url": "https://bugzilla.suse.com/1240167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21889"
},
{
"cve": "CVE-2025-21894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC\n\nActually ENETC VFs do not support HWTSTAMP_TX_ONESTEP_SYNC because only\nENETC PF can access PMa_SINGLE_STEP registers. And there will be a crash\nif VFs are used to test one-step timestamp, the crash log as follows.\n\n[ 129.110909] Unable to handle kernel paging request at virtual address 00000000000080c0\n[ 129.287769] Call trace:\n[ 129.290219] enetc_port_mac_wr+0x30/0xec (P)\n[ 129.294504] enetc_start_xmit+0xda4/0xe74\n[ 129.298525] enetc_xmit+0x70/0xec\n[ 129.301848] dev_hard_start_xmit+0x98/0x118",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21894",
"url": "https://www.suse.com/security/cve/CVE-2025-21894"
},
{
"category": "external",
"summary": "SUSE Bug 1240581 for CVE-2025-21894",
"url": "https://bugzilla.suse.com/1240581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21894"
},
{
"cve": "CVE-2025-21895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21895"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Order the PMU list to fix warning about unordered pmu_ctx_list\n\nSyskaller triggers a warning due to prev_epc-\u003epmu != next_epc-\u003epmu in\nperf_event_swap_task_ctx_data(). vmcore shows that two lists have the same\nperf_event_pmu_context, but not in the same order.\n\nThe problem is that the order of pmu_ctx_list for the parent is impacted by\nthe time when an event/PMU is added. While the order for a child is\nimpacted by the event order in the pinned_groups and flexible_groups. So\nthe order of pmu_ctx_list in the parent and child may be different.\n\nTo fix this problem, insert the perf_event_pmu_context to its proper place\nafter iteration of the pmu_ctx_list.\n\nThe follow testcase can trigger above warning:\n\n # perf record -e cycles --call-graph lbr -- taskset -c 3 ./a.out \u0026\n # perf stat -e cpu-clock,cs -p xxx // xxx is the pid of a.out\n\n test.c\n\n void main() {\n int count = 0;\n pid_t pid;\n\n printf(\"%d running\\n\", getpid());\n sleep(30);\n printf(\"running\\n\");\n\n pid = fork();\n if (pid == -1) {\n printf(\"fork error\\n\");\n return;\n }\n if (pid == 0) {\n while (1) {\n count++;\n }\n } else {\n while (1) {\n count++;\n }\n }\n }\n\nThe testcase first opens an LBR event, so it will allocate task_ctx_data,\nand then open tracepoint and software events, so the parent context will\nhave 3 different perf_event_pmu_contexts. On inheritance, child ctx will\ninsert the perf_event_pmu_context in another order and the warning will\ntrigger.\n\n[ mingo: Tidied up the changelog. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21895",
"url": "https://www.suse.com/security/cve/CVE-2025-21895"
},
{
"category": "external",
"summary": "SUSE Bug 1240585 for CVE-2025-21895",
"url": "https://bugzilla.suse.com/1240585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21895"
},
{
"cve": "CVE-2025-21904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncaif_virtio: fix wrong pointer check in cfv_probe()\n\ndel_vqs() frees virtqueues, therefore cfv-\u003evq_tx pointer should be checked\nfor NULL before calling it, not cfv-\u003evdev. Also the current implementation\nis redundant because the pointer cfv-\u003evdev is dereferenced before it is\nchecked for NULL.\n\nFix this by checking cfv-\u003evq_tx for NULL instead of cfv-\u003evdev before\ncalling del_vqs().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21904",
"url": "https://www.suse.com/security/cve/CVE-2025-21904"
},
{
"category": "external",
"summary": "SUSE Bug 1240576 for CVE-2025-21904",
"url": "https://bugzilla.suse.com/1240576"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21904"
},
{
"cve": "CVE-2025-21905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: limit printed string from FW file\n\nThere\u0027s no guarantee here that the file is always with a\nNUL-termination, so reading the string may read beyond the\nend of the TLV. If that\u0027s the last TLV in the file, it can\nperhaps even read beyond the end of the file buffer.\n\nFix that by limiting the print format to the size of the\nbuffer we have.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21905",
"url": "https://www.suse.com/security/cve/CVE-2025-21905"
},
{
"category": "external",
"summary": "SUSE Bug 1240575 for CVE-2025-21905",
"url": "https://bugzilla.suse.com/1240575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21905"
},
{
"cve": "CVE-2025-21906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21906"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: clean up ROC on failure\n\nIf the firmware fails to start the session protection, then we\ndo call iwl_mvm_roc_finished() here, but that won\u0027t do anything\nat all because IWL_MVM_STATUS_ROC_P2P_RUNNING was never set.\nSet IWL_MVM_STATUS_ROC_P2P_RUNNING in the failure/stop path.\nIf it started successfully before, it\u0027s already set, so that\ndoesn\u0027t matter, and if it didn\u0027t start it needs to be set to\nclean up.\n\nNot doing so will lead to a WARN_ON() later on a fresh remain-\non-channel, since the link is already active when activated as\nit was never deactivated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21906",
"url": "https://www.suse.com/security/cve/CVE-2025-21906"
},
{
"category": "external",
"summary": "SUSE Bug 1240587 for CVE-2025-21906",
"url": "https://bugzilla.suse.com/1240587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21906"
},
{
"cve": "CVE-2025-21908",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21908"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: fix nfs_release_folio() to not deadlock via kcompactd writeback\n\nAdd PF_KCOMPACTD flag and current_is_kcompactd() helper to check for it so\nnfs_release_folio() can skip calling nfs_wb_folio() from kcompactd.\n\nOtherwise NFS can deadlock waiting for kcompactd enduced writeback which\nrecurses back to NFS (which triggers writeback to NFSD via NFS loopback\nmount on the same host, NFSD blocks waiting for XFS\u0027s call to\n__filemap_get_folio):\n\n6070.550357] INFO: task kcompactd0:58 blocked for more than 4435 seconds.\n\n{---\n[58] \"kcompactd0\"\n[\u003c0\u003e] folio_wait_bit+0xe8/0x200\n[\u003c0\u003e] folio_wait_writeback+0x2b/0x80\n[\u003c0\u003e] nfs_wb_folio+0x80/0x1b0 [nfs]\n[\u003c0\u003e] nfs_release_folio+0x68/0x130 [nfs]\n[\u003c0\u003e] split_huge_page_to_list_to_order+0x362/0x840\n[\u003c0\u003e] migrate_pages_batch+0x43d/0xb90\n[\u003c0\u003e] migrate_pages_sync+0x9a/0x240\n[\u003c0\u003e] migrate_pages+0x93c/0x9f0\n[\u003c0\u003e] compact_zone+0x8e2/0x1030\n[\u003c0\u003e] compact_node+0xdb/0x120\n[\u003c0\u003e] kcompactd+0x121/0x2e0\n[\u003c0\u003e] kthread+0xcf/0x100\n[\u003c0\u003e] ret_from_fork+0x31/0x40\n[\u003c0\u003e] ret_from_fork_asm+0x1a/0x30\n---}\n\n[akpm@linux-foundation.org: fix build]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21908",
"url": "https://www.suse.com/security/cve/CVE-2025-21908"
},
{
"category": "external",
"summary": "SUSE Bug 1240600 for CVE-2025-21908",
"url": "https://bugzilla.suse.com/1240600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21908"
},
{
"cve": "CVE-2025-21909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: reject cooked mode if it is set along with other flags\n\nIt is possible to set both MONITOR_FLAG_COOK_FRAMES and MONITOR_FLAG_ACTIVE\nflags simultaneously on the same monitor interface from the userspace. This\ncauses a sub-interface to be created with no IEEE80211_SDATA_IN_DRIVER bit\nset because the monitor interface is in the cooked state and it takes\nprecedence over all other states. When the interface is then being deleted\nthe kernel calls WARN_ONCE() from check_sdata_in_driver() because of missing\nthat bit.\n\nFix this by rejecting MONITOR_FLAG_COOK_FRAMES if it is set along with\nother flags.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21909",
"url": "https://www.suse.com/security/cve/CVE-2025-21909"
},
{
"category": "external",
"summary": "SUSE Bug 1240590 for CVE-2025-21909",
"url": "https://bugzilla.suse.com/1240590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21909"
},
{
"cve": "CVE-2025-21910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: regulatory: improve invalid hints checking\n\nSyzbot keeps reporting an issue [1] that occurs when erroneous symbols\nsent from userspace get through into user_alpha2[] via\nregulatory_hint_user() call. Such invalid regulatory hints should be\nrejected.\n\nWhile a sanity check from commit 47caf685a685 (\"cfg80211: regulatory:\nreject invalid hints\") looks to be enough to deter these very cases,\nthere is a way to get around it due to 2 reasons.\n\n1) The way isalpha() works, symbols other than latin lower and\nupper letters may be used to determine a country/domain.\nFor instance, greek letters will also be considered upper/lower\nletters and for such characters isalpha() will return true as well.\nHowever, ISO-3166-1 alpha2 codes should only hold latin\ncharacters.\n\n2) While processing a user regulatory request, between\nreg_process_hint_user() and regulatory_hint_user() there happens to\nbe a call to queue_regulatory_request() which modifies letters in\nrequest-\u003ealpha2[] with toupper(). This works fine for latin symbols,\nless so for weird letter characters from the second part of _ctype[].\n\nSyzbot triggers a warning in is_user_regdom_saved() by first sending\nover an unexpected non-latin letter that gets malformed by toupper()\ninto a character that ends up failing isalpha() check.\n\nPrevent this by enhancing is_an_alpha2() to ensure that incoming\nsymbols are latin letters and nothing else.\n\n[1] Syzbot report:\n------------[ cut here ]------------\nUnexpected user alpha2: A\ufffd\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 is_user_regdom_saved net/wireless/reg.c:440 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_alpha2 net/wireless/reg.c:3424 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\nModules linked in:\nCPU: 1 UID: 0 PID: 964 Comm: kworker/1:2 Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: events_power_efficient crda_timeout_work\nRIP: 0010:is_user_regdom_saved net/wireless/reg.c:440 [inline]\nRIP: 0010:restore_alpha2 net/wireless/reg.c:3424 [inline]\nRIP: 0010:restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\n...\nCall Trace:\n \u003cTASK\u003e\n crda_timeout_work+0x27/0x50 net/wireless/reg.c:542\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f2/0x390 kernel/kthread.c:389\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21910",
"url": "https://www.suse.com/security/cve/CVE-2025-21910"
},
{
"category": "external",
"summary": "SUSE Bug 1240583 for CVE-2025-21910",
"url": "https://bugzilla.suse.com/1240583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21910"
},
{
"cve": "CVE-2025-21912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: rcar: Use raw_spinlock to protect register access\n\nUse raw_spinlock in order to fix spurious messages about invalid context\nwhen spinlock debugging is enabled. The lock is only used to serialize\nregister access.\n\n [ 4.239592] =============================\n [ 4.239595] [ BUG: Invalid wait context ]\n [ 4.239599] 6.13.0-rc7-arm64-renesas-05496-gd088502a519f #35 Not tainted\n [ 4.239603] -----------------------------\n [ 4.239606] kworker/u8:5/76 is trying to lock:\n [ 4.239609] ffff0000091898a0 (\u0026p-\u003elock){....}-{3:3}, at: gpio_rcar_config_interrupt_input_mode+0x34/0x164\n [ 4.239641] other info that might help us debug this:\n [ 4.239643] context-{5:5}\n [ 4.239646] 5 locks held by kworker/u8:5/76:\n [ 4.239651] #0: ffff0000080fb148 ((wq_completion)async){+.+.}-{0:0}, at: process_one_work+0x190/0x62c\n [ 4.250180] OF: /soc/sound@ec500000/ports/port@0/endpoint: Read of boolean property \u0027frame-master\u0027 with a value.\n [ 4.254094] #1: ffff80008299bd80 ((work_completion)(\u0026entry-\u003ework)){+.+.}-{0:0}, at: process_one_work+0x1b8/0x62c\n [ 4.254109] #2: ffff00000920c8f8\n [ 4.258345] OF: /soc/sound@ec500000/ports/port@1/endpoint: Read of boolean property \u0027bitclock-master\u0027 with a value.\n [ 4.264803] (\u0026dev-\u003emutex){....}-{4:4}, at: __device_attach_async_helper+0x3c/0xdc\n [ 4.264820] #3: ffff00000a50ca40 (request_class#2){+.+.}-{4:4}, at: __setup_irq+0xa0/0x690\n [ 4.264840] #4:\n [ 4.268872] OF: /soc/sound@ec500000/ports/port@1/endpoint: Read of boolean property \u0027frame-master\u0027 with a value.\n [ 4.273275] ffff00000a50c8c8 (lock_class){....}-{2:2}, at: __setup_irq+0xc4/0x690\n [ 4.296130] renesas_sdhi_internal_dmac ee100000.mmc: mmc1 base at 0x00000000ee100000, max clock rate 200 MHz\n [ 4.304082] stack backtrace:\n [ 4.304086] CPU: 1 UID: 0 PID: 76 Comm: kworker/u8:5 Not tainted 6.13.0-rc7-arm64-renesas-05496-gd088502a519f #35\n [ 4.304092] Hardware name: Renesas Salvator-X 2nd version board based on r8a77965 (DT)\n [ 4.304097] Workqueue: async async_run_entry_fn\n [ 4.304106] Call trace:\n [ 4.304110] show_stack+0x14/0x20 (C)\n [ 4.304122] dump_stack_lvl+0x6c/0x90\n [ 4.304131] dump_stack+0x14/0x1c\n [ 4.304138] __lock_acquire+0xdfc/0x1584\n [ 4.426274] lock_acquire+0x1c4/0x33c\n [ 4.429942] _raw_spin_lock_irqsave+0x5c/0x80\n [ 4.434307] gpio_rcar_config_interrupt_input_mode+0x34/0x164\n [ 4.440061] gpio_rcar_irq_set_type+0xd4/0xd8\n [ 4.444422] __irq_set_trigger+0x5c/0x178\n [ 4.448435] __setup_irq+0x2e4/0x690\n [ 4.452012] request_threaded_irq+0xc4/0x190\n [ 4.456285] devm_request_threaded_irq+0x7c/0xf4\n [ 4.459398] ata1: link resume succeeded after 1 retries\n [ 4.460902] mmc_gpiod_request_cd_irq+0x68/0xe0\n [ 4.470660] mmc_start_host+0x50/0xac\n [ 4.474327] mmc_add_host+0x80/0xe4\n [ 4.477817] tmio_mmc_host_probe+0x2b0/0x440\n [ 4.482094] renesas_sdhi_probe+0x488/0x6f4\n [ 4.486281] renesas_sdhi_internal_dmac_probe+0x60/0x78\n [ 4.491509] platform_probe+0x64/0xd8\n [ 4.495178] really_probe+0xb8/0x2a8\n [ 4.498756] __driver_probe_device+0x74/0x118\n [ 4.503116] driver_probe_device+0x3c/0x154\n [ 4.507303] __device_attach_driver+0xd4/0x160\n [ 4.511750] bus_for_each_drv+0x84/0xe0\n [ 4.515588] __device_attach_async_helper+0xb0/0xdc\n [ 4.520470] async_run_entry_fn+0x30/0xd8\n [ 4.524481] process_one_work+0x210/0x62c\n [ 4.528494] worker_thread+0x1ac/0x340\n [ 4.532245] kthread+0x10c/0x110\n [ 4.535476] ret_from_fork+0x10/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21912",
"url": "https://www.suse.com/security/cve/CVE-2025-21912"
},
{
"category": "external",
"summary": "SUSE Bug 1240584 for CVE-2025-21912",
"url": "https://bugzilla.suse.com/1240584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21912"
},
{
"cve": "CVE-2025-21913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range()\n\nXen doesn\u0027t offer MSR_FAM10H_MMIO_CONF_BASE to all guests. This results\nin the following warning:\n\n unchecked MSR access error: RDMSR from 0xc0010058 at rIP: 0xffffffff8101d19f (xen_do_read_msr+0x7f/0xa0)\n Call Trace:\n xen_read_msr+0x1e/0x30\n amd_get_mmconfig_range+0x2b/0x80\n quirk_amd_mmconfig_area+0x28/0x100\n pnp_fixup_device+0x39/0x50\n __pnp_add_device+0xf/0x150\n pnp_add_device+0x3d/0x100\n pnpacpi_add_device_handler+0x1f9/0x280\n acpi_ns_get_device_callback+0x104/0x1c0\n acpi_ns_walk_namespace+0x1d0/0x260\n acpi_get_devices+0x8a/0xb0\n pnpacpi_init+0x50/0x80\n do_one_initcall+0x46/0x2e0\n kernel_init_freeable+0x1da/0x2f0\n kernel_init+0x16/0x1b0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\n\nbased on quirks for a \"PNP0c01\" device. Treating MMCFG as disabled is the\nright course of action, so no change is needed there.\n\nThis was most likely exposed by fixing the Xen MSR accessors to not be\nsilently-safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21913",
"url": "https://www.suse.com/security/cve/CVE-2025-21913"
},
{
"category": "external",
"summary": "SUSE Bug 1240591 for CVE-2025-21913",
"url": "https://bugzilla.suse.com/1240591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21913"
},
{
"cve": "CVE-2025-21914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nslimbus: messaging: Free transaction ID in delayed interrupt scenario\n\nIn case of interrupt delay for any reason, slim_do_transfer()\nreturns timeout error but the transaction ID (TID) is not freed.\nThis results into invalid memory access inside\nqcom_slim_ngd_rx_msgq_cb() due to invalid TID.\n\nFix the issue by freeing the TID in slim_do_transfer() before\nreturning timeout error to avoid invalid memory access.\n\nCall trace:\n__memcpy_fromio+0x20/0x190\nqcom_slim_ngd_rx_msgq_cb+0x130/0x290 [slim_qcom_ngd_ctrl]\nvchan_complete+0x2a0/0x4a0\ntasklet_action_common+0x274/0x700\ntasklet_action+0x28/0x3c\n_stext+0x188/0x620\nrun_ksoftirqd+0x34/0x74\nsmpboot_thread_fn+0x1d8/0x464\nkthread+0x178/0x238\nret_from_fork+0x10/0x20\nCode: aa0003e8 91000429 f100044a 3940002b (3800150b)\n---[ end trace 0fe00bec2b975c99 ]---\nKernel panic - not syncing: Oops: Fatal exception in interrupt.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21914",
"url": "https://www.suse.com/security/cve/CVE-2025-21914"
},
{
"category": "external",
"summary": "SUSE Bug 1240595 for CVE-2025-21914",
"url": "https://bugzilla.suse.com/1240595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21914"
},
{
"cve": "CVE-2025-21915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncdx: Fix possible UAF error in driver_override_show()\n\nFixed a possible UAF problem in driver_override_show() in drivers/cdx/cdx.c\n\nThis function driver_override_show() is part of DEVICE_ATTR_RW, which\nincludes both driver_override_show() and driver_override_store().\nThese functions can be executed concurrently in sysfs.\n\nThe driver_override_store() function uses driver_set_override() to\nupdate the driver_override value, and driver_set_override() internally\nlocks the device (device_lock(dev)). If driver_override_show() reads\ncdx_dev-\u003edriver_override without locking, it could potentially access\na freed pointer if driver_override_store() frees the string\nconcurrently. This could lead to printing a kernel address, which is a\nsecurity risk since DEVICE_ATTR can be read by all users.\n\nAdditionally, a similar pattern is used in drivers/amba/bus.c, as well\nas many other bus drivers, where device_lock() is taken in the show\nfunction, and it has been working without issues.\n\nThis potential bug was detected by our experimental static analysis\ntool, which analyzes locking APIs and paired functions to identify\ndata races and atomicity violations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21915",
"url": "https://www.suse.com/security/cve/CVE-2025-21915"
},
{
"category": "external",
"summary": "SUSE Bug 1240594 for CVE-2025-21915",
"url": "https://bugzilla.suse.com/1240594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21915"
},
{
"cve": "CVE-2025-21916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21916"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: atm: cxacru: fix a flaw in existing endpoint checks\n\nSyzbot once again identified a flaw in usb endpoint checking, see [1].\nThis time the issue stems from a commit authored by me (2eabb655a968\n(\"usb: atm: cxacru: fix endpoint checking in cxacru_bind()\")).\n\nWhile using usb_find_common_endpoints() may usually be enough to\ndiscard devices with wrong endpoints, in this case one needs more\nthan just finding and identifying the sufficient number of endpoints\nof correct types - one needs to check the endpoint\u0027s address as well.\n\nSince cxacru_bind() fills URBs with CXACRU_EP_CMD address in mind,\nswitch the endpoint verification approach to usb_check_XXX_endpoints()\ninstead to fix incomplete ep testing.\n\n[1] Syzbot report:\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 0 PID: 1378 at drivers/usb/core/urb.c:504 usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503\n...\nRIP: 0010:usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n cxacru_cm+0x3c8/0xe50 drivers/usb/atm/cxacru.c:649\n cxacru_card_status drivers/usb/atm/cxacru.c:760 [inline]\n cxacru_bind+0xcf9/0x1150 drivers/usb/atm/cxacru.c:1223\n usbatm_usb_probe+0x314/0x1d30 drivers/usb/atm/usbatm.c:1058\n cxacru_usb_probe+0x184/0x220 drivers/usb/atm/cxacru.c:1377\n usb_probe_interface+0x641/0xbb0 drivers/usb/core/driver.c:396\n really_probe+0x2b9/0xad0 drivers/base/dd.c:658\n __driver_probe_device+0x1a2/0x390 drivers/base/dd.c:800\n driver_probe_device+0x50/0x430 drivers/base/dd.c:830\n...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21916",
"url": "https://www.suse.com/security/cve/CVE-2025-21916"
},
{
"category": "external",
"summary": "SUSE Bug 1240582 for CVE-2025-21916",
"url": "https://bugzilla.suse.com/1240582"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21916"
},
{
"cve": "CVE-2025-21917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: renesas_usbhs: Flush the notify_hotplug_work\n\nWhen performing continuous unbind/bind operations on the USB drivers\navailable on the Renesas RZ/G2L SoC, a kernel crash with the message\n\"Unable to handle kernel NULL pointer dereference at virtual address\"\nmay occur. This issue points to the usbhsc_notify_hotplug() function.\n\nFlush the delayed work to avoid its execution when driver resources are\nunavailable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21917",
"url": "https://www.suse.com/security/cve/CVE-2025-21917"
},
{
"category": "external",
"summary": "SUSE Bug 1240596 for CVE-2025-21917",
"url": "https://bugzilla.suse.com/1240596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21917"
},
{
"cve": "CVE-2025-21918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Fix NULL pointer access\n\nResources should be released only after all threads that utilize them\nhave been destroyed.\nThis commit ensures that resources are not released prematurely by waiting\nfor the associated workqueue to complete before deallocating them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21918",
"url": "https://www.suse.com/security/cve/CVE-2025-21918"
},
{
"category": "external",
"summary": "SUSE Bug 1240592 for CVE-2025-21918",
"url": "https://bugzilla.suse.com/1240592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21918"
},
{
"cve": "CVE-2025-21919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Fix potential memory corruption in child_cfs_rq_on_list\n\nchild_cfs_rq_on_list attempts to convert a \u0027prev\u0027 pointer to a cfs_rq.\nThis \u0027prev\u0027 pointer can originate from struct rq\u0027s leaf_cfs_rq_list,\nmaking the conversion invalid and potentially leading to memory\ncorruption. Depending on the relative positions of leaf_cfs_rq_list and\nthe task group (tg) pointer within the struct, this can cause a memory\nfault or access garbage data.\n\nThe issue arises in list_add_leaf_cfs_rq, where both\ncfs_rq-\u003eleaf_cfs_rq_list and rq-\u003eleaf_cfs_rq_list are added to the same\nleaf list. Also, rq-\u003etmp_alone_branch can be set to rq-\u003eleaf_cfs_rq_list.\n\nThis adds a check `if (prev == \u0026rq-\u003eleaf_cfs_rq_list)` after the main\nconditional in child_cfs_rq_on_list. This ensures that the container_of\noperation will convert a correct cfs_rq struct.\n\nThis check is sufficient because only cfs_rqs on the same CPU are added\nto the list, so verifying the \u0027prev\u0027 pointer against the current rq\u0027s list\nhead is enough.\n\nFixes a potential memory corruption issue that due to current struct\nlayout might not be manifesting as a crash but could lead to unpredictable\nbehavior when the layout changes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21919",
"url": "https://www.suse.com/security/cve/CVE-2025-21919"
},
{
"category": "external",
"summary": "SUSE Bug 1240593 for CVE-2025-21919",
"url": "https://bugzilla.suse.com/1240593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21919"
},
{
"cve": "CVE-2025-21922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppp: Fix KMSAN uninit-value warning with bpf\n\nSyzbot caught an \"KMSAN: uninit-value\" warning [1], which is caused by the\nppp driver not initializing a 2-byte header when using socket filter.\n\nThe following code can generate a PPP filter BPF program:\n\u0027\u0027\u0027\nstruct bpf_program fp;\npcap_t *handle;\nhandle = pcap_open_dead(DLT_PPP_PPPD, 65535);\npcap_compile(handle, \u0026fp, \"ip and outbound\", 0, 0);\nbpf_dump(\u0026fp, 1);\n\u0027\u0027\u0027\nIts output is:\n\u0027\u0027\u0027\n(000) ldh [2]\n(001) jeq #0x21 jt 2 jf 5\n(002) ldb [0]\n(003) jeq #0x1 jt 4 jf 5\n(004) ret #65535\n(005) ret #0\n\u0027\u0027\u0027\nWen can find similar code at the following link:\nhttps://github.com/ppp-project/ppp/blob/master/pppd/options.c#L1680\nThe maintainer of this code repository is also the original maintainer\nof the ppp driver.\n\nAs you can see the BPF program skips 2 bytes of data and then reads the\n\u0027Protocol\u0027 field to determine if it\u0027s an IP packet. Then it read the first\nbyte of the first 2 bytes to determine the direction.\n\nThe issue is that only the first byte indicating direction is initialized\nin current ppp driver code while the second byte is not initialized.\n\nFor normal BPF programs generated by libpcap, uninitialized data won\u0027t be\nused, so it\u0027s not a problem. However, for carefully crafted BPF programs,\nsuch as those generated by syzkaller [2], which start reading from offset\n0, the uninitialized data will be used and caught by KMSAN.\n\n[1] https://syzkaller.appspot.com/bug?extid=853242d9c9917165d791\n[2] https://syzkaller.appspot.com/text?tag=ReproC\u0026x=11994913980000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21922",
"url": "https://www.suse.com/security/cve/CVE-2025-21922"
},
{
"category": "external",
"summary": "SUSE Bug 1240639 for CVE-2025-21922",
"url": "https://bugzilla.suse.com/1240639"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21922"
},
{
"cve": "CVE-2025-21923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-steam: Fix use-after-free when detaching device\n\nWhen a hid-steam device is removed it must clean up the client_hdev used for\nintercepting hidraw access. This can lead to scheduling deferred work to\nreattach the input device. Though the cleanup cancels the deferred work, this\nwas done before the client_hdev itself is cleaned up, so it gets rescheduled.\nThis patch fixes the ordering to make sure the deferred work is properly\ncanceled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21923",
"url": "https://www.suse.com/security/cve/CVE-2025-21923"
},
{
"category": "external",
"summary": "SUSE Bug 1240691 for CVE-2025-21923",
"url": "https://bugzilla.suse.com/1240691"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21923"
},
{
"cve": "CVE-2025-21924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error\n\nDuring the initialization of ptp, hclge_ptp_get_cycle might return an error\nand returned directly without unregister clock and free it. To avoid that,\ncall hclge_ptp_destroy_clock to unregist and free clock if\nhclge_ptp_get_cycle failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21924",
"url": "https://www.suse.com/security/cve/CVE-2025-21924"
},
{
"category": "external",
"summary": "SUSE Bug 1240720 for CVE-2025-21924",
"url": "https://bugzilla.suse.com/1240720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21924"
},
{
"cve": "CVE-2025-21925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: do not use skb_get() before dev_queue_xmit()\n\nsyzbot is able to crash hosts [1], using llc and devices\nnot supporting IFF_TX_SKB_SHARING.\n\nIn this case, e1000 driver calls eth_skb_pad(), while\nthe skb is shared.\n\nSimply replace skb_get() by skb_clone() in net/llc/llc_s_ac.c\n\nNote that e1000 driver might have an issue with pktgen,\nbecause it does not clear IFF_TX_SKB_SHARING, this is an\northogonal change.\n\nWe need to audit other skb_get() uses in net/llc.\n\n[1]\n\nkernel BUG at net/core/skbuff.c:2178 !\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 16371 Comm: syz.2.2764 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:pskb_expand_head+0x6ce/0x1240 net/core/skbuff.c:2178\nCall Trace:\n \u003cTASK\u003e\n __skb_pad+0x18a/0x610 net/core/skbuff.c:2466\n __skb_put_padto include/linux/skbuff.h:3843 [inline]\n skb_put_padto include/linux/skbuff.h:3862 [inline]\n eth_skb_pad include/linux/etherdevice.h:656 [inline]\n e1000_xmit_frame+0x2d99/0x5800 drivers/net/ethernet/intel/e1000/e1000_main.c:3128\n __netdev_start_xmit include/linux/netdevice.h:5151 [inline]\n netdev_start_xmit include/linux/netdevice.h:5160 [inline]\n xmit_one net/core/dev.c:3806 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3822\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:4045 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4621\n dev_queue_xmit include/linux/netdevice.h:3313 [inline]\n llc_sap_action_send_test_c+0x268/0x320 net/llc/llc_s_ac.c:144\n llc_exec_sap_trans_actions net/llc/llc_sap.c:153 [inline]\n llc_sap_next_state net/llc/llc_sap.c:182 [inline]\n llc_sap_state_process+0x239/0x510 net/llc/llc_sap.c:209\n llc_ui_sendmsg+0xd0d/0x14e0 net/llc/af_llc.c:993\n sock_sendmsg_nosec net/socket.c:718 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21925",
"url": "https://www.suse.com/security/cve/CVE-2025-21925"
},
{
"category": "external",
"summary": "SUSE Bug 1240713 for CVE-2025-21925",
"url": "https://bugzilla.suse.com/1240713"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21925"
},
{
"cve": "CVE-2025-21926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21926"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gso: fix ownership in __udp_gso_segment\n\nIn __udp_gso_segment the skb destructor is removed before segmenting the\nskb but the socket reference is kept as-is. This is an issue if the\noriginal skb is later orphaned as we can hit the following bug:\n\n kernel BUG at ./include/linux/skbuff.h:3312! (skb_orphan)\n RIP: 0010:ip_rcv_core+0x8b2/0xca0\n Call Trace:\n ip_rcv+0xab/0x6e0\n __netif_receive_skb_one_core+0x168/0x1b0\n process_backlog+0x384/0x1100\n __napi_poll.constprop.0+0xa1/0x370\n net_rx_action+0x925/0xe50\n\nThe above can happen following a sequence of events when using\nOpenVSwitch, when an OVS_ACTION_ATTR_USERSPACE action precedes an\nOVS_ACTION_ATTR_OUTPUT action:\n\n1. OVS_ACTION_ATTR_USERSPACE is handled (in do_execute_actions): the skb\n goes through queue_gso_packets and then __udp_gso_segment, where its\n destructor is removed.\n2. The segments\u0027 data are copied and sent to userspace.\n3. OVS_ACTION_ATTR_OUTPUT is handled (in do_execute_actions) and the\n same original skb is sent to its path.\n4. If it later hits skb_orphan, we hit the bug.\n\nFix this by also removing the reference to the socket in\n__udp_gso_segment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21926",
"url": "https://www.suse.com/security/cve/CVE-2025-21926"
},
{
"category": "external",
"summary": "SUSE Bug 1240712 for CVE-2025-21926",
"url": "https://bugzilla.suse.com/1240712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21926"
},
{
"cve": "CVE-2025-21927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()\n\nnvme_tcp_recv_pdu() doesn\u0027t check the validity of the header length.\nWhen header digests are enabled, a target might send a packet with an\ninvalid header length (e.g. 255), causing nvme_tcp_verify_hdgst()\nto access memory outside the allocated area and cause memory corruptions\nby overwriting it with the calculated digest.\n\nFix this by rejecting packets with an unexpected header length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21927",
"url": "https://www.suse.com/security/cve/CVE-2025-21927"
},
{
"category": "external",
"summary": "SUSE Bug 1240714 for CVE-2025-21927",
"url": "https://bugzilla.suse.com/1240714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21927"
},
{
"cve": "CVE-2025-21928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()\n\nThe system can experience a random crash a few minutes after the driver is\nremoved. This issue occurs due to improper handling of memory freeing in\nthe ishtp_hid_remove() function.\n\nThe function currently frees the `driver_data` directly within the loop\nthat destroys the HID devices, which can lead to accessing freed memory.\nSpecifically, `hid_destroy_device()` uses `driver_data` when it calls\n`hid_ishtp_set_feature()` to power off the sensor, so freeing\n`driver_data` beforehand can result in accessing invalid memory.\n\nThis patch resolves the issue by storing the `driver_data` in a temporary\nvariable before calling `hid_destroy_device()`, and then freeing the\n`driver_data` after the device is destroyed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21928",
"url": "https://www.suse.com/security/cve/CVE-2025-21928"
},
{
"category": "external",
"summary": "SUSE Bug 1240722 for CVE-2025-21928",
"url": "https://bugzilla.suse.com/1240722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21928"
},
{
"cve": "CVE-2025-21930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don\u0027t try to talk to a dead firmware\n\nThis fixes:\n\n bad state = 0\n WARNING: CPU: 10 PID: 702 at drivers/net/wireless/inel/iwlwifi/iwl-trans.c:178 iwl_trans_send_cmd+0xba/0xe0 [iwlwifi]\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0xca/0x1c0\n ? iwl_trans_send_cmd+0xba/0xe0 [iwlwifi 64fa9ad799a0e0d2ba53d4af93a53ad9a531f8d4]\n iwl_fw_dbg_clear_monitor_buf+0xd7/0x110 [iwlwifi 64fa9ad799a0e0d2ba53d4af93a53ad9a531f8d4]\n _iwl_dbgfs_fw_dbg_clear_write+0xe2/0x120 [iwlmvm 0e8adb18cea92d2c341766bcc10b18699290068a]\n\nAsk whether the firmware is alive before sending a command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21930",
"url": "https://www.suse.com/security/cve/CVE-2025-21930"
},
{
"category": "external",
"summary": "SUSE Bug 1240715 for CVE-2025-21930",
"url": "https://bugzilla.suse.com/1240715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21930"
},
{
"cve": "CVE-2025-21931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio\n\nCommit b15c87263a69 (\"hwpoison, memory_hotplug: allow hwpoisoned pages to\nbe offlined) add page poison checks in do_migrate_range in order to make\noffline hwpoisoned page possible by introducing isolate_lru_page and\ntry_to_unmap for hwpoisoned page. However folio lock must be held before\ncalling try_to_unmap. Add it to fix this problem.\n\nWarning will be produced if folio is not locked during unmap:\n\n ------------[ cut here ]------------\n kernel BUG at ./include/linux/swapops.h:400!\n Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n Modules linked in:\n CPU: 4 UID: 0 PID: 411 Comm: bash Tainted: G W 6.13.0-rc1-00016-g3c434c7ee82a-dirty #41\n Tainted: [W]=WARN\n Hardware name: QEMU QEMU Virtual Machine, BIOS 0.0.0 02/06/2015\n pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : try_to_unmap_one+0xb08/0xd3c\n lr : try_to_unmap_one+0x3dc/0xd3c\n Call trace:\n try_to_unmap_one+0xb08/0xd3c (P)\n try_to_unmap_one+0x3dc/0xd3c (L)\n rmap_walk_anon+0xdc/0x1f8\n rmap_walk+0x3c/0x58\n try_to_unmap+0x88/0x90\n unmap_poisoned_folio+0x30/0xa8\n do_migrate_range+0x4a0/0x568\n offline_pages+0x5a4/0x670\n memory_block_action+0x17c/0x374\n memory_subsys_offline+0x3c/0x78\n device_offline+0xa4/0xd0\n state_store+0x8c/0xf0\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x44/0x54\n kernfs_fop_write_iter+0x118/0x1a8\n vfs_write+0x3a8/0x4bc\n ksys_write+0x6c/0xf8\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x44/0x100\n el0_svc_common.constprop.0+0x40/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xd0\n el0t_64_sync_handler+0xc8/0xcc\n el0t_64_sync+0x198/0x19c\n Code: f9407be0 b5fff320 d4210000 17ffff97 (d4210000)\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21931",
"url": "https://www.suse.com/security/cve/CVE-2025-21931"
},
{
"category": "external",
"summary": "SUSE Bug 1240709 for CVE-2025-21931",
"url": "https://bugzilla.suse.com/1240709"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21931"
},
{
"cve": "CVE-2025-21934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrapidio: fix an API misues when rio_add_net() fails\n\nrio_add_net() calls device_register() and fails when device_register()\nfails. Thus, put_device() should be used rather than kfree(). Add\n\"mport-\u003enet = NULL;\" to avoid a use after free issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21934",
"url": "https://www.suse.com/security/cve/CVE-2025-21934"
},
{
"category": "external",
"summary": "SUSE Bug 1240708 for CVE-2025-21934",
"url": "https://bugzilla.suse.com/1240708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21934"
},
{
"cve": "CVE-2025-21935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrapidio: add check for rio_add_net() in rio_scan_alloc_net()\n\nThe return value of rio_add_net() should be checked. If it fails,\nput_device() should be called to free the memory and give up the reference\ninitialized in rio_add_net().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21935",
"url": "https://www.suse.com/security/cve/CVE-2025-21935"
},
{
"category": "external",
"summary": "SUSE Bug 1240700 for CVE-2025-21935",
"url": "https://bugzilla.suse.com/1240700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21935"
},
{
"cve": "CVE-2025-21936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()\n\nAdd check for the return value of mgmt_alloc_skb() in\nmgmt_device_connected() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21936",
"url": "https://www.suse.com/security/cve/CVE-2025-21936"
},
{
"category": "external",
"summary": "SUSE Bug 1240716 for CVE-2025-21936",
"url": "https://bugzilla.suse.com/1240716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21936"
},
{
"cve": "CVE-2025-21937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()\n\nAdd check for the return value of mgmt_alloc_skb() in\nmgmt_remote_name() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21937",
"url": "https://www.suse.com/security/cve/CVE-2025-21937"
},
{
"category": "external",
"summary": "SUSE Bug 1240643 for CVE-2025-21937",
"url": "https://bugzilla.suse.com/1240643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21937"
},
{
"cve": "CVE-2025-21941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21941"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null check for pipe_ctx-\u003eplane_state in resource_build_scaling_params\n\nNull pointer dereference issue could occur when pipe_ctx-\u003eplane_state\nis null. The fix adds a check to ensure \u0027pipe_ctx-\u003eplane_state\u0027 is not\nnull before accessing. This prevents a null pointer dereference.\n\nFound by code review.\n\n(cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21941",
"url": "https://www.suse.com/security/cve/CVE-2025-21941"
},
{
"category": "external",
"summary": "SUSE Bug 1240701 for CVE-2025-21941",
"url": "https://bugzilla.suse.com/1240701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21941"
},
{
"cve": "CVE-2025-21943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: aggregator: protect driver attr handlers against module unload\n\nBoth new_device_store and delete_device_store touch module global\nresources (e.g. gpio_aggregator_lock). To prevent race conditions with\nmodule unload, a reference needs to be held.\n\nAdd try_module_get() in these handlers.\n\nFor new_device_store, this eliminates what appears to be the most dangerous\nscenario: if an id is allocated from gpio_aggregator_idr but\nplatform_device_register has not yet been called or completed, a concurrent\nmodule unload could fail to unregister/delete the device, leaving behind a\ndangling platform device/GPIO forwarder. This can result in various issues.\nThe following simple reproducer demonstrates these problems:\n\n #!/bin/bash\n while :; do\n # note: whether \u0027gpiochip0 0\u0027 exists or not does not matter.\n echo \u0027gpiochip0 0\u0027 \u003e /sys/bus/platform/drivers/gpio-aggregator/new_device\n done \u0026\n while :; do\n modprobe gpio-aggregator\n modprobe -r gpio-aggregator\n done \u0026\n wait\n\n Starting with the following warning, several kinds of warnings will appear\n and the system may become unstable:\n\n ------------[ cut here ]------------\n list_del corruption, ffff888103e2e980-\u003enext is LIST_POISON1 (dead000000000100)\n WARNING: CPU: 1 PID: 1327 at lib/list_debug.c:56 __list_del_entry_valid_or_report+0xa3/0x120\n [...]\n RIP: 0010:__list_del_entry_valid_or_report+0xa3/0x120\n [...]\n Call Trace:\n \u003cTASK\u003e\n ? __list_del_entry_valid_or_report+0xa3/0x120\n ? __warn.cold+0x93/0xf2\n ? __list_del_entry_valid_or_report+0xa3/0x120\n ? report_bug+0xe6/0x170\n ? __irq_work_queue_local+0x39/0xe0\n ? handle_bug+0x58/0x90\n ? exc_invalid_op+0x13/0x60\n ? asm_exc_invalid_op+0x16/0x20\n ? __list_del_entry_valid_or_report+0xa3/0x120\n gpiod_remove_lookup_table+0x22/0x60\n new_device_store+0x315/0x350 [gpio_aggregator]\n kernfs_fop_write_iter+0x137/0x1f0\n vfs_write+0x262/0x430\n ksys_write+0x60/0xd0\n do_syscall_64+0x6c/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21943",
"url": "https://www.suse.com/security/cve/CVE-2025-21943"
},
{
"category": "external",
"summary": "SUSE Bug 1240647 for CVE-2025-21943",
"url": "https://bugzilla.suse.com/1240647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21943"
},
{
"cve": "CVE-2025-21948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: appleir: Fix potential NULL dereference at raw event handle\n\nSyzkaller reports a NULL pointer dereference issue in input_event().\n\nBUG: KASAN: null-ptr-deref in instrument_atomic_read include/linux/instrumented.h:68 [inline]\nBUG: KASAN: null-ptr-deref in _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\nBUG: KASAN: null-ptr-deref in is_event_supported drivers/input/input.c:67 [inline]\nBUG: KASAN: null-ptr-deref in input_event+0x42/0xa0 drivers/input/input.c:395\nRead of size 8 at addr 0000000000000028 by task syz-executor199/2949\n\nCPU: 0 UID: 0 PID: 2949 Comm: syz-executor199 Not tainted 6.13.0-rc4-syzkaller-00076-gf097a36ef88d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n instrument_atomic_read include/linux/instrumented.h:68 [inline]\n _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n is_event_supported drivers/input/input.c:67 [inline]\n input_event+0x42/0xa0 drivers/input/input.c:395\n input_report_key include/linux/input.h:439 [inline]\n key_down drivers/hid/hid-appleir.c:159 [inline]\n appleir_raw_event+0x3e5/0x5e0 drivers/hid/hid-appleir.c:232\n __hid_input_report.constprop.0+0x312/0x440 drivers/hid/hid-core.c:2111\n hid_ctrl+0x49f/0x550 drivers/hid/usbhid/hid-core.c:484\n __usb_hcd_giveback_urb+0x389/0x6e0 drivers/usb/core/hcd.c:1650\n usb_hcd_giveback_urb+0x396/0x450 drivers/usb/core/hcd.c:1734\n dummy_timer+0x17f7/0x3960 drivers/usb/gadget/udc/dummy_hcd.c:1993\n __run_hrtimer kernel/time/hrtimer.c:1739 [inline]\n __hrtimer_run_queues+0x20a/0xae0 kernel/time/hrtimer.c:1803\n hrtimer_run_softirq+0x17d/0x350 kernel/time/hrtimer.c:1820\n handle_softirqs+0x206/0x8d0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xfa/0x160 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0x90/0xb0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702\n __mod_timer+0x8f6/0xdc0 kernel/time/timer.c:1185\n add_timer+0x62/0x90 kernel/time/timer.c:1295\n schedule_timeout+0x11f/0x280 kernel/time/sleep_timeout.c:98\n usbhid_wait_io+0x1c7/0x380 drivers/hid/usbhid/hid-core.c:645\n usbhid_init_reports+0x19f/0x390 drivers/hid/usbhid/hid-core.c:784\n hiddev_ioctl+0x1133/0x15b0 drivers/hid/usbhid/hiddev.c:794\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl fs/ioctl.c:892 [inline]\n __x64_sys_ioctl+0x190/0x200 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThis happens due to the malformed report items sent by the emulated device\nwhich results in a report, that has no fields, being added to the report list.\nDue to this appleir_input_configured() is never called, hidinput_connect()\nfails which results in the HID_CLAIMED_INPUT flag is not being set. However,\nit does not make appleir_probe() fail and lets the event callback to be\ncalled without the associated input device.\n\nThus, add a check for the HID_CLAIMED_INPUT flag and leave the event hook\nearly if the driver didn\u0027t claim any input_dev for some reason. Moreover,\nsome other hid drivers accessing input_dev in their event callbacks do have\nsimilar checks, too.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21948",
"url": "https://www.suse.com/security/cve/CVE-2025-21948"
},
{
"category": "external",
"summary": "SUSE Bug 1240703 for CVE-2025-21948",
"url": "https://bugzilla.suse.com/1240703"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21948"
},
{
"cve": "CVE-2025-21950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl\n\nIn the \"pmcmd_ioctl\" function, three memory objects allocated by\nkmalloc are initialized by \"hcall_get_cpu_state\", which are then\ncopied to user space. The initializer is indeed implemented in\n\"acrn_hypercall2\" (arch/x86/include/asm/acrn.h). There is a risk of\ninformation leakage due to uninitialized bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21950",
"url": "https://www.suse.com/security/cve/CVE-2025-21950"
},
{
"category": "external",
"summary": "SUSE Bug 1240719 for CVE-2025-21950",
"url": "https://bugzilla.suse.com/1240719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21950"
},
{
"cve": "CVE-2025-21951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock\n\nThere are multiple places from where the recovery work gets scheduled\nasynchronously. Also, there are multiple places where the caller waits\nsynchronously for the recovery to be completed. One such place is during\nthe PM shutdown() callback.\n\nIf the device is not alive during recovery_work, it will try to reset the\ndevice using pci_reset_function(). This function internally will take the\ndevice_lock() first before resetting the device. By this time, if the lock\nhas already been acquired, then recovery_work will get stalled while\nwaiting for the lock. And if the lock was already acquired by the caller\nwhich waits for the recovery_work to be completed, it will lead to\ndeadlock.\n\nThis is what happened on the X1E80100 CRD device when the device died\nbefore shutdown() callback. Driver core calls the driver\u0027s shutdown()\ncallback while holding the device_lock() leading to deadlock.\n\nAnd this deadlock scenario can occur on other paths as well, like during\nthe PM suspend() callback, where the driver core would hold the\ndevice_lock() before calling driver\u0027s suspend() callback. And if the\nrecovery_work was already started, it could lead to deadlock. This is also\nobserved on the X1E80100 CRD.\n\nSo to fix both issues, use pci_try_reset_function() in recovery_work. This\nfunction first checks for the availability of the device_lock() before\ntrying to reset the device. If the lock is available, it will acquire it\nand reset the device. Otherwise, it will return -EAGAIN. If that happens,\nrecovery_work will fail with the error message \"Recovery failed\" as not\nmuch could be done.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21951",
"url": "https://www.suse.com/security/cve/CVE-2025-21951"
},
{
"category": "external",
"summary": "SUSE Bug 1240718 for CVE-2025-21951",
"url": "https://bugzilla.suse.com/1240718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21951"
},
{
"cve": "CVE-2025-21953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: cleanup mana struct after debugfs_remove()\n\nWhen on a MANA VM hibernation is triggered, as part of hibernate_snapshot(),\nmana_gd_suspend() and mana_gd_resume() are called. If during this\nmana_gd_resume(), a failure occurs with HWC creation, mana_port_debugfs\npointer does not get reinitialized and ends up pointing to older,\ncleaned-up dentry.\nFurther in the hibernation path, as part of power_down(), mana_gd_shutdown()\nis triggered. This call, unaware of the failures in resume, tries to cleanup\nthe already cleaned up mana_port_debugfs value and hits the following bug:\n\n[ 191.359296] mana 7870:00:00.0: Shutdown was called\n[ 191.359918] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 191.360584] #PF: supervisor write access in kernel mode\n[ 191.361125] #PF: error_code(0x0002) - not-present page\n[ 191.361727] PGD 1080ea067 P4D 0\n[ 191.362172] Oops: Oops: 0002 [#1] SMP NOPTI\n[ 191.362606] CPU: 11 UID: 0 PID: 1674 Comm: bash Not tainted 6.14.0-rc5+ #2\n[ 191.363292] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/21/2024\n[ 191.364124] RIP: 0010:down_write+0x19/0x50\n[ 191.364537] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 53 48 89 fb e8 de cd ff ff 31 c0 ba 01 00 00 00 \u003cf0\u003e 48 0f b1 13 75 16 65 48 8b 05 88 24 4c 6a 48 89 43 08 48 8b 5d\n[ 191.365867] RSP: 0000:ff45fbe0c1c037b8 EFLAGS: 00010246\n[ 191.366350] RAX: 0000000000000000 RBX: 0000000000000098 RCX: ffffff8100000000\n[ 191.366951] RDX: 0000000000000001 RSI: 0000000000000064 RDI: 0000000000000098\n[ 191.367600] RBP: ff45fbe0c1c037c0 R08: 0000000000000000 R09: 0000000000000001\n[ 191.368225] R10: ff45fbe0d2b01000 R11: 0000000000000008 R12: 0000000000000000\n[ 191.368874] R13: 000000000000000b R14: ff43dc27509d67c0 R15: 0000000000000020\n[ 191.369549] FS: 00007dbc5001e740(0000) GS:ff43dc663f380000(0000) knlGS:0000000000000000\n[ 191.370213] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 191.370830] CR2: 0000000000000098 CR3: 0000000168e8e002 CR4: 0000000000b73ef0\n[ 191.371557] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 191.372192] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\n[ 191.372906] Call Trace:\n[ 191.373262] \u003cTASK\u003e\n[ 191.373621] ? show_regs+0x64/0x70\n[ 191.374040] ? __die+0x24/0x70\n[ 191.374468] ? page_fault_oops+0x290/0x5b0\n[ 191.374875] ? do_user_addr_fault+0x448/0x800\n[ 191.375357] ? exc_page_fault+0x7a/0x160\n[ 191.375971] ? asm_exc_page_fault+0x27/0x30\n[ 191.376416] ? down_write+0x19/0x50\n[ 191.376832] ? down_write+0x12/0x50\n[ 191.377232] simple_recursive_removal+0x4a/0x2a0\n[ 191.377679] ? __pfx_remove_one+0x10/0x10\n[ 191.378088] debugfs_remove+0x44/0x70\n[ 191.378530] mana_detach+0x17c/0x4f0\n[ 191.378950] ? __flush_work+0x1e2/0x3b0\n[ 191.379362] ? __cond_resched+0x1a/0x50\n[ 191.379787] mana_remove+0xf2/0x1a0\n[ 191.380193] mana_gd_shutdown+0x3b/0x70\n[ 191.380642] pci_device_shutdown+0x3a/0x80\n[ 191.381063] device_shutdown+0x13e/0x230\n[ 191.381480] kernel_power_off+0x35/0x80\n[ 191.381890] hibernate+0x3c6/0x470\n[ 191.382312] state_store+0xcb/0xd0\n[ 191.382734] kobj_attr_store+0x12/0x30\n[ 191.383211] sysfs_kf_write+0x3e/0x50\n[ 191.383640] kernfs_fop_write_iter+0x140/0x1d0\n[ 191.384106] vfs_write+0x271/0x440\n[ 191.384521] ksys_write+0x72/0xf0\n[ 191.384924] __x64_sys_write+0x19/0x20\n[ 191.385313] x64_sys_call+0x2b0/0x20b0\n[ 191.385736] do_syscall_64+0x79/0x150\n[ 191.386146] ? __mod_memcg_lruvec_state+0xe7/0x240\n[ 191.386676] ? __lruvec_stat_mod_folio+0x79/0xb0\n[ 191.387124] ? __pfx_lru_add+0x10/0x10\n[ 191.387515] ? queued_spin_unlock+0x9/0x10\n[ 191.387937] ? do_anonymous_page+0x33c/0xa00\n[ 191.388374] ? __handle_mm_fault+0xcf3/0x1210\n[ 191.388805] ? __count_memcg_events+0xbe/0x180\n[ 191.389235] ? handle_mm_fault+0xae/0x300\n[ 19\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21953",
"url": "https://www.suse.com/security/cve/CVE-2025-21953"
},
{
"category": "external",
"summary": "SUSE Bug 1240727 for CVE-2025-21953",
"url": "https://bugzilla.suse.com/1240727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21953"
},
{
"cve": "CVE-2025-21956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Assign normalized_pix_clk when color depth = 14\n\n[WHY \u0026 HOW]\nA warning message \"WARNING: CPU: 4 PID: 459 at ... /dc_resource.c:3397\ncalculate_phy_pix_clks+0xef/0x100 [amdgpu]\" occurs because the\ndisplay_color_depth == COLOR_DEPTH_141414 is not handled. This is\nobserved in Radeon RX 6600 XT.\n\nIt is fixed by assigning pix_clk * (14 * 3) / 24 - same as the rests.\n\nAlso fixes the indentation in get_norm_pix_clk.\n\n(cherry picked from commit 274a87eb389f58eddcbc5659ab0b180b37e92775)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21956",
"url": "https://www.suse.com/security/cve/CVE-2025-21956"
},
{
"category": "external",
"summary": "SUSE Bug 1240739 for CVE-2025-21956",
"url": "https://bugzilla.suse.com/1240739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21956"
},
{
"cve": "CVE-2025-21957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla1280: Fix kernel oops when debug level \u003e 2\n\nA null dereference or oops exception will eventually occur when qla1280.c\ndriver is compiled with DEBUG_QLA1280 enabled and ql_debug_level \u003e 2. I\nthink its clear from the code that the intention here is sg_dma_len(s) not\nlength of sg_next(s) when printing the debug info.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21957",
"url": "https://www.suse.com/security/cve/CVE-2025-21957"
},
{
"category": "external",
"summary": "SUSE Bug 1240742 for CVE-2025-21957",
"url": "https://bugzilla.suse.com/1240742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21957"
},
{
"cve": "CVE-2025-21960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: do not update checksum in bnxt_xdp_build_skb()\n\nThe bnxt_rx_pkt() updates ip_summed value at the end if checksum offload\nis enabled.\nWhen the XDP-MB program is attached and it returns XDP_PASS, the\nbnxt_xdp_build_skb() is called to update skb_shared_info.\nThe main purpose of bnxt_xdp_build_skb() is to update skb_shared_info,\nbut it updates ip_summed value too if checksum offload is enabled.\nThis is actually duplicate work.\n\nWhen the bnxt_rx_pkt() updates ip_summed value, it checks if ip_summed\nis CHECKSUM_NONE or not.\nIt means that ip_summed should be CHECKSUM_NONE at this moment.\nBut ip_summed may already be updated to CHECKSUM_UNNECESSARY in the\nXDP-MB-PASS path.\nSo the by skb_checksum_none_assert() WARNS about it.\n\nThis is duplicate work and updating ip_summed in the\nbnxt_xdp_build_skb() is not needed.\n\nSplat looks like:\nWARNING: CPU: 3 PID: 5782 at ./include/linux/skbuff.h:5155 bnxt_rx_pkt+0x479b/0x7610 [bnxt_en]\nModules linked in: bnxt_re bnxt_en rdma_ucm rdma_cm iw_cm ib_cm ib_uverbs veth xt_nat xt_tcpudp xt_conntrack nft_chain_nat xt_MASQUERADE nf_]\nCPU: 3 UID: 0 PID: 5782 Comm: socat Tainted: G W 6.14.0-rc4+ #27\nTainted: [W]=WARN\nHardware name: ASUS System Product Name/PRIME Z690-P D4, BIOS 0603 11/01/2021\nRIP: 0010:bnxt_rx_pkt+0x479b/0x7610 [bnxt_en]\nCode: 54 24 0c 4c 89 f1 4c 89 ff c1 ea 1f ff d3 0f 1f 00 49 89 c6 48 85 c0 0f 84 4c e5 ff ff 48 89 c7 e8 ca 3d a0 c8 e9 8f f4 ff ff \u003c0f\u003e 0b f\nRSP: 0018:ffff88881ba09928 EFLAGS: 00010202\nRAX: 0000000000000000 RBX: 00000000c7590303 RCX: 0000000000000000\nRDX: 1ffff1104e7d1610 RSI: 0000000000000001 RDI: ffff8881c91300b8\nRBP: ffff88881ba09b28 R08: ffff888273e8b0d0 R09: ffff888273e8b070\nR10: ffff888273e8b010 R11: ffff888278b0f000 R12: ffff888273e8b080\nR13: ffff8881c9130e00 R14: ffff8881505d3800 R15: ffff888273e8b000\nFS: 00007f5a2e7be080(0000) GS:ffff88881ba00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fff2e708ff8 CR3: 000000013e3b0000 CR4: 00000000007506f0\nPKRU: 55555554\nCall Trace:\n \u003cIRQ\u003e\n ? __warn+0xcd/0x2f0\n ? bnxt_rx_pkt+0x479b/0x7610\n ? report_bug+0x326/0x3c0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x14/0x50\n ? asm_exc_invalid_op+0x16/0x20\n ? bnxt_rx_pkt+0x479b/0x7610\n ? bnxt_rx_pkt+0x3e41/0x7610\n ? __pfx_bnxt_rx_pkt+0x10/0x10\n ? napi_complete_done+0x2cf/0x7d0\n __bnxt_poll_work+0x4e8/0x1220\n ? __pfx___bnxt_poll_work+0x10/0x10\n ? __pfx_mark_lock.part.0+0x10/0x10\n bnxt_poll_p5+0x36a/0xfa0\n ? __pfx_bnxt_poll_p5+0x10/0x10\n __napi_poll.constprop.0+0xa0/0x440\n net_rx_action+0x899/0xd00\n...\n\nFollowing ping.py patch adds xdp-mb-pass case. so ping.py is going\nto be able to reproduce this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21960",
"url": "https://www.suse.com/security/cve/CVE-2025-21960"
},
{
"category": "external",
"summary": "SUSE Bug 1240815 for CVE-2025-21960",
"url": "https://bugzilla.suse.com/1240815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21960"
},
{
"cve": "CVE-2025-21961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix truesize for mb-xdp-pass case\n\nWhen mb-xdp is set and return is XDP_PASS, packet is converted from\nxdp_buff to sk_buff with xdp_update_skb_shared_info() in\nbnxt_xdp_build_skb().\nbnxt_xdp_build_skb() passes incorrect truesize argument to\nxdp_update_skb_shared_info().\nThe truesize is calculated as BNXT_RX_PAGE_SIZE * sinfo-\u003enr_frags but\nthe skb_shared_info was wiped by napi_build_skb() before.\nSo it stores sinfo-\u003enr_frags before bnxt_xdp_build_skb() and use it\ninstead of getting skb_shared_info from xdp_get_shared_info_from_buff().\n\nSplat looks like:\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 0 at net/core/skbuff.c:6072 skb_try_coalesce+0x504/0x590\n Modules linked in: xt_nat xt_tcpudp veth af_packet xt_conntrack nft_chain_nat xt_MASQUERADE nf_conntrack_netlink xfrm_user xt_addrtype nft_coms\n CPU: 2 UID: 0 PID: 0 Comm: swapper/2 Not tainted 6.14.0-rc2+ #3\n RIP: 0010:skb_try_coalesce+0x504/0x590\n Code: 4b fd ff ff 49 8b 34 24 40 80 e6 40 0f 84 3d fd ff ff 49 8b 74 24 48 40 f6 c6 01 0f 84 2e fd ff ff 48 8d 4e ff e9 25 fd ff ff \u003c0f\u003e 0b e99\n RSP: 0018:ffffb62c4120caa8 EFLAGS: 00010287\n RAX: 0000000000000003 RBX: ffffb62c4120cb14 RCX: 0000000000000ec0\n RDX: 0000000000001000 RSI: ffffa06e5d7dc000 RDI: 0000000000000003\n RBP: ffffa06e5d7ddec0 R08: ffffa06e6120a800 R09: ffffa06e7a119900\n R10: 0000000000002310 R11: ffffa06e5d7dcec0 R12: ffffe4360575f740\n R13: ffffe43600000000 R14: 0000000000000002 R15: 0000000000000002\n FS: 0000000000000000(0000) GS:ffffa0755f700000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f147b76b0f8 CR3: 00000001615d4000 CR4: 00000000007506f0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? __warn+0x84/0x130\n ? skb_try_coalesce+0x504/0x590\n ? report_bug+0x18a/0x1a0\n ? handle_bug+0x53/0x90\n ? exc_invalid_op+0x14/0x70\n ? asm_exc_invalid_op+0x16/0x20\n ? skb_try_coalesce+0x504/0x590\n inet_frag_reasm_finish+0x11f/0x2e0\n ip_defrag+0x37a/0x900\n ip_local_deliver+0x51/0x120\n ip_sublist_rcv_finish+0x64/0x70\n ip_sublist_rcv+0x179/0x210\n ip_list_rcv+0xf9/0x130\n\nHow to reproduce:\n\u003cNode A\u003e\nip link set $interface1 xdp obj xdp_pass.o\nip link set $interface1 mtu 9000 up\nip a a 10.0.0.1/24 dev $interface1\n\u003cNode B\u003e\nip link set $interfac2 mtu 9000 up\nip a a 10.0.0.2/24 dev $interface2\nping 10.0.0.1 -s 65000\n\nFollowing ping.py patch adds xdp-mb-pass case. so ping.py is going to be\nable to reproduce this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21961",
"url": "https://www.suse.com/security/cve/CVE-2025-21961"
},
{
"category": "external",
"summary": "SUSE Bug 1240816 for CVE-2025-21961",
"url": "https://bugzilla.suse.com/1240816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21961"
},
{
"cve": "CVE-2025-21962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21962"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing closetimeo mount option\n\nUser-provided mount parameter closetimeo of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21962",
"url": "https://www.suse.com/security/cve/CVE-2025-21962"
},
{
"category": "external",
"summary": "SUSE Bug 1240655 for CVE-2025-21962",
"url": "https://bugzilla.suse.com/1240655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21962"
},
{
"cve": "CVE-2025-21963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing acdirmax mount option\n\nUser-provided mount parameter acdirmax of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21963",
"url": "https://www.suse.com/security/cve/CVE-2025-21963"
},
{
"category": "external",
"summary": "SUSE Bug 1240717 for CVE-2025-21963",
"url": "https://bugzilla.suse.com/1240717"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21963"
},
{
"cve": "CVE-2025-21964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing acregmax mount option\n\nUser-provided mount parameter acregmax of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21964",
"url": "https://www.suse.com/security/cve/CVE-2025-21964"
},
{
"category": "external",
"summary": "SUSE Bug 1240740 for CVE-2025-21964",
"url": "https://bugzilla.suse.com/1240740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21964"
},
{
"cve": "CVE-2025-21966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21966"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-flakey: Fix memory corruption in optional corrupt_bio_byte feature\n\nFix memory corruption due to incorrect parameter being passed to bio_init",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21966",
"url": "https://www.suse.com/security/cve/CVE-2025-21966"
},
{
"category": "external",
"summary": "SUSE Bug 1240779 for CVE-2025-21966",
"url": "https://bugzilla.suse.com/1240779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21966"
},
{
"cve": "CVE-2025-21968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free on hdcp_work\n\n[Why]\nA slab-use-after-free is reported when HDCP is destroyed but the\nproperty_validate_dwork queue is still running.\n\n[How]\nCancel the delayed work when destroying workqueue.\n\n(cherry picked from commit 725a04ba5a95e89c89633d4322430cfbca7ce128)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21968",
"url": "https://www.suse.com/security/cve/CVE-2025-21968"
},
{
"category": "external",
"summary": "SUSE Bug 1240783 for CVE-2025-21968",
"url": "https://bugzilla.suse.com/1240783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21968"
},
{
"cve": "CVE-2025-21969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd\n\nAfter the hci sync command releases l2cap_conn, the hci receive data work\nqueue references the released l2cap_conn when sending to the upper layer.\nAdd hci dev lock to the hci receive data work queue to synchronize the two.\n\n[1]\nBUG: KASAN: slab-use-after-free in l2cap_send_cmd+0x187/0x8d0 net/bluetooth/l2cap_core.c:954\nRead of size 8 at addr ffff8880271a4000 by task kworker/u9:2/5837\n\nCPU: 0 UID: 0 PID: 5837 Comm: kworker/u9:2 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci1 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n l2cap_build_cmd net/bluetooth/l2cap_core.c:2964 [inline]\n l2cap_send_cmd+0x187/0x8d0 net/bluetooth/l2cap_core.c:954\n l2cap_sig_send_rej net/bluetooth/l2cap_core.c:5502 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5538 [inline]\n l2cap_recv_frame+0x221f/0x10db0 net/bluetooth/l2cap_core.c:6817\n hci_acldata_packet net/bluetooth/hci_core.c:3797 [inline]\n hci_rx_work+0x508/0xdb0 net/bluetooth/hci_core.c:4040\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nAllocated by task 5837:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n l2cap_conn_add+0xa9/0x8e0 net/bluetooth/l2cap_core.c:6860\n l2cap_connect_cfm+0x115/0x1090 net/bluetooth/l2cap_core.c:7239\n hci_connect_cfm include/net/bluetooth/hci_core.h:2057 [inline]\n hci_remote_features_evt+0x68e/0xac0 net/bluetooth/hci_event.c:3726\n hci_event_func net/bluetooth/hci_event.c:7473 [inline]\n hci_event_packet+0xac2/0x1540 net/bluetooth/hci_event.c:7525\n hci_rx_work+0x3f3/0xdb0 net/bluetooth/hci_core.c:4035\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nFreed by task 54:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n l2cap_connect_cfm+0xcc/0x1090 net/bluetooth/l2cap_core.c:7235\n hci_connect_cfm include/net/bluetooth/hci_core.h:2057 [inline]\n hci_conn_failed+0x287/0x400 net/bluetooth/hci_conn.c:1266\n hci_abort_conn_sync+0x56c/0x11f0 net/bluetooth/hci_sync.c:5603\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21969",
"url": "https://www.suse.com/security/cve/CVE-2025-21969"
},
{
"category": "external",
"summary": "SUSE Bug 1240784 for CVE-2025-21969",
"url": "https://bugzilla.suse.com/1240784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21969"
},
{
"cve": "CVE-2025-21970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Bridge, fix the crash caused by LAG state check\n\nWhen removing LAG device from bridge, NETDEV_CHANGEUPPER event is\ntriggered. Driver finds the lower devices (PFs) to flush all the\noffloaded entries. And mlx5_lag_is_shared_fdb is checked, it returns\nfalse if one of PF is unloaded. In such case,\nmlx5_esw_bridge_lag_rep_get() and its caller return NULL, instead of\nthe alive PF, and the flush is skipped.\n\nBesides, the bridge fdb entry\u0027s lastuse is updated in mlx5 bridge\nevent handler. But this SWITCHDEV_FDB_ADD_TO_BRIDGE event can be\nignored in this case because the upper interface for bond is deleted,\nand the entry will never be aged because lastuse is never updated.\n\nTo make things worse, as the entry is alive, mlx5 bridge workqueue\nkeeps sending that event, which is then handled by kernel bridge\nnotifier. It causes the following crash when accessing the passed bond\nnetdev which is already destroyed.\n\nTo fix this issue, remove such checks. LAG state is already checked in\ncommit 15f8f168952f (\"net/mlx5: Bridge, verify LAG state when adding\nbond to bridge\"), driver still need to skip offload if LAG becomes\ninvalid state after initialization.\n\n Oops: stack segment: 0000 [#1] SMP\n CPU: 3 UID: 0 PID: 23695 Comm: kworker/u40:3 Tainted: G OE 6.11.0_mlnx #1\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: mlx5_bridge_wq mlx5_esw_bridge_update_work [mlx5_core]\n RIP: 0010:br_switchdev_event+0x2c/0x110 [bridge]\n Code: 44 00 00 48 8b 02 48 f7 00 00 02 00 00 74 69 41 54 55 53 48 83 ec 08 48 8b a8 08 01 00 00 48 85 ed 74 4a 48 83 fe 02 48 89 d3 \u003c4c\u003e 8b 65 00 74 23 76 49 48 83 fe 05 74 7e 48 83 fe 06 75 2f 0f b7\n RSP: 0018:ffffc900092cfda0 EFLAGS: 00010297\n RAX: ffff888123bfe000 RBX: ffffc900092cfe08 RCX: 00000000ffffffff\n RDX: ffffc900092cfe08 RSI: 0000000000000001 RDI: ffffffffa0c585f0\n RBP: 6669746f6e690a30 R08: 0000000000000000 R09: ffff888123ae92c8\n R10: 0000000000000000 R11: fefefefefefefeff R12: ffff888123ae9c60\n R13: 0000000000000001 R14: ffffc900092cfe08 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff88852c980000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f15914c8734 CR3: 0000000002830005 CR4: 0000000000770ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die_body+0x1a/0x60\n ? die+0x38/0x60\n ? do_trap+0x10b/0x120\n ? do_error_trap+0x64/0xa0\n ? exc_stack_segment+0x33/0x50\n ? asm_exc_stack_segment+0x22/0x30\n ? br_switchdev_event+0x2c/0x110 [bridge]\n ? sched_balance_newidle.isra.149+0x248/0x390\n notifier_call_chain+0x4b/0xa0\n atomic_notifier_call_chain+0x16/0x20\n mlx5_esw_bridge_update+0xec/0x170 [mlx5_core]\n mlx5_esw_bridge_update_work+0x19/0x40 [mlx5_core]\n process_scheduled_works+0x81/0x390\n worker_thread+0x106/0x250\n ? bh_worker+0x110/0x110\n kthread+0xb7/0xe0\n ? kthread_park+0x80/0x80\n ret_from_fork+0x2d/0x50\n ? kthread_park+0x80/0x80\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21970",
"url": "https://www.suse.com/security/cve/CVE-2025-21970"
},
{
"category": "external",
"summary": "SUSE Bug 1240819 for CVE-2025-21970",
"url": "https://bugzilla.suse.com/1240819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21970"
},
{
"cve": "CVE-2025-21971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: Prevent creation of classes with TC_H_ROOT\n\nThe function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination\ncondition when traversing up the qdisc tree to update parent backlog\ncounters. However, if a class is created with classid TC_H_ROOT, the\ntraversal terminates prematurely at this class instead of reaching the\nactual root qdisc, causing parent statistics to be incorrectly maintained.\nIn case of DRR, this could lead to a crash as reported by Mingi Cho.\n\nPrevent the creation of any Qdisc class with classid TC_H_ROOT\n(0xFFFFFFFF) across all qdisc types, as suggested by Jamal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21971",
"url": "https://www.suse.com/security/cve/CVE-2025-21971"
},
{
"category": "external",
"summary": "SUSE Bug 1240799 for CVE-2025-21971",
"url": "https://bugzilla.suse.com/1240799"
},
{
"category": "external",
"summary": "SUSE Bug 1245794 for CVE-2025-21971",
"url": "https://bugzilla.suse.com/1245794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-21971"
},
{
"cve": "CVE-2025-21972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: unshare packets when reassembling\n\nEnsure that the frag_list used for reassembly isn\u0027t shared with other\npackets. This avoids incorrect reassembly when packets are cloned, and\nprevents a memory leak due to circular references between fragments and\ntheir skb_shared_info.\n\nThe upcoming MCTP-over-USB driver uses skb_clone which can trigger the\nproblem - other MCTP drivers don\u0027t share SKBs.\n\nA kunit test is added to reproduce the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21972",
"url": "https://www.suse.com/security/cve/CVE-2025-21972"
},
{
"category": "external",
"summary": "SUSE Bug 1240813 for CVE-2025-21972",
"url": "https://bugzilla.suse.com/1240813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21972"
},
{
"cve": "CVE-2025-21975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21975"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: handle errors in mlx5_chains_create_table()\n\nIn mlx5_chains_create_table(), the return value of mlx5_get_fdb_sub_ns()\nand mlx5_get_flow_namespace() must be checked to prevent NULL pointer\ndereferences. If either function fails, the function should log error\nmessage with mlx5_core_warn() and return error pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21975",
"url": "https://www.suse.com/security/cve/CVE-2025-21975"
},
{
"category": "external",
"summary": "SUSE Bug 1240812 for CVE-2025-21975",
"url": "https://bugzilla.suse.com/1240812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21975"
},
{
"cve": "CVE-2025-21978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/hyperv: Fix address space leak when Hyper-V DRM device is removed\n\nWhen a Hyper-V DRM device is probed, the driver allocates MMIO space for\nthe vram, and maps it cacheable. If the device removed, or in the error\npath for device probing, the MMIO space is released but no unmap is done.\nConsequently the kernel address space for the mapping is leaked.\n\nFix this by adding iounmap() calls in the device removal path, and in the\nerror path during device probing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21978",
"url": "https://www.suse.com/security/cve/CVE-2025-21978"
},
{
"category": "external",
"summary": "SUSE Bug 1240806 for CVE-2025-21978",
"url": "https://bugzilla.suse.com/1240806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21978"
},
{
"cve": "CVE-2025-21979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: cancel wiphy_work before freeing wiphy\n\nA wiphy_work can be queued from the moment the wiphy is allocated and\ninitialized (i.e. wiphy_new_nm). When a wiphy_work is queued, the\nrdev::wiphy_work is getting queued.\n\nIf wiphy_free is called before the rdev::wiphy_work had a chance to run,\nthe wiphy memory will be freed, and then when it eventally gets to run\nit\u0027ll use invalid memory.\n\nFix this by canceling the work before freeing the wiphy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21979",
"url": "https://www.suse.com/security/cve/CVE-2025-21979"
},
{
"category": "external",
"summary": "SUSE Bug 1240808 for CVE-2025-21979",
"url": "https://bugzilla.suse.com/1240808"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21979"
},
{
"cve": "CVE-2025-21980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: address a potential NULL pointer dereference in the GRED scheduler.\n\nIf kzalloc in gred_init returns a NULL pointer, the code follows the\nerror handling path, invoking gred_destroy. This, in turn, calls\ngred_offload, where memset could receive a NULL pointer as input,\npotentially leading to a kernel crash.\n\nWhen table-\u003eopt is NULL in gred_init(), gred_change_table_def()\nis not called yet, so it is not necessary to call -\u003endo_setup_tc()\nin gred_offload().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21980",
"url": "https://www.suse.com/security/cve/CVE-2025-21980"
},
{
"category": "external",
"summary": "SUSE Bug 1240809 for CVE-2025-21980",
"url": "https://bugzilla.suse.com/1240809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21980"
},
{
"cve": "CVE-2025-21981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix memory leak in aRFS after reset\n\nFix aRFS (accelerated Receive Flow Steering) structures memory leak by\nadding a checker to verify if aRFS memory is already allocated while\nconfiguring VSI. aRFS objects are allocated in two cases:\n- as part of VSI initialization (at probe), and\n- as part of reset handling\n\nHowever, VSI reconfiguration executed during reset involves memory\nallocation one more time, without prior releasing already allocated\nresources. This led to the memory leak with the following signature:\n\n[root@os-delivery ~]# cat /sys/kernel/debug/kmemleak\nunreferenced object 0xff3c1ca7252e6000 (size 8192):\n comm \"kworker/0:0\", pid 8, jiffies 4296833052\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 0):\n [\u003cffffffff991ec485\u003e] __kmalloc_cache_noprof+0x275/0x340\n [\u003cffffffffc0a6e06a\u003e] ice_init_arfs+0x3a/0xe0 [ice]\n [\u003cffffffffc09f1027\u003e] ice_vsi_cfg_def+0x607/0x850 [ice]\n [\u003cffffffffc09f244b\u003e] ice_vsi_setup+0x5b/0x130 [ice]\n [\u003cffffffffc09c2131\u003e] ice_init+0x1c1/0x460 [ice]\n [\u003cffffffffc09c64af\u003e] ice_probe+0x2af/0x520 [ice]\n [\u003cffffffff994fbcd3\u003e] local_pci_probe+0x43/0xa0\n [\u003cffffffff98f07103\u003e] work_for_cpu_fn+0x13/0x20\n [\u003cffffffff98f0b6d9\u003e] process_one_work+0x179/0x390\n [\u003cffffffff98f0c1e9\u003e] worker_thread+0x239/0x340\n [\u003cffffffff98f14abc\u003e] kthread+0xcc/0x100\n [\u003cffffffff98e45a6d\u003e] ret_from_fork+0x2d/0x50\n [\u003cffffffff98e083ba\u003e] ret_from_fork_asm+0x1a/0x30\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21981",
"url": "https://www.suse.com/security/cve/CVE-2025-21981"
},
{
"category": "external",
"summary": "SUSE Bug 1240612 for CVE-2025-21981",
"url": "https://bugzilla.suse.com/1240612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21981"
},
{
"cve": "CVE-2025-21985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix out-of-bound accesses\n\n[WHAT \u0026 HOW]\nhpo_stream_to_link_encoder_mapping has size MAX_HPO_DP2_ENCODERS(=4),\nbut location can have size up to 6. As a result, it is necessary to\ncheck location against MAX_HPO_DP2_ENCODERS.\n\nSimiliarly, disp_cfg_stream_location can be used as an array index which\nshould be 0..5, so the ASSERT\u0027s conditions should be less without equal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21985",
"url": "https://www.suse.com/security/cve/CVE-2025-21985"
},
{
"category": "external",
"summary": "SUSE Bug 1240811 for CVE-2025-21985",
"url": "https://bugzilla.suse.com/1240811"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21985"
},
{
"cve": "CVE-2025-21991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21991"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes\n\nCurrently, load_microcode_amd() iterates over all NUMA nodes, retrieves their\nCPU masks and unconditionally accesses per-CPU data for the first CPU of each\nmask.\n\nAccording to Documentation/admin-guide/mm/numaperf.rst:\n\n \"Some memory may share the same node as a CPU, and others are provided as\n memory only nodes.\"\n\nTherefore, some node CPU masks may be empty and wouldn\u0027t have a \"first CPU\".\n\nOn a machine with far memory (and therefore CPU-less NUMA nodes):\n- cpumask_of_node(nid) is 0\n- cpumask_first(0) is CONFIG_NR_CPUS\n- cpu_data(CONFIG_NR_CPUS) accesses the cpu_info per-CPU array at an\n index that is 1 out of bounds\n\nThis does not have any security implications since flashing microcode is\na privileged operation but I believe this has reliability implications by\npotentially corrupting memory while flashing a microcode update.\n\nWhen booting with CONFIG_UBSAN_BOUNDS=y on an AMD machine that flashes\na microcode update. I get the following splat:\n\n UBSAN: array-index-out-of-bounds in arch/x86/kernel/cpu/microcode/amd.c:X:Y\n index 512 is out of range for type \u0027unsigned long[512]\u0027\n [...]\n Call Trace:\n dump_stack\n __ubsan_handle_out_of_bounds\n load_microcode_amd\n request_microcode_amd\n reload_store\n kernfs_fop_write_iter\n vfs_write\n ksys_write\n do_syscall_64\n entry_SYSCALL_64_after_hwframe\n\nChange the loop to go over only NUMA nodes which have CPUs before determining\nwhether the first CPU on the respective node needs microcode update.\n\n [ bp: Massage commit message, fix typo. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21991",
"url": "https://www.suse.com/security/cve/CVE-2025-21991"
},
{
"category": "external",
"summary": "SUSE Bug 1240795 for CVE-2025-21991",
"url": "https://bugzilla.suse.com/1240795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21991"
},
{
"cve": "CVE-2025-21992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: ignore non-functional sensor in HP 5MP Camera\n\nThe HP 5MP Camera (USB ID 0408:5473) reports a HID sensor interface that\nis not actually implemented. Attempting to access this non-functional\nsensor via iio_info causes system hangs as runtime PM tries to wake up\nan unresponsive sensor.\n\n [453] hid-sensor-hub 0003:0408:5473.0003: Report latency attributes: ffffffff:ffffffff\n [453] hid-sensor-hub 0003:0408:5473.0003: common attributes: 5:1, 2:1, 3:1 ffffffff:ffffffff\n\nAdd this device to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21992",
"url": "https://www.suse.com/security/cve/CVE-2025-21992"
},
{
"category": "external",
"summary": "SUSE Bug 1240796 for CVE-2025-21992",
"url": "https://bugzilla.suse.com/1240796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21992"
},
{
"cve": "CVE-2025-21993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()\n\nWhen performing an iSCSI boot using IPv6, iscsistart still reads the\n/sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix\nlength is 64, this causes the shift exponent to become negative,\ntriggering a UBSAN warning. As the concept of a subnet mask does not\napply to IPv6, the value is set to ~0 to suppress the warning message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21993",
"url": "https://www.suse.com/security/cve/CVE-2025-21993"
},
{
"category": "external",
"summary": "SUSE Bug 1240797 for CVE-2025-21993",
"url": "https://bugzilla.suse.com/1240797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21993"
},
{
"cve": "CVE-2025-21995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Fix fence reference count leak\n\nThe last_scheduled fence leaks when an entity is being killed and adding\nthe cleanup callback fails.\n\nDecrement the reference count of prev when dma_fence_add_callback()\nfails, ensuring proper balance.\n\n[phasta: add git tag info for stable kernel]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21995",
"url": "https://www.suse.com/security/cve/CVE-2025-21995"
},
{
"category": "external",
"summary": "SUSE Bug 1240821 for CVE-2025-21995",
"url": "https://bugzilla.suse.com/1240821"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21995"
},
{
"cve": "CVE-2025-21996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix uninitialized size issue in radeon_vce_cs_parse()\n\nOn the off chance that command stream passed from userspace via\nioctl() call to radeon_vce_cs_parse() is weirdly crafted and\nfirst command to execute is to encode (case 0x03000001), the function\nin question will attempt to call radeon_vce_cs_reloc() with size\nargument that has not been properly initialized. Specifically, \u0027size\u0027\nwill point to \u0027tmp\u0027 variable before the latter had a chance to be\nassigned any value.\n\nPlay it safe and init \u0027tmp\u0027 with 0, thus ensuring that\nradeon_vce_cs_reloc() will catch an early error in cases like these.\n\nFound by Linux Verification Center (linuxtesting.org) with static\nanalysis tool SVACE.\n\n(cherry picked from commit 2d52de55f9ee7aaee0e09ac443f77855989c6b68)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21996",
"url": "https://www.suse.com/security/cve/CVE-2025-21996"
},
{
"category": "external",
"summary": "SUSE Bug 1240801 for CVE-2025-21996",
"url": "https://bugzilla.suse.com/1240801"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21996"
},
{
"cve": "CVE-2025-21999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nproc: fix UAF in proc_get_inode()\n\nFix race between rmmod and /proc/XXX\u0027s inode instantiation.\n\nThe bug is that pde-\u003eproc_ops don\u0027t belong to /proc, it belongs to a\nmodule, therefore dereferencing it after /proc entry has been registered\nis a bug unless use_pde/unuse_pde() pair has been used.\n\nuse_pde/unuse_pde can be avoided (2 atomic ops!) because pde-\u003eproc_ops\nnever changes so information necessary for inode instantiation can be\nsaved _before_ proc_register() in PDE itself and used later, avoiding\npde-\u003eproc_ops-\u003e... dereference.\n\n rmmod lookup\nsys_delete_module\n proc_lookup_de\n\t\t\t pde_get(de);\n\t\t\t proc_get_inode(dir-\u003ei_sb, de);\n mod-\u003eexit()\n proc_remove\n remove_proc_subtree\n proc_entry_rundown(de);\n free_module(mod);\n\n if (S_ISREG(inode-\u003ei_mode))\n\t if (de-\u003eproc_ops-\u003eproc_read_iter)\n --\u003e As module is already freed, will trigger UAF\n\nBUG: unable to handle page fault for address: fffffbfff80a702b\nPGD 817fc4067 P4D 817fc4067 PUD 817fc0067 PMD 102ef4067 PTE 0\nOops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 26 UID: 0 PID: 2667 Comm: ls Tainted: G\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nRIP: 0010:proc_get_inode+0x302/0x6e0\nRSP: 0018:ffff88811c837998 EFLAGS: 00010a06\nRAX: dffffc0000000000 RBX: ffffffffc0538140 RCX: 0000000000000007\nRDX: 1ffffffff80a702b RSI: 0000000000000001 RDI: ffffffffc0538158\nRBP: ffff8881299a6000 R08: 0000000067bbe1e5 R09: 1ffff11023906f20\nR10: ffffffffb560ca07 R11: ffffffffb2b43a58 R12: ffff888105bb78f0\nR13: ffff888100518048 R14: ffff8881299a6004 R15: 0000000000000001\nFS: 00007f95b9686840(0000) GS:ffff8883af100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: fffffbfff80a702b CR3: 0000000117dd2000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n proc_lookup_de+0x11f/0x2e0\n __lookup_slow+0x188/0x350\n walk_component+0x2ab/0x4f0\n path_lookupat+0x120/0x660\n filename_lookup+0x1ce/0x560\n vfs_statx+0xac/0x150\n __do_sys_newstat+0x96/0x110\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n[adobriyan@gmail.com: don\u0027t do 2 atomic ops on the common path]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21999",
"url": "https://www.suse.com/security/cve/CVE-2025-21999"
},
{
"category": "external",
"summary": "SUSE Bug 1240802 for CVE-2025-21999",
"url": "https://bugzilla.suse.com/1240802"
},
{
"category": "external",
"summary": "SUSE Bug 1242579 for CVE-2025-21999",
"url": "https://bugzilla.suse.com/1242579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-21999"
},
{
"cve": "CVE-2025-22001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/qaic: Fix integer overflow in qaic_validate_req()\n\nThese are u64 variables that come from the user via\nqaic_attach_slice_bo_ioctl(). Use check_add_overflow() to ensure that\nthe math doesn\u0027t have an integer wrapping bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22001",
"url": "https://www.suse.com/security/cve/CVE-2025-22001"
},
{
"category": "external",
"summary": "SUSE Bug 1240873 for CVE-2025-22001",
"url": "https://bugzilla.suse.com/1240873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22001"
},
{
"cve": "CVE-2025-22003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22003"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ucan: fix out of bound read in strscpy() source\n\nCommit 7fdaf8966aae (\"can: ucan: use strscpy() to instead of strncpy()\")\nunintentionally introduced a one byte out of bound read on strscpy()\u0027s\nsource argument (which is kind of ironic knowing that strscpy() is meant\nto be a more secure alternative :)).\n\nLet\u0027s consider below buffers:\n\n dest[len + 1]; /* will be NUL terminated */\n src[len]; /* may not be NUL terminated */\n\nWhen doing:\n\n strncpy(dest, src, len);\n dest[len] = \u0027\\0\u0027;\n\nstrncpy() will read up to len bytes from src.\n\nOn the other hand:\n\n strscpy(dest, src, len + 1);\n\nwill read up to len + 1 bytes from src, that is to say, an out of bound\nread of one byte will occur on src if it is not NUL terminated. Note\nthat the src[len] byte is never copied, but strscpy() still needs to\nread it to check whether a truncation occurred or not.\n\nThis exact pattern happened in ucan.\n\nThe root cause is that the source is not NUL terminated. Instead of\ndoing a copy in a local buffer, directly NUL terminate it as soon as\nusb_control_msg() returns. With this, the local firmware_str[] variable\ncan be removed.\n\nOn top of this do a couple refactors:\n\n - ucan_ctl_payload-\u003eraw is only used for the firmware string, so\n rename it to ucan_ctl_payload-\u003efw_str and change its type from u8 to\n char.\n\n - ucan_device_request_in() is only used to retrieve the firmware\n string, so rename it to ucan_get_fw_str() and refactor it to make it\n directly handle all the string termination logic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22003",
"url": "https://www.suse.com/security/cve/CVE-2025-22003"
},
{
"category": "external",
"summary": "SUSE Bug 1240825 for CVE-2025-22003",
"url": "https://bugzilla.suse.com/1240825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22003"
},
{
"cve": "CVE-2025-22004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atm: fix use after free in lec_send()\n\nThe -\u003esend() operation frees skb so save the length before calling\n-\u003esend() to avoid a use after free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22004",
"url": "https://www.suse.com/security/cve/CVE-2025-22004"
},
{
"category": "external",
"summary": "SUSE Bug 1240835 for CVE-2025-22004",
"url": "https://bugzilla.suse.com/1240835"
},
{
"category": "external",
"summary": "SUSE Bug 1241090 for CVE-2025-22004",
"url": "https://bugzilla.suse.com/1241090"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-22004"
},
{
"cve": "CVE-2025-22005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().\n\nfib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything\nwhen it fails.\n\nCommit 7dd73168e273 (\"ipv6: Always allocate pcpu memory in a fib6_nh\")\nmoved fib_nh_common_init() before alloc_percpu_gfp() within fib6_nh_init()\nbut forgot to add cleanup for fib6_nh-\u003enh_common.nhc_pcpu_rth_output in\ncase it fails to allocate fib6_nh-\u003ert6i_pcpu, resulting in memleak.\n\nLet\u0027s call fib_nh_common_release() and clear nhc_pcpu_rth_output in the\nerror path.\n\nNote that we can remove the fib6_nh_release() call in nh_create_ipv6()\nlater in net-next.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22005",
"url": "https://www.suse.com/security/cve/CVE-2025-22005"
},
{
"category": "external",
"summary": "SUSE Bug 1240866 for CVE-2025-22005",
"url": "https://bugzilla.suse.com/1240866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22005"
},
{
"cve": "CVE-2025-22007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix error code in chan_alloc_skb_cb()\n\nThe chan_alloc_skb_cb() function is supposed to return error pointers on\nerror. Returning NULL will lead to a NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22007",
"url": "https://www.suse.com/security/cve/CVE-2025-22007"
},
{
"category": "external",
"summary": "SUSE Bug 1240829 for CVE-2025-22007",
"url": "https://bugzilla.suse.com/1240829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22007"
},
{
"cve": "CVE-2025-22008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: check that dummy regulator has been probed before using it\n\nDue to asynchronous driver probing there is a chance that the dummy\nregulator hasn\u0027t already been probed when first accessing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22008",
"url": "https://www.suse.com/security/cve/CVE-2025-22008"
},
{
"category": "external",
"summary": "SUSE Bug 1240942 for CVE-2025-22008",
"url": "https://bugzilla.suse.com/1240942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22008"
},
{
"cve": "CVE-2025-22009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: dummy: force synchronous probing\n\nSometimes I get a NULL pointer dereference at boot time in kobject_get()\nwith the following call stack:\n\nanatop_regulator_probe()\n devm_regulator_register()\n regulator_register()\n regulator_resolve_supply()\n kobject_get()\n\nBy placing some extra BUG_ON() statements I could verify that this is\nraised because probing of the \u0027dummy\u0027 regulator driver is not completed\n(\u0027dummy_regulator_rdev\u0027 is still NULL).\n\nIn the JTAG debugger I can see that dummy_regulator_probe() and\nanatop_regulator_probe() can be run by different kernel threads\n(kworker/u4:*). I haven\u0027t further investigated whether this can be\nchanged or if there are other possibilities to force synchronization\nbetween these two probe routines. On the other hand I don\u0027t expect much\nboot time penalty by probing the \u0027dummy\u0027 regulator synchronously.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22009",
"url": "https://www.suse.com/security/cve/CVE-2025-22009"
},
{
"category": "external",
"summary": "SUSE Bug 1240940 for CVE-2025-22009",
"url": "https://bugzilla.suse.com/1240940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22009"
},
{
"cve": "CVE-2025-22010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix soft lockup during bt pages loop\n\nDriver runs a for-loop when allocating bt pages and mapping them with\nbuffer pages. When a large buffer (e.g. MR over 100GB) is being allocated,\nit may require a considerable loop count. This will lead to soft lockup:\n\n watchdog: BUG: soft lockup - CPU#27 stuck for 22s!\n ...\n Call trace:\n hem_list_alloc_mid_bt+0x124/0x394 [hns_roce_hw_v2]\n hns_roce_hem_list_request+0xf8/0x160 [hns_roce_hw_v2]\n hns_roce_mtr_create+0x2e4/0x360 [hns_roce_hw_v2]\n alloc_mr_pbl+0xd4/0x17c [hns_roce_hw_v2]\n hns_roce_reg_user_mr+0xf8/0x190 [hns_roce_hw_v2]\n ib_uverbs_reg_mr+0x118/0x290\n\n watchdog: BUG: soft lockup - CPU#35 stuck for 23s!\n ...\n Call trace:\n hns_roce_hem_list_find_mtt+0x7c/0xb0 [hns_roce_hw_v2]\n mtr_map_bufs+0xc4/0x204 [hns_roce_hw_v2]\n hns_roce_mtr_create+0x31c/0x3c4 [hns_roce_hw_v2]\n alloc_mr_pbl+0xb0/0x160 [hns_roce_hw_v2]\n hns_roce_reg_user_mr+0x108/0x1c0 [hns_roce_hw_v2]\n ib_uverbs_reg_mr+0x120/0x2bc\n\nAdd a cond_resched() to fix soft lockup during these loops. In order not\nto affect the allocation performance of normal-size buffer, set the loop\ncount of a 100GB MR as the threshold to call cond_resched().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22010",
"url": "https://www.suse.com/security/cve/CVE-2025-22010"
},
{
"category": "external",
"summary": "SUSE Bug 1240943 for CVE-2025-22010",
"url": "https://bugzilla.suse.com/1240943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22010"
},
{
"cve": "CVE-2025-22013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state\n\nThere are several problems with the way hyp code lazily saves the host\u0027s\nFPSIMD/SVE state, including:\n\n* Host SVE being discarded unexpectedly due to inconsistent\n configuration of TIF_SVE and CPACR_ELx.ZEN. This has been seen to\n result in QEMU crashes where SVE is used by memmove(), as reported by\n Eric Auger:\n\n https://issues.redhat.com/browse/RHEL-68997\n\n* Host SVE state is discarded *after* modification by ptrace, which was an\n unintentional ptrace ABI change introduced with lazy discarding of SVE state.\n\n* The host FPMR value can be discarded when running a non-protected VM,\n where FPMR support is not exposed to a VM, and that VM uses\n FPSIMD/SVE. In these cases the hyp code does not save the host\u0027s FPMR\n before unbinding the host\u0027s FPSIMD/SVE/SME state, leaving a stale\n value in memory.\n\nAvoid these by eagerly saving and \"flushing\" the host\u0027s FPSIMD/SVE/SME\nstate when loading a vCPU such that KVM does not need to save any of the\nhost\u0027s FPSIMD/SVE/SME state. For clarity, fpsimd_kvm_prepare() is\nremoved and the necessary call to fpsimd_save_and_flush_cpu_state() is\nplaced in kvm_arch_vcpu_load_fp(). As \u0027fpsimd_state\u0027 and \u0027fpmr_ptr\u0027\nshould not be used, they are set to NULL; all uses of these will be\nremoved in subsequent patches.\n\nHistorical problems go back at least as far as v5.17, e.g. erroneous\nassumptions about TIF_SVE being clear in commit:\n\n 8383741ab2e773a9 (\"KVM: arm64: Get rid of host SVE tracking/saving\")\n\n... and so this eager save+flush probably needs to be backported to ALL\nstable trees.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22013",
"url": "https://www.suse.com/security/cve/CVE-2025-22013"
},
{
"category": "external",
"summary": "SUSE Bug 1240938 for CVE-2025-22013",
"url": "https://bugzilla.suse.com/1240938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22013"
},
{
"cve": "CVE-2025-22014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: pdr: Fix the potential deadlock\n\nWhen some client process A call pdr_add_lookup() to add the look up for\nthe service and does schedule locator work, later a process B got a new\nserver packet indicating locator is up and call pdr_locator_new_server()\nwhich eventually sets pdr-\u003elocator_init_complete to true which process A\nsees and takes list lock and queries domain list but it will timeout due\nto deadlock as the response will queued to the same qmi-\u003ewq and it is\nordered workqueue and process B is not able to complete new server\nrequest work due to deadlock on list lock.\n\nFix it by removing the unnecessary list iteration as the list iteration\nis already being done inside locator work, so avoid it here and just\ncall schedule_work() here.\n\n Process A Process B\n\n process_scheduled_works()\npdr_add_lookup() qmi_data_ready_work()\n process_scheduled_works() pdr_locator_new_server()\n pdr-\u003elocator_init_complete=true;\n pdr_locator_work()\n mutex_lock(\u0026pdr-\u003elist_lock);\n\n pdr_locate_service() mutex_lock(\u0026pdr-\u003elist_lock);\n\n pdr_get_domain_list()\n pr_err(\"PDR: %s get domain list\n txn wait failed: %d\\n\",\n req-\u003eservice_name,\n ret);\n\nTimeout error log due to deadlock:\n\n\"\n PDR: tms/servreg get domain list txn wait failed: -110\n PDR: service lookup for msm/adsp/sensor_pd:tms/servreg failed: -110\n\"\n\nThanks to Bjorn and Johan for letting me know that this commit also fixes\nan audio regression when using the in-kernel pd-mapper as that makes it\neasier to hit this race. [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22014",
"url": "https://www.suse.com/security/cve/CVE-2025-22014"
},
{
"category": "external",
"summary": "SUSE Bug 1240937 for CVE-2025-22014",
"url": "https://bugzilla.suse.com/1240937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22014"
},
{
"cve": "CVE-2025-22015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate: fix shmem xarray update during migration\n\nA shmem folio can be either in page cache or in swap cache, but not at the\nsame time. Namely, once it is in swap cache, folio-\u003emapping should be\nNULL, and the folio is no longer in a shmem mapping.\n\nIn __folio_migrate_mapping(), to determine the number of xarray entries to\nupdate, folio_test_swapbacked() is used, but that conflates shmem in page\ncache case and shmem in swap cache case. It leads to xarray multi-index\nentry corruption, since it turns a sibling entry to a normal entry during\nxas_store() (see [1] for a userspace reproduction). Fix it by only using\nfolio_test_swapcache() to determine whether xarray is storing swap cache\nentries or not to choose the right number of xarray entries to update.\n\n[1] https://lore.kernel.org/linux-mm/Z8idPCkaJW1IChjT@casper.infradead.org/\n\nNote:\nIn __split_huge_page(), folio_test_anon() \u0026\u0026 folio_test_swapcache() is\nused to get swap_cache address space, but that ignores the shmem folio in\nswap cache case. It could lead to NULL pointer dereferencing when a\nin-swap-cache shmem folio is split at __xa_store(), since\n!folio_test_anon() is true and folio-\u003emapping is NULL. But fortunately,\nits caller split_huge_page_to_list_to_order() bails out early with EBUSY\nwhen folio-\u003emapping is NULL. So no need to take care of it here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22015",
"url": "https://www.suse.com/security/cve/CVE-2025-22015"
},
{
"category": "external",
"summary": "SUSE Bug 1240944 for CVE-2025-22015",
"url": "https://bugzilla.suse.com/1240944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22015"
},
{
"cve": "CVE-2025-22016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndpll: fix xa_alloc_cyclic() error handling\n\nIn case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will\nbe returned, which will cause IS_ERR() to be false. Which can lead to\ndereference not allocated pointer (pin).\n\nFix it by checking if err is lower than zero.\n\nThis wasn\u0027t found in real usecase, only noticed. Credit to Pierre.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22016",
"url": "https://www.suse.com/security/cve/CVE-2025-22016"
},
{
"category": "external",
"summary": "SUSE Bug 1240934 for CVE-2025-22016",
"url": "https://bugzilla.suse.com/1240934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22016"
},
{
"cve": "CVE-2025-22017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndevlink: fix xa_alloc_cyclic() error handling\n\nIn case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will\nbe returned, which will cause IS_ERR() to be false. Which can lead to\ndereference not allocated pointer (rel).\n\nFix it by checking if err is lower than zero.\n\nThis wasn\u0027t found in real usecase, only noticed. Credit to Pierre.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22017",
"url": "https://www.suse.com/security/cve/CVE-2025-22017"
},
{
"category": "external",
"summary": "SUSE Bug 1240936 for CVE-2025-22017",
"url": "https://bugzilla.suse.com/1240936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22017"
},
{
"cve": "CVE-2025-22018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Fix NULL pointer dereference\n\nWhen MPOA_cache_impos_rcvd() receives the msg, it can trigger\nNull Pointer Dereference Vulnerability if both entry and\nholding_time are NULL. Because there is only for the situation\nwhere entry is NULL and holding_time exists, it can be passed\nwhen both entry and holding_time are NULL. If these are NULL,\nthe entry will be passd to eg_cache_put() as parameter and\nit is referenced by entry-\u003euse code in it.\n\nkasan log:\n\n[ 3.316691] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006:I\n[ 3.317568] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\n[ 3.318188] CPU: 3 UID: 0 PID: 79 Comm: ex Not tainted 6.14.0-rc2 #102\n[ 3.318601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n[ 3.319298] RIP: 0010:eg_cache_remove_entry+0xa5/0x470\n[ 3.319677] Code: c1 f7 6e fd 48 c7 c7 00 7e 38 b2 e8 95 64 54 fd 48 c7 c7 40 7e 38 b2 48 89 ee e80\n[ 3.321220] RSP: 0018:ffff88800583f8a8 EFLAGS: 00010006\n[ 3.321596] RAX: 0000000000000006 RBX: ffff888005989000 RCX: ffffffffaecc2d8e\n[ 3.322112] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000030\n[ 3.322643] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff6558b88\n[ 3.323181] R10: 0000000000000003 R11: 203a207972746e65 R12: 1ffff11000b07f15\n[ 3.323707] R13: dffffc0000000000 R14: ffff888005989000 R15: ffff888005989068\n[ 3.324185] FS: 000000001b6313c0(0000) GS:ffff88806d380000(0000) knlGS:0000000000000000\n[ 3.325042] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 3.325545] CR2: 00000000004b4b40 CR3: 000000000248e000 CR4: 00000000000006f0\n[ 3.326430] Call Trace:\n[ 3.326725] \u003cTASK\u003e\n[ 3.326927] ? die_addr+0x3c/0xa0\n[ 3.327330] ? exc_general_protection+0x161/0x2a0\n[ 3.327662] ? asm_exc_general_protection+0x26/0x30\n[ 3.328214] ? vprintk_emit+0x15e/0x420\n[ 3.328543] ? eg_cache_remove_entry+0xa5/0x470\n[ 3.328910] ? eg_cache_remove_entry+0x9a/0x470\n[ 3.329294] ? __pfx_eg_cache_remove_entry+0x10/0x10\n[ 3.329664] ? console_unlock+0x107/0x1d0\n[ 3.329946] ? __pfx_console_unlock+0x10/0x10\n[ 3.330283] ? do_syscall_64+0xa6/0x1a0\n[ 3.330584] ? entry_SYSCALL_64_after_hwframe+0x47/0x7f\n[ 3.331090] ? __pfx_prb_read_valid+0x10/0x10\n[ 3.331395] ? down_trylock+0x52/0x80\n[ 3.331703] ? vprintk_emit+0x15e/0x420\n[ 3.331986] ? __pfx_vprintk_emit+0x10/0x10\n[ 3.332279] ? down_trylock+0x52/0x80\n[ 3.332527] ? _printk+0xbf/0x100\n[ 3.332762] ? __pfx__printk+0x10/0x10\n[ 3.333007] ? _raw_write_lock_irq+0x81/0xe0\n[ 3.333284] ? __pfx__raw_write_lock_irq+0x10/0x10\n[ 3.333614] msg_from_mpoad+0x1185/0x2750\n[ 3.333893] ? __build_skb_around+0x27b/0x3a0\n[ 3.334183] ? __pfx_msg_from_mpoad+0x10/0x10\n[ 3.334501] ? __alloc_skb+0x1c0/0x310\n[ 3.334809] ? __pfx___alloc_skb+0x10/0x10\n[ 3.335283] ? _raw_spin_lock+0xe0/0xe0\n[ 3.335632] ? finish_wait+0x8d/0x1e0\n[ 3.335975] vcc_sendmsg+0x684/0xba0\n[ 3.336250] ? __pfx_vcc_sendmsg+0x10/0x10\n[ 3.336587] ? __pfx_autoremove_wake_function+0x10/0x10\n[ 3.337056] ? fdget+0x176/0x3e0\n[ 3.337348] __sys_sendto+0x4a2/0x510\n[ 3.337663] ? __pfx___sys_sendto+0x10/0x10\n[ 3.337969] ? ioctl_has_perm.constprop.0.isra.0+0x284/0x400\n[ 3.338364] ? sock_ioctl+0x1bb/0x5a0\n[ 3.338653] ? __rseq_handle_notify_resume+0x825/0xd20\n[ 3.339017] ? __pfx_sock_ioctl+0x10/0x10\n[ 3.339316] ? __pfx___rseq_handle_notify_resume+0x10/0x10\n[ 3.339727] ? selinux_file_ioctl+0xa4/0x260\n[ 3.340166] __x64_sys_sendto+0xe0/0x1c0\n[ 3.340526] ? syscall_exit_to_user_mode+0x123/0x140\n[ 3.340898] do_syscall_64+0xa6/0x1a0\n[ 3.341170] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 3.341533] RIP: 0033:0x44a380\n[ 3.341757] Code: 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c00\n[ \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22018",
"url": "https://www.suse.com/security/cve/CVE-2025-22018"
},
{
"category": "external",
"summary": "SUSE Bug 1241266 for CVE-2025-22018",
"url": "https://bugzilla.suse.com/1241266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22018"
},
{
"cve": "CVE-2025-22020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove\n\nThis fixes the following crash:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in rtsx_usb_ms_poll_card+0x159/0x200 [rtsx_usb_ms]\nRead of size 8 at addr ffff888136335380 by task kworker/6:0/140241\n\nCPU: 6 UID: 0 PID: 140241 Comm: kworker/6:0 Kdump: loaded Tainted: G E 6.14.0-rc6+ #1\nTainted: [E]=UNSIGNED_MODULE\nHardware name: LENOVO 30FNA1V7CW/1057, BIOS S0EKT54A 07/01/2024\nWorkqueue: events rtsx_usb_ms_poll_card [rtsx_usb_ms]\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x51/0x70\n print_address_description.constprop.0+0x27/0x320\n ? rtsx_usb_ms_poll_card+0x159/0x200 [rtsx_usb_ms]\n print_report+0x3e/0x70\n kasan_report+0xab/0xe0\n ? rtsx_usb_ms_poll_card+0x159/0x200 [rtsx_usb_ms]\n rtsx_usb_ms_poll_card+0x159/0x200 [rtsx_usb_ms]\n ? __pfx_rtsx_usb_ms_poll_card+0x10/0x10 [rtsx_usb_ms]\n ? __pfx___schedule+0x10/0x10\n ? kick_pool+0x3b/0x270\n process_one_work+0x357/0x660\n worker_thread+0x390/0x4c0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x190/0x1d0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2d/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 161446:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x10/0x30\n __kasan_kmalloc+0x7b/0x90\n __kmalloc_noprof+0x1a7/0x470\n memstick_alloc_host+0x1f/0xe0 [memstick]\n rtsx_usb_ms_drv_probe+0x47/0x320 [rtsx_usb_ms]\n platform_probe+0x60/0xe0\n call_driver_probe+0x35/0x120\n really_probe+0x123/0x410\n __driver_probe_device+0xc7/0x1e0\n driver_probe_device+0x49/0xf0\n __device_attach_driver+0xc6/0x160\n bus_for_each_drv+0xe4/0x160\n __device_attach+0x13a/0x2b0\n bus_probe_device+0xbd/0xd0\n device_add+0x4a5/0x760\n platform_device_add+0x189/0x370\n mfd_add_device+0x587/0x5e0\n mfd_add_devices+0xb1/0x130\n rtsx_usb_probe+0x28e/0x2e0 [rtsx_usb]\n usb_probe_interface+0x15c/0x460\n call_driver_probe+0x35/0x120\n really_probe+0x123/0x410\n __driver_probe_device+0xc7/0x1e0\n driver_probe_device+0x49/0xf0\n __device_attach_driver+0xc6/0x160\n bus_for_each_drv+0xe4/0x160\n __device_attach+0x13a/0x2b0\n rebind_marked_interfaces.isra.0+0xcc/0x110\n usb_reset_device+0x352/0x410\n usbdev_do_ioctl+0xe5c/0x1860\n usbdev_ioctl+0xa/0x20\n __x64_sys_ioctl+0xc5/0xf0\n do_syscall_64+0x59/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 161506:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x36/0x60\n __kasan_slab_free+0x34/0x50\n kfree+0x1fd/0x3b0\n device_release+0x56/0xf0\n kobject_cleanup+0x73/0x1c0\n rtsx_usb_ms_drv_remove+0x13d/0x220 [rtsx_usb_ms]\n platform_remove+0x2f/0x50\n device_release_driver_internal+0x24b/0x2e0\n bus_remove_device+0x124/0x1d0\n device_del+0x239/0x530\n platform_device_del.part.0+0x19/0xe0\n platform_device_unregister+0x1c/0x40\n mfd_remove_devices_fn+0x167/0x170\n device_for_each_child_reverse+0xc9/0x130\n mfd_remove_devices+0x6e/0xa0\n rtsx_usb_disconnect+0x2e/0xd0 [rtsx_usb]\n usb_unbind_interface+0xf3/0x3f0\n device_release_driver_internal+0x24b/0x2e0\n proc_disconnect_claim+0x13d/0x220\n usbdev_do_ioctl+0xb5e/0x1860\n usbdev_ioctl+0xa/0x20\n __x64_sys_ioctl+0xc5/0xf0\n do_syscall_64+0x59/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nLast potentially related work creation:\n kasan_save_stack+0x20/0x40\n kasan_record_aux_stack+0x85/0x90\n insert_work+0x29/0x100\n __queue_work+0x34a/0x540\n call_timer_fn+0x2a/0x160\n expire_timers+0x5f/0x1f0\n __run_timer_base.part.0+0x1b6/0x1e0\n run_timer_softirq+0x8b/0xe0\n handle_softirqs+0xf9/0x360\n __irq_exit_rcu+0x114/0x130\n sysvec_apic_timer_interrupt+0x72/0x90\n asm_sysvec_apic_timer_interrupt+0x16/0x20\n\nSecond to last potentially related work creation:\n kasan_save_stack+0x20/0x40\n kasan_record_aux_stack+0x85/0x90\n insert_work+0x29/0x100\n __queue_work+0x34a/0x540\n call_timer_fn+0x2a/0x160\n expire_timers+0x5f/0x1f0\n __run_timer_base.part.0+0x1b6/0x1e0\n run_timer_softirq+0x8b/0xe0\n handle_softirqs+0xf9/0x\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22020",
"url": "https://www.suse.com/security/cve/CVE-2025-22020"
},
{
"category": "external",
"summary": "SUSE Bug 1241280 for CVE-2025-22020",
"url": "https://bugzilla.suse.com/1241280"
},
{
"category": "external",
"summary": "SUSE Bug 1241281 for CVE-2025-22020",
"url": "https://bugzilla.suse.com/1241281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-22020"
},
{
"cve": "CVE-2025-22021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: socket: Lookup orig tuple for IPv6 SNAT\n\nnf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to\nrestore the original 5-tuple in case of SNAT, to be able to find the\nright socket (if any). Then socket_match() can correctly check whether\nthe socket was transparent.\n\nHowever, the IPv6 counterpart (nf_sk_lookup_slow_v6) lacks this\nconntrack lookup, making xt_socket fail to match on the socket when the\npacket was SNATed. Add the same logic to nf_sk_lookup_slow_v6.\n\nIPv6 SNAT is used in Kubernetes clusters for pod-to-world packets, as\npods\u0027 addresses are in the fd00::/8 ULA subnet and need to be replaced\nwith the node\u0027s external address. Cilium leverages Envoy to enforce L7\npolicies, and Envoy uses transparent sockets. Cilium inserts an iptables\nprerouting rule that matches on `-m socket --transparent` and redirects\nthe packets to localhost, but it fails to match SNATed IPv6 packets due\nto that missing conntrack lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22021",
"url": "https://www.suse.com/security/cve/CVE-2025-22021"
},
{
"category": "external",
"summary": "SUSE Bug 1241282 for CVE-2025-22021",
"url": "https://bugzilla.suse.com/1241282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "low"
}
],
"title": "CVE-2025-22021"
},
{
"cve": "CVE-2025-22025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22025"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: put dl_stid if fail to queue dl_recall\n\nBefore calling nfsd4_run_cb to queue dl_recall to the callback_wq, we\nincrement the reference count of dl_stid.\nWe expect that after the corresponding work_struct is processed, the\nreference count of dl_stid will be decremented through the callback\nfunction nfsd4_cb_recall_release.\nHowever, if the call to nfsd4_run_cb fails, the incremented reference\ncount of dl_stid will not be decremented correspondingly, leading to the\nfollowing nfs4_stid leak:\nunreferenced object 0xffff88812067b578 (size 344):\n comm \"nfsd\", pid 2761, jiffies 4295044002 (age 5541.241s)\n hex dump (first 32 bytes):\n 01 00 00 00 6b 6b 6b 6b b8 02 c0 e2 81 88 ff ff ....kkkk........\n 00 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 ad 4e ad de .kkkkkkk.....N..\n backtrace:\n kmem_cache_alloc+0x4b9/0x700\n nfsd4_process_open1+0x34/0x300\n nfsd4_open+0x2d1/0x9d0\n nfsd4_proc_compound+0x7a2/0xe30\n nfsd_dispatch+0x241/0x3e0\n svc_process_common+0x5d3/0xcc0\n svc_process+0x2a3/0x320\n nfsd+0x180/0x2e0\n kthread+0x199/0x1d0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\nunreferenced object 0xffff8881499f4d28 (size 368):\n comm \"nfsd\", pid 2761, jiffies 4295044005 (age 5541.239s)\n hex dump (first 32 bytes):\n 01 00 00 00 00 00 00 00 30 4d 9f 49 81 88 ff ff ........0M.I....\n 30 4d 9f 49 81 88 ff ff 20 00 00 00 01 00 00 00 0M.I.... .......\n backtrace:\n kmem_cache_alloc+0x4b9/0x700\n nfs4_alloc_stid+0x29/0x210\n alloc_init_deleg+0x92/0x2e0\n nfs4_set_delegation+0x284/0xc00\n nfs4_open_delegation+0x216/0x3f0\n nfsd4_process_open2+0x2b3/0xee0\n nfsd4_open+0x770/0x9d0\n nfsd4_proc_compound+0x7a2/0xe30\n nfsd_dispatch+0x241/0x3e0\n svc_process_common+0x5d3/0xcc0\n svc_process+0x2a3/0x320\n nfsd+0x180/0x2e0\n kthread+0x199/0x1d0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\nFix it by checking the result of nfsd4_run_cb and call nfs4_put_stid if\nfail to queue dl_recall.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22025",
"url": "https://www.suse.com/security/cve/CVE-2025-22025"
},
{
"category": "external",
"summary": "SUSE Bug 1241361 for CVE-2025-22025",
"url": "https://bugzilla.suse.com/1241361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22025"
},
{
"cve": "CVE-2025-22027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22027"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: streamzap: fix race between device disconnection and urb callback\n\nSyzkaller has reported a general protection fault at function\nir_raw_event_store_with_filter(). This crash is caused by a NULL pointer\ndereference of dev-\u003eraw pointer, even though it is checked for NULL in\nthe same function, which means there is a race condition. It occurs due\nto the incorrect order of actions in the streamzap_disconnect() function:\nrc_unregister_device() is called before usb_kill_urb(). The dev-\u003eraw\npointer is freed and set to NULL in rc_unregister_device(), and only\nafter that usb_kill_urb() waits for in-progress requests to finish.\n\nIf rc_unregister_device() is called while streamzap_callback() handler is\nnot finished, this can lead to accessing freed resources. Thus\nrc_unregister_device() should be called after usb_kill_urb().\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22027",
"url": "https://www.suse.com/security/cve/CVE-2025-22027"
},
{
"category": "external",
"summary": "SUSE Bug 1241369 for CVE-2025-22027",
"url": "https://bugzilla.suse.com/1241369"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22027"
},
{
"cve": "CVE-2025-22029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22029"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22029",
"url": "https://www.suse.com/security/cve/CVE-2025-22029"
},
{
"category": "external",
"summary": "SUSE Bug 1241378 for CVE-2025-22029",
"url": "https://bugzilla.suse.com/1241378"
},
{
"category": "external",
"summary": "SUSE Bug 1241379 for CVE-2025-22029",
"url": "https://bugzilla.suse.com/1241379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-22029"
},
{
"cve": "CVE-2025-22030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()\n\nCurrently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding\nthe per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_lock\n(through crypto_exit_scomp_ops_async()).\n\nOn the other hand, crypto_alloc_acomp_node() holds the scomp_lock (through\ncrypto_scomp_init_tfm()), and then allocates memory. If the allocation\nresults in reclaim, we may attempt to hold the per-CPU acomp_ctx mutex.\n\nThe above dependencies can cause an ABBA deadlock. For example in the\nfollowing scenario:\n\n(1) Task A running on CPU #1:\n crypto_alloc_acomp_node()\n Holds scomp_lock\n Enters reclaim\n Reads per_cpu_ptr(pool-\u003eacomp_ctx, 1)\n\n(2) Task A is descheduled\n\n(3) CPU #1 goes offline\n zswap_cpu_comp_dead(CPU #1)\n Holds per_cpu_ptr(pool-\u003eacomp_ctx, 1))\n Calls crypto_free_acomp()\n Waits for scomp_lock\n\n(4) Task A running on CPU #2:\n Waits for per_cpu_ptr(pool-\u003eacomp_ctx, 1) // Read on CPU #1\n DEADLOCK\n\nSince there is no requirement to call crypto_free_acomp() with the per-CPU\nacomp_ctx mutex held in zswap_cpu_comp_dead(), move it after the mutex is\nunlocked. Also move the acomp_request_free() and kfree() calls for\nconsistency and to avoid any potential sublte locking dependencies in the\nfuture.\n\nWith this, only setting acomp_ctx fields to NULL occurs with the mutex\nheld. This is similar to how zswap_cpu_comp_prepare() only initializes\nacomp_ctx fields with the mutex held, after performing all allocations\nbefore holding the mutex.\n\nOpportunistically, move the NULL check on acomp_ctx so that it takes place\nbefore the mutex dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22030",
"url": "https://www.suse.com/security/cve/CVE-2025-22030"
},
{
"category": "external",
"summary": "SUSE Bug 1241376 for CVE-2025-22030",
"url": "https://bugzilla.suse.com/1241376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22030"
},
{
"cve": "CVE-2025-22033",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22033"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: Don\u0027t call NULL in do_compat_alignment_fixup()\n\ndo_alignment_t32_to_handler() only fixes up alignment faults for\nspecific instructions; it returns NULL otherwise (e.g. LDREX). When\nthat\u0027s the case, signal to the caller that it needs to proceed with the\nregular alignment fault handling (i.e. SIGBUS). Without this patch, the\nkernel panics:\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n Mem abort info:\n ESR = 0x0000000086000006\n EC = 0x21: IABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x06: level 2 translation fault\n user pgtable: 4k pages, 48-bit VAs, pgdp=00000800164aa000\n [0000000000000000] pgd=0800081fdbd22003, p4d=0800081fdbd22003, pud=08000815d51c6003, pmd=0000000000000000\n Internal error: Oops: 0000000086000006 [#1] SMP\n Modules linked in: cfg80211 rfkill xt_nat xt_tcpudp xt_conntrack nft_chain_nat xt_MASQUERADE nf_nat nf_conntrack_netlink nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xfrm_user xfrm_algo xt_addrtype nft_compat br_netfilter veth nvme_fa\u003e\n libcrc32c crc32c_generic raid0 multipath linear dm_mod dax raid1 md_mod xhci_pci nvme xhci_hcd nvme_core t10_pi usbcore igb crc64_rocksoft crc64 crc_t10dif crct10dif_generic crct10dif_ce crct10dif_common usb_common i2c_algo_bit i2c\u003e\n CPU: 2 PID: 3932954 Comm: WPEWebProcess Not tainted 6.1.0-31-arm64 #1 Debian 6.1.128-1\n Hardware name: GIGABYTE MP32-AR1-00/MP32-AR1-00, BIOS F18v (SCP: 1.08.20211002) 12/01/2021\n pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : 0x0\n lr : do_compat_alignment_fixup+0xd8/0x3dc\n sp : ffff80000f973dd0\n x29: ffff80000f973dd0 x28: ffff081b42526180 x27: 0000000000000000\n x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\n x23: 0000000000000004 x22: 0000000000000000 x21: 0000000000000001\n x20: 00000000e8551f00 x19: ffff80000f973eb0 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000 x9 : ffffaebc949bc488\n x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n x5 : 0000000000400000 x4 : 0000fffffffffffe x3 : 0000000000000000\n x2 : ffff80000f973eb0 x1 : 00000000e8551f00 x0 : 0000000000000001\n Call trace:\n 0x0\n do_alignment_fault+0x40/0x50\n do_mem_abort+0x4c/0xa0\n el0_da+0x48/0xf0\n el0t_32_sync_handler+0x110/0x140\n el0t_32_sync+0x190/0x194\n Code: bad PC value\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22033",
"url": "https://www.suse.com/security/cve/CVE-2025-22033"
},
{
"category": "external",
"summary": "SUSE Bug 1241436 for CVE-2025-22033",
"url": "https://bugzilla.suse.com/1241436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22033"
},
{
"cve": "CVE-2025-22036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix random stack corruption after get_block\n\nWhen get_block is called with a buffer_head allocated on the stack, such\nas do_mpage_readpage, stack corruption due to buffer_head UAF may occur in\nthe following race condition situation.\n\n \u003cCPU 0\u003e \u003cCPU 1\u003e\nmpage_read_folio\n \u003c\u003cbh on stack\u003e\u003e\n do_mpage_readpage\n exfat_get_block\n bh_read\n __bh_read\n\t get_bh(bh)\n submit_bh\n wait_on_buffer\n ...\n end_buffer_read_sync\n __end_buffer_read_notouch\n unlock_buffer\n \u003c\u003ckeep going\u003e\u003e\n ...\n ...\n ...\n ...\n\u003c\u003cbh is not valid out of mpage_read_folio\u003e\u003e\n .\n .\nanother_function\n \u003c\u003cvariable A on stack\u003e\u003e\n put_bh(bh)\n atomic_dec(bh-\u003eb_count)\n * stack corruption here *\n\nThis patch returns -EAGAIN if a folio does not have buffers when bh_read\nneeds to be called. By doing this, the caller can fallback to functions\nlike block_read_full_folio(), create a buffer_head in the folio, and then\ncall get_block again.\n\nLet\u0027s do not call bh_read() with on-stack buffer_head.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22036",
"url": "https://www.suse.com/security/cve/CVE-2025-22036"
},
{
"category": "external",
"summary": "SUSE Bug 1241426 for CVE-2025-22036",
"url": "https://bugzilla.suse.com/1241426"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22036"
},
{
"cve": "CVE-2025-22044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacpi: nfit: fix narrowing conversion in acpi_nfit_ctl\n\nSyzkaller has reported a warning in to_nfit_bus_uuid(): \"only secondary\nbus families can be translated\". This warning is emited if the argument\nis equal to NVDIMM_BUS_FAMILY_NFIT == 0. Function acpi_nfit_ctl() first\nverifies that a user-provided value call_pkg-\u003end_family of type u64 is\nnot equal to 0. Then the value is converted to int, and only after that\nis compared to NVDIMM_BUS_FAMILY_MAX. This can lead to passing an invalid\nargument to acpi_nfit_ctl(), if call_pkg-\u003end_family is non-zero, while\nthe lower 32 bits are zero.\n\nFurthermore, it is best to return EINVAL immediately upon seeing the\ninvalid user input. The WARNING is insufficient to prevent further\nundefined behavior based on other invalid user input.\n\nAll checks of the input value should be applied to the original variable\ncall_pkg-\u003end_family.\n\n[iweiny: update commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22044",
"url": "https://www.suse.com/security/cve/CVE-2025-22044"
},
{
"category": "external",
"summary": "SUSE Bug 1241424 for CVE-2025-22044",
"url": "https://bugzilla.suse.com/1241424"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22044"
},
{
"cve": "CVE-2025-22045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm: Fix flush_tlb_range() when used for zapping normal PMDs\n\nOn the following path, flush_tlb_range() can be used for zapping normal\nPMD entries (PMD entries that point to page tables) together with the PTE\nentries in the pointed-to page table:\n\n collapse_pte_mapped_thp\n pmdp_collapse_flush\n flush_tlb_range\n\nThe arm64 version of flush_tlb_range() has a comment describing that it can\nbe used for page table removal, and does not use any last-level\ninvalidation optimizations. Fix the X86 version by making it behave the\nsame way.\n\nCurrently, X86 only uses this information for the following two purposes,\nwhich I think means the issue doesn\u0027t have much impact:\n\n - In native_flush_tlb_multi() for checking if lazy TLB CPUs need to be\n IPI\u0027d to avoid issues with speculative page table walks.\n - In Hyper-V TLB paravirtualization, again for lazy TLB stuff.\n\nThe patch \"x86/mm: only invalidate final translations with INVLPGB\" which\nis currently under review (see\n\u003chttps://lore.kernel.org/all/20241230175550.4046587-13-riel@surriel.com/\u003e)\nwould probably be making the impact of this a lot worse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22045",
"url": "https://www.suse.com/security/cve/CVE-2025-22045"
},
{
"category": "external",
"summary": "SUSE Bug 1241433 for CVE-2025-22045",
"url": "https://bugzilla.suse.com/1241433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22045"
},
{
"cve": "CVE-2025-22050",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22050"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet:fix NPE during rx_complete\n\nMissing usbnet_going_away Check in Critical Path.\nThe usb_submit_urb function lacks a usbnet_going_away\nvalidation, whereas __usbnet_queue_skb includes this check.\n\nThis inconsistency creates a race condition where:\nA URB request may succeed, but the corresponding SKB data\nfails to be queued.\n\nSubsequent processes:\n(e.g., rx_complete \u2192 defer_bh \u2192 __skb_unlink(skb, list))\nattempt to access skb-\u003enext, triggering a NULL pointer\ndereference (Kernel Panic).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22050",
"url": "https://www.suse.com/security/cve/CVE-2025-22050"
},
{
"category": "external",
"summary": "SUSE Bug 1241441 for CVE-2025-22050",
"url": "https://bugzilla.suse.com/1241441"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22050"
},
{
"cve": "CVE-2025-22053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ibmveth: make veth_pool_store stop hanging\n\nv2:\n- Created a single error handling unlock and exit in veth_pool_store\n- Greatly expanded commit message with previous explanatory-only text\n\nSummary: Use rtnl_mutex to synchronize veth_pool_store with itself,\nibmveth_close and ibmveth_open, preventing multiple calls in a row to\nnapi_disable.\n\nBackground: Two (or more) threads could call veth_pool_store through\nwriting to /sys/devices/vio/30000002/pool*/*. You can do this easily\nwith a little shell script. This causes a hang.\n\nI configured LOCKDEP, compiled ibmveth.c with DEBUG, and built a new\nkernel. I ran this test again and saw:\n\n Setting pool0/active to 0\n Setting pool1/active to 1\n [ 73.911067][ T4365] ibmveth 30000002 eth0: close starting\n Setting pool1/active to 1\n Setting pool1/active to 0\n [ 73.911367][ T4366] ibmveth 30000002 eth0: close starting\n [ 73.916056][ T4365] ibmveth 30000002 eth0: close complete\n [ 73.916064][ T4365] ibmveth 30000002 eth0: open starting\n [ 110.808564][ T712] systemd-journald[712]: Sent WATCHDOG=1 notification.\n [ 230.808495][ T712] systemd-journald[712]: Sent WATCHDOG=1 notification.\n [ 243.683786][ T123] INFO: task stress.sh:4365 blocked for more than 122 seconds.\n [ 243.683827][ T123] Not tainted 6.14.0-01103-g2df0c02dab82-dirty #8\n [ 243.683833][ T123] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n [ 243.683838][ T123] task:stress.sh state:D stack:28096 pid:4365 tgid:4365 ppid:4364 task_flags:0x400040 flags:0x00042000\n [ 243.683852][ T123] Call Trace:\n [ 243.683857][ T123] [c00000000c38f690] [0000000000000001] 0x1 (unreliable)\n [ 243.683868][ T123] [c00000000c38f840] [c00000000001f908] __switch_to+0x318/0x4e0\n [ 243.683878][ T123] [c00000000c38f8a0] [c000000001549a70] __schedule+0x500/0x12a0\n [ 243.683888][ T123] [c00000000c38f9a0] [c00000000154a878] schedule+0x68/0x210\n [ 243.683896][ T123] [c00000000c38f9d0] [c00000000154ac80] schedule_preempt_disabled+0x30/0x50\n [ 243.683904][ T123] [c00000000c38fa00] [c00000000154dbb0] __mutex_lock+0x730/0x10f0\n [ 243.683913][ T123] [c00000000c38fb10] [c000000001154d40] napi_enable+0x30/0x60\n [ 243.683921][ T123] [c00000000c38fb40] [c000000000f4ae94] ibmveth_open+0x68/0x5dc\n [ 243.683928][ T123] [c00000000c38fbe0] [c000000000f4aa20] veth_pool_store+0x220/0x270\n [ 243.683936][ T123] [c00000000c38fc70] [c000000000826278] sysfs_kf_write+0x68/0xb0\n [ 243.683944][ T123] [c00000000c38fcb0] [c0000000008240b8] kernfs_fop_write_iter+0x198/0x2d0\n [ 243.683951][ T123] [c00000000c38fd00] [c00000000071b9ac] vfs_write+0x34c/0x650\n [ 243.683958][ T123] [c00000000c38fdc0] [c00000000071bea8] ksys_write+0x88/0x150\n [ 243.683966][ T123] [c00000000c38fe10] [c0000000000317f4] system_call_exception+0x124/0x340\n [ 243.683973][ T123] [c00000000c38fe50] [c00000000000d05c] system_call_vectored_common+0x15c/0x2ec\n ...\n [ 243.684087][ T123] Showing all locks held in the system:\n [ 243.684095][ T123] 1 lock held by khungtaskd/123:\n [ 243.684099][ T123] #0: c00000000278e370 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x50/0x248\n [ 243.684114][ T123] 4 locks held by stress.sh/4365:\n [ 243.684119][ T123] #0: c00000003a4cd3f8 (sb_writers#3){.+.+}-{0:0}, at: ksys_write+0x88/0x150\n [ 243.684132][ T123] #1: c000000041aea888 (\u0026of-\u003emutex#2){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x154/0x2d0\n [ 243.684143][ T123] #2: c0000000366fb9a8 (kn-\u003eactive#64){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x160/0x2d0\n [ 243.684155][ T123] #3: c000000035ff4cb8 (\u0026dev-\u003elock){+.+.}-{3:3}, at: napi_enable+0x30/0x60\n [ 243.684166][ T123] 5 locks held by stress.sh/4366:\n [ 243.684170][ T123] #0: c00000003a4cd3f8 (sb_writers#3){.+.+}-{0:0}, at: ksys_write+0x88/0x150\n [ 243.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22053",
"url": "https://www.suse.com/security/cve/CVE-2025-22053"
},
{
"category": "external",
"summary": "SUSE Bug 1241373 for CVE-2025-22053",
"url": "https://bugzilla.suse.com/1241373"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22053"
},
{
"cve": "CVE-2025-22055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix geneve_opt length integer overflow\n\nstruct geneve_opt uses 5 bit length for each single option, which\nmeans every vary size option should be smaller than 128 bytes.\n\nHowever, all current related Netlink policies cannot promise this\nlength condition and the attacker can exploit a exact 128-byte size\noption to *fake* a zero length option and confuse the parsing logic,\nfurther achieve heap out-of-bounds read.\n\nOne example crash log is like below:\n\n[ 3.905425] ==================================================================\n[ 3.905925] BUG: KASAN: slab-out-of-bounds in nla_put+0xa9/0xe0\n[ 3.906255] Read of size 124 at addr ffff888005f291cc by task poc/177\n[ 3.906646]\n[ 3.906775] CPU: 0 PID: 177 Comm: poc-oob-read Not tainted 6.1.132 #1\n[ 3.907131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 3.907784] Call Trace:\n[ 3.907925] \u003cTASK\u003e\n[ 3.908048] dump_stack_lvl+0x44/0x5c\n[ 3.908258] print_report+0x184/0x4be\n[ 3.909151] kasan_report+0xc5/0x100\n[ 3.909539] kasan_check_range+0xf3/0x1a0\n[ 3.909794] memcpy+0x1f/0x60\n[ 3.909968] nla_put+0xa9/0xe0\n[ 3.910147] tunnel_key_dump+0x945/0xba0\n[ 3.911536] tcf_action_dump_1+0x1c1/0x340\n[ 3.912436] tcf_action_dump+0x101/0x180\n[ 3.912689] tcf_exts_dump+0x164/0x1e0\n[ 3.912905] fw_dump+0x18b/0x2d0\n[ 3.913483] tcf_fill_node+0x2ee/0x460\n[ 3.914778] tfilter_notify+0xf4/0x180\n[ 3.915208] tc_new_tfilter+0xd51/0x10d0\n[ 3.918615] rtnetlink_rcv_msg+0x4a2/0x560\n[ 3.919118] netlink_rcv_skb+0xcd/0x200\n[ 3.919787] netlink_unicast+0x395/0x530\n[ 3.921032] netlink_sendmsg+0x3d0/0x6d0\n[ 3.921987] __sock_sendmsg+0x99/0xa0\n[ 3.922220] __sys_sendto+0x1b7/0x240\n[ 3.922682] __x64_sys_sendto+0x72/0x90\n[ 3.922906] do_syscall_64+0x5e/0x90\n[ 3.923814] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 3.924122] RIP: 0033:0x7e83eab84407\n[ 3.924331] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 3.925330] RSP: 002b:00007ffff505e370 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\n[ 3.925752] RAX: ffffffffffffffda RBX: 00007e83eaafa740 RCX: 00007e83eab84407\n[ 3.926173] RDX: 00000000000001a8 RSI: 00007ffff505e3c0 RDI: 0000000000000003\n[ 3.926587] RBP: 00007ffff505f460 R08: 00007e83eace1000 R09: 000000000000000c\n[ 3.926977] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffff505f3c0\n[ 3.927367] R13: 00007ffff505f5c8 R14: 00007e83ead1b000 R15: 00005d4fbbe6dcb8\n\nFix these issues by enforing correct length condition in related\npolicies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22055",
"url": "https://www.suse.com/security/cve/CVE-2025-22055"
},
{
"category": "external",
"summary": "SUSE Bug 1241371 for CVE-2025-22055",
"url": "https://bugzilla.suse.com/1241371"
},
{
"category": "external",
"summary": "SUSE Bug 1241372 for CVE-2025-22055",
"url": "https://bugzilla.suse.com/1241372"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-22055"
},
{
"cve": "CVE-2025-22056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_tunnel: fix geneve_opt type confusion addition\n\nWhen handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the\nparsing logic should place every geneve_opt structure one by one\ncompactly. Hence, when deciding the next geneve_opt position, the\npointer addition should be in units of char *.\n\nHowever, the current implementation erroneously does type conversion\nbefore the addition, which will lead to heap out-of-bounds write.\n\n[ 6.989857] ==================================================================\n[ 6.990293] BUG: KASAN: slab-out-of-bounds in nft_tunnel_obj_init+0x977/0xa70\n[ 6.990725] Write of size 124 at addr ffff888005f18974 by task poc/178\n[ 6.991162]\n[ 6.991259] CPU: 0 PID: 178 Comm: poc-oob-write Not tainted 6.1.132 #1\n[ 6.991655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 6.992281] Call Trace:\n[ 6.992423] \u003cTASK\u003e\n[ 6.992586] dump_stack_lvl+0x44/0x5c\n[ 6.992801] print_report+0x184/0x4be\n[ 6.993790] kasan_report+0xc5/0x100\n[ 6.994252] kasan_check_range+0xf3/0x1a0\n[ 6.994486] memcpy+0x38/0x60\n[ 6.994692] nft_tunnel_obj_init+0x977/0xa70\n[ 6.995677] nft_obj_init+0x10c/0x1b0\n[ 6.995891] nf_tables_newobj+0x585/0x950\n[ 6.996922] nfnetlink_rcv_batch+0xdf9/0x1020\n[ 6.998997] nfnetlink_rcv+0x1df/0x220\n[ 6.999537] netlink_unicast+0x395/0x530\n[ 7.000771] netlink_sendmsg+0x3d0/0x6d0\n[ 7.001462] __sock_sendmsg+0x99/0xa0\n[ 7.001707] ____sys_sendmsg+0x409/0x450\n[ 7.002391] ___sys_sendmsg+0xfd/0x170\n[ 7.003145] __sys_sendmsg+0xea/0x170\n[ 7.004359] do_syscall_64+0x5e/0x90\n[ 7.005817] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 7.006127] RIP: 0033:0x7ec756d4e407\n[ 7.006339] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 7.007364] RSP: 002b:00007ffed5d46760 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n[ 7.007827] RAX: ffffffffffffffda RBX: 00007ec756cc4740 RCX: 00007ec756d4e407\n[ 7.008223] RDX: 0000000000000000 RSI: 00007ffed5d467f0 RDI: 0000000000000003\n[ 7.008620] RBP: 00007ffed5d468a0 R08: 0000000000000000 R09: 0000000000000000\n[ 7.009039] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n[ 7.009429] R13: 00007ffed5d478b0 R14: 00007ec756ee5000 R15: 00005cbd4e655cb8\n\nFix this bug with correct pointer addition and conversion in parse\nand dump code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22056",
"url": "https://www.suse.com/security/cve/CVE-2025-22056"
},
{
"category": "external",
"summary": "SUSE Bug 1241525 for CVE-2025-22056",
"url": "https://bugzilla.suse.com/1241525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22056"
},
{
"cve": "CVE-2025-22057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: decrease cached dst counters in dst_release\n\nUpstream fix ac888d58869b (\"net: do not delay dst_entries_add() in\ndst_release()\") moved decrementing the dst count from dst_destroy to\ndst_release to avoid accessing already freed data in case of netns\ndismantle. However in case CONFIG_DST_CACHE is enabled and OvS+tunnels\nare used, this fix is incomplete as the same issue will be seen for\ncached dsts:\n\n Unable to handle kernel paging request at virtual address ffff5aabf6b5c000\n Call trace:\n percpu_counter_add_batch+0x3c/0x160 (P)\n dst_release+0xec/0x108\n dst_cache_destroy+0x68/0xd8\n dst_destroy+0x13c/0x168\n dst_destroy_rcu+0x1c/0xb0\n rcu_do_batch+0x18c/0x7d0\n rcu_core+0x174/0x378\n rcu_core_si+0x18/0x30\n\nFix this by invalidating the cache, and thus decrementing cached dst\ncounters, in dst_release too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22057",
"url": "https://www.suse.com/security/cve/CVE-2025-22057"
},
{
"category": "external",
"summary": "SUSE Bug 1241533 for CVE-2025-22057",
"url": "https://bugzilla.suse.com/1241533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22057"
},
{
"cve": "CVE-2025-22058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Fix memory accounting leak.\n\nMatt Dowling reported a weird UDP memory usage issue.\n\nUnder normal operation, the UDP memory usage reported in /proc/net/sockstat\nremains close to zero. However, it occasionally spiked to 524,288 pages\nand never dropped. Moreover, the value doubled when the application was\nterminated. Finally, it caused intermittent packet drops.\n\nWe can reproduce the issue with the script below [0]:\n\n 1. /proc/net/sockstat reports 0 pages\n\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 1 mem 0\n\n 2. Run the script till the report reaches 524,288\n\n # python3 test.py \u0026 sleep 5\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 3 mem 524288 \u003c-- (INT_MAX + 1) \u003e\u003e PAGE_SHIFT\n\n 3. Kill the socket and confirm the number never drops\n\n # pkill python3 \u0026\u0026 sleep 5\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 1 mem 524288\n\n 4. (necessary since v6.0) Trigger proto_memory_pcpu_drain()\n\n # python3 test.py \u0026 sleep 1 \u0026\u0026 pkill python3\n\n 5. The number doubles\n\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 1 mem 1048577\n\nThe application set INT_MAX to SO_RCVBUF, which triggered an integer\noverflow in udp_rmem_release().\n\nWhen a socket is close()d, udp_destruct_common() purges its receive\nqueue and sums up skb-\u003etruesize in the queue. This total is calculated\nand stored in a local unsigned integer variable.\n\nThe total size is then passed to udp_rmem_release() to adjust memory\naccounting. However, because the function takes a signed integer\nargument, the total size can wrap around, causing an overflow.\n\nThen, the released amount is calculated as follows:\n\n 1) Add size to sk-\u003esk_forward_alloc.\n 2) Round down sk-\u003esk_forward_alloc to the nearest lower multiple of\n PAGE_SIZE and assign it to amount.\n 3) Subtract amount from sk-\u003esk_forward_alloc.\n 4) Pass amount \u003e\u003e PAGE_SHIFT to __sk_mem_reduce_allocated().\n\nWhen the issue occurred, the total in udp_destruct_common() was 2147484480\n(INT_MAX + 833), which was cast to -2147482816 in udp_rmem_release().\n\nAt 1) sk-\u003esk_forward_alloc is changed from 3264 to -2147479552, and\n2) sets -2147479552 to amount. 3) reverts the wraparound, so we don\u0027t\nsee a warning in inet_sock_destruct(). However, udp_memory_allocated\nends up doubling at 4).\n\nSince commit 3cd3399dd7a8 (\"net: implement per-cpu reserves for\nmemory_allocated\"), memory usage no longer doubles immediately after\na socket is close()d because __sk_mem_reduce_allocated() caches the\namount in udp_memory_per_cpu_fw_alloc. However, the next time a UDP\nsocket receives a packet, the subtraction takes effect, causing UDP\nmemory usage to double.\n\nThis issue makes further memory allocation fail once the socket\u0027s\nsk-\u003esk_rmem_alloc exceeds net.ipv4.udp_rmem_min, resulting in packet\ndrops.\n\nTo prevent this issue, let\u0027s use unsigned int for the calculation and\ncall sk_forward_alloc_add() only once for the small delta.\n\nNote that first_packet_length() also potentially has the same problem.\n\n[0]:\nfrom socket import *\n\nSO_RCVBUFFORCE = 33\nINT_MAX = (2 ** 31) - 1\n\ns = socket(AF_INET, SOCK_DGRAM)\ns.bind((\u0027\u0027, 0))\ns.setsockopt(SOL_SOCKET, SO_RCVBUFFORCE, INT_MAX)\n\nc = socket(AF_INET, SOCK_DGRAM)\nc.connect(s.getsockname())\n\ndata = b\u0027a\u0027 * 100\n\nwhile True:\n c.send(data)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22058",
"url": "https://www.suse.com/security/cve/CVE-2025-22058"
},
{
"category": "external",
"summary": "SUSE Bug 1241332 for CVE-2025-22058",
"url": "https://bugzilla.suse.com/1241332"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22058"
},
{
"cve": "CVE-2025-22060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvpp2: Prevent parser TCAM memory corruption\n\nProtect the parser TCAM/SRAM memory, and the cached (shadow) SRAM\ninformation, from concurrent modifications.\n\nBoth the TCAM and SRAM tables are indirectly accessed by configuring\nan index register that selects the row to read or write to. This means\nthat operations must be atomic in order to, e.g., avoid spreading\nwrites across multiple rows. Since the shadow SRAM array is used to\nfind free rows in the hardware table, it must also be protected in\norder to avoid TOCTOU errors where multiple cores allocate the same\nrow.\n\nThis issue was detected in a situation where `mvpp2_set_rx_mode()` ran\nconcurrently on two CPUs. In this particular case the\nMVPP2_PE_MAC_UC_PROMISCUOUS entry was corrupted, causing the\nclassifier unit to drop all incoming unicast - indicated by the\n`rx_classifier_drops` counter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22060",
"url": "https://www.suse.com/security/cve/CVE-2025-22060"
},
{
"category": "external",
"summary": "SUSE Bug 1241526 for CVE-2025-22060",
"url": "https://bugzilla.suse.com/1241526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22060"
},
{
"cve": "CVE-2025-22062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: add mutual exclusion in proc_sctp_do_udp_port()\n\nWe must serialize calls to sctp_udp_sock_stop() and sctp_udp_sock_start()\nor risk a crash as syzbot reported:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000000d: 0000 [#1] SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f]\nCPU: 1 UID: 0 PID: 6551 Comm: syz.1.44 Not tainted 6.14.0-syzkaller-g7f2ff7b62617 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\n RIP: 0010:kernel_sock_shutdown+0x47/0x70 net/socket.c:3653\nCall Trace:\n \u003cTASK\u003e\n udp_tunnel_sock_release+0x68/0x80 net/ipv4/udp_tunnel_core.c:181\n sctp_udp_sock_stop+0x71/0x160 net/sctp/protocol.c:930\n proc_sctp_do_udp_port+0x264/0x450 net/sctp/sysctl.c:553\n proc_sys_call_handler+0x3d0/0x5b0 fs/proc/proc_sysctl.c:601\n iter_file_splice_write+0x91c/0x1150 fs/splice.c:738\n do_splice_from fs/splice.c:935 [inline]\n direct_splice_actor+0x18f/0x6c0 fs/splice.c:1158\n splice_direct_to_actor+0x342/0xa30 fs/splice.c:1102\n do_splice_direct_actor fs/splice.c:1201 [inline]\n do_splice_direct+0x174/0x240 fs/splice.c:1227\n do_sendfile+0xafd/0xe50 fs/read_write.c:1368\n __do_sys_sendfile64 fs/read_write.c:1429 [inline]\n __se_sys_sendfile64 fs/read_write.c:1415 [inline]\n __x64_sys_sendfile64+0x1d8/0x220 fs/read_write.c:1415\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22062",
"url": "https://www.suse.com/security/cve/CVE-2025-22062"
},
{
"category": "external",
"summary": "SUSE Bug 1241412 for CVE-2025-22062",
"url": "https://bugzilla.suse.com/1241412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22062"
},
{
"cve": "CVE-2025-22063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets\n\nWhen calling netlbl_conn_setattr(), addr-\u003esa_family is used\nto determine the function behavior. If sk is an IPv4 socket,\nbut the connect function is called with an IPv6 address,\nthe function calipso_sock_setattr() is triggered.\nInside this function, the following code is executed:\n\nsk_fullsock(__sk) ? inet_sk(__sk)-\u003epinet6 : NULL;\n\nSince sk is an IPv4 socket, pinet6 is NULL, leading to a\nnull pointer dereference.\n\nThis patch fixes the issue by checking if inet6_sk(sk)\nreturns a NULL pointer before accessing pinet6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22063",
"url": "https://www.suse.com/security/cve/CVE-2025-22063"
},
{
"category": "external",
"summary": "SUSE Bug 1241351 for CVE-2025-22063",
"url": "https://bugzilla.suse.com/1241351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22063"
},
{
"cve": "CVE-2025-22064",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22064"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t unregister hook when table is dormant\n\nWhen nf_tables_updchain encounters an error, hook registration needs to\nbe rolled back.\n\nThis should only be done if the hook has been registered, which won\u0027t\nhappen when the table is flagged as dormant (inactive).\n\nJust move the assignment into the registration block.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22064",
"url": "https://www.suse.com/security/cve/CVE-2025-22064"
},
{
"category": "external",
"summary": "SUSE Bug 1241413 for CVE-2025-22064",
"url": "https://bugzilla.suse.com/1241413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22064"
},
{
"cve": "CVE-2025-22065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix adapter NULL pointer dereference on reboot\n\nWith SRIOV enabled, idpf ends up calling into idpf_remove() twice.\nFirst via idpf_shutdown() and then again when idpf_remove() calls into\nsriov_disable(), because the VF devices use the idpf driver, hence the\nsame remove routine. When that happens, it is possible for the adapter\nto be NULL from the first call to idpf_remove(), leading to a NULL\npointer dereference.\n\necho 1 \u003e /sys/class/net/\u003cnetif\u003e/device/sriov_numvfs\nreboot\n\nBUG: kernel NULL pointer dereference, address: 0000000000000020\n...\nRIP: 0010:idpf_remove+0x22/0x1f0 [idpf]\n...\n? idpf_remove+0x22/0x1f0 [idpf]\n? idpf_remove+0x1e4/0x1f0 [idpf]\npci_device_remove+0x3f/0xb0\ndevice_release_driver_internal+0x19f/0x200\npci_stop_bus_device+0x6d/0x90\npci_stop_and_remove_bus_device+0x12/0x20\npci_iov_remove_virtfn+0xbe/0x120\nsriov_disable+0x34/0xe0\nidpf_sriov_configure+0x58/0x140 [idpf]\nidpf_remove+0x1b9/0x1f0 [idpf]\nidpf_shutdown+0x12/0x30 [idpf]\npci_device_shutdown+0x35/0x60\ndevice_shutdown+0x156/0x200\n...\n\nReplace the direct idpf_remove() call in idpf_shutdown() with\nidpf_vc_core_deinit() and idpf_deinit_dflt_mbx(), which perform\nthe bulk of the cleanup, such as stopping the init task, freeing IRQs,\ndestroying the vports and freeing the mailbox. This avoids the calls to\nsriov_disable() in addition to a small netdev cleanup, and destroying\nworkqueues, which don\u0027t seem to be required on shutdown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22065",
"url": "https://www.suse.com/security/cve/CVE-2025-22065"
},
{
"category": "external",
"summary": "SUSE Bug 1241333 for CVE-2025-22065",
"url": "https://bugzilla.suse.com/1241333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22065"
},
{
"cve": "CVE-2025-22066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: imx-card: Add NULL check in imx_card_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nimx_card_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22066",
"url": "https://www.suse.com/security/cve/CVE-2025-22066"
},
{
"category": "external",
"summary": "SUSE Bug 1241340 for CVE-2025-22066",
"url": "https://bugzilla.suse.com/1241340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22066"
},
{
"cve": "CVE-2025-22070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: fix NULL pointer dereference on mkdir\n\nWhen a 9p tree was mounted with option \u0027posixacl\u0027, parent directory had a\ndefault ACL set for its subdirectories, e.g.:\n\n setfacl -m default:group:simpsons:rwx parentdir\n\nthen creating a subdirectory crashed 9p client, as v9fs_fid_add() call in\nfunction v9fs_vfs_mkdir_dotl() sets the passed \u0027fid\u0027 pointer to NULL\n(since dafbe689736) even though the subsequent v9fs_set_create_acl() call\nexpects a valid non-NULL \u0027fid\u0027 pointer:\n\n [ 37.273191] BUG: kernel NULL pointer dereference, address: 0000000000000000\n ...\n [ 37.322338] Call Trace:\n [ 37.323043] \u003cTASK\u003e\n [ 37.323621] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434)\n [ 37.324448] ? page_fault_oops (arch/x86/mm/fault.c:714)\n [ 37.325532] ? search_module_extables (kernel/module/main.c:3733)\n [ 37.326742] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.328006] ? search_bpf_extables (kernel/bpf/core.c:804)\n [ 37.329142] ? exc_page_fault (./arch/x86/include/asm/paravirt.h:686 arch/x86/mm/fault.c:1488 arch/x86/mm/fault.c:1538)\n [ 37.330196] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:574)\n [ 37.331330] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.332562] ? v9fs_fid_xattr_get (fs/9p/xattr.c:30) 9p\n [ 37.333824] v9fs_fid_xattr_set (fs/9p/fid.h:23 fs/9p/xattr.c:121) 9p\n [ 37.335077] v9fs_set_acl (fs/9p/acl.c:276) 9p\n [ 37.336112] v9fs_set_create_acl (fs/9p/acl.c:307) 9p\n [ 37.337326] v9fs_vfs_mkdir_dotl (fs/9p/vfs_inode_dotl.c:411) 9p\n [ 37.338590] vfs_mkdir (fs/namei.c:4313)\n [ 37.339535] do_mkdirat (fs/namei.c:4336)\n [ 37.340465] __x64_sys_mkdir (fs/namei.c:4354)\n [ 37.341455] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n [ 37.342447] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by simply swapping the sequence of these two calls in\nv9fs_vfs_mkdir_dotl(), i.e. calling v9fs_set_create_acl() before\nv9fs_fid_add().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22070",
"url": "https://www.suse.com/security/cve/CVE-2025-22070"
},
{
"category": "external",
"summary": "SUSE Bug 1241305 for CVE-2025-22070",
"url": "https://bugzilla.suse.com/1241305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22070"
},
{
"cve": "CVE-2025-22075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: Allocate vfinfo size for VF GUIDs when supported\n\nCommit 30aad41721e0 (\"net/core: Add support for getting VF GUIDs\")\nadded support for getting VF port and node GUIDs in netlink ifinfo\nmessages, but their size was not taken into consideration in the\nfunction that allocates the netlink message, causing the following\nwarning when a netlink message is filled with many VF port and node\nGUIDs:\n # echo 64 \u003e /sys/bus/pci/devices/0000\\:08\\:00.0/sriov_numvfs\n # ip link show dev ib0\n RTNETLINK answers: Message too long\n Cannot send link get request: Message too long\n\nKernel warning:\n\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 1930 at net/core/rtnetlink.c:4151 rtnl_getlink+0x586/0x5a0\n Modules linked in: xt_conntrack xt_MASQUERADE nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter overlay mlx5_ib macsec mlx5_core tls rpcrdma rdma_ucm ib_uverbs ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm iw_cm ib_ipoib fuse ib_cm ib_core\n CPU: 2 UID: 0 PID: 1930 Comm: ip Not tainted 6.14.0-rc2+ #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:rtnl_getlink+0x586/0x5a0\n Code: cb 82 e8 3d af 0a 00 4d 85 ff 0f 84 08 ff ff ff 4c 89 ff 41 be ea ff ff ff e8 66 63 5b ff 49 c7 07 80 4f cb 82 e9 36 fc ff ff \u003c0f\u003e 0b e9 16 fe ff ff e8 de a0 56 00 66 66 2e 0f 1f 84 00 00 00 00\n RSP: 0018:ffff888113557348 EFLAGS: 00010246\n RAX: 00000000ffffffa6 RBX: ffff88817e87aa34 RCX: dffffc0000000000\n RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffff88817e87afb8\n RBP: 0000000000000009 R08: ffffffff821f44aa R09: 0000000000000000\n R10: ffff8881260f79a8 R11: ffff88817e87af00 R12: ffff88817e87aa00\n R13: ffffffff8563d300 R14: 00000000ffffffa6 R15: 00000000ffffffff\n FS: 00007f63a5dbf280(0000) GS:ffff88881ee00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f63a5ba4493 CR3: 00000001700fe002 CR4: 0000000000772eb0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0xa5/0x230\n ? rtnl_getlink+0x586/0x5a0\n ? report_bug+0x22d/0x240\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x14/0x50\n ? asm_exc_invalid_op+0x16/0x20\n ? skb_trim+0x6a/0x80\n ? rtnl_getlink+0x586/0x5a0\n ? __pfx_rtnl_getlink+0x10/0x10\n ? rtnetlink_rcv_msg+0x1e5/0x860\n ? __pfx___mutex_lock+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? __pfx_lock_acquire+0x10/0x10\n ? stack_trace_save+0x90/0xd0\n ? filter_irq_stacks+0x1d/0x70\n ? kasan_save_stack+0x30/0x40\n ? kasan_save_stack+0x20/0x40\n ? kasan_save_track+0x10/0x30\n rtnetlink_rcv_msg+0x21c/0x860\n ? entry_SYSCALL_64_after_hwframe+0x76/0x7e\n ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n ? arch_stack_walk+0x9e/0xf0\n ? rcu_is_watching+0x34/0x60\n ? lock_acquire+0xd5/0x410\n ? rcu_is_watching+0x34/0x60\n netlink_rcv_skb+0xe0/0x210\n ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n ? __pfx_netlink_rcv_skb+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? __pfx___netlink_lookup+0x10/0x10\n ? lock_release+0x62/0x200\n ? netlink_deliver_tap+0xfd/0x290\n ? rcu_is_watching+0x34/0x60\n ? lock_release+0x62/0x200\n ? netlink_deliver_tap+0x95/0x290\n netlink_unicast+0x31f/0x480\n ? __pfx_netlink_unicast+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? lock_acquire+0xd5/0x410\n netlink_sendmsg+0x369/0x660\n ? lock_release+0x62/0x200\n ? __pfx_netlink_sendmsg+0x10/0x10\n ? import_ubuf+0xb9/0xf0\n ? __import_iovec+0x254/0x2b0\n ? lock_release+0x62/0x200\n ? __pfx_netlink_sendmsg+0x10/0x10\n ____sys_sendmsg+0x559/0x5a0\n ? __pfx_____sys_sendmsg+0x10/0x10\n ? __pfx_copy_msghdr_from_user+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? do_read_fault+0x213/0x4a0\n ? rcu_is_watching+0x34/0x60\n ___sys_sendmsg+0xe4/0x150\n ? __pfx____sys_sendmsg+0x10/0x10\n ? do_fault+0x2cc/0x6f0\n ? handle_pte_fault+0x2e3/0x3d0\n ? __pfx_handle_pte_fault+0x10/0x10\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22075",
"url": "https://www.suse.com/security/cve/CVE-2025-22075"
},
{
"category": "external",
"summary": "SUSE Bug 1241402 for CVE-2025-22075",
"url": "https://bugzilla.suse.com/1241402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22075"
},
{
"cve": "CVE-2025-22080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Prevent integer overflow in hdr_first_de()\n\nThe \"de_off\" and \"used\" variables come from the disk so they both need to\ncheck. The problem is that on 32bit systems if they\u0027re both greater than\nUINT_MAX - 16 then the check does work as intended because of an integer\noverflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22080",
"url": "https://www.suse.com/security/cve/CVE-2025-22080"
},
{
"category": "external",
"summary": "SUSE Bug 1241416 for CVE-2025-22080",
"url": "https://bugzilla.suse.com/1241416"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22080"
},
{
"cve": "CVE-2025-22086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow\n\nWhen cur_qp isn\u0027t NULL, in order to avoid fetching the QP from\nthe radix tree again we check if the next cqe QP is identical to\nthe one we already have.\n\nThe bug however is that we are checking if the QP is identical by\nchecking the QP number inside the CQE against the QP number inside the\nmlx5_ib_qp, but that\u0027s wrong since the QP number from the CQE is from\nFW so it should be matched against mlx5_core_qp which is our FW QP\nnumber.\n\nOtherwise we could use the wrong QP when handling a CQE which could\ncause the kernel trace below.\n\nThis issue is mainly noticeable over QPs 0 \u0026 1, since for now they are\nthe only QPs in our driver whereas the QP number inside mlx5_ib_qp\ndoesn\u0027t match the QP number inside mlx5_core_qp.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000012\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP\n CPU: 0 UID: 0 PID: 7927 Comm: kworker/u62:1 Not tainted 6.14.0-rc3+ #189\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n Workqueue: ib-comp-unb-wq ib_cq_poll_work [ib_core]\n RIP: 0010:mlx5_ib_poll_cq+0x4c7/0xd90 [mlx5_ib]\n Code: 03 00 00 8d 58 ff 21 cb 66 39 d3 74 39 48 c7 c7 3c 89 6e a0 0f b7 db e8 b7 d2 b3 e0 49 8b 86 60 03 00 00 48 c7 c7 4a 89 6e a0 \u003c0f\u003e b7 5c 98 02 e8 9f d2 b3 e0 41 0f b7 86 78 03 00 00 83 e8 01 21\n RSP: 0018:ffff88810511bd60 EFLAGS: 00010046\n RAX: 0000000000000010 RBX: 0000000000000000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff88885fa1b3c0 RDI: ffffffffa06e894a\n RBP: 00000000000000b0 R08: 0000000000000000 R09: ffff88810511bc10\n R10: 0000000000000001 R11: 0000000000000001 R12: ffff88810d593000\n R13: ffff88810e579108 R14: ffff888105146000 R15: 00000000000000b0\n FS: 0000000000000000(0000) GS:ffff88885fa00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000012 CR3: 00000001077e6001 CR4: 0000000000370eb0\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x150/0x3e0\n ? exc_page_fault+0x74/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? mlx5_ib_poll_cq+0x4c7/0xd90 [mlx5_ib]\n __ib_process_cq+0x5a/0x150 [ib_core]\n ib_cq_poll_work+0x31/0x90 [ib_core]\n process_one_work+0x169/0x320\n worker_thread+0x288/0x3a0\n ? work_busy+0xb0/0xb0\n kthread+0xd7/0x1f0\n ? kthreads_online_cpu+0x130/0x130\n ? kthreads_online_cpu+0x130/0x130\n ret_from_fork+0x2d/0x50\n ? kthreads_online_cpu+0x130/0x130\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22086",
"url": "https://www.suse.com/security/cve/CVE-2025-22086"
},
{
"category": "external",
"summary": "SUSE Bug 1241458 for CVE-2025-22086",
"url": "https://bugzilla.suse.com/1241458"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22086"
},
{
"cve": "CVE-2025-22088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/erdma: Prevent use-after-free in erdma_accept_newconn()\n\nAfter the erdma_cep_put(new_cep) being called, new_cep will be freed,\nand the following dereference will cause a UAF problem. Fix this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22088",
"url": "https://www.suse.com/security/cve/CVE-2025-22088"
},
{
"category": "external",
"summary": "SUSE Bug 1241528 for CVE-2025-22088",
"url": "https://bugzilla.suse.com/1241528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22088"
},
{
"cve": "CVE-2025-22089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Don\u0027t expose hw_counters outside of init net namespace\n\nCommit 467f432a521a (\"RDMA/core: Split port and device counter sysfs\nattributes\") accidentally almost exposed hw counters to non-init net\nnamespaces. It didn\u0027t expose them fully, as an attempt to read any of\nthose counters leads to a crash like this one:\n\n[42021.807566] BUG: kernel NULL pointer dereference, address: 0000000000000028\n[42021.814463] #PF: supervisor read access in kernel mode\n[42021.819549] #PF: error_code(0x0000) - not-present page\n[42021.824636] PGD 0 P4D 0\n[42021.827145] Oops: 0000 [#1] SMP PTI\n[42021.830598] CPU: 82 PID: 2843922 Comm: switchto-defaul Kdump: loaded Tainted: G S W I XXX\n[42021.841697] Hardware name: XXX\n[42021.849619] RIP: 0010:hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.855362] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 49 89 d0 4c 8b 5e 20 48 8b 8f b8 04 00 00 48 81 c7 f0 fa ff ff \u003c48\u003e 8b 41 28 48 29 ce 48 83 c6 d0 48 c1 ee 04 69 d6 ab aa aa aa 48\n[42021.873931] RSP: 0018:ffff97fe90f03da0 EFLAGS: 00010287\n[42021.879108] RAX: ffff9406988a8c60 RBX: ffff940e1072d438 RCX: 0000000000000000\n[42021.886169] RDX: ffff94085f1aa000 RSI: ffff93c6cbbdbcb0 RDI: ffff940c7517aef0\n[42021.893230] RBP: ffff97fe90f03e70 R08: ffff94085f1aa000 R09: 0000000000000000\n[42021.900294] R10: ffff94085f1aa000 R11: ffffffffc0775680 R12: ffffffff87ca2530\n[42021.907355] R13: ffff940651602840 R14: ffff93c6cbbdbcb0 R15: ffff94085f1aa000\n[42021.914418] FS: 00007fda1a3b9700(0000) GS:ffff94453fb80000(0000) knlGS:0000000000000000\n[42021.922423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[42021.928130] CR2: 0000000000000028 CR3: 00000042dcfb8003 CR4: 00000000003726f0\n[42021.935194] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[42021.942257] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[42021.949324] Call Trace:\n[42021.951756] \u003cTASK\u003e\n[42021.953842] [\u003cffffffff86c58674\u003e] ? show_regs+0x64/0x70\n[42021.959030] [\u003cffffffff86c58468\u003e] ? __die+0x78/0xc0\n[42021.963874] [\u003cffffffff86c9ef75\u003e] ? page_fault_oops+0x2b5/0x3b0\n[42021.969749] [\u003cffffffff87674b92\u003e] ? exc_page_fault+0x1a2/0x3c0\n[42021.975549] [\u003cffffffff87801326\u003e] ? asm_exc_page_fault+0x26/0x30\n[42021.981517] [\u003cffffffffc0775680\u003e] ? __pfx_show_hw_stats+0x10/0x10 [ib_core]\n[42021.988482] [\u003cffffffffc077564e\u003e] ? hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.995438] [\u003cffffffff86ac7f8e\u003e] dev_attr_show+0x1e/0x50\n[42022.000803] [\u003cffffffff86a3eeb1\u003e] sysfs_kf_seq_show+0x81/0xe0\n[42022.006508] [\u003cffffffff86a11134\u003e] seq_read_iter+0xf4/0x410\n[42022.011954] [\u003cffffffff869f4b2e\u003e] vfs_read+0x16e/0x2f0\n[42022.017058] [\u003cffffffff869f50ee\u003e] ksys_read+0x6e/0xe0\n[42022.022073] [\u003cffffffff8766f1ca\u003e] do_syscall_64+0x6a/0xa0\n[42022.027441] [\u003cffffffff8780013b\u003e] entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nThe problem can be reproduced using the following steps:\n ip netns add foo\n ip netns exec foo bash\n cat /sys/class/infiniband/mlx4_0/hw_counters/*\n\nThe panic occurs because of casting the device pointer into an\nib_device pointer using container_of() in hw_stat_device_show() is\nwrong and leads to a memory corruption.\n\nHowever the real problem is that hw counters should never been exposed\noutside of the non-init net namespace.\n\nFix this by saving the index of the corresponding attribute group\n(it might be 1 or 2 depending on the presence of driver-specific\nattributes) and zeroing the pointer to hw_counters group for compat\ndevices during the initialization.\n\nWith this fix applied hw_counters are not available in a non-init\nnet namespace:\n find /sys/class/infiniband/mlx4_0/ -name hw_counters\n /sys/class/infiniband/mlx4_0/ports/1/hw_counters\n /sys/class/infiniband/mlx4_0/ports/2/hw_counters\n /sys/class/infiniband/mlx4_0/hw_counters\n\n ip netns add foo\n ip netns exec foo bash\n find /sys/class/infiniband/mlx4_0/ -name hw_counters",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22089",
"url": "https://www.suse.com/security/cve/CVE-2025-22089"
},
{
"category": "external",
"summary": "SUSE Bug 1241538 for CVE-2025-22089",
"url": "https://bugzilla.suse.com/1241538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22089"
},
{
"cve": "CVE-2025-22090",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22090"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range()\n\nIf track_pfn_copy() fails, we already added the dst VMA to the maple\ntree. As fork() fails, we\u0027ll cleanup the maple tree, and stumble over\nthe dst VMA for which we neither performed any reservation nor copied\nany page tables.\n\nConsequently untrack_pfn() will see VM_PAT and try obtaining the\nPAT information from the page table -- which fails because the page\ntable was not copied.\n\nThe easiest fix would be to simply clear the VM_PAT flag of the dst VMA\nif track_pfn_copy() fails. However, the whole thing is about \"simply\"\nclearing the VM_PAT flag is shaky as well: if we passed track_pfn_copy()\nand performed a reservation, but copying the page tables fails, we\u0027ll\nsimply clear the VM_PAT flag, not properly undoing the reservation ...\nwhich is also wrong.\n\nSo let\u0027s fix it properly: set the VM_PAT flag only if the reservation\nsucceeded (leaving it clear initially), and undo the reservation if\nanything goes wrong while copying the page tables: clearing the VM_PAT\nflag after undoing the reservation.\n\nNote that any copied page table entries will get zapped when the VMA will\nget removed later, after copy_page_range() succeeded; as VM_PAT is not set\nthen, we won\u0027t try cleaning VM_PAT up once more and untrack_pfn() will be\nhappy. Note that leaving these page tables in place without a reservation\nis not a problem, as we are aborting fork(); this process will never run.\n\nA reproducer can trigger this usually at the first try:\n\n https://gitlab.com/davidhildenbrand/scratchspace/-/raw/main/reproducers/pat_fork.c\n\n WARNING: CPU: 26 PID: 11650 at arch/x86/mm/pat/memtype.c:983 get_pat_info+0xf6/0x110\n Modules linked in: ...\n CPU: 26 UID: 0 PID: 11650 Comm: repro3 Not tainted 6.12.0-rc5+ #92\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n RIP: 0010:get_pat_info+0xf6/0x110\n ...\n Call Trace:\n \u003cTASK\u003e\n ...\n untrack_pfn+0x52/0x110\n unmap_single_vma+0xa6/0xe0\n unmap_vmas+0x105/0x1f0\n exit_mmap+0xf6/0x460\n __mmput+0x4b/0x120\n copy_process+0x1bf6/0x2aa0\n kernel_clone+0xab/0x440\n __do_sys_clone+0x66/0x90\n do_syscall_64+0x95/0x180\n\nLikely this case was missed in:\n\n d155df53f310 (\"x86/mm/pat: clear VM_PAT if copy_p4d_range failed\")\n\n... and instead of undoing the reservation we simply cleared the VM_PAT flag.\n\nKeep the documentation of these functions in include/linux/pgtable.h,\none place is more than sufficient -- we should clean that up for the other\nfunctions like track_pfn_remap/untrack_pfn separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22090",
"url": "https://www.suse.com/security/cve/CVE-2025-22090"
},
{
"category": "external",
"summary": "SUSE Bug 1241537 for CVE-2025-22090",
"url": "https://bugzilla.suse.com/1241537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22090"
},
{
"cve": "CVE-2025-22093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: avoid NPD when ASIC does not support DMUB\n\nctx-\u003edmub_srv will de NULL if the ASIC does not support DMUB, which is\ntested in dm_dmub_sw_init.\n\nHowever, it will be dereferenced in dmub_hw_lock_mgr_cmd if\nshould_use_dmub_lock returns true.\n\nThis has been the case since dmub support has been added for PSR1.\n\nFix this by checking for dmub_srv in should_use_dmub_lock.\n\n[ 37.440832] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 37.447808] #PF: supervisor read access in kernel mode\n[ 37.452959] #PF: error_code(0x0000) - not-present page\n[ 37.458112] PGD 0 P4D 0\n[ 37.460662] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 37.465553] CPU: 2 UID: 1000 PID: 1745 Comm: DrmThread Not tainted 6.14.0-rc1-00003-gd62e938120f0 #23 99720e1cb1e0fc4773b8513150932a07de3c6e88\n[ 37.478324] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[ 37.487103] RIP: 0010:dmub_hw_lock_mgr_cmd+0x77/0xb0\n[ 37.492074] Code: 44 24 0e 00 00 00 00 48 c7 04 24 45 00 00 0c 40 88 74 24 0d 0f b6 02 88 44 24 0c 8b 01 89 44 24 08 85 f6 75 05 c6 44 24 0e 01 \u003c48\u003e 8b 7f 58 48 89 e6 ba 01 00 00 00 e8 08 3c 2a 00 65 48 8b 04 5\n[ 37.510822] RSP: 0018:ffff969442853300 EFLAGS: 00010202\n[ 37.516052] RAX: 0000000000000000 RBX: ffff92db03000000 RCX: ffff969442853358\n[ 37.523185] RDX: ffff969442853368 RSI: 0000000000000001 RDI: 0000000000000000\n[ 37.530322] RBP: 0000000000000001 R08: 00000000000004a7 R09: 00000000000004a5\n[ 37.537453] R10: 0000000000000476 R11: 0000000000000062 R12: ffff92db0ade8000\n[ 37.544589] R13: ffff92da01180ae0 R14: ffff92da011802a8 R15: ffff92db03000000\n[ 37.551725] FS: 0000784a9cdfc6c0(0000) GS:ffff92db2af00000(0000) knlGS:0000000000000000\n[ 37.559814] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 37.565562] CR2: 0000000000000058 CR3: 0000000112b1c000 CR4: 00000000003506f0\n[ 37.572697] Call Trace:\n[ 37.575152] \u003cTASK\u003e\n[ 37.577258] ? __die_body+0x66/0xb0\n[ 37.580756] ? page_fault_oops+0x3e7/0x4a0\n[ 37.584861] ? exc_page_fault+0x3e/0xe0\n[ 37.588706] ? exc_page_fault+0x5c/0xe0\n[ 37.592550] ? asm_exc_page_fault+0x22/0x30\n[ 37.596742] ? dmub_hw_lock_mgr_cmd+0x77/0xb0\n[ 37.601107] dcn10_cursor_lock+0x1e1/0x240\n[ 37.605211] program_cursor_attributes+0x81/0x190\n[ 37.609923] commit_planes_for_stream+0x998/0x1ef0\n[ 37.614722] update_planes_and_stream_v2+0x41e/0x5c0\n[ 37.619703] dc_update_planes_and_stream+0x78/0x140\n[ 37.624588] amdgpu_dm_atomic_commit_tail+0x4362/0x49f0\n[ 37.629832] ? srso_return_thunk+0x5/0x5f\n[ 37.633847] ? mark_held_locks+0x6d/0xd0\n[ 37.637774] ? _raw_spin_unlock_irq+0x24/0x50\n[ 37.642135] ? srso_return_thunk+0x5/0x5f\n[ 37.646148] ? lockdep_hardirqs_on+0x95/0x150\n[ 37.650510] ? srso_return_thunk+0x5/0x5f\n[ 37.654522] ? _raw_spin_unlock_irq+0x2f/0x50\n[ 37.658883] ? srso_return_thunk+0x5/0x5f\n[ 37.662897] ? wait_for_common+0x186/0x1c0\n[ 37.666998] ? srso_return_thunk+0x5/0x5f\n[ 37.671009] ? drm_crtc_next_vblank_start+0xc3/0x170\n[ 37.675983] commit_tail+0xf5/0x1c0\n[ 37.679478] drm_atomic_helper_commit+0x2a2/0x2b0\n[ 37.684186] drm_atomic_commit+0xd6/0x100\n[ 37.688199] ? __cfi___drm_printfn_info+0x10/0x10\n[ 37.692911] drm_atomic_helper_update_plane+0xe5/0x130\n[ 37.698054] drm_mode_cursor_common+0x501/0x670\n[ 37.702600] ? __cfi_drm_mode_cursor_ioctl+0x10/0x10\n[ 37.707572] drm_mode_cursor_ioctl+0x48/0x70\n[ 37.711851] drm_ioctl_kernel+0xf2/0x150\n[ 37.715781] drm_ioctl+0x363/0x590\n[ 37.719189] ? __cfi_drm_mode_cursor_ioctl+0x10/0x10\n[ 37.724165] amdgpu_drm_ioctl+0x41/0x80\n[ 37.728013] __se_sys_ioctl+0x7f/0xd0\n[ 37.731685] do_syscall_64+0x87/0x100\n[ 37.735355] ? vma_end_read+0x12/0xe0\n[ 37.739024] ? srso_return_thunk+0x5/0x5f\n[ 37.743041] ? find_held_lock+0x47/0xf0\n[ 37.746884] ? vma_end_read+0x12/0xe0\n[ 37.750552] ? srso_return_thunk+0x5/0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22093",
"url": "https://www.suse.com/security/cve/CVE-2025-22093"
},
{
"category": "external",
"summary": "SUSE Bug 1241545 for CVE-2025-22093",
"url": "https://bugzilla.suse.com/1241545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22093"
},
{
"cve": "CVE-2025-22095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: brcmstb: Fix error path after a call to regulator_bulk_get()\n\nIf the regulator_bulk_get() returns an error and no regulators\nare created, we need to set their number to zero.\n\nIf we don\u0027t do this and the PCIe link up fails, a call to the\nregulator_bulk_free() will result in a kernel panic.\n\nWhile at it, print the error value, as we cannot return an error\nupwards as the kernel will WARN() on an error from add_bus().\n\n[kwilczynski: commit log, use comma in the message to match style with\nother similar messages]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22095",
"url": "https://www.suse.com/security/cve/CVE-2025-22095"
},
{
"category": "external",
"summary": "SUSE Bug 1241519 for CVE-2025-22095",
"url": "https://bugzilla.suse.com/1241519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22095"
},
{
"cve": "CVE-2025-22097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vkms: Fix use after free and double free on init error\n\nIf the driver initialization fails, the vkms_exit() function might\naccess an uninitialized or freed default_config pointer and it might\ndouble free it.\n\nFix both possible errors by initializing default_config only when the\ndriver initialization succeeded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22097",
"url": "https://www.suse.com/security/cve/CVE-2025-22097"
},
{
"category": "external",
"summary": "SUSE Bug 1241541 for CVE-2025-22097",
"url": "https://bugzilla.suse.com/1241541"
},
{
"category": "external",
"summary": "SUSE Bug 1241542 for CVE-2025-22097",
"url": "https://bugzilla.suse.com/1241542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-22097"
},
{
"cve": "CVE-2025-22102",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22102"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Fix kernel panic during FW release\n\nThis fixes a kernel panic seen during release FW in a stress test\nscenario where WLAN and BT FW download occurs simultaneously, and due to\na HW bug, chip sends out only 1 bootloader signatures.\n\nWhen driver receives the bootloader signature, it enters FW download\nmode, but since no consequtive bootloader signatures seen, FW file is\nnot requested.\n\nAfter 60 seconds, when FW download times out, release_firmware causes a\nkernel panic.\n\n[ 2601.949184] Unable to handle kernel paging request at virtual address 0000312e6f006573\n[ 2601.992076] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000111802000\n[ 2601.992080] [0000312e6f006573] pgd=0000000000000000, p4d=0000000000000000\n[ 2601.992087] Internal error: Oops: 0000000096000021 [#1] PREEMPT SMP\n[ 2601.992091] Modules linked in: algif_hash algif_skcipher af_alg btnxpuart(O) pciexxx(O) mlan(O) overlay fsl_jr_uio caam_jr caamkeyblob_desc caamhash_desc caamalg_desc crypto_engine authenc libdes crct10dif_ce polyval_ce snd_soc_fsl_easrc snd_soc_fsl_asoc_card imx8_media_dev(C) snd_soc_fsl_micfil polyval_generic snd_soc_fsl_xcvr snd_soc_fsl_sai snd_soc_imx_audmux snd_soc_fsl_asrc snd_soc_imx_card snd_soc_imx_hdmi snd_soc_fsl_aud2htx snd_soc_fsl_utils imx_pcm_dma dw_hdmi_cec flexcan can_dev\n[ 2602.001825] CPU: 2 PID: 20060 Comm: hciconfig Tainted: G C O 6.6.23-lts-next-06236-gb586a521770e #1\n[ 2602.010182] Hardware name: NXP i.MX8MPlus EVK board (DT)\n[ 2602.010185] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 2602.010191] pc : _raw_spin_lock+0x34/0x68\n[ 2602.010201] lr : free_fw_priv+0x20/0xfc\n[ 2602.020561] sp : ffff800089363b30\n[ 2602.020563] x29: ffff800089363b30 x28: ffff0000d0eb5880 x27: 0000000000000000\n[ 2602.020570] x26: 0000000000000000 x25: ffff0000d728b330 x24: 0000000000000000\n[ 2602.020577] x23: ffff0000dc856f38\n[ 2602.033797] x22: ffff800089363b70 x21: ffff0000dc856000\n[ 2602.033802] x20: ff00312e6f006573 x19: ffff0000d0d9ea80 x18: 0000000000000000\n[ 2602.033809] x17: 0000000000000000 x16: 0000000000000000 x15: 0000aaaad80dd480\n[ 2602.083320] x14: 0000000000000000 x13: 00000000000001b9 x12: 0000000000000002\n[ 2602.083326] x11: 0000000000000000 x10: 0000000000000a60 x9 : ffff800089363a30\n[ 2602.083333] x8 : ffff0001793d75c0 x7 : ffff0000d6dbc400 x6 : 0000000000000000\n[ 2602.083339] x5 : 00000000410fd030 x4 : 0000000000000000 x3 : 0000000000000001\n[ 2602.083346] x2 : 0000000000000000 x1 : 0000000000000001 x0 : ff00312e6f006573\n[ 2602.083354] Call trace:\n[ 2602.083356] _raw_spin_lock+0x34/0x68\n[ 2602.083364] release_firmware+0x48/0x6c\n[ 2602.083370] nxp_setup+0x3c4/0x540 [btnxpuart]\n[ 2602.083383] hci_dev_open_sync+0xf0/0xa34\n[ 2602.083391] hci_dev_open+0xd8/0x178\n[ 2602.083399] hci_sock_ioctl+0x3b0/0x590\n[ 2602.083405] sock_do_ioctl+0x60/0x118\n[ 2602.083413] sock_ioctl+0x2f4/0x374\n[ 2602.091430] __arm64_sys_ioctl+0xac/0xf0\n[ 2602.091437] invoke_syscall+0x48/0x110\n[ 2602.091445] el0_svc_common.constprop.0+0xc0/0xe0\n[ 2602.091452] do_el0_svc+0x1c/0x28\n[ 2602.091457] el0_svc+0x40/0xe4\n[ 2602.091465] el0t_64_sync_handler+0x120/0x12c\n[ 2602.091470] el0t_64_sync+0x190/0x194",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22102",
"url": "https://www.suse.com/security/cve/CVE-2025-22102"
},
{
"category": "external",
"summary": "SUSE Bug 1241456 for CVE-2025-22102",
"url": "https://bugzilla.suse.com/1241456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22102"
},
{
"cve": "CVE-2025-22103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix NULL pointer dereference in l3mdev_l3_rcv\n\nWhen delete l3s ipvlan:\n\n ip link del link eth0 ipvlan1 type ipvlan mode l3s\n\nThis may cause a null pointer dereference:\n\n Call trace:\n ip_rcv_finish+0x48/0xd0\n ip_rcv+0x5c/0x100\n __netif_receive_skb_one_core+0x64/0xb0\n __netif_receive_skb+0x20/0x80\n process_backlog+0xb4/0x204\n napi_poll+0xe8/0x294\n net_rx_action+0xd8/0x22c\n __do_softirq+0x12c/0x354\n\nThis is because l3mdev_l3_rcv() visit dev-\u003el3mdev_ops after\nipvlan_l3s_unregister() assign the dev-\u003el3mdev_ops to NULL. The process\nlike this:\n\n (CPU1) | (CPU2)\n l3mdev_l3_rcv() |\n check dev-\u003epriv_flags: |\n master = skb-\u003edev; |\n |\n | ipvlan_l3s_unregister()\n | set dev-\u003epriv_flags\n | dev-\u003el3mdev_ops = NULL;\n |\n visit master-\u003el3mdev_ops |\n\nTo avoid this by do not set dev-\u003el3mdev_ops when unregister l3s ipvlan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22103",
"url": "https://www.suse.com/security/cve/CVE-2025-22103"
},
{
"category": "external",
"summary": "SUSE Bug 1241448 for CVE-2025-22103",
"url": "https://bugzilla.suse.com/1241448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22103"
},
{
"cve": "CVE-2025-22104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Use kernel helpers for hex dumps\n\nPreviously, when the driver was printing hex dumps, the buffer was cast\nto an 8 byte long and printed using string formatters. If the buffer\nsize was not a multiple of 8 then a read buffer overflow was possible.\n\nTherefore, create a new ibmvnic function that loops over a buffer and\ncalls hex_dump_to_buffer instead.\n\nThis patch address KASAN reports like the one below:\n ibmvnic 30000003 env3: Login Buffer:\n ibmvnic 30000003 env3: 01000000af000000\n \u003c...\u003e\n ibmvnic 30000003 env3: 2e6d62692e736261\n ibmvnic 30000003 env3: 65050003006d6f63\n ==================================================================\n BUG: KASAN: slab-out-of-bounds in ibmvnic_login+0xacc/0xffc [ibmvnic]\n Read of size 8 at addr c0000001331a9aa8 by task ip/17681\n \u003c...\u003e\n Allocated by task 17681:\n \u003c...\u003e\n ibmvnic_login+0x2f0/0xffc [ibmvnic]\n ibmvnic_open+0x148/0x308 [ibmvnic]\n __dev_open+0x1ac/0x304\n \u003c...\u003e\n The buggy address is located 168 bytes inside of\n allocated 175-byte region [c0000001331a9a00, c0000001331a9aaf)\n \u003c...\u003e\n =================================================================\n ibmvnic 30000003 env3: 000000000033766e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22104",
"url": "https://www.suse.com/security/cve/CVE-2025-22104"
},
{
"category": "external",
"summary": "SUSE Bug 1241550 for CVE-2025-22104",
"url": "https://bugzilla.suse.com/1241550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22104"
},
{
"cve": "CVE-2025-22105",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22105"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: check xdp prog when set bond mode\n\nFollowing operations can trigger a warning[1]:\n\n ip netns add ns1\n ip netns exec ns1 ip link add bond0 type bond mode balance-rr\n ip netns exec ns1 ip link set dev bond0 xdp obj af_xdp_kern.o sec xdp\n ip netns exec ns1 ip link set bond0 type bond mode broadcast\n ip netns del ns1\n\nWhen delete the namespace, dev_xdp_uninstall() is called to remove xdp\nprogram on bond dev, and bond_xdp_set() will check the bond mode. If bond\nmode is changed after attaching xdp program, the warning may occur.\n\nSome bond modes (broadcast, etc.) do not support native xdp. Set bond mode\nwith xdp program attached is not good. Add check for xdp program when set\nbond mode.\n\n [1]\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 11 at net/core/dev.c:9912 unregister_netdevice_many_notify+0x8d9/0x930\n Modules linked in:\n CPU: 0 UID: 0 PID: 11 Comm: kworker/u4:0 Not tainted 6.14.0-rc4 #107\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.15.0-0-g2dd4b9b3f840-prebuilt.qemu.org 04/01/2014\n Workqueue: netns cleanup_net\n RIP: 0010:unregister_netdevice_many_notify+0x8d9/0x930\n Code: 00 00 48 c7 c6 6f e3 a2 82 48 c7 c7 d0 b3 96 82 e8 9c 10 3e ...\n RSP: 0018:ffffc90000063d80 EFLAGS: 00000282\n RAX: 00000000ffffffa1 RBX: ffff888004959000 RCX: 00000000ffffdfff\n RDX: 0000000000000000 RSI: 00000000ffffffea RDI: ffffc90000063b48\n RBP: ffffc90000063e28 R08: ffffffff82d39b28 R09: 0000000000009ffb\n R10: 0000000000000175 R11: ffffffff82d09b40 R12: ffff8880049598e8\n R13: 0000000000000001 R14: dead000000000100 R15: ffffc90000045000\n FS: 0000000000000000(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000000d406b60 CR3: 000000000483e000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x83/0x130\n ? unregister_netdevice_many_notify+0x8d9/0x930\n ? report_bug+0x18e/0x1a0\n ? handle_bug+0x54/0x90\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? unregister_netdevice_many_notify+0x8d9/0x930\n ? bond_net_exit_batch_rtnl+0x5c/0x90\n cleanup_net+0x237/0x3d0\n process_one_work+0x163/0x390\n worker_thread+0x293/0x3b0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xec/0x1e0\n ? __pfx_kthread+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2f/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22105",
"url": "https://www.suse.com/security/cve/CVE-2025-22105"
},
{
"category": "external",
"summary": "SUSE Bug 1241548 for CVE-2025-22105",
"url": "https://bugzilla.suse.com/1241548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22105"
},
{
"cve": "CVE-2025-22106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: unregister xdp rxq info in the reset path\n\nvmxnet3 does not unregister xdp rxq info in the\nvmxnet3_reset_work() code path as vmxnet3_rq_destroy()\nis not invoked in this code path. So, we get below message with a\nbacktrace.\n\nMissing unregister, handled but fix driver\nWARNING: CPU:48 PID: 500 at net/core/xdp.c:182\n__xdp_rxq_info_reg+0x93/0xf0\n\nThis patch fixes the problem by moving the unregister\ncode of XDP from vmxnet3_rq_destroy() to vmxnet3_rq_cleanup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22106",
"url": "https://www.suse.com/security/cve/CVE-2025-22106"
},
{
"category": "external",
"summary": "SUSE Bug 1241547 for CVE-2025-22106",
"url": "https://bugzilla.suse.com/1241547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22106"
},
{
"cve": "CVE-2025-22107",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22107"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry()\n\nThere are actually 2 problems:\n- deleting the last element doesn\u0027t require the memmove of elements\n [i + 1, end) over it. Actually, element i+1 is out of bounds.\n- The memmove itself should move size - i - 1 elements, because the last\n element is out of bounds.\n\nThe out-of-bounds element still remains out of bounds after being\naccessed, so the problem is only that we touch it, not that it becomes\nin active use. But I suppose it can lead to issues if the out-of-bounds\nelement is part of an unmapped page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22107",
"url": "https://www.suse.com/security/cve/CVE-2025-22107"
},
{
"category": "external",
"summary": "SUSE Bug 1241575 for CVE-2025-22107",
"url": "https://bugzilla.suse.com/1241575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22107"
},
{
"cve": "CVE-2025-22108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22108"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Mask the bd_cnt field in the TX BD properly\n\nThe bd_cnt field in the TX BD specifies the total number of BDs for\nthe TX packet. The bd_cnt field has 5 bits and the maximum number\nsupported is 32 with the value 0.\n\nCONFIG_MAX_SKB_FRAGS can be modified and the total number of SKB\nfragments can approach or exceed the maximum supported by the chip.\nAdd a macro to properly mask the bd_cnt field so that the value 32\nwill be properly masked and set to 0 in the bd_cnd field.\n\nWithout this patch, the out-of-range bd_cnt value will corrupt the\nTX BD and may cause TX timeout.\n\nThe next patch will check for values exceeding 32.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22108",
"url": "https://www.suse.com/security/cve/CVE-2025-22108"
},
{
"category": "external",
"summary": "SUSE Bug 1241574 for CVE-2025-22108",
"url": "https://bugzilla.suse.com/1241574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22108"
},
{
"cve": "CVE-2025-22109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22109"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Remove broken autobind\n\nBinding AX25 socket by using the autobind feature leads to memory leaks\nin ax25_connect() and also refcount leaks in ax25_release(). Memory\nleak was detected with kmemleak:\n\n================================================================\nunreferenced object 0xffff8880253cd680 (size 96):\nbacktrace:\n__kmalloc_node_track_caller_noprof (./include/linux/kmemleak.h:43)\nkmemdup_noprof (mm/util.c:136)\nax25_rt_autobind (net/ax25/ax25_route.c:428)\nax25_connect (net/ax25/af_ax25.c:1282)\n__sys_connect_file (net/socket.c:2045)\n__sys_connect (net/socket.c:2064)\n__x64_sys_connect (net/socket.c:2067)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n================================================================\n\nWhen socket is bound, refcounts must be incremented the way it is done\nin ax25_bind() and ax25_setsockopt() (SO_BINDTODEVICE). In case of\nautobind, the refcounts are not incremented.\n\nThis bug leads to the following issue reported by Syzkaller:\n\n================================================================\nax25_connect(): syz-executor318 uses autobind, please contact jreuter@yaina.de\n------------[ cut here ]------------\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 0 PID: 5317 at lib/refcount.c:31 refcount_warn_saturate+0xfa/0x1d0 lib/refcount.c:31\nModules linked in:\nCPU: 0 UID: 0 PID: 5317 Comm: syz-executor318 Not tainted 6.14.0-rc4-syzkaller-00278-gece144f151ac #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xfa/0x1d0 lib/refcount.c:31\n...\nCall Trace:\n \u003cTASK\u003e\n __refcount_dec include/linux/refcount.h:336 [inline]\n refcount_dec include/linux/refcount.h:351 [inline]\n ref_tracker_free+0x6af/0x7e0 lib/ref_tracker.c:236\n netdev_tracker_free include/linux/netdevice.h:4302 [inline]\n netdev_put include/linux/netdevice.h:4319 [inline]\n ax25_release+0x368/0x960 net/ax25/af_ax25.c:1080\n __sock_release net/socket.c:647 [inline]\n sock_close+0xbc/0x240 net/socket.c:1398\n __fput+0x3e9/0x9f0 fs/file_table.c:464\n __do_sys_close fs/open.c:1580 [inline]\n __se_sys_close fs/open.c:1565 [inline]\n __x64_sys_close+0x7f/0x110 fs/open.c:1565\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n ...\n \u003c/TASK\u003e\n================================================================\n\nConsidering the issues above and the comments left in the code that say:\n\"check if we can remove this feature. It is broken.\"; \"autobinding in this\nmay or may not work\"; - it is better to completely remove this feature than\nto fix it because it is broken and leads to various kinds of memory bugs.\n\nNow calling connect() without first binding socket will result in an\nerror (-EINVAL). Userspace software that relies on the autobind feature\nmight get broken. However, this feature does not seem widely used with\nthis specific driver as it was not reliable at any point of time, and it\nis already broken anyway. E.g. ax25-tools and ax25-apps packages for\npopular distributions do not use the autobind feature for AF_AX25.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22109",
"url": "https://www.suse.com/security/cve/CVE-2025-22109"
},
{
"category": "external",
"summary": "SUSE Bug 1241573 for CVE-2025-22109",
"url": "https://bugzilla.suse.com/1241573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22109"
},
{
"cve": "CVE-2025-22115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22115"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix block group refcount race in btrfs_create_pending_block_groups()\n\nBlock group creation is done in two phases, which results in a slightly\nunintuitive property: a block group can be allocated/deallocated from\nafter btrfs_make_block_group() adds it to the space_info with\nbtrfs_add_bg_to_space_info(), but before creation is completely completed\nin btrfs_create_pending_block_groups(). As a result, it is possible for a\nblock group to go unused and have \u0027btrfs_mark_bg_unused\u0027 called on it\nconcurrently with \u0027btrfs_create_pending_block_groups\u0027. This causes a\nnumber of issues, which were fixed with the block group flag\n\u0027BLOCK_GROUP_FLAG_NEW\u0027.\n\nHowever, this fix is not quite complete. Since it does not use the\nunused_bg_lock, it is possible for the following race to occur:\n\nbtrfs_create_pending_block_groups btrfs_mark_bg_unused\n if list_empty // false\n list_del_init\n clear_bit\n else if (test_bit) // true\n list_move_tail\n\nAnd we get into the exact same broken ref count and invalid new_bgs\nstate for transaction cleanup that BLOCK_GROUP_FLAG_NEW was designed to\nprevent.\n\nThe broken refcount aspect will result in a warning like:\n\n [1272.943527] refcount_t: underflow; use-after-free.\n [1272.943967] WARNING: CPU: 1 PID: 61 at lib/refcount.c:28 refcount_warn_saturate+0xba/0x110\n [1272.944731] Modules linked in: btrfs virtio_net xor zstd_compress raid6_pq null_blk [last unloaded: btrfs]\n [1272.945550] CPU: 1 UID: 0 PID: 61 Comm: kworker/u32:1 Kdump: loaded Tainted: G W 6.14.0-rc5+ #108\n [1272.946368] Tainted: [W]=WARN\n [1272.946585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n [1272.947273] Workqueue: btrfs_discard btrfs_discard_workfn [btrfs]\n [1272.947788] RIP: 0010:refcount_warn_saturate+0xba/0x110\n [1272.949532] RSP: 0018:ffffbf1200247df0 EFLAGS: 00010282\n [1272.949901] RAX: 0000000000000000 RBX: ffffa14b00e3f800 RCX: 0000000000000000\n [1272.950437] RDX: 0000000000000000 RSI: ffffbf1200247c78 RDI: 00000000ffffdfff\n [1272.950986] RBP: ffffa14b00dc2860 R08: 00000000ffffdfff R09: ffffffff90526268\n [1272.951512] R10: ffffffff904762c0 R11: 0000000063666572 R12: ffffa14b00dc28c0\n [1272.952024] R13: 0000000000000000 R14: ffffa14b00dc2868 R15: 000001285dcd12c0\n [1272.952850] FS: 0000000000000000(0000) GS:ffffa14d33c40000(0000) knlGS:0000000000000000\n [1272.953458] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [1272.953931] CR2: 00007f838cbda000 CR3: 000000010104e000 CR4: 00000000000006f0\n [1272.954474] Call Trace:\n [1272.954655] \u003cTASK\u003e\n [1272.954812] ? refcount_warn_saturate+0xba/0x110\n [1272.955173] ? __warn.cold+0x93/0xd7\n [1272.955487] ? refcount_warn_saturate+0xba/0x110\n [1272.955816] ? report_bug+0xe7/0x120\n [1272.956103] ? handle_bug+0x53/0x90\n [1272.956424] ? exc_invalid_op+0x13/0x60\n [1272.956700] ? asm_exc_invalid_op+0x16/0x20\n [1272.957011] ? refcount_warn_saturate+0xba/0x110\n [1272.957399] btrfs_discard_cancel_work.cold+0x26/0x2b [btrfs]\n [1272.957853] btrfs_put_block_group.cold+0x5d/0x8e [btrfs]\n [1272.958289] btrfs_discard_workfn+0x194/0x380 [btrfs]\n [1272.958729] process_one_work+0x130/0x290\n [1272.959026] worker_thread+0x2ea/0x420\n [1272.959335] ? __pfx_worker_thread+0x10/0x10\n [1272.959644] kthread+0xd7/0x1c0\n [1272.959872] ? __pfx_kthread+0x10/0x10\n [1272.960172] ret_from_fork+0x30/0x50\n [1272.960474] ? __pfx_kthread+0x10/0x10\n [1272.960745] ret_from_fork_asm+0x1a/0x30\n [1272.961035] \u003c/TASK\u003e\n [1272.961238] ---[ end trace 0000000000000000 ]---\n\nThough we have seen them in the async discard workfn as well. It is\nmost likely to happen after a relocation finishes which cancels discard,\ntears down the block group, etc.\n\nFix this fully by taking the lock arou\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22115",
"url": "https://www.suse.com/security/cve/CVE-2025-22115"
},
{
"category": "external",
"summary": "SUSE Bug 1241578 for CVE-2025-22115",
"url": "https://bugzilla.suse.com/1241578"
},
{
"category": "external",
"summary": "SUSE Bug 1241579 for CVE-2025-22115",
"url": "https://bugzilla.suse.com/1241579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-22115"
},
{
"cve": "CVE-2025-22116",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22116"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: check error for register_netdev() on init\n\nCurrent init logic ignores the error code from register_netdev(),\nwhich will cause WARN_ON() on attempt to unregister it, if there was one,\nand there is no info for the user that the creation of the netdev failed.\n\nWARNING: CPU: 89 PID: 6902 at net/core/dev.c:11512 unregister_netdevice_many_notify+0x211/0x1a10\n...\n[ 3707.563641] unregister_netdev+0x1c/0x30\n[ 3707.563656] idpf_vport_dealloc+0x5cf/0xce0 [idpf]\n[ 3707.563684] idpf_deinit_task+0xef/0x160 [idpf]\n[ 3707.563712] idpf_vc_core_deinit+0x84/0x320 [idpf]\n[ 3707.563739] idpf_remove+0xbf/0x780 [idpf]\n[ 3707.563769] pci_device_remove+0xab/0x1e0\n[ 3707.563786] device_release_driver_internal+0x371/0x530\n[ 3707.563803] driver_detach+0xbf/0x180\n[ 3707.563816] bus_remove_driver+0x11b/0x2a0\n[ 3707.563829] pci_unregister_driver+0x2a/0x250\n\nIntroduce an error check and log the vport number and error code.\nOn removal make sure to check VPORT_REG_NETDEV flag prior to calling\nunregister and free on the netdev.\n\nAdd local variables for idx, vport_config and netdev for readability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22116",
"url": "https://www.suse.com/security/cve/CVE-2025-22116"
},
{
"category": "external",
"summary": "SUSE Bug 1241459 for CVE-2025-22116",
"url": "https://bugzilla.suse.com/1241459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22116"
},
{
"cve": "CVE-2025-22119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: init wiphy_work before allocating rfkill fails\n\nsyzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1]\n\nAfter rfkill allocation fails, the wiphy release process will be performed,\nwhich will cause cfg80211_dev_free to access the uninitialized wiphy_work\nrelated data.\n\nMove the initialization of wiphy_work to before rfkill initialization to\navoid this issue.\n\n[1]\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn\u0027t initialize this object before use?\nturning off the locking correctness validator.\nCPU: 0 UID: 0 PID: 5935 Comm: syz-executor550 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n assign_lock_key kernel/locking/lockdep.c:983 [inline]\n register_lock_class+0xc39/0x1240 kernel/locking/lockdep.c:1297\n __lock_acquire+0x135/0x3c40 kernel/locking/lockdep.c:5103\n lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162\n cfg80211_dev_free+0x30/0x3d0 net/wireless/core.c:1196\n device_release+0xa1/0x240 drivers/base/core.c:2568\n kobject_cleanup lib/kobject.c:689 [inline]\n kobject_release lib/kobject.c:720 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1e4/0x5a0 lib/kobject.c:737\n put_device+0x1f/0x30 drivers/base/core.c:3774\n wiphy_free net/wireless/core.c:1224 [inline]\n wiphy_new_nm+0x1c1f/0x2160 net/wireless/core.c:562\n ieee80211_alloc_hw_nm+0x1b7a/0x2260 net/mac80211/main.c:835\n mac80211_hwsim_new_radio+0x1d6/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5185\n hwsim_new_radio_nl+0xb42/0x12b0 drivers/net/wireless/virtual/mac80211_hwsim.c:6242\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2533\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1338\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1882\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg net/socket.c:733 [inline]\n ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2573\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2627\n __sys_sendmsg+0x16e/0x220 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n\nClose: https://syzkaller.appspot.com/bug?extid=aaf0488c83d1d5f4f029",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22119",
"url": "https://www.suse.com/security/cve/CVE-2025-22119"
},
{
"category": "external",
"summary": "SUSE Bug 1241576 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "external",
"summary": "SUSE Bug 1241577 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-22119"
},
{
"cve": "CVE-2025-22121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22121"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()\n\nThere\u0027s issue as follows:\nBUG: KASAN: use-after-free in ext4_xattr_inode_dec_ref_all+0x6ff/0x790\nRead of size 4 at addr ffff88807b003000 by task syz-executor.0/15172\n\nCPU: 3 PID: 15172 Comm: syz-executor.0\nCall Trace:\n __dump_stack lib/dump_stack.c:82 [inline]\n dump_stack+0xbe/0xfd lib/dump_stack.c:123\n print_address_description.constprop.0+0x1e/0x280 mm/kasan/report.c:400\n __kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560\n kasan_report+0x3a/0x50 mm/kasan/report.c:585\n ext4_xattr_inode_dec_ref_all+0x6ff/0x790 fs/ext4/xattr.c:1137\n ext4_xattr_delete_inode+0x4c7/0xda0 fs/ext4/xattr.c:2896\n ext4_evict_inode+0xb3b/0x1670 fs/ext4/inode.c:323\n evict+0x39f/0x880 fs/inode.c:622\n iput_final fs/inode.c:1746 [inline]\n iput fs/inode.c:1772 [inline]\n iput+0x525/0x6c0 fs/inode.c:1758\n ext4_orphan_cleanup fs/ext4/super.c:3298 [inline]\n ext4_fill_super+0x8c57/0xba40 fs/ext4/super.c:5300\n mount_bdev+0x355/0x410 fs/super.c:1446\n legacy_get_tree+0xfe/0x220 fs/fs_context.c:611\n vfs_get_tree+0x8d/0x2f0 fs/super.c:1576\n do_new_mount fs/namespace.c:2983 [inline]\n path_mount+0x119a/0x1ad0 fs/namespace.c:3316\n do_mount+0xfc/0x110 fs/namespace.c:3329\n __do_sys_mount fs/namespace.c:3540 [inline]\n __se_sys_mount+0x219/0x2e0 fs/namespace.c:3514\n do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nMemory state around the buggy address:\n ffff88807b002f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff88807b002f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n\u003effff88807b003000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ^\n ffff88807b003080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ffff88807b003100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n\nAbove issue happens as ext4_xattr_delete_inode() isn\u0027t check xattr\nis valid if xattr is in inode.\nTo solve above issue call xattr_check_inode() check if xattr if valid\nin inode. In fact, we can directly verify in ext4_iget_extra_inode(),\nso that there is no divergent verification.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22121",
"url": "https://www.suse.com/security/cve/CVE-2025-22121"
},
{
"category": "external",
"summary": "SUSE Bug 1241593 for CVE-2025-22121",
"url": "https://bugzilla.suse.com/1241593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22121"
},
{
"cve": "CVE-2025-22124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: fix wrong bitmap_limit for clustermd when write sb\n\nIn clustermd, separate write-intent-bitmaps are used for each cluster\nnode:\n\n0 4k 8k 12k\n-------------------------------------------------------------------\n| idle | md super | bm super [0] + bits |\n| bm bits[0, contd] | bm super[1] + bits | bm bits[1, contd] |\n| bm super[2] + bits | bm bits [2, contd] | bm super[3] + bits |\n| bm bits [3, contd] | | |\n\nSo in node 1, pg_index in __write_sb_page() could equal to\nbitmap-\u003estorage.file_pages. Then bitmap_limit will be calculated to\n0. md_super_write() will be called with 0 size.\nThat means the first 4k sb area of node 1 will never be updated\nthrough filemap_write_page().\nThis bug causes hang of mdadm/clustermd_tests/01r1_Grow_resize.\n\nHere use (pg_index % bitmap-\u003estorage.file_pages) to make calculation\nof bitmap_limit correct.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22124",
"url": "https://www.suse.com/security/cve/CVE-2025-22124"
},
{
"category": "external",
"summary": "SUSE Bug 1241595 for CVE-2025-22124",
"url": "https://bugzilla.suse.com/1241595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22124"
},
{
"cve": "CVE-2025-22125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1,raid10: don\u0027t ignore IO flags\n\nIf blk-wbt is enabled by default, it\u0027s found that raid write performance\nis quite bad because all IO are throttled by wbt of underlying disks,\ndue to flag REQ_IDLE is ignored. And turns out this behaviour exist since\nblk-wbt is introduced.\n\nOther than REQ_IDLE, other flags should not be ignored as well, for\nexample REQ_META can be set for filesystems, clearing it can cause priority\nreverse problems; And REQ_NOWAIT should not be cleared as well, because\nio will wait instead of failing directly in underlying disks.\n\nFix those problems by keep IO flags from master bio.\n\nFises: f51d46d0e7cb (\"md: add support for REQ_NOWAIT\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22125",
"url": "https://www.suse.com/security/cve/CVE-2025-22125"
},
{
"category": "external",
"summary": "SUSE Bug 1241596 for CVE-2025-22125",
"url": "https://bugzilla.suse.com/1241596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22125"
},
{
"cve": "CVE-2025-22126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix mddev uaf while iterating all_mddevs list\n\nWhile iterating all_mddevs list from md_notify_reboot() and md_exit(),\nlist_for_each_entry_safe is used, and this can race with deletint the\nnext mddev, causing UAF:\n\nt1:\nspin_lock\n//list_for_each_entry_safe(mddev, n, ...)\n mddev_get(mddev1)\n // assume mddev2 is the next entry\n spin_unlock\n t2:\n //remove mddev2\n ...\n mddev_free\n spin_lock\n list_del\n spin_unlock\n kfree(mddev2)\n mddev_put(mddev1)\n spin_lock\n //continue dereference mddev2-\u003eall_mddevs\n\nThe old helper for_each_mddev() actually grab the reference of mddev2\nwhile holding the lock, to prevent from being freed. This problem can be\nfixed the same way, however, the code will be complex.\n\nHence switch to use list_for_each_entry, in this case mddev_put() can free\nthe mddev1 and it\u0027s not safe as well. Refer to md_seq_show(), also factor\nout a helper mddev_put_locked() to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22126",
"url": "https://www.suse.com/security/cve/CVE-2025-22126"
},
{
"category": "external",
"summary": "SUSE Bug 1241597 for CVE-2025-22126",
"url": "https://bugzilla.suse.com/1241597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22126"
},
{
"cve": "CVE-2025-22128",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22128"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path\n\nIf a shared IRQ is used by the driver due to platform limitation, then the\nIRQ affinity hint is set right after the allocation of IRQ vectors in\nath12k_pci_msi_alloc(). This does no harm unless one of the functions\nrequesting the IRQ fails and attempt to free the IRQ.\n\nThis may end up with a warning from the IRQ core that is expecting the\naffinity hint to be cleared before freeing the IRQ:\n\nkernel/irq/manage.c:\n\n\t/* make sure affinity_hint is cleaned up */\n\tif (WARN_ON_ONCE(desc-\u003eaffinity_hint))\n\t\tdesc-\u003eaffinity_hint = NULL;\n\nSo to fix this issue, clear the IRQ affinity hint before calling\nath12k_pci_free_irq() in the error path. The affinity will be cleared once\nagain further down the error path due to code organization, but that does\nno harm.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22128",
"url": "https://www.suse.com/security/cve/CVE-2025-22128"
},
{
"category": "external",
"summary": "SUSE Bug 1241598 for CVE-2025-22128",
"url": "https://bugzilla.suse.com/1241598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-22128"
},
{
"cve": "CVE-2025-2312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-2312"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host\u0027s Kerberos credentials cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-2312",
"url": "https://www.suse.com/security/cve/CVE-2025-2312"
},
{
"category": "external",
"summary": "SUSE Bug 1239680 for CVE-2025-2312",
"url": "https://bugzilla.suse.com/1239680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-2312"
},
{
"cve": "CVE-2025-23129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23129"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path\n\nIf a shared IRQ is used by the driver due to platform limitation, then the\nIRQ affinity hint is set right after the allocation of IRQ vectors in\nath11k_pci_alloc_msi(). This does no harm unless one of the functions\nrequesting the IRQ fails and attempt to free the IRQ. This results in the\nbelow warning:\n\nWARNING: CPU: 7 PID: 349 at kernel/irq/manage.c:1929 free_irq+0x278/0x29c\nCall trace:\n free_irq+0x278/0x29c\n ath11k_pcic_free_irq+0x70/0x10c [ath11k]\n ath11k_pci_probe+0x800/0x820 [ath11k_pci]\n local_pci_probe+0x40/0xbc\n\nThe warning is due to not clearing the affinity hint before freeing the\nIRQs.\n\nSo to fix this issue, clear the IRQ affinity hint before calling\nath11k_pcic_free_irq() in the error path. The affinity will be cleared once\nagain further down the error path due to code organization, but that does\nno harm.\n\nTested-on: QCA6390 hw2.0 PCI WLAN.HST.1.0.1-05266-QCAHSTSWPLZ_V2_TO_X86-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23129",
"url": "https://www.suse.com/security/cve/CVE-2025-23129"
},
{
"category": "external",
"summary": "SUSE Bug 1241599 for CVE-2025-23129",
"url": "https://bugzilla.suse.com/1241599"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23129"
},
{
"cve": "CVE-2025-23131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndlm: prevent NPD when writing a positive value to event_done\n\ndo_uevent returns the value written to event_done. In case it is a\npositive value, new_lockspace would undo all the work, and lockspace\nwould not be set. __dlm_new_lockspace, however, would treat that\npositive value as a success due to commit 8511a2728ab8 (\"dlm: fix use\ncount with multiple joins\").\n\nDown the line, device_create_lockspace would pass that NULL lockspace to\ndlm_find_lockspace_local, leading to a NULL pointer dereference.\n\nTreating such positive values as successes prevents the problem. Given\nthis has been broken for so long, this is unlikely to break userspace\nexpectations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23131",
"url": "https://www.suse.com/security/cve/CVE-2025-23131"
},
{
"category": "external",
"summary": "SUSE Bug 1241601 for CVE-2025-23131",
"url": "https://bugzilla.suse.com/1241601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23131"
},
{
"cve": "CVE-2025-23133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23133"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: update channel list in reg notifier instead reg worker\n\nCurrently when ath11k gets a new channel list, it will be processed\naccording to the following steps:\n1. update new channel list to cfg80211 and queue reg_work.\n2. cfg80211 handles new channel list during reg_work.\n3. update cfg80211\u0027s handled channel list to firmware by\nath11k_reg_update_chan_list().\n\nBut ath11k will immediately execute step 3 after reg_work is just\nqueued. Since step 2 is asynchronous, cfg80211 may not have completed\nhandling the new channel list, which may leading to an out-of-bounds\nwrite error:\nBUG: KASAN: slab-out-of-bounds in ath11k_reg_update_chan_list\nCall Trace:\n ath11k_reg_update_chan_list+0xbfe/0xfe0 [ath11k]\n kfree+0x109/0x3a0\n ath11k_regd_update+0x1cf/0x350 [ath11k]\n ath11k_regd_update_work+0x14/0x20 [ath11k]\n process_one_work+0xe35/0x14c0\n\nShould ensure step 2 is completely done before executing step 3. Thus\nWen raised patch[1]. When flag NL80211_REGDOM_SET_BY_DRIVER is set,\ncfg80211 will notify ath11k after step 2 is done.\n\nSo enable the flag NL80211_REGDOM_SET_BY_DRIVER then cfg80211 will\nnotify ath11k after step 2 is done. At this time, there will be no\nKASAN bug during the execution of the step 3.\n\n[1] https://patchwork.kernel.org/project/linux-wireless/patch/20230201065313.27203-1-quic_wgong@quicinc.com/\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23133",
"url": "https://www.suse.com/security/cve/CVE-2025-23133"
},
{
"category": "external",
"summary": "SUSE Bug 1241451 for CVE-2025-23133",
"url": "https://bugzilla.suse.com/1241451"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23133"
},
{
"cve": "CVE-2025-23136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23136"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: int340x: Add NULL check for adev\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL.\nThis is similar to the commit cd2fd6eab480\n(\"platform/x86: int3472: Check for adev == NULL\").\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in int3402_thermal_probe().\n\nNote, under the same directory, int3400_thermal_probe() has such a\ncheck.\n\n[ rjw: Subject edit, added Fixes: ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23136",
"url": "https://www.suse.com/security/cve/CVE-2025-23136"
},
{
"category": "external",
"summary": "SUSE Bug 1241357 for CVE-2025-23136",
"url": "https://bugzilla.suse.com/1241357"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23136"
},
{
"cve": "CVE-2025-23138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatch_queue: fix pipe accounting mismatch\n\nCurrently, watch_queue_set_size() modifies the pipe buffers charged to\nuser-\u003epipe_bufs without updating the pipe-\u003enr_accounted on the pipe\nitself, due to the if (!pipe_has_watch_queue()) test in\npipe_resize_ring(). This means that when the pipe is ultimately freed,\nwe decrement user-\u003epipe_bufs by something other than what than we had\ncharged to it, potentially leading to an underflow. This in turn can\ncause subsequent too_many_pipe_buffers_soft() tests to fail with -EPERM.\n\nTo remedy this, explicitly account for the pipe usage in\nwatch_queue_set_size() to match the number set via account_pipe_buffers()\n\n(It\u0027s unclear why watch_queue_set_size() does not update nr_accounted;\nit may be due to intentional overprovisioning in watch_queue_set_size()?)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23138",
"url": "https://www.suse.com/security/cve/CVE-2025-23138"
},
{
"category": "external",
"summary": "SUSE Bug 1241648 for CVE-2025-23138",
"url": "https://bugzilla.suse.com/1241648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23138"
},
{
"cve": "CVE-2025-23140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error\n\nAfter devm_request_irq() fails with error in pci_endpoint_test_request_irq(),\nthe pci_endpoint_test_free_irq_vectors() is called assuming that all IRQs\nhave been released.\n\nHowever, some requested IRQs remain unreleased, so there are still\n/proc/irq/* entries remaining, and this results in WARN() with the\nfollowing message:\n\n remove_proc_entry: removing non-empty directory \u0027irq/30\u0027, leaking at least \u0027pci-endpoint-test.0\u0027\n WARNING: CPU: 0 PID: 202 at fs/proc/generic.c:719 remove_proc_entry +0x190/0x19c\n\nTo solve this issue, set the number of remaining IRQs to test-\u003enum_irqs,\nand release IRQs in advance by calling pci_endpoint_test_release_irq().\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23140",
"url": "https://www.suse.com/security/cve/CVE-2025-23140"
},
{
"category": "external",
"summary": "SUSE Bug 1242763 for CVE-2025-23140",
"url": "https://bugzilla.suse.com/1242763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23140"
},
{
"cve": "CVE-2025-23141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses\n\nAcquire a lock on kvm-\u003esrcu when userspace is getting MP state to handle a\nrather extreme edge case where \"accepting\" APIC events, i.e. processing\npending INIT or SIPI, can trigger accesses to guest memory. If the vCPU\nis in L2 with INIT *and* a TRIPLE_FAULT request pending, then getting MP\nstate will trigger a nested VM-Exit by way of -\u003echeck_nested_events(), and\nemuating the nested VM-Exit can access guest memory.\n\nThe splat was originally hit by syzkaller on a Google-internal kernel, and\nreproduced on an upstream kernel by hacking the triple_fault_event_test\nselftest to stuff a pending INIT, store an MSR on VM-Exit (to generate a\nmemory access on VMX), and do vcpu_mp_state_get() to trigger the scenario.\n\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3-b112d356288b-vmx/pi_lockdep_false_pos-lock #3 Not tainted\n -----------------------------\n include/linux/kvm_host.h:1058 suspicious rcu_dereference_check() usage!\n\n other info that might help us debug this:\n\n rcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by triple_fault_ev/1256:\n #0: ffff88810df5a330 (\u0026vcpu-\u003emutex){+.+.}-{4:4}, at: kvm_vcpu_ioctl+0x8b/0x9a0 [kvm]\n\n stack backtrace:\n CPU: 11 UID: 1000 PID: 1256 Comm: triple_fault_ev Not tainted 6.14.0-rc3-b112d356288b-vmx #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7f/0x90\n lockdep_rcu_suspicious+0x144/0x190\n kvm_vcpu_gfn_to_memslot+0x156/0x180 [kvm]\n kvm_vcpu_read_guest+0x3e/0x90 [kvm]\n read_and_check_msr_entry+0x2e/0x180 [kvm_intel]\n __nested_vmx_vmexit+0x550/0xde0 [kvm_intel]\n kvm_check_nested_events+0x1b/0x30 [kvm]\n kvm_apic_accept_events+0x33/0x100 [kvm]\n kvm_arch_vcpu_ioctl_get_mpstate+0x30/0x1d0 [kvm]\n kvm_vcpu_ioctl+0x33e/0x9a0 [kvm]\n __x64_sys_ioctl+0x8b/0xb0\n do_syscall_64+0x6c/0x170\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23141",
"url": "https://www.suse.com/security/cve/CVE-2025-23141"
},
{
"category": "external",
"summary": "SUSE Bug 1242782 for CVE-2025-23141",
"url": "https://bugzilla.suse.com/1242782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23141"
},
{
"cve": "CVE-2025-23142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: detect and prevent references to a freed transport in sendmsg\n\nsctp_sendmsg() re-uses associations and transports when possible by\ndoing a lookup based on the socket endpoint and the message destination\naddress, and then sctp_sendmsg_to_asoc() sets the selected transport in\nall the message chunks to be sent.\n\nThere\u0027s a possible race condition if another thread triggers the removal\nof that selected transport, for instance, by explicitly unbinding an\naddress with setsockopt(SCTP_SOCKOPT_BINDX_REM), after the chunks have\nbeen set up and before the message is sent. This can happen if the send\nbuffer is full, during the period when the sender thread temporarily\nreleases the socket lock in sctp_wait_for_sndbuf().\n\nThis causes the access to the transport data in\nsctp_outq_select_transport(), when the association outqueue is flushed,\nto result in a use-after-free read.\n\nThis change avoids this scenario by having sctp_transport_free() signal\nthe freeing of the transport, tagging it as \"dead\". In order to do this,\nthe patch restores the \"dead\" bit in struct sctp_transport, which was\nremoved in\ncommit 47faa1e4c50e (\"sctp: remove the dead field of sctp_transport\").\n\nThen, in the scenario where the sender thread has released the socket\nlock in sctp_wait_for_sndbuf(), the bit is checked again after\nre-acquiring the socket lock to detect the deletion. This is done while\nholding a reference to the transport to prevent it from being freed in\nthe process.\n\nIf the transport was deleted while the socket lock was relinquished,\nsctp_sendmsg_to_asoc() will return -EAGAIN to let userspace retry the\nsend.\n\nThe bug was found by a private syzbot instance (see the error report [1]\nand the C reproducer that triggers it [2]).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23142",
"url": "https://www.suse.com/security/cve/CVE-2025-23142"
},
{
"category": "external",
"summary": "SUSE Bug 1242760 for CVE-2025-23142",
"url": "https://bugzilla.suse.com/1242760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23142"
},
{
"cve": "CVE-2025-23144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23144"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbacklight: led_bl: Hold led_access lock when calling led_sysfs_disable()\n\nLockdep detects the following issue on led-backlight removal:\n [ 142.315935] ------------[ cut here ]------------\n [ 142.315954] WARNING: CPU: 2 PID: 292 at drivers/leds/led-core.c:455 led_sysfs_enable+0x54/0x80\n ...\n [ 142.500725] Call trace:\n [ 142.503176] led_sysfs_enable+0x54/0x80 (P)\n [ 142.507370] led_bl_remove+0x80/0xa8 [led_bl]\n [ 142.511742] platform_remove+0x30/0x58\n [ 142.515501] device_remove+0x54/0x90\n ...\n\nIndeed, led_sysfs_enable() has to be called with the led_access\nlock held.\n\nHold the lock when calling led_sysfs_disable().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23144",
"url": "https://www.suse.com/security/cve/CVE-2025-23144"
},
{
"category": "external",
"summary": "SUSE Bug 1242568 for CVE-2025-23144",
"url": "https://bugzilla.suse.com/1242568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23144"
},
{
"cve": "CVE-2025-23145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix NULL pointer in can_accept_new_subflow\n\nWhen testing valkey benchmark tool with MPTCP, the kernel panics in\n\u0027mptcp_can_accept_new_subflow\u0027 because subflow_req-\u003emsk is NULL.\n\nCall trace:\n\n mptcp_can_accept_new_subflow (./net/mptcp/subflow.c:63 (discriminator 4)) (P)\n subflow_syn_recv_sock (./net/mptcp/subflow.c:854)\n tcp_check_req (./net/ipv4/tcp_minisocks.c:863)\n tcp_v4_rcv (./net/ipv4/tcp_ipv4.c:2268)\n ip_protocol_deliver_rcu (./net/ipv4/ip_input.c:207)\n ip_local_deliver_finish (./net/ipv4/ip_input.c:234)\n ip_local_deliver (./net/ipv4/ip_input.c:254)\n ip_rcv_finish (./net/ipv4/ip_input.c:449)\n ...\n\nAccording to the debug log, the same req received two SYN-ACK in a very\nshort time, very likely because the client retransmits the syn ack due\nto multiple reasons.\n\nEven if the packets are transmitted with a relevant time interval, they\ncan be processed by the server on different CPUs concurrently). The\n\u0027subflow_req-\u003emsk\u0027 ownership is transferred to the subflow the first,\nand there will be a risk of a null pointer dereference here.\n\nThis patch fixes this issue by moving the \u0027subflow_req-\u003emsk\u0027 under the\n`own_req == true` conditional.\n\nNote that the !msk check in subflow_hmac_valid() can be dropped, because\nthe same check already exists under the own_req mpj branch where the\ncode has been moved to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23145",
"url": "https://www.suse.com/security/cve/CVE-2025-23145"
},
{
"category": "external",
"summary": "SUSE Bug 1242596 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "external",
"summary": "SUSE Bug 1242882 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-23145"
},
{
"cve": "CVE-2025-23146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: ene-kb3930: Fix a potential NULL pointer dereference\n\nThe off_gpios could be NULL. Add missing check in the kb3930_probe().\nThis is similar to the issue fixed in commit b1ba8bcb2d1f\n(\"backlight: hx8357: Fix potential NULL pointer dereference\").\n\nThis was detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23146",
"url": "https://www.suse.com/security/cve/CVE-2025-23146"
},
{
"category": "external",
"summary": "SUSE Bug 1242559 for CVE-2025-23146",
"url": "https://bugzilla.suse.com/1242559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23146"
},
{
"cve": "CVE-2025-23147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: Add NULL pointer check in i3c_master_queue_ibi()\n\nThe I3C master driver may receive an IBI from a target device that has not\nbeen probed yet. In such cases, the master calls `i3c_master_queue_ibi()`\nto queue an IBI work task, leading to \"Unable to handle kernel read from\nunreadable memory\" and resulting in a kernel panic.\n\nTypical IBI handling flow:\n1. The I3C master scans target devices and probes their respective drivers.\n2. The target device driver calls `i3c_device_request_ibi()` to enable IBI\n and assigns `dev-\u003eibi = ibi`.\n3. The I3C master receives an IBI from the target device and calls\n `i3c_master_queue_ibi()` to queue the target device driver\u0027s IBI\n handler task.\n\nHowever, since target device events are asynchronous to the I3C probe\nsequence, step 3 may occur before step 2, causing `dev-\u003eibi` to be `NULL`,\nleading to a kernel panic.\n\nAdd a NULL pointer check in `i3c_master_queue_ibi()` to prevent accessing\nan uninitialized `dev-\u003eibi`, ensuring stability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23147",
"url": "https://www.suse.com/security/cve/CVE-2025-23147"
},
{
"category": "external",
"summary": "SUSE Bug 1242530 for CVE-2025-23147",
"url": "https://bugzilla.suse.com/1242530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23147"
},
{
"cve": "CVE-2025-23148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()\n\nsoc_dev_attr-\u003erevision could be NULL, thus,\na pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23148",
"url": "https://www.suse.com/security/cve/CVE-2025-23148"
},
{
"category": "external",
"summary": "SUSE Bug 1242578 for CVE-2025-23148",
"url": "https://bugzilla.suse.com/1242578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23148"
},
{
"cve": "CVE-2025-23149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: do not start chip while suspended\n\nChecking TPM_CHIP_FLAG_SUSPENDED after the call to tpm_find_get_ops() can\nlead to a spurious tpm_chip_start() call:\n\n[35985.503771] i2c i2c-1: Transfer while suspended\n[35985.503796] WARNING: CPU: 0 PID: 74 at drivers/i2c/i2c-core.h:56 __i2c_transfer+0xbe/0x810\n[35985.503802] Modules linked in:\n[35985.503808] CPU: 0 UID: 0 PID: 74 Comm: hwrng Tainted: G W 6.13.0-next-20250203-00005-gfa0cb5642941 #19 9c3d7f78192f2d38e32010ac9c90fdc71109ef6f\n[35985.503814] Tainted: [W]=WARN\n[35985.503817] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[35985.503819] RIP: 0010:__i2c_transfer+0xbe/0x810\n[35985.503825] Code: 30 01 00 00 4c 89 f7 e8 40 fe d8 ff 48 8b 93 80 01 00 00 48 85 d2 75 03 49 8b 16 48 c7 c7 0a fb 7c a7 48 89 c6 e8 32 ad b0 fe \u003c0f\u003e 0b b8 94 ff ff ff e9 33 04 00 00 be 02 00 00 00 83 fd 02 0f 5\n[35985.503828] RSP: 0018:ffffa106c0333d30 EFLAGS: 00010246\n[35985.503833] RAX: 074ba64aa20f7000 RBX: ffff8aa4c1167120 RCX: 0000000000000000\n[35985.503836] RDX: 0000000000000000 RSI: ffffffffa77ab0e4 RDI: 0000000000000001\n[35985.503838] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\n[35985.503841] R10: 0000000000000004 R11: 00000001000313d5 R12: ffff8aa4c10f1820\n[35985.503843] R13: ffff8aa4c0e243c0 R14: ffff8aa4c1167250 R15: ffff8aa4c1167120\n[35985.503846] FS: 0000000000000000(0000) GS:ffff8aa4eae00000(0000) knlGS:0000000000000000\n[35985.503849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[35985.503852] CR2: 00007fab0aaf1000 CR3: 0000000105328000 CR4: 00000000003506f0\n[35985.503855] Call Trace:\n[35985.503859] \u003cTASK\u003e\n[35985.503863] ? __warn+0xd4/0x260\n[35985.503868] ? __i2c_transfer+0xbe/0x810\n[35985.503874] ? report_bug+0xf3/0x210\n[35985.503882] ? handle_bug+0x63/0xb0\n[35985.503887] ? exc_invalid_op+0x16/0x50\n[35985.503892] ? asm_exc_invalid_op+0x16/0x20\n[35985.503904] ? __i2c_transfer+0xbe/0x810\n[35985.503913] tpm_cr50_i2c_transfer_message+0x24/0xf0\n[35985.503920] tpm_cr50_i2c_read+0x8e/0x120\n[35985.503928] tpm_cr50_request_locality+0x75/0x170\n[35985.503935] tpm_chip_start+0x116/0x160\n[35985.503942] tpm_try_get_ops+0x57/0x90\n[35985.503948] tpm_find_get_ops+0x26/0xd0\n[35985.503955] tpm_get_random+0x2d/0x80\n\nDon\u0027t move forward with tpm_chip_start() inside tpm_try_get_ops(), unless\nTPM_CHIP_FLAG_SUSPENDED is not set. tpm_find_get_ops() will return NULL in\nsuch a failure case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23149",
"url": "https://www.suse.com/security/cve/CVE-2025-23149"
},
{
"category": "external",
"summary": "SUSE Bug 1242758 for CVE-2025-23149",
"url": "https://bugzilla.suse.com/1242758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23149"
},
{
"cve": "CVE-2025-23150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off-by-one error in do_split\n\nSyzkaller detected a use-after-free issue in ext4_insert_dentry that was\ncaused by out-of-bounds access due to incorrect splitting in do_split.\n\nBUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nWrite of size 251 at addr ffff888074572f14 by task syz-executor335/5847\n\nCPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\n ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\n add_dirent_to_buf+0x3d9/0x750 fs/ext4/namei.c:2154\n make_indexed_dir+0xf98/0x1600 fs/ext4/namei.c:2351\n ext4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2455\n ext4_add_nondir+0x8d/0x290 fs/ext4/namei.c:2796\n ext4_symlink+0x920/0xb50 fs/ext4/namei.c:3431\n vfs_symlink+0x137/0x2e0 fs/namei.c:4615\n do_symlinkat+0x222/0x3a0 fs/namei.c:4641\n __do_sys_symlink fs/namei.c:4662 [inline]\n __se_sys_symlink fs/namei.c:4660 [inline]\n __x64_sys_symlink+0x7a/0x90 fs/namei.c:4660\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThe following loop is located right above \u0027if\u0027 statement.\n\nfor (i = count-1; i \u003e= 0; i--) {\n\t/* is more than half of this entry in 2nd half of the block? */\n\tif (size + map[i].size/2 \u003e blocksize/2)\n\t\tbreak;\n\tsize += map[i].size;\n\tmove++;\n}\n\n\u0027i\u0027 in this case could go down to -1, in which case sum of active entries\nwouldn\u0027t exceed half the block size, but previous behaviour would also do\nsplit in half if sum would exceed at the very last block, which in case of\nhaving too many long name files in a single block could lead to\nout-of-bounds access and following use-after-free.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23150",
"url": "https://www.suse.com/security/cve/CVE-2025-23150"
},
{
"category": "external",
"summary": "SUSE Bug 1242513 for CVE-2025-23150",
"url": "https://bugzilla.suse.com/1242513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23150"
},
{
"cve": "CVE-2025-23151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Fix race between unprepare and queue_buf\n\nA client driver may use mhi_unprepare_from_transfer() to quiesce\nincoming data during the client driver\u0027s tear down. The client driver\nmight also be processing data at the same time, resulting in a call to\nmhi_queue_buf() which will invoke mhi_gen_tre(). If mhi_gen_tre() runs\nafter mhi_unprepare_from_transfer() has torn down the channel, a panic\nwill occur due to an invalid dereference leading to a page fault.\n\nThis occurs because mhi_gen_tre() does not verify the channel state\nafter locking it. Fix this by having mhi_gen_tre() confirm the channel\nstate is valid, or return error to avoid accessing deinitialized data.\n\n[mani: added stable tag]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23151",
"url": "https://www.suse.com/security/cve/CVE-2025-23151"
},
{
"category": "external",
"summary": "SUSE Bug 1242512 for CVE-2025-23151",
"url": "https://bugzilla.suse.com/1242512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23151"
},
{
"cve": "CVE-2025-23156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: refactor hfi packet parsing logic\n\nwords_count denotes the number of words in total payload, while data\npoints to payload of various property within it. When words_count\nreaches last word, data can access memory beyond the total payload. This\ncan lead to OOB access. With this patch, the utility api for handling\nindividual properties now returns the size of data consumed. Accordingly\nremaining bytes are calculated before parsing the payload, thereby\neliminates the OOB access possibilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23156",
"url": "https://www.suse.com/security/cve/CVE-2025-23156"
},
{
"category": "external",
"summary": "SUSE Bug 1242569 for CVE-2025-23156",
"url": "https://bugzilla.suse.com/1242569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23156"
},
{
"cve": "CVE-2025-23157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: add check to avoid out of bound access\n\nThere is a possibility that init_codecs is invoked multiple times during\nmanipulated payload from video firmware. In such case, if codecs_count\ncan get incremented to value more than MAX_CODEC_NUM, there can be OOB\naccess. Reset the count so that it always starts from beginning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23157",
"url": "https://www.suse.com/security/cve/CVE-2025-23157"
},
{
"category": "external",
"summary": "SUSE Bug 1242532 for CVE-2025-23157",
"url": "https://bugzilla.suse.com/1242532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23157"
},
{
"cve": "CVE-2025-23158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add check to handle incorrect queue size\n\nqsize represents size of shared queued between driver and video\nfirmware. Firmware can modify this value to an invalid large value. In\nsuch situation, empty_space will be bigger than the space actually\navailable. Since new_wr_idx is not checked, so the following code will\nresult in an OOB write.\n...\nqsize = qhdr-\u003eq_size\n\nif (wr_idx \u003e= rd_idx)\n empty_space = qsize - (wr_idx - rd_idx)\n....\nif (new_wr_idx \u003c qsize) {\n memcpy(wr_ptr, packet, dwords \u003c\u003c 2) --\u003e OOB write\n\nAdd check to ensure qsize is within the allocated size while\nreading and writing packets into the queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23158",
"url": "https://www.suse.com/security/cve/CVE-2025-23158"
},
{
"category": "external",
"summary": "SUSE Bug 1242531 for CVE-2025-23158",
"url": "https://bugzilla.suse.com/1242531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23158"
},
{
"cve": "CVE-2025-23159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add a check to handle OOB in sfr region\n\nsfr-\u003ebuf_size is in shared memory and can be modified by malicious user.\nOOB write is possible when the size is made higher than actual sfr data\nbuffer. Cap the size to allocated size for such cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23159",
"url": "https://www.suse.com/security/cve/CVE-2025-23159"
},
{
"category": "external",
"summary": "SUSE Bug 1242529 for CVE-2025-23159",
"url": "https://bugzilla.suse.com/1242529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23159"
},
{
"cve": "CVE-2025-23160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization\n\nOn Mediatek devices with a system companion processor (SCP) the mtk_scp\nstructure has to be removed explicitly to avoid a resource leak.\nFree the structure in case the allocation of the firmware structure fails\nduring the firmware initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23160",
"url": "https://www.suse.com/security/cve/CVE-2025-23160"
},
{
"category": "external",
"summary": "SUSE Bug 1242507 for CVE-2025-23160",
"url": "https://bugzilla.suse.com/1242507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23160"
},
{
"cve": "CVE-2025-23161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type\n\nThe access to the PCI config space via pci_ops::read and pci_ops::write is\na low-level hardware access. The functions can be accessed with disabled\ninterrupts even on PREEMPT_RT. The pci_lock is a raw_spinlock_t for this\npurpose.\n\nA spinlock_t becomes a sleeping lock on PREEMPT_RT, so it cannot be\nacquired with disabled interrupts. The vmd_dev::cfg_lock is accessed in\nthe same context as the pci_lock.\n\nMake vmd_dev::cfg_lock a raw_spinlock_t type so it can be used with\ninterrupts disabled.\n\nThis was reported as:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n Call Trace:\n rt_spin_lock+0x4e/0x130\n vmd_pci_read+0x8d/0x100 [vmd]\n pci_user_read_config_byte+0x6f/0xe0\n pci_read_config+0xfe/0x290\n sysfs_kf_bin_read+0x68/0x90\n\n[bigeasy: reword commit message]\nTested-off-by: Luis Claudio R. Goncalves \u003clgoncalv@redhat.com\u003e\n[kwilczynski: commit log]\n[bhelgaas: add back report info from\nhttps://lore.kernel.org/lkml/20241218115951.83062-1-ryotkkr98@gmail.com/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23161",
"url": "https://www.suse.com/security/cve/CVE-2025-23161"
},
{
"category": "external",
"summary": "SUSE Bug 1242792 for CVE-2025-23161",
"url": "https://bugzilla.suse.com/1242792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-23161"
},
{
"cve": "CVE-2025-37740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add sanity check for agwidth in dbMount\n\nThe width in dmapctl of the AG is zero, it trigger a divide error when\ncalculating the control page level in dbAllocAG.\n\nTo avoid this issue, add a check for agwidth in dbAllocAG.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37740",
"url": "https://www.suse.com/security/cve/CVE-2025-37740"
},
{
"category": "external",
"summary": "SUSE Bug 1243006 for CVE-2025-37740",
"url": "https://bugzilla.suse.com/1243006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37740"
},
{
"cve": "CVE-2025-37741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Prevent copying of nlink with value 0 from disk inode\n\nsyzbot report a deadlock in diFree. [1]\n\nWhen calling \"ioctl$LOOP_SET_STATUS64\", the offset value passed in is 4,\nwhich does not match the mounted loop device, causing the mapping of the\nmounted loop device to be invalidated.\n\nWhen creating the directory and creating the inode of iag in diReadSpecial(),\nread the page of fixed disk inode (AIT) in raw mode in read_metapage(), the\nmetapage data it returns is corrupted, which causes the nlink value of 0 to be\nassigned to the iag inode when executing copy_from_dinode(), which ultimately\ncauses a deadlock when entering diFree().\n\nTo avoid this, first check the nlink value of dinode before setting iag inode.\n\n[1]\nWARNING: possible recursive locking detected\n6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0 Not tainted\n--------------------------------------------\nsyz-executor301/5309 is trying to acquire lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n\nbut task is already holding lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026(imap-\u003eim_aglock[index]));\n lock(\u0026(imap-\u003eim_aglock[index]));\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n5 locks held by syz-executor301/5309:\n #0: ffff8880422a4420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:515\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:850 [inline]\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: filename_create+0x260/0x540 fs/namei.c:4026\n #2: ffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2460 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocAG+0x4b7/0x1e50 fs/jfs/jfs_imap.c:1669\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2477 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocAG+0x869/0x1e50 fs/jfs/jfs_imap.c:1669\n\nstack backtrace:\nCPU: 0 UID: 0 PID: 5309 Comm: syz-executor301 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_deadlock_bug+0x483/0x620 kernel/locking/lockdep.c:3037\n check_deadlock kernel/locking/lockdep.c:3089 [inline]\n validate_chain+0x15e2/0x5920 kernel/locking/lockdep.c:3891\n __lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5202\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825\n __mutex_lock_common kernel/locking/mutex.c:608 [inline]\n __mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752\n diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n jfs_evict_inode+0x32d/0x440 fs/jfs/inode.c:156\n evict+0x4e8/0x9b0 fs/inode.c:725\n diFreeSpecial fs/jfs/jfs_imap.c:552 [inline]\n duplicateIXtree+0x3c6/0x550 fs/jfs/jfs_imap.c:3022\n diNewIAG fs/jfs/jfs_imap.c:2597 [inline]\n diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n diAllocAG+0x17dc/0x1e50 fs/jfs/jfs_imap.c:1669\n diAlloc+0x1d2/0x1630 fs/jfs/jfs_imap.c:1590\n ialloc+0x8f/0x900 fs/jfs/jfs_inode.c:56\n jfs_mkdir+0x1c5/0xba0 fs/jfs/namei.c:225\n vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257\n do_mkdirat+0x264/0x3a0 fs/namei.c:4280\n __do_sys_mkdirat fs/namei.c:4295 [inline]\n __se_sys_mkdirat fs/namei.c:4293 [inline]\n __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293\n do_syscall_x64 arch/x86/en\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37741",
"url": "https://www.suse.com/security/cve/CVE-2025-37741"
},
{
"category": "external",
"summary": "SUSE Bug 1243015 for CVE-2025-37741",
"url": "https://bugzilla.suse.com/1243015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37741"
},
{
"cve": "CVE-2025-37742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix uninit-value access of imap allocated in the diMount() function\n\nsyzbot reports that hex_dump_to_buffer is using uninit-value:\n\n=====================================================\nBUG: KMSAN: uninit-value in hex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nhex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nprint_hex_dump+0x13d/0x3e0 lib/hexdump.c:276\ndiFree+0x5ba/0x4350 fs/jfs/jfs_imap.c:876\njfs_evict_inode+0x510/0x550 fs/jfs/inode.c:156\nevict+0x723/0xd10 fs/inode.c:796\niput_final fs/inode.c:1946 [inline]\niput+0x97b/0xdb0 fs/inode.c:1972\ntxUpdateMap+0xf3e/0x1150 fs/jfs/jfs_txnmgr.c:2367\ntxLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline]\njfs_lazycommit+0x627/0x11d0 fs/jfs/jfs_txnmgr.c:2733\nkthread+0x6b9/0xef0 kernel/kthread.c:464\nret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:148\nret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nUninit was created at:\nslab_post_alloc_hook mm/slub.c:4121 [inline]\nslab_alloc_node mm/slub.c:4164 [inline]\n__kmalloc_cache_noprof+0x8e3/0xdf0 mm/slub.c:4320\nkmalloc_noprof include/linux/slab.h:901 [inline]\ndiMount+0x61/0x7f0 fs/jfs/jfs_imap.c:105\njfs_mount+0xa8e/0x11d0 fs/jfs/jfs_mount.c:176\njfs_fill_super+0xa47/0x17c0 fs/jfs/super.c:523\nget_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636\nget_tree_bdev+0x37/0x50 fs/super.c:1659\njfs_get_tree+0x34/0x40 fs/jfs/super.c:635\nvfs_get_tree+0xb1/0x5a0 fs/super.c:1814\ndo_new_mount+0x71f/0x15e0 fs/namespace.c:3560\npath_mount+0x742/0x1f10 fs/namespace.c:3887\ndo_mount fs/namespace.c:3900 [inline]\n__do_sys_mount fs/namespace.c:4111 [inline]\n__se_sys_mount+0x71f/0x800 fs/namespace.c:4088\n__x64_sys_mount+0xe4/0x150 fs/namespace.c:4088\nx64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\n=====================================================\n\nThe reason is that imap is not properly initialized after memory\nallocation. It will cause the snprintf() function to write uninitialized\ndata into linebuf within hex_dump_to_buffer().\n\nFix this by using kzalloc instead of kmalloc to clear its content at the\nbeginning in diMount().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37742",
"url": "https://www.suse.com/security/cve/CVE-2025-37742"
},
{
"category": "external",
"summary": "SUSE Bug 1243011 for CVE-2025-37742",
"url": "https://bugzilla.suse.com/1243011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37742"
},
{
"cve": "CVE-2025-37747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37747",
"url": "https://www.suse.com/security/cve/CVE-2025-37747"
},
{
"category": "external",
"summary": "SUSE Bug 1242520 for CVE-2025-37747",
"url": "https://bugzilla.suse.com/1242520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37747"
},
{
"cve": "CVE-2025-37748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37748"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group\n\nCurrently, mtk_iommu calls during probe iommu_device_register before\nthe hw_list from driver data is initialized. Since iommu probing issue\nfix, it leads to NULL pointer dereference in mtk_iommu_device_group when\nhw_list is accessed with list_first_entry (not null safe).\n\nSo, change the call order to ensure iommu_device_register is called\nafter the driver data are initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37748",
"url": "https://www.suse.com/security/cve/CVE-2025-37748"
},
{
"category": "external",
"summary": "SUSE Bug 1242523 for CVE-2025-37748",
"url": "https://bugzilla.suse.com/1242523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37748"
},
{
"cve": "CVE-2025-37749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ppp: Add bound checking for skb data on ppp_sync_txmung\n\nEnsure we have enough data in linear buffer from skb before accessing\ninitial bytes. This prevents potential out-of-bounds accesses\nwhen processing short packets.\n\nWhen ppp_sync_txmung receives an incoming package with an empty\npayload:\n(remote) gef\u27a4 p *(struct pppoe_hdr *) (skb-\u003ehead + skb-\u003enetwork_header)\n$18 = {\n\ttype = 0x1,\n\tver = 0x1,\n\tcode = 0x0,\n\tsid = 0x2,\n length = 0x0,\n\ttag = 0xffff8880371cdb96\n}\n\nfrom the skb struct (trimmed)\n tail = 0x16,\n end = 0x140,\n head = 0xffff88803346f400 \"4\",\n data = 0xffff88803346f416 \":\\377\",\n truesize = 0x380,\n len = 0x0,\n data_len = 0x0,\n mac_len = 0xe,\n hdr_len = 0x0,\n\nit is not safe to access data[2].\n\n[pabeni@redhat.com: fixed subj typo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37749",
"url": "https://www.suse.com/security/cve/CVE-2025-37749"
},
{
"category": "external",
"summary": "SUSE Bug 1242859 for CVE-2025-37749",
"url": "https://bugzilla.suse.com/1242859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37749"
},
{
"cve": "CVE-2025-37750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in decryption with multichannel\n\nAfter commit f7025d861694 (\"smb: client: allocate crypto only for\nprimary server\") and commit b0abcd65ec54 (\"smb: client: fix UAF in\nasync decryption\"), the channels started reusing AEAD TFM from primary\nchannel to perform synchronous decryption, but that can\u0027t done as\nthere could be multiple cifsd threads (one per channel) simultaneously\naccessing it to perform decryption.\n\nThis fixes the following KASAN splat when running fstest generic/249\nwith \u0027vers=3.1.1,multichannel,max_channels=4,seal\u0027 against Windows\nServer 2022:\n\nBUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xba/0x110\nRead of size 8 at addr ffff8881046c18a0 by task cifsd/986\nCPU: 3 UID: 0 PID: 986 Comm: cifsd Not tainted 6.15.0-rc1 #1\nPREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n print_report+0x156/0x528\n ? gf128mul_4k_lle+0xba/0x110\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? gf128mul_4k_lle+0xba/0x110\n kasan_report+0xdf/0x1a0\n ? gf128mul_4k_lle+0xba/0x110\n gf128mul_4k_lle+0xba/0x110\n ghash_update+0x189/0x210\n shash_ahash_update+0x295/0x370\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_extract_iter_to_sg+0x10/0x10\n ? ___kmalloc_large_node+0x10e/0x180\n ? __asan_memset+0x23/0x50\n crypto_ahash_update+0x3c/0xc0\n gcm_hash_assoc_remain_continue+0x93/0xc0\n crypt_message+0xe09/0xec0 [cifs]\n ? __pfx_crypt_message+0x10/0x10 [cifs]\n ? _raw_spin_unlock+0x23/0x40\n ? __pfx_cifs_readv_from_socket+0x10/0x10 [cifs]\n decrypt_raw_data+0x229/0x380 [cifs]\n ? __pfx_decrypt_raw_data+0x10/0x10 [cifs]\n ? __pfx_cifs_read_iter_from_socket+0x10/0x10 [cifs]\n smb3_receive_transform+0x837/0xc80 [cifs]\n ? __pfx_smb3_receive_transform+0x10/0x10 [cifs]\n ? __pfx___might_resched+0x10/0x10\n ? __pfx_smb3_is_transform_hdr+0x10/0x10 [cifs]\n cifs_demultiplex_thread+0x692/0x1570 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n ? rcu_is_watching+0x20/0x50\n ? rcu_lockdep_current_cpu_online+0x62/0xb0\n ? find_held_lock+0x32/0x90\n ? kvm_sched_clock_read+0x11/0x20\n ? local_clock_noinstr+0xd/0xd0\n ? trace_irq_enable.constprop.0+0xa8/0xe0\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0x1fe/0x380\n ? kthread+0x10f/0x380\n ? __pfx_kthread+0x10/0x10\n ? local_clock_noinstr+0xd/0xd0\n ? ret_from_fork+0x1b/0x60\n ? local_clock+0x15/0x30\n ? lock_release+0x29b/0x390\n ? rcu_is_watching+0x20/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37750",
"url": "https://www.suse.com/security/cve/CVE-2025-37750"
},
{
"category": "external",
"summary": "SUSE Bug 1242510 for CVE-2025-37750",
"url": "https://bugzilla.suse.com/1242510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37750"
},
{
"cve": "CVE-2025-37754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/huc: Fix fence not released on early probe errors\n\nHuC delayed loading fence, introduced with commit 27536e03271da\n(\"drm/i915/huc: track delayed HuC load with a fence\"), is registered with\nobject tracker early on driver probe but unregistered only from driver\nremove, which is not called on early probe errors. Since its memory is\nallocated under devres, then released anyway, it may happen to be\nallocated again to the fence and reused on future driver probes, resulting\nin kernel warnings that taint the kernel:\n\n\u003c4\u003e [309.731371] ------------[ cut here ]------------\n\u003c3\u003e [309.731373] ODEBUG: init destroyed (active state 0) object: ffff88813d7dd2e0 object type: i915_sw_fence hint: sw_fence_dummy_notify+0x0/0x20 [i915]\n\u003c4\u003e [309.731575] WARNING: CPU: 2 PID: 3161 at lib/debugobjects.c:612 debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731693] CPU: 2 UID: 0 PID: 3161 Comm: i915_module_loa Tainted: G U 6.14.0-CI_DRM_16362-gf0fd77956987+ #1\n...\n\u003c4\u003e [309.731700] RIP: 0010:debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731728] Call Trace:\n\u003c4\u003e [309.731730] \u003cTASK\u003e\n...\n\u003c4\u003e [309.731949] __debug_object_init+0x17b/0x1c0\n\u003c4\u003e [309.731957] debug_object_init+0x34/0x50\n\u003c4\u003e [309.732126] __i915_sw_fence_init+0x34/0x60 [i915]\n\u003c4\u003e [309.732256] intel_huc_init_early+0x4b/0x1d0 [i915]\n\u003c4\u003e [309.732468] intel_uc_init_early+0x61/0x680 [i915]\n\u003c4\u003e [309.732667] intel_gt_common_init_early+0x105/0x130 [i915]\n\u003c4\u003e [309.732804] intel_root_gt_init_early+0x63/0x80 [i915]\n\u003c4\u003e [309.732938] i915_driver_probe+0x1fa/0xeb0 [i915]\n\u003c4\u003e [309.733075] i915_pci_probe+0xe6/0x220 [i915]\n\u003c4\u003e [309.733198] local_pci_probe+0x44/0xb0\n\u003c4\u003e [309.733203] pci_device_probe+0xf4/0x270\n\u003c4\u003e [309.733209] really_probe+0xee/0x3c0\n\u003c4\u003e [309.733215] __driver_probe_device+0x8c/0x180\n\u003c4\u003e [309.733219] driver_probe_device+0x24/0xd0\n\u003c4\u003e [309.733223] __driver_attach+0x10f/0x220\n\u003c4\u003e [309.733230] bus_for_each_dev+0x7d/0xe0\n\u003c4\u003e [309.733236] driver_attach+0x1e/0x30\n\u003c4\u003e [309.733239] bus_add_driver+0x151/0x290\n\u003c4\u003e [309.733244] driver_register+0x5e/0x130\n\u003c4\u003e [309.733247] __pci_register_driver+0x7d/0x90\n\u003c4\u003e [309.733251] i915_pci_register_driver+0x23/0x30 [i915]\n\u003c4\u003e [309.733413] i915_init+0x34/0x120 [i915]\n\u003c4\u003e [309.733655] do_one_initcall+0x62/0x3f0\n\u003c4\u003e [309.733667] do_init_module+0x97/0x2a0\n\u003c4\u003e [309.733671] load_module+0x25ff/0x2890\n\u003c4\u003e [309.733688] init_module_from_file+0x97/0xe0\n\u003c4\u003e [309.733701] idempotent_init_module+0x118/0x330\n\u003c4\u003e [309.733711] __x64_sys_finit_module+0x77/0x100\n\u003c4\u003e [309.733715] x64_sys_call+0x1f37/0x2650\n\u003c4\u003e [309.733719] do_syscall_64+0x91/0x180\n\u003c4\u003e [309.733763] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\u003c4\u003e [309.733792] \u003c/TASK\u003e\n...\n\u003c4\u003e [309.733806] ---[ end trace 0000000000000000 ]---\n\nThat scenario is most easily reproducible with\nigt@i915_module_load@reload-with-fault-injection.\n\nFix the issue by moving the cleanup step to driver release path.\n\n(cherry picked from commit 795dbde92fe5c6996a02a5b579481de73035e7bf)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37754",
"url": "https://www.suse.com/security/cve/CVE-2025-37754"
},
{
"category": "external",
"summary": "SUSE Bug 1242524 for CVE-2025-37754",
"url": "https://bugzilla.suse.com/1242524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37754"
},
{
"cve": "CVE-2025-37755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37755"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: handle page_pool_dev_alloc_pages error\n\npage_pool_dev_alloc_pages could return NULL. There was a WARN_ON(!page)\nbut it would still proceed to use the NULL pointer and then crash.\n\nThis is similar to commit 001ba0902046\n(\"net: fec: handle page_pool_dev_alloc_pages error\").\n\nThis is found by our static analysis tool KNighter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37755",
"url": "https://www.suse.com/security/cve/CVE-2025-37755"
},
{
"category": "external",
"summary": "SUSE Bug 1242506 for CVE-2025-37755",
"url": "https://bugzilla.suse.com/1242506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37755"
},
{
"cve": "CVE-2025-37758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()\n\ndevm_ioremap() returns NULL on error. Currently, pxa_ata_probe() does\nnot check for this case, which can result in a NULL pointer dereference.\n\nAdd NULL check after devm_ioremap() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37758",
"url": "https://www.suse.com/security/cve/CVE-2025-37758"
},
{
"category": "external",
"summary": "SUSE Bug 1242514 for CVE-2025-37758",
"url": "https://bugzilla.suse.com/1242514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37758"
},
{
"cve": "CVE-2025-37765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: prime: fix ttm_bo_delayed_delete oops\n\nFix an oops in ttm_bo_delayed_delete which results from dererencing a\ndangling pointer:\n\nOops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [#1] PREEMPT SMP\nCPU: 4 UID: 0 PID: 1082 Comm: kworker/u65:2 Not tainted 6.14.0-rc4-00267-g505460b44513-dirty #216\nHardware name: LENOVO 82N6/LNVNB161216, BIOS GKCN65WW 01/16/2024\nWorkqueue: ttm ttm_bo_delayed_delete [ttm]\nRIP: 0010:dma_resv_iter_first_unlocked+0x55/0x290\nCode: 31 f6 48 c7 c7 00 2b fa aa e8 97 bd 52 ff e8 a2 c1 53 00 5a 85 c0 74 48 e9 88 01 00 00 4c 89 63 20 4d 85 e4 0f 84 30 01 00 00 \u003c41\u003e 8b 44 24 10 c6 43 2c 01 48 89 df 89 43 28 e8 97 fd ff ff 4c 8b\nRSP: 0018:ffffbf9383473d60 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: ffffbf9383473d88 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffbf9383473d78 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 6b6b6b6b6b6b6b6b\nR13: ffffa003bbf78580 R14: ffffa003a6728040 R15: 00000000000383cc\nFS: 0000000000000000(0000) GS:ffffa00991c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000758348024dd0 CR3: 000000012c259000 CR4: 0000000000f50ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x26\n ? die_addr+0x3d/0x70\n ? exc_general_protection+0x159/0x460\n ? asm_exc_general_protection+0x27/0x30\n ? dma_resv_iter_first_unlocked+0x55/0x290\n dma_resv_wait_timeout+0x56/0x100\n ttm_bo_delayed_delete+0x69/0xb0 [ttm]\n process_one_work+0x217/0x5c0\n worker_thread+0x1c8/0x3d0\n ? apply_wqattrs_cleanup.part.0+0xc0/0xc0\n kthread+0x10b/0x240\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork+0x40/0x70\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThe cause of this is:\n\n- drm_prime_gem_destroy calls dma_buf_put(dma_buf) which releases the\n reference to the shared dma_buf. The reference count is 0, so the\n dma_buf is destroyed, which in turn decrements the corresponding\n amdgpu_bo reference count to 0, and the amdgpu_bo is destroyed -\n calling drm_gem_object_release then dma_resv_fini (which destroys the\n reservation object), then finally freeing the amdgpu_bo.\n\n- nouveau_bo obj-\u003ebo.base.resv is now a dangling pointer to the memory\n formerly allocated to the amdgpu_bo.\n\n- nouveau_gem_object_del calls ttm_bo_put(\u0026nvbo-\u003ebo) which calls\n ttm_bo_release, which schedules ttm_bo_delayed_delete.\n\n- ttm_bo_delayed_delete runs and dereferences the dangling resv pointer,\n resulting in a general protection fault.\n\nFix this by moving the drm_prime_gem_destroy call from\nnouveau_gem_object_del to nouveau_bo_del_ttm. This ensures that it will\nbe run after ttm_bo_delayed_delete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37765",
"url": "https://www.suse.com/security/cve/CVE-2025-37765"
},
{
"category": "external",
"summary": "SUSE Bug 1242761 for CVE-2025-37765",
"url": "https://bugzilla.suse.com/1242761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37765"
},
{
"cve": "CVE-2025-37766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37766",
"url": "https://www.suse.com/security/cve/CVE-2025-37766"
},
{
"category": "external",
"summary": "SUSE Bug 1242785 for CVE-2025-37766",
"url": "https://bugzilla.suse.com/1242785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37766"
},
{
"cve": "CVE-2025-37767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37767",
"url": "https://www.suse.com/security/cve/CVE-2025-37767"
},
{
"category": "external",
"summary": "SUSE Bug 1242501 for CVE-2025-37767",
"url": "https://bugzilla.suse.com/1242501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37767"
},
{
"cve": "CVE-2025-37768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37768",
"url": "https://www.suse.com/security/cve/CVE-2025-37768"
},
{
"category": "external",
"summary": "SUSE Bug 1242567 for CVE-2025-37768",
"url": "https://bugzilla.suse.com/1242567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37768"
},
{
"cve": "CVE-2025-37769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm/smu11: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n(cherry picked from commit da7dc714a8f8e1c9fc33c57cd63583779a3bef71)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37769",
"url": "https://www.suse.com/security/cve/CVE-2025-37769"
},
{
"category": "external",
"summary": "SUSE Bug 1242587 for CVE-2025-37769",
"url": "https://bugzilla.suse.com/1242587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37769"
},
{
"cve": "CVE-2025-37770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37770",
"url": "https://www.suse.com/security/cve/CVE-2025-37770"
},
{
"category": "external",
"summary": "SUSE Bug 1242764 for CVE-2025-37770",
"url": "https://bugzilla.suse.com/1242764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37770"
},
{
"cve": "CVE-2025-37771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37771",
"url": "https://www.suse.com/security/cve/CVE-2025-37771"
},
{
"category": "external",
"summary": "SUSE Bug 1242781 for CVE-2025-37771",
"url": "https://bugzilla.suse.com/1242781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37771"
},
{
"cve": "CVE-2025-37772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix workqueue crash in cma_netevent_work_handler\n\nstruct rdma_cm_id has member \"struct work_struct net_work\"\nthat is reused for enqueuing cma_netevent_work_handler()s\nonto cma_wq.\n\nBelow crash[1] can occur if more than one call to\ncma_netevent_callback() occurs in quick succession,\nwhich further enqueues cma_netevent_work_handler()s for the\nsame rdma_cm_id, overwriting any previously queued work-item(s)\nthat was just scheduled to run i.e. there is no guarantee\nthe queued work item may run between two successive calls\nto cma_netevent_callback() and the 2nd INIT_WORK would overwrite\nthe 1st work item (for the same rdma_cm_id), despite grabbing\nid_table_lock during enqueue.\n\nAlso drgn analysis [2] indicates the work item was likely overwritten.\n\nFix this by moving the INIT_WORK() to __rdma_create_id(),\nso that it doesn\u0027t race with any existing queue_work() or\nits worker thread.\n\n[1] Trimmed crash stack:\n=============================================\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nkworker/u256:6 ... 6.12.0-0...\nWorkqueue: cma_netevent_work_handler [rdma_cm] (rdma_cm)\nRIP: 0010:process_one_work+0xba/0x31a\nCall Trace:\n worker_thread+0x266/0x3a0\n kthread+0xcf/0x100\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x1a/0x30\n=============================================\n\n[2] drgn crash analysis:\n\n\u003e\u003e\u003e trace = prog.crashed_thread().stack_trace()\n\u003e\u003e\u003e trace\n(0) crash_setup_regs (./arch/x86/include/asm/kexec.h:111:15)\n(1) __crash_kexec (kernel/crash_core.c:122:4)\n(2) panic (kernel/panic.c:399:3)\n(3) oops_end (arch/x86/kernel/dumpstack.c:382:3)\n...\n(8) process_one_work (kernel/workqueue.c:3168:2)\n(9) process_scheduled_works (kernel/workqueue.c:3310:3)\n(10) worker_thread (kernel/workqueue.c:3391:4)\n(11) kthread (kernel/kthread.c:389:9)\n\nLine workqueue.c:3168 for this kernel version is in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n\n\u003e\u003e\u003e trace[8][\"work\"]\n*(struct work_struct *)0xffff92577d0a21d8 = {\n\t.data = (atomic_long_t){\n\t\t.counter = (s64)536870912, \u003c=== Note\n\t},\n\t.entry = (struct list_head){\n\t\t.next = (struct list_head *)0xffff924d075924c0,\n\t\t.prev = (struct list_head *)0xffff924d075924c0,\n\t},\n\t.func = (work_func_t)cma_netevent_work_handler+0x0 = 0xffffffffc2cec280,\n}\n\nSuspicion is that pwq is NULL:\n\u003e\u003e\u003e trace[8][\"pwq\"]\n(struct pool_workqueue *)\u003cabsent\u003e\n\nIn process_one_work(), pwq is assigned from:\nstruct pool_workqueue *pwq = get_work_pwq(work);\n\nand get_work_pwq() is:\nstatic struct pool_workqueue *get_work_pwq(struct work_struct *work)\n{\n \tunsigned long data = atomic_long_read(\u0026work-\u003edata);\n\n \tif (data \u0026 WORK_STRUCT_PWQ)\n \t\treturn work_struct_pwq(data);\n \telse\n \t\treturn NULL;\n}\n\nWORK_STRUCT_PWQ is 0x4:\n\u003e\u003e\u003e print(repr(prog[\u0027WORK_STRUCT_PWQ\u0027]))\nObject(prog, \u0027enum work_flags\u0027, value=4)\n\nBut work-\u003edata is 536870912 which is 0x20000000.\nSo, get_work_pwq() returns NULL and we crash in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n=============================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37772",
"url": "https://www.suse.com/security/cve/CVE-2025-37772"
},
{
"category": "external",
"summary": "SUSE Bug 1242563 for CVE-2025-37772",
"url": "https://bugzilla.suse.com/1242563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37772"
},
{
"cve": "CVE-2025-37773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtiofs: add filesystem context source name check\n\nIn certain scenarios, for example, during fuzz testing, the source\nname may be NULL, which could lead to a kernel panic. Therefore, an\nextra check for the source name should be added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37773",
"url": "https://www.suse.com/security/cve/CVE-2025-37773"
},
{
"category": "external",
"summary": "SUSE Bug 1242502 for CVE-2025-37773",
"url": "https://bugzilla.suse.com/1242502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37773"
},
{
"cve": "CVE-2025-37780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Prevent the use of too small fid\n\nsyzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1]\n\nThe handle_bytes value passed in by the reproducing program is equal to 12.\nIn handle_to_path(), only 12 bytes of memory are allocated for the structure\nfile_handle-\u003ef_handle member, which causes an out-of-bounds access when\naccessing the member parent_block of the structure isofs_fid in isofs,\nbecause accessing parent_block requires at least 16 bytes of f_handle.\nHere, fh_len is used to indirectly confirm that the value of handle_bytes\nis greater than 3 before accessing parent_block.\n\n[1]\nBUG: KASAN: slab-out-of-bounds in isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\nRead of size 4 at addr ffff0000cc030d94 by task syz-executor215/6466\nCPU: 1 UID: 0 PID: 6466 Comm: syz-executor215 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0x198/0x550 mm/kasan/report.c:521\n kasan_report+0xd8/0x138 mm/kasan/report.c:634\n __asan_report_load4_noabort+0x20/0x2c mm/kasan/report_generic.c:380\n isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\n exportfs_decode_fh_raw+0x2dc/0x608 fs/exportfs/expfs.c:523\n do_handle_to_path+0xa0/0x198 fs/fhandle.c:257\n handle_to_path fs/fhandle.c:385 [inline]\n do_handle_open+0x8cc/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nAllocated by task 6466:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x40/0x50 mm/kasan/generic.c:562\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xac/0xc4 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4294 [inline]\n __kmalloc_noprof+0x32c/0x54c mm/slub.c:4306\n kmalloc_noprof include/linux/slab.h:905 [inline]\n handle_to_path fs/fhandle.c:357 [inline]\n do_handle_open+0x5a4/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37780",
"url": "https://www.suse.com/security/cve/CVE-2025-37780"
},
{
"category": "external",
"summary": "SUSE Bug 1242786 for CVE-2025-37780",
"url": "https://bugzilla.suse.com/1242786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37780"
},
{
"cve": "CVE-2025-37781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: cros-ec-tunnel: defer probe if parent EC is not present\n\nWhen i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent\ndevice will not be found, leading to NULL pointer dereference.\n\nThat can also be reproduced by unbinding the controller driver and then\nloading i2c-cros-ec-tunnel module (or binding the device).\n\n[ 271.991245] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 271.998215] #PF: supervisor read access in kernel mode\n[ 272.003351] #PF: error_code(0x0000) - not-present page\n[ 272.008485] PGD 0 P4D 0\n[ 272.011022] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 272.015207] CPU: 0 UID: 0 PID: 3859 Comm: insmod Tainted: G S 6.15.0-rc1-00004-g44722359ed83 #30 PREEMPT(full) 3c7fb39a552e7d949de2ad921a7d6588d3a4fdc5\n[ 272.030312] Tainted: [S]=CPU_OUT_OF_SPEC\n[ 272.034233] Hardware name: HP Berknip/Berknip, BIOS Google_Berknip.13434.356.0 05/17/2021\n[ 272.042400] RIP: 0010:ec_i2c_probe+0x2b/0x1c0 [i2c_cros_ec_tunnel]\n[ 272.048577] Code: 1f 44 00 00 41 57 41 56 41 55 41 54 53 48 83 ec 10 65 48 8b 05 06 a0 6c e7 48 89 44 24 08 4c 8d 7f 10 48 8b 47 50 4c 8b 60 78 \u003c49\u003e 83 7c 24 58 00 0f 84 2f 01 00 00 48 89 fb be 30 06 00 00 4c 9\n[ 272.067317] RSP: 0018:ffffa32082a03940 EFLAGS: 00010282\n[ 272.072541] RAX: ffff969580b6a810 RBX: ffff969580b68c10 RCX: 0000000000000000\n[ 272.079672] RDX: 0000000000000000 RSI: 0000000000000282 RDI: ffff969580b68c00\n[ 272.086804] RBP: 00000000fffffdfb R08: 0000000000000000 R09: 0000000000000000\n[ 272.093936] R10: 0000000000000000 R11: ffffffffc0600000 R12: 0000000000000000\n[ 272.101067] R13: ffffffffa666fbb8 R14: ffffffffc05b5528 R15: ffff969580b68c10\n[ 272.108198] FS: 00007b930906fc40(0000) GS:ffff969603149000(0000) knlGS:0000000000000000\n[ 272.116282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 272.122024] CR2: 0000000000000058 CR3: 000000012631c000 CR4: 00000000003506f0\n[ 272.129155] Call Trace:\n[ 272.131606] \u003cTASK\u003e\n[ 272.133709] ? acpi_dev_pm_attach+0xdd/0x110\n[ 272.137985] platform_probe+0x69/0xa0\n[ 272.141652] really_probe+0x152/0x310\n[ 272.145318] __driver_probe_device+0x77/0x110\n[ 272.149678] driver_probe_device+0x1e/0x190\n[ 272.153864] __driver_attach+0x10b/0x1e0\n[ 272.157790] ? driver_attach+0x20/0x20\n[ 272.161542] bus_for_each_dev+0x107/0x150\n[ 272.165553] bus_add_driver+0x15d/0x270\n[ 272.169392] driver_register+0x65/0x110\n[ 272.173232] ? cleanup_module+0xa80/0xa80 [i2c_cros_ec_tunnel 3a00532f3f4af4a9eade753f86b0f8dd4e4e5698]\n[ 272.182617] do_one_initcall+0x110/0x350\n[ 272.186543] ? security_kernfs_init_security+0x49/0xd0\n[ 272.191682] ? __kernfs_new_node+0x1b9/0x240\n[ 272.195954] ? security_kernfs_init_security+0x49/0xd0\n[ 272.201093] ? __kernfs_new_node+0x1b9/0x240\n[ 272.205365] ? kernfs_link_sibling+0x105/0x130\n[ 272.209810] ? kernfs_next_descendant_post+0x1c/0xa0\n[ 272.214773] ? kernfs_activate+0x57/0x70\n[ 272.218699] ? kernfs_add_one+0x118/0x160\n[ 272.222710] ? __kernfs_create_file+0x71/0xa0\n[ 272.227069] ? sysfs_add_bin_file_mode_ns+0xd6/0x110\n[ 272.232033] ? internal_create_group+0x453/0x4a0\n[ 272.236651] ? __vunmap_range_noflush+0x214/0x2d0\n[ 272.241355] ? __free_frozen_pages+0x1dc/0x420\n[ 272.245799] ? free_vmap_area_noflush+0x10a/0x1c0\n[ 272.250505] ? load_module+0x1509/0x16f0\n[ 272.254431] do_init_module+0x60/0x230\n[ 272.258181] __se_sys_finit_module+0x27a/0x370\n[ 272.262627] do_syscall_64+0x6a/0xf0\n[ 272.266206] ? do_syscall_64+0x76/0xf0\n[ 272.269956] ? irqentry_exit_to_user_mode+0x79/0x90\n[ 272.274836] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n[ 272.279887] RIP: 0033:0x7b9309168d39\n[ 272.283466] Code: 5b 41 5c 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d af 40 0c 00 f7 d8 64 89 01 8\n[ 272.302210] RSP: 002b:00007fff50f1a288 EFLAGS: 00000246 ORIG_RAX: 000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37781",
"url": "https://www.suse.com/security/cve/CVE-2025-37781"
},
{
"category": "external",
"summary": "SUSE Bug 1242575 for CVE-2025-37781",
"url": "https://bugzilla.suse.com/1242575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37781"
},
{
"cve": "CVE-2025-37782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37782"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37782",
"url": "https://www.suse.com/security/cve/CVE-2025-37782"
},
{
"category": "external",
"summary": "SUSE Bug 1242770 for CVE-2025-37782",
"url": "https://bugzilla.suse.com/1242770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37782"
},
{
"cve": "CVE-2025-37785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37785"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix OOB read when checking dotdot dir\n\nMounting a corrupted filesystem with directory which contains \u0027.\u0027 dir\nentry with rec_len == block size results in out-of-bounds read (later\non, when the corrupted directory is removed).\n\next4_empty_dir() assumes every ext4 directory contains at least \u0027.\u0027\nand \u0027..\u0027 as directory entries in the first data block. It first loads\nthe \u0027.\u0027 dir entry, performs sanity checks by calling ext4_check_dir_entry()\nand then uses its rec_len member to compute the location of \u0027..\u0027 dir\nentry (in ext4_next_entry). It assumes the \u0027..\u0027 dir entry fits into the\nsame data block.\n\nIf the rec_len of \u0027.\u0027 is precisely one block (4KB), it slips through the\nsanity checks (it is considered the last directory entry in the data\nblock) and leaves \"struct ext4_dir_entry_2 *de\" point exactly past the\nmemory slot allocated to the data block. The following call to\next4_check_dir_entry() on new value of de then dereferences this pointer\nwhich results in out-of-bounds mem access.\n\nFix this by extending __ext4_check_dir_entry() to check for \u0027.\u0027 dir\nentries that reach the end of data block. Make sure to ignore the phony\ndir entries for checksum (by checking name_len for non-zero).\n\nNote: This is reported by KASAN as use-after-free in case another\nstructure was recently freed from the slot past the bound, but it is\nreally an OOB read.\n\nThis issue was found by syzkaller tool.\n\nCall Trace:\n[ 38.594108] BUG: KASAN: slab-use-after-free in __ext4_check_dir_entry+0x67e/0x710\n[ 38.594649] Read of size 2 at addr ffff88802b41a004 by task syz-executor/5375\n[ 38.595158]\n[ 38.595288] CPU: 0 UID: 0 PID: 5375 Comm: syz-executor Not tainted 6.14.0-rc7 #1\n[ 38.595298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 38.595304] Call Trace:\n[ 38.595308] \u003cTASK\u003e\n[ 38.595311] dump_stack_lvl+0xa7/0xd0\n[ 38.595325] print_address_description.constprop.0+0x2c/0x3f0\n[ 38.595339] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595349] print_report+0xaa/0x250\n[ 38.595359] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595368] ? kasan_addr_to_slab+0x9/0x90\n[ 38.595378] kasan_report+0xab/0xe0\n[ 38.595389] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595400] __ext4_check_dir_entry+0x67e/0x710\n[ 38.595410] ext4_empty_dir+0x465/0x990\n[ 38.595421] ? __pfx_ext4_empty_dir+0x10/0x10\n[ 38.595432] ext4_rmdir.part.0+0x29a/0xd10\n[ 38.595441] ? __dquot_initialize+0x2a7/0xbf0\n[ 38.595455] ? __pfx_ext4_rmdir.part.0+0x10/0x10\n[ 38.595464] ? __pfx___dquot_initialize+0x10/0x10\n[ 38.595478] ? down_write+0xdb/0x140\n[ 38.595487] ? __pfx_down_write+0x10/0x10\n[ 38.595497] ext4_rmdir+0xee/0x140\n[ 38.595506] vfs_rmdir+0x209/0x670\n[ 38.595517] ? lookup_one_qstr_excl+0x3b/0x190\n[ 38.595529] do_rmdir+0x363/0x3c0\n[ 38.595537] ? __pfx_do_rmdir+0x10/0x10\n[ 38.595544] ? strncpy_from_user+0x1ff/0x2e0\n[ 38.595561] __x64_sys_unlinkat+0xf0/0x130\n[ 38.595570] do_syscall_64+0x5b/0x180\n[ 38.595583] entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37785",
"url": "https://www.suse.com/security/cve/CVE-2025-37785"
},
{
"category": "external",
"summary": "SUSE Bug 1241640 for CVE-2025-37785",
"url": "https://bugzilla.suse.com/1241640"
},
{
"category": "external",
"summary": "SUSE Bug 1241698 for CVE-2025-37785",
"url": "https://bugzilla.suse.com/1241698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37785"
},
{
"cve": "CVE-2025-37787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered\n\nRussell King reports that a system with mv88e6xxx dereferences a NULL\npointer when unbinding this driver:\nhttps://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/\n\nThe crash seems to be in devlink_region_destroy(), which is not NULL\ntolerant but is given a NULL devlink global region pointer.\n\nAt least on some chips, some devlink regions are conditionally registered\nsince the blamed commit, see mv88e6xxx_setup_devlink_regions_global():\n\n\t\tif (cond \u0026\u0026 !cond(chip))\n\t\t\tcontinue;\n\nThese are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip\ndoes not have an STU or PVT, it should crash like this.\n\nTo fix the issue, avoid unregistering those regions which are NULL, i.e.\nwere skipped at mv88e6xxx_setup_devlink_regions_global() time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37787",
"url": "https://www.suse.com/security/cve/CVE-2025-37787"
},
{
"category": "external",
"summary": "SUSE Bug 1242585 for CVE-2025-37787",
"url": "https://bugzilla.suse.com/1242585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37787"
},
{
"cve": "CVE-2025-37788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path\n\nIn the for loop used to allocate the loc_array and bmap for each port, a\nmemory leak is possible when the allocation for loc_array succeeds,\nbut the allocation for bmap fails. This is because when the control flow\ngoes to the label free_eth_finfo, only the allocations starting from\n(i-1)th iteration are freed.\n\nFix that by freeing the loc_array in the bmap allocation error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37788",
"url": "https://www.suse.com/security/cve/CVE-2025-37788"
},
{
"category": "external",
"summary": "SUSE Bug 1242766 for CVE-2025-37788",
"url": "https://bugzilla.suse.com/1242766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37788"
},
{
"cve": "CVE-2025-37789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix nested key length validation in the set() action\n\nIt\u0027s not safe to access nla_len(ovs_key) if the data is smaller than\nthe netlink header. Check that the attribute is OK first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37789",
"url": "https://www.suse.com/security/cve/CVE-2025-37789"
},
{
"category": "external",
"summary": "SUSE Bug 1242762 for CVE-2025-37789",
"url": "https://bugzilla.suse.com/1242762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37789"
},
{
"cve": "CVE-2025-37790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Set SOCK_RCU_FREE\n\nBind lookup runs under RCU, so ensure that a socket doesn\u0027t go away in\nthe middle of a lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37790",
"url": "https://www.suse.com/security/cve/CVE-2025-37790"
},
{
"category": "external",
"summary": "SUSE Bug 1242509 for CVE-2025-37790",
"url": "https://bugzilla.suse.com/1242509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37790"
},
{
"cve": "CVE-2025-37792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: Prevent potential NULL dereference\n\nThe btrtl_initialize() function checks that rtl_load_file() either\nhad an error or it loaded a zero length file. However, if it loaded\na zero length file then the error code is not set correctly. It\nresults in an error pointer vs NULL bug, followed by a NULL pointer\ndereference. This was detected by Smatch:\n\ndrivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to \u0027ERR_PTR\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37792",
"url": "https://www.suse.com/security/cve/CVE-2025-37792"
},
{
"category": "external",
"summary": "SUSE Bug 1242591 for CVE-2025-37792",
"url": "https://bugzilla.suse.com/1242591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37792"
},
{
"cve": "CVE-2025-37793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\navs_component_probe() does not check for this case, which results in a\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37793",
"url": "https://www.suse.com/security/cve/CVE-2025-37793"
},
{
"category": "external",
"summary": "SUSE Bug 1242584 for CVE-2025-37793",
"url": "https://bugzilla.suse.com/1242584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37793"
},
{
"cve": "CVE-2025-37794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Purge vif txq in ieee80211_do_stop()\n\nAfter ieee80211_do_stop() SKB from vif\u0027s txq could still be processed.\nIndeed another concurrent vif schedule_and_wake_txq call could cause\nthose packets to be dequeued (see ieee80211_handle_wake_tx_queue())\nwithout checking the sdata current state.\n\nBecause vif.drv_priv is now cleared in this function, this could lead to\ndriver crash.\n\nFor example in ath12k, ahvif is store in vif.drv_priv. Thus if\nath12k_mac_op_tx() is called after ieee80211_do_stop(), ahvif-\u003eah can be\nNULL, leading the ath12k_warn(ahvif-\u003eah,...) call in this function to\ntrigger the NULL deref below.\n\n Unable to handle kernel paging request at virtual address dfffffc000000001\n KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n batman_adv: bat0: Interface deactivated: brbh1337\n Mem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n [dfffffc000000001] address between user and kernel address ranges\n Internal error: Oops: 0000000096000004 [#1] SMP\n CPU: 1 UID: 0 PID: 978 Comm: lbd Not tainted 6.13.0-g633f875b8f1e #114\n Hardware name: HW (DT)\n pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k]\n lr : ath12k_mac_op_tx+0x174/0x29b8 [ath12k]\n sp : ffffffc086ace450\n x29: ffffffc086ace450 x28: 0000000000000000 x27: 1ffffff810d59ca4\n x26: ffffff801d05f7c0 x25: 0000000000000000 x24: 000000004000001e\n x23: ffffff8009ce4926 x22: ffffff801f9c0800 x21: ffffff801d05f7f0\n x20: ffffff8034a19f40 x19: 0000000000000000 x18: ffffff801f9c0958\n x17: ffffff800bc0a504 x16: dfffffc000000000 x15: ffffffc086ace4f8\n x14: ffffff801d05f83c x13: 0000000000000000 x12: ffffffb003a0bf03\n x11: 0000000000000000 x10: ffffffb003a0bf02 x9 : ffffff8034a19f40\n x8 : ffffff801d05f818 x7 : 1ffffff0069433dc x6 : ffffff8034a19ee0\n x5 : ffffff801d05f7f0 x4 : 0000000000000000 x3 : 0000000000000001\n x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000008\n Call trace:\n ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k] (P)\n ieee80211_handle_wake_tx_queue+0x16c/0x260\n ieee80211_queue_skb+0xeec/0x1d20\n ieee80211_tx+0x200/0x2c8\n ieee80211_xmit+0x22c/0x338\n __ieee80211_subif_start_xmit+0x7e8/0xc60\n ieee80211_subif_start_xmit+0xc4/0xee0\n __ieee80211_subif_start_xmit_8023.isra.0+0x854/0x17a0\n ieee80211_subif_start_xmit_8023+0x124/0x488\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n br_dev_queue_push_xmit+0x120/0x4a8\n __br_forward+0xe4/0x2b0\n deliver_clone+0x5c/0xd0\n br_flood+0x398/0x580\n br_dev_xmit+0x454/0x9f8\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n ip6_finish_output2+0xc28/0x1b60\n __ip6_finish_output+0x38c/0x638\n ip6_output+0x1b4/0x338\n ip6_local_out+0x7c/0xa8\n ip6_send_skb+0x7c/0x1b0\n ip6_push_pending_frames+0x94/0xd0\n rawv6_sendmsg+0x1a98/0x2898\n inet_sendmsg+0x94/0xe0\n __sys_sendto+0x1e4/0x308\n __arm64_sys_sendto+0xc4/0x140\n do_el0_svc+0x110/0x280\n el0_svc+0x20/0x60\n el0t_64_sync_handler+0x104/0x138\n el0t_64_sync+0x154/0x158\n\nTo avoid that, empty vif\u0027s txq at ieee80211_do_stop() so no packet could\nbe dequeued after ieee80211_do_stop() (new packets cannot be queued\nbecause SDATA_STATE_RUNNING is cleared at this point).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37794",
"url": "https://www.suse.com/security/cve/CVE-2025-37794"
},
{
"category": "external",
"summary": "SUSE Bug 1242566 for CVE-2025-37794",
"url": "https://bugzilla.suse.com/1242566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37794"
},
{
"cve": "CVE-2025-37796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: at76c50x: fix use after free access in at76_disconnect\n\nThe memory pointed to by priv is freed at the end of at76_delete_device\nfunction (using ieee80211_free_hw). But the code then accesses the udev\nfield of the freed object to put the USB device. This may also lead to a\nmemory leak of the usb device. Fix this by using udev from interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37796",
"url": "https://www.suse.com/security/cve/CVE-2025-37796"
},
{
"category": "external",
"summary": "SUSE Bug 1242727 for CVE-2025-37796",
"url": "https://bugzilla.suse.com/1242727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37796"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37799"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp\n\nvmxnet3 driver\u0027s XDP handling is buggy for packet sizes using ring0 (that\nis, packet sizes between 128 - 3k bytes).\n\nWe noticed MTU-related connectivity issues with Cilium\u0027s service load-\nbalancing in case of vmxnet3 as NIC underneath. A simple curl to a HTTP\nbackend service where the XDP LB was doing IPIP encap led to overly large\npacket sizes but only for *some* of the packets (e.g. HTTP GET request)\nwhile others (e.g. the prior TCP 3WHS) looked completely fine on the wire.\n\nIn fact, the pcap recording on the backend node actually revealed that the\nnode with the XDP LB was leaking uninitialized kernel data onto the wire\nfor the affected packets, for example, while the packets should have been\n152 bytes their actual size was 1482 bytes, so the remainder after 152 bytes\nwas padded with whatever other data was in that page at the time (e.g. we\nsaw user/payload data from prior processed packets).\n\nWe only noticed this through an MTU issue, e.g. when the XDP LB node and\nthe backend node both had the same MTU (e.g. 1500) then the curl request\ngot dropped on the backend node\u0027s NIC given the packet was too large even\nthough the IPIP-encapped packet normally would never even come close to\nthe MTU limit. Lowering the MTU on the XDP LB (e.g. 1480) allowed to let\nthe curl request succeed (which also indicates that the kernel ignored the\npadding, and thus the issue wasn\u0027t very user-visible).\n\nCommit e127ce7699c1 (\"vmxnet3: Fix missing reserved tailroom\") was too eager\nto also switch xdp_prepare_buff() from rcd-\u003elen to rbi-\u003elen. It really needs\nto stick to rcd-\u003elen which is the actual packet length from the descriptor.\nThe latter we also feed into vmxnet3_process_xdp_small(), by the way, and\nit indicates the correct length needed to initialize the xdp-\u003e{data,data_end}\nparts. For e127ce7699c1 (\"vmxnet3: Fix missing reserved tailroom\") the\nrelevant part was adapting xdp_init_buff() to address the warning given the\nxdp_data_hard_end() depends on xdp-\u003eframe_sz. With that fixed, traffic on\nthe wire looks good again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37799",
"url": "https://www.suse.com/security/cve/CVE-2025-37799"
},
{
"category": "external",
"summary": "SUSE Bug 1242283 for CVE-2025-37799",
"url": "https://bugzilla.suse.com/1242283"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37799"
},
{
"cve": "CVE-2025-37803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudmabuf: fix a buf size overflow issue during udmabuf creation\n\nby casting size_limit_mb to u64 when calculate pglimit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37803",
"url": "https://www.suse.com/security/cve/CVE-2025-37803"
},
{
"category": "external",
"summary": "SUSE Bug 1242852 for CVE-2025-37803",
"url": "https://bugzilla.suse.com/1242852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37803"
},
{
"cve": "CVE-2025-37804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37804"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37804",
"url": "https://www.suse.com/security/cve/CVE-2025-37804"
},
{
"category": "external",
"summary": "SUSE Bug 1242854 for CVE-2025-37804",
"url": "https://bugzilla.suse.com/1242854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37804"
},
{
"cve": "CVE-2025-37805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsound/virtio: Fix cancel_sync warnings on uninitialized work_structs\n\nBetty reported hitting the following warning:\n\n[ 8.709131][ T221] WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182\n...\n[ 8.713282][ T221] Call trace:\n[ 8.713365][ T221] __flush_work+0x8d0/0x914\n[ 8.713468][ T221] __cancel_work_sync+0xac/0xfc\n[ 8.713570][ T221] cancel_work_sync+0x24/0x34\n[ 8.713667][ T221] virtsnd_remove+0xa8/0xf8 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.713868][ T221] virtsnd_probe+0x48c/0x664 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.714035][ T221] virtio_dev_probe+0x28c/0x390\n[ 8.714139][ T221] really_probe+0x1bc/0x4c8\n...\n\nIt seems we\u0027re hitting the error path in virtsnd_probe(), which\ntriggers a virtsnd_remove() which iterates over the substreams\ncalling cancel_work_sync() on the elapsed_period work_struct.\n\nLooking at the code, from earlier in:\nvirtsnd_probe()-\u003evirtsnd_build_devs()-\u003evirtsnd_pcm_parse_cfg()\n\nWe set snd-\u003ensubstreams, allocate the snd-\u003esubstreams, and if\nwe then hit an error on the info allocation or something in\nvirtsnd_ctl_query_info() fails, we will exit without having\ninitialized the elapsed_period work_struct.\n\nWhen that error path unwinds we then call virtsnd_remove()\nwhich as long as the substreams array is allocated, will iterate\nthrough calling cancel_work_sync() on the uninitialized work\nstruct hitting this warning.\n\nTakashi Iwai suggested this fix, which initializes the substreams\nstructure right after allocation, so that if we hit the error\npaths we avoid trying to cleanup uninitialized data.\n\nNote: I have not yet managed to reproduce the issue myself, so\nthis patch has had limited testing.\n\nFeedback or thoughts would be appreciated!",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37805",
"url": "https://www.suse.com/security/cve/CVE-2025-37805"
},
{
"category": "external",
"summary": "SUSE Bug 1242930 for CVE-2025-37805",
"url": "https://bugzilla.suse.com/1242930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37805"
},
{
"cve": "CVE-2025-37809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Fix NULL pointer access\n\nConcurrent calls to typec_partner_unlink_device can lead to a NULL pointer\ndereference. This patch adds a mutex to protect USB device pointers and\nprevent this issue. The same mutex protects both the device pointers and\nthe partner device registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37809",
"url": "https://www.suse.com/security/cve/CVE-2025-37809"
},
{
"category": "external",
"summary": "SUSE Bug 1242856 for CVE-2025-37809",
"url": "https://bugzilla.suse.com/1242856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37809"
},
{
"cve": "CVE-2025-37810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: check that event count does not exceed event buffer length\n\nThe event count is read from register DWC3_GEVNTCOUNT.\nThere is a check for the count being zero, but not for exceeding the\nevent buffer length.\nCheck that event count does not exceed event buffer length,\navoiding an out-of-bounds access when memcpy\u0027ing the event.\nCrash log:\nUnable to handle kernel paging request at virtual address ffffffc0129be000\npc : __memcpy+0x114/0x180\nlr : dwc3_check_event_buf+0xec/0x348\nx3 : 0000000000000030 x2 : 000000000000dfc4\nx1 : ffffffc0129be000 x0 : ffffff87aad60080\nCall trace:\n__memcpy+0x114/0x180\ndwc3_interrupt+0x24/0x34",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37810",
"url": "https://www.suse.com/security/cve/CVE-2025-37810"
},
{
"category": "external",
"summary": "SUSE Bug 1242906 for CVE-2025-37810",
"url": "https://bugzilla.suse.com/1242906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37810"
},
{
"cve": "CVE-2025-37812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: Fix deadlock when using NCM gadget\n\nThe cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit\n58f2fcb3a845 (\"usb: cdnsp: Fix deadlock issue during using NCM gadget\").\n\nUnder PREEMPT_RT the deadlock can be readily triggered by heavy network\ntraffic, for example using \"iperf --bidir\" over NCM ethernet link.\n\nThe deadlock occurs because the threaded interrupt handler gets\npreempted by a softirq, but both are protected by the same spinlock.\nPrevent deadlock by disabling softirq during threaded irq handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37812",
"url": "https://www.suse.com/security/cve/CVE-2025-37812"
},
{
"category": "external",
"summary": "SUSE Bug 1242908 for CVE-2025-37812",
"url": "https://bugzilla.suse.com/1242908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37812"
},
{
"cve": "CVE-2025-37815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration\n\nResolve kernel panic while accessing IRQ handler associated with the\ngenerated IRQ. This is done by acquiring the spinlock and storing the\ncurrent interrupt state before handling the interrupt request using\ngeneric_handle_irq.\n\nA previous fix patch was submitted where \u0027generic_handle_irq\u0027 was\nreplaced with \u0027handle_nested_irq\u0027. However, this change also causes\nthe kernel panic where after determining which GPIO triggered the\ninterrupt and attempting to call handle_nested_irq with the mapped\nIRQ number, leads to a failure in locating the registered handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37815",
"url": "https://www.suse.com/security/cve/CVE-2025-37815"
},
{
"category": "external",
"summary": "SUSE Bug 1242871 for CVE-2025-37815",
"url": "https://bugzilla.suse.com/1242871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37815"
},
{
"cve": "CVE-2025-37819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()\n\nWith ACPI in place, gicv2m_get_fwnode() is registered with the pci\nsubsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime\nduring a PCI host bridge probe. But, the call back is wrongly marked as\n__init, causing it to be freed, while being registered with the PCI\nsubsystem and could trigger:\n\n Unable to handle kernel paging request at virtual address ffff8000816c0400\n gicv2m_get_fwnode+0x0/0x58 (P)\n pci_set_bus_msi_domain+0x74/0x88\n pci_register_host_bridge+0x194/0x548\n\nThis is easily reproducible on a Juno board with ACPI boot.\n\nRetain the function for later use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37819",
"url": "https://www.suse.com/security/cve/CVE-2025-37819"
},
{
"category": "external",
"summary": "SUSE Bug 1242873 for CVE-2025-37819",
"url": "https://bugzilla.suse.com/1242873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37819"
},
{
"cve": "CVE-2025-37820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen-netfront: handle NULL returned by xdp_convert_buff_to_frame()\n\nThe function xdp_convert_buff_to_frame() may return NULL if it fails\nto correctly convert the XDP buffer into an XDP frame due to memory\nconstraints, internal errors, or invalid data. Failing to check for NULL\nmay lead to a NULL pointer dereference if the result is used later in\nprocessing, potentially causing crashes, data corruption, or undefined\nbehavior.\n\nOn XDP redirect failure, the associated page must be released explicitly\nif it was previously retained via get_page(). Failing to do so may result\nin a memory leak, as the pages reference count is not decremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37820",
"url": "https://www.suse.com/security/cve/CVE-2025-37820"
},
{
"category": "external",
"summary": "SUSE Bug 1242866 for CVE-2025-37820",
"url": "https://bugzilla.suse.com/1242866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37820"
},
{
"cve": "CVE-2025-37823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don\u0027t have a reliable reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37823",
"url": "https://www.suse.com/security/cve/CVE-2025-37823"
},
{
"category": "external",
"summary": "SUSE Bug 1242924 for CVE-2025-37823",
"url": "https://bugzilla.suse.com/1242924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37823"
},
{
"cve": "CVE-2025-37824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix NULL pointer dereference in tipc_mon_reinit_self()\n\nsyzbot reported:\n\ntipc: Node number set to 1055423674\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 3 UID: 0 PID: 6017 Comm: kworker/3:5 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: events tipc_net_finalize_work\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tipc_net_finalize+0x10b/0x180 net/tipc/net.c:140\n process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238\n process_scheduled_works kernel/workqueue.c:3319 [inline]\n worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400\n kthread+0x3c2/0x780 kernel/kthread.c:464\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n...\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\nThere is a racing condition between workqueue created when enabling\nbearer and another thread created when disabling bearer right after\nthat as follow:\n\nenabling_bearer | disabling_bearer\n--------------- | ----------------\ntipc_disc_timeout() |\n{ | bearer_disable()\n ... | {\n schedule_work(\u0026tn-\u003ework); | tipc_mon_delete()\n ... | {\n} | ...\n | write_lock_bh(\u0026mon-\u003elock);\n | mon-\u003eself = NULL;\n | write_unlock_bh(\u0026mon-\u003elock);\n | ...\n | }\ntipc_net_finalize_work() | }\n{ |\n ... |\n tipc_net_finalize() |\n { |\n ... |\n tipc_mon_reinit_self() |\n { |\n ... |\n write_lock_bh(\u0026mon-\u003elock); |\n mon-\u003eself-\u003eaddr = tipc_own_addr(net); |\n write_unlock_bh(\u0026mon-\u003elock); |\n ... \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37824",
"url": "https://www.suse.com/security/cve/CVE-2025-37824"
},
{
"category": "external",
"summary": "SUSE Bug 1242867 for CVE-2025-37824",
"url": "https://bugzilla.suse.com/1242867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37824"
},
{
"cve": "CVE-2025-37829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scpi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37829",
"url": "https://www.suse.com/security/cve/CVE-2025-37829"
},
{
"category": "external",
"summary": "SUSE Bug 1242875 for CVE-2025-37829",
"url": "https://bugzilla.suse.com/1242875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37829"
},
{
"cve": "CVE-2025-37830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scmi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.\n\nAdd NULL check after cpufreq_cpu_get_raw() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37830",
"url": "https://www.suse.com/security/cve/CVE-2025-37830"
},
{
"category": "external",
"summary": "SUSE Bug 1242860 for CVE-2025-37830",
"url": "https://bugzilla.suse.com/1242860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37830"
},
{
"cve": "CVE-2025-37831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. apple_soc_cpufreq_get_rate() does not check\nfor this case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37831",
"url": "https://www.suse.com/security/cve/CVE-2025-37831"
},
{
"category": "external",
"summary": "SUSE Bug 1242861 for CVE-2025-37831",
"url": "https://bugzilla.suse.com/1242861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37831"
},
{
"cve": "CVE-2025-37833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads\n\nFix niu_try_msix() to not cause a fatal trap on sparc systems.\n\nSet PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to\nwork around a bug in the hardware or firmware.\n\nFor each vector entry in the msix table, niu chips will cause a fatal\ntrap if any registers in that entry are read before that entries\u0027\nENTRY_DATA register is written to. Testing indicates writes to other\nregisters are not sufficient to prevent the fatal trap, however the value\ndoes not appear to matter. This only needs to happen once after power up,\nso simply rebooting into a kernel lacking this fix will NOT cause the\ntrap.\n\nNON-RESUMABLE ERROR: Reporting on cpu 64\nNON-RESUMABLE ERROR: TPC [0x00000000005f6900] \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\nNON-RESUMABLE ERROR: RAW [4010000000000016:00000e37f93e32ff:0000000202000080:ffffffffffffffff\nNON-RESUMABLE ERROR: 0000000800000000:0000000000000000:0000000000000000:0000000000000000]\nNON-RESUMABLE ERROR: handle [0x4010000000000016] stick [0x00000e37f93e32ff]\nNON-RESUMABLE ERROR: type [precise nonresumable]\nNON-RESUMABLE ERROR: attrs [0x02000080] \u003c ASI sp-faulted priv \u003e\nNON-RESUMABLE ERROR: raddr [0xffffffffffffffff]\nNON-RESUMABLE ERROR: insn effective address [0x000000c50020000c]\nNON-RESUMABLE ERROR: size [0x8]\nNON-RESUMABLE ERROR: asi [0x00]\nCPU: 64 UID: 0 PID: 745 Comm: kworker/64:1 Not tainted 6.11.5 #63\nWorkqueue: events work_for_cpu_fn\nTSTATE: 0000000011001602 TPC: 00000000005f6900 TNPC: 00000000005f6904 Y: 00000000 Not tainted\nTPC: \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\ng0: 00000000000002e9 g1: 000000000000000c g2: 000000c50020000c g3: 0000000000000100\ng4: ffff8000470307c0 g5: ffff800fec5be000 g6: ffff800047a08000 g7: 0000000000000000\no0: ffff800014feb000 o1: ffff800047a0b620 o2: 0000000000000011 o3: ffff800047a0b620\no4: 0000000000000080 o5: 0000000000000011 sp: ffff800047a0ad51 ret_pc: 00000000005f7128\nRPC: \u003c__pci_enable_msix_range+0x3cc/0x460\u003e\nl0: 000000000000000d l1: 000000000000c01f l2: ffff800014feb0a8 l3: 0000000000000020\nl4: 000000000000c000 l5: 0000000000000001 l6: 0000000020000000 l7: ffff800047a0b734\ni0: ffff800014feb000 i1: ffff800047a0b730 i2: 0000000000000001 i3: 000000000000000d\ni4: 0000000000000000 i5: 0000000000000000 i6: ffff800047a0ae81 i7: 00000000101888b0\nI7: \u003cniu_try_msix.constprop.0+0xc0/0x130 [niu]\u003e\nCall Trace:\n[\u003c00000000101888b0\u003e] niu_try_msix.constprop.0+0xc0/0x130 [niu]\n[\u003c000000001018f840\u003e] niu_get_invariants+0x183c/0x207c [niu]\n[\u003c00000000101902fc\u003e] niu_pci_init_one+0x27c/0x2fc [niu]\n[\u003c00000000005ef3e4\u003e] local_pci_probe+0x28/0x74\n[\u003c0000000000469240\u003e] work_for_cpu_fn+0x8/0x1c\n[\u003c000000000046b008\u003e] process_scheduled_works+0x144/0x210\n[\u003c000000000046b518\u003e] worker_thread+0x13c/0x1c0\n[\u003c00000000004710e0\u003e] kthread+0xb8/0xc8\n[\u003c00000000004060c8\u003e] ret_from_fork+0x1c/0x2c\n[\u003c0000000000000000\u003e] 0x0\nKernel panic - not syncing: Non-resumable error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37833",
"url": "https://www.suse.com/security/cve/CVE-2025-37833"
},
{
"category": "external",
"summary": "SUSE Bug 1242868 for CVE-2025-37833",
"url": "https://bugzilla.suse.com/1242868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37833"
},
{
"cve": "CVE-2025-37836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix reference leak in pci_register_host_bridge()\n\nIf device_register() fails, call put_device() to give up the reference to\navoid a memory leak, per the comment at device_register().\n\nFound by code review.\n\n[bhelgaas: squash Dan Carpenter\u0027s double free fix from\nhttps://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37836",
"url": "https://www.suse.com/security/cve/CVE-2025-37836"
},
{
"category": "external",
"summary": "SUSE Bug 1242957 for CVE-2025-37836",
"url": "https://bugzilla.suse.com/1242957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37836"
},
{
"cve": "CVE-2025-37839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb-\u003es_sequence check\n\nJournal emptiness is not determined by sb-\u003es_sequence == 0 but rather by\nsb-\u003es_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37839",
"url": "https://www.suse.com/security/cve/CVE-2025-37839"
},
{
"category": "external",
"summary": "SUSE Bug 1242990 for CVE-2025-37839",
"url": "https://bugzilla.suse.com/1242990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37839"
},
{
"cve": "CVE-2025-37840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: fix PM resume warning\n\nFixed warning on PM resume as shown below caused due to uninitialized\nstruct nand_operation that checks chip select field :\nWARN_ON(op-\u003ecs \u003e= nanddev_ntargets(\u0026chip-\u003ebase)\n\n[ 14.588522] ------------[ cut here ]------------\n[ 14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8\n[ 14.588553] Modules linked in: bdc udc_core\n[ 14.588579] CPU: 0 UID: 0 PID: 1392 Comm: rtcwake Tainted: G W 6.14.0-rc4-g5394eea10651 #16\n[ 14.588590] Tainted: [W]=WARN\n[ 14.588593] Hardware name: Broadcom STB (Flattened Device Tree)\n[ 14.588598] Call trace:\n[ 14.588604] dump_backtrace from show_stack+0x18/0x1c\n[ 14.588622] r7:00000009 r6:0000008b r5:60000153 r4:c0fa558c\n[ 14.588625] show_stack from dump_stack_lvl+0x70/0x7c\n[ 14.588639] dump_stack_lvl from dump_stack+0x18/0x1c\n[ 14.588653] r5:c08d40b0 r4:c1003cb0\n[ 14.588656] dump_stack from __warn+0x84/0xe4\n[ 14.588668] __warn from warn_slowpath_fmt+0x18c/0x194\n[ 14.588678] r7:c08d40b0 r6:c1003cb0 r5:00000000 r4:00000000\n[ 14.588681] warn_slowpath_fmt from nand_reset_op+0x1e0/0x1f8\n[ 14.588695] r8:70c40dff r7:89705f41 r6:36b4a597 r5:c26c9444 r4:c26b0048\n[ 14.588697] nand_reset_op from brcmnand_resume+0x13c/0x150\n[ 14.588714] r9:00000000 r8:00000000 r7:c24f8010 r6:c228a3f8 r5:c26c94bc r4:c26b0040\n[ 14.588717] brcmnand_resume from platform_pm_resume+0x34/0x54\n[ 14.588735] r5:00000010 r4:c0840a50\n[ 14.588738] platform_pm_resume from dpm_run_callback+0x5c/0x14c\n[ 14.588757] dpm_run_callback from device_resume+0xc0/0x324\n[ 14.588776] r9:c24f8054 r8:c24f80a0 r7:00000000 r6:00000000 r5:00000010 r4:c24f8010\n[ 14.588779] device_resume from dpm_resume+0x130/0x160\n[ 14.588799] r9:c22539e4 r8:00000010 r7:c22bebb0 r6:c24f8010 r5:c22539dc r4:c22539b0\n[ 14.588802] dpm_resume from dpm_resume_end+0x14/0x20\n[ 14.588822] r10:c2204e40 r9:00000000 r8:c228a3fc r7:00000000 r6:00000003 r5:c228a414\n[ 14.588826] r4:00000010\n[ 14.588828] dpm_resume_end from suspend_devices_and_enter+0x274/0x6f8\n[ 14.588848] r5:c228a414 r4:00000000\n[ 14.588851] suspend_devices_and_enter from pm_suspend+0x228/0x2bc\n[ 14.588868] r10:c3502910 r9:c3501f40 r8:00000004 r7:c228a438 r6:c0f95e18 r5:00000000\n[ 14.588871] r4:00000003\n[ 14.588874] pm_suspend from state_store+0x74/0xd0\n[ 14.588889] r7:c228a438 r6:c0f934c8 r5:00000003 r4:00000003\n[ 14.588892] state_store from kobj_attr_store+0x1c/0x28\n[ 14.588913] r9:00000000 r8:00000000 r7:f09f9f08 r6:00000004 r5:c3502900 r4:c0283250\n[ 14.588916] kobj_attr_store from sysfs_kf_write+0x40/0x4c\n[ 14.588936] r5:c3502900 r4:c0d92a48\n[ 14.588939] sysfs_kf_write from kernfs_fop_write_iter+0x104/0x1f0\n[ 14.588956] r5:c3502900 r4:c3501f40\n[ 14.588960] kernfs_fop_write_iter from vfs_write+0x250/0x420\n[ 14.588980] r10:c0e14b48 r9:00000000 r8:c25f5780 r7:00443398 r6:f09f9f68 r5:c34f7f00\n[ 14.588983] r4:c042a88c\n[ 14.588987] vfs_write from ksys_write+0x74/0xe4\n[ 14.589005] r10:00000004 r9:c25f5780 r8:c02002fA0 r7:00000000 r6:00000000 r5:c34f7f00\n[ 14.589008] r4:c34f7f00\n[ 14.589011] ksys_write from sys_write+0x10/0x14\n[ 14.589029] r7:00000004 r6:004421c0 r5:00443398 r4:00000004\n[ 14.589032] sys_write from ret_fast_syscall+0x0/0x5c\n[ 14.589044] Exception stack(0xf09f9fa8 to 0xf09f9ff0)\n[ 14.589050] 9fa0: 00000004 00443398 00000004 00443398 00000004 00000001\n[ 14.589056] 9fc0: 00000004 00443398 004421c0 00000004 b6ecbd58 00000008 bebfbc38 0043eb78\n[ 14.589062] 9fe0: 00440eb0 bebfbaf8 b6de18a0 b6e579e8\n[ 14.589065] ---[ end trace 0000000000000000 ]---\n\nThe fix uses the higher level nand_reset(chip, chipnr); where chipnr = 0, when\ndoing PM resume operation in compliance with the controller support for single\ndie nand chip. Switching from nand_reset_op() to nan\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37840",
"url": "https://www.suse.com/security/cve/CVE-2025-37840"
},
{
"category": "external",
"summary": "SUSE Bug 1242953 for CVE-2025-37840",
"url": "https://bugzilla.suse.com/1242953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37840"
},
{
"cve": "CVE-2025-37841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npm: cpupower: bench: Prevent NULL dereference on malloc failure\n\nIf malloc returns NULL due to low memory, \u0027config\u0027 pointer can be NULL.\nAdd a check to prevent NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37841",
"url": "https://www.suse.com/security/cve/CVE-2025-37841"
},
{
"category": "external",
"summary": "SUSE Bug 1242974 for CVE-2025-37841",
"url": "https://bugzilla.suse.com/1242974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37841"
},
{
"cve": "CVE-2025-37842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fsl-qspi: use devm function instead of driver remove\n\nDriver use devm APIs to manage clk/irq/resources and register the spi\ncontroller, but the legacy remove function will be called first during\ndevice detach and trigger kernel panic. Drop the remove function and use\ndevm_add_action_or_reset() for driver cleanup to ensure the release\nsequence.\n\nTrigger kernel panic on i.MX8MQ by\necho 30bb0000.spi \u003e/sys/bus/platform/drivers/fsl-quadspi/unbind",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37842",
"url": "https://www.suse.com/security/cve/CVE-2025-37842"
},
{
"category": "external",
"summary": "SUSE Bug 1242951 for CVE-2025-37842",
"url": "https://bugzilla.suse.com/1242951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37842"
},
{
"cve": "CVE-2025-37849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Tear down vGIC on failed vCPU creation\n\nIf kvm_arch_vcpu_create() fails to share the vCPU page with the\nhypervisor, we propagate the error back to the ioctl but leave the\nvGIC vCPU data initialised. Note only does this leak the corresponding\nmemory when the vCPU is destroyed but it can also lead to use-after-free\nif the redistributor device handling tries to walk into the vCPU.\n\nAdd the missing cleanup to kvm_arch_vcpu_create(), ensuring that the\nvGIC vCPU structures are destroyed on error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37849",
"url": "https://www.suse.com/security/cve/CVE-2025-37849"
},
{
"category": "external",
"summary": "SUSE Bug 1243000 for CVE-2025-37849",
"url": "https://bugzilla.suse.com/1243000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37849"
},
{
"cve": "CVE-2025-37850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()\n\nWith CONFIG_COMPILE_TEST \u0026\u0026 !CONFIG_HAVE_CLK, pwm_mediatek_config() has a\ndivide-by-zero in the following line:\n\n\tdo_div(resolution, clk_get_rate(pc-\u003eclk_pwms[pwm-\u003ehwpwm]));\n\ndue to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate()\nreturns zero.\n\nThis is presumably just a theoretical problem: COMPILE_TEST overrides\nthe dependency on RALINK which would select COMMON_CLK. Regardless it\u0027s\na good idea to check for the error explicitly to avoid divide-by-zero.\n\nFixes the following warning:\n\n drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section\n\n[ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37850",
"url": "https://www.suse.com/security/cve/CVE-2025-37850"
},
{
"category": "external",
"summary": "SUSE Bug 1242955 for CVE-2025-37850",
"url": "https://bugzilla.suse.com/1242955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37850"
},
{
"cve": "CVE-2025-37851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: Add \u0027plane\u0027 value check\n\nFunction dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB\nof the enum parameter plane.\n\nThe value of this parameter is initialized in dss_init_overlays and in the\ncurrent state of the code it cannot take this value so it\u0027s not a real\nproblem.\n\nFor the purposes of defensive coding it wouldn\u0027t be superfluous to check\nthe parameter value, because some functions down the call stack process\nthis value correctly and some not.\n\nFor example, in dispc_ovl_setup_global_alpha it may lead to buffer\noverflow.\n\nAdd check for this value.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37851",
"url": "https://www.suse.com/security/cve/CVE-2025-37851"
},
{
"category": "external",
"summary": "SUSE Bug 1242977 for CVE-2025-37851",
"url": "https://bugzilla.suse.com/1242977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37851"
},
{
"cve": "CVE-2025-37852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create()\n\nAdd error handling to propagate amdgpu_cgs_create_device() failures\nto the caller. When amdgpu_cgs_create_device() fails, release hwmgr\nand return -ENOMEM to prevent null pointer dereference.\n\n[v1]-\u003e[v2]: Change error code from -EINVAL to -ENOMEM. Free hwmgr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37852",
"url": "https://www.suse.com/security/cve/CVE-2025-37852"
},
{
"category": "external",
"summary": "SUSE Bug 1243074 for CVE-2025-37852",
"url": "https://bugzilla.suse.com/1243074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37852"
},
{
"cve": "CVE-2025-37853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: debugfs hang_hws skip GPU with MES\n\ndebugfs hang_hws is used by GPU reset test with HWS, for MES this crash\nthe kernel with NULL pointer access because dqm-\u003epacket_mgr is not setup\nfor MES path.\n\nSkip GPU with MES for now, MES hang_hws debugfs interface will be\nsupported later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37853",
"url": "https://www.suse.com/security/cve/CVE-2025-37853"
},
{
"category": "external",
"summary": "SUSE Bug 1243076 for CVE-2025-37853",
"url": "https://bugzilla.suse.com/1243076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37853"
},
{
"cve": "CVE-2025-37854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix mode1 reset crash issue\n\nIf HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal\nuser space to abort the processes. After process abort exit, user queues\nstill use the GPU to access system memory before h/w is reset while KFD\ncleanup worker free system memory and free VRAM.\n\nThere is use-after-free race bug that KFD allocate and reuse the freed\nsystem memory, and user queue write to the same system memory to corrupt\nthe data structure and cause driver crash.\n\nTo fix this race, KFD cleanup worker terminate user queues, then flush\nreset_domain wq to wait for any GPU ongoing reset complete, and then\nfree outstanding BOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37854",
"url": "https://www.suse.com/security/cve/CVE-2025-37854"
},
{
"category": "external",
"summary": "SUSE Bug 1243082 for CVE-2025-37854",
"url": "https://bugzilla.suse.com/1243082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37854"
},
{
"cve": "CVE-2025-37858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Prevent integer overflow in AG size calculation\n\nThe JFS filesystem calculates allocation group (AG) size using 1 \u003c\u003c\nl2agsize in dbExtendFS(). When l2agsize exceeds 31 (possible with \u003e2TB\naggregates on 32-bit systems), this 32-bit shift operation causes undefined\nbehavior and improper AG sizing.\n\nOn 32-bit architectures:\n- Left-shifting 1 by 32+ bits results in 0 due to integer overflow\n- This creates invalid AG sizes (0 or garbage values) in\nsbi-\u003ebmap-\u003edb_agsize\n- Subsequent block allocations would reference invalid AG structures\n- Could lead to:\n - Filesystem corruption during extend operations\n - Kernel crashes due to invalid memory accesses\n - Security vulnerabilities via malformed on-disk structures\n\nFix by casting to s64 before shifting:\nbmp-\u003edb_agsize = (s64)1 \u003c\u003c l2agsize;\n\nThis ensures 64-bit arithmetic even on 32-bit architectures. The cast\nmatches the data type of db_agsize (s64) and follows similar patterns in\nJFS block calculation code.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37858",
"url": "https://www.suse.com/security/cve/CVE-2025-37858"
},
{
"category": "external",
"summary": "SUSE Bug 1243049 for CVE-2025-37858",
"url": "https://bugzilla.suse.com/1243049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37858"
},
{
"cve": "CVE-2025-37860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37860"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsfc: fix NULL dereferences in ef100_process_design_param()\n\nSince cited commit, ef100_probe_main() and hence also\n ef100_check_design_params() run before efx-\u003enet_dev is created;\n consequently, we cannot netif_set_tso_max_size() or _segs() at this\n point.\nMove those netif calls to ef100_probe_netdev(), and also replace\n netif_err within the design params code with pci_err.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37860",
"url": "https://www.suse.com/security/cve/CVE-2025-37860"
},
{
"category": "external",
"summary": "SUSE Bug 1241452 for CVE-2025-37860",
"url": "https://bugzilla.suse.com/1241452"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37860"
},
{
"cve": "CVE-2025-37867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Silence oversized kvmalloc() warning\n\nsyzkaller triggered an oversized kvmalloc() warning.\nSilence it by adding __GFP_NOWARN.\n\nsyzkaller log:\n WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node_noprof+0x175/0x180\n CPU: 7 UID: 0 PID: 518 Comm: c_repro Not tainted 6.11.0-rc6+ #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__kvmalloc_node_noprof+0x175/0x180\n RSP: 0018:ffffc90001e67c10 EFLAGS: 00010246\n RAX: 0000000000000100 RBX: 0000000000000400 RCX: ffffffff8149d46b\n RDX: 0000000000000000 RSI: ffff8881030fae80 RDI: 0000000000000002\n RBP: 000000712c800000 R08: 0000000000000100 R09: 0000000000000000\n R10: ffffc90001e67c10 R11: 0030ae0601000000 R12: 0000000000000000\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000\n FS: 00007fde79159740(0000) GS:ffff88813bdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000180 CR3: 0000000105eb4005 CR4: 00000000003706b0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ib_umem_odp_get+0x1f6/0x390\n mlx5_ib_reg_user_mr+0x1e8/0x450\n ib_uverbs_reg_mr+0x28b/0x440\n ib_uverbs_write+0x7d3/0xa30\n vfs_write+0x1ac/0x6c0\n ksys_write+0x134/0x170\n ? __sanitizer_cov_trace_pc+0x1c/0x50\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37867",
"url": "https://www.suse.com/security/cve/CVE-2025-37867"
},
{
"category": "external",
"summary": "SUSE Bug 1242948 for CVE-2025-37867",
"url": "https://bugzilla.suse.com/1242948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37867"
},
{
"cve": "CVE-2025-37870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: prevent hang on link training fail\n\n[Why]\nWhen link training fails, the phy clock will be disabled. However, in\nenable_streams, it is assumed that link training succeeded and the\nmux selects the phy clock, causing a hang when a register write is made.\n\n[How]\nWhen enable_stream is hit, check if link training failed. If it did, fall\nback to the ref clock to avoid a hang and keep the system in a recoverable\nstate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37870",
"url": "https://www.suse.com/security/cve/CVE-2025-37870"
},
{
"category": "external",
"summary": "SUSE Bug 1243056 for CVE-2025-37870",
"url": "https://bugzilla.suse.com/1243056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37870"
},
{
"cve": "CVE-2025-37871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: decrease sc_count directly if fail to queue dl_recall\n\nA deadlock warning occurred when invoking nfs4_put_stid following a failed\ndl_recall queue operation:\n T1 T2\n nfs4_laundromat\n nfs4_get_client_reaplist\n nfs4_anylock_blockers\n__break_lease\n spin_lock // ctx-\u003eflc_lock\n spin_lock // clp-\u003ecl_lock\n nfs4_lockowner_has_blockers\n locks_owner_has_blockers\n spin_lock // flctx-\u003eflc_lock\n nfsd_break_deleg_cb\n nfsd_break_one_deleg\n nfs4_put_stid\n refcount_dec_and_lock\n spin_lock // clp-\u003ecl_lock\n\nWhen a file is opened, an nfs4_delegation is allocated with sc_count\ninitialized to 1, and the file_lease holds a reference to the delegation.\nThe file_lease is then associated with the file through kernel_setlease.\n\nThe disassociation is performed in nfsd4_delegreturn via the following\ncall chain:\nnfsd4_delegreturn --\u003e destroy_delegation --\u003e destroy_unhashed_deleg --\u003e\nnfs4_unlock_deleg_lease --\u003e kernel_setlease --\u003e generic_delete_lease\nThe corresponding sc_count reference will be released after this\ndisassociation.\n\nSince nfsd_break_one_deleg executes while holding the flc_lock, the\ndisassociation process becomes blocked when attempting to acquire flc_lock\nin generic_delete_lease. This means:\n1) sc_count in nfsd_break_one_deleg will not be decremented to 0;\n2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to\nacquire cl_lock;\n3) Consequently, no deadlock condition is created.\n\nGiven that sc_count in nfsd_break_one_deleg remains non-zero, we can\nsafely perform refcount_dec on sc_count directly. This approach\neffectively avoids triggering deadlock warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37871",
"url": "https://www.suse.com/security/cve/CVE-2025-37871"
},
{
"category": "external",
"summary": "SUSE Bug 1242949 for CVE-2025-37871",
"url": "https://bugzilla.suse.com/1242949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37871"
},
{
"cve": "CVE-2025-37873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix missing ring index trim on error path\n\nCommit under Fixes converted tx_prod to be free running but missed\nmasking it on the Tx error path. This crashes on error conditions,\nfor example when DMA mapping fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37873",
"url": "https://www.suse.com/security/cve/CVE-2025-37873"
},
{
"category": "external",
"summary": "SUSE Bug 1242961 for CVE-2025-37873",
"url": "https://bugzilla.suse.com/1242961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37873"
},
{
"cve": "CVE-2025-37875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix PTM cycle trigger logic\n\nWriting to clear the PTM status \u0027valid\u0027 bit while the PTM cycle is\ntriggered results in unreliable PTM operation. To fix this, clear the\nPTM \u0027trigger\u0027 and status after each PTM transaction.\n\nThe issue can be reproduced with the following:\n\n$ sudo phc2sys -R 1000 -O 0 -i tsn0 -m\n\nNote: 1000 Hz (-R 1000) is unrealistically large, but provides a way to\nquickly reproduce the issue.\n\nPHC2SYS exits with:\n\n\"ioctl PTP_OFFSET_PRECISE: Connection timed out\" when the PTM transaction\n fails\n\nThis patch also fixes a hang in igc_probe() when loading the igc\ndriver in the kdump kernel on systems supporting PTM.\n\nThe igc driver running in the base kernel enables PTM trigger in\nigc_probe(). Therefore the driver is always in PTM trigger mode,\nexcept in brief periods when manually triggering a PTM cycle.\n\nWhen a crash occurs, the NIC is reset while PTM trigger is enabled.\nDue to a hardware problem, the NIC is subsequently in a bad busmaster\nstate and doesn\u0027t handle register reads/writes. When running\nigc_probe() in the kdump kernel, the first register access to a NIC\nregister hangs driver probing and ultimately breaks kdump.\n\nWith this patch, igc has PTM trigger disabled most of the time,\nand the trigger is only enabled for very brief (10 - 100 us) periods\nwhen manually triggering a PTM cycle. Chances that a crash occurs\nduring a PTM trigger are not 0, but extremely reduced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37875",
"url": "https://www.suse.com/security/cve/CVE-2025-37875"
},
{
"category": "external",
"summary": "SUSE Bug 1242959 for CVE-2025-37875",
"url": "https://bugzilla.suse.com/1242959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37875"
},
{
"cve": "CVE-2025-37879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37879"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/net: fix improper handling of bogus negative read/write replies\n\nIn p9_client_write() and p9_client_read_once(), if the server\nincorrectly replies with success but a negative write/read count then we\nwould consider written (negative) \u003c= rsize (positive) because both\nvariables were signed.\n\nMake variables unsigned to avoid this problem.\n\nThe reproducer linked below now fails with the following error instead\nof a null pointer deref:\n9pnet: bogus RWRITE count (4294967295 \u003e 3)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37879",
"url": "https://www.suse.com/security/cve/CVE-2025-37879"
},
{
"category": "external",
"summary": "SUSE Bug 1243077 for CVE-2025-37879",
"url": "https://bugzilla.suse.com/1243077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37879"
},
{
"cve": "CVE-2025-37881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()\n\nThe variable d-\u003ename, returned by devm_kasprintf(), could be NULL.\nA pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37881",
"url": "https://www.suse.com/security/cve/CVE-2025-37881"
},
{
"category": "external",
"summary": "SUSE Bug 1242973 for CVE-2025-37881",
"url": "https://bugzilla.suse.com/1242973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37881"
},
{
"cve": "CVE-2025-37886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: make wait_context part of q_info\n\nMake the wait_context a full part of the q_info struct rather\nthan a stack variable that goes away after pdsc_adminq_post()\nis done so that the context is still available after the wait\nloop has given up.\n\nThere was a case where a slow development firmware caused\nthe adminq request to time out, but then later the FW finally\nfinished the request and sent the interrupt. The handler tried\nto complete_all() the completion context that had been created\non the stack in pdsc_adminq_post() but no longer existed.\nThis caused bad pointer usage, kernel crashes, and much wailing\nand gnashing of teeth.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37886",
"url": "https://www.suse.com/security/cve/CVE-2025-37886"
},
{
"category": "external",
"summary": "SUSE Bug 1242944 for CVE-2025-37886",
"url": "https://bugzilla.suse.com/1242944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37886"
},
{
"cve": "CVE-2025-37887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result\n\nIf the FW doesn\u0027t support the PDS_CORE_CMD_FW_CONTROL command\nthe driver might at the least print garbage and at the worst\ncrash when the user runs the \"devlink dev info\" devlink command.\n\nThis happens because the stack variable fw_list is not 0\ninitialized which results in fw_list.num_fw_slots being a\ngarbage value from the stack. Then the driver tries to access\nfw_list.fw_names[i] with i \u003e= ARRAY_SIZE and runs off the end\nof the array.\n\nFix this by initializing the fw_list and by not failing\ncompletely if the devcmd fails because other useful information\nis printed via devlink dev info even if the devcmd fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37887",
"url": "https://www.suse.com/security/cve/CVE-2025-37887"
},
{
"category": "external",
"summary": "SUSE Bug 1242962 for CVE-2025-37887",
"url": "https://bugzilla.suse.com/1242962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37887"
},
{
"cve": "CVE-2025-37889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Consistently treat platform_max as control value\n\nThis reverts commit 9bdd10d57a88 (\"ASoC: ops: Shift tested values in\nsnd_soc_put_volsw() by +min\"), and makes some additional related\nupdates.\n\nThere are two ways the platform_max could be interpreted; the maximum\nregister value, or the maximum value the control can be set to. The\npatch moved from treating the value as a control value to a register\none. When the patch was applied it was technically correct as\nsnd_soc_limit_volume() also used the register interpretation. However,\neven then most of the other usages treated platform_max as a\ncontrol value, and snd_soc_limit_volume() has since been updated to\nalso do so in commit fb9ad24485087 (\"ASoC: ops: add correct range\ncheck for limiting volume\"). That patch however, missed updating\nsnd_soc_put_volsw() back to the control interpretation, and fixing\nsnd_soc_info_volsw_range(). The control interpretation makes more\nsense as limiting is typically done from the machine driver, so it is\nappropriate to use the customer facing representation rather than the\ninternal codec representation. Update all the code to consistently use\nthis interpretation of platform_max.\n\nFinally, also add some comments to the soc_mixer_control struct to\nhopefully avoid further patches switching between the two approaches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37889",
"url": "https://www.suse.com/security/cve/CVE-2025-37889"
},
{
"category": "external",
"summary": "SUSE Bug 1242945 for CVE-2025-37889",
"url": "https://bugzilla.suse.com/1242945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37889"
},
{
"cve": "CVE-2025-37890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], we have a UAF case when an hfsc class\nhas a netem child qdisc. The crux of the issue is that hfsc is assuming\nthat checking for cl-\u003eqdisc-\u003eq.qlen == 0 guarantees that it hasn\u0027t inserted\nthe class in the vttree or eltree (which is not true for the netem\nduplicate case).\n\nThis patch checks the n_active class variable to make sure that the code\nwon\u0027t insert the class in the vttree or eltree twice, catering for the\nreentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37890",
"url": "https://www.suse.com/security/cve/CVE-2025-37890"
},
{
"category": "external",
"summary": "SUSE Bug 1243330 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "external",
"summary": "SUSE Bug 1245791 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1245791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-37891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ump: Fix buffer overflow at UMP SysEx message conversion\n\nThe conversion function from MIDI 1.0 to UMP packet contains an\ninternal buffer to keep the incoming MIDI bytes, and its size is 4, as\nit was supposed to be the max size for a MIDI1 UMP packet data.\nHowever, the implementation overlooked that SysEx is handled in a\ndifferent format, and it can be up to 6 bytes, as found in\ndo_convert_to_ump(). It leads eventually to a buffer overflow, and\nmay corrupt the memory when a longer SysEx message is received.\n\nThe fix is simply to extend the buffer size to 6 to fit with the SysEx\nUMP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37891",
"url": "https://www.suse.com/security/cve/CVE-2025-37891"
},
{
"category": "external",
"summary": "SUSE Bug 1243589 for CVE-2025-37891",
"url": "https://bugzilla.suse.com/1243589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37891"
},
{
"cve": "CVE-2025-37892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: inftlcore: Add error check for inftl_read_oob()\n\nIn INFTL_findwriteunit(), the return value of inftl_read_oob()\nneed to be checked. A proper implementation can be\nfound in INFTL_deleteblock(). The status will be set as\nSECTOR_IGNORE to break from the while-loop correctly\nif the inftl_read_oob() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37892",
"url": "https://www.suse.com/security/cve/CVE-2025-37892"
},
{
"category": "external",
"summary": "SUSE Bug 1243536 for CVE-2025-37892",
"url": "https://bugzilla.suse.com/1243536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37892"
},
{
"cve": "CVE-2025-37897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37897"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: plfxlc: Remove erroneous assert in plfxlc_mac_release\n\nplfxlc_mac_release() asserts that mac-\u003elock is held. This assertion is\nincorrect, because even if it was possible, it would not be the valid\nbehaviour. The function is used when probe fails or after the device is\ndisconnected. In both cases mac-\u003elock can not be held as the driver is\nnot working with the device at the moment. All functions that use mac-\u003elock\nunlock it just after it was held. There is also no need to hold mac-\u003elock\nfor plfxlc_mac_release() itself, as mac data is not affected, except for\nmac-\u003eflags, which is modified atomically.\n\nThis bug leads to the following warning:\n================================================================\nWARNING: CPU: 0 PID: 127 at drivers/net/wireless/purelifi/plfxlc/mac.c:106 plfxlc_mac_release+0x7d/0xa0\nModules linked in:\nCPU: 0 PID: 127 Comm: kworker/0:2 Not tainted 6.1.124-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:plfxlc_mac_release+0x7d/0xa0 drivers/net/wireless/purelifi/plfxlc/mac.c:106\nCall Trace:\n \u003cTASK\u003e\n probe+0x941/0xbd0 drivers/net/wireless/purelifi/plfxlc/usb.c:694\n usb_probe_interface+0x5c0/0xaf0 drivers/usb/core/driver.c:396\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_set_configuration+0x19dd/0x2020 drivers/usb/core/message.c:2165\n usb_generic_driver_probe+0x84/0x140 drivers/usb/core/generic.c:238\n usb_probe_device+0x130/0x260 drivers/usb/core/driver.c:293\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_new_device+0xbdd/0x18f0 drivers/usb/core/hub.c:2620\n hub_port_connect drivers/usb/core/hub.c:5477 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5617 [inline]\n port_event drivers/usb/core/hub.c:5773 [inline]\n hub_event+0x2efe/0x5730 drivers/usb/core/hub.c:5855\n process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292\n worker_thread+0xa47/0x1200 kernel/workqueue.c:2439\n kthread+0x28d/0x320 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n \u003c/TASK\u003e\n================================================================\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37897",
"url": "https://www.suse.com/security/cve/CVE-2025-37897"
},
{
"category": "external",
"summary": "SUSE Bug 1243534 for CVE-2025-37897",
"url": "https://bugzilla.suse.com/1243534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "low"
}
],
"title": "CVE-2025-37897"
},
{
"cve": "CVE-2025-37900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix two issues in iommu_copy_struct_from_user()\n\nIn the review for iommu_copy_struct_to_user() helper, Matt pointed out that\na NULL pointer should be rejected prior to dereferencing it:\nhttps://lore.kernel.org/all/86881827-8E2D-461C-BDA3-FA8FD14C343C@nvidia.com\n\nAnd Alok pointed out a typo at the same time:\nhttps://lore.kernel.org/all/480536af-6830-43ce-a327-adbd13dc3f1d@oracle.com\n\nSince both issues were copied from iommu_copy_struct_from_user(), fix them\nfirst in the current header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37900",
"url": "https://www.suse.com/security/cve/CVE-2025-37900"
},
{
"category": "external",
"summary": "SUSE Bug 1243560 for CVE-2025-37900",
"url": "https://bugzilla.suse.com/1243560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37900"
},
{
"cve": "CVE-2025-37901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs\n\nOn Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not\nhave a corresponding MPM pin and should not be handled inside the MPM\ndriver. The IRQ domain hierarchy is always applied, so it\u0027s required to\nexplicitly disconnect the hierarchy for those. The pinctrl-msm driver marks\nthese with GPIO_NO_WAKE_IRQ. qcom-pdc has a check for this, but\nirq-qcom-mpm is currently missing the check. This is causing crashes when\nsetting up interrupts for non-wake GPIOs:\n\n root@rb1:~# gpiomon -c gpiochip1 10\n irq: IRQ159: trimming hierarchy from :soc@0:interrupt-controller@f200000-1\n Unable to handle kernel paging request at virtual address ffff8000a1dc3820\n Hardware name: Qualcomm Technologies, Inc. Robotics RB1 (DT)\n pc : mpm_set_type+0x80/0xcc\n lr : mpm_set_type+0x5c/0xcc\n Call trace:\n mpm_set_type+0x80/0xcc (P)\n qcom_mpm_set_type+0x64/0x158\n irq_chip_set_type_parent+0x20/0x38\n msm_gpio_irq_set_type+0x50/0x530\n __irq_set_trigger+0x60/0x184\n __setup_irq+0x304/0x6bc\n request_threaded_irq+0xc8/0x19c\n edge_detector_setup+0x260/0x364\n linereq_create+0x420/0x5a8\n gpio_ioctl+0x2d4/0x6c0\n\nFix this by copying the check for GPIO_NO_WAKE_IRQ from qcom-pdc.c, so that\nMPM is removed entirely from the hierarchy for non-wake GPIOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37901",
"url": "https://www.suse.com/security/cve/CVE-2025-37901"
},
{
"category": "external",
"summary": "SUSE Bug 1243559 for CVE-2025-37901",
"url": "https://bugzilla.suse.com/1243559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37901"
},
{
"cve": "CVE-2025-37903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free in hdcp\n\nThe HDCP code in amdgpu_dm_hdcp.c copies pointers to amdgpu_dm_connector\nobjects without incrementing the kref reference counts. When using a\nUSB-C dock, and the dock is unplugged, the corresponding\namdgpu_dm_connector objects are freed, creating dangling pointers in the\nHDCP code. When the dock is plugged back, the dangling pointers are\ndereferenced, resulting in a slab-use-after-free:\n\n[ 66.775837] BUG: KASAN: slab-use-after-free in event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776171] Read of size 4 at addr ffff888127804120 by task kworker/0:1/10\n\n[ 66.776179] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.14.0-rc7-00180-g54505f727a38-dirty #233\n[ 66.776183] Hardware name: HP HP Pavilion Aero Laptop 13-be0xxx/8916, BIOS F.17 12/18/2024\n[ 66.776186] Workqueue: events event_property_validate [amdgpu]\n[ 66.776494] Call Trace:\n[ 66.776496] \u003cTASK\u003e\n[ 66.776497] dump_stack_lvl+0x70/0xa0\n[ 66.776504] print_report+0x175/0x555\n[ 66.776507] ? __virt_addr_valid+0x243/0x450\n[ 66.776510] ? kasan_complete_mode_report_info+0x66/0x1c0\n[ 66.776515] kasan_report+0xeb/0x1c0\n[ 66.776518] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776819] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777121] __asan_report_load4_noabort+0x14/0x20\n[ 66.777124] event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777342] ? __lock_acquire+0x6b40/0x6b40\n[ 66.777347] ? enable_assr+0x250/0x250 [amdgpu]\n[ 66.777571] process_one_work+0x86b/0x1510\n[ 66.777575] ? pwq_dec_nr_in_flight+0xcf0/0xcf0\n[ 66.777578] ? assign_work+0x16b/0x280\n[ 66.777580] ? lock_is_held_type+0xa3/0x130\n[ 66.777583] worker_thread+0x5c0/0xfa0\n[ 66.777587] ? process_one_work+0x1510/0x1510\n[ 66.777588] kthread+0x3a2/0x840\n[ 66.777591] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777594] ? trace_hardirqs_on+0x4f/0x60\n[ 66.777597] ? _raw_spin_unlock_irq+0x27/0x60\n[ 66.777599] ? calculate_sigpending+0x77/0xa0\n[ 66.777602] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777605] ret_from_fork+0x40/0x90\n[ 66.777607] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777609] ret_from_fork_asm+0x11/0x20\n[ 66.777614] \u003c/TASK\u003e\n\n[ 66.777643] Allocated by task 10:\n[ 66.777646] kasan_save_stack+0x39/0x60\n[ 66.777649] kasan_save_track+0x14/0x40\n[ 66.777652] kasan_save_alloc_info+0x37/0x50\n[ 66.777655] __kasan_kmalloc+0xbb/0xc0\n[ 66.777658] __kmalloc_cache_noprof+0x1c8/0x4b0\n[ 66.777661] dm_dp_add_mst_connector+0xdd/0x5c0 [amdgpu]\n[ 66.777880] drm_dp_mst_port_add_connector+0x47e/0x770 [drm_display_helper]\n[ 66.777892] drm_dp_send_link_address+0x1554/0x2bf0 [drm_display_helper]\n[ 66.777901] drm_dp_check_and_send_link_address+0x187/0x1f0 [drm_display_helper]\n[ 66.777909] drm_dp_mst_link_probe_work+0x2b8/0x410 [drm_display_helper]\n[ 66.777917] process_one_work+0x86b/0x1510\n[ 66.777919] worker_thread+0x5c0/0xfa0\n[ 66.777922] kthread+0x3a2/0x840\n[ 66.777925] ret_from_fork+0x40/0x90\n[ 66.777927] ret_from_fork_asm+0x11/0x20\n\n[ 66.777932] Freed by task 1713:\n[ 66.777935] kasan_save_stack+0x39/0x60\n[ 66.777938] kasan_save_track+0x14/0x40\n[ 66.777940] kasan_save_free_info+0x3b/0x60\n[ 66.777944] __kasan_slab_free+0x52/0x70\n[ 66.777946] kfree+0x13f/0x4b0\n[ 66.777949] dm_dp_mst_connector_destroy+0xfa/0x150 [amdgpu]\n[ 66.778179] drm_connector_free+0x7d/0xb0\n[ 66.778184] drm_mode_object_put.part.0+0xee/0x160\n[ 66.778188] drm_mode_object_put+0x37/0x50\n[ 66.778191] drm_atomic_state_default_clear+0x220/0xd60\n[ 66.778194] __drm_atomic_state_free+0x16e/0x2a0\n[ 66.778197] drm_mode_atomic_ioctl+0x15ed/0x2ba0\n[ 66.778200] drm_ioctl_kernel+0x17a/0x310\n[ 66.778203] drm_ioctl+0x584/0xd10\n[ 66.778206] amdgpu_drm_ioctl+0xd2/0x1c0 [amdgpu]\n[ 66.778375] __x64_sys_ioctl+0x139/0x1a0\n[ 66.778378] x64_sys_call+0xee7/0xfb0\n[ 66.778381] \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37903",
"url": "https://www.suse.com/security/cve/CVE-2025-37903"
},
{
"category": "external",
"summary": "SUSE Bug 1243562 for CVE-2025-37903",
"url": "https://bugzilla.suse.com/1243562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37903"
},
{
"cve": "CVE-2025-37905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Balance device refcount when destroying devices\n\nUsing device_find_child() to lookup the proper SCMI device to destroy\ncauses an unbalance in device refcount, since device_find_child() calls an\nimplicit get_device(): this, in turns, inhibits the call of the provided\nrelease methods upon devices destruction.\n\nAs a consequence, one of the structures that is not freed properly upon\ndestruction is the internal struct device_private dev-\u003ep populated by the\ndrivers subsystem core.\n\nKMemleak detects this situation since loading/unloding some SCMI driver\ncauses related devices to be created/destroyed without calling any\ndevice_release method.\n\nunreferenced object 0xffff00000f583800 (size 512):\n comm \"insmod\", pid 227, jiffies 4294912190\n hex dump (first 32 bytes):\n 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........\n ff ff ff ff ff ff ff ff 60 36 1d 8a 00 80 ff ff ........`6......\n backtrace (crc 114e2eed):\n kmemleak_alloc+0xbc/0xd8\n __kmalloc_cache_noprof+0x2dc/0x398\n device_add+0x954/0x12d0\n device_register+0x28/0x40\n __scmi_device_create.part.0+0x1bc/0x380\n scmi_device_create+0x2d0/0x390\n scmi_create_protocol_devices+0x74/0xf8\n scmi_device_request_notifier+0x1f8/0x2a8\n notifier_call_chain+0x110/0x3b0\n blocking_notifier_call_chain+0x70/0xb0\n scmi_driver_register+0x350/0x7f0\n 0xffff80000a3b3038\n do_one_initcall+0x12c/0x730\n do_init_module+0x1dc/0x640\n load_module+0x4b20/0x5b70\n init_module_from_file+0xec/0x158\n\n$ ./scripts/faddr2line ./vmlinux device_add+0x954/0x12d0\ndevice_add+0x954/0x12d0:\nkmalloc_noprof at include/linux/slab.h:901\n(inlined by) kzalloc_noprof at include/linux/slab.h:1037\n(inlined by) device_private_init at drivers/base/core.c:3510\n(inlined by) device_add at drivers/base/core.c:3561\n\nBalance device refcount by issuing a put_device() on devices found via\ndevice_find_child().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37905",
"url": "https://www.suse.com/security/cve/CVE-2025-37905"
},
{
"category": "external",
"summary": "SUSE Bug 1243456 for CVE-2025-37905",
"url": "https://bugzilla.suse.com/1243456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37905"
},
{
"cve": "CVE-2025-37911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix out-of-bound memcpy() during ethtool -w\n\nWhen retrieving the FW coredump using ethtool, it can sometimes cause\nmemory corruption:\n\nBUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nCorrupted memory at 0x000000008f0f30e8 [ ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ] (in kfence-#45):\n__bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nethtool_get_dump_data+0xdc/0x1a0\n__dev_ethtool+0xa1e/0x1af0\ndev_ethtool+0xa8/0x170\ndev_ioctl+0x1b5/0x580\nsock_do_ioctl+0xab/0xf0\nsock_ioctl+0x1ce/0x2e0\n__x64_sys_ioctl+0x87/0xc0\ndo_syscall_64+0x5c/0xf0\nentry_SYSCALL_64_after_hwframe+0x78/0x80\n\n...\n\nThis happens when copying the coredump segment list in\nbnxt_hwrm_dbg_dma_data() with the HWRM_DBG_COREDUMP_LIST FW command.\nThe info-\u003edest_buf buffer is allocated based on the number of coredump\nsegments returned by the FW. The segment list is then DMA\u0027ed by\nthe FW and the length of the DMA is returned by FW. The driver then\ncopies this DMA\u0027ed segment list to info-\u003edest_buf.\n\nIn some cases, this DMA length may exceed the info-\u003edest_buf length\nand cause the above BUG condition. Fix it by capping the copy\nlength to not exceed the length of info-\u003edest_buf. The extra\nDMA data contains no useful information.\n\nThis code path is shared for the HWRM_DBG_COREDUMP_LIST and the\nHWRM_DBG_COREDUMP_RETRIEVE FW commands. The buffering is different\nfor these 2 FW commands. To simplify the logic, we need to move\nthe line to adjust the buffer length for HWRM_DBG_COREDUMP_RETRIEVE\nup, so that the new check to cap the copy length will work for both\ncommands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37911",
"url": "https://www.suse.com/security/cve/CVE-2025-37911"
},
{
"category": "external",
"summary": "SUSE Bug 1243469 for CVE-2025-37911",
"url": "https://bugzilla.suse.com/1243469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37911"
},
{
"cve": "CVE-2025-37912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()\n\nAs mentioned in the commit baeb705fd6a7 (\"ice: always check VF VSI\npointer values\"), we need to perform a null pointer check on the return\nvalue of ice_get_vf_vsi() before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37912",
"url": "https://www.suse.com/security/cve/CVE-2025-37912"
},
{
"category": "external",
"summary": "SUSE Bug 1243470 for CVE-2025-37912",
"url": "https://bugzilla.suse.com/1243470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37912"
},
{
"cve": "CVE-2025-37913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: qfq: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of qfq, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nThis patch checks whether the class was already added to the agg-\u003eactive\nlist (cl_is_active) before doing the addition to cater for the reentrant\ncase.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37913",
"url": "https://www.suse.com/security/cve/CVE-2025-37913"
},
{
"category": "external",
"summary": "SUSE Bug 1243471 for CVE-2025-37913",
"url": "https://bugzilla.suse.com/1243471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37913"
},
{
"cve": "CVE-2025-37914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: ets: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of ets, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether\nthe class was already added to the active_list (cl_is_active) before\ndoing the addition to cater for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37914",
"url": "https://www.suse.com/security/cve/CVE-2025-37914"
},
{
"category": "external",
"summary": "SUSE Bug 1243472 for CVE-2025-37914",
"url": "https://bugzilla.suse.com/1243472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37914"
},
{
"cve": "CVE-2025-37915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: drr: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of drr, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether the\nclass was already added to the active_list (cl_is_active) before adding\nto the list to cover for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37915",
"url": "https://www.suse.com/security/cve/CVE-2025-37915"
},
{
"category": "external",
"summary": "SUSE Bug 1243473 for CVE-2025-37915",
"url": "https://bugzilla.suse.com/1243473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37915"
},
{
"cve": "CVE-2025-37918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: avoid NULL pointer dereference in skb_dequeue()\n\nA NULL pointer dereference can occur in skb_dequeue() when processing a\nQCA firmware crash dump on WCN7851 (0489:e0f3).\n\n[ 93.672166] Bluetooth: hci0: ACL memdump size(589824)\n\n[ 93.672475] BUG: kernel NULL pointer dereference, address: 0000000000000008\n[ 93.672517] Workqueue: hci0 hci_devcd_rx [bluetooth]\n[ 93.672598] RIP: 0010:skb_dequeue+0x50/0x80\n\nThe issue stems from handle_dump_pkt_qca() returning 0 even when a dump\npacket is successfully processed. This is because it incorrectly\nforwards the return value of hci_devcd_init() (which returns 0 on\nsuccess). As a result, the caller (btusb_recv_acl_qca() or\nbtusb_recv_evt_qca()) assumes the packet was not handled and passes it\nto hci_recv_frame(), leading to premature kfree() of the skb.\n\nLater, hci_devcd_rx() attempts to dequeue the same skb from the dump\nqueue, resulting in a NULL pointer dereference.\n\nFix this by:\n1. Making handle_dump_pkt_qca() return 0 on success and negative errno\n on failure, consistent with kernel conventions.\n2. Splitting dump packet detection into separate functions for ACL\n and event packets for better structure and readability.\n\nThis ensures dump packets are properly identified and consumed, avoiding\ndouble handling and preventing NULL pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37918",
"url": "https://www.suse.com/security/cve/CVE-2025-37918"
},
{
"category": "external",
"summary": "SUSE Bug 1243476 for CVE-2025-37918",
"url": "https://bugzilla.suse.com/1243476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37918"
},
{
"cve": "CVE-2025-37925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: reject on-disk inodes of an unsupported type\n\nSyzbot has reported the following BUG:\n\nkernel BUG at fs/inode.c:668!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted 6.12.0-rc4-syzkaller-00085-g4e46774408d9 #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\nRIP: 0010:clear_inode+0x168/0x190\nCode: 4c 89 f7 e8 ba fe e5 ff e9 61 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 7c c1 4c 89 f7 e8 90 ff e5 ff eb b7\n 0b e8 01 5d 7f ff 90 0f 0b e8 f9 5c 7f ff 90 0f 0b e8 f1 5c 7f\nRSP: 0018:ffffc900027dfae8 EFLAGS: 00010093\nRAX: ffffffff82157a87 RBX: 0000000000000001 RCX: ffff888104d4b980\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\nRBP: ffffc900027dfc90 R08: ffffffff82157977 R09: fffff520004fbf38\nR10: dffffc0000000000 R11: fffff520004fbf38 R12: dffffc0000000000\nR13: ffff88811315bc00 R14: ffff88811315bda8 R15: ffff88811315bb80\nFS: 0000000000000000(0000) GS:ffff888135f00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005565222e0578 CR3: 0000000026ef0000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n ? __die_body+0x5f/0xb0\n ? die+0x9e/0xc0\n ? do_trap+0x15a/0x3a0\n ? clear_inode+0x168/0x190\n ? do_error_trap+0x1dc/0x2c0\n ? clear_inode+0x168/0x190\n ? __pfx_do_error_trap+0x10/0x10\n ? report_bug+0x3cd/0x500\n ? handle_invalid_op+0x34/0x40\n ? clear_inode+0x168/0x190\n ? exc_invalid_op+0x38/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? clear_inode+0x57/0x190\n ? clear_inode+0x167/0x190\n ? clear_inode+0x168/0x190\n ? clear_inode+0x167/0x190\n jfs_evict_inode+0xb5/0x440\n ? __pfx_jfs_evict_inode+0x10/0x10\n evict+0x4ea/0x9b0\n ? __pfx_evict+0x10/0x10\n ? iput+0x713/0xa50\n txUpdateMap+0x931/0xb10\n ? __pfx_txUpdateMap+0x10/0x10\n jfs_lazycommit+0x49a/0xb80\n ? _raw_spin_unlock_irqrestore+0x8f/0x140\n ? lockdep_hardirqs_on+0x99/0x150\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_default_wake_function+0x10/0x10\n ? __kthread_parkme+0x169/0x1d0\n ? __pfx_jfs_lazycommit+0x10/0x10\n kthread+0x2f2/0x390\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4d/0x80\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nThis happens when \u0027clear_inode()\u0027 makes an attempt to finalize an underlying\nJFS inode of unknown type. According to JFS layout description from\nhttps://jfs.sourceforge.net/project/pub/jfslayout.pdf, inode types from 5 to\n15 are reserved for future extensions and should not be encountered on a valid\nfilesystem. So add an extra check for valid inode type in \u0027copy_from_dinode()\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37925",
"url": "https://www.suse.com/security/cve/CVE-2025-37925"
},
{
"category": "external",
"summary": "SUSE Bug 1241654 for CVE-2025-37925",
"url": "https://bugzilla.suse.com/1241654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37925"
},
{
"cve": "CVE-2025-37928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-bufio: don\u0027t schedule in atomic context\n\nA BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and\ntry_verify_in_tasklet are enabled.\n[ 129.444685][ T934] BUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2421\n[ 129.444723][ T934] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 934, name: kworker/1:4\n[ 129.444740][ T934] preempt_count: 201, expected: 0\n[ 129.444756][ T934] RCU nest depth: 0, expected: 0\n[ 129.444781][ T934] Preemption disabled at:\n[ 129.444789][ T934] [\u003cffffffd816231900\u003e] shrink_work+0x21c/0x248\n[ 129.445167][ T934] kernel BUG at kernel/sched/walt/walt_debug.c:16!\n[ 129.445183][ T934] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ 129.445204][ T934] Skip md ftrace buffer dump for: 0x1609e0\n[ 129.447348][ T934] CPU: 1 PID: 934 Comm: kworker/1:4 Tainted: G W OE 6.6.56-android15-8-o-g6f82312b30b9-debug #1 1400000003000000474e5500b3187743670464e8\n[ 129.447362][ T934] Hardware name: Qualcomm Technologies, Inc. Parrot QRD, Alpha-M (DT)\n[ 129.447373][ T934] Workqueue: dm_bufio_cache shrink_work\n[ 129.447394][ T934] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 129.447406][ T934] pc : android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug]\n[ 129.447435][ T934] lr : __traceiter_android_rvh_schedule_bug+0x44/0x6c\n[ 129.447451][ T934] sp : ffffffc0843dbc90\n[ 129.447459][ T934] x29: ffffffc0843dbc90 x28: ffffffffffffffff x27: 0000000000000c8b\n[ 129.447479][ T934] x26: 0000000000000040 x25: ffffff804b3d6260 x24: ffffffd816232b68\n[ 129.447497][ T934] x23: ffffff805171c5b4 x22: 0000000000000000 x21: ffffffd816231900\n[ 129.447517][ T934] x20: ffffff80306ba898 x19: 0000000000000000 x18: ffffffc084159030\n[ 129.447535][ T934] x17: 00000000d2b5dd1f x16: 00000000d2b5dd1f x15: ffffffd816720358\n[ 129.447554][ T934] x14: 0000000000000004 x13: ffffff89ef978000 x12: 0000000000000003\n[ 129.447572][ T934] x11: ffffffd817a823c4 x10: 0000000000000202 x9 : 7e779c5735de9400\n[ 129.447591][ T934] x8 : ffffffd81560d004 x7 : 205b5d3938373434 x6 : ffffffd8167397c8\n[ 129.447610][ T934] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffffffc0843db9e0\n[ 129.447629][ T934] x2 : 0000000000002f15 x1 : 0000000000000000 x0 : 0000000000000000\n[ 129.447647][ T934] Call trace:\n[ 129.447655][ T934] android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug 1400000003000000474e550080cce8a8a78606b6]\n[ 129.447681][ T934] __might_resched+0x190/0x1a8\n[ 129.447694][ T934] shrink_work+0x180/0x248\n[ 129.447706][ T934] process_one_work+0x260/0x624\n[ 129.447718][ T934] worker_thread+0x28c/0x454\n[ 129.447729][ T934] kthread+0x118/0x158\n[ 129.447742][ T934] ret_from_fork+0x10/0x20\n[ 129.447761][ T934] Code: ???????? ???????? ???????? d2b5dd1f (d4210000)\n[ 129.447772][ T934] ---[ end trace 0000000000000000 ]---\n\ndm_bufio_lock will call spin_lock_bh when try_verify_in_tasklet\nis enabled, and __scan will be called in atomic context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37928",
"url": "https://www.suse.com/security/cve/CVE-2025-37928"
},
{
"category": "external",
"summary": "SUSE Bug 1243621 for CVE-2025-37928",
"url": "https://bugzilla.suse.com/1243621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37928"
},
{
"cve": "CVE-2025-37929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays\n\nCommit a5951389e58d (\"arm64: errata: Add newer ARM cores to the\nspectre_bhb_loop_affected() lists\") added some additional CPUs to the\nSpectre-BHB workaround, including some new arrays for designs that\nrequire new \u0027k\u0027 values for the workaround to be effective.\n\nUnfortunately, the new arrays omitted the sentinel entry and so\nis_midr_in_range_list() will walk off the end when it doesn\u0027t find a\nmatch. With UBSAN enabled, this leads to a crash during boot when\nis_midr_in_range_list() is inlined (which was more common prior to\nc8c2647e69be (\"arm64: Make _midr_in_range_list() an exported\nfunction\")):\n\n | Internal error: aarch64 BRK: 00000000f2000001 [#1] PREEMPT SMP\n | pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n | pc : spectre_bhb_loop_affected+0x28/0x30\n | lr : is_spectre_bhb_affected+0x170/0x190\n | [...]\n | Call trace:\n | spectre_bhb_loop_affected+0x28/0x30\n | update_cpu_capabilities+0xc0/0x184\n | init_cpu_features+0x188/0x1a4\n | cpuinfo_store_boot_cpu+0x4c/0x60\n | smp_prepare_boot_cpu+0x38/0x54\n | start_kernel+0x8c/0x478\n | __primary_switched+0xc8/0xd4\n | Code: 6b09011f 54000061 52801080 d65f03c0 (d4200020)\n | ---[ end trace 0000000000000000 ]---\n | Kernel panic - not syncing: aarch64 BRK: Fatal exception\n\nAdd the missing sentinel entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37929",
"url": "https://www.suse.com/security/cve/CVE-2025-37929"
},
{
"category": "external",
"summary": "SUSE Bug 1243624 for CVE-2025-37929",
"url": "https://bugzilla.suse.com/1243624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37929"
},
{
"cve": "CVE-2025-37930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()\n\nNouveau is mostly designed in a way that it\u0027s expected that fences only\never get signaled through nouveau_fence_signal(). However, in at least\none other place, nouveau_fence_done(), can signal fences, too. If that\nhappens (race) a signaled fence remains in the pending list for a while,\nuntil it gets removed by nouveau_fence_update().\n\nShould nouveau_fence_context_kill() run in the meantime, this would be\na bug because the function would attempt to set an error code on an\nalready signaled fence.\n\nHave nouveau_fence_context_kill() check for a fence being signaled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37930",
"url": "https://www.suse.com/security/cve/CVE-2025-37930"
},
{
"category": "external",
"summary": "SUSE Bug 1243625 for CVE-2025-37930",
"url": "https://bugzilla.suse.com/1243625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37930"
},
{
"cve": "CVE-2025-37931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: adjust subpage bit start based on sectorsize\n\nWhen running machines with 64k page size and a 16k nodesize we started\nseeing tree log corruption in production. This turned out to be because\nwe were not writing out dirty blocks sometimes, so this in fact affects\nall metadata writes.\n\nWhen writing out a subpage EB we scan the subpage bitmap for a dirty\nrange. If the range isn\u0027t dirty we do\n\n\tbit_start++;\n\nto move onto the next bit. The problem is the bitmap is based on the\nnumber of sectors that an EB has. So in this case, we have a 64k\npagesize, 16k nodesize, but a 4k sectorsize. This means our bitmap is 4\nbits for every node. With a 64k page size we end up with 4 nodes per\npage.\n\nTo make this easier this is how everything looks\n\n[0 16k 32k 48k ] logical address\n[0 4 8 12 ] radix tree offset\n[ 64k page ] folio\n[ 16k eb ][ 16k eb ][ 16k eb ][ 16k eb ] extent buffers\n[ | | | | | | | | | | | | | | | | ] bitmap\n\nNow we use all of our addressing based on fs_info-\u003esectorsize_bits, so\nas you can see the above our 16k eb-\u003estart turns into radix entry 4.\n\nWhen we find a dirty range for our eb, we correctly do bit_start +=\nsectors_per_node, because if we start at bit 0, the next bit for the\nnext eb is 4, to correspond to eb-\u003estart 16k.\n\nHowever if our range is clean, we will do bit_start++, which will now\nput us offset from our radix tree entries.\n\nIn our case, assume that the first time we check the bitmap the block is\nnot dirty, we increment bit_start so now it == 1, and then we loop\naround and check again. This time it is dirty, and we go to find that\nstart using the following equation\n\n\tstart = folio_start + bit_start * fs_info-\u003esectorsize;\n\nso in the case above, eb-\u003estart 0 is now dirty, and we calculate start\nas\n\n\t0 + 1 * fs_info-\u003esectorsize = 4096\n\t4096 \u003e\u003e 12 = 1\n\nNow we\u0027re looking up the radix tree for 1, and we won\u0027t find an eb.\nWhat\u0027s worse is now we\u0027re using bit_start == 1, so we do bit_start +=\nsectors_per_node, which is now 5. If that eb is dirty we will run into\nthe same thing, we will look at an offset that is not populated in the\nradix tree, and now we\u0027re skipping the writeout of dirty extent buffers.\n\nThe best fix for this is to not use sectorsize_bits to address nodes,\nbut that\u0027s a larger change. Since this is a fs corruption problem fix\nit simply by always using sectors_per_node to increment the start bit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37931",
"url": "https://www.suse.com/security/cve/CVE-2025-37931"
},
{
"category": "external",
"summary": "SUSE Bug 1243626 for CVE-2025-37931",
"url": "https://bugzilla.suse.com/1243626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37931"
},
{
"cve": "CVE-2025-37932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_qlen_notify() idempotent\n\nhtb_qlen_notify() always deactivates the HTB class and in fact could\ntrigger a warning if it is already deactivated. Therefore, it is not\nidempotent and not friendly to its callers, like fq_codel_dequeue().\n\nLet\u0027s make it idempotent to ease qdisc_tree_reduce_backlog() callers\u0027\nlife.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37932",
"url": "https://www.suse.com/security/cve/CVE-2025-37932"
},
{
"category": "external",
"summary": "SUSE Bug 1243627 for CVE-2025-37932",
"url": "https://bugzilla.suse.com/1243627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37932"
},
{
"cve": "CVE-2025-37937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds()\n\nIf dib8000_set_dds()\u0027s call to dib8000_read32() returns zero, the result\nis a divide-by-zero. Prevent that from happening.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/media/dvb-frontends/dib8000.o: warning: objtool: dib8000_tune() falls through to next function dib8096p_cfg_DibRx()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37937",
"url": "https://www.suse.com/security/cve/CVE-2025-37937"
},
{
"category": "external",
"summary": "SUSE Bug 1243540 for CVE-2025-37937",
"url": "https://bugzilla.suse.com/1243540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37937"
},
{
"cve": "CVE-2025-37943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi\n\nIn certain cases, hardware might provide packets with a\nlength greater than the maximum native Wi-Fi header length.\nThis can lead to accessing and modifying fields in the header\nwithin the ath12k_dp_rx_h_undecap_nwifi function for\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type and\npotentially resulting in invalid data access and memory corruption.\n\nAdd a sanity check before processing the SKB to prevent invalid\ndata access in the undecap native Wi-Fi function for the\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37943",
"url": "https://www.suse.com/security/cve/CVE-2025-37943"
},
{
"category": "external",
"summary": "SUSE Bug 1243509 for CVE-2025-37943",
"url": "https://bugzilla.suse.com/1243509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37943"
},
{
"cve": "CVE-2025-37944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process\n\nCurrently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry\nto fetch the next entry from the destination ring. This is incorrect because\nath12k_hal_srng_src_get_next_entry is intended for source rings, not destination\nrings. This leads to invalid entry fetches, causing potential data corruption or\ncrashes due to accessing incorrect memory locations. This happens because the\nsource ring and destination ring have different handling mechanisms and using\nthe wrong function results in incorrect pointer arithmetic and ring management.\n\nTo fix this issue, replace the call to ath12k_hal_srng_src_get_next_entry with\nath12k_hal_srng_dst_get_next_entry in ath12k_dp_mon_srng_process. This ensures\nthat the correct function is used for fetching entries from the destination\nring, preventing invalid memory accesses.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37944",
"url": "https://www.suse.com/security/cve/CVE-2025-37944"
},
{
"category": "external",
"summary": "SUSE Bug 1243530 for CVE-2025-37944",
"url": "https://bugzilla.suse.com/1243530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37944"
},
{
"cve": "CVE-2025-37948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Add BHB mitigation to the epilogue for cBPF programs\n\nA malicious BPF program may manipulate the branch history to influence\nwhat the hardware speculates will happen next.\n\nOn exit from a BPF program, emit the BHB mititgation sequence.\n\nThis is only applied for \u0027classic\u0027 cBPF programs that are loaded by\nseccomp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37948",
"url": "https://www.suse.com/security/cve/CVE-2025-37948"
},
{
"category": "external",
"summary": "SUSE Bug 1243649 for CVE-2025-37948",
"url": "https://bugzilla.suse.com/1243649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37948"
},
{
"cve": "CVE-2025-37949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxenbus: Use kref to track req lifetime\n\nMarek reported seeing a NULL pointer fault in the xenbus_thread\ncallstack:\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: e030:__wake_up_common+0x4c/0x180\nCall Trace:\n \u003cTASK\u003e\n __wake_up_common_lock+0x82/0xd0\n process_msg+0x18e/0x2f0\n xenbus_thread+0x165/0x1c0\n\nprocess_msg+0x18e is req-\u003ecb(req). req-\u003ecb is set to xs_wake_up(), a\nthin wrapper around wake_up(), or xenbus_dev_queue_reply(). It seems\nlike it was xs_wake_up() in this case.\n\nIt seems like req may have woken up the xs_wait_for_reply(), which\nkfree()ed the req. When xenbus_thread resumes, it faults on the zero-ed\ndata.\n\nLinux Device Drivers 2nd edition states:\n\"Normally, a wake_up call can cause an immediate reschedule to happen,\nmeaning that other processes might run before wake_up returns.\"\n... which would match the behaviour observed.\n\nChange to keeping two krefs on each request. One for the caller, and\none for xenbus_thread. Each will kref_put() when finished, and the last\nwill free it.\n\nThis use of kref matches the description in\nDocumentation/core-api/kref.rst",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37949",
"url": "https://www.suse.com/security/cve/CVE-2025-37949"
},
{
"category": "external",
"summary": "SUSE Bug 1243541 for CVE-2025-37949",
"url": "https://bugzilla.suse.com/1243541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37949"
},
{
"cve": "CVE-2025-37951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Add job to pending list if the reset was skipped\n\nWhen a CL/CSD job times out, we check if the GPU has made any progress\nsince the last timeout. If so, instead of resetting the hardware, we skip\nthe reset and let the timer get rearmed. This gives long-running jobs a\nchance to complete.\n\nHowever, when `timedout_job()` is called, the job in question is removed\nfrom the pending list, which means it won\u0027t be automatically freed through\n`free_job()`. Consequently, when we skip the reset and keep the job\nrunning, the job won\u0027t be freed when it finally completes.\n\nThis situation leads to a memory leak, as exposed in [1] and [2].\n\nSimilarly to commit 704d3d60fec4 (\"drm/etnaviv: don\u0027t block scheduler when\nGPU is still active\"), this patch ensures the job is put back on the\npending list when extending the timeout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37951",
"url": "https://www.suse.com/security/cve/CVE-2025-37951"
},
{
"category": "external",
"summary": "SUSE Bug 1243659 for CVE-2025-37951",
"url": "https://bugzilla.suse.com/1243659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37951"
},
{
"cve": "CVE-2025-37953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_deactivate() idempotent\n\nAlan reported a NULL pointer dereference in htb_next_rb_node()\nafter we made htb_qlen_notify() idempotent.\n\nIt turns out in the following case it introduced some regression:\n\nhtb_dequeue_tree():\n |-\u003e fq_codel_dequeue()\n |-\u003e qdisc_tree_reduce_backlog()\n |-\u003e htb_qlen_notify()\n |-\u003e htb_deactivate()\n |-\u003e htb_next_rb_node()\n |-\u003e htb_deactivate()\n\nFor htb_next_rb_node(), after calling the 1st htb_deactivate(), the\nclprio[prio]-\u003eptr could be already set to NULL, which means\nhtb_next_rb_node() is vulnerable here.\n\nFor htb_deactivate(), although we checked qlen before calling it, in\ncase of qlen==0 after qdisc_tree_reduce_backlog(), we may call it again\nwhich triggers the warning inside.\n\nTo fix the issues here, we need to:\n\n1) Make htb_deactivate() idempotent, that is, simply return if we\n already call it before.\n2) Make htb_next_rb_node() safe against ptr==NULL.\n\nMany thanks to Alan for testing and for the reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37953",
"url": "https://www.suse.com/security/cve/CVE-2025-37953"
},
{
"category": "external",
"summary": "SUSE Bug 1243543 for CVE-2025-37953",
"url": "https://bugzilla.suse.com/1243543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37953"
},
{
"cve": "CVE-2025-37954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Avoid race in open_cached_dir with lease breaks\n\nA pre-existing valid cfid returned from find_or_create_cached_dir might\nrace with a lease break, meaning open_cached_dir doesn\u0027t consider it\nvalid, and thinks it\u0027s newly-constructed. This leaks a dentry reference\nif the allocation occurs before the queued lease break work runs.\n\nAvoid the race by extending holding the cfid_list_lock across\nfind_or_create_cached_dir and when the result is checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37954",
"url": "https://www.suse.com/security/cve/CVE-2025-37954"
},
{
"category": "external",
"summary": "SUSE Bug 1243664 for CVE-2025-37954",
"url": "https://bugzilla.suse.com/1243664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37954"
},
{
"cve": "CVE-2025-37957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception\n\nPreviously, commit ed129ec9057f (\"KVM: x86: forcibly leave nested mode\non vCPU reset\") addressed an issue where a triple fault occurring in\nnested mode could lead to use-after-free scenarios. However, the commit\ndid not handle the analogous situation for System Management Mode (SMM).\n\nThis omission results in triggering a WARN when KVM forces a vCPU INIT\nafter SHUTDOWN interception while the vCPU is in SMM. This situation was\nreprodused using Syzkaller by:\n\n 1) Creating a KVM VM and vCPU\n 2) Sending a KVM_SMI ioctl to explicitly enter SMM\n 3) Executing invalid instructions causing consecutive exceptions and\n eventually a triple fault\n\nThe issue manifests as follows:\n\n WARNING: CPU: 0 PID: 25506 at arch/x86/kvm/x86.c:12112\n kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Modules linked in:\n CPU: 0 PID: 25506 Comm: syz-executor.0 Not tainted\n 6.1.130-syzkaller-00157-g164fe5dde9b6 #0\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),\n BIOS 1.12.0-1 04/01/2014\n RIP: 0010:kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Call Trace:\n \u003cTASK\u003e\n shutdown_interception+0x66/0xb0 arch/x86/kvm/svm/svm.c:2136\n svm_invoke_exit_handler+0x110/0x530 arch/x86/kvm/svm/svm.c:3395\n svm_handle_exit+0x424/0x920 arch/x86/kvm/svm/svm.c:3457\n vcpu_enter_guest arch/x86/kvm/x86.c:10959 [inline]\n vcpu_run+0x2c43/0x5a90 arch/x86/kvm/x86.c:11062\n kvm_arch_vcpu_ioctl_run+0x50f/0x1cf0 arch/x86/kvm/x86.c:11283\n kvm_vcpu_ioctl+0x570/0xf00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4122\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nArchitecturally, INIT is blocked when the CPU is in SMM, hence KVM\u0027s WARN()\nin kvm_vcpu_reset() to guard against KVM bugs, e.g. to detect improper\nemulation of INIT. SHUTDOWN on SVM is a weird edge case where KVM needs to\ndo _something_ sane with the VMCB, since it\u0027s technically undefined, and\nINIT is the least awful choice given KVM\u0027s ABI.\n\nSo, double down on stuffing INIT on SHUTDOWN, and force the vCPU out of\nSMM to avoid any weirdness (and the WARN).\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.\n\n[sean: massage changelog, make it clear this isn\u0027t architectural behavior]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37957",
"url": "https://www.suse.com/security/cve/CVE-2025-37957"
},
{
"category": "external",
"summary": "SUSE Bug 1243513 for CVE-2025-37957",
"url": "https://bugzilla.suse.com/1243513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37957"
},
{
"cve": "CVE-2025-37958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: fix dereferencing invalid pmd migration entry\n\nWhen migrating a THP, concurrent access to the PMD migration entry during\na deferred split scan can lead to an invalid address access, as\nillustrated below. To prevent this invalid access, it is necessary to\ncheck the PMD migration entry and return early. In this context, there is\nno need to use pmd_to_swp_entry and pfn_swap_entry_to_page to verify the\nequality of the target folio. Since the PMD migration entry is locked, it\ncannot be served as the target.\n\nMailing list discussion and explanation from Hugh Dickins: \"An anon_vma\nlookup points to a location which may contain the folio of interest, but\nmight instead contain another folio: and weeding out those other folios is\nprecisely what the \"folio != pmd_folio((*pmd)\" check (and the \"risk of\nreplacing the wrong folio\" comment a few lines above it) is for.\"\n\nBUG: unable to handle page fault for address: ffffea60001db008\nCPU: 0 UID: 0 PID: 2199114 Comm: tee Not tainted 6.14.0+ #4 NONE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:split_huge_pmd_locked+0x3b5/0x2b60\nCall Trace:\n\u003cTASK\u003e\ntry_to_migrate_one+0x28c/0x3730\nrmap_walk_anon+0x4f6/0x770\nunmap_folio+0x196/0x1f0\nsplit_huge_page_to_list_to_order+0x9f6/0x1560\ndeferred_split_scan+0xac5/0x12a0\nshrinker_debugfs_scan_write+0x376/0x470\nfull_proxy_write+0x15c/0x220\nvfs_write+0x2fc/0xcb0\nksys_write+0x146/0x250\ndo_syscall_64+0x6a/0x120\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe bug is found by syzkaller on an internal kernel, then confirmed on\nupstream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37958",
"url": "https://www.suse.com/security/cve/CVE-2025-37958"
},
{
"category": "external",
"summary": "SUSE Bug 1243539 for CVE-2025-37958",
"url": "https://bugzilla.suse.com/1243539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37958"
},
{
"cve": "CVE-2025-37959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Scrub packet on bpf_redirect_peer\n\nWhen bpf_redirect_peer is used to redirect packets to a device in\nanother network namespace, the skb isn\u0027t scrubbed. That can lead skb\ninformation from one namespace to be \"misused\" in another namespace.\n\nAs one example, this is causing Cilium to drop traffic when using\nbpf_redirect_peer to redirect packets that just went through IPsec\ndecryption to a container namespace. The following pwru trace shows (1)\nthe packet path from the host\u0027s XFRM layer to the container\u0027s XFRM\nlayer where it\u0027s dropped and (2) the number of active skb extensions at\neach function.\n\n NETNS MARK IFACE TUPLE FUNC\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm4_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 gro_cells_receive\n .active_extensions = (__u8)2,\n [...]\n 4026533547 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 skb_do_redirect\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv_core\n .active_extensions = (__u8)2,\n [...]\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 udp_queue_rcv_one_skb\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_policy_check\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 security_xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 kfree_skb_reason(SKB_DROP_REASON_XFRM_POLICY)\n .active_extensions = (__u8)2,\n\nIn this case, there are no XFRM policies in the container\u0027s network\nnamespace so the drop is unexpected. When we decrypt the IPsec packet,\nthe XFRM state used for decryption is set in the skb extensions. This\ninformation is preserved across the netns switch. When we reach the\nXFRM policy check in the container\u0027s netns, __xfrm_policy_check drops\nthe packet with LINUX_MIB_XFRMINNOPOLS because a (container-side) XFRM\npolicy can\u0027t be found that matches the (host-side) XFRM state used for\ndecryption.\n\nThis patch fixes this by scrubbing the packet when using\nbpf_redirect_peer, as is done on typical netns switches via veth\ndevices except skb-\u003emark and skb-\u003etstamp are not zeroed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37959",
"url": "https://www.suse.com/security/cve/CVE-2025-37959"
},
{
"category": "external",
"summary": "SUSE Bug 1243517 for CVE-2025-37959",
"url": "https://bugzilla.suse.com/1243517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37959"
},
{
"cve": "CVE-2025-37960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemblock: Accept allocated memory before use in memblock_double_array()\n\nWhen increasing the array size in memblock_double_array() and the slab\nis not yet available, a call to memblock_find_in_range() is used to\nreserve/allocate memory. However, the range returned may not have been\naccepted, which can result in a crash when booting an SNP guest:\n\n RIP: 0010:memcpy_orig+0x68/0x130\n Code: ...\n RSP: 0000:ffffffff9cc03ce8 EFLAGS: 00010006\n RAX: ff11001ff83e5000 RBX: 0000000000000000 RCX: fffffffffffff000\n RDX: 0000000000000bc0 RSI: ffffffff9dba8860 RDI: ff11001ff83e5c00\n RBP: 0000000000002000 R08: 0000000000000000 R09: 0000000000002000\n R10: 000000207fffe000 R11: 0000040000000000 R12: ffffffff9d06ef78\n R13: ff11001ff83e5000 R14: ffffffff9dba7c60 R15: 0000000000000c00\n memblock_double_array+0xff/0x310\n memblock_add_range+0x1fb/0x2f0\n memblock_reserve+0x4f/0xa0\n memblock_alloc_range_nid+0xac/0x130\n memblock_alloc_internal+0x53/0xc0\n memblock_alloc_try_nid+0x3d/0xa0\n swiotlb_init_remap+0x149/0x2f0\n mem_init+0xb/0xb0\n mm_core_init+0x8f/0x350\n start_kernel+0x17e/0x5d0\n x86_64_start_reservations+0x14/0x30\n x86_64_start_kernel+0x92/0xa0\n secondary_startup_64_no_verify+0x194/0x19b\n\nMitigate this by calling accept_memory() on the memory range returned\nbefore the slab is available.\n\nPrior to v6.12, the accept_memory() interface used a \u0027start\u0027 and \u0027end\u0027\nparameter instead of \u0027start\u0027 and \u0027size\u0027, therefore the accept_memory()\ncall must be adjusted to specify \u0027start + size\u0027 for \u0027end\u0027 when applying\nto kernels prior to v6.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37960",
"url": "https://www.suse.com/security/cve/CVE-2025-37960"
},
{
"category": "external",
"summary": "SUSE Bug 1243519 for CVE-2025-37960",
"url": "https://bugzilla.suse.com/1243519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37960"
},
{
"cve": "CVE-2025-37963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Only mitigate cBPF programs loaded by unprivileged users\n\nSupport for eBPF programs loaded by unprivileged users is typically\ndisabled. This means only cBPF programs need to be mitigated for BHB.\n\nIn addition, only mitigate cBPF programs that were loaded by an\nunprivileged user. Privileged users can also load the same program\nvia eBPF, making the mitigation pointless.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37963",
"url": "https://www.suse.com/security/cve/CVE-2025-37963"
},
{
"category": "external",
"summary": "SUSE Bug 1243660 for CVE-2025-37963",
"url": "https://bugzilla.suse.com/1243660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "low"
}
],
"title": "CVE-2025-37963"
},
{
"cve": "CVE-2025-37969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo\n\nPrevent st_lsm6dsx_read_tagged_fifo from falling in an infinite loop in\ncase pattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37969",
"url": "https://www.suse.com/security/cve/CVE-2025-37969"
},
{
"category": "external",
"summary": "SUSE Bug 1243574 for CVE-2025-37969",
"url": "https://bugzilla.suse.com/1243574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37969"
},
{
"cve": "CVE-2025-37970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo\n\nPrevent st_lsm6dsx_read_fifo from falling in an infinite loop in case\npattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37970",
"url": "https://www.suse.com/security/cve/CVE-2025-37970"
},
{
"category": "external",
"summary": "SUSE Bug 1243575 for CVE-2025-37970",
"url": "https://bugzilla.suse.com/1243575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37970"
},
{
"cve": "CVE-2025-37972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: mtk-pmic-keys - fix possible null pointer dereference\n\nIn mtk_pmic_keys_probe, the regs parameter is only set if the button is\nparsed in the device tree. However, on hardware where the button is left\nfloating, that node will most likely be removed not to enable that\ninput. In that case the code will try to dereference a null pointer.\n\nLet\u0027s use the regs struct instead as it is defined for all supported\nplatforms. Note that it is ok setting the key reg even if that latter is\ndisabled as the interrupt won\u0027t be enabled anyway.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37972",
"url": "https://www.suse.com/security/cve/CVE-2025-37972"
},
{
"category": "external",
"summary": "SUSE Bug 1243573 for CVE-2025-37972",
"url": "https://bugzilla.suse.com/1243573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37972"
},
{
"cve": "CVE-2025-37974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix missing check for zpci_create_device() error return\n\nThe zpci_create_device() function returns an error pointer that needs to\nbe checked before dereferencing it as a struct zpci_dev pointer. Add the\nmissing check in __clp_add() where it was missed when adding the\nscan_list in the fixed commit. Simply not adding the device to the scan\nlist results in the previous behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37974",
"url": "https://www.suse.com/security/cve/CVE-2025-37974"
},
{
"category": "external",
"summary": "SUSE Bug 1243547 for CVE-2025-37974",
"url": "https://bugzilla.suse.com/1243547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37974"
},
{
"cve": "CVE-2025-37978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: integrity: Do not call set_page_dirty_lock()\n\nPlacing multiple protection information buffers inside the same page\ncan lead to oopses because set_page_dirty_lock() can\u0027t be called from\ninterrupt context.\n\nSince a protection information buffer is not backed by a file there is\nno point in setting its page dirty, there is nothing to synchronize.\nDrop the call to set_page_dirty_lock() and remove the last argument to\nbio_integrity_unpin_bvec().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37978",
"url": "https://www.suse.com/security/cve/CVE-2025-37978"
},
{
"category": "external",
"summary": "SUSE Bug 1243516 for CVE-2025-37978",
"url": "https://bugzilla.suse.com/1243516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37978"
},
{
"cve": "CVE-2025-37979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: Fix sc7280 lpass potential buffer overflow\n\nCase values introduced in commit\n5f78e1fb7a3e (\"ASoC: qcom: Add driver support for audioreach solution\")\ncause out of bounds access in arrays of sc7280 driver data (e.g. in case\nof RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()).\n\nRedefine LPASS_MAX_PORTS to consider the maximum possible port id for\nq6dsp as sc7280 driver utilizes some of those values.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37979",
"url": "https://www.suse.com/security/cve/CVE-2025-37979"
},
{
"category": "external",
"summary": "SUSE Bug 1243545 for CVE-2025-37979",
"url": "https://bugzilla.suse.com/1243545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37979"
},
{
"cve": "CVE-2025-37980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix resource leak in blk_register_queue() error path\n\nWhen registering a queue fails after blk_mq_sysfs_register() is\nsuccessful but the function later encounters an error, we need\nto clean up the blk_mq_sysfs resources.\n\nAdd the missing blk_mq_sysfs_unregister() call in the error path\nto properly clean up these resources and prevent a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37980",
"url": "https://www.suse.com/security/cve/CVE-2025-37980"
},
{
"category": "external",
"summary": "SUSE Bug 1243522 for CVE-2025-37980",
"url": "https://bugzilla.suse.com/1243522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37980"
},
{
"cve": "CVE-2025-37982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wl1251: fix memory leak in wl1251_tx_work\n\nThe skb dequeued from tx_queue is lost when wl1251_ps_elp_wakeup fails\nwith a -ETIMEDOUT error. Fix that by queueing the skb back to tx_queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37982",
"url": "https://www.suse.com/security/cve/CVE-2025-37982"
},
{
"category": "external",
"summary": "SUSE Bug 1243524 for CVE-2025-37982",
"url": "https://bugzilla.suse.com/1243524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37982"
},
{
"cve": "CVE-2025-37983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqibfs: fix _another_ leak\n\nfailure to allocate inode =\u003e leaked dentry...\n\nthis one had been there since the initial merge; to be fair,\nif we are that far OOM, the odds of failing at that particular\nallocation are low...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37983",
"url": "https://www.suse.com/security/cve/CVE-2025-37983"
},
{
"category": "external",
"summary": "SUSE Bug 1243567 for CVE-2025-37983",
"url": "https://bugzilla.suse.com/1243567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37983"
},
{
"cve": "CVE-2025-37985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: wdm: close race between wdm_open and wdm_wwan_port_stop\n\nClearing WDM_WWAN_IN_USE must be the last action or\nwe can open a chardev whose URBs are still poisoned",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37985",
"url": "https://www.suse.com/security/cve/CVE-2025-37985"
},
{
"category": "external",
"summary": "SUSE Bug 1243529 for CVE-2025-37985",
"url": "https://bugzilla.suse.com/1243529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37985"
},
{
"cve": "CVE-2025-37986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Invalidate USB device pointers on partner unregistration\n\nTo avoid using invalid USB device pointers after a Type-C partner\ndisconnects, this patch clears the pointers upon partner unregistration.\nThis ensures a clean state for future connections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37986",
"url": "https://www.suse.com/security/cve/CVE-2025-37986"
},
{
"category": "external",
"summary": "SUSE Bug 1243515 for CVE-2025-37986",
"url": "https://bugzilla.suse.com/1243515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37986"
},
{
"cve": "CVE-2025-37989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: leds: fix memory leak\n\nA network restart test on a router led to an out-of-memory condition,\nwhich was traced to a memory leak in the PHY LED trigger code.\n\nThe root cause is misuse of the devm API. The registration function\n(phy_led_triggers_register) is called from phy_attach_direct, not\nphy_probe, and the unregister function (phy_led_triggers_unregister)\nis called from phy_detach, not phy_remove. This means the register and\nunregister functions can be called multiple times for the same PHY\ndevice, but devm-allocated memory is not freed until the driver is\nunbound.\n\nThis also prevents kmemleak from detecting the leak, as the devm API\ninternally stores the allocated pointer.\n\nFix this by replacing devm_kzalloc/devm_kcalloc with standard\nkzalloc/kcalloc, and add the corresponding kfree calls in the unregister\npath.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37989",
"url": "https://www.suse.com/security/cve/CVE-2025-37989"
},
{
"category": "external",
"summary": "SUSE Bug 1243511 for CVE-2025-37989",
"url": "https://bugzilla.suse.com/1243511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37989"
},
{
"cve": "CVE-2025-37990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()\n\nThe function brcmf_usb_dl_writeimage() calls the function\nbrcmf_usb_dl_cmd() but dose not check its return value. The\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized if the\nfunction brcmf_usb_dl_cmd() fails. It is dangerous to use\nuninitialized variables in the conditions.\n\nAdd error handling for brcmf_usb_dl_cmd() to jump to error\nhandling path if the brcmf_usb_dl_cmd() fails and the\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized.\n\nImprove the error message to report more detailed error\ninformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37990",
"url": "https://www.suse.com/security/cve/CVE-2025-37990"
},
{
"category": "external",
"summary": "SUSE Bug 1243528 for CVE-2025-37990",
"url": "https://bugzilla.suse.com/1243528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-37990"
},
{
"cve": "CVE-2025-38104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV\n\nRLCG Register Access is a way for virtual functions to safely access GPU\nregisters in a virtualized environment., including TLB flushes and\nregister reads. When multiple threads or VFs try to access the same\nregisters simultaneously, it can lead to race conditions. By using the\nRLCG interface, the driver can serialize access to the registers. This\nmeans that only one thread can access the registers at a time,\npreventing conflicts and ensuring that operations are performed\ncorrectly. Additionally, when a low-priority task holds a mutex that a\nhigh-priority task needs, ie., If a thread holding a spinlock tries to\nacquire a mutex, it can lead to priority inversion. register access in\namdgpu_virt_rlcg_reg_rw especially in a fast code path is critical.\n\nThe call stack shows that the function amdgpu_virt_rlcg_reg_rw is being\ncalled, which attempts to acquire the mutex. This function is invoked\nfrom amdgpu_sriov_wreg, which in turn is called from\ngmc_v11_0_flush_gpu_tlb.\n\nThe [ BUG: Invalid wait context ] indicates that a thread is trying to\nacquire a mutex while it is in a context that does not allow it to sleep\n(like holding a spinlock).\n\nFixes the below:\n\n[ 253.013423] =============================\n[ 253.013434] [ BUG: Invalid wait context ]\n[ 253.013446] 6.12.0-amdstaging-drm-next-lol-050225 #14 Tainted: G U OE\n[ 253.013464] -----------------------------\n[ 253.013475] kworker/0:1/10 is trying to lock:\n[ 253.013487] ffff9f30542e3cf8 (\u0026adev-\u003evirt.rlcg_reg_lock){+.+.}-{3:3}, at: amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.013815] other info that might help us debug this:\n[ 253.013827] context-{4:4}\n[ 253.013835] 3 locks held by kworker/0:1/10:\n[ 253.013847] #0: ffff9f3040050f58 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x3f5/0x680\n[ 253.013877] #1: ffffb789c008be40 ((work_completion)(\u0026wfc.work)){+.+.}-{0:0}, at: process_one_work+0x1d6/0x680\n[ 253.013905] #2: ffff9f3054281838 (\u0026adev-\u003egmc.invalidate_lock){+.+.}-{2:2}, at: gmc_v11_0_flush_gpu_tlb+0x198/0x4f0 [amdgpu]\n[ 253.014154] stack backtrace:\n[ 253.014164] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G U OE 6.12.0-amdstaging-drm-next-lol-050225 #14\n[ 253.014189] Tainted: [U]=USER, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n[ 253.014203] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/18/2024\n[ 253.014224] Workqueue: events work_for_cpu_fn\n[ 253.014241] Call Trace:\n[ 253.014250] \u003cTASK\u003e\n[ 253.014260] dump_stack_lvl+0x9b/0xf0\n[ 253.014275] dump_stack+0x10/0x20\n[ 253.014287] __lock_acquire+0xa47/0x2810\n[ 253.014303] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014321] lock_acquire+0xd1/0x300\n[ 253.014333] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014562] ? __lock_acquire+0xa6b/0x2810\n[ 253.014578] __mutex_lock+0x85/0xe20\n[ 253.014591] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014782] ? sched_clock_noinstr+0x9/0x10\n[ 253.014795] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014808] ? local_clock_noinstr+0xe/0xc0\n[ 253.014822] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015012] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.015029] mutex_lock_nested+0x1b/0x30\n[ 253.015044] ? mutex_lock_nested+0x1b/0x30\n[ 253.015057] amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015249] amdgpu_sriov_wreg+0xc5/0xd0 [amdgpu]\n[ 253.015435] gmc_v11_0_flush_gpu_tlb+0x44b/0x4f0 [amdgpu]\n[ 253.015667] gfx_v11_0_hw_init+0x499/0x29c0 [amdgpu]\n[ 253.015901] ? __pfx_smu_v13_0_update_pcie_parameters+0x10/0x10 [amdgpu]\n[ 253.016159] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.016173] ? smu_hw_init+0x18d/0x300 [amdgpu]\n[ 253.016403] amdgpu_device_init+0x29ad/0x36a0 [amdgpu]\n[ 253.016614] amdgpu_driver_load_kms+0x1a/0xc0 [amdgpu]\n[ 253.0170\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38104",
"url": "https://www.suse.com/security/cve/CVE-2025-38104"
},
{
"category": "external",
"summary": "SUSE Bug 1241635 for CVE-2025-38104",
"url": "https://bugzilla.suse.com/1241635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-38104"
},
{
"cve": "CVE-2025-38152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Clear table_sz when rproc_shutdown\n\nThere is case as below could trigger kernel dump:\nUse U-Boot to start remote processor(rproc) with resource table\npublished to a fixed address by rproc. After Kernel boots up,\nstop the rproc, load a new firmware which doesn\u0027t have resource table\n,and start rproc.\n\nWhen starting rproc with a firmware not have resource table,\n`memcpy(loaded_table, rproc-\u003ecached_table, rproc-\u003etable_sz)` will\ntrigger dump, because rproc-\u003ecache_table is set to NULL during the last\nstop operation, but rproc-\u003etable_sz is still valid.\n\nThis issue is found on i.MX8MP and i.MX9.\n\nDump as below:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af63000\n[0000000000000000] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in:\nCPU: 2 UID: 0 PID: 1060 Comm: sh Not tainted 6.14.0-rc7-next-20250317-dirty #38\nHardware name: NXP i.MX8MPlus EVK board (DT)\npstate: a0000005 (NzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __pi_memcpy_generic+0x110/0x22c\nlr : rproc_start+0x88/0x1e0\nCall trace:\n __pi_memcpy_generic+0x110/0x22c (P)\n rproc_boot+0x198/0x57c\n state_store+0x40/0x104\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x7c/0x94\n kernfs_fop_write_iter+0x120/0x1cc\n vfs_write+0x240/0x378\n ksys_write+0x70/0x108\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xcc\n el0t_64_sync_handler+0x10c/0x138\n el0t_64_sync+0x198/0x19c\n\nClear rproc-\u003etable_sz to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38152",
"url": "https://www.suse.com/security/cve/CVE-2025-38152"
},
{
"category": "external",
"summary": "SUSE Bug 1241627 for CVE-2025-38152",
"url": "https://bugzilla.suse.com/1241627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-38152"
},
{
"cve": "CVE-2025-38240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38240"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr\n\nThe function mtk_dp_wait_hpd_asserted() may be called before the\n`mtk_dp-\u003edrm_dev` pointer is assigned in mtk_dp_bridge_attach().\nSpecifically it can be called via this callpath:\n - mtk_edp_wait_hpd_asserted\n - [panel probe]\n - dp_aux_ep_probe\n\nUsing \"drm\" level prints anywhere in this callpath causes a NULL\npointer dereference. Change the error message directly in\nmtk_dp_wait_hpd_asserted() to dev_err() to avoid this. Also change the\nerror messages in mtk_dp_parse_capabilities(), which is called by\nmtk_dp_wait_hpd_asserted().\n\nWhile touching these prints, also add the error code to them to make\nfuture debugging easier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38240",
"url": "https://www.suse.com/security/cve/CVE-2025-38240"
},
{
"category": "external",
"summary": "SUSE Bug 1241457 for CVE-2025-38240",
"url": "https://bugzilla.suse.com/1241457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-38240"
},
{
"cve": "CVE-2025-38637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: skbprio: Remove overly strict queue assertions\n\nIn the current implementation, skbprio enqueue/dequeue contains an assertion\nthat fails under certain conditions when SKBPRIO is used as a child qdisc under\nTBF with specific parameters. The failure occurs because TBF sometimes peeks at\npackets in the child qdisc without actually dequeuing them when tokens are\nunavailable.\n\nThis peek operation creates a discrepancy between the parent and child qdisc\nqueue length counters. When TBF later receives a high-priority packet,\nSKBPRIO\u0027s queue length may show a different value than what\u0027s reflected in its\ninternal priority queue tracking, triggering the assertion.\n\nThe fix removes this overly strict assertions in SKBPRIO, they are not\nnecessary at all.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38637",
"url": "https://www.suse.com/security/cve/CVE-2025-38637"
},
{
"category": "external",
"summary": "SUSE Bug 1241657 for CVE-2025-38637",
"url": "https://bugzilla.suse.com/1241657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-38637"
},
{
"cve": "CVE-2025-39728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39728"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: samsung: Fix UBSAN panic in samsung_clk_init()\n\nWith UBSAN_ARRAY_BOUNDS=y, I\u0027m hitting the below panic due to\ndereferencing `ctx-\u003eclk_data.hws` before setting\n`ctx-\u003eclk_data.num = nr_clks`. Move that up to fix the crash.\n\n UBSAN: array index out of bounds: 00000000f2005512 [#1] PREEMPT SMP\n \u003csnip\u003e\n Call trace:\n samsung_clk_init+0x110/0x124 (P)\n samsung_clk_init+0x48/0x124 (L)\n samsung_cmu_register_one+0x3c/0xa0\n exynos_arm64_register_cmu+0x54/0x64\n __gs101_cmu_top_of_clk_init_declare+0x28/0x60\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39728",
"url": "https://www.suse.com/security/cve/CVE-2025-39728"
},
{
"category": "external",
"summary": "SUSE Bug 1241626 for CVE-2025-39728",
"url": "https://bugzilla.suse.com/1241626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-39728"
},
{
"cve": "CVE-2025-39735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix slab-out-of-bounds read in ea_get()\n\nDuring the \"size_check\" label in ea_get(), the code checks if the extended\nattribute list (xattr) size matches ea_size. If not, it logs\n\"ea_get: invalid extended attribute\" and calls print_hex_dump().\n\nHere, EALIST_SIZE(ea_buf-\u003exattr) returns 4110417968, which exceeds\nINT_MAX (2,147,483,647). Then ea_size is clamped:\n\n\tint size = clamp_t(int, ea_size, 0, EALIST_SIZE(ea_buf-\u003exattr));\n\nAlthough clamp_t aims to bound ea_size between 0 and 4110417968, the upper\nlimit is treated as an int, causing an overflow above 2^31 - 1. This leads\n\"size\" to wrap around and become negative (-184549328).\n\nThe \"size\" is then passed to print_hex_dump() (called \"len\" in\nprint_hex_dump()), it is passed as type size_t (an unsigned\ntype), this is then stored inside a variable called\n\"int remaining\", which is then assigned to \"int linelen\" which\nis then passed to hex_dump_to_buffer(). In print_hex_dump()\nthe for loop, iterates through 0 to len-1, where len is\n18446744073525002176, calling hex_dump_to_buffer()\non each iteration:\n\n\tfor (i = 0; i \u003c len; i += rowsize) {\n\t\tlinelen = min(remaining, rowsize);\n\t\tremaining -= rowsize;\n\n\t\thex_dump_to_buffer(ptr + i, linelen, rowsize, groupsize,\n\t\t\t\t linebuf, sizeof(linebuf), ascii);\n\n\t\t...\n\t}\n\nThe expected stopping condition (i \u003c len) is effectively broken\nsince len is corrupted and very large. This eventually leads to\nthe \"ptr+i\" being passed to hex_dump_to_buffer() to get closer\nto the end of the actual bounds of \"ptr\", eventually an out of\nbounds access is done in hex_dump_to_buffer() in the following\nfor loop:\n\n\tfor (j = 0; j \u003c len; j++) {\n\t\t\tif (linebuflen \u003c lx + 2)\n\t\t\t\tgoto overflow2;\n\t\t\tch = ptr[j];\n\t\t...\n\t}\n\nTo fix this we should validate \"EALIST_SIZE(ea_buf-\u003exattr)\"\nbefore it is utilised.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39735",
"url": "https://www.suse.com/security/cve/CVE-2025-39735"
},
{
"category": "external",
"summary": "SUSE Bug 1241625 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "external",
"summary": "SUSE Bug 1241699 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "important"
}
],
"title": "CVE-2025-39735"
},
{
"cve": "CVE-2025-40014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq()\n\nIf speed_hz \u003c AMD_SPI_MIN_HZ, amd_set_spi_freq() iterates over the\nentire amd_spi_freq array without breaking out early, causing \u0027i\u0027 to go\nbeyond the array bounds.\n\nFix that by stopping the loop when it gets to the last entry, so the low\nspeed_hz value gets clamped up to AMD_SPI_MIN_HZ.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/spi/spi-amd.o: error: objtool: amd_set_spi_freq() falls through to next function amd_spi_set_opcode()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40014",
"url": "https://www.suse.com/security/cve/CVE-2025-40014"
},
{
"category": "external",
"summary": "SUSE Bug 1241644 for CVE-2025-40014",
"url": "https://bugzilla.suse.com/1241644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-40014"
},
{
"cve": "CVE-2025-40325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: wait barrier before returning discard request with REQ_NOWAIT\n\nraid10_handle_discard should wait barrier before returning a discard bio\nwhich has REQ_NOWAIT. And there is no need to print warning calltrace\nif a discard bio has REQ_NOWAIT flag. Quality engineer usually checks\ndmesg and reports error if dmesg has warning/error calltrace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40325",
"url": "https://www.suse.com/security/cve/CVE-2025-40325"
},
{
"category": "external",
"summary": "SUSE Bug 1241638 for CVE-2025-40325",
"url": "https://bugzilla.suse.com/1241638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_39-rt-1-150600.1.3.2.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.39.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.39.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-40325"
}
]
}
suse-su-2025:01951-1
Vulnerability from csaf_suse
Published
2025-06-13 13:54
Modified
2025-06-13 13:54
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP7 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).
- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).
- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).
- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).
- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).
- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).
- CVE-2024-49570: drm/xe/tracing: Fix a potential TP_printk UAF (bsc#1238782).
- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).
- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).
- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).
- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074).
- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).
- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).
- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56638: kABI fix for 'netfilter: nft_inner: incorrect percpu area handling under softirq' (bsc#1235524).
- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).
- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).
- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).
- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).
- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).
- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).
- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).
- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).
- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).
- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).
- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).
- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).
- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).
- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).
- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).
- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).
- CVE-2024-58074: drm/i915: Grab intel_display from the encoder to avoid potential (bsc#1238972).
- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).
- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).
- CVE-2024-58091: drm/fbdev-dma: Add shadow buffering for deferred I/O (bsc#1240174).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).
- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).
- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).
- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).
- CVE-2025-21717: net/mlx5e: add missing cpu_to_node to kvzalloc_node in mlx5e_open_xdpredirect_sq (bsc#1238866).
- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).
- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).
- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).
- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).
- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).
- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).
- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).
- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).
- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).
- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).
- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).
- CVE-2025-21800: net/mlx5: HWS, fix definer's HWS_SET32 macro for negative offset (bsc#1238743).
- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).
- CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742).
- CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108).
- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).
- CVE-2025-21837: io_uring/uring_cmd: unconditionally copy SQEs at prep time (bsc#1239064).
- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).
- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).
- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).
- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).
- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).
- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).
- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).
- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).
- CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181).
- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).
- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).
- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).
- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).
- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).
- CVE-2025-21882: net/mlx5: Fix vport QoS cleanup on error (bsc#1240187).
- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).
- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).
- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).
- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).
- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).
- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).
- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).
- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).
- CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576).
- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).
- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).
- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).
- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error (bsc#1240720).
- CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713).
- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).
- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).
- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level > 2 (bsc#1240742).
- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).
- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).
- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).
- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).
- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).
- CVE-2025-21969: kABI workaround for l2cap_conn changes (bsc#1240784).
- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).
- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).
- CVE-2025-21973: eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx} (bsc#1240803).
- CVE-2025-21974: eth: bnxt: return fail if interface is down in bnxt_queue_mem_alloc() (bsc#1240800).
- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).
- CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809).
- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).
- CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811).
- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).
- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).
- CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944).
- CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934).
- CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936).
- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426).
- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).
- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).
- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416).
- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).
- CVE-2025-22094: powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu' (bsc#1241512).
- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).
- CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548).
- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).
- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).
- CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593).
- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).
- CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451).
- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23154: io_uring/net: fix io_req_post_cqe abuse by send bundle (bsc#1242533).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37747: kABI workaround for perf-Fix-hang-while-freeing-sigtrap-event (References: bsc#1242520).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37798: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414).
- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
- CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626).
The following non-security bugs were fixed:
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).
- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).
- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable-fixes).
- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes).
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).
- ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes).
- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).
- ALSA: hda/realtek: Bass speaker fixup for ASUS UM5606KA (stable-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP OMEN 16 Laptop xd000xx (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git-fixes).
- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).
- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).
- ALSA: hda/realtek: fix micmute LEDs on HP Laptops with ALC3315 (stable-fixes).
- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).
- ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes).
- ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes).
- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: timer: Do not take register_mutex with copy_from/to_user() (git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).
- ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044).
- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).
- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).
- ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes).
- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).
- ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes).
- ASoC: Intel: sof_sdw: Fix unlikely uninitialized variable use in create_sdw_dailinks() (git-fixes).
- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).
- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
- ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable-fixes).
- ASoC: Use of_property_read_bool() (stable-fixes).
- ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes).
- ASoC: amd: acp: Fix for enabling DMIC on acp platforms via _DSD entry (git-fixes).
- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).
- ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes).
- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).
- ASoC: codecs: rt5665: Fix some error handling paths in rt5665_probe() (git-fixes).
- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes).
- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).
- ASoC: cs42l43: Fix maximum ADC Volume (git-fixes).
- ASoC: cs42l43: Reset clamp override on jack removal (git-fixes).
- ASoC: dwc: always enable/disable i2s irqs (git-fixes).
- ASoC: fsl: fsl_qmc_audio: Reset audio data pointers on TRIGGER_START event (git-fixes).
- ASoC: fsl_audmix: register card device depends on 'dais' property (stable-fixes).
- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).
- ASoC: ops: Consistently treat platform_max as control value (git-fixes).
- ASoC: q6apm-dai: make use of q6apm_get_hw_pointer (git-fixes).
- ASoC: q6apm-dai: schedule all available frames to avoid dsp under-runs (git-fixes).
- ASoC: q6apm: add q6apm_get_hw_pointer helper (git-fixes).
- ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes).
- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes).
- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes).
- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git-fixes).
- ASoC: rt722-sdca: add missing readable registers (git-fixes).
- ASoC: simple-card-utils.c: add missing dlc->of_node (stable-fixes).
- ASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction (git-fixes).
- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).
- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).
- ASoC: tas2764: Fix power control mask (stable-fixes).
- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).
- ASoC: tas2770: Fix volume scale (stable-fixes).
- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).
- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).
- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).
- Bluetooth: L2CAP: Fix corrupted list in hci_chan_del (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
- Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd (stable-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).
- Bluetooth: btintel_pcie: Add additional to checks to clear TX/RX paths (git-fixes).
- Bluetooth: btnxpuart: Fix kernel panic during FW release (git-fixes).
- Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes).
- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).
- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).
- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes).
- Bluetooth: hci_uart: Fix another race during initialization (git-fixes).
- Bluetooth: hci_uart: fix race during initialization (stable-fixes).
- Bluetooth: l2cap: Check encryption key size on incoming connection (git-fixes).
- Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes).
- Bluetooth: qca: simplify WCN399x NVM loading (stable-fixes).
- Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes).
- Documentation: qat: fix auto_reset attribute details (git-fixes).
- Documentation: qat: fix auto_reset section (git-fixes).
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).
- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).
- EDAC/i10nm: Add Intel Clearwater Forest server support (jsc#PED-10190).
- Fix mismerge from SLE15-SP6 to SLE15-SP7 (bsc#1241591)
- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- HID: Enable playstation driver independently of sony driver (git-fixes).
- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).
- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).
- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).
- HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable-fixes).
- HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes).
- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).
- HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove() (git-fixes).
- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).
- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).
- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- IB/mad: Check available slots before posting receive WRs (git-fixes)
- Input: ads7846 - fix gpiod allocation (git-fixes).
- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).
- Input: cyttsp5 - fix power control issue on wakeup (git-fixes).
- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).
- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).
- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).
- Input: iqs7222 - preserve system status register (git-fixes).
- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).
- Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git-fixes).
- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
- Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes).
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).
- Input: xpad - add multiple supported devices (stable-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
- Input: xpad - add support for TECNO Pocket Go (stable-fixes).
- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).
- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
- Input: xpad - fix two controller table values (git-fixes).
- Input: xpad - rename QH controller to Legion Go S (stable-fixes).
- KVM: PPC: Book3S HV: Fix IRQ map warnings with XICS on pSeries KVM Guest (bsc#1242205 ltc#212592).
- KVM: PPC: Enable CAP_SPAPR_TCE_VFIO on pSeries KVM guests (jsc#PED-10539 git-fixes).
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- KVM: SVM: Do not change target vCPU state on AP Creation VMGEXIT error (git-fixes).
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
- KVM: SVM: Refuse to attempt VRMUN if an SEV-ES+ guest had an invalid VMSA (git-fixes).
- KVM: SVM: Save host DR masks on CPUs with DebugSwap (jsc#PED-348).
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
- KVM: arm64: Mark some header functions as inline (git-fixes).
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).
- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
- KVM: update patch KVM-PPC-Enable-CAP_SPAPR_TCE_VFIO-on-pSeries-KVM-gue.patch (jsc#PED-10539 git-fixes bsc#1240419 ltc#212279).
- KVM: x86/mmu: Check and free obsolete roots in kvm_mmu_reload() (git-fixes).
- KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).
- KVM: x86: Check that the high 32bits are clear in kvm_arch_vcpu_ioctl_run() (git-fixes).
- KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
- KVM: x86: block KVM_CAP_SYNC_REGS if guest state is protected (git-fixes).
- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (git-fixes).
- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
- OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961)
- PCI/ACS: Fix 'pci=config_acs=' parameter (git-fixes).
- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).
- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git-fixes).
- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).
- PCI: Avoid reset when disabled via sysfs (git-fixes).
- PCI: Drop patch that caused a regression (bsc#1241123).
- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).
- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).
- PCI: Fix reference leak in pci_register_host_bridge() (git-fixes).
- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).
- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).
- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).
- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).
- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).
- PCI: brcmstb: Use internal register to change link capability (git-fixes).
- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).
- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).
- PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes).
- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).
- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes).
- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).
- PM: sleep: Adjust check before setting power.must_resume (git-fixes).
- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)
- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)
- RDMA/bnxt_re: Fix allocation of QP table (git-fixes)
- RDMA/bnxt_re: Fix budget handling of notification queue (git-fixes)
- RDMA/bnxt_re: Fix reporting maximum SRQs on P7 chips (git-fixes)
- RDMA/bnxt_re: Remove unusable nq variable (git-fixes)
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes)
- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)
- RDMA/core: Fix 'KASAN: slab-use-after-free Read in ib_register_device' problem (git-fixes)
- RDMA/core: Fix use-after-free when rename device name (git-fixes)
- RDMA/core: Silence oversized kvmalloc() warning (git-fixes)
- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)
- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)
- RDMA/hns: Fix invalid sq params not being blocked (git-fixes)
- RDMA/hns: Fix missing xa_destroy() (git-fixes)
- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)
- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)
- RDMA/hns: Fix wrong maximum DMA segment size (git-fixes)
- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- RDMA/mana_ib: Ensure variable err is initialized (git-fixes).
- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).
- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)
- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)
- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)
- RDMA/mlx5: Fix page_size variable overflow (git-fixes)
- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)
- RDMA/rxe: Fix 'trying to register non-static key in rxe_qp_do_cleanup' bug (git-fixes)
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)
- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes)
- RDMA: update patch RDMA-core-Don-t-expose-hw_counters-outside-of-init-n.patch (git-fixes bsc#1239925).
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).
- USB: VLI disk crashes if LPM is used (stable-fixes).
- USB: gadget: core: create sysfs link between udc and gadget (git-fixes).
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).
- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).
- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).
- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).
- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).
- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).
- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).
- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).
- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).
- USB: wdm: add annotation (git-fixes).
- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes).
- USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes).
- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes).
- Update config. Enable HiSi accel VFIO PCI (jsc#PED-12622)
- Update config. Enable SPI DW mmio driver (jsc#PED-12622)
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- accel/ivpu: Fix PM related deadlocks in MS IOCTLs (git-fixes).
- accel/ivpu: Fix deadlock in ivpu_ms_cleanup() (git-fixes).
- accel/ivpu: Fix warning in ivpu_ipc_send_receive_internal() (git-fixes).
- accel/ivpu: Increase DMA address range (PED-12367).
- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).
- accel/qaic: Fix possible data corruption in BOs > 2G (git-fixes).
- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes).
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).
- affs: do not write overlarge OFS data block size fields (git-fixes).
- affs: generate OFS sequence numbers starting at 1 (git-fixes).
- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
- afs: Make it possible to find the volumes that are using a server (git-fixes).
- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes).
- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)
- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)
- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)
- arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes)
- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)
- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)
- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)
- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (bsc#1242778).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (bsc#1242778).
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)
- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)
- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)
- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)
- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)
- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)
- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)
- arm64: insn: Add support for encoding DSB (bsc#1242778).
- arm64: insn: Add support for encoding DSB (git-fixes)
- arm64: mm: Correct the update of max_pfn (git-fixes)
- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (bsc#1242778).
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- arm64: proton-pack: Expose whether the branchy loop k value (bsc#1242778).
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by firmware (bsc#1242778).
- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)
- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).
- asus-laptop: Fix an uninitialized variable (git-fixes).
- ata: ahci: Add mask_port_map module parameter (git-fixes).
- ata: libata-sata: Save all fields from sense data descriptor (git-fixes).
- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).
- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).
- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).
- ata: libata-scsi: Improve CDL control (git-fixes).
- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).
- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).
- ata: pata_parport: add custom version of wait_after_reset (git-fixes).
- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).
- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes).
- ata: pata_serverworks: Do not use the term blacklist (git-fixes).
- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).
- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).
- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes).
- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).
- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).
- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).
- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).
- badblocks: Fix error shitf ops (git-fixes).
- badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes).
- badblocks: fix missing bad blocks on retry in _badblocks_check() (git-fixes).
- badblocks: fix the using of MAX_BADBLOCKS (git-fixes).
- badblocks: return error directly when setting badblocks exceeds 512 (git-fixes).
- badblocks: return error if any badblock set fails (git-fixes).
- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).
- bitmap: Align documentation between bitmap_gather() and bitmap_scatter() (git-fixes).
- bitmap: introduce generic optimized bitmap_size() (git-fixes).
- blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes).
- block: change blk_mq_add_to_batch() third argument type to bool (git-fixes).
- block: fix 'kmem_cache of name 'bio-108' already exists' (git-fixes).
- block: fix conversion of GPT partition name to 7-bit (git-fixes).
- block: fix resource leak in blk_register_queue() error path (git-fixes).
- block: integrity: Do not call set_page_dirty_lock() (git-fixes).
- block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
- bnxt_en: Fix ethtool selftest output in one of the failure cases (git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
- bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes).
- bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes).
- bnxt_en: call pci_alloc_irq_vectors() after bnxt_reserve_rings() (git-fixes).
- bnxt_en: fix module unload sequence (git-fixes).
- bnxt_en: improve TX timestamping FIFO configuration (git-fixes).
- bonding: fix incorrect MAC address setting to receive NS messages (git-fixes).
- bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes).
- bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes).
- bpf: Check size for BTF-based ctx access of pointer members (git-fixes).
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).
- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes).
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- bpf: add find_containing_subprog() utility function (bsc#1241590).
- bpf: avoid holding freeze_mutex during mmap operation (git-fixes).
- bpf: check changes_pkt_data property for extension programs (bsc#1241590).
- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).
- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).
- bpf: fix potential error return (git-fixes).
- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).
- bpf: track changes_pkt_data property for global functions (bsc#1241590).
- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes).
- broadcom: fix supported flag check in periodic output function (git-fixes).
- btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204).
- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).
- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
- btrfs: check delayed refs when we're checking if a ref exists (bsc#1239605).
- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).
- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).
- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).
- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
- btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151).
- btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204).
- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
- btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204).
- btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204).
- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).
- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).
- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).
- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).
- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).
- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- can: bcm: add missing rcu read protection for procfs content (git-fixes).
- can: flexcan: disable transceiver during system PM (git-fixes).
- can: flexcan: only change CAN state when link up in system PM (git-fixes).
- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).
- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).
- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).
- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).
- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).
- can: slcan: allow reception of short error messages (git-fixes).
- can: ucan: fix out of bound read in strscpy() source (git-fixes).
- cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes).
- cgroup/cpuset: Fix error handling in remote_partition_disable() (bsc#1241166).
- cgroup/cpuset: Fix incorrect isolated_cpus update in update_parent_effective_cpumask() (bsc#1241166).
- cgroup/cpuset: Fix spelling errors in file kernel/cgroup/cpuset.c (bsc#1241166).
- char: misc: register chrdev region with all possible minors (git-fixes).
- check-for-config-changes: Fix flag name typo
- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).
- cifs: reduce warning log level for server not advertising interfaces (git-fixes).
- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- counter: fix privdata alignment (git-fixes).
- counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes).
- counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes).
- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).
- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052).
- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052).
- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052).
- cpumask: add cpumask_weight_andnot() (bsc#1239015).
- cpumask: define cleanup function for cpumasks (bsc#1239015).
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes).
- crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes).
- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).
- crypto: ccp - Fix check for the primary ASP device (git-fixes).
- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).
- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).
- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).
- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).
- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).
- crypto: iaa - Change desc->priv to 0 (jsc#PED-12416).
- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).
- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove header table code (jsc#PED-12416).
- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).
- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).
- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).
- crypto: iaa - Test the correct request flag (git-fixes).
- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).
- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).
- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).
- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).
- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).
- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).
- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).
- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).
- crypto: qat - Fix spelling mistake 'Invalide' -> 'Invalid' (jsc#PED-12416).
- crypto: qat - Fix typo 'accelaration' (jsc#PED-12416).
- crypto: qat - Fix typo (jsc#PED-12416).
- crypto: qat - Remove trailing space after \n newline (jsc#PED-12416).
- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).
- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).
- crypto: qat - add auto reset on error (jsc#PED-12416).
- crypto: qat - add bank save and restore flows (jsc#PED-12416).
- crypto: qat - add fatal error notification (jsc#PED-12416).
- crypto: qat - add fatal error notify method (jsc#PED-12416).
- crypto: qat - add heartbeat error simulator (jsc#PED-12416).
- crypto: qat - add interface for live migration (jsc#PED-12416).
- crypto: qat - add shutdown handler to qat_420xx (bsc#1239934).
- crypto: qat - add shutdown handler to qat_4xxx (bsc#1239934).
- crypto: qat - add shutdown handler to qat_c3xxx (bsc#1239934).
- crypto: qat - add shutdown handler to qat_c62x (bsc#1239934).
- crypto: qat - add shutdown handler to qat_dh895xcc (bsc#1239934).
- crypto: qat - add support for 420xx devices (jsc#PED-12416).
- crypto: qat - add support for device telemetry (jsc#PED-12416).
- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).
- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).
- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).
- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).
- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).
- crypto: qat - disable arbitration before reset (jsc#PED-12416).
- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).
- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).
- crypto: qat - fix 'Full Going True' macro definition (jsc#PED-12416).
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).
- crypto: qat - fix comment structure (jsc#PED-12416).
- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).
- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).
- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).
- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).
- crypto: qat - implement dh fallback for primes > 4K (jsc#PED-12416).
- crypto: qat - implement interface for live migration (jsc#PED-12416).
- crypto: qat - improve aer error reset handling (jsc#PED-12416).
- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).
- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).
- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).
- crypto: qat - limit heartbeat notifications (jsc#PED-12416).
- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).
- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).
- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).
- crypto: qat - move fw config related structures (jsc#PED-12416).
- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).
- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).
- crypto: qat - relocate CSR access code (jsc#PED-12416).
- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).
- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).
- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).
- crypto: qat - remove redundant prototypes in qat_c3xxx (bsc#1239934).
- crypto: qat - remove redundant prototypes in qat_c62x (bsc#1239934).
- crypto: qat - remove redundant prototypes in qat_dh895xcc (bsc#1239934).
- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).
- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).
- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).
- crypto: qat - set parity error mask for qat_420xx (git-fixes).
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).
- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).
- crypto: qat - validate slices count returned by FW (jsc#PED-12416).
- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).
- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git-fixes).
- cxl/core/regs.c: Skip Memory Space Enable check for RCD and RCH Ports (bsc#1242125).
- devlink: fix port new reply cmd type (git-fixes).
- dlm: prevent NPD when writing a positive value to event_done (git-fixes).
- dm array: fix cursor index when skipping across block boundaries (git-fixes).
- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).
- dm init: Handle minors larger than 255 (git-fixes).
- dm integrity: fix out-of-range warning (git-fixes).
- dm persistent data: fix memory allocation failure (git-fixes).
- dm resume: do not return EINVAL when signalled (git-fixes).
- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).
- dm thin: Add missing destroy_work_on_stack() (git-fixes).
- dm-bufio: do not schedule in atomic context (git-fixes).
- dm-crypt: do not update io->sector after kcryptd_crypt_write_io_submit() (git-fixes).
- dm-crypt: track tag_offset in convert_context (git-fixes).
- dm-delay: fix hung task introduced by kthread mode (git-fixes).
- dm-delay: fix max_delay calculations (git-fixes).
- dm-delay: fix workqueue delay_timer race (git-fixes).
- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).
- dm-ebs: fix prefetch-vs-suspend race (git-fixes).
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).
- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).
- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).
- dm-integrity: fix a warning on invalid table line (git-fixes).
- dm-integrity: set ti->error on memory allocation failure (git-fixes).
- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).
- dm-verity: fix prefetch-vs-suspend race (git-fixes).
- dm: Fix typo in error message (git-fixes).
- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).
- dm: always update the array size in realloc_argv on success (git-fixes).
- dm: fix copying after src array boundaries (git-fixes).
- dma-buf/sw_sync: Decrement refcount on error in sw_sync_ioctl_get_deadline() (git-fixes).
- dma-buf: insert memory barrier before updating num_fences (git-fixes).
- dmaengine: Revert 'dmaengine: dmatest: Fix dmatest waiting less when interrupted' (git-fixes).
- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).
- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).
- docs: perf: Fix build warning of hisi-pcie-pmu.rst (bsc#1237704)
- docs: perf: Update usage for target filter of hisi-pcie-pmu (bsc#1237704)
- docs: thermal: sync hardware protection doc with code (git-fixes).
- driver core: Remove needless return in void API device_remove_group() (git-fixes).
- drivers/perf: hisi_pcie: Add more events for counting TLP bandwidth (bsc#1237704)
- drivers/perf: hisi_pcie: Check the target filter properly (bsc#1237704)
- drivers/perf: hisi_pcie: Fix incorrect counting under metric mode (bsc#1237704)
- drivers/perf: hisi_pcie: Introduce hisi_pcie_pmu_get_event_ctrl_val() (bsc#1237704)
- drivers/perf: hisi_pcie: Merge find_related_event() and (bsc#1237704)
- drivers/perf: hisi_pcie: Relax the check on related events (bsc#1237704)
- drivers/perf: hisi_pcie: Rename hisi_pcie_pmu_{config,clear}_filter() (bsc#1237704)
- drivers: base: devres: Allow to release group on device release (stable-fixes).
- drm/amd/amdkfd: Evict all queues even HWS remove queue failed (stable-fixes).
- drm/amd/display/dml2: use vzalloc rather than kzalloc (bsc#1241568).
- drm/amd/display: Actually do immediate vblank disable (git-fixes).
- drm/amd/display: Add HP Elitebook 645 to the quirk list for eDP on DP1 (stable-fixes).
- drm/amd/display: Add HP Probook 445 and 465 to the quirk list for eDP on DP1 (stable-fixes).
- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
- drm/amd/display: Copy AUX read reply data whenever length > 0 (git-fixes).
- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).
- drm/amd/display: Do not enable Replay and PSR while VRR is on in amdgpu_dm_commit_planes() (git-fixes).
- drm/amd/display: Do not write DP_MSTM_CTRL after LT (stable-fixes).
- drm/amd/display: Enable urgent latency adjustment on DCN35 (stable-fixes).
- drm/amd/display: Exit idle optimizations before accessing PHY (git-fixes).
- drm/amd/display: Fix gpu reset in multidisplay config (git-fixes).
- drm/amd/display: Fix invalid context error in dml helper (git-fixes).
- drm/amd/display: Fix message for support_edp0_on_dp1 (git-fixes).
- drm/amd/display: Fix out-of-bound accesses (stable-fixes).
- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).
- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).
- drm/amd/display: Force full update in gpu reset (stable-fixes).
- drm/amd/display: Increase vblank offdelay for PSR panels (git-fixes).
- drm/amd/display: Protect FPU in dml21_copy() (git-fixes).
- drm/amd/display: Protect FPU in dml2_init()/dml21_init() (git-fixes).
- drm/amd/display: Protect FPU in dml2_validate()/dml21_validate() (git-fixes).
- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).
- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).
- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).
- drm/amd/display: Temporarily disable hostvm on DCN31 (stable-fixes).
- drm/amd/display: Update Cursor request mode to the beginning prefetch always (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).
- drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes).
- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).
- drm/amd/display: fix an indent issue in DML21 (git-fixes).
- drm/amd/display: fix default brightness (git-fixes).
- drm/amd/display: fix missing .is_two_pixels_per_container (git-fixes).
- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
- drm/amd/display: prevent hang on link training fail (stable-fixes).
- drm/amd/display: stop DML2 from removing pipes based on planes (stable-fixes).
- drm/amd/pm/smu11: Prevent division by zero (git-fixes).
- drm/amd/pm: Prevent division by zero (git-fixes).
- drm/amd/pm: add unique_id for gfx12 (stable-fixes).
- drm/amd/pm: always allow ih interrupt from fw (stable-fixes).
- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
- drm/amd: Handle being compiled without SI or CIK support better (stable-fixes).
- drm/amd: Keep display off while going into S4 (stable-fixes).
- drm/amdgpu/display: Allow DCC for video formats on GFX12 (stable-fixes).
- drm/amdgpu/dma_buf: fix page_link check (git-fixes).
- drm/amdgpu/gfx11: fix num_mec (git-fixes).
- drm/amdgpu/gfx12: correct cleanup of 'me' field with gfx_v12_0_me_fini() (git-fixes).
- drm/amdgpu/gfx12: fix num_mec (git-fixes).
- drm/amdgpu/hdp4: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu/hdp5: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu/hdp6: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu/hdp7: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu/mes11: optimize MES pipe FW version fetching (git-fixes).
- drm/amdgpu/mes12: optimize MES pipe FW version fetching (git-fixes).
- drm/amdgpu/pm: Handle SCLK offset correctly in overdrive for smu 14.0.2 (stable-fixes).
- drm/amdgpu/pm: wire up hwmon fan speed for smu 14.0.2 (stable-fixes).
- drm/amdgpu/umsch: declare umsch firmware (git-fixes).
- drm/amdgpu/umsch: fix ucode check (git-fixes).
- drm/amdgpu/vcn: using separate VCN1_AON_SOC offset (stable-fixes).
- drm/amdgpu: Add back JPEG to video caps for carrizo and newer (git-fixes).
- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).
- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).
- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).
- drm/amdgpu: Fix offset for HDP remap in nbio v7.11 (stable-fixes).
- drm/amdgpu: Increase KIQ invalidate_tlbs timeout (stable-fixes).
- drm/amdgpu: NULL-check BO's backing store when determining GFX12 PTE flags (git-fixes).
- drm/amdgpu: Prefer shadow rom when available (git-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: Remove JPEG from vega and carrizo video caps (stable-fixes).
- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).
- drm/amdgpu: Restore uncached behaviour on GFX12 (stable-fixes).
- drm/amdgpu: Unlocked unmap only clear page table leaves (stable-fixes).
- drm/amdgpu: Use the right function for hdp flush (stable-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- drm/amdgpu: fix warning of drm_mm_clean (git-fixes).
- drm/amdgpu: grab an additional reference on the gang fence v2 (stable-fixes).
- drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes).
- drm/amdgpu: immediately use GTT for new allocations (git-fixes).
- drm/amdgpu: refine smu send msg debug log format (git-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
- drm/amdgpu: use a dummy owner for sysfs triggered cleaner shaders v4 (stable-fixes).
- drm/amdkfd: Fix Circular Locking Dependency in 'svm_range_cpu_invalidate_pagetables' (git-fixes).
- drm/amdkfd: Fix mode1 reset crash issue (stable-fixes).
- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes).
- drm/amdkfd: Fix user queue validation on Gfx7/8 (git-fixes).
- drm/amdkfd: clamp queue size to minimum (stable-fixes).
- drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes).
- drm/ast: Fix ast_dp connection status (git-fixes).
- drm/atomic: Filter out redundant DPMS calls (stable-fixes).
- drm/bridge: Fix spelling mistake 'gettin' -> 'getting' (git-fixes).
- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).
- drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes).
- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).
- drm/debugfs: fix printk format for bridge index (stable-fixes).
- drm/dp_mst: Add a helper to queue a topology probe (stable-fixes).
- drm/dp_mst: Factor out function to queue a topology probe work (stable-fixes).
- drm/dp_mst: Fix drm RAD print (git-fixes).
- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
- drm/fdinfo: Protect against driver unbind (git-fixes).
- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).
- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).
- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).
- drm/i915/color: Extract intel_color_modeset() (stable-fixes).
- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).
- drm/i915/dg2: wait for HuC load completion before running selftests (stable-fixes).
- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro (git-fixes).
- drm/i915/dsi: convert to struct intel_display (stable-fixes).
- drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes).
- drm/i915/huc: Fix fence not released on early probe errors (git-fixes).
- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' (git-fixes).
- drm/i915/vrr: Add vrr.vsync_{start, end} in vrr_params_changed (git-fixes).
- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).
- drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes).
- drm/i915: Disable RPG during live selftest (git-fixes).
- drm/i915: Increase I915_PARAM_MMAP_GTT_VERSION version to indicate support for partial mmaps (git-fixes).
- drm/i915: Plumb 'dsb' all way to the plane hooks (stable-fixes).
- drm/imagination: fix firmware memory leaks (git-fixes).
- drm/imagination: take paired job reference (git-fixes).
- drm/mediatek: Fix config_updating flag never false when no mbox channel (git-fixes).
- drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr (git-fixes).
- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).
- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable-fixes).
- drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable-fixes).
- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).
- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).
- drm/mgag200: Fix value in <VBLKSTR> register (git-fixes).
- drm/mipi-dbi: Fix blanking for non-16 bit formats (git-fixes).
- drm/msm/a6xx+: Do not let IB_SIZE overflow (git-fixes).
- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).
- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).
- drm/msm/dpu: do not set crtc_state->mode_changed from atomic_check() (git-fixes).
- drm/msm/dpu: do not use active in atomic_check() (git-fixes).
- drm/msm/dsi/phy: Program clock inverters in correct register (git-fixes).
- drm/msm/dsi: Add check for devm_kstrdup() (git-fixes).
- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).
- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).
- drm/nouveau: Do not override forced connector status (stable-fixes).
- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).
- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).
- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).
- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).
- drm/panic: fix overindented list items in documentation (git-fixes).
- drm/panic: use `div_ceil` to clean Clippy warning (git-fixes).
- drm/panthor: Update CS_STATUS_ defines to correct values (git-fixes).
- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).
- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).
- drm/repaper: fix integer overflows in repeat functions (git-fixes).
- drm/sched: Fix fence reference count leak (git-fixes).
- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).
- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).
- drm/ssd130x: fix ssd132x encoding (git-fixes).
- drm/sti: remove duplicate object names (git-fixes).
- drm/tests: Add helper to create mock crtc (stable-fixes).
- drm/tests: Add helper to create mock plane (stable-fixes).
- drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git-fixes).
- drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: hdmi: Remove redundant assignments (stable-fixes).
- drm/tests: helpers: Add atomic helpers (stable-fixes).
- drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable-fixes).
- drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes).
- drm/tests: helpers: Fix compiler warning (git-fixes).
- drm/tests: modes: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: modeset: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: shmem: Fix memleak (git-fixes).
- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).
- drm/vkms: Fix use after free and double free on init error (git-fixes).
- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).
- drm/vmwgfx: Use VMware hypercall API (jsc#PED-11518).
- drm/xe/dma_buf: stop relying on placement in unmap (git-fixes).
- drm/xe/hw_engine: define sysfs_ops on all directories (git-fixes).
- drm/xe/pm: Temporarily disable D3Cold on BMG (git-fixes).
- drm/xe/tests/mocs: Hold XE_FORCEWAKE_ALL for LNCF regs (git-fixes).
- drm/xe/tests/mocs: Update xe_force_wake_get() return handling (stable-fixes).
- drm/xe/userptr: Fix an incorrect assert (git-fixes).
- drm/xe/userptr: fix notifier vs folio deadlock (git-fixes).
- drm/xe/vf: Do not try to trigger a full GT reset if VF (stable-fixes).
- drm/xe/xe3lpg: Apply Wa_14022293748, Wa_22019794406 (stable-fixes).
- drm/xe/xelp: Move Wa_16011163337 from tunings to workarounds (stable-fixes).
- drm/xe: Add page queue multiplier (git-fixes).
- drm/xe: Fix GT 'for each engine' workarounds (stable-fixes).
- drm/xe: Fix an out-of-bounds shift when invalidating TLB (git-fixes).
- drm/xe: Fix exporting xe buffers multiple times (git-fixes).
- drm/xe: Release guc ids before cancelling work (git-fixes).
- drm/xe: Remove double pageflip (git-fixes).
- drm/xe: Save CTX_TIMESTAMP mmio value instead of LRC value (git-fixes).
- drm/xe: Set LRC addresses before guc load (git-fixes).
- drm/xe: Use local fence in error path of xe_migrate_clear (git-fixes).
- drm/xe: remove redundant check in xe_vm_create_ioctl() (git-fixes).
- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).
- drm: allow encoder mode_set even when connectors change for crtc (stable-fixes).
- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes).
- drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes).
- drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes).
- drm: panel: jd9365da: fix reset signal polarity in unprepare (git-fixes).
- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).
- dummycon: fix default rows/cols (git-fixes).
- e1000e: change k1 configuration on MTP and later platforms (git-fixes).
- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).
- eth: bnxt: do not use BNXT_VNIC_NTUPLE unconditionally in queue restart logic (git-fixes).
- eth: bnxt: fix memory leak in queue reset (git-fixes).
- eth: bnxt: fix missing ring index trim on error path (git-fixes).
- eth: bnxt: fix out-of-range access of vnic_info array (git-fixes).
- ethtool: Fix context creation with no parameters (git-fixes).
- ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes).
- ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git-fixes).
- ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll() (git-fixes).
- ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes).
- ethtool: fix setting key and resetting indir at once (git-fixes).
- ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes).
- ethtool: netlink: do not return SQI value if link is down (git-fixes).
- ethtool: ntuple: fix rss + ring_cookie check (git-fixes).
- ethtool: plca: fix plca enable data type while parsing the value (git-fixes).
- ethtool: rss: echo the context number back (git-fixes).
- ethtool: rss: fix hiding unsupported fields in dumps (git-fixes).
- exfat: do not fallback to buffered write (git-fixes).
- exfat: drop ->i_size_ondisk (git-fixes).
- exfat: fix potential wrong error return from get_block (git-fixes).
- exfat: fix soft lockup in exfat_clear_bitmap (git-fixes).
- exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes).
- exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes).
- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).
- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).
- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).
- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).
- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).
- ext4: goto right label 'out_mmap_sem' in ext4_setattr() (bsc#1242556).
- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).
- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).
- ext4: protect ext4_release_dquot against freezing (bsc#1242335).
- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536).
- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).
- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538).
- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).
- fbdev: omapfb: Add 'plane' value check (stable-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).
- fbdev: sm501fb: Add some geometry checks (git-fixes).
- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).
- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).
- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).
- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).
- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (git-fixes).
- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).
- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).
- fs/jfs: Prevent integer overflow in AG size calculation (git-fixes).
- fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes).
- fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250).
- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528).
- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).
- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).
- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).
- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).
- gpio: tegra186: fix resource handling in ACPI probe path (git-fixes).
- gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes).
- gpu: cdns-mhdp8546: fix call balance of mhdp->clk handling routines (git-fixes).
- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).
- gve: handle overflow when reporting TX consumed descriptors (git-fixes).
- gve: set xdp redirect target only when it is available (git-fixes).
- gve: unlink old napi only if page pool exists (git-fixes).
- gve: unlink old napi when stopping a queue using queue API (git-fixes).
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable-fixes).
- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).
- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).
- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).
- i2c: atr: Fix wrong include (git-fixes).
- i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes).
- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).
- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).
- i2c: omap: fix IRQ storms (git-fixes).
- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).
- i3c: master: svc: Fix missing the IBI rules (git-fixes).
- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).
- ice: Add check for devm_kzalloc() (git-fixes).
- ice: Avoid setting default Rx VSI twice in switchdev setup (git-fixes).
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).
- ice: Fix switchdev slow-path in LAG (git-fixes).
- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).
- ice: do not configure destination override for switchdev (git-fixes).
- ice: ensure periodic output start time is in the future (git-fixes).
- ice: fix ice_parser_rt::bst_key array size (git-fixes).
- ice: fix input validation for virtchnl BW (git-fixes).
- ice: fix reservation of resources for RDMA when disabled (git-fixes).
- ice: remove invalid parameter of equalizer (git-fixes).
- ice: stop truncating queue ids when checking (git-fixes).
- idpf: Acquire the lock before accessing the xn->salt (git-fixes).
- idpf: check error for register_netdev() on init (git-fixes).
- idpf: fix adapter NULL pointer dereference on reboot (git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure (git-fixes).
- idpf: fix transaction timeouts on reset (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- idpf: record rx queue in skb for RSC packets (git-fixes).
- igb: reject invalid external timestamp requests for 82580-based HW (git-fixes).
- igc: add lock preventing multiple simultaneous PTM transactions (git-fixes).
- igc: cleanup PTP module if probe fails (git-fixes).
- igc: fix PTM cycle trigger logic (git-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes).
- igc: increase wait time before retrying PTM (git-fixes).
- igc: move ktime snapshot into PTM retry loop (git-fixes).
- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).
- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).
- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).
- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).
- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).
- iio: adc: ad7606: fix serial register access (git-fixes).
- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).
- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).
- iio: adis16201: Correct inclinometer channel resolution (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).
- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).
- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).
- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).
- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).
- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
- init: add initramfs_internal.h (bsc#1232848).
- initramfs: allocate heap buffers together (bsc#1232848).
- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).
- input/vmmouse: Use VMware hypercall API (jsc#PED-11518).
- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).
- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).
- intel_th: pci: Add Arrow Lake support (stable-fixes).
- intel_th: pci: Add Panther Lake-H support (stable-fixes).
- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).
- io_uring/sqpoll: Increase task_work submission batch size (bsc#1238585).
- ioam6: improve checks on user data (git-fixes).
- iommu/arm-smmu-v3: Fix pgsize_bit for sva domains (bsc#1243341)
- iommu/vt-d: Assign owner to the static identity domain (bsc#1241193).
- iommu/vt-d: Fix suspicious RCU usage (git-fixes).
- iommu/vt-d: Remove device comparison in context_setup_pass_through_cb (git-fixes).
- iommu: Allow attaching static domains in iommu_attach_device_pasid() (bsc#1241193).
- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- ipv4: Fix incorrect source address in Record Route option (git-fixes).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr (git-fixes).
- ipv4: fix source address selection with route leak (git-fixes).
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes).
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).
- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- ipv6: Align behavior across nexthops during path selection (git-fixes).
- ipv6: Do not consider link down nexthops in path selection (git-fixes).
- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).
- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).
- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).
- ipv6: Start path selection from the first nexthop (git-fixes).
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).
- ipv6: avoid atomic fragment on GSO packets (git-fixes).
- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).
- ipv6: fib: hide unused 'pn' variable (git-fixes).
- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).
- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).
- ipv6: fix potential NULL deref in fib6_add() (git-fixes).
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- ipv6: introduce dst_rt6_info() helper (git-fixes).
- ipv6: ioam: block BH from ioam6_output() (git-fixes).
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).
- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- ipv6: sr: add missing seg6_local_exit (git-fixes).
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).
- ipv6: take care of scope when choosing the src addr (git-fixes).
- irqchip/davinci: Remove leftover header (git-fixes).
- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes).
- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).
- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).
- iwlwifi: correct modinfo firmware ucode (bsc#1243020).
- ixgbe: fix media type detection for E610 device (git-fixes).
- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).
- jbd2: fix off-by-one while erasing journal (bsc#1242344).
- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).
- jbd2: increase IO priority for writing revoke records (bsc#1242332).
- jbd2: increase the journal IO's priority (bsc#1242537).
- jbd2: remove wrong sb->s_sequence check (bsc#1242343).
- jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes).
- jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes).
- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).
- jfs: add check read-only before txBeginAnon() call (git-fixes).
- jfs: add index corruption check to DT_GETPAGE() (git-fixes).
- jfs: add sanity check for agwidth in dbMount (git-fixes).
- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).
- jfs: reject on-disk inodes of an unsupported type (git-fixes).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)
- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).
- kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).
- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).
- kABI workaround for hci_core changes (git-fixes).
- kABI workaround for intel-ish-hid (git-fixes).
- kABI workaround for l2cap_conn changes (git-fixes).
- kABI workaround for powercap update (bsc#1241010).
- kABI workaround for soc_mixer_control changes (git-fixes).
- kbuild: hdrcheck: fix cross build with clang (git-fixes).
- kernel-binary: Support livepatch_rt with merged RT branch
- kernel-obs-qa: Use srchash for dependency as well
- kernel: Bad page map in process stress-ng-vm Revert commit (bsc#1241051)
- kernel: Remove debug flavor (bsc#1243919).
- keys: Fix UAF in key_put() (git-fixes).
- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes).
- kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes).
- kunit: qemu_configs: sparc: use Zilog console (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).
- lib: 842: Improve error handling in sw842_compress() (git-fixes).
- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes).
- libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__default_new() to perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309).
- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: LOOP_SET_FD: send uevents for partitions (git-fixes).
- loop: aio inherit the ioprio of original request (git-fixes).
- loop: do not require ->write_iter for writable files in loop_configure (git-fixes).
- loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes).
- loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes).
- md/raid1,raid10: do not ignore IO flags (git-fixes).
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- md: add a new callback pers->bitmap_sector() (git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md: preserve KABI in struct md_personality v2 (git-fixes).
- mdacon: rework dependency list (git-fixes).
- media: chips-media: wave5: Fix a hang after seeking (git-fixes).
- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly in probe (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly in remove (git-fixes).
- media: i2c: imx214: Rectify probe error handling related to runtime PM (git-fixes).
- media: i2c: imx219: Rectify runtime PM handling in probe and remove (git-fixes).
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).
- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).
- media: intel/ipu6: set the dev_parent of video device to pdev (git-fixes).
- media: omap3isp: Handle ARM dma_iommu_mapping (git-fixes).
- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).
- media: platform: stm32: Add check for clk_enable() (git-fixes).
- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).
- media: streamzap: fix race between device disconnection and urb callback (git-fixes).
- media: streamzap: prevent processing IR data on URB failure (git-fixes).
- media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes).
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).
- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).
- media: venus: hfi: add check to handle incorrect queue size (git-fixes).
- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).
- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).
- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).
- media: vim2m: print device name after registering device (git-fixes).
- media: visl: Fix ERANGE error when setting enum controls (git-fixes).
- mei: me: add panther lake H DID (stable-fixes).
- mei: me: add panther lake P DID (stable-fixes).
- mei: vsc: Fix fortify-panic caused by invalid counted_by() use (git-fixes).
- memblock tests: fix warning: '__ALIGN_KERNEL' redefined (git-fixes).
- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).
- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).
- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).
- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).
- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).
- mfd: syscon: Remove extern from function prototypes (stable-fixes).
- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).
- misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes).
- misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes).
- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).
- mm/readahead: fix large folio support in async readahead (bsc#1242321).
- mm: accept to promo watermark (bsc#1239600).
- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).
- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).
- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).
- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).
- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).
- mm: zswap: move allocations during CPU init outside the lock (git-fixes).
- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).
- mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable-fixes).
- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).
- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes).
- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).
- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).
- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).
- mptcp: fix rcv buffer auto-tuning (bsc#1220419 bsc#1222656 bsc#1236394).
- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).
- mptcp: refine opt_mp_capable determination (git-fixes).
- mptcp: relax check on MPC passive fallback (git-fixes).
- mptcp: strict validation before using mp_opt->hmac (git-fixes).
- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).
- mtd: Add check for devm_kcalloc() (git-fixes).
- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).
- mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes).
- mtd: nand: Fix a kdoc comment (git-fixes).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- mtd: rawnand: Add status chack in r852_ready() (git-fixes).
- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- neighbour: delete redundant judgment statements (git-fixes).
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).
- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
- net/mlx5: Fill out devlink dev info only for PFs (git-fixes).
- net/mlx5: Fix incorrect IRQ pool usage when releasing IRQs (git-fixes).
- net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table() (git-fixes).
- net/mlx5: HWS, Rightsize bwc matcher priority (git-fixes).
- net/mlx5: IRQ, Fix null string in debug print (git-fixes).
- net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git-fixes).
- net/mlx5: Move ttc allocation after switch case to prevent leaks (git-fixes).
- net/mlx5: Restore missing trace event when enabling vport QoS (git-fixes).
- net/mlx5: Start health poll after enable hca (git-fixes).
- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
- net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes).
- net/mlx5e: Fix lock order in mlx5e_tx_reporter_ptpsq_unhealthy_recover (git-fixes).
- net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes).
- net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes).
- net/mlx5e: TC, Continue the attr process even if encap entry is invalid (git-fixes).
- net/mlx5e: Use custom tunnel header for vxlan gbp (git-fixes).
- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).
- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).
- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).
- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).
- net/sched: flower: Add lock protection when remove filter handle (git-fixes).
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (git-fixes).
- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).
- net/tcp: refactor tcp_inet6_sk() (git-fixes).
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).
- net: Handle napi_schedule() calls from non-interrupt (git-fixes).
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).
- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
- net: add dev_net_rcu() helper (bsc#1239994).
- net: annotate data-races around sk->sk_dst_pending_confirm (git-fixes).
- net: annotate data-races around sk->sk_tx_queue_mapping (git-fixes).
- net: blackhole_dev: fix build warning for ethh set but not used (git-fixes).
- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).
- net: do not dump stack on queue timeout (git-fixes).
- net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes).
- net: ethtool: Fix RSS setting (git-fixes).
- net: free_netdev: exit earlier if dummy (bsc#1243215).
- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).
- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).
- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).
- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).
- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).
- net: ipv6: ioam6: code alignment (git-fixes).
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- net: ipv6: ioam6: new feature tunsrc (git-fixes).
- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).
- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).
- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).
- net: mana: Allow variable size indirection table (bsc#1239016).
- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Support holes in device list reply msg (git-fixes).
- net: mana: Switch to page pool for jumbo frames (git-fixes).
- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).
- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).
- net: mark racy access on sk->sk_rcvbuf (git-fixes).
- net: phy: leds: fix memory leak (git-fixes).
- net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).
- net: sctp: fix skb leak in sctp_inq_free() (git-fixes).
- net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes).
- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).
- net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes).
- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).
- net: use unrcu_pointer() helper (git-fixes).
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).
- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).
- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).
- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: sch_sfq: annotate data-races around q->perturb_period (git-fixes).
- net_sched: sch_sfq: handle bigger packets (git-fixes).
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- netlink: specs: rt-link: add an attr layer around alt-ifname (git-fixes).
- netlink: specs: rt-link: adjust mctp attribute naming (git-fixes).
- netlink: specs: rtnetlink: attribute naming corrections (git-fixes).
- netlink: specs: tc: all actions are indexed arrays (git-fixes).
- netlink: specs: tc: fix a couple of attribute names (git-fixes).
- netpoll: Ensure clean state on setup failures (git-fixes).
- netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes).
- nfs: add missing selections of CONFIG_CRC32 (git-fixes).
- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).
- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).
- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes).
- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).
- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).
- ntb: Force physically contiguous allocation of rx ring buffers (git-fixes).
- ntb: intel: Fix using link status DB's (git-fixes).
- ntb: reduce stack usage in idt_scan_mws (stable-fixes).
- ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes).
- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).
- ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes).
- ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes).
- ntb_perf: Fix printk format (git-fixes).
- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).
- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).
- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).
- nvme-ioctl: fix leaked requests on mapping error (git-fixes).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
- nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes).
- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).
- nvme-pci: remove stale comment (git-fixes).
- nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes).
- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).
- nvme-tcp: Fix a C2HTermReq error message (git-fixes).
- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).
- nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes).
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).
- nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git-fixes).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).
- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).
- nvme: move passthrough logging attribute to head (git-fixes).
- nvme: multipath: fix return value of nvme_available_path (git-fixes).
- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvme: unblock ctrl state transition for firmware update (git-fixes).
- nvme: update patch nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch (git-fixes bsc#1235149).
- nvmet-fc: Remove unused functions (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvmet-fcloop: swap list_add_tail arguments (git-fixes).
- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).
- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).
- nvmet: remove old function prototype (git-fixes).
- objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git-fixes).
- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).
- objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes).
- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).
- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).
- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- ocfs2: handle a symlink read error correctly (git-fixes).
- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).
- octeontx2-pf: Do not reallocate all ntuple filters (git-fixes).
- octeontx2-pf: Fix ethtool support for SDP representors (git-fixes).
- octeontx2-pf: handle otx2_mbox_get_rsp errors (git-fixes).
- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
- padata: do not leak refcount in reorder_work (git-fixes).
- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- perf tools: annotate asm_pure_loop.S (bsc#1239906).
- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).
- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)
- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)
- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)
- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).
- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).
- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).
- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).
- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).
- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).
- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).
- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).
- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).
- platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes).
- platform/x86/intel/ifs: Add Clearwater Forest to CPU support list (jsc#PED-10213).
- platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes).
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).
- platform/x86: ISST: Correct command storage data length (git-fixes).
- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).
- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).
- platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes).
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).
- pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes).
- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).
- powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes).
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010).
- powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010).
- powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes).
- powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes).
- powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes).
- powerpc/boot: Check for ld-option support (bsc#1215199).
- powerpc/boot: Fix dash warning (bsc#1215199).
- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).
- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).
- powerpc/pseries/iommu: Fix kmemleak in TCE table userspace view (jsc#PED-10539 git-fixes).
- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- powerpc: Do not use --- in kernel logs (git-fixes).
- powerpc: Stop using no_llseek (bsc#1239573).
- ptp/vmware: Use VMware hypercall API (jsc#PED-11518).
- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes).
- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes).
- pwm: rcar: Improve register calculation (git-fixes).
- qibfs: fix _another_ leak (git-fixes)
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- rcu: Introduce rcu_cpu_online() (git-fixes)
- regulator: check that dummy regulator has been probed before using it (stable-fixes).
- regulator: core: Fix deadlock in create_regulator() (git-fixes).
- regulator: dummy: force synchronous probing (git-fixes).
- regulator: max20086: fix invalid memory access (git-fixes).
- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).
- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).
- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf sle_version was obsoleted for SLE16. It has to be combined with suse_version check (bsc#1239986).
- rpm/package-descriptions: Add rt and rt_debug descriptions
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).
- rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013).
- s390/ap: Fix CCA crypto card behavior within protected execution environment (git-fixes bsc#1243817 LTC#213623).
- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
- s390/cio: Fix CHPID 'configure' attribute caching (git-fixes bsc#1240979).
- s390/cpumf: Update CPU Measurement facility extended counter set support (bsc#1243115).
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes).
- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978).
- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).
- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).
- s390: Add z17 elf platform (bsc#1243116).
- sched/fair: Fix CPU bandwidth limit bypass during CPU hotplug (BSC#1241319).
- sched/fair: Fix CPU bandwidth limit bypass during CPU hotplug (bsc#1241319).
- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)
- sched/topology: Refinement to topology_span_sane speedup (bsc#1242119).
- sched/topology: improve topology_span_sane speed (bsc#1242119).
- sched: Add deprecation warning for users of RT_GROUP_SCHED (jsc#PED-11761 jsc#PED-12405).
- scsi: Improve CDL control (git-fixes).
- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
- scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes).
- scsi: fnic: Fix indentation and remove unnecessary parenthesis (git-fixes).
- scsi: fnic: Remove unnecessary debug print (git-fixes).
- scsi: fnic: Remove unnecessary spinlock locking and unlocking (git-fixes).
- scsi: fnic: Replace fnic->lock_flags with local flags (git-fixes).
- scsi: fnic: Replace use of sizeof with standard usage (git-fixes).
- scsi: hisi_sas: Check whether debugfs is enabled before removing or (bsc#1237546)
- scsi: hisi_sas: Enable force phy when SATA disk directly connected (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: hisi_sas: Remove hisi_hba->timer for v3 hw (bsc#1237545)
- scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes).
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).
- scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag (git-fixes).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (bsc#1241388 jsc#PED-11258).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: megaraid_sas: Driver version update to 07.734.00.00-rc1 (bsc#1241388 jsc#PED-11258).
- scsi: megaraid_sas: Make most module parameters static (bsc#1241388 jsc#PED-11258).
- scsi: mpi3mr: Add level check to control event logging (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Avoid reply queue full condition (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Check admin reply queue from Watchdog (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Fix locking in an error path (git-fixes).
- scsi: mpi3mr: Fix pending I/O counter (git-fixes).
- scsi: mpi3mr: Fix spelling mistake 'skiping' -> 'skipping' (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Handling of fault code for insufficient power (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Reset the pending interrupt flag (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Support for Segmented Hardware Trace buffer (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Synchronize access to ioctl data buffer (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Task Abort EH Support (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Update MPI Headers to revision 35 (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Update driver version to 8.12.0.3.50 (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Update driver version to 8.12.1.0.50 (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Update driver version to 8.13.0.5.50 (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Update timestamp only for supervisor IOCs (bsc#1241388 jsc#PED-12372).
- scsi: mpt3sas: Add details to EEDPTagMode error message (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Add support for MCTP Passthrough commands (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Fix a locking bug in an error path (git-fixes).
- scsi: mpt3sas: Fix buffer overflow in mpt3sas_send_mctp_passthru_req() (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Fix spelling mistake 'receveid' -> 'received' (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes).
- scsi: mpt3sas: Remove unused config functions (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Report driver capability as part of IOCINFO command (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Send a diag reset if target reset fails (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Update MPI headers to 02.00.62 version (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: update driver version to 52.100.00.00 (bsc#1241388 jsc#PED-11253).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).
- scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes).
- scsi: smartpqi: Use is_kdump_kernel() to check for kdump (git-fixes).
- sctp: Fix undefined behavior in left shift operation (git-fixes).
- sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes).
- sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes).
- sctp: fix association labeling in the duplicate COOKIE-ECHO case (git-fixes).
- sctp: fix busy polling (git-fixes).
- sctp: prefer struct_size over open coded arithmetic (git-fixes).
- sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes).
- security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375).
- selftests/bpf: Add a few tests to cover (git-fixes).
- selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes).
- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).
- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).
- selftests/bpf: test for changing packet data from global functions (bsc#1241590).
- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).
- selftests/futex: futex_waitv wouldblock test should fail (git-fixes).
- selftests/mm/cow: fix the incorrect error handling (git-fixes).
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
- selftests/mm: generate a temporary mountpoint for cgroup filesystem (git-fixes).
- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).
- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).
- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).
- selinux: Implement mptcp_add_subflow hook (bsc#1240375).
- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).
- serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes).
- serial: msm: Configure correct working mode before starting earlycon (git-fixes).
- serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes).
- series.conf: temporarily disable patches.suse/md-md-bitmap-fix-writing-non-bitmap-pages-ab99.patch (bsc#1238212)
- smb: client: destroy cfid_put_wq on module exit (git-fixes).
- smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265).
- smb: client: fix open_cached_dir retries with 'hard' mount option (bsc#1240616).
- soc: imx8m: Remove global soc_uid (stable-fixes).
- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).
- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).
- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).
- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).
- soc: qcom: pdr: Fix the potential deadlock (git-fixes).
- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).
- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).
- soundwire: bus: Fix race on the creation of the IRQ domain (git-fixes).
- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).
- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).
- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).
- spi: tegra114: Use value to check for invalid delays (git-fixes).
- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).
- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).
- splice: do not checksum AF_UNIX sockets (bsc#1240333).
- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).
- sqpoll: increase tw batch size (bsc#1238585).
- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).
- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).
- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).
- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).
- string: Add load_unaligned_zeropad() code path to sized_strscpy() (git-fixes).
- supported.conf: Mark HiSi DMA controller as supported (jsc#PED-12622)
- supported.conf: Mark HiSi PMU drivers as supported (jsc#PED-12622)
- supported.conf: Mark HiSi TRNG v2 as supported (jsc#PED-12622)
- supported.conf: add now-included qat_420xx (external, intel)
- tcp: Add memory barrier to tcp_push() (git-fixes).
- tcp: Adjust clamping window for applications specifying SO_RCVBUF (bsc#1220419 bsc#1222656 bsc#1236394).
- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset (git-fixes).
- tcp: Defer ts_recent changes until req is owned (git-fixes).
- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).
- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).
- tcp: Update window clamping condition (bsc#1220419 bsc#1222656 bsc#1236394).
- tcp: Update window clamping condition (git-fixes).
- tcp: add tcp_done_with_error() helper (git-fixes).
- tcp: adjust rcvq_space after updating scaling ratio (bsc#1220419 bsc#1222656 bsc#1236394).
- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).
- tcp: annotate data-races around tp->window_clamp (bsc#1220419 bsc#1222656 bsc#1236394).
- tcp: annotate data-races around tp->window_clamp (git-fixes).
- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).
- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).
- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).
- tcp: check space before adding MPTCP SYN options (git-fixes).
- tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).
- tcp: define initial scaling factor value as a macro (bsc#1220419 bsc#1222656 bsc#1236394).
- tcp: define initial scaling factor value as a macro (git-fixes).
- tcp: derive delack_max from rto_min (git-fixes).
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).
- tcp: fix cookie_init_timestamp() overflows (git-fixes).
- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).
- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).
- tcp: fix mid stream window clamp (git-fixes).
- tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes).
- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).
- tcp: fix race in tcp_write_err() (git-fixes).
- tcp: fix races in tcp_abort() (git-fixes).
- tcp: fix races in tcp_v_err() (git-fixes).
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe (git-fixes).
- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).
- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).
- tcp: get rid of sysctl_tcp_adv_win_scale (bsc#1220419 bsc#1222656 bsc#1236394).
- tcp: increase the default TCP scaling ratio (bsc#1220419 bsc#1222656 bsc#1236394).
- tcp: increase the default TCP scaling ratio (git-fixes).
- tcp: introduce tcp_clock_ms() (git-fixes).
- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).
- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).
- tcp: remove 64 KByte limit for initial tp->rcv_wnd value (git-fixes).
- tcp: replace tcp_time_stamp_raw() (git-fixes).
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).
- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
- thermal/drivers/mediatek/lvts: Disable Stage 3 thermal threshold (git-fixes).
- thermal/drivers/mediatek/lvts: Disable monitor mode during suspend (git-fixes).
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).
- thermal: int340x: Add NULL check for adev (git-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).
- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).
- tools/hv: update route parsing in kvp daemon (git-fixes).
- tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175).
- tools/power turbostat: report CoreThr per measurement interval (git-fixes).
- tools: move alignment-related macros to new <linux/align.h> (git-fixes).
- topology: Set capacity_freq_ref in all cases (bsc#1238052)
- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).
- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).
- tpm: do not start chip while suspended (git-fixes).
- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).
- tpm: tis: Double the timeout B to 4s (bsc#1235870).
- tpm_tis: Move CRC check to generic send routine (bsc#1235870).
- tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870).
- tty: Require CAP_SYS_ADMIN for all usages of TIOCL_SELMOUSEREPORT (git-fixes).
- tty: n_tty: use uint for space returned by tty_write_room() (git-fixes).
- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).
- tty: serial: 8250: Add some more device IDs (stable-fixes).
- tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes).
- tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes).
- ubi: Add a check for ubi_num (git-fixes).
- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).
- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).
- ubi: correct the calculation of fastmap size (stable-fixes).
- ubi: eba: properly rollback inside self_check_eba (git-fixes).
- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).
- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).
- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).
- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).
- ublk: set_params: properly check if parameters can be applied (git-fixes).
- ucsi_ccg: Do not show failed to get FW build information error (git-fixes).
- udf: Fix inode_getblk() return value (bsc#1242313).
- udf: Skip parent dir link count update if corrupted (bsc#1242315).
- udf: Verify inode link counts before performing rename (bsc#1242314).
- usb: cdns3: Fix deadlock when using NCM gadget (git-fixes).
- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).
- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git-fixes).
- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git-fixes).
- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).
- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).
- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).
- usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes).
- usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes).
- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).
- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).
- usb: gadget: f_ecm: Add get_status callback (git-fixes).
- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).
- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).
- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).
- usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func (stable-fixes).
- usb: phy: generic: Use proper helper for property detection (stable-fixes).
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).
- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).
- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).
- usb: uhci-platform: Make the clock really optional (git-fixes).
- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).
- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).
- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).
- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).
- usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running (stable-fixes).
- usb: xhci: Do not skip on Stopped - Length Invalid (git-fixes).
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (stable-fixes).
- usb: xhci: Fix invalid pointer dereference in Etron workaround (git-fixes).
- usb: xhci: correct debug message page size calculation (git-fixes).
- usb: xhci: remove 'retval' from xhci_pci_resume() (git-fixes).
- usbnet:fix NPE during rx_complete (git-fixes).
- vboxsf: fix building with GCC 15 (stable-fixes).
- vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes).
- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).
- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).
- video: screen_info: Update framebuffers behind PCI bridges (bsc#1240696).
- virtchnl: make proto and filter action count unsigned (git-fixes).
- virtio_console: fix missing byte order handling for cols and rows (git-fixes).
- vmxnet3: Fix tx queue race condition with XDP (bsc#1241394).
- vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394).
- wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes).
- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).
- wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode (git-fixes).
- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).
- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).
- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).
- wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes).
- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).
- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).
- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).
- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).
- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).
- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes).
- wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable-fixes).
- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).
- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).
- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).
- wifi: brcmfmac: keep power during suspend if board requires it (stable-fixes).
- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).
- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).
- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).
- wifi: iwlwifi: do not warn if the NIC is gone in resume (git-fixes).
- wifi: iwlwifi: fix the check for the SCRATCH register upon resume (git-fixes).
- wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes).
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).
- wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes).
- wifi: iwlwifi: pcie: Fix TSO preparation (git-fixes).
- wifi: iwlwifi: support BIOS override for 5G9 in CA also in LARI version 8 (stable-fixes).
- wifi: mac80211, cfg80211: miscellaneous spelling fixes (git-fixes).
- wifi: mac80211: Cleanup sta TXQs on flush (stable-fixes).
- wifi: mac80211: Fix sparse warning for monitor_sdata (git-fixes).
- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes).
- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).
- wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (git-fixes).
- wifi: mac80211: check basic rates validity in sta_link_apply_parameters (git-fixes).
- wifi: mac80211: do not queue sdata::work for a non-running sdata (git-fixes).
- wifi: mac80211: ensure sdata->work is canceled before initialized (stable-fixes).
- wifi: mac80211: fix SA Query processing in MLO (stable-fixes).
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).
- wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes).
- wifi: mac80211: remove debugfs dir for virtual monitor (stable-fixes).
- wifi: mt76: Add check for devm_kstrdup() (git-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable-fixes).
- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).
- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).
- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).
- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).
- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).
- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).
- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).
- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).
- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).
- wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes).
- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).
- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).
- x86/bugs: Add RSB mitigation document (git-fixes).
- x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes).
- x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes).
- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).
- x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes).
- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).
- x86/coco: Replace 'static const cc_mask' with the newly introduced cc_get_mask() function (git-fixes).
- x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes).
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).
- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).
- x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes).
- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).
- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).
- x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes).
- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).
- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- x86/microcode/32: Move early loading after paging enable (git-fixes).
- x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes).
- x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes).
- x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes).
- x86/microcode/AMD: Split load_microcode_amd() (git-fixes).
- x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes).
- x86/microcode/amd: Cache builtin microcode too (git-fixes).
- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).
- x86/microcode/amd: Use cached microcode for AP load (git-fixes).
- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).
- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).
- x86/microcode/intel: Cleanup code further (git-fixes).
- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).
- x86/microcode/intel: Remove debug code (git-fixes).
- x86/microcode/intel: Remove pointless mutex (git-fixes).
- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).
- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).
- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).
- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).
- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).
- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).
- x86/microcode/intel: Set new revision only after a successful update (git-fixes).
- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).
- x86/microcode/intel: Simplify early loading (git-fixes).
- x86/microcode/intel: Simplify scan_microcode() (git-fixes).
- x86/microcode/intel: Switch to kvmalloc() (git-fixes).
- x86/microcode/intel: Unify microcode apply() functions (git-fixes).
- x86/microcode: Add per CPU control field (git-fixes).
- x86/microcode: Add per CPU result state (git-fixes).
- x86/microcode: Clarify the late load logic (git-fixes).
- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).
- x86/microcode: Get rid of the schedule work indirection (git-fixes).
- x86/microcode: Handle 'nosmt' correctly (git-fixes).
- x86/microcode: Handle 'offline' CPUs correctly (git-fixes).
- x86/microcode: Hide the config knob (git-fixes).
- x86/microcode: Include vendor headers into microcode.h (git-fixes).
- x86/microcode: Make reload_early_microcode() static (git-fixes).
- x86/microcode: Mop up early loading leftovers (git-fixes).
- x86/microcode: Move core specific defines to local header (git-fixes).
- x86/microcode: Prepare for minimal revision check (git-fixes).
- x86/microcode: Protect against instrumentation (git-fixes).
- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).
- x86/microcode: Provide new control functions (git-fixes).
- x86/microcode: Remove microcode_mutex (git-fixes).
- x86/microcode: Remove pointless apply() invocation (git-fixes).
- x86/microcode: Remove the driver announcement and version (git-fixes).
- x86/microcode: Rendezvous and load in NMI (git-fixes).
- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).
- x86/microcode: Rework early revisions reporting (git-fixes).
- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).
- x86/mm: Remove unused microcode.h include (git-fixes).
- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- x86/sev: Move sev_setup_arch() to mem_encrypt.c (bsc#1239314).
- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).
- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).
- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).
- x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes).
- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes).
- x86/vmware: Add TDX hypercall support (jsc#PED-11518).
- x86/vmware: Correct macro names (jsc#PED-11518).
- x86/vmware: Introduce VMware hypercall API (jsc#PED-11518).
- x86/vmware: Remove legacy VMWARE_HYPERCALL* macros (jsc#PED-11518).
- x86/vmware: Use VMware hypercall API (jsc#PED-11518).
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- xenfs/xensyms: respect hypervisor's 'next' indication (git-fixes).
- xfs: flush inodegc before swapon (git-fixes).
- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).
- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).
- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).
- xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550).
- xhci: Limit time spent with xHC interrupts disabled during bus resume (stable-fixes).
- xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550).
- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).
- xhci: dbc: Convert to use sysfs_streq() (git-fixes).
- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).
- xhci: dbc: Fix STALL transfer event handling (git-fixes).
- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).
- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).
- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).
- xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550).
- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).
- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).
- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).
- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).
- xhci: pci: Use standard pattern for device IDs (git-fixes).
- xhci: split free interrupter into separate remove and free parts (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- xsk: Do not assume metadata is always requested in TX completion (git-fixes).
- zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167).
Patchnames
SUSE-2025-1951,SUSE-SLE-Module-Basesystem-15-SP7-2025-1951,SUSE-SLE-Module-Development-Tools-15-SP7-2025-1951,SUSE-SLE-Module-Legacy-15-SP7-2025-1951,SUSE-SLE-Module-Live-Patching-15-SP7-2025-1951,SUSE-SLE-Product-HA-15-SP7-2025-1951,SUSE-SLE-Product-WE-15-SP7-2025-1951
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP7 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).\n- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).\n- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).\n- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).\n- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).\n- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).\n- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).\n- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).\n- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).\n- CVE-2024-49570: drm/xe/tracing: Fix a potential TP_printk UAF (bsc#1238782).\n- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).\n- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).\n- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).\n- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).\n- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).\n- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).\n- CVE-2024-53124: net: fix data-races around sk-\u003esk_forward_alloc (bsc#1234074).\n- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).\n- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).\n- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).\n- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).\n- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).\n- CVE-2024-56638: kABI fix for \u0027netfilter: nft_inner: incorrect percpu area handling under softirq\u0027 (bsc#1235524).\n- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).\n- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).\n- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).\n- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).\n- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).\n- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).\n- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).\n- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).\n- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).\n- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).\n- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).\n- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).\n- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).\n- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).\n- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).\n- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).\n- CVE-2024-58074: drm/i915: Grab intel_display from the encoder to avoid potential (bsc#1238972).\n- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).\n- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).\n- CVE-2024-58091: drm/fbdev-dma: Add shadow buffering for deferred I/O (bsc#1240174).\n- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy (bsc#1236111).\n- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).\n- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).\n- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).\n- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).\n- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1237312).\n- CVE-2025-21703: netem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).\n- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).\n- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).\n- CVE-2025-21717: net/mlx5e: add missing cpu_to_node to kvzalloc_node in mlx5e_open_xdpredirect_sq (bsc#1238866).\n- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).\n- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).\n- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).\n- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).\n- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).\n- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).\n- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).\n- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).\n- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).\n- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).\n- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).\n- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).\n- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).\n- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).\n- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).\n- CVE-2025-21800: net/mlx5: HWS, fix definer\u0027s HWS_SET32 macro for negative offset (bsc#1238743).\n- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).\n- CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742).\n- CVE-2025-21812: ax25: rcu protect dev-\u003eax25_ptr (bsc#1238471).\n- CVE-2025-21814: ptp: Ensure info-\u003eenable callback is always set (bsc#1238473).\n- CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108).\n- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).\n- CVE-2025-21837: io_uring/uring_cmd: unconditionally copy SQEs at prep time (bsc#1239064).\n- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).\n- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).\n- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).\n- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).\n- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).\n- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).\n- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).\n- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).\n- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).\n- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).\n- CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181).\n- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).\n- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).\n- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).\n- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).\n- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).\n- CVE-2025-21882: net/mlx5: Fix vport QoS cleanup on error (bsc#1240187).\n- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).\n- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).\n- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).\n- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).\n- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).\n- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).\n- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).\n- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).\n- CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576).\n- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).\n- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).\n- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).\n- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).\n- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).\n- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error (bsc#1240720).\n- CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713).\n- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).\n- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).\n- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level \u003e 2 (bsc#1240742).\n- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).\n- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).\n- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).\n- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).\n- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).\n- CVE-2025-21969: kABI workaround for l2cap_conn changes (bsc#1240784).\n- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).\n- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).\n- CVE-2025-21973: eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx} (bsc#1240803).\n- CVE-2025-21974: eth: bnxt: return fail if interface is down in bnxt_queue_mem_alloc() (bsc#1240800).\n- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).\n- CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809).\n- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).\n- CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811).\n- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).\n- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).\n- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).\n- CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944).\n- CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934).\n- CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936).\n- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).\n- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).\n- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).\n- CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426).\n- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).\n- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).\n- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).\n- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).\n- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).\n- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).\n- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).\n- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).\n- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).\n- CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416).\n- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).\n- CVE-2025-22094: powerpc/perf: Fix ref-counting on the PMU \u0027vpa_pmu\u0027 (bsc#1241512).\n- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).\n- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).\n- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).\n- CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548).\n- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).\n- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).\n- CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593).\n- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).\n- CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451).\n- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).\n- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).\n- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).\n- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).\n- CVE-2025-23154: io_uring/net: fix io_req_post_cqe abuse by send bundle (bsc#1242533).\n- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).\n- CVE-2025-37747: kABI workaround for perf-Fix-hang-while-freeing-sigtrap-event (References: bsc#1242520).\n- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).\n- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).\n- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).\n- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).\n- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).\n- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).\n- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).\n- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).\n- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).\n- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).\n- CVE-2025-37798: codel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414).\n- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).\n- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).\n- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).\n- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).\n- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).\n- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).\n- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).\n- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).\n- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).\n- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).\n- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).\n- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).\n- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).\n- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).\n- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).\n- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).\n- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).\n- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).\n- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).\n- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).\n- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).\n- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).\n- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).\n- CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626).\n\nThe following non-security bugs were fixed:\n\n- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).\n- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).\n- ACPI: PPTT: Fix processor subtable walk (git-fixes).\n- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).\n- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).\n- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable-fixes).\n- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes).\n- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).\n- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).\n- ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes).\n- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).\n- ALSA: hda/realtek: Bass speaker fixup for ASUS UM5606KA (stable-fixes).\n- ALSA: hda/realtek: Enable Mute LED on HP OMEN 16 Laptop xd000xx (stable-fixes).\n- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git-fixes).\n- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).\n- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).\n- ALSA: hda/realtek: fix micmute LEDs on HP Laptops with ALC3315 (stable-fixes).\n- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).\n- ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes).\n- ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes).\n- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).\n- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).\n- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).\n- ALSA: timer: Do not take register_mutex with copy_from/to_user() (git-fixes).\n- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).\n- ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044).\n- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).\n- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).\n- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).\n- ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes).\n- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).\n- ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes).\n- ASoC: Intel: sof_sdw: Fix unlikely uninitialized variable use in create_sdw_dailinks() (git-fixes).\n- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).\n- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).\n- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).\n- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).\n- ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable-fixes).\n- ASoC: Use of_property_read_bool() (stable-fixes).\n- ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes).\n- ASoC: amd: acp: Fix for enabling DMIC on acp platforms via _DSD entry (git-fixes).\n- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).\n- ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes).\n- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).\n- ASoC: codecs: rt5665: Fix some error handling paths in rt5665_probe() (git-fixes).\n- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).\n- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes).\n- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes).\n- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).\n- ASoC: cs42l43: Fix maximum ADC Volume (git-fixes).\n- ASoC: cs42l43: Reset clamp override on jack removal (git-fixes).\n- ASoC: dwc: always enable/disable i2s irqs (git-fixes).\n- ASoC: fsl: fsl_qmc_audio: Reset audio data pointers on TRIGGER_START event (git-fixes).\n- ASoC: fsl_audmix: register card device depends on \u0027dais\u0027 property (stable-fixes).\n- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).\n- ASoC: ops: Consistently treat platform_max as control value (git-fixes).\n- ASoC: q6apm-dai: make use of q6apm_get_hw_pointer (git-fixes).\n- ASoC: q6apm-dai: schedule all available frames to avoid dsp under-runs (git-fixes).\n- ASoC: q6apm: add q6apm_get_hw_pointer helper (git-fixes).\n- ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes).\n- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes).\n- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes).\n- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git-fixes).\n- ASoC: rt722-sdca: add missing readable registers (git-fixes).\n- ASoC: simple-card-utils.c: add missing dlc-\u003eof_node (stable-fixes).\n- ASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction (git-fixes).\n- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).\n- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).\n- ASoC: tas2764: Fix power control mask (stable-fixes).\n- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).\n- ASoC: tas2770: Fix volume scale (stable-fixes).\n- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).\n- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).\n- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).\n- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).\n- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).\n- Bluetooth: L2CAP: Fix corrupted list in hci_chan_del (git-fixes).\n- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).\n- Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd (stable-fixes).\n- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).\n- Bluetooth: btintel_pcie: Add additional to checks to clear TX/RX paths (git-fixes).\n- Bluetooth: btnxpuart: Fix kernel panic during FW release (git-fixes).\n- Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes).\n- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).\n- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).\n- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).\n- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).\n- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes).\n- Bluetooth: hci_uart: Fix another race during initialization (git-fixes).\n- Bluetooth: hci_uart: fix race during initialization (stable-fixes).\n- Bluetooth: l2cap: Check encryption key size on incoming connection (git-fixes).\n- Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes).\n- Bluetooth: qca: simplify WCN399x NVM loading (stable-fixes).\n- Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes).\n- Documentation: qat: fix auto_reset attribute details (git-fixes).\n- Documentation: qat: fix auto_reset section (git-fixes).\n- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).\n- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).\n- EDAC/i10nm: Add Intel Clearwater Forest server support (jsc#PED-10190).\n- Fix mismerge from SLE15-SP6 to SLE15-SP7 (bsc#1241591)\n- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).\n- HID: Enable playstation driver independently of sony driver (git-fixes).\n- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).\n- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).\n- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).\n- HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable-fixes).\n- HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes).\n- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).\n- HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove() (git-fixes).\n- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).\n- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).\n- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).\n- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).\n- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).\n- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).\n- IB/cm: use rwlock for MAD agent lock (git-fixes)\n- IB/mad: Check available slots before posting receive WRs (git-fixes)\n- Input: ads7846 - fix gpiod allocation (git-fixes).\n- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).\n- Input: cyttsp5 - fix power control issue on wakeup (git-fixes).\n- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).\n- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).\n- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).\n- Input: iqs7222 - preserve system status register (git-fixes).\n- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).\n- Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git-fixes).\n- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).\n- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).\n- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).\n- Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes).\n- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).\n- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).\n- Input: xpad - add multiple supported devices (stable-fixes).\n- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).\n- Input: xpad - add support for TECNO Pocket Go (stable-fixes).\n- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).\n- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).\n- Input: xpad - fix two controller table values (git-fixes).\n- Input: xpad - rename QH controller to Legion Go S (stable-fixes).\n- KVM: PPC: Book3S HV: Fix IRQ map warnings with XICS on pSeries KVM Guest (bsc#1242205 ltc#212592).\n- KVM: PPC: Enable CAP_SPAPR_TCE_VFIO on pSeries KVM guests (jsc#PED-10539 git-fixes).\n- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).\n- KVM: SVM: Do not change target vCPU state on AP Creation VMGEXIT error (git-fixes).\n- KVM: SVM: Drop DEBUGCTL[5:2] from guest\u0027s effective value (git-fixes).\n- KVM: SVM: Refuse to attempt VRMUN if an SEV-ES+ guest had an invalid VMSA (git-fixes).\n- KVM: SVM: Save host DR masks on CPUs with DebugSwap (jsc#PED-348).\n- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).\n- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).\n- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).\n- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).\n- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).\n- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).\n- KVM: arm64: Mark some header functions as inline (git-fixes).\n- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).\n- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).\n- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).\n- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).\n- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).\n- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).\n- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).\n- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).\n- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).\n- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).\n- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).\n- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).\n- KVM: update patch KVM-PPC-Enable-CAP_SPAPR_TCE_VFIO-on-pSeries-KVM-gue.patch (jsc#PED-10539 git-fixes bsc#1240419 ltc#212279).\n- KVM: x86/mmu: Check and free obsolete roots in kvm_mmu_reload() (git-fixes).\n- KVM: x86/xen: Use guest\u0027s copy of pvclock when starting timer (git-fixes).\n- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).\n- KVM: x86: Check that the high 32bits are clear in kvm_arch_vcpu_ioctl_run() (git-fixes).\n- KVM: x86: Do not take kvm-\u003elock when iterating over vCPUs in suspend notifier (git-fixes).\n- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).\n- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn\u0027t supported by KVM (git-fixes).\n- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).\n- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).\n- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).\n- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).\n- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).\n- KVM: x86: block KVM_CAP_SYNC_REGS if guest state is protected (git-fixes).\n- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).\n- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn\u0027t up (git-fixes).\n- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).\n- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).\n- OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961)\n- PCI/ACS: Fix \u0027pci=config_acs=\u0027 parameter (git-fixes).\n- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).\n- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git-fixes).\n- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).\n- PCI: Avoid reset when disabled via sysfs (git-fixes).\n- PCI: Drop patch that caused a regression (bsc#1241123).\n- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).\n- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).\n- PCI: Fix reference leak in pci_register_host_bridge() (git-fixes).\n- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).\n- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).\n- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).\n- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).\n- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).\n- PCI: brcmstb: Use internal register to change link capability (git-fixes).\n- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).\n- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).\n- PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes).\n- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).\n- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes).\n- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).\n- PM: sleep: Adjust check before setting power.must_resume (git-fixes).\n- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).\n- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).\n- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)\n- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)\n- RDMA/bnxt_re: Fix allocation of QP table (git-fixes)\n- RDMA/bnxt_re: Fix budget handling of notification queue (git-fixes)\n- RDMA/bnxt_re: Fix reporting maximum SRQs on P7 chips (git-fixes)\n- RDMA/bnxt_re: Remove unusable nq variable (git-fixes)\n- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)\n- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes)\n- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)\n- RDMA/core: Fix \u0027KASAN: slab-use-after-free Read in ib_register_device\u0027 problem (git-fixes)\n- RDMA/core: Fix use-after-free when rename device name (git-fixes)\n- RDMA/core: Silence oversized kvmalloc() warning (git-fixes)\n- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)\n- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)\n- RDMA/hns: Fix invalid sq params not being blocked (git-fixes)\n- RDMA/hns: Fix missing xa_destroy() (git-fixes)\n- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)\n- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)\n- RDMA/hns: Fix wrong maximum DMA segment size (git-fixes)\n- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)\n- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)\n- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)\n- RDMA/mana_ib: Ensure variable err is initialized (git-fixes).\n- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).\n- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)\n- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)\n- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)\n- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)\n- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)\n- RDMA/mlx5: Fix page_size variable overflow (git-fixes)\n- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)\n- RDMA/rxe: Fix \u0027trying to register non-static key in rxe_qp_do_cleanup\u0027 bug (git-fixes)\n- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)\n- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)\n- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes)\n- RDMA: update patch RDMA-core-Don-t-expose-hw_counters-outside-of-init-n.patch (git-fixes bsc#1239925).\n- Squashfs: check return result of sb_min_blocksize (git-fixes).\n- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).\n- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).\n- USB: VLI disk crashes if LPM is used (stable-fixes).\n- USB: gadget: core: create sysfs link between udc and gadget (git-fixes).\n- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).\n- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).\n- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).\n- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).\n- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).\n- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).\n- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).\n- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).\n- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).\n- USB: wdm: add annotation (git-fixes).\n- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes).\n- USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes).\n- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes).\n- Update config. Enable HiSi accel VFIO PCI (jsc#PED-12622)\n- Update config. Enable SPI DW mmio driver (jsc#PED-12622)\n- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).\n- accel/ivpu: Fix PM related deadlocks in MS IOCTLs (git-fixes).\n- accel/ivpu: Fix deadlock in ivpu_ms_cleanup() (git-fixes).\n- accel/ivpu: Fix warning in ivpu_ipc_send_receive_internal() (git-fixes).\n- accel/ivpu: Increase DMA address range (PED-12367).\n- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).\n- accel/qaic: Fix possible data corruption in BOs \u003e 2G (git-fixes).\n- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes).\n- add bug reference for an existing hv_netvsc change (bsc#1243737).\n- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).\n- affs: do not write overlarge OFS data block size fields (git-fixes).\n- affs: generate OFS sequence numbers starting at 1 (git-fixes).\n- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).\n- afs: Make it possible to find the volumes that are using a server (git-fixes).\n- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes).\n- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)\n- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)\n- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)\n- arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes)\n- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)\n- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)\n- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)\n- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)\n- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (bsc#1242778).\n- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)\n- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (bsc#1242778).\n- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)\n- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)\n- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)\n- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)\n- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)\n- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)\n- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)\n- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)\n- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)\n- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)\n- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)\n- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)\n- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)\n- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)\n- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)\n- arm64: insn: Add support for encoding DSB (bsc#1242778).\n- arm64: insn: Add support for encoding DSB (git-fixes)\n- arm64: mm: Correct the update of max_pfn (git-fixes)\n- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)\n- arm64: proton-pack: Add new CPUs \u0027k\u0027 values for branch mitigation (bsc#1242778).\n- arm64: proton-pack: Add new CPUs \u0027k\u0027 values for branch mitigation (git-fixes)\n- arm64: proton-pack: Expose whether the branchy loop k value (bsc#1242778).\n- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)\n- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)\n- arm64: proton-pack: Expose whether the platform is mitigated by firmware (bsc#1242778).\n- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)\n- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).\n- asus-laptop: Fix an uninitialized variable (git-fixes).\n- ata: ahci: Add mask_port_map module parameter (git-fixes).\n- ata: libata-sata: Save all fields from sense data descriptor (git-fixes).\n- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).\n- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).\n- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).\n- ata: libata-scsi: Improve CDL control (git-fixes).\n- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).\n- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).\n- ata: pata_parport: add custom version of wait_after_reset (git-fixes).\n- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).\n- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes).\n- ata: pata_serverworks: Do not use the term blacklist (git-fixes).\n- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).\n- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).\n- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes).\n- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).\n- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).\n- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).\n- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).\n- badblocks: Fix error shitf ops (git-fixes).\n- badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes).\n- badblocks: fix missing bad blocks on retry in _badblocks_check() (git-fixes).\n- badblocks: fix the using of MAX_BADBLOCKS (git-fixes).\n- badblocks: return error directly when setting badblocks exceeds 512 (git-fixes).\n- badblocks: return error if any badblock set fails (git-fixes).\n- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).\n- bitmap: Align documentation between bitmap_gather() and bitmap_scatter() (git-fixes).\n- bitmap: introduce generic optimized bitmap_size() (git-fixes).\n- blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes).\n- block: change blk_mq_add_to_batch() third argument type to bool (git-fixes).\n- block: fix \u0027kmem_cache of name \u0027bio-108\u0027 already exists\u0027 (git-fixes).\n- block: fix conversion of GPT partition name to 7-bit (git-fixes).\n- block: fix resource leak in blk_register_queue() error path (git-fixes).\n- block: integrity: Do not call set_page_dirty_lock() (git-fixes).\n- block: make sure -\u003enr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes).\n- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).\n- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).\n- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).\n- bnxt_en: Fix ethtool selftest output in one of the failure cases (git-fixes).\n- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).\n- bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes).\n- bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes).\n- bnxt_en: call pci_alloc_irq_vectors() after bnxt_reserve_rings() (git-fixes).\n- bnxt_en: fix module unload sequence (git-fixes).\n- bnxt_en: improve TX timestamping FIFO configuration (git-fixes).\n- bonding: fix incorrect MAC address setting to receive NS messages (git-fixes).\n- bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes).\n- bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes).\n- bpf: Check size for BTF-based ctx access of pointer members (git-fixes).\n- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).\n- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes).\n- bpf: Scrub packet on bpf_redirect_peer (git-fixes).\n- bpf: add find_containing_subprog() utility function (bsc#1241590).\n- bpf: avoid holding freeze_mutex during mmap operation (git-fixes).\n- bpf: check changes_pkt_data property for extension programs (bsc#1241590).\n- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).\n- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).\n- bpf: fix potential error return (git-fixes).\n- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).\n- bpf: track changes_pkt_data property for global functions (bsc#1241590).\n- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes).\n- broadcom: fix supported flag check in periodic output function (git-fixes).\n- btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204).\n- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).\n- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).\n- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).\n- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).\n- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).\n- btrfs: check delayed refs when we\u0027re checking if a ref exists (bsc#1239605).\n- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).\n- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).\n- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).\n- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).\n- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).\n- btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151).\n- btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204).\n- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).\n- btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204).\n- btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204).\n- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).\n- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).\n- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).\n- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).\n- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).\n- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).\n- can: bcm: add locking for bcm_op runtime updates (git-fixes).\n- can: bcm: add missing rcu read protection for procfs content (git-fixes).\n- can: flexcan: disable transceiver during system PM (git-fixes).\n- can: flexcan: only change CAN state when link up in system PM (git-fixes).\n- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).\n- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).\n- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).\n- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).\n- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).\n- can: slcan: allow reception of short error messages (git-fixes).\n- can: ucan: fix out of bound read in strscpy() source (git-fixes).\n- cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes).\n- cgroup/cpuset: Fix error handling in remote_partition_disable() (bsc#1241166).\n- cgroup/cpuset: Fix incorrect isolated_cpus update in update_parent_effective_cpumask() (bsc#1241166).\n- cgroup/cpuset: Fix spelling errors in file kernel/cgroup/cpuset.c (bsc#1241166).\n- char: misc: register chrdev region with all possible minors (git-fixes).\n- check-for-config-changes: Fix flag name typo\n- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).\n- cifs: reduce warning log level for server not advertising interfaces (git-fixes).\n- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).\n- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).\n- counter: fix privdata alignment (git-fixes).\n- counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes).\n- counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes).\n- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).\n- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052).\n- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052).\n- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052). \n- cpumask: add cpumask_weight_andnot() (bsc#1239015).\n- cpumask: define cleanup function for cpumasks (bsc#1239015).\n- crypto: algif_hash - fix double free in hash_accept (git-fixes).\n- crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes).\n- crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes).\n- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).\n- crypto: ccp - Fix check for the primary ASP device (git-fixes).\n- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).\n- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).\n- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).\n- crypto: iaa - Change desc-\u003epriv to 0 (jsc#PED-12416).\n- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).\n- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove header table code (jsc#PED-12416).\n- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).\n- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).\n- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).\n- crypto: iaa - Test the correct request flag (git-fixes).\n- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).\n- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).\n- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).\n- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).\n- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).\n- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).\n- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).\n- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).\n- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).\n- crypto: qat - Fix spelling mistake \u0027Invalide\u0027 -\u003e \u0027Invalid\u0027 (jsc#PED-12416).\n- crypto: qat - Fix typo \u0027accelaration\u0027 (jsc#PED-12416).\n- crypto: qat - Fix typo (jsc#PED-12416).\n- crypto: qat - Remove trailing space after \\n newline (jsc#PED-12416).\n- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).\n- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).\n- crypto: qat - add auto reset on error (jsc#PED-12416).\n- crypto: qat - add bank save and restore flows (jsc#PED-12416).\n- crypto: qat - add fatal error notification (jsc#PED-12416).\n- crypto: qat - add fatal error notify method (jsc#PED-12416).\n- crypto: qat - add heartbeat error simulator (jsc#PED-12416).\n- crypto: qat - add interface for live migration (jsc#PED-12416).\n- crypto: qat - add shutdown handler to qat_420xx (bsc#1239934).\n- crypto: qat - add shutdown handler to qat_4xxx (bsc#1239934).\n- crypto: qat - add shutdown handler to qat_c3xxx (bsc#1239934).\n- crypto: qat - add shutdown handler to qat_c62x (bsc#1239934).\n- crypto: qat - add shutdown handler to qat_dh895xcc (bsc#1239934).\n- crypto: qat - add support for 420xx devices (jsc#PED-12416).\n- crypto: qat - add support for device telemetry (jsc#PED-12416).\n- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).\n- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).\n- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).\n- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).\n- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).\n- crypto: qat - disable arbitration before reset (jsc#PED-12416).\n- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).\n- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).\n- crypto: qat - fix \u0027Full Going True\u0027 macro definition (jsc#PED-12416).\n- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).\n- crypto: qat - fix comment structure (jsc#PED-12416).\n- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).\n- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).\n- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).\n- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).\n- crypto: qat - implement dh fallback for primes \u003e 4K (jsc#PED-12416).\n- crypto: qat - implement interface for live migration (jsc#PED-12416).\n- crypto: qat - improve aer error reset handling (jsc#PED-12416).\n- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).\n- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).\n- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).\n- crypto: qat - limit heartbeat notifications (jsc#PED-12416).\n- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).\n- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).\n- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).\n- crypto: qat - move fw config related structures (jsc#PED-12416).\n- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).\n- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).\n- crypto: qat - relocate CSR access code (jsc#PED-12416).\n- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).\n- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).\n- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).\n- crypto: qat - remove redundant prototypes in qat_c3xxx (bsc#1239934).\n- crypto: qat - remove redundant prototypes in qat_c62x (bsc#1239934).\n- crypto: qat - remove redundant prototypes in qat_dh895xcc (bsc#1239934).\n- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).\n- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).\n- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).\n- crypto: qat - set parity error mask for qat_420xx (git-fixes).\n- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).\n- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).\n- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).\n- crypto: qat - validate slices count returned by FW (jsc#PED-12416).\n- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).\n- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git-fixes).\n- cxl/core/regs.c: Skip Memory Space Enable check for RCD and RCH Ports (bsc#1242125).\n- devlink: fix port new reply cmd type (git-fixes).\n- dlm: prevent NPD when writing a positive value to event_done (git-fixes).\n- dm array: fix cursor index when skipping across block boundaries (git-fixes).\n- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).\n- dm init: Handle minors larger than 255 (git-fixes).\n- dm integrity: fix out-of-range warning (git-fixes).\n- dm persistent data: fix memory allocation failure (git-fixes).\n- dm resume: do not return EINVAL when signalled (git-fixes).\n- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).\n- dm thin: Add missing destroy_work_on_stack() (git-fixes).\n- dm-bufio: do not schedule in atomic context (git-fixes).\n- dm-crypt: do not update io-\u003esector after kcryptd_crypt_write_io_submit() (git-fixes).\n- dm-crypt: track tag_offset in convert_context (git-fixes).\n- dm-delay: fix hung task introduced by kthread mode (git-fixes).\n- dm-delay: fix max_delay calculations (git-fixes).\n- dm-delay: fix workqueue delay_timer race (git-fixes).\n- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).\n- dm-ebs: fix prefetch-vs-suspend race (git-fixes).\n- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).\n- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).\n- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).\n- dm-integrity: fix a warning on invalid table line (git-fixes).\n- dm-integrity: set ti-\u003eerror on memory allocation failure (git-fixes).\n- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).\n- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).\n- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).\n- dm-verity: fix prefetch-vs-suspend race (git-fixes).\n- dm: Fix typo in error message (git-fixes).\n- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).\n- dm: always update the array size in realloc_argv on success (git-fixes).\n- dm: fix copying after src array boundaries (git-fixes).\n- dma-buf/sw_sync: Decrement refcount on error in sw_sync_ioctl_get_deadline() (git-fixes).\n- dma-buf: insert memory barrier before updating num_fences (git-fixes).\n- dmaengine: Revert \u0027dmaengine: dmatest: Fix dmatest waiting less when interrupted\u0027 (git-fixes).\n- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).\n- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).\n- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).\n- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).\n- dmaengine: idxd: Fix -\u003epoll() return value (git-fixes).\n- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).\n- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).\n- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).\n- dmaengine: mediatek: drop unused variable (git-fixes).\n- dmaengine: ti: k3-udma: Add missing locking (git-fixes).\n- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).\n- docs: perf: Fix build warning of hisi-pcie-pmu.rst (bsc#1237704)\n- docs: perf: Update usage for target filter of hisi-pcie-pmu (bsc#1237704)\n- docs: thermal: sync hardware protection doc with code (git-fixes).\n- driver core: Remove needless return in void API device_remove_group() (git-fixes).\n- drivers/perf: hisi_pcie: Add more events for counting TLP bandwidth (bsc#1237704)\n- drivers/perf: hisi_pcie: Check the target filter properly (bsc#1237704)\n- drivers/perf: hisi_pcie: Fix incorrect counting under metric mode (bsc#1237704)\n- drivers/perf: hisi_pcie: Introduce hisi_pcie_pmu_get_event_ctrl_val() (bsc#1237704)\n- drivers/perf: hisi_pcie: Merge find_related_event() and (bsc#1237704)\n- drivers/perf: hisi_pcie: Relax the check on related events (bsc#1237704)\n- drivers/perf: hisi_pcie: Rename hisi_pcie_pmu_{config,clear}_filter() (bsc#1237704)\n- drivers: base: devres: Allow to release group on device release (stable-fixes).\n- drm/amd/amdkfd: Evict all queues even HWS remove queue failed (stable-fixes).\n- drm/amd/display/dml2: use vzalloc rather than kzalloc (bsc#1241568).\n- drm/amd/display: Actually do immediate vblank disable (git-fixes).\n- drm/amd/display: Add HP Elitebook 645 to the quirk list for eDP on DP1 (stable-fixes).\n- drm/amd/display: Add HP Probook 445 and 465 to the quirk list for eDP on DP1 (stable-fixes).\n- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).\n- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).\n- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).\n- drm/amd/display: Copy AUX read reply data whenever length \u003e 0 (git-fixes).\n- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).\n- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).\n- drm/amd/display: Do not enable Replay and PSR while VRR is on in amdgpu_dm_commit_planes() (git-fixes).\n- drm/amd/display: Do not write DP_MSTM_CTRL after LT (stable-fixes).\n- drm/amd/display: Enable urgent latency adjustment on DCN35 (stable-fixes).\n- drm/amd/display: Exit idle optimizations before accessing PHY (git-fixes).\n- drm/amd/display: Fix gpu reset in multidisplay config (git-fixes).\n- drm/amd/display: Fix invalid context error in dml helper (git-fixes).\n- drm/amd/display: Fix message for support_edp0_on_dp1 (git-fixes).\n- drm/amd/display: Fix out-of-bound accesses (stable-fixes).\n- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).\n- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).\n- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).\n- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).\n- drm/amd/display: Force full update in gpu reset (stable-fixes).\n- drm/amd/display: Increase vblank offdelay for PSR panels (git-fixes).\n- drm/amd/display: Protect FPU in dml21_copy() (git-fixes).\n- drm/amd/display: Protect FPU in dml2_init()/dml21_init() (git-fixes).\n- drm/amd/display: Protect FPU in dml2_validate()/dml21_validate() (git-fixes).\n- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).\n- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).\n- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).\n- drm/amd/display: Temporarily disable hostvm on DCN31 (stable-fixes).\n- drm/amd/display: Update Cursor request mode to the beginning prefetch always (stable-fixes).\n- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).\n- drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes).\n- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).\n- drm/amd/display: fix an indent issue in DML21 (git-fixes).\n- drm/amd/display: fix default brightness (git-fixes).\n- drm/amd/display: fix missing .is_two_pixels_per_container (git-fixes).\n- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).\n- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).\n- drm/amd/display: prevent hang on link training fail (stable-fixes).\n- drm/amd/display: stop DML2 from removing pipes based on planes (stable-fixes).\n- drm/amd/pm/smu11: Prevent division by zero (git-fixes).\n- drm/amd/pm: Prevent division by zero (git-fixes).\n- drm/amd/pm: add unique_id for gfx12 (stable-fixes).\n- drm/amd/pm: always allow ih interrupt from fw (stable-fixes).\n- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).\n- drm/amd: Handle being compiled without SI or CIK support better (stable-fixes).\n- drm/amd: Keep display off while going into S4 (stable-fixes).\n- drm/amdgpu/display: Allow DCC for video formats on GFX12 (stable-fixes).\n- drm/amdgpu/dma_buf: fix page_link check (git-fixes).\n- drm/amdgpu/gfx11: fix num_mec (git-fixes).\n- drm/amdgpu/gfx12: correct cleanup of \u0027me\u0027 field with gfx_v12_0_me_fini() (git-fixes).\n- drm/amdgpu/gfx12: fix num_mec (git-fixes).\n- drm/amdgpu/hdp4: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu/hdp5: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu/hdp6: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu/hdp7: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu/mes11: optimize MES pipe FW version fetching (git-fixes).\n- drm/amdgpu/mes12: optimize MES pipe FW version fetching (git-fixes).\n- drm/amdgpu/pm: Handle SCLK offset correctly in overdrive for smu 14.0.2 (stable-fixes).\n- drm/amdgpu/pm: wire up hwmon fan speed for smu 14.0.2 (stable-fixes).\n- drm/amdgpu/umsch: declare umsch firmware (git-fixes).\n- drm/amdgpu/umsch: fix ucode check (git-fixes).\n- drm/amdgpu/vcn: using separate VCN1_AON_SOC offset (stable-fixes).\n- drm/amdgpu: Add back JPEG to video caps for carrizo and newer (git-fixes).\n- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).\n- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).\n- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).\n- drm/amdgpu: Fix offset for HDP remap in nbio v7.11 (stable-fixes).\n- drm/amdgpu: Increase KIQ invalidate_tlbs timeout (stable-fixes).\n- drm/amdgpu: NULL-check BO\u0027s backing store when determining GFX12 PTE flags (git-fixes).\n- drm/amdgpu: Prefer shadow rom when available (git-fixes).\n- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).\n- drm/amdgpu: Remove JPEG from vega and carrizo video caps (stable-fixes).\n- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).\n- drm/amdgpu: Restore uncached behaviour on GFX12 (stable-fixes).\n- drm/amdgpu: Unlocked unmap only clear page table leaves (stable-fixes).\n- drm/amdgpu: Use the right function for hdp flush (stable-fixes).\n- drm/amdgpu: fix pm notifier handling (git-fixes).\n- drm/amdgpu: fix warning of drm_mm_clean (git-fixes).\n- drm/amdgpu: grab an additional reference on the gang fence v2 (stable-fixes).\n- drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes).\n- drm/amdgpu: immediately use GTT for new allocations (git-fixes).\n- drm/amdgpu: refine smu send msg debug log format (git-fixes).\n- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).\n- drm/amdgpu: use a dummy owner for sysfs triggered cleaner shaders v4 (stable-fixes).\n- drm/amdkfd: Fix Circular Locking Dependency in \u0027svm_range_cpu_invalidate_pagetables\u0027 (git-fixes).\n- drm/amdkfd: Fix mode1 reset crash issue (stable-fixes).\n- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes).\n- drm/amdkfd: Fix user queue validation on Gfx7/8 (git-fixes).\n- drm/amdkfd: clamp queue size to minimum (stable-fixes).\n- drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes).\n- drm/ast: Fix ast_dp connection status (git-fixes).\n- drm/atomic: Filter out redundant DPMS calls (stable-fixes).\n- drm/bridge: Fix spelling mistake \u0027gettin\u0027 -\u003e \u0027getting\u0027 (git-fixes).\n- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).\n- drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes).\n- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).\n- drm/debugfs: fix printk format for bridge index (stable-fixes).\n- drm/dp_mst: Add a helper to queue a topology probe (stable-fixes).\n- drm/dp_mst: Factor out function to queue a topology probe work (stable-fixes).\n- drm/dp_mst: Fix drm RAD print (git-fixes).\n- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).\n- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).\n- drm/fdinfo: Protect against driver unbind (git-fixes).\n- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).\n- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).\n- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).\n- drm/i915/color: Extract intel_color_modeset() (stable-fixes).\n- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).\n- drm/i915/dg2: wait for HuC load completion before running selftests (stable-fixes).\n- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL\u0027s own port width macro (git-fixes).\n- drm/i915/dsi: convert to struct intel_display (stable-fixes).\n- drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes).\n- drm/i915/huc: Fix fence not released on early probe errors (git-fixes).\n- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions\u0027 (git-fixes).\n- drm/i915/vrr: Add vrr.vsync_{start, end} in vrr_params_changed (git-fixes).\n- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).\n- drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes).\n- drm/i915: Disable RPG during live selftest (git-fixes).\n- drm/i915: Increase I915_PARAM_MMAP_GTT_VERSION version to indicate support for partial mmaps (git-fixes).\n- drm/i915: Plumb \u0027dsb\u0027 all way to the plane hooks (stable-fixes).\n- drm/imagination: fix firmware memory leaks (git-fixes).\n- drm/imagination: take paired job reference (git-fixes).\n- drm/mediatek: Fix config_updating flag never false when no mbox channel (git-fixes).\n- drm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr (git-fixes).\n- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).\n- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable-fixes).\n- drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable-fixes).\n- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).\n- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).\n- drm/mgag200: Fix value in \u0026lt;VBLKSTR\u003e register (git-fixes).\n- drm/mipi-dbi: Fix blanking for non-16 bit formats (git-fixes).\n- drm/msm/a6xx+: Do not let IB_SIZE overflow (git-fixes).\n- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).\n- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).\n- drm/msm/dpu: do not set crtc_state-\u003emode_changed from atomic_check() (git-fixes).\n- drm/msm/dpu: do not use active in atomic_check() (git-fixes).\n- drm/msm/dsi/phy: Program clock inverters in correct register (git-fixes).\n- drm/msm/dsi: Add check for devm_kstrdup() (git-fixes).\n- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).\n- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).\n- drm/nouveau: Do not override forced connector status (stable-fixes).\n- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).\n- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).\n- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).\n- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).\n- drm/panic: fix overindented list items in documentation (git-fixes).\n- drm/panic: use `div_ceil` to clean Clippy warning (git-fixes).\n- drm/panthor: Update CS_STATUS_ defines to correct values (git-fixes).\n- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).\n- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).\n- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).\n- drm/repaper: fix integer overflows in repeat functions (git-fixes).\n- drm/sched: Fix fence reference count leak (git-fixes).\n- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).\n- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).\n- drm/ssd130x: fix ssd132x encoding (git-fixes).\n- drm/sti: remove duplicate object names (git-fixes).\n- drm/tests: Add helper to create mock crtc (stable-fixes).\n- drm/tests: Add helper to create mock plane (stable-fixes).\n- drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git-fixes).\n- drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes).\n- drm/tests: hdmi: Remove redundant assignments (stable-fixes).\n- drm/tests: helpers: Add atomic helpers (stable-fixes).\n- drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable-fixes).\n- drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes).\n- drm/tests: helpers: Fix compiler warning (git-fixes).\n- drm/tests: modes: Fix drm_display_mode memory leak (git-fixes).\n- drm/tests: modeset: Fix drm_display_mode memory leak (git-fixes).\n- drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes).\n- drm/tests: shmem: Fix memleak (git-fixes).\n- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).\n- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).\n- drm/vkms: Fix use after free and double free on init error (git-fixes).\n- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).\n- drm/vmwgfx: Use VMware hypercall API (jsc#PED-11518).\n- drm/xe/dma_buf: stop relying on placement in unmap (git-fixes).\n- drm/xe/hw_engine: define sysfs_ops on all directories (git-fixes).\n- drm/xe/pm: Temporarily disable D3Cold on BMG (git-fixes).\n- drm/xe/tests/mocs: Hold XE_FORCEWAKE_ALL for LNCF regs (git-fixes).\n- drm/xe/tests/mocs: Update xe_force_wake_get() return handling (stable-fixes).\n- drm/xe/userptr: Fix an incorrect assert (git-fixes).\n- drm/xe/userptr: fix notifier vs folio deadlock (git-fixes).\n- drm/xe/vf: Do not try to trigger a full GT reset if VF (stable-fixes).\n- drm/xe/xe3lpg: Apply Wa_14022293748, Wa_22019794406 (stable-fixes).\n- drm/xe/xelp: Move Wa_16011163337 from tunings to workarounds (stable-fixes).\n- drm/xe: Add page queue multiplier (git-fixes).\n- drm/xe: Fix GT \u0027for each engine\u0027 workarounds (stable-fixes).\n- drm/xe: Fix an out-of-bounds shift when invalidating TLB (git-fixes).\n- drm/xe: Fix exporting xe buffers multiple times (git-fixes).\n- drm/xe: Release guc ids before cancelling work (git-fixes).\n- drm/xe: Remove double pageflip (git-fixes).\n- drm/xe: Save CTX_TIMESTAMP mmio value instead of LRC value (git-fixes).\n- drm/xe: Set LRC addresses before guc load (git-fixes).\n- drm/xe: Use local fence in error path of xe_migrate_clear (git-fixes).\n- drm/xe: remove redundant check in xe_vm_create_ioctl() (git-fixes).\n- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).\n- drm: allow encoder mode_set even when connectors change for crtc (stable-fixes).\n- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes).\n- drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes).\n- drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes).\n- drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes).\n- drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes).\n- drm: panel: jd9365da: fix reset signal polarity in unprepare (git-fixes).\n- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).\n- dummycon: fix default rows/cols (git-fixes).\n- e1000e: change k1 configuration on MTP and later platforms (git-fixes).\n- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).\n- eth: bnxt: do not use BNXT_VNIC_NTUPLE unconditionally in queue restart logic (git-fixes).\n- eth: bnxt: fix memory leak in queue reset (git-fixes).\n- eth: bnxt: fix missing ring index trim on error path (git-fixes).\n- eth: bnxt: fix out-of-range access of vnic_info array (git-fixes).\n- ethtool: Fix context creation with no parameters (git-fixes).\n- ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes).\n- ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git-fixes).\n- ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll() (git-fixes).\n- ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes).\n- ethtool: fix setting key and resetting indir at once (git-fixes).\n- ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes).\n- ethtool: netlink: do not return SQI value if link is down (git-fixes).\n- ethtool: ntuple: fix rss + ring_cookie check (git-fixes).\n- ethtool: plca: fix plca enable data type while parsing the value (git-fixes).\n- ethtool: rss: echo the context number back (git-fixes).\n- ethtool: rss: fix hiding unsupported fields in dumps (git-fixes).\n- exfat: do not fallback to buffered write (git-fixes).\n- exfat: drop -\u003ei_size_ondisk (git-fixes).\n- exfat: fix potential wrong error return from get_block (git-fixes).\n- exfat: fix soft lockup in exfat_clear_bitmap (git-fixes).\n- exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes).\n- exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes).\n- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).\n- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).\n- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).\n- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).\n- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).\n- ext4: goto right label \u0027out_mmap_sem\u0027 in ext4_setattr() (bsc#1242556).\n- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).\n- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).\n- ext4: protect ext4_release_dquot against freezing (bsc#1242335).\n- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536). \n- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).\n- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538). \n- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).\n- fbdev: omapfb: Add \u0027plane\u0027 value check (stable-fixes).\n- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).\n- fbdev: sm501fb: Add some geometry checks (git-fixes).\n- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).\n- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).\n- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).\n- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).\n- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (git-fixes).\n- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).\n- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).\n- fs/jfs: Prevent integer overflow in AG size calculation (git-fixes).\n- fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes).\n- fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250).\n- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528). \n- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).\n- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).\n- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).\n- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).\n- gpio: tegra186: fix resource handling in ACPI probe path (git-fixes).\n- gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes).\n- gpu: cdns-mhdp8546: fix call balance of mhdp-\u003eclk handling routines (git-fixes).\n- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).\n- gve: handle overflow when reporting TX consumed descriptors (git-fixes).\n- gve: set xdp redirect target only when it is available (git-fixes).\n- gve: unlink old napi only if page pool exists (git-fixes).\n- gve: unlink old napi when stopping a queue using queue API (git-fixes).\n- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes).\n- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).\n- hv_netvsc: Remove rmsg_pgcnt (git-fixes).\n- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).\n- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable-fixes).\n- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).\n- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).\n- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).\n- i2c: atr: Fix wrong include (git-fixes).\n- i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes).\n- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).\n- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).\n- i2c: omap: fix IRQ storms (git-fixes).\n- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).\n- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).\n- i3c: master: svc: Fix missing the IBI rules (git-fixes).\n- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).\n- ice: Add check for devm_kzalloc() (git-fixes).\n- ice: Avoid setting default Rx VSI twice in switchdev setup (git-fixes).\n- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).\n- ice: Fix switchdev slow-path in LAG (git-fixes).\n- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).\n- ice: do not configure destination override for switchdev (git-fixes).\n- ice: ensure periodic output start time is in the future (git-fixes).\n- ice: fix ice_parser_rt::bst_key array size (git-fixes).\n- ice: fix input validation for virtchnl BW (git-fixes).\n- ice: fix reservation of resources for RDMA when disabled (git-fixes).\n- ice: remove invalid parameter of equalizer (git-fixes).\n- ice: stop truncating queue ids when checking (git-fixes).\n- idpf: Acquire the lock before accessing the xn-\u003esalt (git-fixes).\n- idpf: check error for register_netdev() on init (git-fixes).\n- idpf: fix adapter NULL pointer dereference on reboot (git-fixes).\n- idpf: fix offloads support for encapsulated packets (git-fixes).\n- idpf: fix potential memory leak on kcalloc() failure (git-fixes).\n- idpf: fix transaction timeouts on reset (git-fixes).\n- idpf: protect shutdown from reset (git-fixes).\n- idpf: record rx queue in skb for RSC packets (git-fixes).\n- igb: reject invalid external timestamp requests for 82580-based HW (git-fixes).\n- igc: add lock preventing multiple simultaneous PTM transactions (git-fixes).\n- igc: cleanup PTP module if probe fails (git-fixes).\n- igc: fix PTM cycle trigger logic (git-fixes).\n- igc: fix lock order in igc_ptp_reset (git-fixes).\n- igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes).\n- igc: increase wait time before retrying PTM (git-fixes).\n- igc: move ktime snapshot into PTM retry loop (git-fixes).\n- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).\n- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).\n- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).\n- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).\n- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).\n- iio: adc: ad7606: fix serial register access (git-fixes).\n- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).\n- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).\n- iio: adis16201: Correct inclinometer channel resolution (git-fixes).\n- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).\n- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).\n- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).\n- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).\n- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).\n- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).\n- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).\n- init: add initramfs_internal.h (bsc#1232848).\n- initramfs: allocate heap buffers together (bsc#1232848).\n- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).\n- input/vmmouse: Use VMware hypercall API (jsc#PED-11518).\n- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).\n- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).\n- intel_th: pci: Add Arrow Lake support (stable-fixes).\n- intel_th: pci: Add Panther Lake-H support (stable-fixes).\n- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).\n- io_uring/sqpoll: Increase task_work submission batch size (bsc#1238585).\n- ioam6: improve checks on user data (git-fixes).\n- iommu/arm-smmu-v3: Fix pgsize_bit for sva domains (bsc#1243341)\n- iommu/vt-d: Assign owner to the static identity domain (bsc#1241193).\n- iommu/vt-d: Fix suspicious RCU usage (git-fixes).\n- iommu/vt-d: Remove device comparison in context_setup_pass_through_cb (git-fixes).\n- iommu: Allow attaching static domains in iommu_attach_device_pasid() (bsc#1241193).\n- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).\n- ipv4/route: avoid unused-but-set-variable warning (git-fixes).\n- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).\n- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).\n- ipv4: Fix incorrect source address in Record Route option (git-fixes).\n- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).\n- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).\n- ipv4: fib: annotate races around nh-\u003enh_saddr_genid and nh-\u003enh_saddr (git-fixes).\n- ipv4: fix source address selection with route leak (git-fixes).\n- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).\n- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).\n- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes).\n- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).\n- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).\n- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).\n- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).\n- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).\n- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).\n- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).\n- ipv6: Align behavior across nexthops during path selection (git-fixes).\n- ipv6: Do not consider link down nexthops in path selection (git-fixes).\n- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).\n- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).\n- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).\n- ipv6: Start path selection from the first nexthop (git-fixes).\n- ipv6: Use RCU in ip6_input() (bsc#1239994).\n- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).\n- ipv6: avoid atomic fragment on GSO packets (git-fixes).\n- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).\n- ipv6: fib: hide unused \u0027pn\u0027 variable (git-fixes).\n- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).\n- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).\n- ipv6: fix potential NULL deref in fib6_add() (git-fixes).\n- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).\n- ipv6: introduce dst_rt6_info() helper (git-fixes).\n- ipv6: ioam: block BH from ioam6_output() (git-fixes).\n- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).\n- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- ipv6: sr: add missing seg6_local_exit (git-fixes).\n- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).\n- ipv6: take care of scope when choosing the src addr (git-fixes).\n- irqchip/davinci: Remove leftover header (git-fixes).\n- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes).\n- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).\n- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).\n- iwlwifi: correct modinfo firmware ucode (bsc#1243020).\n- ixgbe: fix media type detection for E610 device (git-fixes).\n- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).\n- jbd2: fix off-by-one while erasing journal (bsc#1242344).\n- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).\n- jbd2: increase IO priority for writing revoke records (bsc#1242332).\n- jbd2: increase the journal IO\u0027s priority (bsc#1242537).\n- jbd2: remove wrong sb-\u003es_sequence check (bsc#1242343).\n- jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes).\n- jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes).\n- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).\n- jfs: add check read-only before txBeginAnon() call (git-fixes).\n- jfs: add index corruption check to DT_GETPAGE() (git-fixes).\n- jfs: add sanity check for agwidth in dbMount (git-fixes).\n- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).\n- jfs: reject on-disk inodes of an unsupported type (git-fixes).\n- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).\n- jiffies: Define secs_to_jiffies() (bsc#1242993).\n- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)\n- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).\n- kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).\n- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).\n- kABI workaround for hci_core changes (git-fixes).\n- kABI workaround for intel-ish-hid (git-fixes).\n- kABI workaround for l2cap_conn changes (git-fixes).\n- kABI workaround for powercap update (bsc#1241010).\n- kABI workaround for soc_mixer_control changes (git-fixes).\n- kbuild: hdrcheck: fix cross build with clang (git-fixes).\n- kernel-binary: Support livepatch_rt with merged RT branch\n- kernel-obs-qa: Use srchash for dependency as well\n- kernel: Bad page map in process stress-ng-vm Revert commit (bsc#1241051)\n- kernel: Remove debug flavor (bsc#1243919).\n- keys: Fix UAF in key_put() (git-fixes).\n- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes).\n- kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes).\n- kunit: qemu_configs: sparc: use Zilog console (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).\n- lib: 842: Improve error handling in sw842_compress() (git-fixes).\n- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes).\n- libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__default_new() to perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309).\n- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).\n- loop: Add sanity check for read/write_iter (git-fixes).\n- loop: LOOP_SET_FD: send uevents for partitions (git-fixes).\n- loop: aio inherit the ioprio of original request (git-fixes).\n- loop: do not require -\u003ewrite_iter for writable files in loop_configure (git-fixes).\n- loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes).\n- loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes).\n- md/raid1,raid10: do not ignore IO flags (git-fixes).\n- md/raid10: fix missing discard IO accounting (git-fixes).\n- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).\n- md/raid1: Add check for missing source disk in process_checks() (git-fixes).\n- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).\n- md/raid5: implement pers-\u003ebitmap_sector() (git-fixes).\n- md: add a new callback pers-\u003ebitmap_sector() (git-fixes).\n- md: ensure resync is prioritized over recovery (git-fixes).\n- md: fix mddev uaf while iterating all_mddevs list (git-fixes).\n- md: preserve KABI in struct md_personality v2 (git-fixes).\n- mdacon: rework dependency list (git-fixes).\n- media: chips-media: wave5: Fix a hang after seeking (git-fixes).\n- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).\n- media: i2c: ccs: Set the device\u0027s runtime PM status correctly in probe (git-fixes).\n- media: i2c: ccs: Set the device\u0027s runtime PM status correctly in remove (git-fixes).\n- media: i2c: imx214: Rectify probe error handling related to runtime PM (git-fixes).\n- media: i2c: imx219: Rectify runtime PM handling in probe and remove (git-fixes).\n- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).\n- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).\n- media: intel/ipu6: set the dev_parent of video device to pdev (git-fixes).\n- media: omap3isp: Handle ARM dma_iommu_mapping (git-fixes).\n- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).\n- media: platform: stm32: Add check for clk_enable() (git-fixes).\n- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).\n- media: streamzap: fix race between device disconnection and urb callback (git-fixes).\n- media: streamzap: prevent processing IR data on URB failure (git-fixes).\n- media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes).\n- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).\n- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).\n- media: venus: hfi: add check to handle incorrect queue size (git-fixes).\n- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).\n- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).\n- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).\n- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).\n- media: vim2m: print device name after registering device (git-fixes).\n- media: visl: Fix ERANGE error when setting enum controls (git-fixes).\n- mei: me: add panther lake H DID (stable-fixes).\n- mei: me: add panther lake P DID (stable-fixes).\n- mei: vsc: Fix fortify-panic caused by invalid counted_by() use (git-fixes).\n- memblock tests: fix warning: \u0027__ALIGN_KERNEL\u0027 redefined (git-fixes).\n- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).\n- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).\n- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).\n- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).\n- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).\n- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).\n- mfd: syscon: Remove extern from function prototypes (stable-fixes).\n- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).\n- misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes).\n- misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes).\n- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).\n- mm/readahead: fix large folio support in async readahead (bsc#1242321).\n- mm: accept to promo watermark (bsc#1239600).\n- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).\n- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).\n- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).\n- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).\n- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).\n- mm: zswap: move allocations during CPU init outside the lock (git-fixes).\n- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).\n- mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable-fixes).\n- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).\n- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes).\n- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).\n- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).\n- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).\n- mptcp: fix rcv buffer auto-tuning (bsc#1220419 bsc#1222656 bsc#1236394).\n- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).\n- mptcp: refine opt_mp_capable determination (git-fixes).\n- mptcp: relax check on MPC passive fallback (git-fixes).\n- mptcp: strict validation before using mp_opt-\u003ehmac (git-fixes).\n- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).\n- mtd: Add check for devm_kcalloc() (git-fixes).\n- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).\n- mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes).\n- mtd: nand: Fix a kdoc comment (git-fixes).\n- mtd: phram: Add the kernel lock down check (bsc#1232649).\n- mtd: rawnand: Add status chack in r852_ready() (git-fixes).\n- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).\n- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).\n- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).\n- neighbour: delete redundant judgment statements (git-fixes).\n- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).\n- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).\n- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).\n- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).\n- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).\n- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).\n- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).\n- net/mlx5: Fill out devlink dev info only for PFs (git-fixes).\n- net/mlx5: Fix incorrect IRQ pool usage when releasing IRQs (git-fixes).\n- net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table() (git-fixes).\n- net/mlx5: HWS, Rightsize bwc matcher priority (git-fixes).\n- net/mlx5: IRQ, Fix null string in debug print (git-fixes).\n- net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git-fixes).\n- net/mlx5: Move ttc allocation after switch case to prevent leaks (git-fixes).\n- net/mlx5: Restore missing trace event when enabling vport QoS (git-fixes).\n- net/mlx5: Start health poll after enable hca (git-fixes).\n- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).\n- net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes).\n- net/mlx5e: Fix lock order in mlx5e_tx_reporter_ptpsq_unhealthy_recover (git-fixes).\n- net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes).\n- net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes).\n- net/mlx5e: TC, Continue the attr process even if encap entry is invalid (git-fixes).\n- net/mlx5e: Use custom tunnel header for vxlan gbp (git-fixes).\n- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).\n- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).\n- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).\n- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).\n- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).\n- net/sched: flower: Add lock protection when remove filter handle (git-fixes).\n- net/sched: taprio: make q-\u003epicos_per_byte available to fill_sched_entry() (git-fixes).\n- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).\n- net/tcp: refactor tcp_inet6_sk() (git-fixes).\n- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).\n- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).\n- net: Handle napi_schedule() calls from non-interrupt (git-fixes).\n- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).\n- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).\n- net: add dev_net_rcu() helper (bsc#1239994).\n- net: annotate data-races around sk-\u003esk_dst_pending_confirm (git-fixes).\n- net: annotate data-races around sk-\u003esk_tx_queue_mapping (git-fixes).\n- net: blackhole_dev: fix build warning for ethh set but not used (git-fixes).\n- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).\n- net: do not dump stack on queue timeout (git-fixes).\n- net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes).\n- net: ethtool: Fix RSS setting (git-fixes).\n- net: free_netdev: exit earlier if dummy (bsc#1243215).\n- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).\n- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).\n- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).\n- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).\n- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).\n- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).\n- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).\n- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).\n- net: ipv6: ioam6: code alignment (git-fixes).\n- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).\n- net: ipv6: ioam6: new feature tunsrc (git-fixes).\n- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).\n- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).\n- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).\n- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).\n- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).\n- net: mana: Allow variable size indirection table (bsc#1239016).\n- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).\n- net: mana: Avoid open coded arithmetic (bsc#1239016).\n- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Support holes in device list reply msg (git-fixes).\n- net: mana: Switch to page pool for jumbo frames (git-fixes).\n- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).\n- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).\n- net: mark racy access on sk-\u003esk_rcvbuf (git-fixes).\n- net: phy: leds: fix memory leak (git-fixes).\n- net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes).\n- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).\n- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).\n- net: sctp: fix skb leak in sctp_inq_free() (git-fixes).\n- net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes).\n- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).\n- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).\n- net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes).\n- net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes).\n- net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes).\n- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).\n- net: use unrcu_pointer() helper (git-fixes).\n- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).\n- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).\n- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).\n- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).\n- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).\n- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).\n- net_sched: sch_sfq: annotate data-races around q-\u003eperturb_period (git-fixes).\n- net_sched: sch_sfq: handle bigger packets (git-fixes).\n- netdev-genl: avoid empty messages in queue dump (git-fixes).\n- netdev: fix repeated netlink messages in queue dump (git-fixes).\n- netlink: annotate data-races around sk-\u003esk_err (git-fixes).\n- netlink: specs: rt-link: add an attr layer around alt-ifname (git-fixes).\n- netlink: specs: rt-link: adjust mctp attribute naming (git-fixes).\n- netlink: specs: rtnetlink: attribute naming corrections (git-fixes).\n- netlink: specs: tc: all actions are indexed arrays (git-fixes).\n- netlink: specs: tc: fix a couple of attribute names (git-fixes).\n- netpoll: Ensure clean state on setup failures (git-fixes).\n- netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes).\n- nfs: add missing selections of CONFIG_CRC32 (git-fixes).\n- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).\n- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).\n- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).\n- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).\n- nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes).\n- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).\n- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).\n- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).\n- ntb: Force physically contiguous allocation of rx ring buffers (git-fixes).\n- ntb: intel: Fix using link status DB\u0027s (git-fixes).\n- ntb: reduce stack usage in idt_scan_mws (stable-fixes).\n- ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes).\n- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).\n- ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes).\n- ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes).\n- ntb_perf: Fix printk format (git-fixes).\n- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).\n- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).\n- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).\n- nvme-ioctl: fix leaked requests on mapping error (git-fixes).\n- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).\n- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).\n- nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes).\n- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).\n- nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes).\n- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).\n- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).\n- nvme-pci: remove stale comment (git-fixes).\n- nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes).\n- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).\n- nvme-tcp: Fix a C2HTermReq error message (git-fixes).\n- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).\n- nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes).\n- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).\n- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).\n- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).\n- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).\n- nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git-fixes).\n- nvme: Add \u0027partial_nid\u0027 quirk (bsc#1241148).\n- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).\n- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).\n- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).\n- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).\n- nvme: move passthrough logging attribute to head (git-fixes).\n- nvme: multipath: fix return value of nvme_available_path (git-fixes).\n- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).\n- nvme: re-read ANA log page after ns scan completes (git-fixes).\n- nvme: requeue namespace scan on missed AENs (git-fixes).\n- nvme: unblock ctrl state transition for firmware update (git-fixes).\n- nvme: update patch nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch (git-fixes bsc#1235149).\n- nvmet-fc: Remove unused functions (git-fixes).\n- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).\n- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).\n- nvmet-fc: put ref when assoc-\u003edel_work is already scheduled (git-fixes).\n- nvmet-fc: take tgtport reference only once (git-fixes).\n- nvmet-fc: update tgtport ref per assoc (git-fixes).\n- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).\n- nvmet-fcloop: add ref counting to lport (git-fixes).\n- nvmet-fcloop: replace kref with refcount (git-fixes).\n- nvmet-fcloop: swap list_add_tail arguments (git-fixes).\n- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).\n- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).\n- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).\n- nvmet: remove old function prototype (git-fixes).\n- objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git-fixes).\n- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).\n- objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes).\n- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).\n- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).\n- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).\n- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).\n- ocfs2: handle a symlink read error correctly (git-fixes).\n- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).\n- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).\n- octeontx2-pf: Do not reallocate all ntuple filters (git-fixes).\n- octeontx2-pf: Fix ethtool support for SDP representors (git-fixes).\n- octeontx2-pf: handle otx2_mbox_get_rsp errors (git-fixes).\n- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).\n- padata: do not leak refcount in reorder_work (git-fixes).\n- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).\n- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).\n- perf tools: annotate asm_pure_loop.S (bsc#1239906).\n- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).\n- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)\n- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)\n- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)\n- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)\n- phy: Fix error handling in tegra_xusb_port_init (git-fixes).\n- phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).\n- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).\n- phy: tegra: xusb: remove a stray unlock (git-fixes).\n- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).\n- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).\n- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).\n- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).\n- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).\n- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).\n- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).\n- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).\n- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).\n- platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes).\n- platform/x86/intel/ifs: Add Clearwater Forest to CPU support list (jsc#PED-10213).\n- platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes).\n- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).\n- platform/x86: ISST: Correct command storage data length (git-fixes).\n- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).\n- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).\n- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).\n- platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes).\n- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).\n- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).\n- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).\n- pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes).\n- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).\n- powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes).\n- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).\n- powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010).\n- powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010).\n- powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes).\n- powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes).\n- powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes).\n- powerpc/boot: Check for ld-option support (bsc#1215199).\n- powerpc/boot: Fix dash warning (bsc#1215199).\n- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).\n- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).\n- powerpc/pseries/iommu: Fix kmemleak in TCE table userspace view (jsc#PED-10539 git-fixes).\n- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).\n- powerpc: Do not use --- in kernel logs (git-fixes).\n- powerpc: Stop using no_llseek (bsc#1239573).\n- ptp/vmware: Use VMware hypercall API (jsc#PED-11518).\n- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes).\n- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes).\n- pwm: rcar: Improve register calculation (git-fixes).\n- qibfs: fix _another_ leak (git-fixes)\n- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)\n- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)\n- rcu: Break rcu_node_0 --\u003e \u0026rq-\u003e__lock order (git-fixes)\n- rcu: Introduce rcu_cpu_online() (git-fixes)\n- regulator: check that dummy regulator has been probed before using it (stable-fixes).\n- regulator: core: Fix deadlock in create_regulator() (git-fixes).\n- regulator: dummy: force synchronous probing (git-fixes).\n- regulator: max20086: fix invalid memory access (git-fixes).\n- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).\n- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).\n- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf sle_version was obsoleted for SLE16. It has to be combined with suse_version check (bsc#1239986).\n- rpm/package-descriptions: Add rt and rt_debug descriptions\n- rpm/release-projects: Update the ALP projects again (bsc#1231293).\n- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).\n- rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013).\n- s390/ap: Fix CCA crypto card behavior within protected execution environment (git-fixes bsc#1243817 LTC#213623).\n- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).\n- s390/cio: Fix CHPID \u0027configure\u0027 attribute caching (git-fixes bsc#1240979).\n- s390/cpumf: Update CPU Measurement facility extended counter set support (bsc#1243115).\n- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes).\n- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978).\n- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).\n- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).\n- s390: Add z17 elf platform (bsc#1243116).\n- sched/fair: Fix CPU bandwidth limit bypass during CPU hotplug (BSC#1241319).\n- sched/fair: Fix CPU bandwidth limit bypass during CPU hotplug (bsc#1241319).\n- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)\n- sched/topology: Refinement to topology_span_sane speedup (bsc#1242119).\n- sched/topology: improve topology_span_sane speed (bsc#1242119).\n- sched: Add deprecation warning for users of RT_GROUP_SCHED (jsc#PED-11761 jsc#PED-12405).\n- scsi: Improve CDL control (git-fixes).\n- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).\n- scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes).\n- scsi: fnic: Fix indentation and remove unnecessary parenthesis (git-fixes).\n- scsi: fnic: Remove unnecessary debug print (git-fixes).\n- scsi: fnic: Remove unnecessary spinlock locking and unlocking (git-fixes).\n- scsi: fnic: Replace fnic-\u003elock_flags with local flags (git-fixes).\n- scsi: fnic: Replace use of sizeof with standard usage (git-fixes).\n- scsi: hisi_sas: Check whether debugfs is enabled before removing or (bsc#1237546)\n- scsi: hisi_sas: Enable force phy when SATA disk directly connected (git-fixes).\n- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).\n- scsi: hisi_sas: Remove hisi_hba-\u003etimer for v3 hw (bsc#1237545)\n- scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes).\n- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).\n- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).\n- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).\n- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).\n- scsi: lpfc: Fix spelling mistake \u0027Toplogy\u0027 -\u003e \u0027Topology\u0027 (bsc#1242993).\n- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).\n- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).\n- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).\n- scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp-\u003enlp_flag (git-fixes).\n- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).\n- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).\n- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (bsc#1241388 jsc#PED-11258).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).\n- scsi: megaraid_sas: Driver version update to 07.734.00.00-rc1 (bsc#1241388 jsc#PED-11258).\n- scsi: megaraid_sas: Make most module parameters static (bsc#1241388 jsc#PED-11258).\n- scsi: mpi3mr: Add level check to control event logging (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Avoid reply queue full condition (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Check admin reply queue from Watchdog (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Fix locking in an error path (git-fixes).\n- scsi: mpi3mr: Fix pending I/O counter (git-fixes).\n- scsi: mpi3mr: Fix spelling mistake \u0027skiping\u0027 -\u003e \u0027skipping\u0027 (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Handling of fault code for insufficient power (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Reset the pending interrupt flag (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Support for Segmented Hardware Trace buffer (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Synchronize access to ioctl data buffer (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Task Abort EH Support (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Update MPI Headers to revision 35 (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Update driver version to 8.12.0.3.50 (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Update driver version to 8.12.1.0.50 (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Update driver version to 8.13.0.5.50 (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Update timestamp only for supervisor IOCs (bsc#1241388 jsc#PED-12372).\n- scsi: mpt3sas: Add details to EEDPTagMode error message (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Add support for MCTP Passthrough commands (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Fix a locking bug in an error path (git-fixes).\n- scsi: mpt3sas: Fix buffer overflow in mpt3sas_send_mctp_passthru_req() (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Fix spelling mistake \u0027receveid\u0027 -\u003e \u0027received\u0027 (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes).\n- scsi: mpt3sas: Remove unused config functions (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Report driver capability as part of IOCINFO command (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Send a diag reset if target reset fails (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Update MPI headers to 02.00.62 version (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: update driver version to 52.100.00.00 (bsc#1241388 jsc#PED-11253).\n- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).\n- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).\n- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).\n- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).\n- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).\n- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).\n- scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes).\n- scsi: smartpqi: Use is_kdump_kernel() to check for kdump (git-fixes).\n- sctp: Fix undefined behavior in left shift operation (git-fixes).\n- sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes).\n- sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).\n- sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes).\n- sctp: fix association labeling in the duplicate COOKIE-ECHO case (git-fixes).\n- sctp: fix busy polling (git-fixes).\n- sctp: prefer struct_size over open coded arithmetic (git-fixes).\n- sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes).\n- security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375).\n- selftests/bpf: Add a few tests to cover (git-fixes).\n- selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes).\n- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).\n- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).\n- selftests/bpf: test for changing packet data from global functions (bsc#1241590).\n- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).\n- selftests/futex: futex_waitv wouldblock test should fail (git-fixes).\n- selftests/mm/cow: fix the incorrect error handling (git-fixes).\n- selftests/mm: fix incorrect buffer-\u003emirror size in hmm2 double_map test (bsc#1242203).\n- selftests/mm: generate a temporary mountpoint for cgroup filesystem (git-fixes).\n- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).\n- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).\n- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).\n- selinux: Implement mptcp_add_subflow hook (bsc#1240375).\n- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).\n- serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes).\n- serial: msm: Configure correct working mode before starting earlycon (git-fixes).\n- serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes).\n- series.conf: temporarily disable patches.suse/md-md-bitmap-fix-writing-non-bitmap-pages-ab99.patch (bsc#1238212)\n- smb: client: destroy cfid_put_wq on module exit (git-fixes).\n- smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265).\n- smb: client: fix open_cached_dir retries with \u0027hard\u0027 mount option (bsc#1240616).\n- soc: imx8m: Remove global soc_uid (stable-fixes).\n- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).\n- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).\n- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).\n- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).\n- soc: qcom: pdr: Fix the potential deadlock (git-fixes).\n- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).\n- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).\n- soundwire: bus: Fix race on the creation of the IRQ domain (git-fixes).\n- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).\n- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).\n- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).\n- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).\n- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).\n- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).\n- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).\n- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).\n- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).\n- spi: tegra114: Use value to check for invalid delays (git-fixes).\n- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).\n- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).\n- splice: do not checksum AF_UNIX sockets (bsc#1240333).\n- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).\n- sqpoll: increase tw batch size (bsc#1238585).\n- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).\n- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).\n- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).\n- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).\n- string: Add load_unaligned_zeropad() code path to sized_strscpy() (git-fixes).\n- supported.conf: Mark HiSi DMA controller as supported (jsc#PED-12622)\n- supported.conf: Mark HiSi PMU drivers as supported (jsc#PED-12622)\n- supported.conf: Mark HiSi TRNG v2 as supported (jsc#PED-12622)\n- supported.conf: add now-included qat_420xx (external, intel)\n- tcp: Add memory barrier to tcp_push() (git-fixes).\n- tcp: Adjust clamping window for applications specifying SO_RCVBUF (bsc#1220419 bsc#1222656 bsc#1236394).\n- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).\n- tcp: Annotate data-race around sk-\u003esk_mark in tcp_v4_send_reset (git-fixes).\n- tcp: Defer ts_recent changes until req is owned (git-fixes).\n- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).\n- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).\n- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).\n- tcp: Update window clamping condition (bsc#1220419 bsc#1222656 bsc#1236394).\n- tcp: Update window clamping condition (git-fixes).\n- tcp: add tcp_done_with_error() helper (git-fixes).\n- tcp: adjust rcvq_space after updating scaling ratio (bsc#1220419 bsc#1222656 bsc#1236394).\n- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).\n- tcp: annotate data-races around tp-\u003ewindow_clamp (bsc#1220419 bsc#1222656 bsc#1236394).\n- tcp: annotate data-races around tp-\u003ewindow_clamp (git-fixes).\n- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).\n- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).\n- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).\n- tcp: check space before adding MPTCP SYN options (git-fixes).\n- tcp: clear tp-\u003eretrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).\n- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).\n- tcp: define initial scaling factor value as a macro (bsc#1220419 bsc#1222656 bsc#1236394).\n- tcp: define initial scaling factor value as a macro (git-fixes).\n- tcp: derive delack_max from rto_min (git-fixes).\n- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).\n- tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).\n- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).\n- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).\n- tcp: fix mid stream window clamp (git-fixes).\n- tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes).\n- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).\n- tcp: fix race in tcp_write_err() (git-fixes).\n- tcp: fix races in tcp_abort() (git-fixes).\n- tcp: fix races in tcp_v_err() (git-fixes).\n- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it\u0027s safe (git-fixes).\n- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).\n- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).\n- tcp: get rid of sysctl_tcp_adv_win_scale (bsc#1220419 bsc#1222656 bsc#1236394).\n- tcp: increase the default TCP scaling ratio (bsc#1220419 bsc#1222656 bsc#1236394).\n- tcp: increase the default TCP scaling ratio (git-fixes).\n- tcp: introduce tcp_clock_ms() (git-fixes).\n- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).\n- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).\n- tcp: remove 64 KByte limit for initial tp-\u003ercv_wnd value (git-fixes).\n- tcp: replace tcp_time_stamp_raw() (git-fixes).\n- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).\n- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).\n- thermal/drivers/mediatek/lvts: Disable Stage 3 thermal threshold (git-fixes).\n- thermal/drivers/mediatek/lvts: Disable monitor mode during suspend (git-fixes).\n- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).\n- thermal: int340x: Add NULL check for adev (git-fixes).\n- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).\n- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).\n- tools/hv: update route parsing in kvp daemon (git-fixes).\n- tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175).\n- tools/power turbostat: report CoreThr per measurement interval (git-fixes).\n- tools: move alignment-related macros to new \u0026lt;linux/align.h\u003e (git-fixes).\n- topology: Set capacity_freq_ref in all cases (bsc#1238052)\n- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).\n- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).\n- tpm: do not start chip while suspended (git-fixes).\n- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).\n- tpm: tis: Double the timeout B to 4s (bsc#1235870).\n- tpm_tis: Move CRC check to generic send routine (bsc#1235870).\n- tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870).\n- tty: Require CAP_SYS_ADMIN for all usages of TIOCL_SELMOUSEREPORT (git-fixes).\n- tty: n_tty: use uint for space returned by tty_write_room() (git-fixes).\n- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).\n- tty: serial: 8250: Add some more device IDs (stable-fixes).\n- tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes).\n- tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes).\n- ubi: Add a check for ubi_num (git-fixes).\n- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).\n- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).\n- ubi: correct the calculation of fastmap size (stable-fixes).\n- ubi: eba: properly rollback inside self_check_eba (git-fixes).\n- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).\n- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).\n- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).\n- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).\n- ublk: set_params: properly check if parameters can be applied (git-fixes).\n- ucsi_ccg: Do not show failed to get FW build information error (git-fixes).\n- udf: Fix inode_getblk() return value (bsc#1242313).\n- udf: Skip parent dir link count update if corrupted (bsc#1242315).\n- udf: Verify inode link counts before performing rename (bsc#1242314).\n- usb: cdns3: Fix deadlock when using NCM gadget (git-fixes).\n- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).\n- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git-fixes).\n- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git-fixes).\n- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).\n- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).\n- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).\n- usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes).\n- usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes).\n- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).\n- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).\n- usb: gadget: f_ecm: Add get_status callback (git-fixes).\n- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).\n- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).\n- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).\n- usb: host: xhci-plat: mvebu: use -\u003equirks instead of -\u003einit_quirk() func (stable-fixes).\n- usb: phy: generic: Use proper helper for property detection (stable-fixes).\n- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).\n- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).\n- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).\n- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).\n- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).\n- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).\n- usb: uhci-platform: Make the clock really optional (git-fixes).\n- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).\n- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).\n- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).\n- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).\n- usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running (stable-fixes).\n- usb: xhci: Do not skip on Stopped - Length Invalid (git-fixes).\n- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).\n- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (stable-fixes).\n- usb: xhci: Fix invalid pointer dereference in Etron workaround (git-fixes).\n- usb: xhci: correct debug message page size calculation (git-fixes).\n- usb: xhci: remove \u0027retval\u0027 from xhci_pci_resume() (git-fixes).\n- usbnet:fix NPE during rx_complete (git-fixes).\n- vboxsf: fix building with GCC 15 (stable-fixes).\n- vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes).\n- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).\n- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).\n- video: screen_info: Update framebuffers behind PCI bridges (bsc#1240696).\n- virtchnl: make proto and filter action count unsigned (git-fixes).\n- virtio_console: fix missing byte order handling for cols and rows (git-fixes).\n- vmxnet3: Fix tx queue race condition with XDP (bsc#1241394).\n- vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394).\n- wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes).\n- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).\n- wifi: ath11k: add srng-\u003elock for ath11k_hal_srng_* in monitor mode (git-fixes).\n- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).\n- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).\n- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).\n- wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes).\n- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).\n- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).\n- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).\n- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).\n- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).\n- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes).\n- wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable-fixes).\n- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).\n- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).\n- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).\n- wifi: brcmfmac: keep power during suspend if board requires it (stable-fixes).\n- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).\n- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).\n- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).\n- wifi: iwlwifi: do not warn if the NIC is gone in resume (git-fixes).\n- wifi: iwlwifi: fix the check for the SCRATCH register upon resume (git-fixes).\n- wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes).\n- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).\n- wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes).\n- wifi: iwlwifi: pcie: Fix TSO preparation (git-fixes).\n- wifi: iwlwifi: support BIOS override for 5G9 in CA also in LARI version 8 (stable-fixes).\n- wifi: mac80211, cfg80211: miscellaneous spelling fixes (git-fixes).\n- wifi: mac80211: Cleanup sta TXQs on flush (stable-fixes).\n- wifi: mac80211: Fix sparse warning for monitor_sdata (git-fixes).\n- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes).\n- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).\n- wifi: mac80211: Update skb\u0027s control block key in ieee80211_tx_dequeue() (git-fixes).\n- wifi: mac80211: check basic rates validity in sta_link_apply_parameters (git-fixes).\n- wifi: mac80211: do not queue sdata::work for a non-running sdata (git-fixes).\n- wifi: mac80211: ensure sdata-\u003ework is canceled before initialized (stable-fixes).\n- wifi: mac80211: fix SA Query processing in MLO (stable-fixes).\n- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).\n- wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes).\n- wifi: mac80211: remove debugfs dir for virtual monitor (stable-fixes).\n- wifi: mt76: Add check for devm_kstrdup() (git-fixes).\n- wifi: mt76: disable napi on driver removal (git-fixes).\n- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable-fixes).\n- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).\n- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).\n- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).\n- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).\n- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).\n- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).\n- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).\n- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).\n- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).\n- wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes).\n- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).\n- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).\n- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).\n- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).\n- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).\n- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).\n- x86/bugs: Add RSB mitigation document (git-fixes).\n- x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes).\n- x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes).\n- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).\n- x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes).\n- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).\n- x86/coco: Replace \u0027static const cc_mask\u0027 with the newly introduced cc_get_mask() function (git-fixes).\n- x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes).\n- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).\n- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).\n- x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes).\n- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).\n- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).\n- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).\n- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).\n- x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes).\n- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).\n- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).\n- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).\n- x86/microcode/32: Move early loading after paging enable (git-fixes).\n- x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes).\n- x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes).\n- x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes).\n- x86/microcode/AMD: Split load_microcode_amd() (git-fixes).\n- x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes).\n- x86/microcode/amd: Cache builtin microcode too (git-fixes).\n- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).\n- x86/microcode/amd: Use cached microcode for AP load (git-fixes).\n- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).\n- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).\n- x86/microcode/intel: Cleanup code further (git-fixes).\n- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).\n- x86/microcode/intel: Remove debug code (git-fixes).\n- x86/microcode/intel: Remove pointless mutex (git-fixes).\n- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).\n- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).\n- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).\n- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).\n- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).\n- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).\n- x86/microcode/intel: Set new revision only after a successful update (git-fixes).\n- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).\n- x86/microcode/intel: Simplify early loading (git-fixes).\n- x86/microcode/intel: Simplify scan_microcode() (git-fixes).\n- x86/microcode/intel: Switch to kvmalloc() (git-fixes).\n- x86/microcode/intel: Unify microcode apply() functions (git-fixes).\n- x86/microcode: Add per CPU control field (git-fixes).\n- x86/microcode: Add per CPU result state (git-fixes).\n- x86/microcode: Clarify the late load logic (git-fixes).\n- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).\n- x86/microcode: Get rid of the schedule work indirection (git-fixes).\n- x86/microcode: Handle \u0027nosmt\u0027 correctly (git-fixes).\n- x86/microcode: Handle \u0027offline\u0027 CPUs correctly (git-fixes).\n- x86/microcode: Hide the config knob (git-fixes).\n- x86/microcode: Include vendor headers into microcode.h (git-fixes).\n- x86/microcode: Make reload_early_microcode() static (git-fixes).\n- x86/microcode: Mop up early loading leftovers (git-fixes).\n- x86/microcode: Move core specific defines to local header (git-fixes).\n- x86/microcode: Prepare for minimal revision check (git-fixes).\n- x86/microcode: Protect against instrumentation (git-fixes).\n- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).\n- x86/microcode: Provide new control functions (git-fixes).\n- x86/microcode: Remove microcode_mutex (git-fixes).\n- x86/microcode: Remove pointless apply() invocation (git-fixes).\n- x86/microcode: Remove the driver announcement and version (git-fixes).\n- x86/microcode: Rendezvous and load in NMI (git-fixes).\n- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).\n- x86/microcode: Rework early revisions reporting (git-fixes).\n- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).\n- x86/mm: Remove unused microcode.h include (git-fixes).\n- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).\n- x86/platform/olpc: Remove unused variable \u0027len\u0027 in olpc_dt_compatible_match() (git-fixes).\n- x86/sev: Move sev_setup_arch() to mem_encrypt.c (bsc#1239314).\n- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).\n- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).\n- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).\n- x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes).\n- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()\u0027s description (git-fixes).\n- x86/vmware: Add TDX hypercall support (jsc#PED-11518).\n- x86/vmware: Correct macro names (jsc#PED-11518).\n- x86/vmware: Introduce VMware hypercall API (jsc#PED-11518).\n- x86/vmware: Remove legacy VMWARE_HYPERCALL* macros (jsc#PED-11518).\n- x86/vmware: Use VMware hypercall API (jsc#PED-11518).\n- x86/xen: move xen_reserve_extra_memory() (git-fixes).\n- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).\n- xen: Change xen-acpi-processor dom0 dependency (git-fixes).\n- xenfs/xensyms: respect hypervisor\u0027s \u0027next\u0027 indication (git-fixes).\n- xfs: flush inodegc before swapon (git-fixes).\n- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).\n- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).\n- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).\n- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).\n- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).\n- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).\n- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).\n- xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550).\n- xhci: Limit time spent with xHC interrupts disabled during bus resume (stable-fixes).\n- xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550).\n- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).\n- xhci: dbc: Convert to use sysfs_streq() (git-fixes).\n- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).\n- xhci: dbc: Fix STALL transfer event handling (git-fixes).\n- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).\n- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).\n- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).\n- xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550).\n- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).\n- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).\n- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).\n- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).\n- xhci: pci: Use standard pattern for device IDs (git-fixes).\n- xhci: split free interrupter into separate remove and free parts (git-fixes).\n- xsk: Add truesize to skb_add_rx_frag() (git-fixes).\n- xsk: Do not assume metadata is always requested in TX completion (git-fixes).\n- zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1951,SUSE-SLE-Module-Basesystem-15-SP7-2025-1951,SUSE-SLE-Module-Development-Tools-15-SP7-2025-1951,SUSE-SLE-Module-Legacy-15-SP7-2025-1951,SUSE-SLE-Module-Live-Patching-15-SP7-2025-1951,SUSE-SLE-Product-HA-15-SP7-2025-1951,SUSE-SLE-Product-WE-15-SP7-2025-1951",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01951-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01951-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501951-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01951-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040285.html"
},
{
"category": "self",
"summary": "SUSE Bug 1207948",
"url": "https://bugzilla.suse.com/1207948"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1220419",
"url": "https://bugzilla.suse.com/1220419"
},
{
"category": "self",
"summary": "SUSE Bug 1222649",
"url": "https://bugzilla.suse.com/1222649"
},
{
"category": "self",
"summary": "SUSE Bug 1222656",
"url": "https://bugzilla.suse.com/1222656"
},
{
"category": "self",
"summary": "SUSE Bug 1223096",
"url": "https://bugzilla.suse.com/1223096"
},
{
"category": "self",
"summary": "SUSE Bug 1223809",
"url": "https://bugzilla.suse.com/1223809"
},
{
"category": "self",
"summary": "SUSE Bug 1224013",
"url": "https://bugzilla.suse.com/1224013"
},
{
"category": "self",
"summary": "SUSE Bug 1224489",
"url": "https://bugzilla.suse.com/1224489"
},
{
"category": "self",
"summary": "SUSE Bug 1224597",
"url": "https://bugzilla.suse.com/1224597"
},
{
"category": "self",
"summary": "SUSE Bug 1224757",
"url": "https://bugzilla.suse.com/1224757"
},
{
"category": "self",
"summary": "SUSE Bug 1225742",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "self",
"summary": "SUSE Bug 1225770",
"url": "https://bugzilla.suse.com/1225770"
},
{
"category": "self",
"summary": "SUSE Bug 1226871",
"url": "https://bugzilla.suse.com/1226871"
},
{
"category": "self",
"summary": "SUSE Bug 1227858",
"url": "https://bugzilla.suse.com/1227858"
},
{
"category": "self",
"summary": "SUSE Bug 1228659",
"url": "https://bugzilla.suse.com/1228659"
},
{
"category": "self",
"summary": "SUSE Bug 1229311",
"url": "https://bugzilla.suse.com/1229311"
},
{
"category": "self",
"summary": "SUSE Bug 1230497",
"url": "https://bugzilla.suse.com/1230497"
},
{
"category": "self",
"summary": "SUSE Bug 1230581",
"url": "https://bugzilla.suse.com/1230581"
},
{
"category": "self",
"summary": "SUSE Bug 1230764",
"url": "https://bugzilla.suse.com/1230764"
},
{
"category": "self",
"summary": "SUSE Bug 1230769",
"url": "https://bugzilla.suse.com/1230769"
},
{
"category": "self",
"summary": "SUSE Bug 1231016",
"url": "https://bugzilla.suse.com/1231016"
},
{
"category": "self",
"summary": "SUSE Bug 1231103",
"url": "https://bugzilla.suse.com/1231103"
},
{
"category": "self",
"summary": "SUSE Bug 1231293",
"url": "https://bugzilla.suse.com/1231293"
},
{
"category": "self",
"summary": "SUSE Bug 1231910",
"url": "https://bugzilla.suse.com/1231910"
},
{
"category": "self",
"summary": "SUSE Bug 1232364",
"url": "https://bugzilla.suse.com/1232364"
},
{
"category": "self",
"summary": "SUSE Bug 1232389",
"url": "https://bugzilla.suse.com/1232389"
},
{
"category": "self",
"summary": "SUSE Bug 1232493",
"url": "https://bugzilla.suse.com/1232493"
},
{
"category": "self",
"summary": "SUSE Bug 1232649",
"url": "https://bugzilla.suse.com/1232649"
},
{
"category": "self",
"summary": "SUSE Bug 1232848",
"url": "https://bugzilla.suse.com/1232848"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1232895",
"url": "https://bugzilla.suse.com/1232895"
},
{
"category": "self",
"summary": "SUSE Bug 1233060",
"url": "https://bugzilla.suse.com/1233060"
},
{
"category": "self",
"summary": "SUSE Bug 1233192",
"url": "https://bugzilla.suse.com/1233192"
},
{
"category": "self",
"summary": "SUSE Bug 1233479",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "self",
"summary": "SUSE Bug 1233551",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "self",
"summary": "SUSE Bug 1233557",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "self",
"summary": "SUSE Bug 1234074",
"url": "https://bugzilla.suse.com/1234074"
},
{
"category": "self",
"summary": "SUSE Bug 1234157",
"url": "https://bugzilla.suse.com/1234157"
},
{
"category": "self",
"summary": "SUSE Bug 1234222",
"url": "https://bugzilla.suse.com/1234222"
},
{
"category": "self",
"summary": "SUSE Bug 1234480",
"url": "https://bugzilla.suse.com/1234480"
},
{
"category": "self",
"summary": "SUSE Bug 1234698",
"url": "https://bugzilla.suse.com/1234698"
},
{
"category": "self",
"summary": "SUSE Bug 1234828",
"url": "https://bugzilla.suse.com/1234828"
},
{
"category": "self",
"summary": "SUSE Bug 1234936",
"url": "https://bugzilla.suse.com/1234936"
},
{
"category": "self",
"summary": "SUSE Bug 1235149",
"url": "https://bugzilla.suse.com/1235149"
},
{
"category": "self",
"summary": "SUSE Bug 1235436",
"url": "https://bugzilla.suse.com/1235436"
},
{
"category": "self",
"summary": "SUSE Bug 1235455",
"url": "https://bugzilla.suse.com/1235455"
},
{
"category": "self",
"summary": "SUSE Bug 1235501",
"url": "https://bugzilla.suse.com/1235501"
},
{
"category": "self",
"summary": "SUSE Bug 1235524",
"url": "https://bugzilla.suse.com/1235524"
},
{
"category": "self",
"summary": "SUSE Bug 1235526",
"url": "https://bugzilla.suse.com/1235526"
},
{
"category": "self",
"summary": "SUSE Bug 1235550",
"url": "https://bugzilla.suse.com/1235550"
},
{
"category": "self",
"summary": "SUSE Bug 1235589",
"url": "https://bugzilla.suse.com/1235589"
},
{
"category": "self",
"summary": "SUSE Bug 1235591",
"url": "https://bugzilla.suse.com/1235591"
},
{
"category": "self",
"summary": "SUSE Bug 1235621",
"url": "https://bugzilla.suse.com/1235621"
},
{
"category": "self",
"summary": "SUSE Bug 1235637",
"url": "https://bugzilla.suse.com/1235637"
},
{
"category": "self",
"summary": "SUSE Bug 1235711",
"url": "https://bugzilla.suse.com/1235711"
},
{
"category": "self",
"summary": "SUSE Bug 1235712",
"url": "https://bugzilla.suse.com/1235712"
},
{
"category": "self",
"summary": "SUSE Bug 1235715",
"url": "https://bugzilla.suse.com/1235715"
},
{
"category": "self",
"summary": "SUSE Bug 1235729",
"url": "https://bugzilla.suse.com/1235729"
},
{
"category": "self",
"summary": "SUSE Bug 1235733",
"url": "https://bugzilla.suse.com/1235733"
},
{
"category": "self",
"summary": "SUSE Bug 1235870",
"url": "https://bugzilla.suse.com/1235870"
},
{
"category": "self",
"summary": "SUSE Bug 1235973",
"url": "https://bugzilla.suse.com/1235973"
},
{
"category": "self",
"summary": "SUSE Bug 1236086",
"url": "https://bugzilla.suse.com/1236086"
},
{
"category": "self",
"summary": "SUSE Bug 1236111",
"url": "https://bugzilla.suse.com/1236111"
},
{
"category": "self",
"summary": "SUSE Bug 1236142",
"url": "https://bugzilla.suse.com/1236142"
},
{
"category": "self",
"summary": "SUSE Bug 1236206",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1236333",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "self",
"summary": "SUSE Bug 1236394",
"url": "https://bugzilla.suse.com/1236394"
},
{
"category": "self",
"summary": "SUSE Bug 1236704",
"url": "https://bugzilla.suse.com/1236704"
},
{
"category": "self",
"summary": "SUSE Bug 1237111",
"url": "https://bugzilla.suse.com/1237111"
},
{
"category": "self",
"summary": "SUSE Bug 1237164",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1237313",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "self",
"summary": "SUSE Bug 1237530",
"url": "https://bugzilla.suse.com/1237530"
},
{
"category": "self",
"summary": "SUSE Bug 1237545",
"url": "https://bugzilla.suse.com/1237545"
},
{
"category": "self",
"summary": "SUSE Bug 1237546",
"url": "https://bugzilla.suse.com/1237546"
},
{
"category": "self",
"summary": "SUSE Bug 1237704",
"url": "https://bugzilla.suse.com/1237704"
},
{
"category": "self",
"summary": "SUSE Bug 1237757",
"url": "https://bugzilla.suse.com/1237757"
},
{
"category": "self",
"summary": "SUSE Bug 1237874",
"url": "https://bugzilla.suse.com/1237874"
},
{
"category": "self",
"summary": "SUSE Bug 1237875",
"url": "https://bugzilla.suse.com/1237875"
},
{
"category": "self",
"summary": "SUSE Bug 1237882",
"url": "https://bugzilla.suse.com/1237882"
},
{
"category": "self",
"summary": "SUSE Bug 1237885",
"url": "https://bugzilla.suse.com/1237885"
},
{
"category": "self",
"summary": "SUSE Bug 1237897",
"url": "https://bugzilla.suse.com/1237897"
},
{
"category": "self",
"summary": "SUSE Bug 1237906",
"url": "https://bugzilla.suse.com/1237906"
},
{
"category": "self",
"summary": "SUSE Bug 1238052",
"url": "https://bugzilla.suse.com/1238052"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238471",
"url": "https://bugzilla.suse.com/1238471"
},
{
"category": "self",
"summary": "SUSE Bug 1238473",
"url": "https://bugzilla.suse.com/1238473"
},
{
"category": "self",
"summary": "SUSE Bug 1238506",
"url": "https://bugzilla.suse.com/1238506"
},
{
"category": "self",
"summary": "SUSE Bug 1238527",
"url": "https://bugzilla.suse.com/1238527"
},
{
"category": "self",
"summary": "SUSE Bug 1238528",
"url": "https://bugzilla.suse.com/1238528"
},
{
"category": "self",
"summary": "SUSE Bug 1238532",
"url": "https://bugzilla.suse.com/1238532"
},
{
"category": "self",
"summary": "SUSE Bug 1238565",
"url": "https://bugzilla.suse.com/1238565"
},
{
"category": "self",
"summary": "SUSE Bug 1238585",
"url": "https://bugzilla.suse.com/1238585"
},
{
"category": "self",
"summary": "SUSE Bug 1238714",
"url": "https://bugzilla.suse.com/1238714"
},
{
"category": "self",
"summary": "SUSE Bug 1238716",
"url": "https://bugzilla.suse.com/1238716"
},
{
"category": "self",
"summary": "SUSE Bug 1238737",
"url": "https://bugzilla.suse.com/1238737"
},
{
"category": "self",
"summary": "SUSE Bug 1238738",
"url": "https://bugzilla.suse.com/1238738"
},
{
"category": "self",
"summary": "SUSE Bug 1238742",
"url": "https://bugzilla.suse.com/1238742"
},
{
"category": "self",
"summary": "SUSE Bug 1238743",
"url": "https://bugzilla.suse.com/1238743"
},
{
"category": "self",
"summary": "SUSE Bug 1238745",
"url": "https://bugzilla.suse.com/1238745"
},
{
"category": "self",
"summary": "SUSE Bug 1238746",
"url": "https://bugzilla.suse.com/1238746"
},
{
"category": "self",
"summary": "SUSE Bug 1238754",
"url": "https://bugzilla.suse.com/1238754"
},
{
"category": "self",
"summary": "SUSE Bug 1238763",
"url": "https://bugzilla.suse.com/1238763"
},
{
"category": "self",
"summary": "SUSE Bug 1238774",
"url": "https://bugzilla.suse.com/1238774"
},
{
"category": "self",
"summary": "SUSE Bug 1238775",
"url": "https://bugzilla.suse.com/1238775"
},
{
"category": "self",
"summary": "SUSE Bug 1238780",
"url": "https://bugzilla.suse.com/1238780"
},
{
"category": "self",
"summary": "SUSE Bug 1238782",
"url": "https://bugzilla.suse.com/1238782"
},
{
"category": "self",
"summary": "SUSE Bug 1238862",
"url": "https://bugzilla.suse.com/1238862"
},
{
"category": "self",
"summary": "SUSE Bug 1238866",
"url": "https://bugzilla.suse.com/1238866"
},
{
"category": "self",
"summary": "SUSE Bug 1238911",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "self",
"summary": "SUSE Bug 1238961",
"url": "https://bugzilla.suse.com/1238961"
},
{
"category": "self",
"summary": "SUSE Bug 1238970",
"url": "https://bugzilla.suse.com/1238970"
},
{
"category": "self",
"summary": "SUSE Bug 1238972",
"url": "https://bugzilla.suse.com/1238972"
},
{
"category": "self",
"summary": "SUSE Bug 1238983",
"url": "https://bugzilla.suse.com/1238983"
},
{
"category": "self",
"summary": "SUSE Bug 1238990",
"url": "https://bugzilla.suse.com/1238990"
},
{
"category": "self",
"summary": "SUSE Bug 1238992",
"url": "https://bugzilla.suse.com/1238992"
},
{
"category": "self",
"summary": "SUSE Bug 1238997",
"url": "https://bugzilla.suse.com/1238997"
},
{
"category": "self",
"summary": "SUSE Bug 1239015",
"url": "https://bugzilla.suse.com/1239015"
},
{
"category": "self",
"summary": "SUSE Bug 1239016",
"url": "https://bugzilla.suse.com/1239016"
},
{
"category": "self",
"summary": "SUSE Bug 1239036",
"url": "https://bugzilla.suse.com/1239036"
},
{
"category": "self",
"summary": "SUSE Bug 1239045",
"url": "https://bugzilla.suse.com/1239045"
},
{
"category": "self",
"summary": "SUSE Bug 1239064",
"url": "https://bugzilla.suse.com/1239064"
},
{
"category": "self",
"summary": "SUSE Bug 1239066",
"url": "https://bugzilla.suse.com/1239066"
},
{
"category": "self",
"summary": "SUSE Bug 1239079",
"url": "https://bugzilla.suse.com/1239079"
},
{
"category": "self",
"summary": "SUSE Bug 1239105",
"url": "https://bugzilla.suse.com/1239105"
},
{
"category": "self",
"summary": "SUSE Bug 1239108",
"url": "https://bugzilla.suse.com/1239108"
},
{
"category": "self",
"summary": "SUSE Bug 1239117",
"url": "https://bugzilla.suse.com/1239117"
},
{
"category": "self",
"summary": "SUSE Bug 1239174",
"url": "https://bugzilla.suse.com/1239174"
},
{
"category": "self",
"summary": "SUSE Bug 1239314",
"url": "https://bugzilla.suse.com/1239314"
},
{
"category": "self",
"summary": "SUSE Bug 1239346",
"url": "https://bugzilla.suse.com/1239346"
},
{
"category": "self",
"summary": "SUSE Bug 1239349",
"url": "https://bugzilla.suse.com/1239349"
},
{
"category": "self",
"summary": "SUSE Bug 1239467",
"url": "https://bugzilla.suse.com/1239467"
},
{
"category": "self",
"summary": "SUSE Bug 1239468",
"url": "https://bugzilla.suse.com/1239468"
},
{
"category": "self",
"summary": "SUSE Bug 1239470",
"url": "https://bugzilla.suse.com/1239470"
},
{
"category": "self",
"summary": "SUSE Bug 1239471",
"url": "https://bugzilla.suse.com/1239471"
},
{
"category": "self",
"summary": "SUSE Bug 1239473",
"url": "https://bugzilla.suse.com/1239473"
},
{
"category": "self",
"summary": "SUSE Bug 1239474",
"url": "https://bugzilla.suse.com/1239474"
},
{
"category": "self",
"summary": "SUSE Bug 1239475",
"url": "https://bugzilla.suse.com/1239475"
},
{
"category": "self",
"summary": "SUSE Bug 1239476",
"url": "https://bugzilla.suse.com/1239476"
},
{
"category": "self",
"summary": "SUSE Bug 1239477",
"url": "https://bugzilla.suse.com/1239477"
},
{
"category": "self",
"summary": "SUSE Bug 1239478",
"url": "https://bugzilla.suse.com/1239478"
},
{
"category": "self",
"summary": "SUSE Bug 1239479",
"url": "https://bugzilla.suse.com/1239479"
},
{
"category": "self",
"summary": "SUSE Bug 1239481",
"url": "https://bugzilla.suse.com/1239481"
},
{
"category": "self",
"summary": "SUSE Bug 1239482",
"url": "https://bugzilla.suse.com/1239482"
},
{
"category": "self",
"summary": "SUSE Bug 1239483",
"url": "https://bugzilla.suse.com/1239483"
},
{
"category": "self",
"summary": "SUSE Bug 1239484",
"url": "https://bugzilla.suse.com/1239484"
},
{
"category": "self",
"summary": "SUSE Bug 1239486",
"url": "https://bugzilla.suse.com/1239486"
},
{
"category": "self",
"summary": "SUSE Bug 1239487",
"url": "https://bugzilla.suse.com/1239487"
},
{
"category": "self",
"summary": "SUSE Bug 1239508",
"url": "https://bugzilla.suse.com/1239508"
},
{
"category": "self",
"summary": "SUSE Bug 1239510",
"url": "https://bugzilla.suse.com/1239510"
},
{
"category": "self",
"summary": "SUSE Bug 1239512",
"url": "https://bugzilla.suse.com/1239512"
},
{
"category": "self",
"summary": "SUSE Bug 1239518",
"url": "https://bugzilla.suse.com/1239518"
},
{
"category": "self",
"summary": "SUSE Bug 1239573",
"url": "https://bugzilla.suse.com/1239573"
},
{
"category": "self",
"summary": "SUSE Bug 1239594",
"url": "https://bugzilla.suse.com/1239594"
},
{
"category": "self",
"summary": "SUSE Bug 1239595",
"url": "https://bugzilla.suse.com/1239595"
},
{
"category": "self",
"summary": "SUSE Bug 1239600",
"url": "https://bugzilla.suse.com/1239600"
},
{
"category": "self",
"summary": "SUSE Bug 1239605",
"url": "https://bugzilla.suse.com/1239605"
},
{
"category": "self",
"summary": "SUSE Bug 1239644",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "self",
"summary": "SUSE Bug 1239684",
"url": "https://bugzilla.suse.com/1239684"
},
{
"category": "self",
"summary": "SUSE Bug 1239691",
"url": "https://bugzilla.suse.com/1239691"
},
{
"category": "self",
"summary": "SUSE Bug 1239707",
"url": "https://bugzilla.suse.com/1239707"
},
{
"category": "self",
"summary": "SUSE Bug 1239906",
"url": "https://bugzilla.suse.com/1239906"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1239934",
"url": "https://bugzilla.suse.com/1239934"
},
{
"category": "self",
"summary": "SUSE Bug 1239986",
"url": "https://bugzilla.suse.com/1239986"
},
{
"category": "self",
"summary": "SUSE Bug 1239994",
"url": "https://bugzilla.suse.com/1239994"
},
{
"category": "self",
"summary": "SUSE Bug 1239997",
"url": "https://bugzilla.suse.com/1239997"
},
{
"category": "self",
"summary": "SUSE Bug 1240167",
"url": "https://bugzilla.suse.com/1240167"
},
{
"category": "self",
"summary": "SUSE Bug 1240168",
"url": "https://bugzilla.suse.com/1240168"
},
{
"category": "self",
"summary": "SUSE Bug 1240169",
"url": "https://bugzilla.suse.com/1240169"
},
{
"category": "self",
"summary": "SUSE Bug 1240171",
"url": "https://bugzilla.suse.com/1240171"
},
{
"category": "self",
"summary": "SUSE Bug 1240172",
"url": "https://bugzilla.suse.com/1240172"
},
{
"category": "self",
"summary": "SUSE Bug 1240173",
"url": "https://bugzilla.suse.com/1240173"
},
{
"category": "self",
"summary": "SUSE Bug 1240174",
"url": "https://bugzilla.suse.com/1240174"
},
{
"category": "self",
"summary": "SUSE Bug 1240175",
"url": "https://bugzilla.suse.com/1240175"
},
{
"category": "self",
"summary": "SUSE Bug 1240176",
"url": "https://bugzilla.suse.com/1240176"
},
{
"category": "self",
"summary": "SUSE Bug 1240177",
"url": "https://bugzilla.suse.com/1240177"
},
{
"category": "self",
"summary": "SUSE Bug 1240179",
"url": "https://bugzilla.suse.com/1240179"
},
{
"category": "self",
"summary": "SUSE Bug 1240181",
"url": "https://bugzilla.suse.com/1240181"
},
{
"category": "self",
"summary": "SUSE Bug 1240182",
"url": "https://bugzilla.suse.com/1240182"
},
{
"category": "self",
"summary": "SUSE Bug 1240183",
"url": "https://bugzilla.suse.com/1240183"
},
{
"category": "self",
"summary": "SUSE Bug 1240184",
"url": "https://bugzilla.suse.com/1240184"
},
{
"category": "self",
"summary": "SUSE Bug 1240185",
"url": "https://bugzilla.suse.com/1240185"
},
{
"category": "self",
"summary": "SUSE Bug 1240186",
"url": "https://bugzilla.suse.com/1240186"
},
{
"category": "self",
"summary": "SUSE Bug 1240187",
"url": "https://bugzilla.suse.com/1240187"
},
{
"category": "self",
"summary": "SUSE Bug 1240188",
"url": "https://bugzilla.suse.com/1240188"
},
{
"category": "self",
"summary": "SUSE Bug 1240189",
"url": "https://bugzilla.suse.com/1240189"
},
{
"category": "self",
"summary": "SUSE Bug 1240191",
"url": "https://bugzilla.suse.com/1240191"
},
{
"category": "self",
"summary": "SUSE Bug 1240192",
"url": "https://bugzilla.suse.com/1240192"
},
{
"category": "self",
"summary": "SUSE Bug 1240333",
"url": "https://bugzilla.suse.com/1240333"
},
{
"category": "self",
"summary": "SUSE Bug 1240334",
"url": "https://bugzilla.suse.com/1240334"
},
{
"category": "self",
"summary": "SUSE Bug 1240375",
"url": "https://bugzilla.suse.com/1240375"
},
{
"category": "self",
"summary": "SUSE Bug 1240419",
"url": "https://bugzilla.suse.com/1240419"
},
{
"category": "self",
"summary": "SUSE Bug 1240427",
"url": "https://bugzilla.suse.com/1240427"
},
{
"category": "self",
"summary": "SUSE Bug 1240557",
"url": "https://bugzilla.suse.com/1240557"
},
{
"category": "self",
"summary": "SUSE Bug 1240575",
"url": "https://bugzilla.suse.com/1240575"
},
{
"category": "self",
"summary": "SUSE Bug 1240576",
"url": "https://bugzilla.suse.com/1240576"
},
{
"category": "self",
"summary": "SUSE Bug 1240581",
"url": "https://bugzilla.suse.com/1240581"
},
{
"category": "self",
"summary": "SUSE Bug 1240582",
"url": "https://bugzilla.suse.com/1240582"
},
{
"category": "self",
"summary": "SUSE Bug 1240583",
"url": "https://bugzilla.suse.com/1240583"
},
{
"category": "self",
"summary": "SUSE Bug 1240584",
"url": "https://bugzilla.suse.com/1240584"
},
{
"category": "self",
"summary": "SUSE Bug 1240585",
"url": "https://bugzilla.suse.com/1240585"
},
{
"category": "self",
"summary": "SUSE Bug 1240587",
"url": "https://bugzilla.suse.com/1240587"
},
{
"category": "self",
"summary": "SUSE Bug 1240590",
"url": "https://bugzilla.suse.com/1240590"
},
{
"category": "self",
"summary": "SUSE Bug 1240591",
"url": "https://bugzilla.suse.com/1240591"
},
{
"category": "self",
"summary": "SUSE Bug 1240592",
"url": "https://bugzilla.suse.com/1240592"
},
{
"category": "self",
"summary": "SUSE Bug 1240593",
"url": "https://bugzilla.suse.com/1240593"
},
{
"category": "self",
"summary": "SUSE Bug 1240594",
"url": "https://bugzilla.suse.com/1240594"
},
{
"category": "self",
"summary": "SUSE Bug 1240595",
"url": "https://bugzilla.suse.com/1240595"
},
{
"category": "self",
"summary": "SUSE Bug 1240596",
"url": "https://bugzilla.suse.com/1240596"
},
{
"category": "self",
"summary": "SUSE Bug 1240600",
"url": "https://bugzilla.suse.com/1240600"
},
{
"category": "self",
"summary": "SUSE Bug 1240612",
"url": "https://bugzilla.suse.com/1240612"
},
{
"category": "self",
"summary": "SUSE Bug 1240616",
"url": "https://bugzilla.suse.com/1240616"
},
{
"category": "self",
"summary": "SUSE Bug 1240639",
"url": "https://bugzilla.suse.com/1240639"
},
{
"category": "self",
"summary": "SUSE Bug 1240643",
"url": "https://bugzilla.suse.com/1240643"
},
{
"category": "self",
"summary": "SUSE Bug 1240647",
"url": "https://bugzilla.suse.com/1240647"
},
{
"category": "self",
"summary": "SUSE Bug 1240655",
"url": "https://bugzilla.suse.com/1240655"
},
{
"category": "self",
"summary": "SUSE Bug 1240691",
"url": "https://bugzilla.suse.com/1240691"
},
{
"category": "self",
"summary": "SUSE Bug 1240696",
"url": "https://bugzilla.suse.com/1240696"
},
{
"category": "self",
"summary": "SUSE Bug 1240700",
"url": "https://bugzilla.suse.com/1240700"
},
{
"category": "self",
"summary": "SUSE Bug 1240701",
"url": "https://bugzilla.suse.com/1240701"
},
{
"category": "self",
"summary": "SUSE Bug 1240703",
"url": "https://bugzilla.suse.com/1240703"
},
{
"category": "self",
"summary": "SUSE Bug 1240708",
"url": "https://bugzilla.suse.com/1240708"
},
{
"category": "self",
"summary": "SUSE Bug 1240709",
"url": "https://bugzilla.suse.com/1240709"
},
{
"category": "self",
"summary": "SUSE Bug 1240711",
"url": "https://bugzilla.suse.com/1240711"
},
{
"category": "self",
"summary": "SUSE Bug 1240712",
"url": "https://bugzilla.suse.com/1240712"
},
{
"category": "self",
"summary": "SUSE Bug 1240713",
"url": "https://bugzilla.suse.com/1240713"
},
{
"category": "self",
"summary": "SUSE Bug 1240714",
"url": "https://bugzilla.suse.com/1240714"
},
{
"category": "self",
"summary": "SUSE Bug 1240715",
"url": "https://bugzilla.suse.com/1240715"
},
{
"category": "self",
"summary": "SUSE Bug 1240716",
"url": "https://bugzilla.suse.com/1240716"
},
{
"category": "self",
"summary": "SUSE Bug 1240717",
"url": "https://bugzilla.suse.com/1240717"
},
{
"category": "self",
"summary": "SUSE Bug 1240718",
"url": "https://bugzilla.suse.com/1240718"
},
{
"category": "self",
"summary": "SUSE Bug 1240719",
"url": "https://bugzilla.suse.com/1240719"
},
{
"category": "self",
"summary": "SUSE Bug 1240720",
"url": "https://bugzilla.suse.com/1240720"
},
{
"category": "self",
"summary": "SUSE Bug 1240722",
"url": "https://bugzilla.suse.com/1240722"
},
{
"category": "self",
"summary": "SUSE Bug 1240727",
"url": "https://bugzilla.suse.com/1240727"
},
{
"category": "self",
"summary": "SUSE Bug 1240739",
"url": "https://bugzilla.suse.com/1240739"
},
{
"category": "self",
"summary": "SUSE Bug 1240740",
"url": "https://bugzilla.suse.com/1240740"
},
{
"category": "self",
"summary": "SUSE Bug 1240742",
"url": "https://bugzilla.suse.com/1240742"
},
{
"category": "self",
"summary": "SUSE Bug 1240779",
"url": "https://bugzilla.suse.com/1240779"
},
{
"category": "self",
"summary": "SUSE Bug 1240783",
"url": "https://bugzilla.suse.com/1240783"
},
{
"category": "self",
"summary": "SUSE Bug 1240784",
"url": "https://bugzilla.suse.com/1240784"
},
{
"category": "self",
"summary": "SUSE Bug 1240785",
"url": "https://bugzilla.suse.com/1240785"
},
{
"category": "self",
"summary": "SUSE Bug 1240795",
"url": "https://bugzilla.suse.com/1240795"
},
{
"category": "self",
"summary": "SUSE Bug 1240796",
"url": "https://bugzilla.suse.com/1240796"
},
{
"category": "self",
"summary": "SUSE Bug 1240797",
"url": "https://bugzilla.suse.com/1240797"
},
{
"category": "self",
"summary": "SUSE Bug 1240799",
"url": "https://bugzilla.suse.com/1240799"
},
{
"category": "self",
"summary": "SUSE Bug 1240800",
"url": "https://bugzilla.suse.com/1240800"
},
{
"category": "self",
"summary": "SUSE Bug 1240801",
"url": "https://bugzilla.suse.com/1240801"
},
{
"category": "self",
"summary": "SUSE Bug 1240802",
"url": "https://bugzilla.suse.com/1240802"
},
{
"category": "self",
"summary": "SUSE Bug 1240803",
"url": "https://bugzilla.suse.com/1240803"
},
{
"category": "self",
"summary": "SUSE Bug 1240804",
"url": "https://bugzilla.suse.com/1240804"
},
{
"category": "self",
"summary": "SUSE Bug 1240805",
"url": "https://bugzilla.suse.com/1240805"
},
{
"category": "self",
"summary": "SUSE Bug 1240806",
"url": "https://bugzilla.suse.com/1240806"
},
{
"category": "self",
"summary": "SUSE Bug 1240808",
"url": "https://bugzilla.suse.com/1240808"
},
{
"category": "self",
"summary": "SUSE Bug 1240809",
"url": "https://bugzilla.suse.com/1240809"
},
{
"category": "self",
"summary": "SUSE Bug 1240811",
"url": "https://bugzilla.suse.com/1240811"
},
{
"category": "self",
"summary": "SUSE Bug 1240812",
"url": "https://bugzilla.suse.com/1240812"
},
{
"category": "self",
"summary": "SUSE Bug 1240813",
"url": "https://bugzilla.suse.com/1240813"
},
{
"category": "self",
"summary": "SUSE Bug 1240815",
"url": "https://bugzilla.suse.com/1240815"
},
{
"category": "self",
"summary": "SUSE Bug 1240816",
"url": "https://bugzilla.suse.com/1240816"
},
{
"category": "self",
"summary": "SUSE Bug 1240819",
"url": "https://bugzilla.suse.com/1240819"
},
{
"category": "self",
"summary": "SUSE Bug 1240821",
"url": "https://bugzilla.suse.com/1240821"
},
{
"category": "self",
"summary": "SUSE Bug 1240825",
"url": "https://bugzilla.suse.com/1240825"
},
{
"category": "self",
"summary": "SUSE Bug 1240829",
"url": "https://bugzilla.suse.com/1240829"
},
{
"category": "self",
"summary": "SUSE Bug 1240873",
"url": "https://bugzilla.suse.com/1240873"
},
{
"category": "self",
"summary": "SUSE Bug 1240934",
"url": "https://bugzilla.suse.com/1240934"
},
{
"category": "self",
"summary": "SUSE Bug 1240936",
"url": "https://bugzilla.suse.com/1240936"
},
{
"category": "self",
"summary": "SUSE Bug 1240937",
"url": "https://bugzilla.suse.com/1240937"
},
{
"category": "self",
"summary": "SUSE Bug 1240938",
"url": "https://bugzilla.suse.com/1240938"
},
{
"category": "self",
"summary": "SUSE Bug 1240940",
"url": "https://bugzilla.suse.com/1240940"
},
{
"category": "self",
"summary": "SUSE Bug 1240942",
"url": "https://bugzilla.suse.com/1240942"
},
{
"category": "self",
"summary": "SUSE Bug 1240943",
"url": "https://bugzilla.suse.com/1240943"
},
{
"category": "self",
"summary": "SUSE Bug 1240944",
"url": "https://bugzilla.suse.com/1240944"
},
{
"category": "self",
"summary": "SUSE Bug 1240966",
"url": "https://bugzilla.suse.com/1240966"
},
{
"category": "self",
"summary": "SUSE Bug 1240978",
"url": "https://bugzilla.suse.com/1240978"
},
{
"category": "self",
"summary": "SUSE Bug 1240979",
"url": "https://bugzilla.suse.com/1240979"
},
{
"category": "self",
"summary": "SUSE Bug 1241010",
"url": "https://bugzilla.suse.com/1241010"
},
{
"category": "self",
"summary": "SUSE Bug 1241038",
"url": "https://bugzilla.suse.com/1241038"
},
{
"category": "self",
"summary": "SUSE Bug 1241051",
"url": "https://bugzilla.suse.com/1241051"
},
{
"category": "self",
"summary": "SUSE Bug 1241123",
"url": "https://bugzilla.suse.com/1241123"
},
{
"category": "self",
"summary": "SUSE Bug 1241148",
"url": "https://bugzilla.suse.com/1241148"
},
{
"category": "self",
"summary": "SUSE Bug 1241151",
"url": "https://bugzilla.suse.com/1241151"
},
{
"category": "self",
"summary": "SUSE Bug 1241166",
"url": "https://bugzilla.suse.com/1241166"
},
{
"category": "self",
"summary": "SUSE Bug 1241167",
"url": "https://bugzilla.suse.com/1241167"
},
{
"category": "self",
"summary": "SUSE Bug 1241175",
"url": "https://bugzilla.suse.com/1241175"
},
{
"category": "self",
"summary": "SUSE Bug 1241193",
"url": "https://bugzilla.suse.com/1241193"
},
{
"category": "self",
"summary": "SUSE Bug 1241204",
"url": "https://bugzilla.suse.com/1241204"
},
{
"category": "self",
"summary": "SUSE Bug 1241250",
"url": "https://bugzilla.suse.com/1241250"
},
{
"category": "self",
"summary": "SUSE Bug 1241265",
"url": "https://bugzilla.suse.com/1241265"
},
{
"category": "self",
"summary": "SUSE Bug 1241266",
"url": "https://bugzilla.suse.com/1241266"
},
{
"category": "self",
"summary": "SUSE Bug 1241280",
"url": "https://bugzilla.suse.com/1241280"
},
{
"category": "self",
"summary": "SUSE Bug 1241282",
"url": "https://bugzilla.suse.com/1241282"
},
{
"category": "self",
"summary": "SUSE Bug 1241305",
"url": "https://bugzilla.suse.com/1241305"
},
{
"category": "self",
"summary": "SUSE Bug 1241319",
"url": "https://bugzilla.suse.com/1241319"
},
{
"category": "self",
"summary": "SUSE Bug 1241332",
"url": "https://bugzilla.suse.com/1241332"
},
{
"category": "self",
"summary": "SUSE Bug 1241333",
"url": "https://bugzilla.suse.com/1241333"
},
{
"category": "self",
"summary": "SUSE Bug 1241341",
"url": "https://bugzilla.suse.com/1241341"
},
{
"category": "self",
"summary": "SUSE Bug 1241343",
"url": "https://bugzilla.suse.com/1241343"
},
{
"category": "self",
"summary": "SUSE Bug 1241344",
"url": "https://bugzilla.suse.com/1241344"
},
{
"category": "self",
"summary": "SUSE Bug 1241347",
"url": "https://bugzilla.suse.com/1241347"
},
{
"category": "self",
"summary": "SUSE Bug 1241351",
"url": "https://bugzilla.suse.com/1241351"
},
{
"category": "self",
"summary": "SUSE Bug 1241357",
"url": "https://bugzilla.suse.com/1241357"
},
{
"category": "self",
"summary": "SUSE Bug 1241361",
"url": "https://bugzilla.suse.com/1241361"
},
{
"category": "self",
"summary": "SUSE Bug 1241369",
"url": "https://bugzilla.suse.com/1241369"
},
{
"category": "self",
"summary": "SUSE Bug 1241373",
"url": "https://bugzilla.suse.com/1241373"
},
{
"category": "self",
"summary": "SUSE Bug 1241376",
"url": "https://bugzilla.suse.com/1241376"
},
{
"category": "self",
"summary": "SUSE Bug 1241388",
"url": "https://bugzilla.suse.com/1241388"
},
{
"category": "self",
"summary": "SUSE Bug 1241394",
"url": "https://bugzilla.suse.com/1241394"
},
{
"category": "self",
"summary": "SUSE Bug 1241402",
"url": "https://bugzilla.suse.com/1241402"
},
{
"category": "self",
"summary": "SUSE Bug 1241412",
"url": "https://bugzilla.suse.com/1241412"
},
{
"category": "self",
"summary": "SUSE Bug 1241413",
"url": "https://bugzilla.suse.com/1241413"
},
{
"category": "self",
"summary": "SUSE Bug 1241416",
"url": "https://bugzilla.suse.com/1241416"
},
{
"category": "self",
"summary": "SUSE Bug 1241419",
"url": "https://bugzilla.suse.com/1241419"
},
{
"category": "self",
"summary": "SUSE Bug 1241424",
"url": "https://bugzilla.suse.com/1241424"
},
{
"category": "self",
"summary": "SUSE Bug 1241426",
"url": "https://bugzilla.suse.com/1241426"
},
{
"category": "self",
"summary": "SUSE Bug 1241433",
"url": "https://bugzilla.suse.com/1241433"
},
{
"category": "self",
"summary": "SUSE Bug 1241436",
"url": "https://bugzilla.suse.com/1241436"
},
{
"category": "self",
"summary": "SUSE Bug 1241441",
"url": "https://bugzilla.suse.com/1241441"
},
{
"category": "self",
"summary": "SUSE Bug 1241442",
"url": "https://bugzilla.suse.com/1241442"
},
{
"category": "self",
"summary": "SUSE Bug 1241443",
"url": "https://bugzilla.suse.com/1241443"
},
{
"category": "self",
"summary": "SUSE Bug 1241448",
"url": "https://bugzilla.suse.com/1241448"
},
{
"category": "self",
"summary": "SUSE Bug 1241451",
"url": "https://bugzilla.suse.com/1241451"
},
{
"category": "self",
"summary": "SUSE Bug 1241452",
"url": "https://bugzilla.suse.com/1241452"
},
{
"category": "self",
"summary": "SUSE Bug 1241456",
"url": "https://bugzilla.suse.com/1241456"
},
{
"category": "self",
"summary": "SUSE Bug 1241458",
"url": "https://bugzilla.suse.com/1241458"
},
{
"category": "self",
"summary": "SUSE Bug 1241459",
"url": "https://bugzilla.suse.com/1241459"
},
{
"category": "self",
"summary": "SUSE Bug 1241492",
"url": "https://bugzilla.suse.com/1241492"
},
{
"category": "self",
"summary": "SUSE Bug 1241512",
"url": "https://bugzilla.suse.com/1241512"
},
{
"category": "self",
"summary": "SUSE Bug 1241525",
"url": "https://bugzilla.suse.com/1241525"
},
{
"category": "self",
"summary": "SUSE Bug 1241526",
"url": "https://bugzilla.suse.com/1241526"
},
{
"category": "self",
"summary": "SUSE Bug 1241528",
"url": "https://bugzilla.suse.com/1241528"
},
{
"category": "self",
"summary": "SUSE Bug 1241533",
"url": "https://bugzilla.suse.com/1241533"
},
{
"category": "self",
"summary": "SUSE Bug 1241535",
"url": "https://bugzilla.suse.com/1241535"
},
{
"category": "self",
"summary": "SUSE Bug 1241537",
"url": "https://bugzilla.suse.com/1241537"
},
{
"category": "self",
"summary": "SUSE Bug 1241541",
"url": "https://bugzilla.suse.com/1241541"
},
{
"category": "self",
"summary": "SUSE Bug 1241545",
"url": "https://bugzilla.suse.com/1241545"
},
{
"category": "self",
"summary": "SUSE Bug 1241547",
"url": "https://bugzilla.suse.com/1241547"
},
{
"category": "self",
"summary": "SUSE Bug 1241548",
"url": "https://bugzilla.suse.com/1241548"
},
{
"category": "self",
"summary": "SUSE Bug 1241550",
"url": "https://bugzilla.suse.com/1241550"
},
{
"category": "self",
"summary": "SUSE Bug 1241568",
"url": "https://bugzilla.suse.com/1241568"
},
{
"category": "self",
"summary": "SUSE Bug 1241573",
"url": "https://bugzilla.suse.com/1241573"
},
{
"category": "self",
"summary": "SUSE Bug 1241574",
"url": "https://bugzilla.suse.com/1241574"
},
{
"category": "self",
"summary": "SUSE Bug 1241575",
"url": "https://bugzilla.suse.com/1241575"
},
{
"category": "self",
"summary": "SUSE Bug 1241581",
"url": "https://bugzilla.suse.com/1241581"
},
{
"category": "self",
"summary": "SUSE Bug 1241590",
"url": "https://bugzilla.suse.com/1241590"
},
{
"category": "self",
"summary": "SUSE Bug 1241591",
"url": "https://bugzilla.suse.com/1241591"
},
{
"category": "self",
"summary": "SUSE Bug 1241593",
"url": "https://bugzilla.suse.com/1241593"
},
{
"category": "self",
"summary": "SUSE Bug 1241596",
"url": "https://bugzilla.suse.com/1241596"
},
{
"category": "self",
"summary": "SUSE Bug 1241597",
"url": "https://bugzilla.suse.com/1241597"
},
{
"category": "self",
"summary": "SUSE Bug 1241598",
"url": "https://bugzilla.suse.com/1241598"
},
{
"category": "self",
"summary": "SUSE Bug 1241599",
"url": "https://bugzilla.suse.com/1241599"
},
{
"category": "self",
"summary": "SUSE Bug 1241601",
"url": "https://bugzilla.suse.com/1241601"
},
{
"category": "self",
"summary": "SUSE Bug 1241626",
"url": "https://bugzilla.suse.com/1241626"
},
{
"category": "self",
"summary": "SUSE Bug 1241627",
"url": "https://bugzilla.suse.com/1241627"
},
{
"category": "self",
"summary": "SUSE Bug 1241628",
"url": "https://bugzilla.suse.com/1241628"
},
{
"category": "self",
"summary": "SUSE Bug 1241638",
"url": "https://bugzilla.suse.com/1241638"
},
{
"category": "self",
"summary": "SUSE Bug 1241640",
"url": "https://bugzilla.suse.com/1241640"
},
{
"category": "self",
"summary": "SUSE Bug 1241648",
"url": "https://bugzilla.suse.com/1241648"
},
{
"category": "self",
"summary": "SUSE Bug 1241657",
"url": "https://bugzilla.suse.com/1241657"
},
{
"category": "self",
"summary": "SUSE Bug 1242006",
"url": "https://bugzilla.suse.com/1242006"
},
{
"category": "self",
"summary": "SUSE Bug 1242012",
"url": "https://bugzilla.suse.com/1242012"
},
{
"category": "self",
"summary": "SUSE Bug 1242044",
"url": "https://bugzilla.suse.com/1242044"
},
{
"category": "self",
"summary": "SUSE Bug 1242119",
"url": "https://bugzilla.suse.com/1242119"
},
{
"category": "self",
"summary": "SUSE Bug 1242125",
"url": "https://bugzilla.suse.com/1242125"
},
{
"category": "self",
"summary": "SUSE Bug 1242172",
"url": "https://bugzilla.suse.com/1242172"
},
{
"category": "self",
"summary": "SUSE Bug 1242203",
"url": "https://bugzilla.suse.com/1242203"
},
{
"category": "self",
"summary": "SUSE Bug 1242205",
"url": "https://bugzilla.suse.com/1242205"
},
{
"category": "self",
"summary": "SUSE Bug 1242283",
"url": "https://bugzilla.suse.com/1242283"
},
{
"category": "self",
"summary": "SUSE Bug 1242307",
"url": "https://bugzilla.suse.com/1242307"
},
{
"category": "self",
"summary": "SUSE Bug 1242313",
"url": "https://bugzilla.suse.com/1242313"
},
{
"category": "self",
"summary": "SUSE Bug 1242314",
"url": "https://bugzilla.suse.com/1242314"
},
{
"category": "self",
"summary": "SUSE Bug 1242315",
"url": "https://bugzilla.suse.com/1242315"
},
{
"category": "self",
"summary": "SUSE Bug 1242321",
"url": "https://bugzilla.suse.com/1242321"
},
{
"category": "self",
"summary": "SUSE Bug 1242326",
"url": "https://bugzilla.suse.com/1242326"
},
{
"category": "self",
"summary": "SUSE Bug 1242327",
"url": "https://bugzilla.suse.com/1242327"
},
{
"category": "self",
"summary": "SUSE Bug 1242328",
"url": "https://bugzilla.suse.com/1242328"
},
{
"category": "self",
"summary": "SUSE Bug 1242332",
"url": "https://bugzilla.suse.com/1242332"
},
{
"category": "self",
"summary": "SUSE Bug 1242333",
"url": "https://bugzilla.suse.com/1242333"
},
{
"category": "self",
"summary": "SUSE Bug 1242335",
"url": "https://bugzilla.suse.com/1242335"
},
{
"category": "self",
"summary": "SUSE Bug 1242336",
"url": "https://bugzilla.suse.com/1242336"
},
{
"category": "self",
"summary": "SUSE Bug 1242342",
"url": "https://bugzilla.suse.com/1242342"
},
{
"category": "self",
"summary": "SUSE Bug 1242343",
"url": "https://bugzilla.suse.com/1242343"
},
{
"category": "self",
"summary": "SUSE Bug 1242344",
"url": "https://bugzilla.suse.com/1242344"
},
{
"category": "self",
"summary": "SUSE Bug 1242345",
"url": "https://bugzilla.suse.com/1242345"
},
{
"category": "self",
"summary": "SUSE Bug 1242346",
"url": "https://bugzilla.suse.com/1242346"
},
{
"category": "self",
"summary": "SUSE Bug 1242347",
"url": "https://bugzilla.suse.com/1242347"
},
{
"category": "self",
"summary": "SUSE Bug 1242348",
"url": "https://bugzilla.suse.com/1242348"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242417",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "self",
"summary": "SUSE Bug 1242502",
"url": "https://bugzilla.suse.com/1242502"
},
{
"category": "self",
"summary": "SUSE Bug 1242506",
"url": "https://bugzilla.suse.com/1242506"
},
{
"category": "self",
"summary": "SUSE Bug 1242507",
"url": "https://bugzilla.suse.com/1242507"
},
{
"category": "self",
"summary": "SUSE Bug 1242509",
"url": "https://bugzilla.suse.com/1242509"
},
{
"category": "self",
"summary": "SUSE Bug 1242510",
"url": "https://bugzilla.suse.com/1242510"
},
{
"category": "self",
"summary": "SUSE Bug 1242513",
"url": "https://bugzilla.suse.com/1242513"
},
{
"category": "self",
"summary": "SUSE Bug 1242520",
"url": "https://bugzilla.suse.com/1242520"
},
{
"category": "self",
"summary": "SUSE Bug 1242523",
"url": "https://bugzilla.suse.com/1242523"
},
{
"category": "self",
"summary": "SUSE Bug 1242526",
"url": "https://bugzilla.suse.com/1242526"
},
{
"category": "self",
"summary": "SUSE Bug 1242528",
"url": "https://bugzilla.suse.com/1242528"
},
{
"category": "self",
"summary": "SUSE Bug 1242533",
"url": "https://bugzilla.suse.com/1242533"
},
{
"category": "self",
"summary": "SUSE Bug 1242534",
"url": "https://bugzilla.suse.com/1242534"
},
{
"category": "self",
"summary": "SUSE Bug 1242535",
"url": "https://bugzilla.suse.com/1242535"
},
{
"category": "self",
"summary": "SUSE Bug 1242536",
"url": "https://bugzilla.suse.com/1242536"
},
{
"category": "self",
"summary": "SUSE Bug 1242537",
"url": "https://bugzilla.suse.com/1242537"
},
{
"category": "self",
"summary": "SUSE Bug 1242538",
"url": "https://bugzilla.suse.com/1242538"
},
{
"category": "self",
"summary": "SUSE Bug 1242539",
"url": "https://bugzilla.suse.com/1242539"
},
{
"category": "self",
"summary": "SUSE Bug 1242540",
"url": "https://bugzilla.suse.com/1242540"
},
{
"category": "self",
"summary": "SUSE Bug 1242546",
"url": "https://bugzilla.suse.com/1242546"
},
{
"category": "self",
"summary": "SUSE Bug 1242556",
"url": "https://bugzilla.suse.com/1242556"
},
{
"category": "self",
"summary": "SUSE Bug 1242585",
"url": "https://bugzilla.suse.com/1242585"
},
{
"category": "self",
"summary": "SUSE Bug 1242596",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "self",
"summary": "SUSE Bug 1242710",
"url": "https://bugzilla.suse.com/1242710"
},
{
"category": "self",
"summary": "SUSE Bug 1242762",
"url": "https://bugzilla.suse.com/1242762"
},
{
"category": "self",
"summary": "SUSE Bug 1242763",
"url": "https://bugzilla.suse.com/1242763"
},
{
"category": "self",
"summary": "SUSE Bug 1242778",
"url": "https://bugzilla.suse.com/1242778"
},
{
"category": "self",
"summary": "SUSE Bug 1242786",
"url": "https://bugzilla.suse.com/1242786"
},
{
"category": "self",
"summary": "SUSE Bug 1242831",
"url": "https://bugzilla.suse.com/1242831"
},
{
"category": "self",
"summary": "SUSE Bug 1242852",
"url": "https://bugzilla.suse.com/1242852"
},
{
"category": "self",
"summary": "SUSE Bug 1242854",
"url": "https://bugzilla.suse.com/1242854"
},
{
"category": "self",
"summary": "SUSE Bug 1242856",
"url": "https://bugzilla.suse.com/1242856"
},
{
"category": "self",
"summary": "SUSE Bug 1242859",
"url": "https://bugzilla.suse.com/1242859"
},
{
"category": "self",
"summary": "SUSE Bug 1242860",
"url": "https://bugzilla.suse.com/1242860"
},
{
"category": "self",
"summary": "SUSE Bug 1242861",
"url": "https://bugzilla.suse.com/1242861"
},
{
"category": "self",
"summary": "SUSE Bug 1242866",
"url": "https://bugzilla.suse.com/1242866"
},
{
"category": "self",
"summary": "SUSE Bug 1242867",
"url": "https://bugzilla.suse.com/1242867"
},
{
"category": "self",
"summary": "SUSE Bug 1242868",
"url": "https://bugzilla.suse.com/1242868"
},
{
"category": "self",
"summary": "SUSE Bug 1242875",
"url": "https://bugzilla.suse.com/1242875"
},
{
"category": "self",
"summary": "SUSE Bug 1242924",
"url": "https://bugzilla.suse.com/1242924"
},
{
"category": "self",
"summary": "SUSE Bug 1242944",
"url": "https://bugzilla.suse.com/1242944"
},
{
"category": "self",
"summary": "SUSE Bug 1242951",
"url": "https://bugzilla.suse.com/1242951"
},
{
"category": "self",
"summary": "SUSE Bug 1242962",
"url": "https://bugzilla.suse.com/1242962"
},
{
"category": "self",
"summary": "SUSE Bug 1242985",
"url": "https://bugzilla.suse.com/1242985"
},
{
"category": "self",
"summary": "SUSE Bug 1242993",
"url": "https://bugzilla.suse.com/1242993"
},
{
"category": "self",
"summary": "SUSE Bug 1243020",
"url": "https://bugzilla.suse.com/1243020"
},
{
"category": "self",
"summary": "SUSE Bug 1243044",
"url": "https://bugzilla.suse.com/1243044"
},
{
"category": "self",
"summary": "SUSE Bug 1243056",
"url": "https://bugzilla.suse.com/1243056"
},
{
"category": "self",
"summary": "SUSE Bug 1243077",
"url": "https://bugzilla.suse.com/1243077"
},
{
"category": "self",
"summary": "SUSE Bug 1243090",
"url": "https://bugzilla.suse.com/1243090"
},
{
"category": "self",
"summary": "SUSE Bug 1243115",
"url": "https://bugzilla.suse.com/1243115"
},
{
"category": "self",
"summary": "SUSE Bug 1243116",
"url": "https://bugzilla.suse.com/1243116"
},
{
"category": "self",
"summary": "SUSE Bug 1243215",
"url": "https://bugzilla.suse.com/1243215"
},
{
"category": "self",
"summary": "SUSE Bug 1243341",
"url": "https://bugzilla.suse.com/1243341"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243513",
"url": "https://bugzilla.suse.com/1243513"
},
{
"category": "self",
"summary": "SUSE Bug 1243519",
"url": "https://bugzilla.suse.com/1243519"
},
{
"category": "self",
"summary": "SUSE Bug 1243539",
"url": "https://bugzilla.suse.com/1243539"
},
{
"category": "self",
"summary": "SUSE Bug 1243541",
"url": "https://bugzilla.suse.com/1243541"
},
{
"category": "self",
"summary": "SUSE Bug 1243547",
"url": "https://bugzilla.suse.com/1243547"
},
{
"category": "self",
"summary": "SUSE Bug 1243657",
"url": "https://bugzilla.suse.com/1243657"
},
{
"category": "self",
"summary": "SUSE Bug 1243658",
"url": "https://bugzilla.suse.com/1243658"
},
{
"category": "self",
"summary": "SUSE Bug 1243737",
"url": "https://bugzilla.suse.com/1243737"
},
{
"category": "self",
"summary": "SUSE Bug 1243805",
"url": "https://bugzilla.suse.com/1243805"
},
{
"category": "self",
"summary": "SUSE Bug 1243817",
"url": "https://bugzilla.suse.com/1243817"
},
{
"category": "self",
"summary": "SUSE Bug 1243919",
"url": "https://bugzilla.suse.com/1243919"
},
{
"category": "self",
"summary": "SUSE Bug 1243963",
"url": "https://bugzilla.suse.com/1243963"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52927 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53034 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27018 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27415 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35840 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35910 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38606 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43820 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46713 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46763 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46782 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46865 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47408 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47794 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49570 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49570/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49571 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50038 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50038/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50126 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50223 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50290 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53124 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53139 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53163 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53680 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54458 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54683 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56638 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56640 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56641 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56702 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56703 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56718 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56719 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56751 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56758 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56770 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57998 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58001 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58018 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58019 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58068 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58070 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58071 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58074 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58088 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58091 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58091/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58093 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58094 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58095 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58096 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58096/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58097 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21648 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21659 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21683 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21696 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21701 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21706 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21707 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21717 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21729 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21739 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21753 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21759 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21760 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21761 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21762 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21763 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21800 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21806 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21808 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21821 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21832 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21837 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21846 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21847 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21848 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21855 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21856 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21857 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21859 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21861 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21863 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21864 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21866 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21867 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21876 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21877 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21878 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21882 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21883 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21884 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21888 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21893 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21893/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21894 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21895 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21904 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21906 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21908 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21908/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21909 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21910 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21916 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21917 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21919 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21922 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21923 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21924 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21926 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21927 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21929 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21934 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21935 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21936 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21941 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21950 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21956 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21961 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21962 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21964 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21966 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21968 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21971 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21974 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21975 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21980 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21981 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21989 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21990 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21991 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21992 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21993 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21995 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21996 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21999 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22001 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22003 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22007 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22008 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22009 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22010 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22013 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22015 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22016 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22017 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22018 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22020 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22025 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22027 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22030 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22033 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22033/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22036 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22044 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22045 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22050 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22050/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22053 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22056 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22058 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22060 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22062 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22063 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22064 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22064/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22070 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22075 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22080 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22085 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22086 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22088 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22090 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22090/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22091 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22091/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22093 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22094 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22097 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22102 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22102/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22105 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22105/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22106 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22107 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22107/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22108 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22109 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22112 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22116 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22116/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22121 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22126 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22128 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22128/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-2312 page",
"url": "https://www.suse.com/security/cve/CVE-2025-2312/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23129 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23131 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23133 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23134 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23136 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23138 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23145 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23150 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23154 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37748 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37785 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37789 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37799 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37803 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37809 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37860 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37879 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37949 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37958 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37974 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38152 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39728 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40325 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40325/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-06-13T13:54:47Z",
"generator": {
"date": "2025-06-13T13:54:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01951-1",
"initial_release_date": "2025-06-13T13:54:47Z",
"revision_history": [
{
"date": "2025-06-13T13:54:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-64kb-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "cluster-md-kmp-64kb-6.4.0-150700.53.3.1.aarch64",
"product_id": "cluster-md-kmp-64kb-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-64kb-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dlm-kmp-64kb-6.4.0-150700.53.3.1.aarch64",
"product_id": "dlm-kmp-64kb-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"product_id": "dlm-kmp-default-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-allwinner-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-allwinner-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-allwinner-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-altera-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-altera-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-altera-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amazon-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-amazon-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-amazon-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amd-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-amd-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-amd-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amlogic-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-amlogic-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-amlogic-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apm-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-apm-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-apm-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apple-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-apple-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-apple-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-arm-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-arm-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-arm-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-broadcom-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-broadcom-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-broadcom-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-cavium-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-cavium-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-cavium-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-exynos-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-exynos-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-exynos-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-freescale-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-freescale-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-freescale-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-hisilicon-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-hisilicon-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-hisilicon-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-lg-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-lg-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-lg-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-marvell-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-marvell-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-marvell-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-mediatek-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-mediatek-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-mediatek-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-nvidia-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-nvidia-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-nvidia-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-qcom-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-qcom-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-qcom-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-renesas-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-renesas-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-renesas-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-rockchip-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-rockchip-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-rockchip-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-socionext-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-socionext-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-socionext-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-sprd-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-sprd-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-sprd-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-xilinx-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "dtb-xilinx-6.4.0-150700.53.3.1.aarch64",
"product_id": "dtb-xilinx-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-64kb-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "gfs2-kmp-64kb-6.4.0-150700.53.3.1.aarch64",
"product_id": "gfs2-kmp-64kb-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"product_id": "kernel-64kb-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"product_id": "kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-extra-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "kernel-64kb-extra-6.4.0-150700.53.3.1.aarch64",
"product_id": "kernel-64kb-extra-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-optional-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "kernel-64kb-optional-6.4.0-150700.53.3.1.aarch64",
"product_id": "kernel-64kb-optional-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-150700.53.3.1.aarch64",
"product_id": "kernel-default-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"product_id": "kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"product_id": "kernel-default-base-rebuild-6.4.0-150700.53.3.1.150700.17.2.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"product_id": "kernel-default-devel-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.3.1.aarch64",
"product_id": "kernel-default-extra-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.3.1.aarch64",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.3.1.aarch64",
"product_id": "kernel-default-optional-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "kernel-kvmsmall-6.4.0-150700.53.3.1.aarch64",
"product_id": "kernel-kvmsmall-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.3.1.aarch64",
"product_id": "kernel-kvmsmall-devel-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"product_id": "kernel-obs-build-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.3.1.aarch64",
"product_id": "kernel-obs-qa-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "kernel-syms-6.4.0-150700.53.3.1.aarch64",
"product_id": "kernel-syms-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-64kb-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "kselftests-kmp-64kb-6.4.0-150700.53.3.1.aarch64",
"product_id": "kselftests-kmp-64kb-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.3.1.aarch64",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-64kb-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "ocfs2-kmp-64kb-6.4.0-150700.53.3.1.aarch64",
"product_id": "ocfs2-kmp-64kb-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-64kb-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "reiserfs-kmp-64kb-6.4.0-150700.53.3.1.aarch64",
"product_id": "reiserfs-kmp-64kb-6.4.0-150700.53.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-150700.53.3.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-150700.53.3.1.noarch",
"product_id": "kernel-devel-6.4.0-150700.53.3.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-6.4.0-150700.53.3.1.noarch",
"product": {
"name": "kernel-docs-6.4.0-150700.53.3.1.noarch",
"product_id": "kernel-docs-6.4.0-150700.53.3.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-6.4.0-150700.53.3.1.noarch",
"product": {
"name": "kernel-docs-html-6.4.0-150700.53.3.1.noarch",
"product_id": "kernel-docs-html-6.4.0-150700.53.3.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-150700.53.3.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-150700.53.3.1.noarch",
"product_id": "kernel-macros-6.4.0-150700.53.3.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-150700.53.3.1.noarch",
"product": {
"name": "kernel-source-6.4.0-150700.53.3.1.noarch",
"product_id": "kernel-source-6.4.0-150700.53.3.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-6.4.0-150700.53.3.1.noarch",
"product": {
"name": "kernel-source-vanilla-6.4.0-150700.53.3.1.noarch",
"product_id": "kernel-source-vanilla-6.4.0-150700.53.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"product_id": "dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "kernel-default-6.4.0-150700.53.3.1.ppc64le",
"product_id": "kernel-default-6.4.0-150700.53.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"product": {
"name": "kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"product_id": "kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"product_id": "kernel-default-base-rebuild-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"product_id": "kernel-default-devel-6.4.0-150700.53.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.3.1.ppc64le",
"product_id": "kernel-default-extra-6.4.0-150700.53.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"product_id": "kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.3.1.ppc64le",
"product_id": "kernel-default-optional-6.4.0-150700.53.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-6.4.0-150700.53.3.1.ppc64le",
"product_id": "kernel-kvmsmall-6.4.0-150700.53.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.3.1.ppc64le",
"product_id": "kernel-kvmsmall-devel-6.4.0-150700.53.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"product": {
"name": "kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"product_id": "kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"product_id": "kernel-obs-build-6.4.0-150700.53.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.3.1.ppc64le",
"product_id": "kernel-obs-qa-6.4.0-150700.53.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"product_id": "kernel-syms-6.4.0-150700.53.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"product_id": "dlm-kmp-default-6.4.0-150700.53.3.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.3.1.s390x",
"product": {
"name": "kernel-default-6.4.0-150700.53.3.1.s390x",
"product_id": "kernel-default-6.4.0-150700.53.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"product_id": "kernel-default-devel-6.4.0-150700.53.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.3.1.s390x",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.3.1.s390x",
"product_id": "kernel-default-extra-6.4.0-150700.53.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"product_id": "kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.3.1.s390x",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.3.1.s390x",
"product_id": "kernel-default-optional-6.4.0-150700.53.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"product_id": "kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"product_id": "kernel-obs-build-6.4.0-150700.53.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.3.1.s390x",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.3.1.s390x",
"product_id": "kernel-obs-qa-6.4.0-150700.53.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.3.1.s390x",
"product": {
"name": "kernel-syms-6.4.0-150700.53.3.1.s390x",
"product_id": "kernel-syms-6.4.0-150700.53.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"product": {
"name": "kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"product_id": "kernel-zfcpdump-6.4.0-150700.53.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.3.1.s390x",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.3.1.s390x",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.3.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"product_id": "dlm-kmp-default-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-150700.53.3.1.x86_64",
"product_id": "kernel-default-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"product_id": "kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"product_id": "kernel-default-base-rebuild-6.4.0-150700.53.3.1.150700.17.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"product_id": "kernel-default-devel-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.3.1.x86_64",
"product_id": "kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"product_id": "kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.3.1.x86_64",
"product_id": "kernel-default-optional-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-vdso-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "kernel-default-vdso-6.4.0-150700.53.3.1.x86_64",
"product_id": "kernel-default-vdso-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-150700.53.3.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.3.1.x86_64",
"product_id": "kernel-kvmsmall-devel-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-vdso-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "kernel-kvmsmall-vdso-6.4.0-150700.53.3.1.x86_64",
"product_id": "kernel-kvmsmall-vdso-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"product_id": "kernel-obs-build-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.3.1.x86_64",
"product_id": "kernel-obs-qa-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "kernel-syms-6.4.0-150700.53.3.1.x86_64",
"product_id": "kernel-syms-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.3.1.x86_64",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-6.4.0-150700.53.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64"
},
"product_reference": "kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64"
},
"product_reference": "kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-150700.53.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le"
},
"product_reference": "kernel-default-6.4.0-150700.53.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x"
},
"product_reference": "kernel-default-6.4.0-150700.53.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-150700.53.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le"
},
"product_reference": "kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-150700.53.3.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-150700.53.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-150700.53.3.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-150700.53.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-6.4.0-150700.53.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x"
},
"product_reference": "kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-6.4.0-150700.53.3.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch"
},
"product_reference": "kernel-docs-6.4.0-150700.53.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-150700.53.3.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch"
},
"product_reference": "kernel-source-6.4.0-150700.53.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64"
},
"product_reference": "kernel-syms-6.4.0-150700.53.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le"
},
"product_reference": "kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x"
},
"product_reference": "kernel-syms-6.4.0-150700.53.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64"
},
"product_reference": "kernel-syms-6.4.0-150700.53.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150700.53.3.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.3.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.3.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.3.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.3.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150700.53.3.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
},
"product_reference": "kernel-default-extra-6.4.0-150700.53.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52927",
"url": "https://www.suse.com/security/cve/CVE-2023-52927"
},
{
"category": "external",
"summary": "SUSE Bug 1239644 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "external",
"summary": "SUSE Bug 1246016 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1246016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2023-53034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans\n\nThere is a kernel API ntb_mw_clear_trans() would pass 0 to both addr and\nsize. This would make xlate_pos negative.\n\n[ 23.734156] switchtec switchtec0: MW 0: part 0 addr 0x0000000000000000 size 0x0000000000000000\n[ 23.734158] ================================================================================\n[ 23.734172] UBSAN: shift-out-of-bounds in drivers/ntb/hw/mscc/ntb_hw_switchtec.c:293:7\n[ 23.734418] shift exponent -1 is negative\n\nEnsuring xlate_pos is a positive or zero before BIT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53034",
"url": "https://www.suse.com/security/cve/CVE-2023-53034"
},
{
"category": "external",
"summary": "SUSE Bug 1241341 for CVE-2023-53034",
"url": "https://bugzilla.suse.com/1241341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2023-53034"
},
{
"cve": "CVE-2024-27018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: br_netfilter: skip conntrack input hook for promisc packets\n\nFor historical reasons, when bridge device is in promisc mode, packets\nthat are directed to the taps follow bridge input hook path. This patch\nadds a workaround to reset conntrack for these packets.\n\nJianbo Liu reports warning splats in their test infrastructure where\ncloned packets reach the br_netfilter input hook to confirm the\nconntrack object.\n\nScratch one bit from BR_INPUT_SKB_CB to annotate that this packet has\nreached the input hook because it is passed up to the bridge device to\nreach the taps.\n\n[ 57.571874] WARNING: CPU: 1 PID: 0 at net/bridge/br_netfilter_hooks.c:616 br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.572749] Modules linked in: xt_MASQUERADE nf_conntrack_netlink nfnetlink iptable_nat xt_addrtype xt_conntrack nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_isc si ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core mlx5ctl mlx5_core\n[ 57.575158] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.8.0+ #19\n[ 57.575700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 57.576662] RIP: 0010:br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.577195] Code: fe ff ff 41 bd 04 00 00 00 be 04 00 00 00 e9 4a ff ff ff be 04 00 00 00 48 89 ef e8 f3 a9 3c e1 66 83 ad b4 00 00 00 04 eb 91 \u003c0f\u003e 0b e9 f1 fe ff ff 0f 0b e9 df fe ff ff 48 89 df e8 b3 53 47 e1\n[ 57.578722] RSP: 0018:ffff88885f845a08 EFLAGS: 00010202\n[ 57.579207] RAX: 0000000000000002 RBX: ffff88812dfe8000 RCX: 0000000000000000\n[ 57.579830] RDX: ffff88885f845a60 RSI: ffff8881022dc300 RDI: 0000000000000000\n[ 57.580454] RBP: ffff88885f845a60 R08: 0000000000000001 R09: 0000000000000003\n[ 57.581076] R10: 00000000ffff1300 R11: 0000000000000002 R12: 0000000000000000\n[ 57.581695] R13: ffff8881047ffe00 R14: ffff888108dbee00 R15: ffff88814519b800\n[ 57.582313] FS: 0000000000000000(0000) GS:ffff88885f840000(0000) knlGS:0000000000000000\n[ 57.583040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 57.583564] CR2: 000000c4206aa000 CR3: 0000000103847001 CR4: 0000000000370eb0\n[ 57.584194] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[ 57.584820] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[ 57.585440] Call Trace:\n[ 57.585721] \u003cIRQ\u003e\n[ 57.585976] ? __warn+0x7d/0x130\n[ 57.586323] ? br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.586811] ? report_bug+0xf1/0x1c0\n[ 57.587177] ? handle_bug+0x3f/0x70\n[ 57.587539] ? exc_invalid_op+0x13/0x60\n[ 57.587929] ? asm_exc_invalid_op+0x16/0x20\n[ 57.588336] ? br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.588825] nf_hook_slow+0x3d/0xd0\n[ 57.589188] ? br_handle_vlan+0x4b/0x110\n[ 57.589579] br_pass_frame_up+0xfc/0x150\n[ 57.589970] ? br_port_flags_change+0x40/0x40\n[ 57.590396] br_handle_frame_finish+0x346/0x5e0\n[ 57.590837] ? ipt_do_table+0x32e/0x430\n[ 57.591221] ? br_handle_local_finish+0x20/0x20\n[ 57.591656] br_nf_hook_thresh+0x4b/0xf0 [br_netfilter]\n[ 57.592286] ? br_handle_local_finish+0x20/0x20\n[ 57.592802] br_nf_pre_routing_finish+0x178/0x480 [br_netfilter]\n[ 57.593348] ? br_handle_local_finish+0x20/0x20\n[ 57.593782] ? nf_nat_ipv4_pre_routing+0x25/0x60 [nf_nat]\n[ 57.594279] br_nf_pre_routing+0x24c/0x550 [br_netfilter]\n[ 57.594780] ? br_nf_hook_thresh+0xf0/0xf0 [br_netfilter]\n[ 57.595280] br_handle_frame+0x1f3/0x3d0\n[ 57.595676] ? br_handle_local_finish+0x20/0x20\n[ 57.596118] ? br_handle_frame_finish+0x5e0/0x5e0\n[ 57.596566] __netif_receive_skb_core+0x25b/0xfc0\n[ 57.597017] ? __napi_build_skb+0x37/0x40\n[ 57.597418] __netif_receive_skb_list_core+0xfb/0x220",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27018",
"url": "https://www.suse.com/security/cve/CVE-2024-27018"
},
{
"category": "external",
"summary": "SUSE Bug 1223809 for CVE-2024-27018",
"url": "https://bugzilla.suse.com/1223809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-27018"
},
{
"cve": "CVE-2024-27415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27415"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: bridge: confirm multicast packets before passing them up the stack\n\nconntrack nf_confirm logic cannot handle cloned skbs referencing\nthe same nf_conn entry, which will happen for multicast (broadcast)\nframes on bridges.\n\n Example:\n macvlan0\n |\n br0\n / \\\n ethX ethY\n\n ethX (or Y) receives a L2 multicast or broadcast packet containing\n an IP packet, flow is not yet in conntrack table.\n\n 1. skb passes through bridge and fake-ip (br_netfilter)Prerouting.\n -\u003e skb-\u003e_nfct now references a unconfirmed entry\n 2. skb is broad/mcast packet. bridge now passes clones out on each bridge\n interface.\n 3. skb gets passed up the stack.\n 4. In macvlan case, macvlan driver retains clone(s) of the mcast skb\n and schedules a work queue to send them out on the lower devices.\n\n The clone skb-\u003e_nfct is not a copy, it is the same entry as the\n original skb. The macvlan rx handler then returns RX_HANDLER_PASS.\n 5. Normal conntrack hooks (in NF_INET_LOCAL_IN) confirm the orig skb.\n\nThe Macvlan broadcast worker and normal confirm path will race.\n\nThis race will not happen if step 2 already confirmed a clone. In that\ncase later steps perform skb_clone() with skb-\u003e_nfct already confirmed (in\nhash table). This works fine.\n\nBut such confirmation won\u0027t happen when eb/ip/nftables rules dropped the\npackets before they reached the nf_confirm step in postrouting.\n\nPablo points out that nf_conntrack_bridge doesn\u0027t allow use of stateful\nnat, so we can safely discard the nf_conn entry and let inet call\nconntrack again.\n\nThis doesn\u0027t work for bridge netfilter: skb could have a nat\ntransformation. Also bridge nf prevents re-invocation of inet prerouting\nvia \u0027sabotage_in\u0027 hook.\n\nWork around this problem by explicit confirmation of the entry at LOCAL_IN\ntime, before upper layer has a chance to clone the unconfirmed entry.\n\nThe downside is that this disables NAT and conntrack helpers.\n\nAlternative fix would be to add locking to all code parts that deal with\nunconfirmed packets, but even if that could be done in a sane way this\nopens up other problems, for example:\n\n-m physdev --physdev-out eth0 -j SNAT --snat-to 1.2.3.4\n-m physdev --physdev-out eth1 -j SNAT --snat-to 1.2.3.5\n\nFor multicast case, only one of such conflicting mappings will be\ncreated, conntrack only handles 1:1 NAT mappings.\n\nUsers should set create a setup that explicitly marks such traffic\nNOTRACK (conntrack bypass) to avoid this, but we cannot auto-bypass\nthem, ruleset might have accept rules for untracked traffic already,\nso user-visible behaviour would change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27415",
"url": "https://www.suse.com/security/cve/CVE-2024-27415"
},
{
"category": "external",
"summary": "SUSE Bug 1224757 for CVE-2024-27415",
"url": "https://bugzilla.suse.com/1224757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-27415"
},
{
"cve": "CVE-2024-28956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28956"
}
],
"notes": [
{
"category": "general",
"text": "Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28956",
"url": "https://www.suse.com/security/cve/CVE-2024-28956"
},
{
"category": "external",
"summary": "SUSE Bug 1242006 for CVE-2024-28956",
"url": "https://bugzilla.suse.com/1242006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-28956"
},
{
"cve": "CVE-2024-35840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()\n\nsubflow_finish_connect() uses four fields (backup, join_id, thmac, none)\nthat may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set\nin mptcp_parse_option()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35840",
"url": "https://www.suse.com/security/cve/CVE-2024-35840"
},
{
"category": "external",
"summary": "SUSE Bug 1224597 for CVE-2024-35840",
"url": "https://bugzilla.suse.com/1224597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-35840"
},
{
"cve": "CVE-2024-35910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: properly terminate timers for kernel sockets\n\nWe had various syzbot reports about tcp timers firing after\nthe corresponding netns has been dismantled.\n\nFortunately Josef Bacik could trigger the issue more often,\nand could test a patch I wrote two years ago.\n\nWhen TCP sockets are closed, we call inet_csk_clear_xmit_timers()\nto \u0027stop\u0027 the timers.\n\ninet_csk_clear_xmit_timers() can be called from any context,\nincluding when socket lock is held.\nThis is the reason it uses sk_stop_timer(), aka del_timer().\nThis means that ongoing timers might finish much later.\n\nFor user sockets, this is fine because each running timer\nholds a reference on the socket, and the user socket holds\na reference on the netns.\n\nFor kernel sockets, we risk that the netns is freed before\ntimer can complete, because kernel sockets do not hold\nreference on the netns.\n\nThis patch adds inet_csk_clear_xmit_timers_sync() function\nthat using sk_stop_timer_sync() to make sure all timers\nare terminated before the kernel socket is released.\nModules using kernel sockets close them in their netns exit()\nhandler.\n\nAlso add sock_not_owned_by_me() helper to get LOCKDEP\nsupport : inet_csk_clear_xmit_timers_sync() must not be called\nwhile socket lock is held.\n\nIt is very possible we can revert in the future commit\n3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\")\nwhich attempted to solve the issue in rds only.\n(net/smc/af_smc.c and net/mptcp/subflow.c have similar code)\n\nWe probably can remove the check_net() tests from\ntcp_out_of_resources() and __tcp_close() in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35910",
"url": "https://www.suse.com/security/cve/CVE-2024-35910"
},
{
"category": "external",
"summary": "SUSE Bug 1224489 for CVE-2024-35910",
"url": "https://bugzilla.suse.com/1224489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-35910"
},
{
"cve": "CVE-2024-38606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38606"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - validate slices count returned by FW\n\nThe function adf_send_admin_tl_start() enables the telemetry (TL)\nfeature on a QAT device by sending the ICP_QAT_FW_TL_START message to\nthe firmware. This triggers the FW to start writing TL data to a DMA\nbuffer in memory and returns an array containing the number of\naccelerators of each type (slices) supported by this HW.\nThe pointer to this array is stored in the adf_tl_hw_data data\nstructure called slice_cnt.\n\nThe array slice_cnt is then used in the function tl_print_dev_data()\nto report in debugfs only statistics about the supported accelerators.\nAn incorrect value of the elements in slice_cnt might lead to an out\nof bounds memory read.\nAt the moment, there isn\u0027t an implementation of FW that returns a wrong\nvalue, but for robustness validate the slice count array returned by FW.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38606",
"url": "https://www.suse.com/security/cve/CVE-2024-38606"
},
{
"category": "external",
"summary": "SUSE Bug 1226871 for CVE-2024-38606",
"url": "https://bugzilla.suse.com/1226871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-38606"
},
{
"cve": "CVE-2024-41005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetpoll: Fix race condition in netpoll_owner_active\n\nKCSAN detected a race condition in netpoll:\n\n\tBUG: KCSAN: data-race in net_rx_action / netpoll_send_skb\n\twrite (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10:\n\tnet_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822)\n\u003csnip\u003e\n\tread to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2:\n\tnetpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393)\n\tnetpoll_send_udp (net/core/netpoll.c:?)\n\u003csnip\u003e\n\tvalue changed: 0x0000000a -\u003e 0xffffffff\n\nThis happens because netpoll_owner_active() needs to check if the\ncurrent CPU is the owner of the lock, touching napi-\u003epoll_owner\nnon atomically. The -\u003epoll_owner field contains the current CPU holding\nthe lock.\n\nUse an atomic read to check if the poll owner is the current CPU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41005",
"url": "https://www.suse.com/security/cve/CVE-2024-41005"
},
{
"category": "external",
"summary": "SUSE Bug 1227858 for CVE-2024-41005",
"url": "https://bugzilla.suse.com/1227858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-41005"
},
{
"cve": "CVE-2024-43820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume\n\nrm-raid devices will occasionally trigger the following warning when\nbeing resumed after a table load because DM_RECOVERY_RUNNING is set:\n\nWARNING: CPU: 7 PID: 5660 at drivers/md/dm-raid.c:4105 raid_resume+0xee/0x100 [dm_raid]\n\nThe failing check is:\nWARN_ON_ONCE(test_bit(MD_RECOVERY_RUNNING, \u0026mddev-\u003erecovery));\n\nThis check is designed to make sure that the sync thread isn\u0027t\nregistered, but md_check_recovery can set MD_RECOVERY_RUNNING without\nthe sync_thread ever getting registered. Instead of checking if\nMD_RECOVERY_RUNNING is set, check if sync_thread is non-NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43820",
"url": "https://www.suse.com/security/cve/CVE-2024-43820"
},
{
"category": "external",
"summary": "SUSE Bug 1229311 for CVE-2024-43820",
"url": "https://bugzilla.suse.com/1229311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-43820"
},
{
"cve": "CVE-2024-46713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/aux: Fix AUX buffer serialization\n\nOle reported that event-\u003emmap_mutex is strictly insufficient to\nserialize the AUX buffer, add a per RB mutex to fully serialize it.\n\nNote that in the lock order comment the perf_event::mmap_mutex order\nwas already wrong, that is, it nesting under mmap_lock is not new with\nthis patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46713",
"url": "https://www.suse.com/security/cve/CVE-2024-46713"
},
{
"category": "external",
"summary": "SUSE Bug 1230581 for CVE-2024-46713",
"url": "https://bugzilla.suse.com/1230581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-46713"
},
{
"cve": "CVE-2024-46763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfou: Fix null-ptr-deref in GRO.\n\nWe observed a null-ptr-deref in fou_gro_receive() while shutting down\na host. [0]\n\nThe NULL pointer is sk-\u003esk_user_data, and the offset 8 is of protocol\nin struct fou.\n\nWhen fou_release() is called due to netns dismantle or explicit tunnel\nteardown, udp_tunnel_sock_release() sets NULL to sk-\u003esk_user_data.\nThen, the tunnel socket is destroyed after a single RCU grace period.\n\nSo, in-flight udp4_gro_receive() could find the socket and execute the\nFOU GRO handler, where sk-\u003esk_user_data could be NULL.\n\nLet\u0027s use rcu_dereference_sk_user_data() in fou_from_sock() and add NULL\nchecks in FOU GRO handlers.\n\n[0]:\nBUG: kernel NULL pointer dereference, address: 0000000000000008\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 80000001032f4067 P4D 80000001032f4067 PUD 103240067 PMD 0\nSMP PTI\nCPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.10.216-204.855.amzn2.x86_64 #1\nHardware name: Amazon EC2 c5.large/, BIOS 1.0 10/16/2017\nRIP: 0010:fou_gro_receive (net/ipv4/fou.c:233) [fou]\nCode: 41 5f c3 cc cc cc cc e8 e7 2e 69 f4 0f 1f 80 00 00 00 00 0f 1f 44 00 00 49 89 f8 41 54 48 89 f7 48 89 d6 49 8b 80 88 02 00 00 \u003c0f\u003e b6 48 08 0f b7 42 4a 66 25 fd fd 80 cc 02 66 89 42 4a 0f b6 42\nRSP: 0018:ffffa330c0003d08 EFLAGS: 00010297\nRAX: 0000000000000000 RBX: ffff93d9e3a6b900 RCX: 0000000000000010\nRDX: ffff93d9e3a6b900 RSI: ffff93d9e3a6b900 RDI: ffff93dac2e24d08\nRBP: ffff93d9e3a6b900 R08: ffff93dacbce6400 R09: 0000000000000002\nR10: 0000000000000000 R11: ffffffffb5f369b0 R12: ffff93dacbce6400\nR13: ffff93dac2e24d08 R14: 0000000000000000 R15: ffffffffb4edd1c0\nFS: 0000000000000000(0000) GS:ffff93daee800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 0000000102140001 CR4: 00000000007706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cIRQ\u003e\n ? show_trace_log_lvl (arch/x86/kernel/dumpstack.c:259)\n ? __die_body.cold (arch/x86/kernel/dumpstack.c:478 arch/x86/kernel/dumpstack.c:420)\n ? no_context (arch/x86/mm/fault.c:752)\n ? exc_page_fault (arch/x86/include/asm/irqflags.h:49 arch/x86/include/asm/irqflags.h:89 arch/x86/mm/fault.c:1435 arch/x86/mm/fault.c:1483)\n ? asm_exc_page_fault (arch/x86/include/asm/idtentry.h:571)\n ? fou_gro_receive (net/ipv4/fou.c:233) [fou]\n udp_gro_receive (include/linux/netdevice.h:2552 net/ipv4/udp_offload.c:559)\n udp4_gro_receive (net/ipv4/udp_offload.c:604)\n inet_gro_receive (net/ipv4/af_inet.c:1549 (discriminator 7))\n dev_gro_receive (net/core/dev.c:6035 (discriminator 4))\n napi_gro_receive (net/core/dev.c:6170)\n ena_clean_rx_irq (drivers/amazon/net/ena/ena_netdev.c:1558) [ena]\n ena_io_poll (drivers/amazon/net/ena/ena_netdev.c:1742) [ena]\n napi_poll (net/core/dev.c:6847)\n net_rx_action (net/core/dev.c:6917)\n __do_softirq (arch/x86/include/asm/jump_label.h:25 include/linux/jump_label.h:200 include/trace/events/irq.h:142 kernel/softirq.c:299)\n asm_call_irq_on_stack (arch/x86/entry/entry_64.S:809)\n\u003c/IRQ\u003e\n do_softirq_own_stack (arch/x86/include/asm/irq_stack.h:27 arch/x86/include/asm/irq_stack.h:77 arch/x86/kernel/irq_64.c:77)\n irq_exit_rcu (kernel/softirq.c:393 kernel/softirq.c:423 kernel/softirq.c:435)\n common_interrupt (arch/x86/kernel/irq.c:239)\n asm_common_interrupt (arch/x86/include/asm/idtentry.h:626)\nRIP: 0010:acpi_idle_do_entry (arch/x86/include/asm/irqflags.h:49 arch/x86/include/asm/irqflags.h:89 drivers/acpi/processor_idle.c:114 drivers/acpi/processor_idle.c:575)\nCode: 8b 15 d1 3c c4 02 ed c3 cc cc cc cc 65 48 8b 04 25 40 ef 01 00 48 8b 00 a8 08 75 eb 0f 1f 44 00 00 0f 00 2d d5 09 55 00 fb f4 \u003cfa\u003e c3 cc cc cc cc e9 be fc ff ff 66 66 2e 0f 1f 84 00 00 00 00 00\nRSP: 0018:ffffffffb5603e58 EFLAGS: 00000246\nRAX: 0000000000004000 RBX: ffff93dac0929c00 RCX: ffff93daee833900\nRDX: ffff93daee800000 RSI: ffff93d\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46763",
"url": "https://www.suse.com/security/cve/CVE-2024-46763"
},
{
"category": "external",
"summary": "SUSE Bug 1230764 for CVE-2024-46763",
"url": "https://bugzilla.suse.com/1230764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-46763"
},
{
"cve": "CVE-2024-46782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: call nf_unregister_net_hooks() sooner\n\nsyzbot found an use-after-free Read in ila_nf_input [1]\n\nIssue here is that ila_xlat_exit_net() frees the rhashtable,\nthen call nf_unregister_net_hooks().\n\nIt should be done in the reverse way, with a synchronize_rcu().\n\nThis is a good match for a pre_exit() method.\n\n[1]\n BUG: KASAN: use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: use-after-free in __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\nRead of size 4 at addr ffff888064620008 by task ksoftirqd/0/16\n\nCPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:132 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1fe/0x3c0 net/ipv6/ila/ila_xlat.c:190\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK+0x29e/0x450 include/linux/netfilter.h:312\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6108\n __napi_poll+0xcb/0x490 net/core/dev.c:6772\n napi_poll net/core/dev.c:6841 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6963\n handle_softirqs+0x2c4/0x970 kernel/softirq.c:554\n run_ksoftirqd+0xca/0x130 kernel/softirq.c:928\n smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nThe buggy address belongs to the physical page:\npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64620\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xbfffffff(buddy)\nraw: 00fff00000000000 ffffea0000959608 ffffea00019d9408 0000000000000000\nraw: 0000000000000000 0000000000000003 00000000bfffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 3, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 5242, tgid 5242 (syz-executor), ts 73611328570, free_ts 618981657187\n set_page_owner include/linux/page_owner.h:32 [inline]\n post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1493\n prep_new_page mm/page_alloc.c:1501 [inline]\n get_page_from_freelist+0x2e4c/0x2f10 mm/page_alloc.c:3439\n __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4695\n __alloc_pages_node_noprof include/linux/gfp.h:269 [inline]\n alloc_pages_node_noprof include/linux/gfp.h:296 [inline]\n ___kmalloc_large_node+0x8b/0x1d0 mm/slub.c:4103\n __kmalloc_large_node_noprof+0x1a/0x80 mm/slub.c:4130\n __do_kmalloc_node mm/slub.c:4146 [inline]\n __kmalloc_node_noprof+0x2d2/0x440 mm/slub.c:4164\n __kvmalloc_node_noprof+0x72/0x190 mm/util.c:650\n bucket_table_alloc lib/rhashtable.c:186 [inline]\n rhashtable_init_noprof+0x534/0xa60 lib/rhashtable.c:1071\n ila_xlat_init_net+0xa0/0x110 net/ipv6/ila/ila_xlat.c:613\n ops_ini\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46782",
"url": "https://www.suse.com/security/cve/CVE-2024-46782"
},
{
"category": "external",
"summary": "SUSE Bug 1230769 for CVE-2024-46782",
"url": "https://bugzilla.suse.com/1230769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-46782"
},
{
"cve": "CVE-2024-46865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfou: fix initialization of grc\n\nThe grc must be initialize first. There can be a condition where if\nfou is NULL, goto out will be executed and grc would be used\nuninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46865",
"url": "https://www.suse.com/security/cve/CVE-2024-46865"
},
{
"category": "external",
"summary": "SUSE Bug 1231103 for CVE-2024-46865",
"url": "https://bugzilla.suse.com/1231103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-46865"
},
{
"cve": "CVE-2024-47408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check smcd_v2_ext_offset when receiving proposal msg\n\nWhen receiving proposal msg in server, the field smcd_v2_ext_offset in\nproposal msg is from the remote client and can not be fully trusted.\nOnce the value of smcd_v2_ext_offset exceed the max value, there has\nthe chance to access wrong address, and crash may happen.\n\nThis patch checks the value of smcd_v2_ext_offset before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47408",
"url": "https://www.suse.com/security/cve/CVE-2024-47408"
},
{
"category": "external",
"summary": "SUSE Bug 1235711 for CVE-2024-47408",
"url": "https://bugzilla.suse.com/1235711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-47408"
},
{
"cve": "CVE-2024-47794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tailcall infinite loop caused by freplace\n\nThere is a potential infinite loop issue that can occur when using a\ncombination of tail calls and freplace.\n\nIn an upcoming selftest, the attach target for entry_freplace of\ntailcall_freplace.c is subprog_tc of tc_bpf2bpf.c, while the tail call in\nentry_freplace leads to entry_tc. This results in an infinite loop:\n\nentry_tc -\u003e subprog_tc -\u003e entry_freplace --tailcall-\u003e entry_tc.\n\nThe problem arises because the tail_call_cnt in entry_freplace resets to\nzero each time entry_freplace is executed, causing the tail call mechanism\nto never terminate, eventually leading to a kernel panic.\n\nTo fix this issue, the solution is twofold:\n\n1. Prevent updating a program extended by an freplace program to a\n prog_array map.\n2. Prevent extending a program that is already part of a prog_array map\n with an freplace program.\n\nThis ensures that:\n\n* If a program or its subprogram has been extended by an freplace program,\n it can no longer be updated to a prog_array map.\n* If a program has been added to a prog_array map, neither it nor its\n subprograms can be extended by an freplace program.\n\nMoreover, an extension program should not be tailcalled. As such, return\n-EINVAL if the program has a type of BPF_PROG_TYPE_EXT when adding it to a\nprog_array map.\n\nAdditionally, fix a minor code style issue by replacing eight spaces with a\ntab for proper formatting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47794",
"url": "https://www.suse.com/security/cve/CVE-2024-47794"
},
{
"category": "external",
"summary": "SUSE Bug 1235712 for CVE-2024-47794",
"url": "https://bugzilla.suse.com/1235712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-47794"
},
{
"cve": "CVE-2024-49570",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49570"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/tracing: Fix a potential TP_printk UAF\n\nThe commit\nafd2627f727b (\"tracing: Check \"%s\" dereference via the field and not the TP_printk format\")\nexposes potential UAFs in the xe_bo_move trace event.\n\nFix those by avoiding dereferencing the\nxe_mem_type_to_name[] array at TP_printk time.\n\nSince some code refactoring has taken place, explicit backporting may\nbe needed for kernels older than 6.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49570",
"url": "https://www.suse.com/security/cve/CVE-2024-49570"
},
{
"category": "external",
"summary": "SUSE Bug 1238782 for CVE-2024-49570",
"url": "https://bugzilla.suse.com/1238782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-49570"
},
{
"cve": "CVE-2024-49571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the field iparea_offset\nand the field ipv6_prefixes_cnt in proposal msg are from the\nremote client and can not be fully trusted. Especially the\nfield iparea_offset, once exceed the max value, there has the\nchance to access wrong address, and crash may happen.\n\nThis patch checks iparea_offset and ipv6_prefixes_cnt before using them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49571",
"url": "https://www.suse.com/security/cve/CVE-2024-49571"
},
{
"category": "external",
"summary": "SUSE Bug 1235733 for CVE-2024-49571",
"url": "https://bugzilla.suse.com/1235733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-49571"
},
{
"cve": "CVE-2024-49924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: pxafb: Fix possible use after free in pxafb_task()\n\nIn the pxafb_probe function, it calls the pxafb_init_fbinfo function,\nafter which \u0026fbi-\u003etask is associated with pxafb_task. Moreover,\nwithin this pxafb_init_fbinfo function, the pxafb_blank function\nwithin the \u0026pxafb_ops struct is capable of scheduling work.\n\nIf we remove the module which will call pxafb_remove to make cleanup,\nit will call unregister_framebuffer function which can call\ndo_unregister_framebuffer to free fbi-\u003efb through\nput_fb_info(fb_info), while the work mentioned above will be used.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | pxafb_task\npxafb_remove |\nunregister_framebuffer(info) |\ndo_unregister_framebuffer(fb_info) |\nput_fb_info(fb_info) |\n// free fbi-\u003efb | set_ctrlr_state(fbi, state)\n | __pxafb_lcd_power(fbi, 0)\n | fbi-\u003elcd_power(on, \u0026fbi-\u003efb.var)\n | //use fbi-\u003efb\n\nFix it by ensuring that the work is canceled before proceeding\nwith the cleanup in pxafb_remove.\n\nNote that only root user can remove the driver at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49924",
"url": "https://www.suse.com/security/cve/CVE-2024-49924"
},
{
"category": "external",
"summary": "SUSE Bug 1232364 for CVE-2024-49924",
"url": "https://bugzilla.suse.com/1232364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-49924"
},
{
"cve": "CVE-2024-49994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix integer overflow in BLKSECDISCARD\n\nI independently rediscovered\n\n\tcommit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155\n\tblock: fix overflow in blk_ioctl_discard()\n\nbut for secure erase.\n\nSame problem:\n\n\tuint64_t r[2] = {512, 18446744073709551104ULL};\n\tioctl(fd, BLKSECDISCARD, r);\n\nwill enter near infinite loop inside blkdev_issue_secure_erase():\n\n\ta.out: attempt to access beyond end of device\n\tloop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048\n\tbio_check_eod: 3286214 callbacks suppressed",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49994",
"url": "https://www.suse.com/security/cve/CVE-2024-49994"
},
{
"category": "external",
"summary": "SUSE Bug 1237757 for CVE-2024-49994",
"url": "https://bugzilla.suse.com/1237757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-49994"
},
{
"cve": "CVE-2024-50038",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50038"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xtables: avoid NFPROTO_UNSPEC where needed\n\nsyzbot managed to call xt_cluster match via ebtables:\n\n WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780\n [..]\n ebt_do_table+0x174b/0x2a40\n\nModule registers to NFPROTO_UNSPEC, but it assumes ipv4/ipv6 packet\nprocessing. As this is only useful to restrict locally terminating\nTCP/UDP traffic, register this for ipv4 and ipv6 family only.\n\nPablo points out that this is a general issue, direct users of the\nset/getsockopt interface can call into targets/matches that were only\nintended for use with ip(6)tables.\n\nCheck all UNSPEC matches and targets for similar issues:\n\n- matches and targets are fine except if they assume skb_network_header()\n is valid -- this is only true when called from inet layer: ip(6) stack\n pulls the ip/ipv6 header into linear data area.\n- targets that return XT_CONTINUE or other xtables verdicts must be\n restricted too, they are incompatbile with the ebtables traverser, e.g.\n EBT_CONTINUE is a completely different value than XT_CONTINUE.\n\nMost matches/targets are changed to register for NFPROTO_IPV4/IPV6, as\nthey are provided for use by ip(6)tables.\n\nThe MARK target is also used by arptables, so register for NFPROTO_ARP too.\n\nWhile at it, bail out if connbytes fails to enable the corresponding\nconntrack family.\n\nThis change passes the selftests in iptables.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50038",
"url": "https://www.suse.com/security/cve/CVE-2024-50038"
},
{
"category": "external",
"summary": "SUSE Bug 1231910 for CVE-2024-50038",
"url": "https://bugzilla.suse.com/1231910"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-50038"
},
{
"cve": "CVE-2024-50056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c\n\nFix potential dereferencing of ERR_PTR() in find_format_by_pix()\nand uvc_v4l2_enum_format().\n\nFix the following smatch errors:\n\ndrivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\ndrivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\nAlso, fix similar issue in uvc_v4l2_try_format() for potential\ndereferencing of ERR_PTR().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50056",
"url": "https://www.suse.com/security/cve/CVE-2024-50056"
},
{
"category": "external",
"summary": "SUSE Bug 1232389 for CVE-2024-50056",
"url": "https://bugzilla.suse.com/1232389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-50056"
},
{
"cve": "CVE-2024-50083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix mptcp DSS corruption due to large pmtu xmit\n\nSyzkaller was able to trigger a DSS corruption:\n\n TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 5227 at net/mptcp/protocol.c:695 __mptcp_move_skbs_from_subflow+0x20a9/0x21f0 net/mptcp/protocol.c:695\n Modules linked in:\n CPU: 0 UID: 0 PID: 5227 Comm: syz-executor350 Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\n RIP: 0010:__mptcp_move_skbs_from_subflow+0x20a9/0x21f0 net/mptcp/protocol.c:695\n Code: 0f b6 dc 31 ff 89 de e8 b5 dd ea f5 89 d8 48 81 c4 50 01 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 98 da ea f5 90 \u003c0f\u003e 0b 90 e9 47 ff ff ff e8 8a da ea f5 90 0f 0b 90 e9 99 e0 ff ff\n RSP: 0018:ffffc90000006db8 EFLAGS: 00010246\n RAX: ffffffff8ba9df18 RBX: 00000000000055f0 RCX: ffff888030023c00\n RDX: 0000000000000100 RSI: 00000000000081e5 RDI: 00000000000055f0\n RBP: 1ffff110062bf1ae R08: ffffffff8ba9cf12 R09: 1ffff110062bf1b8\n R10: dffffc0000000000 R11: ffffed10062bf1b9 R12: 0000000000000000\n R13: dffffc0000000000 R14: 00000000700cec61 R15: 00000000000081e5\n FS: 000055556679c380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020287000 CR3: 0000000077892000 CR4: 00000000003506f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cIRQ\u003e\n move_skbs_to_msk net/mptcp/protocol.c:811 [inline]\n mptcp_data_ready+0x29c/0xa90 net/mptcp/protocol.c:854\n subflow_data_ready+0x34a/0x920 net/mptcp/subflow.c:1490\n tcp_data_queue+0x20fd/0x76c0 net/ipv4/tcp_input.c:5283\n tcp_rcv_established+0xfba/0x2020 net/ipv4/tcp_input.c:6237\n tcp_v4_do_rcv+0x96d/0xc70 net/ipv4/tcp_ipv4.c:1915\n tcp_v4_rcv+0x2dc0/0x37f0 net/ipv4/tcp_ipv4.c:2350\n ip_protocol_deliver_rcu+0x22e/0x440 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n __netif_receive_skb_one_core net/core/dev.c:5662 [inline]\n __netif_receive_skb+0x2bf/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6107\n __napi_poll+0xcb/0x490 net/core/dev.c:6771\n napi_poll net/core/dev.c:6840 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6962\n handle_softirqs+0x2c5/0x980 kernel/softirq.c:554\n do_softirq+0x11b/0x1e0 kernel/softirq.c:455\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:382\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x1764/0x3e80 net/core/dev.c:4451\n dev_queue_xmit include/linux/netdevice.h:3094 [inline]\n neigh_hh_output include/net/neighbour.h:526 [inline]\n neigh_output include/net/neighbour.h:540 [inline]\n ip_finish_output2+0xd41/0x1390 net/ipv4/ip_output.c:236\n ip_local_out net/ipv4/ip_output.c:130 [inline]\n __ip_queue_xmit+0x118c/0x1b80 net/ipv4/ip_output.c:536\n __tcp_transmit_skb+0x2544/0x3b30 net/ipv4/tcp_output.c:1466\n tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline]\n tcp_mtu_probe net/ipv4/tcp_output.c:2547 [inline]\n tcp_write_xmit+0x641d/0x6bf0 net/ipv4/tcp_output.c:2752\n __tcp_push_pending_frames+0x9b/0x360 net/ipv4/tcp_output.c:3015\n tcp_push_pending_frames include/net/tcp.h:2107 [inline]\n tcp_data_snd_check net/ipv4/tcp_input.c:5714 [inline]\n tcp_rcv_established+0x1026/0x2020 net/ipv4/tcp_input.c:6239\n tcp_v4_do_rcv+0x96d/0xc70 net/ipv4/tcp_ipv4.c:1915\n sk_backlog_rcv include/net/sock.h:1113 [inline]\n __release_sock+0x214/0x350 net/core/sock.c:3072\n release_sock+0x61/0x1f0 net/core/sock.c:3626\n mptcp_push_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50083",
"url": "https://www.suse.com/security/cve/CVE-2024-50083"
},
{
"category": "external",
"summary": "SUSE Bug 1232493 for CVE-2024-50083",
"url": "https://bugzilla.suse.com/1232493"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-50083"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.com/1232882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-50106"
},
{
"cve": "CVE-2024-50126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: use RCU read-side critical section in taprio_dump()\n\nFix possible use-after-free in \u0027taprio_dump()\u0027 by adding RCU\nread-side critical section there. Never seen on x86 but\nfound on a KASAN-enabled arm64 system when investigating\nhttps://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa:\n\n[T15862] BUG: KASAN: slab-use-after-free in taprio_dump+0xa0c/0xbb0\n[T15862] Read of size 4 at addr ffff0000d4bb88f8 by task repro/15862\n[T15862]\n[T15862] CPU: 0 UID: 0 PID: 15862 Comm: repro Not tainted 6.11.0-rc1-00293-gdefaf1a2113a-dirty #2\n[T15862] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-20240524-5.fc40 05/24/2024\n[T15862] Call trace:\n[T15862] dump_backtrace+0x20c/0x220\n[T15862] show_stack+0x2c/0x40\n[T15862] dump_stack_lvl+0xf8/0x174\n[T15862] print_report+0x170/0x4d8\n[T15862] kasan_report+0xb8/0x1d4\n[T15862] __asan_report_load4_noabort+0x20/0x2c\n[T15862] taprio_dump+0xa0c/0xbb0\n[T15862] tc_fill_qdisc+0x540/0x1020\n[T15862] qdisc_notify.isra.0+0x330/0x3a0\n[T15862] tc_modify_qdisc+0x7b8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Allocated by task 15857:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_alloc_info+0x40/0x60\n[T15862] __kasan_kmalloc+0xd4/0xe0\n[T15862] __kmalloc_cache_noprof+0x194/0x334\n[T15862] taprio_change+0x45c/0x2fe0\n[T15862] tc_modify_qdisc+0x6a8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Freed by task 6192:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_free_info+0x4c/0x80\n[T15862] poison_slab_object+0x110/0x160\n[T15862] __kasan_slab_free+0x3c/0x74\n[T15862] kfree+0x134/0x3c0\n[T15862] taprio_free_sched_cb+0x18c/0x220\n[T15862] rcu_core+0x920/0x1b7c\n[T15862] rcu_core_si+0x10/0x1c\n[T15862] handle_softirqs+0x2e8/0xd64\n[T15862] __do_softirq+0x14/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50126",
"url": "https://www.suse.com/security/cve/CVE-2024-50126"
},
{
"category": "external",
"summary": "SUSE Bug 1232895 for CVE-2024-50126",
"url": "https://bugzilla.suse.com/1232895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-50126"
},
{
"cve": "CVE-2024-50140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Disable page allocation in task_tick_mm_cid()\n\nWith KASAN and PREEMPT_RT enabled, calling task_work_add() in\ntask_tick_mm_cid() may cause the following splat.\n\n[ 63.696416] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 63.696416] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 610, name: modprobe\n[ 63.696416] preempt_count: 10001, expected: 0\n[ 63.696416] RCU nest depth: 1, expected: 1\n\nThis problem is caused by the following call trace.\n\n sched_tick() [ acquire rq-\u003e__lock ]\n -\u003e task_tick_mm_cid()\n -\u003e task_work_add()\n -\u003e __kasan_record_aux_stack()\n -\u003e kasan_save_stack()\n -\u003e stack_depot_save_flags()\n -\u003e alloc_pages_mpol_noprof()\n -\u003e __alloc_pages_noprof()\n\t -\u003e get_page_from_freelist()\n\t -\u003e rmqueue()\n\t -\u003e rmqueue_pcplist()\n\t -\u003e __rmqueue_pcplist()\n\t -\u003e rmqueue_bulk()\n\t -\u003e rt_spin_lock()\n\nThe rq lock is a raw_spinlock_t. We can\u0027t sleep while holding\nit. IOW, we can\u0027t call alloc_pages() in stack_depot_save_flags().\n\nThe task_tick_mm_cid() function with its task_work_add() call was\nintroduced by commit 223baf9d17f2 (\"sched: Fix performance regression\nintroduced by mm_cid\") in v6.4 kernel.\n\nFortunately, there is a kasan_record_aux_stack_noalloc() variant that\ncalls stack_depot_save_flags() while not allowing it to allocate\nnew pages. To allow task_tick_mm_cid() to use task_work without\npage allocation, a new TWAF_NO_ALLOC flag is added to enable calling\nkasan_record_aux_stack_noalloc() instead of kasan_record_aux_stack()\nif set. The task_tick_mm_cid() function is modified to add this new flag.\n\nThe possible downside is the missing stack trace in a KASAN report due\nto new page allocation required when task_work_add_noallloc() is called\nwhich should be rare.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50140",
"url": "https://www.suse.com/security/cve/CVE-2024-50140"
},
{
"category": "external",
"summary": "SUSE Bug 1233060 for CVE-2024-50140",
"url": "https://bugzilla.suse.com/1233060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-50140"
},
{
"cve": "CVE-2024-50223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50223"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: Fix the potential null pointer dereference in task_numa_work()\n\nWhen running stress-ng-vm-segv test, we found a null pointer dereference\nerror in task_numa_work(). Here is the backtrace:\n\n [323676.066985] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ......\n [323676.067108] CPU: 35 PID: 2694524 Comm: stress-ng-vm-se\n ......\n [323676.067113] pstate: 23401009 (nzCv daif +PAN -UAO +TCO +DIT +SSBS BTYPE=--)\n [323676.067115] pc : vma_migratable+0x1c/0xd0\n [323676.067122] lr : task_numa_work+0x1ec/0x4e0\n [323676.067127] sp : ffff8000ada73d20\n [323676.067128] x29: ffff8000ada73d20 x28: 0000000000000000 x27: 000000003e89f010\n [323676.067130] x26: 0000000000080000 x25: ffff800081b5c0d8 x24: ffff800081b27000\n [323676.067133] x23: 0000000000010000 x22: 0000000104d18cc0 x21: ffff0009f7158000\n [323676.067135] x20: 0000000000000000 x19: 0000000000000000 x18: ffff8000ada73db8\n [323676.067138] x17: 0001400000000000 x16: ffff800080df40b0 x15: 0000000000000035\n [323676.067140] x14: ffff8000ada73cc8 x13: 1fffe0017cc72001 x12: ffff8000ada73cc8\n [323676.067142] x11: ffff80008001160c x10: ffff000be639000c x9 : ffff8000800f4ba4\n [323676.067145] x8 : ffff000810375000 x7 : ffff8000ada73974 x6 : 0000000000000001\n [323676.067147] x5 : 0068000b33e26707 x4 : 0000000000000001 x3 : ffff0009f7158000\n [323676.067149] x2 : 0000000000000041 x1 : 0000000000004400 x0 : 0000000000000000\n [323676.067152] Call trace:\n [323676.067153] vma_migratable+0x1c/0xd0\n [323676.067155] task_numa_work+0x1ec/0x4e0\n [323676.067157] task_work_run+0x78/0xd8\n [323676.067161] do_notify_resume+0x1ec/0x290\n [323676.067163] el0_svc+0x150/0x160\n [323676.067167] el0t_64_sync_handler+0xf8/0x128\n [323676.067170] el0t_64_sync+0x17c/0x180\n [323676.067173] Code: d2888001 910003fd f9000bf3 aa0003f3 (f9401000)\n [323676.067177] SMP: stopping secondary CPUs\n [323676.070184] Starting crashdump kernel...\n\nstress-ng-vm-segv in stress-ng is used to stress test the SIGSEGV error\nhandling function of the system, which tries to cause a SIGSEGV error on\nreturn from unmapping the whole address space of the child process.\n\nNormally this program will not cause kernel crashes. But before the\nmunmap system call returns to user mode, a potential task_numa_work()\nfor numa balancing could be added and executed. In this scenario, since the\nchild process has no vma after munmap, the vma_next() in task_numa_work()\nwill return a null pointer even if the vma iterator restarts from 0.\n\nRecheck the vma pointer before dereferencing it in task_numa_work().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50223",
"url": "https://www.suse.com/security/cve/CVE-2024-50223"
},
{
"category": "external",
"summary": "SUSE Bug 1233192 for CVE-2024-50223",
"url": "https://bugzilla.suse.com/1233192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-50223"
},
{
"cve": "CVE-2024-50290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50290",
"url": "https://www.suse.com/security/cve/CVE-2024-50290"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233479 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "external",
"summary": "SUSE Bug 1233681 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-53057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT\n\nIn qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed\nto be either root or ingress. This assumption is bogus since it\u0027s valid\nto create egress qdiscs with major handle ffff:\nBudimir Markovic found that for qdiscs like DRR that maintain an active\nclass list, it will cause a UAF with a dangling class pointer.\n\nIn 066a3b5b2346, the concern was to avoid iterating over the ingress\nqdisc since its parent is itself. The proper fix is to stop when parent\nTC_H_ROOT is reached because the only way to retrieve ingress is when a\nhierarchy which does not contain a ffff: major handle call into\nqdisc_lookup with TC_H_MAJ(TC_H_ROOT).\n\nIn the scenario where major ffff: is an egress qdisc in any of the tree\nlevels, the updates will also propagate to TC_H_ROOT, which then the\niteration must stop.\n\n\n net/sched/sch_api.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53057",
"url": "https://www.suse.com/security/cve/CVE-2024-53057"
},
{
"category": "external",
"summary": "SUSE Bug 1233551 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "external",
"summary": "SUSE Bug 1245816 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1245816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2024-53057"
},
{
"cve": "CVE-2024-53063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53063",
"url": "https://www.suse.com/security/cve/CVE-2024-53063"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233557 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "external",
"summary": "SUSE Bug 1233619 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-53124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix data-races around sk-\u003esk_forward_alloc\n\nSyzkaller reported this warning:\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0\n Modules linked in:\n CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.12.0-rc5 #26\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n RIP: 0010:inet_sock_destruct+0x1c5/0x1e0\n Code: 24 12 4c 89 e2 5b 48 c7 c7 98 ec bb 82 41 5c e9 d1 18 17 ff 4c 89 e6 5b 48 c7 c7 d0 ec bb 82 41 5c e9 bf 18 17 ff 0f 0b eb 83 \u003c0f\u003e 0b eb 97 0f 0b eb 87 0f 0b e9 68 ff ff ff 66 66 2e 0f 1f 84 00\n RSP: 0018:ffffc9000008bd90 EFLAGS: 00010206\n RAX: 0000000000000300 RBX: ffff88810b172a90 RCX: 0000000000000007\n RDX: 0000000000000002 RSI: 0000000000000300 RDI: ffff88810b172a00\n RBP: ffff88810b172a00 R08: ffff888104273c00 R09: 0000000000100007\n R10: 0000000000020000 R11: 0000000000000006 R12: ffff88810b172a00\n R13: 0000000000000004 R14: 0000000000000000 R15: ffff888237c31f78\n FS: 0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ffc63fecac8 CR3: 000000000342e000 CR4: 00000000000006f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x88/0x130\n ? inet_sock_destruct+0x1c5/0x1e0\n ? report_bug+0x18e/0x1a0\n ? handle_bug+0x53/0x90\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? inet_sock_destruct+0x1c5/0x1e0\n __sk_destruct+0x2a/0x200\n rcu_do_batch+0x1aa/0x530\n ? rcu_do_batch+0x13b/0x530\n rcu_core+0x159/0x2f0\n handle_softirqs+0xd3/0x2b0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n run_ksoftirqd+0x25/0x30\n smpboot_thread_fn+0xdd/0x1d0\n kthread+0xd3/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n\nIts possible that two threads call tcp_v6_do_rcv()/sk_forward_alloc_add()\nconcurrently when sk-\u003esk_state == TCP_LISTEN with sk-\u003esk_lock unlocked,\nwhich triggers a data-race around sk-\u003esk_forward_alloc:\ntcp_v6_rcv\n tcp_v6_do_rcv\n skb_clone_and_charge_r\n sk_rmem_schedule\n __sk_mem_schedule\n sk_forward_alloc_add()\n skb_set_owner_r\n sk_mem_charge\n sk_forward_alloc_add()\n __kfree_skb\n skb_release_all\n skb_release_head_state\n sock_rfree\n sk_mem_uncharge\n sk_forward_alloc_add()\n sk_mem_reclaim\n // set local var reclaimable\n __sk_mem_reclaim\n sk_forward_alloc_add()\n\nIn this syzkaller testcase, two threads call\ntcp_v6_do_rcv() with skb-\u003etruesize=768, the sk_forward_alloc changes like\nthis:\n (cpu 1) | (cpu 2) | sk_forward_alloc\n ... | ... | 0\n __sk_mem_schedule() | | +4096 = 4096\n | __sk_mem_schedule() | +4096 = 8192\n sk_mem_charge() | | -768 = 7424\n | sk_mem_charge() | -768 = 6656\n ... | ... |\n sk_mem_uncharge() | | +768 = 7424\n reclaimable=7424 | |\n | sk_mem_uncharge() | +768 = 8192\n | reclaimable=8192 |\n __sk_mem_reclaim() | | -4096 = 4096\n | __sk_mem_reclaim() | -8192 = -4096 != 0\n\nThe skb_clone_and_charge_r() should not be called in tcp_v6_do_rcv() when\nsk-\u003esk_state is TCP_LISTEN, it happens later in tcp_v6_syn_recv_sock().\nFix the same issue in dccp_v6_do_rcv().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53124",
"url": "https://www.suse.com/security/cve/CVE-2024-53124"
},
{
"category": "external",
"summary": "SUSE Bug 1234074 for CVE-2024-53124",
"url": "https://bugzilla.suse.com/1234074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-53124"
},
{
"cve": "CVE-2024-53139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53139"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: fix possible UAF in sctp_v6_available()\n\nA lockdep report [1] with CONFIG_PROVE_RCU_LIST=y hints\nthat sctp_v6_available() is calling dev_get_by_index_rcu()\nand ipv6_chk_addr() without holding rcu.\n\n[1]\n =============================\n WARNING: suspicious RCU usage\n 6.12.0-rc5-virtme #1216 Tainted: G W\n -----------------------------\n net/core/dev.c:876 RCU-list traversed in non-reader section!!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by sctp_hello/31495:\n #0: ffff9f1ebbdb7418 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sctp_bind (./arch/x86/include/asm/jump_label.h:27 net/sctp/socket.c:315) sctp\n\nstack backtrace:\n CPU: 7 UID: 0 PID: 31495 Comm: sctp_hello Tainted: G W 6.12.0-rc5-virtme #1216\n Tainted: [W]=WARN\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl (lib/dump_stack.c:123)\n lockdep_rcu_suspicious (kernel/locking/lockdep.c:6822)\n dev_get_by_index_rcu (net/core/dev.c:876 (discriminator 7))\n sctp_v6_available (net/sctp/ipv6.c:701) sctp\n sctp_do_bind (net/sctp/socket.c:400 (discriminator 1)) sctp\n sctp_bind (net/sctp/socket.c:320) sctp\n inet6_bind_sk (net/ipv6/af_inet6.c:465)\n ? security_socket_bind (security/security.c:4581 (discriminator 1))\n __sys_bind (net/socket.c:1848 net/socket.c:1869)\n ? do_user_addr_fault (./include/linux/rcupdate.h:347 ./include/linux/rcupdate.h:880 ./include/linux/mm.h:729 arch/x86/mm/fault.c:1340)\n ? do_user_addr_fault (./arch/x86/include/asm/preempt.h:84 (discriminator 13) ./include/linux/rcupdate.h:98 (discriminator 13) ./include/linux/rcupdate.h:882 (discriminator 13) ./include/linux/mm.h:729 (discriminator 13) arch/x86/mm/fault.c:1340 (discriminator 13))\n __x64_sys_bind (net/socket.c:1877 (discriminator 1) net/socket.c:1875 (discriminator 1) net/socket.c:1875 (discriminator 1))\n do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n RIP: 0033:0x7f59b934a1e7\n Code: 44 00 00 48 8b 15 39 8c 0c 00 f7 d8 64 89 02 b8 ff ff ff ff eb bd 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 31 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 09 8c 0c 00 f7 d8 64 89 01 48\nAll code\n========\n 0:\t44 00 00 \tadd %r8b,(%rax)\n 3:\t48 8b 15 39 8c 0c 00 \tmov 0xc8c39(%rip),%rdx # 0xc8c43\n a:\tf7 d8 \tneg %eax\n c:\t64 89 02 \tmov %eax,%fs:(%rdx)\n f:\tb8 ff ff ff ff \tmov $0xffffffff,%eax\n 14:\teb bd \tjmp 0xffffffffffffffd3\n 16:\t66 2e 0f 1f 84 00 00 \tcs nopw 0x0(%rax,%rax,1)\n 1d:\t00 00 00\n 20:\t0f 1f 00 \tnopl (%rax)\n 23:\tb8 31 00 00 00 \tmov $0x31,%eax\n 28:\t0f 05 \tsyscall\n 2a:*\t48 3d 01 f0 ff ff \tcmp $0xfffffffffffff001,%rax\t\t\u003c-- trapping instruction\n 30:\t73 01 \tjae 0x33\n 32:\tc3 \tret\n 33:\t48 8b 0d 09 8c 0c 00 \tmov 0xc8c09(%rip),%rcx # 0xc8c43\n 3a:\tf7 d8 \tneg %eax\n 3c:\t64 89 01 \tmov %eax,%fs:(%rcx)\n 3f:\t48 \trex.W\n\nCode starting with the faulting instruction\n===========================================\n 0:\t48 3d 01 f0 ff ff \tcmp $0xfffffffffffff001,%rax\n 6:\t73 01 \tjae 0x9\n 8:\tc3 \tret\n 9:\t48 8b 0d 09 8c 0c 00 \tmov 0xc8c09(%rip),%rcx # 0xc8c19\n 10:\tf7 d8 \tneg %eax\n 12:\t64 89 01 \tmov %eax,%fs:(%rcx)\n 15:\t48 \trex.W\n RSP: 002b:00007ffe2d0ad398 EFLAGS: 00000202 ORIG_RAX: 0000000000000031\n RAX: ffffffffffffffda RBX: 00007ffe2d0ad3d0 RCX: 00007f59b934a1e7\n RDX: 000000000000001c RSI: 00007ffe2d0ad3d0 RDI: 0000000000000005\n RBP: 0000000000000005 R08: 1999999999999999 R09: 0000000000000000\n R10: 00007f59b9253298 R11: 000000000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53139",
"url": "https://www.suse.com/security/cve/CVE-2024-53139"
},
{
"category": "external",
"summary": "SUSE Bug 1234157 for CVE-2024-53139",
"url": "https://bugzilla.suse.com/1234157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-53139"
},
{
"cve": "CVE-2024-53140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: terminate outstanding dump on socket close\n\nNetlink supports iterative dumping of data. It provides the families\nthe following ops:\n - start - (optional) kicks off the dumping process\n - dump - actual dump helper, keeps getting called until it returns 0\n - done - (optional) pairs with .start, can be used for cleanup\nThe whole process is asynchronous and the repeated calls to .dump\ndon\u0027t actually happen in a tight loop, but rather are triggered\nin response to recvmsg() on the socket.\n\nThis gives the user full control over the dump, but also means that\nthe user can close the socket without getting to the end of the dump.\nTo make sure .start is always paired with .done we check if there\nis an ongoing dump before freeing the socket, and if so call .done.\n\nThe complication is that sockets can get freed from BH and .done\nis allowed to sleep. So we use a workqueue to defer the call, when\nneeded.\n\nUnfortunately this does not work correctly. What we defer is not\nthe cleanup but rather releasing a reference on the socket.\nWe have no guarantee that we own the last reference, if someone\nelse holds the socket they may release it in BH and we\u0027re back\nto square one.\n\nThe whole dance, however, appears to be unnecessary. Only the user\ncan interact with dumps, so we can clean up when socket is closed.\nAnd close always happens in process context. Some async code may\nstill access the socket after close, queue notification skbs to it etc.\nbut no dumps can start, end or otherwise make progress.\n\nDelete the workqueue and flush the dump state directly from the release\nhandler. Note that further cleanup is possible in -next, for instance\nwe now always call .done before releasing the main module reference,\nso dump doesn\u0027t have to take a reference of its own.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53140",
"url": "https://www.suse.com/security/cve/CVE-2024-53140"
},
{
"category": "external",
"summary": "SUSE Bug 1234222 for CVE-2024-53140",
"url": "https://bugzilla.suse.com/1234222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-53140"
},
{
"cve": "CVE-2024-53163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53163"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_420xx - fix off by one in uof_get_name()\n\nThis is called from uof_get_name_420xx() where \"num_objs\" is the\nARRAY_SIZE() of fw_objs[]. The \u003e needs to be \u003e= to prevent an out of\nbounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53163",
"url": "https://www.suse.com/security/cve/CVE-2024-53163"
},
{
"category": "external",
"summary": "SUSE Bug 1234828 for CVE-2024-53163",
"url": "https://bugzilla.suse.com/1234828"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-53163"
},
{
"cve": "CVE-2024-53680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 14: ; preds = %11\n %15 = getelementptr inbounds i8, ptr %1, i64 63\n %16 = load i8, ptr %15, align 1\n %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n %18 = icmp eq i8 %16, 0\n %19 = select i1 %17, i1 %18, i1 false\n br i1 %19, label %20, label %23\n\n 20: ; preds = %14\n %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n ...\n\n 23: ; preds = %14, %11, %20\n %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n ...\n }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 12: ; preds = %11\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n unreachable\n }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53680",
"url": "https://www.suse.com/security/cve/CVE-2024-53680"
},
{
"category": "external",
"summary": "SUSE Bug 1235715 for CVE-2024-53680",
"url": "https://bugzilla.suse.com/1235715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-53680"
},
{
"cve": "CVE-2024-54458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: bsg: Set bsg_queue to NULL after removal\n\nCurrently, this does not cause any issues, but I believe it is necessary to\nset bsg_queue to NULL after removing it to prevent potential use-after-free\n(UAF) access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54458",
"url": "https://www.suse.com/security/cve/CVE-2024-54458"
},
{
"category": "external",
"summary": "SUSE Bug 1238992 for CVE-2024-54458",
"url": "https://bugzilla.suse.com/1238992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-54458"
},
{
"cve": "CVE-2024-54683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: IDLETIMER: Fix for possible ABBA deadlock\n\nDeletion of the last rule referencing a given idletimer may happen at\nthe same time as a read of its file in sysfs:\n\n| ======================================================\n| WARNING: possible circular locking dependency detected\n| 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted\n| ------------------------------------------------------\n| iptables/3303 is trying to acquire lock:\n| ffff8881057e04b8 (kn-\u003eactive#48){++++}-{0:0}, at: __kernfs_remove+0x20\n|\n| but task is already holding lock:\n| ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v]\n|\n| which lock already depends on the new lock.\n\nA simple reproducer is:\n\n| #!/bin/bash\n|\n| while true; do\n| iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| done \u0026\n| while true; do\n| cat /sys/class/xt_idletimer/timers/testme \u003e/dev/null\n| done\n\nAvoid this by freeing list_mutex right after deleting the element from\nthe list, then continuing with the teardown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54683",
"url": "https://www.suse.com/security/cve/CVE-2024-54683"
},
{
"category": "external",
"summary": "SUSE Bug 1235729 for CVE-2024-54683",
"url": "https://bugzilla.suse.com/1235729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-54683"
},
{
"cve": "CVE-2024-56638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: incorrect percpu area handling under softirq\n\nSoftirq can interrupt ongoing packet from process context that is\nwalking over the percpu area that contains inner header offsets.\n\nDisable bh and perform three checks before restoring the percpu inner\nheader offsets to validate that the percpu area is valid for this\nskbuff:\n\n1) If the NFT_PKTINFO_INNER_FULL flag is set on, then this skbuff\n has already been parsed before for inner header fetching to\n register.\n\n2) Validate that the percpu area refers to this skbuff using the\n skbuff pointer as a cookie. If there is a cookie mismatch, then\n this skbuff needs to be parsed again.\n\n3) Finally, validate if the percpu area refers to this tunnel type.\n\nOnly after these three checks the percpu area is restored to a on-stack\ncopy and bh is enabled again.\n\nAfter inner header fetching, the on-stack copy is stored back to the\npercpu area.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56638",
"url": "https://www.suse.com/security/cve/CVE-2024-56638"
},
{
"category": "external",
"summary": "SUSE Bug 1235524 for CVE-2024-56638",
"url": "https://bugzilla.suse.com/1235524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-56638"
},
{
"cve": "CVE-2024-56640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix LGR and link use-after-free issue\n\nWe encountered a LGR/link use-after-free issue, which manifested as\nthe LGR/link refcnt reaching 0 early and entering the clear process,\nmaking resource access unsafe.\n\n refcount_t: addition on 0; use-after-free.\n WARNING: CPU: 14 PID: 107447 at lib/refcount.c:25 refcount_warn_saturate+0x9c/0x140\n Workqueue: events smc_lgr_terminate_work [smc]\n Call trace:\n refcount_warn_saturate+0x9c/0x140\n __smc_lgr_terminate.part.45+0x2a8/0x370 [smc]\n smc_lgr_terminate_work+0x28/0x30 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nor\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 6 PID: 93140 at lib/refcount.c:28 refcount_warn_saturate+0xf0/0x140\n Workqueue: smc_hs_wq smc_listen_work [smc]\n Call trace:\n refcount_warn_saturate+0xf0/0x140\n smcr_link_put+0x1cc/0x1d8 [smc]\n smc_conn_free+0x110/0x1b0 [smc]\n smc_conn_abort+0x50/0x60 [smc]\n smc_listen_find_device+0x75c/0x790 [smc]\n smc_listen_work+0x368/0x8a0 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nIt is caused by repeated release of LGR/link refcnt. One suspect is that\nsmc_conn_free() is called repeatedly because some smc_conn_free() from\nserver listening path are not protected by sock lock.\n\ne.g.\n\nCalls under socklock | smc_listen_work\n-------------------------------------------------------\nlock_sock(sk) | smc_conn_abort\nsmc_conn_free | \\- smc_conn_free\n\\- smcr_link_put | \\- smcr_link_put (duplicated)\nrelease_sock(sk)\n\nSo here add sock lock protection in smc_listen_work() path, making it\nexclusive with other connection operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56640",
"url": "https://www.suse.com/security/cve/CVE-2024-56640"
},
{
"category": "external",
"summary": "SUSE Bug 1235436 for CVE-2024-56640",
"url": "https://bugzilla.suse.com/1235436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-56640"
},
{
"cve": "CVE-2024-56641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56641"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: initialize close_work early to avoid warning\n\nWe encountered a warning that close_work was canceled before\ninitialization.\n\n WARNING: CPU: 7 PID: 111103 at kernel/workqueue.c:3047 __flush_work+0x19e/0x1b0\n Workqueue: events smc_lgr_terminate_work [smc]\n RIP: 0010:__flush_work+0x19e/0x1b0\n Call Trace:\n ? __wake_up_common+0x7a/0x190\n ? work_busy+0x80/0x80\n __cancel_work_timer+0xe3/0x160\n smc_close_cancel_work+0x1a/0x70 [smc]\n smc_close_active_abort+0x207/0x360 [smc]\n __smc_lgr_terminate.part.38+0xc8/0x180 [smc]\n process_one_work+0x19e/0x340\n worker_thread+0x30/0x370\n ? process_one_work+0x340/0x340\n kthread+0x117/0x130\n ? __kthread_cancel_work+0x50/0x50\n ret_from_fork+0x22/0x30\n\nThis is because when smc_close_cancel_work is triggered, e.g. the RDMA\ndriver is rmmod and the LGR is terminated, the conn-\u003eclose_work is\nflushed before initialization, resulting in WARN_ON(!work-\u003efunc).\n\n__smc_lgr_terminate | smc_connect_{rdma|ism}\n-------------------------------------------------------------\n | smc_conn_create\n\t\t\t\t| \\- smc_lgr_register_conn\nfor conn in lgr-\u003econns_all |\n\\- smc_conn_kill |\n \\- smc_close_active_abort |\n \\- smc_close_cancel_work |\n \\- cancel_work_sync |\n \\- __flush_work |\n\t (close_work) |\n\t | smc_close_init\n\t | \\- INIT_WORK(\u0026close_work)\n\nSo fix this by initializing close_work before establishing the\nconnection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56641",
"url": "https://www.suse.com/security/cve/CVE-2024-56641"
},
{
"category": "external",
"summary": "SUSE Bug 1235526 for CVE-2024-56641",
"url": "https://bugzilla.suse.com/1235526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-56641"
},
{
"cve": "CVE-2024-56702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Mark raw_tp arguments with PTR_MAYBE_NULL\n\nArguments to a raw tracepoint are tagged as trusted, which carries the\nsemantics that the pointer will be non-NULL. However, in certain cases,\na raw tracepoint argument may end up being NULL. More context about this\nissue is available in [0].\n\nThus, there is a discrepancy between the reality, that raw_tp arguments\ncan actually be NULL, and the verifier\u0027s knowledge, that they are never\nNULL, causing explicit NULL checks to be deleted, and accesses to such\npointers potentially crashing the kernel.\n\nTo fix this, mark raw_tp arguments as PTR_MAYBE_NULL, and then special\ncase the dereference and pointer arithmetic to permit it, and allow\npassing them into helpers/kfuncs; these exceptions are made for raw_tp\nprograms only. Ensure that we don\u0027t do this when ref_obj_id \u003e 0, as in\nthat case this is an acquired object and doesn\u0027t need such adjustment.\n\nThe reason we do mask_raw_tp_trusted_reg logic is because other will\nrecheck in places whether the register is a trusted_reg, and then\nconsider our register as untrusted when detecting the presence of the\nPTR_MAYBE_NULL flag.\n\nTo allow safe dereference, we enable PROBE_MEM marking when we see loads\ninto trusted pointers with PTR_MAYBE_NULL.\n\nWhile trusted raw_tp arguments can also be passed into helpers or kfuncs\nwhere such broken assumption may cause issues, a future patch set will\ntackle their case separately, as PTR_TO_BTF_ID (without PTR_TRUSTED) can\nalready be passed into helpers and causes similar problems. Thus, they\nare left alone for now.\n\nIt is possible that these checks also permit passing non-raw_tp args\nthat are trusted PTR_TO_BTF_ID with null marking. In such a case,\nallowing dereference when pointer is NULL expands allowed behavior, so\nwon\u0027t regress existing programs, and the case of passing these into\nhelpers is the same as above and will be dealt with later.\n\nAlso update the failure case in tp_btf_nullable selftest to capture the\nnew behavior, as the verifier will no longer cause an error when\ndirectly dereference a raw tracepoint argument marked as __nullable.\n\n [0]: https://lore.kernel.org/bpf/ZrCZS6nisraEqehw@jlelli-thinkpadt14gen4.remote.csb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56702",
"url": "https://www.suse.com/security/cve/CVE-2024-56702"
},
{
"category": "external",
"summary": "SUSE Bug 1235501 for CVE-2024-56702",
"url": "https://bugzilla.suse.com/1235501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-56702"
},
{
"cve": "CVE-2024-56703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix soft lockups in fib6_select_path under high next hop churn\n\nSoft lockups have been observed on a cluster of Linux-based edge routers\nlocated in a highly dynamic environment. Using the `bird` service, these\nrouters continuously update BGP-advertised routes due to frequently\nchanging nexthop destinations, while also managing significant IPv6\ntraffic. The lockups occur during the traversal of the multipath\ncircular linked-list in the `fib6_select_path` function, particularly\nwhile iterating through the siblings in the list. The issue typically\narises when the nodes of the linked list are unexpectedly deleted\nconcurrently on a different core\u2014indicated by their \u0027next\u0027 and\n\u0027previous\u0027 elements pointing back to the node itself and their reference\ncount dropping to zero. This results in an infinite loop, leading to a\nsoft lockup that triggers a system panic via the watchdog timer.\n\nApply RCU primitives in the problematic code sections to resolve the\nissue. Where necessary, update the references to fib6_siblings to\nannotate or use the RCU APIs.\n\nInclude a test script that reproduces the issue. The script\nperiodically updates the routing table while generating a heavy load\nof outgoing IPv6 traffic through multiple iperf3 clients. It\nconsistently induces infinite soft lockups within a couple of minutes.\n\nKernel log:\n\n 0 [ffffbd13003e8d30] machine_kexec at ffffffff8ceaf3eb\n 1 [ffffbd13003e8d90] __crash_kexec at ffffffff8d0120e3\n 2 [ffffbd13003e8e58] panic at ffffffff8cef65d4\n 3 [ffffbd13003e8ed8] watchdog_timer_fn at ffffffff8d05cb03\n 4 [ffffbd13003e8f08] __hrtimer_run_queues at ffffffff8cfec62f\n 5 [ffffbd13003e8f70] hrtimer_interrupt at ffffffff8cfed756\n 6 [ffffbd13003e8fd0] __sysvec_apic_timer_interrupt at ffffffff8cea01af\n 7 [ffffbd13003e8ff0] sysvec_apic_timer_interrupt at ffffffff8df1b83d\n-- \u003cIRQ stack\u003e --\n 8 [ffffbd13003d3708] asm_sysvec_apic_timer_interrupt at ffffffff8e000ecb\n [exception RIP: fib6_select_path+299]\n RIP: ffffffff8ddafe7b RSP: ffffbd13003d37b8 RFLAGS: 00000287\n RAX: ffff975850b43600 RBX: ffff975850b40200 RCX: 0000000000000000\n RDX: 000000003fffffff RSI: 0000000051d383e4 RDI: ffff975850b43618\n RBP: ffffbd13003d3800 R8: 0000000000000000 R9: ffff975850b40200\n R10: 0000000000000000 R11: 0000000000000000 R12: ffffbd13003d3830\n R13: ffff975850b436a8 R14: ffff975850b43600 R15: 0000000000000007\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n 9 [ffffbd13003d3808] ip6_pol_route at ffffffff8ddb030c\n10 [ffffbd13003d3888] ip6_pol_route_input at ffffffff8ddb068c\n11 [ffffbd13003d3898] fib6_rule_lookup at ffffffff8ddf02b5\n12 [ffffbd13003d3928] ip6_route_input at ffffffff8ddb0f47\n13 [ffffbd13003d3a18] ip6_rcv_finish_core.constprop.0 at ffffffff8dd950d0\n14 [ffffbd13003d3a30] ip6_list_rcv_finish.constprop.0 at ffffffff8dd96274\n15 [ffffbd13003d3a98] ip6_sublist_rcv at ffffffff8dd96474\n16 [ffffbd13003d3af8] ipv6_list_rcv at ffffffff8dd96615\n17 [ffffbd13003d3b60] __netif_receive_skb_list_core at ffffffff8dc16fec\n18 [ffffbd13003d3be0] netif_receive_skb_list_internal at ffffffff8dc176b3\n19 [ffffbd13003d3c50] napi_gro_receive at ffffffff8dc565b9\n20 [ffffbd13003d3c80] ice_receive_skb at ffffffffc087e4f5 [ice]\n21 [ffffbd13003d3c90] ice_clean_rx_irq at ffffffffc0881b80 [ice]\n22 [ffffbd13003d3d20] ice_napi_poll at ffffffffc088232f [ice]\n23 [ffffbd13003d3d80] __napi_poll at ffffffff8dc18000\n24 [ffffbd13003d3db8] net_rx_action at ffffffff8dc18581\n25 [ffffbd13003d3e40] __do_softirq at ffffffff8df352e9\n26 [ffffbd13003d3eb0] run_ksoftirqd at ffffffff8ceffe47\n27 [ffffbd13003d3ec0] smpboot_thread_fn at ffffffff8cf36a30\n28 [ffffbd13003d3ee8] kthread at ffffffff8cf2b39f\n29 [ffffbd13003d3f28] ret_from_fork at ffffffff8ce5fa64\n30 [ffffbd13003d3f50] ret_from_fork_asm at ffffffff8ce03cbb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56703",
"url": "https://www.suse.com/security/cve/CVE-2024-56703"
},
{
"category": "external",
"summary": "SUSE Bug 1235455 for CVE-2024-56703",
"url": "https://bugzilla.suse.com/1235455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-56703"
},
{
"cve": "CVE-2024-56718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: protect link down work from execute after lgr freed\n\nlink down work may be scheduled before lgr freed but execute\nafter lgr freed, which may result in crash. So it is need to\nhold a reference before shedule link down work, and put the\nreference after work executed or canceled.\n\nThe relevant crash call stack as follows:\n list_del corruption. prev-\u003enext should be ffffb638c9c0fe20,\n but was 0000000000000000\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:51!\n invalid opcode: 0000 [#1] SMP NOPTI\n CPU: 6 PID: 978112 Comm: kworker/6:119 Kdump: loaded Tainted: G #1\n Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 2221b89 04/01/2014\n Workqueue: events smc_link_down_work [smc]\n RIP: 0010:__list_del_entry_valid.cold+0x31/0x47\n RSP: 0018:ffffb638c9c0fdd8 EFLAGS: 00010086\n RAX: 0000000000000054 RBX: ffff942fb75e5128 RCX: 0000000000000000\n RDX: ffff943520930aa0 RSI: ffff94352091fc80 RDI: ffff94352091fc80\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb638c9c0fc38\n R10: ffffb638c9c0fc30 R11: ffffffffa015eb28 R12: 0000000000000002\n R13: ffffb638c9c0fe20 R14: 0000000000000001 R15: ffff942f9cd051c0\n FS: 0000000000000000(0000) GS:ffff943520900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f4f25214000 CR3: 000000025fbae004 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n rwsem_down_write_slowpath+0x17e/0x470\n smc_link_down_work+0x3c/0x60 [smc]\n process_one_work+0x1ac/0x350\n worker_thread+0x49/0x2f0\n ? rescuer_thread+0x360/0x360\n kthread+0x118/0x140\n ? __kthread_bind_mask+0x60/0x60\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56718",
"url": "https://www.suse.com/security/cve/CVE-2024-56718"
},
{
"category": "external",
"summary": "SUSE Bug 1235589 for CVE-2024-56718",
"url": "https://bugzilla.suse.com/1235589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-56718"
},
{
"cve": "CVE-2024-56719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix TSO DMA API usage causing oops\n\nCommit 66600fac7a98 (\"net: stmmac: TSO: Fix unbalanced DMA map/unmap\nfor non-paged SKB data\") moved the assignment of tx_skbuff_dma[]\u0027s\nmembers to be later in stmmac_tso_xmit().\n\nThe buf (dma cookie) and len stored in this structure are passed to\ndma_unmap_single() by stmmac_tx_clean(). The DMA API requires that\nthe dma cookie passed to dma_unmap_single() is the same as the value\nreturned from dma_map_single(). However, by moving the assignment\nlater, this is not the case when priv-\u003edma_cap.addr64 \u003e 32 as \"des\"\nis offset by proto_hdr_len.\n\nThis causes problems such as:\n\n dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed\n\nand with DMA_API_DEBUG enabled:\n\n DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes]\n\nFix this by maintaining \"des\" as the original DMA cookie, and use\ntso_des to pass the offset DMA cookie to stmmac_tso_allocator().\n\nFull details of the crashes can be found at:\nhttps://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/\nhttps://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56719",
"url": "https://www.suse.com/security/cve/CVE-2024-56719"
},
{
"category": "external",
"summary": "SUSE Bug 1235591 for CVE-2024-56719",
"url": "https://bugzilla.suse.com/1235591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-56719"
},
{
"cve": "CVE-2024-56751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: release nexthop on device removal\n\nThe CI is hitting some aperiodic hangup at device removal time in the\npmtu.sh self-test:\n\nunregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6\nref_tracker: veth_A-R1@ffff888013df15d8 has 1/5 users at\n\tdst_init+0x84/0x4a0\n\tdst_alloc+0x97/0x150\n\tip6_dst_alloc+0x23/0x90\n\tip6_rt_pcpu_alloc+0x1e6/0x520\n\tip6_pol_route+0x56f/0x840\n\tfib6_rule_lookup+0x334/0x630\n\tip6_route_output_flags+0x259/0x480\n\tip6_dst_lookup_tail.constprop.0+0x5c2/0x940\n\tip6_dst_lookup_flow+0x88/0x190\n\tudp_tunnel6_dst_lookup+0x2a7/0x4c0\n\tvxlan_xmit_one+0xbde/0x4a50 [vxlan]\n\tvxlan_xmit+0x9ad/0xf20 [vxlan]\n\tdev_hard_start_xmit+0x10e/0x360\n\t__dev_queue_xmit+0xf95/0x18c0\n\tarp_solicit+0x4a2/0xe00\n\tneigh_probe+0xaa/0xf0\n\nWhile the first suspect is the dst_cache, explicitly tracking the dst\nowing the last device reference via probes proved such dst is held by\nthe nexthop in the originating fib6_info.\n\nSimilar to commit f5b51fe804ec (\"ipv6: route: purge exception on\nremoval\"), we need to explicitly release the originating fib info when\ndisconnecting a to-be-removed device from a live ipv6 dst: move the\nfib6_info cleanup into ip6_dst_ifdown().\n\nTested running:\n\n./pmtu.sh cleanup_ipv6_exception\n\nin a tight loop for more than 400 iterations with no spat, running an\nunpatched kernel I observed a splat every ~10 iterations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56751",
"url": "https://www.suse.com/security/cve/CVE-2024-56751"
},
{
"category": "external",
"summary": "SUSE Bug 1234936 for CVE-2024-56751",
"url": "https://bugzilla.suse.com/1234936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-56751"
},
{
"cve": "CVE-2024-56758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: check folio mapping after unlock in relocate_one_folio()\n\nWhen we call btrfs_read_folio() to bring a folio uptodate, we unlock the\nfolio. The result of that is that a different thread can modify the\nmapping (like remove it with invalidate) before we call folio_lock().\nThis results in an invalid page and we need to try again.\n\nIn particular, if we are relocating concurrently with aborting a\ntransaction, this can result in a crash like the following:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP\n CPU: 76 PID: 1411631 Comm: kworker/u322:5\n Workqueue: events_unbound btrfs_reclaim_bgs_work\n RIP: 0010:set_page_extent_mapped+0x20/0xb0\n RSP: 0018:ffffc900516a7be8 EFLAGS: 00010246\n RAX: ffffea009e851d08 RBX: ffffea009e0b1880 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffffc900516a7b90 RDI: ffffea009e0b1880\n RBP: 0000000003573000 R08: 0000000000000001 R09: ffff88c07fd2f3f0\n R10: 0000000000000000 R11: 0000194754b575be R12: 0000000003572000\n R13: 0000000003572fff R14: 0000000000100cca R15: 0000000005582fff\n FS: 0000000000000000(0000) GS:ffff88c07fd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 000000407d00f002 CR4: 00000000007706f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x78/0xc0\n ? page_fault_oops+0x2a8/0x3a0\n ? __switch_to+0x133/0x530\n ? wq_worker_running+0xa/0x40\n ? exc_page_fault+0x63/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? set_page_extent_mapped+0x20/0xb0\n relocate_file_extent_cluster+0x1a7/0x940\n relocate_data_extent+0xaf/0x120\n relocate_block_group+0x20f/0x480\n btrfs_relocate_block_group+0x152/0x320\n btrfs_relocate_chunk+0x3d/0x120\n btrfs_reclaim_bgs_work+0x2ae/0x4e0\n process_scheduled_works+0x184/0x370\n worker_thread+0xc6/0x3e0\n ? blk_add_timer+0xb0/0xb0\n kthread+0xae/0xe0\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork+0x2f/0x40\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThis occurs because cleanup_one_transaction() calls\ndestroy_delalloc_inodes() which calls invalidate_inode_pages2() which\ntakes the folio_lock before setting mapping to NULL. We fail to check\nthis, and subsequently call set_extent_mapping(), which assumes that\nmapping != NULL (in fact it asserts that in debug mode)\n\nNote that the \"fixes\" patch here is not the one that introduced the\nrace (the very first iteration of this code from 2009) but a more recent\nchange that made this particular crash happen in practice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56758",
"url": "https://www.suse.com/security/cve/CVE-2024-56758"
},
{
"category": "external",
"summary": "SUSE Bug 1235621 for CVE-2024-56758",
"url": "https://bugzilla.suse.com/1235621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-56758"
},
{
"cve": "CVE-2024-56770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: netem: account for backlog updates from child qdisc\n\nIn general, \u0027qlen\u0027 of any classful qdisc should keep track of the\nnumber of packets that the qdisc itself and all of its children holds.\nIn case of netem, \u0027qlen\u0027 only accounts for the packets in its internal\ntfifo. When netem is used with a child qdisc, the child qdisc can use\n\u0027qdisc_tree_reduce_backlog\u0027 to inform its parent, netem, about created\nor dropped SKBs. This function updates \u0027qlen\u0027 and the backlog statistics\nof netem, but netem does not account for changes made by a child qdisc.\n\u0027qlen\u0027 then indicates the wrong number of packets in the tfifo.\nIf a child qdisc creates new SKBs during enqueue and informs its parent\nabout this, netem\u0027s \u0027qlen\u0027 value is increased. When netem dequeues the\nnewly created SKBs from the child, the \u0027qlen\u0027 in netem is not updated.\nIf \u0027qlen\u0027 reaches the configured sch-\u003elimit, the enqueue function stops\nworking, even though the tfifo is not full.\n\nReproduce the bug:\nEnsure that the sender machine has GSO enabled. Configure netem as root\nqdisc and tbf as its child on the outgoing interface of the machine\nas follows:\n$ tc qdisc add dev \u003coif\u003e root handle 1: netem delay 100ms limit 100\n$ tc qdisc add dev \u003coif\u003e parent 1:0 tbf rate 50Mbit burst 1542 latency 50ms\n\nSend bulk TCP traffic out via this interface, e.g., by running an iPerf3\nclient on the machine. Check the qdisc statistics:\n$ tc -s qdisc show dev \u003coif\u003e\n\nStatistics after 10s of iPerf3 TCP test before the fix (note that\nnetem\u0027s backlog \u003e limit, netem stopped accepting packets):\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 2767766 bytes 1848 pkt (dropped 652, overlimits 0 requeues 0)\n backlog 4294528236b 1155p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 2767766 bytes 1848 pkt (dropped 327, overlimits 7601 requeues 0)\n backlog 0b 0p requeues 0\n\nStatistics after the fix:\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 37766372 bytes 24974 pkt (dropped 9, overlimits 0 requeues 0)\n backlog 0b 0p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 37766372 bytes 24974 pkt (dropped 327, overlimits 96017 requeues 0)\n backlog 0b 0p requeues 0\n\ntbf segments the GSO SKBs (tbf_segment) and updates the netem\u0027s \u0027qlen\u0027.\nThe interface fully stops transferring packets and \"locks\". In this case,\nthe child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at\nits limit and no more packets are accepted.\n\nThis patch adds a counter for the entries in the tfifo. Netem\u0027s \u0027qlen\u0027 is\nonly decreased when a packet is returned by its dequeue function, and not\nduring enqueuing into the child qdisc. External updates to \u0027qlen\u0027 are thus\naccounted for and only the behavior of the backlog statistics changes. As\nin other qdiscs, \u0027qlen\u0027 then keeps track of how many packets are held in\nnetem and all of its children. As before, sch-\u003elimit remains as the\nmaximum number of packets in the tfifo. The same applies to netem\u0027s\nbacklog statistics.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56770",
"url": "https://www.suse.com/security/cve/CVE-2024-56770"
},
{
"category": "external",
"summary": "SUSE Bug 1235637 for CVE-2024-56770",
"url": "https://bugzilla.suse.com/1235637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-56770"
},
{
"cve": "CVE-2024-57900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: serialize calls to nf_register_net_hooks()\n\nsyzbot found a race in ila_add_mapping() [1]\n\ncommit 031ae72825ce (\"ila: call nf_unregister_net_hooks() sooner\")\nattempted to fix a similar issue.\n\nLooking at the syzbot repro, we have concurrent ILA_CMD_ADD commands.\n\nAdd a mutex to make sure at most one thread is calling nf_register_net_hooks().\n\n[1]\n BUG: KASAN: slab-use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: slab-use-after-free in __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\nRead of size 4 at addr ffff888028f40008 by task dhcpcd/5501\n\nCPU: 1 UID: 0 PID: 5501 Comm: dhcpcd Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:489\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626\n nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309\n __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672\n __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785\n process_backlog+0x443/0x15f0 net/core/dev.c:6117\n __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0xa94/0x1010 net/core/dev.c:7074\n handle_softirqs+0x213/0x8f0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57900",
"url": "https://www.suse.com/security/cve/CVE-2024-57900"
},
{
"category": "external",
"summary": "SUSE Bug 1235973 for CVE-2024-57900",
"url": "https://bugzilla.suse.com/1235973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-57900"
},
{
"cve": "CVE-2024-57924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: relax assertions on failure to encode file handles\n\nEncoding file handles is usually performed by a filesystem \u003eencode_fh()\nmethod that may fail for various reasons.\n\nThe legacy users of exportfs_encode_fh(), namely, nfsd and\nname_to_handle_at(2) syscall are ready to cope with the possibility\nof failure to encode a file handle.\n\nThere are a few other users of exportfs_encode_{fh,fid}() that\ncurrently have a WARN_ON() assertion when -\u003eencode_fh() fails.\nRelax those assertions because they are wrong.\n\nThe second linked bug report states commit 16aac5ad1fa9 (\"ovl: support\nencoding non-decodable file handles\") in v6.6 as the regressing commit,\nbut this is not accurate.\n\nThe aforementioned commit only increases the chances of the assertion\nand allows triggering the assertion with the reproducer using overlayfs,\ninotify and drop_caches.\n\nTriggering this assertion was always possible with other filesystems and\nother reasons of -\u003eencode_fh() failures and more particularly, it was\nalso possible with the exact same reproducer using overlayfs that is\nmounted with options index=on,nfs_export=on also on kernels \u003c v6.6.\nTherefore, I am not listing the aforementioned commit as a Fixes commit.\n\nBackport hint: this patch will have a trivial conflict applying to\nv6.6.y, and other trivial conflicts applying to stable kernels \u003c v6.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57924",
"url": "https://www.suse.com/security/cve/CVE-2024-57924"
},
{
"category": "external",
"summary": "SUSE Bug 1236086 for CVE-2024-57924",
"url": "https://bugzilla.suse.com/1236086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-57924"
},
{
"cve": "CVE-2024-57947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f-\u003ebsize of the first element\nis smaller than m-\u003ebsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn\u0027t enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57947",
"url": "https://www.suse.com/security/cve/CVE-2024-57947"
},
{
"category": "external",
"summary": "SUSE Bug 1236333 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "external",
"summary": "SUSE Bug 1245799 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1245799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2024-57947"
},
{
"cve": "CVE-2024-57974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Deal with race between UDP socket address change and rehash\n\nIf a UDP socket changes its local address while it\u0027s receiving\ndatagrams, as a result of connect(), there is a period during which\na lookup operation might fail to find it, after the address is changed\nbut before the secondary hash (port and address) and the four-tuple\nhash (local and remote ports and addresses) are updated.\n\nSecondary hash chains were introduced by commit 30fff9231fad (\"udp:\nbind() optimisation\") and, as a result, a rehash operation became\nneeded to make a bound socket reachable again after a connect().\n\nThis operation was introduced by commit 719f835853a9 (\"udp: add\nrehash on connect()\") which isn\u0027t however a complete fix: the\nsocket will be found once the rehashing completes, but not while\nit\u0027s pending.\n\nThis is noticeable with a socat(1) server in UDP4-LISTEN mode, and a\nclient sending datagrams to it. After the server receives the first\ndatagram (cf. _xioopen_ipdgram_listen()), it issues a connect() to\nthe address of the sender, in order to set up a directed flow.\n\nNow, if the client, running on a different CPU thread, happens to\nsend a (subsequent) datagram while the server\u0027s socket changes its\naddress, but is not rehashed yet, this will result in a failed\nlookup and a port unreachable error delivered to the client, as\napparent from the following reproducer:\n\n LEN=$(($(cat /proc/sys/net/core/wmem_default) / 4))\n dd if=/dev/urandom bs=1 count=${LEN} of=tmp.in\n\n while :; do\n \ttaskset -c 1 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.1 || sleep 1\n \ttaskset -c 2 socat OPEN:tmp.in UDP4:localhost:1337,shut-null\n \twait\n done\n\nwhere the client will eventually get ECONNREFUSED on a write()\n(typically the second or third one of a given iteration):\n\n 2024/11/13 21:28:23 socat[46901] E write(6, 0x556db2e3c000, 8192): Connection refused\n\nThis issue was first observed as a seldom failure in Podman\u0027s tests\nchecking UDP functionality while using pasta(1) to connect the\ncontainer\u0027s network namespace, which leads us to a reproducer with\nthe lookup error resulting in an ICMP packet on a tap device:\n\n LOCAL_ADDR=\"$(ip -j -4 addr show|jq -rM \u0027.[] | .addr_info[0] | select(.scope == \"global\").local\u0027)\"\n\n while :; do\n \t./pasta --config-net -p pasta.pcap -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.2 || sleep 1\n \tsocat OPEN:tmp.in UDP4:${LOCAL_ADDR}:1337,shut-null\n \twait\n \tcmp tmp.in tmp.out\n done\n\nOnce this fails:\n\n tmp.in tmp.out differ: char 8193, line 29\n\nwe can finally have a look at what\u0027s going on:\n\n $ tshark -r pasta.pcap\n 1 0.000000 :: ? ff02::16 ICMPv6 110 Multicast Listener Report Message v2\n 2 0.168690 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 3 0.168767 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 4 0.168806 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 5 0.168827 c6:47:05:8d:dc:04 ? Broadcast ARP 42 Who has 88.198.0.161? Tell 88.198.0.164\n 6 0.168851 9a:55:9a:55:9a:55 ? c6:47:05:8d:dc:04 ARP 42 88.198.0.161 is at 9a:55:9a:55:9a:55\n 7 0.168875 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 8 0.168896 88.198.0.164 ? 88.198.0.161 ICMP 590 Destination unreachable (Port unreachable)\n 9 0.168926 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 10 0.168959 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 11 0.168989 88.198.0.161 ? 88.198.0.164 UDP 4138 60260 ? 1337 Len=4096\n 12 0.169010 88.198.0.161 ? 88.198.0.164 UDP 42 60260 ? 1337 Len=0\n\nOn the third datagram received, the network namespace of the container\ninitiates an ARP lookup to deliver the ICMP message.\n\nIn another variant of this reproducer, starting the client with:\n\n strace -f pasta --config-net -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,tru\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57974",
"url": "https://www.suse.com/security/cve/CVE-2024-57974"
},
{
"category": "external",
"summary": "SUSE Bug 1238532 for CVE-2024-57974",
"url": "https://bugzilla.suse.com/1238532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-57974"
},
{
"cve": "CVE-2024-57998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nOPP: add index check to assert to avoid buffer overflow in _read_freq()\n\nPass the freq index to the assert function to make sure\nwe do not read a freq out of the opp-\u003erates[] table when called\nfrom the indexed variants:\ndev_pm_opp_find_freq_exact_indexed() or\ndev_pm_opp_find_freq_ceil/floor_indexed().\n\nAdd a secondary parameter to the assert function, unused\nfor assert_single_clk() then add assert_clk_index() which\nwill check for the clock index when called from the _indexed()\nfind functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57998",
"url": "https://www.suse.com/security/cve/CVE-2024-57998"
},
{
"category": "external",
"summary": "SUSE Bug 1238527 for CVE-2024-57998",
"url": "https://bugzilla.suse.com/1238527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-57998"
},
{
"cve": "CVE-2024-58001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: handle a symlink read error correctly\n\nPatch series \"Convert ocfs2 to use folios\".\n\nMark did a conversion of ocfs2 to use folios and sent it to me as a\ngiant patch for review ;-)\n\nSo I\u0027ve redone it as individual patches, and credited Mark for the patches\nwhere his code is substantially the same. It\u0027s not a bad way to do it;\nhis patch had some bugs and my patches had some bugs. Hopefully all our\nbugs were different from each other. And hopefully Mark likes all the\nchanges I made to his code!\n\n\nThis patch (of 23):\n\nIf we can\u0027t read the buffer, be sure to unlock the page before returning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58001",
"url": "https://www.suse.com/security/cve/CVE-2024-58001"
},
{
"category": "external",
"summary": "SUSE Bug 1239079 for CVE-2024-58001",
"url": "https://bugzilla.suse.com/1239079"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "low"
}
],
"title": "CVE-2024-58001"
},
{
"cve": "CVE-2024-58018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm: correctly calculate the available space of the GSP cmdq buffer\n\nr535_gsp_cmdq_push() waits for the available page in the GSP cmdq\nbuffer when handling a large RPC request. When it sees at least one\navailable page in the cmdq, it quits the waiting with the amount of\nfree buffer pages in the queue.\n\nUnfortunately, it always takes the [write pointer, buf_size) as\navailable buffer pages before rolling back and wrongly calculates the\nsize of the data should be copied. Thus, it can overwrite the RPC\nrequest that GSP is currently reading, which causes GSP hang due\nto corrupted RPC request:\n\n[ 549.209389] ------------[ cut here ]------------\n[ 549.214010] WARNING: CPU: 8 PID: 6314 at drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c:116 r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.225678] Modules linked in: nvkm(E+) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) mlx5_ib(E) amd64_edac(E) edac_mce_amd(E) kvm_amd(E) ib_uverbs(E) kvm(E) ib_core(E) acpi_ipmi(E) ipmi_si(E) mxm_wmi(E) ipmi_devintf(E) rapl(E) i2c_piix4(E) wmi_bmof(E) joydev(E) ptdma(E) acpi_cpufreq(E) k10temp(E) pcspkr(E) ipmi_msghandler(E) xfs(E) libcrc32c(E) ast(E) i2c_algo_bit(E) crct10dif_pclmul(E) drm_shmem_helper(E) nvme_tcp(E) crc32_pclmul(E) ahci(E) drm_kms_helper(E) libahci(E) nvme_fabrics(E) crc32c_intel(E) nvme(E) cdc_ether(E) mlx5_core(E) nvme_core(E) usbnet(E) drm(E) libata(E) ccp(E) ghash_clmulni_intel(E) mii(E) t10_pi(E) mlxfw(E) sp5100_tco(E) psample(E) pci_hyperv_intf(E) wmi(E) dm_multipath(E) sunrpc(E) dm_mirror(E) dm_region_hash(E) dm_log(E) dm_mod(E) be2iscsi(E) bnx2i(E) cnic(E) uio(E) cxgb4i(E) cxgb4(E) tls(E) libcxgbi(E) libcxgb(E) qla4xxx(E)\n[ 549.225752] iscsi_boot_sysfs(E) iscsi_tcp(E) libiscsi_tcp(E) libiscsi(E) scsi_transport_iscsi(E) fuse(E) [last unloaded: gsp_log(E)]\n[ 549.326293] CPU: 8 PID: 6314 Comm: insmod Tainted: G E 6.9.0-rc6+ #1\n[ 549.334039] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[ 549.341781] RIP: 0010:r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.347343] Code: 08 00 00 89 da c1 e2 0c 48 8d ac 11 00 10 00 00 48 8b 0c 24 48 85 c9 74 1f c1 e0 0c 4c 8d 6d 30 83 e8 30 89 01 e9 68 ff ff ff \u003c0f\u003e 0b 49 c7 c5 92 ff ff ff e9 5a ff ff ff ba ff ff ff ff be c0 0c\n[ 549.366090] RSP: 0018:ffffacbccaaeb7d0 EFLAGS: 00010246\n[ 549.371315] RAX: 0000000000000000 RBX: 0000000000000012 RCX: 0000000000923e28\n[ 549.378451] RDX: 0000000000000000 RSI: 0000000055555554 RDI: ffffacbccaaeb730\n[ 549.385590] RBP: 0000000000000001 R08: ffff8bd14d235f70 R09: ffff8bd14d235f70\n[ 549.392721] R10: 0000000000000002 R11: ffff8bd14d233864 R12: 0000000000000020\n[ 549.399854] R13: ffffacbccaaeb818 R14: 0000000000000020 R15: ffff8bb298c67000\n[ 549.406988] FS: 00007f5179244740(0000) GS:ffff8bd14d200000(0000) knlGS:0000000000000000\n[ 549.415076] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 549.420829] CR2: 00007fa844000010 CR3: 00000001567dc005 CR4: 0000000000770ef0\n[ 549.427963] PKRU: 55555554\n[ 549.430672] Call Trace:\n[ 549.433126] \u003cTASK\u003e\n[ 549.435233] ? __warn+0x7f/0x130\n[ 549.438473] ? r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.443426] ? report_bug+0x18a/0x1a0\n[ 549.447098] ? handle_bug+0x3c/0x70\n[ 549.450589] ? exc_invalid_op+0x14/0x70\n[ 549.454430] ? asm_exc_invalid_op+0x16/0x20\n[ 549.458619] ? r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.463565] r535_gsp_msg_recv+0x46/0x230 [nvkm]\n[ 549.468257] r535_gsp_rpc_push+0x106/0x160 [nvkm]\n[ 549.473033] r535_gsp_rpc_rm_ctrl_push+0x40/0x130 [nvkm]\n[ 549.478422] nvidia_grid_init_vgpu_types+0xbc/0xe0 [nvkm]\n[ 549.483899] nvidia_grid_init+0xb1/0xd0 [nvkm]\n[ 549.488420] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 549.493213] nvkm_device_pci_probe+0x305/0x420 [nvkm]\n[ 549.498338] local_pci_probe+0x46/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58018",
"url": "https://www.suse.com/security/cve/CVE-2024-58018"
},
{
"category": "external",
"summary": "SUSE Bug 1238990 for CVE-2024-58018",
"url": "https://bugzilla.suse.com/1238990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-58018"
},
{
"cve": "CVE-2024-58019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm/gsp: correctly advance the read pointer of GSP message queue\n\nA GSP event message consists three parts: message header, RPC header,\nmessage body. GSP calculates the number of pages to write from the\ntotal size of a GSP message. This behavior can be observed from the\nmovement of the write pointer.\n\nHowever, nvkm takes only the size of RPC header and message body as\nthe message size when advancing the read pointer. When handling a\ntwo-page GSP message in the non rollback case, It wrongly takes the\nmessage body of the previous message as the message header of the next\nmessage. As the \"message length\" tends to be zero, in the calculation of\nsize needs to be copied (0 - size of (message header)), the size needs to\nbe copied will be \"0xffffffxx\". It also triggers a kernel panic due to a\nNULL pointer error.\n\n[ 547.614102] msg: 00000f90: ff ff ff ff ff ff ff ff 40 d7 18 fb 8b 00 00 00 ........@.......\n[ 547.622533] msg: 00000fa0: 00 00 00 00 ff ff ff ff ff ff ff ff 00 00 00 00 ................\n[ 547.630965] msg: 00000fb0: ff ff ff ff ff ff ff ff 00 00 00 00 ff ff ff ff ................\n[ 547.639397] msg: 00000fc0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff ................\n[ 547.647832] nvkm 0000:c1:00.0: gsp: peek msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.655225] nvkm 0000:c1:00.0: gsp: get msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.662532] BUG: kernel NULL pointer dereference, address: 0000000000000020\n[ 547.669485] #PF: supervisor read access in kernel mode\n[ 547.674624] #PF: error_code(0x0000) - not-present page\n[ 547.679755] PGD 0 P4D 0\n[ 547.682294] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 547.686643] CPU: 22 PID: 322 Comm: kworker/22:1 Tainted: G E 6.9.0-rc6+ #1\n[ 547.694893] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[ 547.702626] Workqueue: events r535_gsp_msgq_work [nvkm]\n[ 547.707921] RIP: 0010:r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.713375] Code: 00 8b 70 08 48 89 e1 31 d2 4c 89 f7 e8 12 f5 ff ff 48 89 c5 48 85 c0 0f 84 cf 00 00 00 48 81 fd 00 f0 ff ff 0f 87 c4 00 00 00 \u003c8b\u003e 55 10 41 8b 46 30 85 d2 0f 85 f6 00 00 00 83 f8 04 76 10 ba 05\n[ 547.732119] RSP: 0018:ffffabe440f87e10 EFLAGS: 00010203\n[ 547.737335] RAX: 0000000000000010 RBX: 0000000000000008 RCX: 000000000000003f\n[ 547.744461] RDX: 0000000000000000 RSI: ffffabe4480a8030 RDI: 0000000000000010\n[ 547.751585] RBP: 0000000000000010 R08: 0000000000000000 R09: ffffabe440f87bb0\n[ 547.758707] R10: ffffabe440f87dc8 R11: 0000000000000010 R12: 0000000000000000\n[ 547.765834] R13: 0000000000000000 R14: ffff9351df1e5000 R15: 0000000000000000\n[ 547.772958] FS: 0000000000000000(0000) GS:ffff93708eb00000(0000) knlGS:0000000000000000\n[ 547.781035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 547.786771] CR2: 0000000000000020 CR3: 00000003cc220002 CR4: 0000000000770ef0\n[ 547.793896] PKRU: 55555554\n[ 547.796600] Call Trace:\n[ 547.799046] \u003cTASK\u003e\n[ 547.801152] ? __die+0x20/0x70\n[ 547.804211] ? page_fault_oops+0x75/0x170\n[ 547.808221] ? print_hex_dump+0x100/0x160\n[ 547.812226] ? exc_page_fault+0x64/0x150\n[ 547.816152] ? asm_exc_page_fault+0x22/0x30\n[ 547.820341] ? r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.825184] r535_gsp_msgq_work+0x42/0x50 [nvkm]\n[ 547.829845] process_one_work+0x196/0x3d0\n[ 547.833861] worker_thread+0x2fc/0x410\n[ 547.837613] ? __pfx_worker_thread+0x10/0x10\n[ 547.841885] kthread+0xdf/0x110\n[ 547.845031] ? __pfx_kthread+0x10/0x10\n[ 547.848775] ret_from_fork+0x30/0x50\n[ 547.852354] ? __pfx_kthread+0x10/0x10\n[ 547.856097] ret_from_fork_asm+0x1a/0x30\n[ 547.860019] \u003c/TASK\u003e\n[ 547.862208] Modules linked in: nvkm(E) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) amd64_edac(E) mlx5_ib(E) edac_mce_amd(E) kvm_amd\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58019",
"url": "https://www.suse.com/security/cve/CVE-2024-58019"
},
{
"category": "external",
"summary": "SUSE Bug 1238997 for CVE-2024-58019",
"url": "https://bugzilla.suse.com/1238997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-58019"
},
{
"cve": "CVE-2024-58020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Add NULL check in mt_input_configured\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in mt_input_configured() is not checked.\nAdd NULL check in mt_input_configured(), to handle kernel NULL\npointer dereference error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58020",
"url": "https://www.suse.com/security/cve/CVE-2024-58020"
},
{
"category": "external",
"summary": "SUSE Bug 1239346 for CVE-2024-58020",
"url": "https://bugzilla.suse.com/1239346"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-58020"
},
{
"cve": "CVE-2024-58068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nOPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized\n\nIf a driver calls dev_pm_opp_find_bw_ceil/floor() the retrieve bandwidth\nfrom the OPP table but the bandwidth table was not created because the\ninterconnect properties were missing in the OPP consumer node, the\nkernel will crash with:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000004\n...\npc : _read_bw+0x8/0x10\nlr : _opp_table_find_key+0x9c/0x174\n...\nCall trace:\n _read_bw+0x8/0x10 (P)\n _opp_table_find_key+0x9c/0x174 (L)\n _find_key+0x98/0x168\n dev_pm_opp_find_bw_ceil+0x50/0x88\n...\n\nIn order to fix the crash, create an assert function to check\nif the bandwidth table was created before trying to get a\nbandwidth with _read_bw().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58068",
"url": "https://www.suse.com/security/cve/CVE-2024-58068"
},
{
"category": "external",
"summary": "SUSE Bug 1238961 for CVE-2024-58068",
"url": "https://bugzilla.suse.com/1238961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-58068"
},
{
"cve": "CVE-2024-58070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT\n\nIn PREEMPT_RT, kmalloc(GFP_ATOMIC) is still not safe in non preemptible\ncontext. bpf_mem_alloc must be used in PREEMPT_RT. This patch is\nto enforce bpf_mem_alloc in the bpf_local_storage when CONFIG_PREEMPT_RT\nis enabled.\n\n[ 35.118559] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 35.118566] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1832, name: test_progs\n[ 35.118569] preempt_count: 1, expected: 0\n[ 35.118571] RCU nest depth: 1, expected: 1\n[ 35.118577] INFO: lockdep is turned off.\n ...\n[ 35.118647] __might_resched+0x433/0x5b0\n[ 35.118677] rt_spin_lock+0xc3/0x290\n[ 35.118700] ___slab_alloc+0x72/0xc40\n[ 35.118723] __kmalloc_noprof+0x13f/0x4e0\n[ 35.118732] bpf_map_kzalloc+0xe5/0x220\n[ 35.118740] bpf_selem_alloc+0x1d2/0x7b0\n[ 35.118755] bpf_local_storage_update+0x2fa/0x8b0\n[ 35.118784] bpf_sk_storage_get_tracing+0x15a/0x1d0\n[ 35.118791] bpf_prog_9a118d86fca78ebb_trace_inet_sock_set_state+0x44/0x66\n[ 35.118795] bpf_trace_run3+0x222/0x400\n[ 35.118820] __bpf_trace_inet_sock_set_state+0x11/0x20\n[ 35.118824] trace_inet_sock_set_state+0x112/0x130\n[ 35.118830] inet_sk_state_store+0x41/0x90\n[ 35.118836] tcp_set_state+0x3b3/0x640\n\nThere is no need to adjust the gfp_flags passing to the\nbpf_mem_cache_alloc_flags() which only honors the GFP_KERNEL.\nThe verifier has ensured GFP_KERNEL is passed only in sleepable context.\n\nIt has been an old issue since the first introduction of the\nbpf_local_storage ~5 years ago, so this patch targets the bpf-next.\n\nbpf_mem_alloc is needed to solve it, so the Fixes tag is set\nto the commit when bpf_mem_alloc was first used in the bpf_local_storage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58070",
"url": "https://www.suse.com/security/cve/CVE-2024-58070"
},
{
"category": "external",
"summary": "SUSE Bug 1238983 for CVE-2024-58070",
"url": "https://bugzilla.suse.com/1238983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-58070"
},
{
"cve": "CVE-2024-58071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58071"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: prevent adding a device which is already a team device lower\n\nPrevent adding a device which is already a team device lower,\ne.g. adding veth0 if vlan1 was already added and veth0 is a lower of\nvlan1.\n\nThis is not useful in practice and can lead to recursive locking:\n\n$ ip link add veth0 type veth peer name veth1\n$ ip link set veth0 up\n$ ip link set veth1 up\n$ ip link add link veth0 name veth0.1 type vlan protocol 802.1Q id 1\n$ ip link add team0 type team\n$ ip link set veth0.1 down\n$ ip link set veth0.1 master team0\nteam0: Port device veth0.1 added\n$ ip link set veth0 down\n$ ip link set veth0 master team0\n\n============================================\nWARNING: possible recursive locking detected\n6.13.0-rc2-virtme-00441-ga14a429069bb #46 Not tainted\n--------------------------------------------\nip/7684 is trying to acquire lock:\nffff888016848e00 (team-\u003eteam_lock_key){+.+.}-{4:4}, at: team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n\nbut task is already holding lock:\nffff888016848e00 (team-\u003eteam_lock_key){+.+.}-{4:4}, at: team_add_slave (drivers/net/team/team_core.c:1147 drivers/net/team/team_core.c:1977)\n\nother info that might help us debug this:\nPossible unsafe locking scenario:\n\nCPU0\n----\nlock(team-\u003eteam_lock_key);\nlock(team-\u003eteam_lock_key);\n\n*** DEADLOCK ***\n\nMay be due to missing lock nesting notation\n\n2 locks held by ip/7684:\n\nstack backtrace:\nCPU: 3 UID: 0 PID: 7684 Comm: ip Not tainted 6.13.0-rc2-virtme-00441-ga14a429069bb #46\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:122)\nprint_deadlock_bug.cold (kernel/locking/lockdep.c:3040)\n__lock_acquire (kernel/locking/lockdep.c:3893 kernel/locking/lockdep.c:5226)\n? netlink_broadcast_filtered (net/netlink/af_netlink.c:1548)\nlock_acquire.part.0 (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? trace_lock_acquire (./include/trace/events/lock.h:24 (discriminator 2))\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? lock_acquire (kernel/locking/lockdep.c:5822)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n__mutex_lock (kernel/locking/mutex.c:587 kernel/locking/mutex.c:735)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? fib_sync_up (net/ipv4/fib_semantics.c:2167)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\nteam_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\nnotifier_call_chain (kernel/notifier.c:85)\ncall_netdevice_notifiers_info (net/core/dev.c:1996)\n__dev_notify_flags (net/core/dev.c:8993)\n? __dev_change_flags (net/core/dev.c:8975)\ndev_change_flags (net/core/dev.c:9027)\nvlan_device_event (net/8021q/vlan.c:85 net/8021q/vlan.c:470)\n? br_device_event (net/bridge/br.c:143)\nnotifier_call_chain (kernel/notifier.c:85)\ncall_netdevice_notifiers_info (net/core/dev.c:1996)\ndev_open (net/core/dev.c:1519 net/core/dev.c:1505)\nteam_add_slave (drivers/net/team/team_core.c:1219 drivers/net/team/team_core.c:1977)\n? __pfx_team_add_slave (drivers/net/team/team_core.c:1972)\ndo_set_master (net/core/rtnetlink.c:2917)\ndo_setlink.isra.0 (net/core/rtnetlink.c:3117)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58071",
"url": "https://www.suse.com/security/cve/CVE-2024-58071"
},
{
"category": "external",
"summary": "SUSE Bug 1238970 for CVE-2024-58071",
"url": "https://bugzilla.suse.com/1238970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-58071"
},
{
"cve": "CVE-2024-58074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: Grab intel_display from the encoder to avoid potential oopsies\n\nGrab the intel_display from \u0027encoder\u0027 rather than \u0027state\u0027\nin the encoder hooks to avoid the massive footgun that is\nintel_sanitize_encoder(), which passes NULL as the \u0027state\u0027\nargument to encoder .disable() and .post_disable().\n\nTODO: figure out how to actually fix intel_sanitize_encoder()...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58074",
"url": "https://www.suse.com/security/cve/CVE-2024-58074"
},
{
"category": "external",
"summary": "SUSE Bug 1238972 for CVE-2024-58074",
"url": "https://bugzilla.suse.com/1238972"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-58074"
},
{
"cve": "CVE-2024-58083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Explicitly verify target vCPU is online in kvm_get_vcpu()\n\nExplicitly verify the target vCPU is fully online _prior_ to clamping the\nindex in kvm_get_vcpu(). If the index is \"bad\", the nospec clamping will\ngenerate \u00270\u0027, i.e. KVM will return vCPU0 instead of NULL.\n\nIn practice, the bug is unlikely to cause problems, as it will only come\ninto play if userspace or the guest is buggy or misbehaving, e.g. KVM may\nsend interrupts to vCPU0 instead of dropping them on the floor.\n\nHowever, returning vCPU0 when it shouldn\u0027t exist per online_vcpus is\nproblematic now that KVM uses an xarray for the vCPUs array, as KVM needs\nto insert into the xarray before publishing the vCPU to userspace (see\ncommit c5b077549136 (\"KVM: Convert the kvm-\u003evcpus array to a xarray\")),\ni.e. before vCPU creation is guaranteed to succeed.\n\nAs a result, incorrectly providing access to vCPU0 will trigger a\nuse-after-free if vCPU0 is dereferenced and kvm_vm_ioctl_create_vcpu()\nbails out of vCPU creation due to an error and frees vCPU0. Commit\nafb2acb2e3a3 (\"KVM: Fix vcpu_array[0] races\") papered over that issue, but\nin doing so introduced an unsolvable teardown conundrum. Preventing\naccesses to vCPU0 before it\u0027s fully online will allow reverting commit\nafb2acb2e3a3, without re-introducing the vcpu_array[0] UAF race.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58083",
"url": "https://www.suse.com/security/cve/CVE-2024-58083"
},
{
"category": "external",
"summary": "SUSE Bug 1239036 for CVE-2024-58083",
"url": "https://bugzilla.suse.com/1239036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-58083"
},
{
"cve": "CVE-2024-58088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix deadlock when freeing cgroup storage\n\nThe following commit\nbc235cdb423a (\"bpf: Prevent deadlock from recursive bpf_task_storage_[get|delete]\")\nfirst introduced deadlock prevention for fentry/fexit programs attaching\non bpf_task_storage helpers. That commit also employed the logic in map\nfree path in its v6 version.\n\nLater bpf_cgrp_storage was first introduced in\nc4bcfb38a95e (\"bpf: Implement cgroup storage available to non-cgroup-attached bpf progs\")\nwhich faces the same issue as bpf_task_storage, instead of its busy\ncounter, NULL was passed to bpf_local_storage_map_free() which opened\na window to cause deadlock:\n\n\t\u003cTASK\u003e\n\t\t(acquiring local_storage-\u003elock)\n\t_raw_spin_lock_irqsave+0x3d/0x50\n\tbpf_local_storage_update+0xd1/0x460\n\tbpf_cgrp_storage_get+0x109/0x130\n\tbpf_prog_a4d4a370ba857314_cgrp_ptr+0x139/0x170\n\t? __bpf_prog_enter_recur+0x16/0x80\n\tbpf_trampoline_6442485186+0x43/0xa4\n\tcgroup_storage_ptr+0x9/0x20\n\t\t(holding local_storage-\u003elock)\n\tbpf_selem_unlink_storage_nolock.constprop.0+0x135/0x160\n\tbpf_selem_unlink_storage+0x6f/0x110\n\tbpf_local_storage_map_free+0xa2/0x110\n\tbpf_map_free_deferred+0x5b/0x90\n\tprocess_one_work+0x17c/0x390\n\tworker_thread+0x251/0x360\n\tkthread+0xd2/0x100\n\tret_from_fork+0x34/0x50\n\tret_from_fork_asm+0x1a/0x30\n\t\u003c/TASK\u003e\n\nProgs:\n - A: SEC(\"fentry/cgroup_storage_ptr\")\n - cgid (BPF_MAP_TYPE_HASH)\n\tRecord the id of the cgroup the current task belonging\n\tto in this hash map, using the address of the cgroup\n\tas the map key.\n - cgrpa (BPF_MAP_TYPE_CGRP_STORAGE)\n\tIf current task is a kworker, lookup the above hash\n\tmap using function parameter @owner as the key to get\n\tits corresponding cgroup id which is then used to get\n\ta trusted pointer to the cgroup through\n\tbpf_cgroup_from_id(). This trusted pointer can then\n\tbe passed to bpf_cgrp_storage_get() to finally trigger\n\tthe deadlock issue.\n - B: SEC(\"tp_btf/sys_enter\")\n - cgrpb (BPF_MAP_TYPE_CGRP_STORAGE)\n\tThe only purpose of this prog is to fill Prog A\u0027s\n\thash map by calling bpf_cgrp_storage_get() for as\n\tmany userspace tasks as possible.\n\nSteps to reproduce:\n - Run A;\n - while (true) { Run B; Destroy B; }\n\nFix this issue by passing its busy counter to the free procedure so\nit can be properly incremented before storage/smap locking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58088",
"url": "https://www.suse.com/security/cve/CVE-2024-58088"
},
{
"category": "external",
"summary": "SUSE Bug 1239510 for CVE-2024-58088",
"url": "https://bugzilla.suse.com/1239510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-58088"
},
{
"cve": "CVE-2024-58091",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58091"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/fbdev-dma: Add shadow buffering for deferred I/O\n\nDMA areas are not necessarily backed by struct page, so we cannot\nrely on it for deferred I/O. Allocate a shadow buffer for drivers\nthat require deferred I/O and use it as framebuffer memory.\n\nFixes driver errors about being \"Unable to handle kernel NULL pointer\ndereference at virtual address\" or \"Unable to handle kernel paging\nrequest at virtual address\".\n\nThe patch splits drm_fbdev_dma_driver_fbdev_probe() in an initial\nallocation, which creates the DMA-backed buffer object, and a tail\nthat sets up the fbdev data structures. There is a tail function for\ndirect memory mappings and a tail function for deferred I/O with\nthe shadow buffer.\n\nIt is no longer possible to use deferred I/O without shadow buffer.\nIt can be re-added if there exists a reliably test for usable struct\npage in the allocated DMA-backed buffer object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58091",
"url": "https://www.suse.com/security/cve/CVE-2024-58091"
},
{
"category": "external",
"summary": "SUSE Bug 1240174 for CVE-2024-58091",
"url": "https://bugzilla.suse.com/1240174"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-58091"
},
{
"cve": "CVE-2024-58093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/ASPM: Fix link state exit during switch upstream function removal\n\nBefore 456d8aa37d0f (\"PCI/ASPM: Disable ASPM on MFD function removal to\navoid use-after-free\"), we would free the ASPM link only after the last\nfunction on the bus pertaining to the given link was removed.\n\nThat was too late. If function 0 is removed before sibling function,\nlink-\u003edownstream would point to free\u0027d memory after.\n\nAfter above change, we freed the ASPM parent link state upon any function\nremoval on the bus pertaining to a given link.\n\nThat is too early. If the link is to a PCIe switch with MFD on the upstream\nport, then removing functions other than 0 first would free a link which\nstill remains parent_link to the remaining downstream ports.\n\nThe resulting GPFs are especially frequent during hot-unplug, because\npciehp removes devices on the link bus in reverse order.\n\nOn that switch, function 0 is the virtual P2P bridge to the internal bus.\nFree exactly when function 0 is removed -- before the parent link is\nobsolete, but after all subordinate links are gone.\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58093",
"url": "https://www.suse.com/security/cve/CVE-2024-58093"
},
{
"category": "external",
"summary": "SUSE Bug 1241347 for CVE-2024-58093",
"url": "https://bugzilla.suse.com/1241347"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-58093"
},
{
"cve": "CVE-2024-58094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add check read-only before truncation in jfs_truncate_nolock()\n\nAdded a check for \"read-only\" mode in the `jfs_truncate_nolock`\nfunction to avoid errors related to writing to a read-only\nfilesystem.\n\nCall stack:\n\nblock_write_begin() {\n jfs_write_failed() {\n jfs_truncate() {\n jfs_truncate_nolock() {\n txEnd() {\n ...\n log = JFS_SBI(tblk-\u003esb)-\u003elog;\n // (log == NULL)\n\nIf the `isReadOnly(ip)` condition is triggered in\n`jfs_truncate_nolock`, the function execution will stop, and no\nfurther data modification will occur. Instead, the `xtTruncate`\nfunction will be called with the \"COMMIT_WMAP\" flag, preventing\nmodifications in \"read-only\" mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58094",
"url": "https://www.suse.com/security/cve/CVE-2024-58094"
},
{
"category": "external",
"summary": "SUSE Bug 1241443 for CVE-2024-58094",
"url": "https://bugzilla.suse.com/1241443"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-58094"
},
{
"cve": "CVE-2024-58095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add check read-only before txBeginAnon() call\n\nAdded a read-only check before calling `txBeginAnon` in `extAlloc`\nand `extRecord`. This prevents modification attempts on a read-only\nmounted filesystem, avoiding potential errors or crashes.\n\nCall trace:\n txBeginAnon+0xac/0x154\n extAlloc+0xe8/0xdec fs/jfs/jfs_extent.c:78\n jfs_get_block+0x340/0xb98 fs/jfs/inode.c:248\n __block_write_begin_int+0x580/0x166c fs/buffer.c:2128\n __block_write_begin fs/buffer.c:2177 [inline]\n block_write_begin+0x98/0x11c fs/buffer.c:2236\n jfs_write_begin+0x44/0x88 fs/jfs/inode.c:299",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58095",
"url": "https://www.suse.com/security/cve/CVE-2024-58095"
},
{
"category": "external",
"summary": "SUSE Bug 1241442 for CVE-2024-58095",
"url": "https://bugzilla.suse.com/1241442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-58095"
},
{
"cve": "CVE-2024-58096",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58096"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: add srng-\u003elock for ath11k_hal_srng_* in monitor mode\n\nath11k_hal_srng_* should be used with srng-\u003elock to protect srng data.\n\nFor ath11k_dp_rx_mon_dest_process() and ath11k_dp_full_mon_process_rx(),\nthey use ath11k_hal_srng_* for many times but never call srng-\u003elock.\n\nSo when running (full) monitor mode, warning will occur:\nRIP: 0010:ath11k_hal_srng_dst_peek+0x18/0x30 [ath11k]\nCall Trace:\n ? ath11k_hal_srng_dst_peek+0x18/0x30 [ath11k]\n ath11k_dp_rx_process_mon_status+0xc45/0x1190 [ath11k]\n ? idr_alloc_u32+0x97/0xd0\n ath11k_dp_rx_process_mon_rings+0x32a/0x550 [ath11k]\n ath11k_dp_service_srng+0x289/0x5a0 [ath11k]\n ath11k_pcic_ext_grp_napi_poll+0x30/0xd0 [ath11k]\n __napi_poll+0x30/0x1f0\n net_rx_action+0x198/0x320\n __do_softirq+0xdd/0x319\n\nSo add srng-\u003elock for them to avoid such warnings.\n\nInorder to fetch the srng-\u003elock, should change srng\u0027s definition from\n\u0027void\u0027 to \u0027struct hal_srng\u0027. And initialize them elsewhere to prevent\none line of code from being too long. This is consistent with other ring\nprocess functions, such as ath11k_dp_process_rx().\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30\nTested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58096",
"url": "https://www.suse.com/security/cve/CVE-2024-58096"
},
{
"category": "external",
"summary": "SUSE Bug 1241344 for CVE-2024-58096",
"url": "https://bugzilla.suse.com/1241344"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-58096"
},
{
"cve": "CVE-2024-58097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix RCU stall while reaping monitor destination ring\n\nWhile processing the monitor destination ring, MSDUs are reaped from the\nlink descriptor based on the corresponding buf_id.\n\nHowever, sometimes the driver cannot obtain a valid buffer corresponding\nto the buf_id received from the hardware. This causes an infinite loop\nin the destination processing, resulting in a kernel crash.\n\nkernel log:\nath11k_pci 0000:58:00.0: data msdu_pop: invalid buf_id 309\nath11k_pci 0000:58:00.0: data dp_rx_monitor_link_desc_return failed\nath11k_pci 0000:58:00.0: data msdu_pop: invalid buf_id 309\nath11k_pci 0000:58:00.0: data dp_rx_monitor_link_desc_return failed\n\nFix this by skipping the problematic buf_id and reaping the next entry,\nreplacing the break with the next MSDU processing.\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30\nTested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58097",
"url": "https://www.suse.com/security/cve/CVE-2024-58097"
},
{
"category": "external",
"summary": "SUSE Bug 1241343 for CVE-2024-58097",
"url": "https://bugzilla.suse.com/1241343"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-58097"
},
{
"cve": "CVE-2025-21635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe per-netns structure can be obtained from the table-\u003edata using\ncontainer_of(), then the \u0027net\u0027 one can be retrieved from the listen\nsocket (if available).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21635",
"url": "https://www.suse.com/security/cve/CVE-2025-21635"
},
{
"category": "external",
"summary": "SUSE Bug 1236111 for CVE-2025-21635",
"url": "https://bugzilla.suse.com/1236111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21635"
},
{
"cve": "CVE-2025-21648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\n\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\nresizing hashtable because __GFP_NOWARN is unset. See:\n\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\n\nNote: hashtable resize is only possible from init_netns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21648",
"url": "https://www.suse.com/security/cve/CVE-2025-21648"
},
{
"category": "external",
"summary": "SUSE Bug 1236142 for CVE-2025-21648",
"url": "https://bugzilla.suse.com/1236142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21648"
},
{
"cve": "CVE-2025-21659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdev: prevent accessing NAPI instances from another namespace\n\nThe NAPI IDs were not fully exposed to user space prior to the netlink\nAPI, so they were never namespaced. The netlink API must ensure that\nat the very least NAPI instance belongs to the same netns as the owner\nof the genl sock.\n\nnapi_by_id() can become static now, but it needs to move because of\ndev_get_by_napi_id().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21659",
"url": "https://www.suse.com/security/cve/CVE-2025-21659"
},
{
"category": "external",
"summary": "SUSE Bug 1236206 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "external",
"summary": "SUSE Bug 1236207 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2025-21659"
},
{
"cve": "CVE-2025-21683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix bpf_sk_select_reuseport() memory leak\n\nAs pointed out in the original comment, lookup in sockmap can return a TCP\nESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUSEPORT_EBPF\nset before it was ESTABLISHED. In other words, a non-NULL sk_reuseport_cb\ndoes not imply a non-refcounted socket.\n\nDrop sk\u0027s reference in both error paths.\n\nunreferenced object 0xffff888101911800 (size 2048):\n comm \"test_progs\", pid 44109, jiffies 4297131437\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 80 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 9336483b):\n __kmalloc_noprof+0x3bf/0x560\n __reuseport_alloc+0x1d/0x40\n reuseport_alloc+0xca/0x150\n reuseport_attach_prog+0x87/0x140\n sk_reuseport_attach_bpf+0xc8/0x100\n sk_setsockopt+0x1181/0x1990\n do_sock_setsockopt+0x12b/0x160\n __sys_setsockopt+0x7b/0xc0\n __x64_sys_setsockopt+0x1b/0x30\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21683",
"url": "https://www.suse.com/security/cve/CVE-2025-21683"
},
{
"category": "external",
"summary": "SUSE Bug 1236704 for CVE-2025-21683",
"url": "https://bugzilla.suse.com/1236704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "low"
}
],
"title": "CVE-2025-21683"
},
{
"cve": "CVE-2025-21696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21696"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: clear uffd-wp PTE/PMD state on mremap()\n\nWhen mremap()ing a memory region previously registered with userfaultfd as\nwrite-protected but without UFFD_FEATURE_EVENT_REMAP, an inconsistency in\nflag clearing leads to a mismatch between the vma flags (which have\nuffd-wp cleared) and the pte/pmd flags (which do not have uffd-wp\ncleared). This mismatch causes a subsequent mprotect(PROT_WRITE) to\ntrigger a warning in page_table_check_pte_flags() due to setting the pte\nto writable while uffd-wp is still set.\n\nFix this by always explicitly clearing the uffd-wp pte/pmd flags on any\nsuch mremap() so that the values are consistent with the existing clearing\nof VM_UFFD_WP. Be careful to clear the logical flag regardless of its\nphysical form; a PTE bit, a swap PTE bit, or a PTE marker. Cover PTE,\nhuge PMD and hugetlb paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21696",
"url": "https://www.suse.com/security/cve/CVE-2025-21696"
},
{
"category": "external",
"summary": "SUSE Bug 1237111 for CVE-2025-21696",
"url": "https://bugzilla.suse.com/1237111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21696"
},
{
"cve": "CVE-2025-21701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid race between device unregistration and ethnl ops\n\nThe following trace can be seen if a device is being unregistered while\nits number of channels are being modified.\n\n DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120\n CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771\n RIP: 0010:__mutex_lock+0xc8a/0x1120\n Call Trace:\n \u003cTASK\u003e\n ethtool_check_max_channel+0x1ea/0x880\n ethnl_set_channels+0x3c3/0xb10\n ethnl_default_set_doit+0x306/0x650\n genl_family_rcv_msg_doit+0x1e3/0x2c0\n genl_rcv_msg+0x432/0x6f0\n netlink_rcv_skb+0x13d/0x3b0\n genl_rcv+0x28/0x40\n netlink_unicast+0x42e/0x720\n netlink_sendmsg+0x765/0xc20\n __sys_sendto+0x3ac/0x420\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x95/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThis is because unregister_netdevice_many_notify might run before the\nrtnl lock section of ethnl operations, eg. set_channels in the above\nexample. In this example the rss lock would be destroyed by the device\nunregistration path before being used again, but in general running\nethnl operations while dismantle has started is not a good idea.\n\nFix this by denying any operation on devices being unregistered. A check\nwas already there in ethnl_ops_begin, but not wide enough.\n\nNote that the same issue cannot be seen on the ioctl version\n(__dev_ethtool) because the device reference is retrieved from within\nthe rtnl lock section there. Once dismantle started, the net device is\nunlisted and no reference will be found.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21701",
"url": "https://www.suse.com/security/cve/CVE-2025-21701"
},
{
"category": "external",
"summary": "SUSE Bug 1237164 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "external",
"summary": "SUSE Bug 1245805 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1245805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog()\n\nqdisc_tree_reduce_backlog() notifies parent qdisc only if child\nqdisc becomes empty, therefore we need to reduce the backlog of the\nchild qdisc before calling it. Otherwise it would miss the opportunity\nto call cops-\u003eqlen_notify(), in the case of DRR, it resulted in UAF\nsince DRR uses -\u003eqlen_notify() to maintain its active list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21703",
"url": "https://www.suse.com/security/cve/CVE-2025-21703"
},
{
"category": "external",
"summary": "SUSE Bug 1237313 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "external",
"summary": "SUSE Bug 1245796 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1245796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2025-21703"
},
{
"cve": "CVE-2025-21706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21706"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only set fullmesh for subflow endp\n\nWith the in-kernel path-manager, it is possible to change the \u0027fullmesh\u0027\nflag. The code in mptcp_pm_nl_fullmesh() expects to change it only on\n\u0027subflow\u0027 endpoints, to recreate more or less subflows using the linked\naddress.\n\nUnfortunately, the set_flags() hook was a bit more permissive, and\nallowed \u0027implicit\u0027 endpoints to get the \u0027fullmesh\u0027 flag while it is not\nallowed before.\n\nThat\u0027s what syzbot found, triggering the following warning:\n\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 __mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Modules linked in:\n CPU: 0 UID: 0 PID: 6499 Comm: syz.1.413 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n RIP: 0010:mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n RIP: 0010:mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Code: 01 00 00 49 89 c5 e8 fb 45 e8 f5 e9 b8 fc ff ff e8 f1 45 e8 f5 4c 89 f7 be 03 00 00 00 e8 44 1d 0b f9 eb a0 e8 dd 45 e8 f5 90 \u003c0f\u003e 0b 90 e9 17 ff ff ff 89 d9 80 e1 07 38 c1 0f 8c c9 fc ff ff 48\n RSP: 0018:ffffc9000d307240 EFLAGS: 00010293\n RAX: ffffffff8bb72e03 RBX: 0000000000000000 RCX: ffff88807da88000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000d307430 R08: ffffffff8bb72cf0 R09: 1ffff1100b842a5e\n R10: dffffc0000000000 R11: ffffed100b842a5f R12: ffff88801e2e5ac0\n R13: ffff88805c214800 R14: ffff88805c2152e8 R15: 1ffff1100b842a5d\n FS: 00005555619f6500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020002840 CR3: 00000000247e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2542\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f5fe8785d29\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007fff571f5558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f5fe8975fa0 RCX: 00007f5fe8785d29\n RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000007\n RBP: 00007f5fe8801b08 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 00007f5fe8975fa0 R14: 00007f5fe8975fa0 R15: 000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21706",
"url": "https://www.suse.com/security/cve/CVE-2025-21706"
},
{
"category": "external",
"summary": "SUSE Bug 1238528 for CVE-2025-21706",
"url": "https://bugzilla.suse.com/1238528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21706"
},
{
"cve": "CVE-2025-21707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21707"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: consolidate suboption status\n\nMPTCP maintains the received sub-options status is the bitmask carrying\nthe received suboptions and in several bitfields carrying per suboption\nadditional info.\n\nZeroing the bitmask before parsing is not enough to ensure a consistent\nstatus, and the MPTCP code has to additionally clear some bitfiled\ndepending on the actually parsed suboption.\n\nThe above schema is fragile, and syzbot managed to trigger a path where\na relevant bitfield is not cleared/initialized:\n\n BUG: KMSAN: uninit-value in __mptcp_expand_seq net/mptcp/options.c:1030 [inline]\n BUG: KMSAN: uninit-value in mptcp_expand_seq net/mptcp/protocol.h:864 [inline]\n BUG: KMSAN: uninit-value in ack_update_msk net/mptcp/options.c:1060 [inline]\n BUG: KMSAN: uninit-value in mptcp_incoming_options+0x2036/0x3d30 net/mptcp/options.c:1209\n __mptcp_expand_seq net/mptcp/options.c:1030 [inline]\n mptcp_expand_seq net/mptcp/protocol.h:864 [inline]\n ack_update_msk net/mptcp/options.c:1060 [inline]\n mptcp_incoming_options+0x2036/0x3d30 net/mptcp/options.c:1209\n tcp_data_queue+0xb4/0x7be0 net/ipv4/tcp_input.c:5233\n tcp_rcv_established+0x1061/0x2510 net/ipv4/tcp_input.c:6264\n tcp_v4_do_rcv+0x7f3/0x11a0 net/ipv4/tcp_ipv4.c:1916\n tcp_v4_rcv+0x51df/0x5750 net/ipv4/tcp_ipv4.c:2351\n ip_protocol_deliver_rcu+0x2a3/0x13d0 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:460 [inline]\n ip_rcv_finish+0x4a2/0x520 net/ipv4/ip_input.c:447\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_rcv+0xcd/0x380 net/ipv4/ip_input.c:567\n __netif_receive_skb_one_core net/core/dev.c:5704 [inline]\n __netif_receive_skb+0x319/0xa00 net/core/dev.c:5817\n process_backlog+0x4ad/0xa50 net/core/dev.c:6149\n __napi_poll+0xe7/0x980 net/core/dev.c:6902\n napi_poll net/core/dev.c:6971 [inline]\n net_rx_action+0xa5a/0x19b0 net/core/dev.c:7093\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4493\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_hh_output include/net/neighbour.h:523 [inline]\n neigh_output include/net/neighbour.h:537 [inline]\n ip_finish_output2+0x187c/0x1b70 net/ipv4/ip_output.c:236\n __ip_finish_output+0x287/0x810\n ip_finish_output+0x4b/0x600 net/ipv4/ip_output.c:324\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip_output+0x15f/0x3f0 net/ipv4/ip_output.c:434\n dst_output include/net/dst.h:450 [inline]\n ip_local_out net/ipv4/ip_output.c:130 [inline]\n __ip_queue_xmit+0x1f2a/0x20d0 net/ipv4/ip_output.c:536\n ip_queue_xmit+0x60/0x80 net/ipv4/ip_output.c:550\n __tcp_transmit_skb+0x3cea/0x4900 net/ipv4/tcp_output.c:1468\n tcp_transmit_skb net/ipv4/tcp_output.c:1486 [inline]\n tcp_write_xmit+0x3b90/0x9070 net/ipv4/tcp_output.c:2829\n __tcp_push_pending_frames+0xc4/0x380 net/ipv4/tcp_output.c:3012\n tcp_send_fin+0x9f6/0xf50 net/ipv4/tcp_output.c:3618\n __tcp_close+0x140c/0x1550 net/ipv4/tcp.c:3130\n __mptcp_close_ssk+0x74e/0x16f0 net/mptcp/protocol.c:2496\n mptcp_close_ssk+0x26b/0x2c0 net/mptcp/protocol.c:2550\n mptcp_pm_nl_rm_addr_or_subflow+0x635/0xd10 net/mptcp/pm_netlink.c:889\n mptcp_pm_nl_rm_subflow_received net/mptcp/pm_netlink.c:924 [inline]\n mptcp_pm_flush_addrs_and_subflows net/mptcp/pm_netlink.c:1688 [inline]\n mptcp_nl_flush_addrs_list net/mptcp/pm_netlink.c:1709 [inline]\n mptcp_pm_nl_flush_addrs_doit+0xe10/0x1630 net/mptcp/pm_netlink.c:1750\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21707",
"url": "https://www.suse.com/security/cve/CVE-2025-21707"
},
{
"category": "external",
"summary": "SUSE Bug 1238862 for CVE-2025-21707",
"url": "https://bugzilla.suse.com/1238862"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21707"
},
{
"cve": "CVE-2025-21717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21717"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: add missing cpu_to_node to kvzalloc_node in mlx5e_open_xdpredirect_sq\n\nkvzalloc_node is not doing a runtime check on the node argument\n(__alloc_pages_node_noprof does have a VM_BUG_ON, but it expands to\nnothing on !CONFIG_DEBUG_VM builds), so doing any ethtool/netlink\noperation that calls mlx5e_open on a CPU that\u0027s larger that MAX_NUMNODES\ntriggers OOB access and panic (see the trace below).\n\nAdd missing cpu_to_node call to convert cpu id to node id.\n\n[ 165.427394] mlx5_core 0000:5c:00.0 beth1: Link up\n[ 166.479327] BUG: unable to handle page fault for address: 0000000800000010\n[ 166.494592] #PF: supervisor read access in kernel mode\n[ 166.505995] #PF: error_code(0x0000) - not-present page\n...\n[ 166.816958] Call Trace:\n[ 166.822380] \u003cTASK\u003e\n[ 166.827034] ? __die_body+0x64/0xb0\n[ 166.834774] ? page_fault_oops+0x2cd/0x3f0\n[ 166.843862] ? exc_page_fault+0x63/0x130\n[ 166.852564] ? asm_exc_page_fault+0x22/0x30\n[ 166.861843] ? __kvmalloc_node_noprof+0x43/0xd0\n[ 166.871897] ? get_partial_node+0x1c/0x320\n[ 166.880983] ? deactivate_slab+0x269/0x2b0\n[ 166.890069] ___slab_alloc+0x521/0xa90\n[ 166.898389] ? __kvmalloc_node_noprof+0x43/0xd0\n[ 166.908442] __kmalloc_node_noprof+0x216/0x3f0\n[ 166.918302] ? __kvmalloc_node_noprof+0x43/0xd0\n[ 166.928354] __kvmalloc_node_noprof+0x43/0xd0\n[ 166.938021] mlx5e_open_channels+0x5e2/0xc00\n[ 166.947496] mlx5e_open_locked+0x3e/0xf0\n[ 166.956201] mlx5e_open+0x23/0x50\n[ 166.963551] __dev_open+0x114/0x1c0\n[ 166.971292] __dev_change_flags+0xa2/0x1b0\n[ 166.980378] dev_change_flags+0x21/0x60\n[ 166.988887] do_setlink+0x38d/0xf20\n[ 166.996628] ? ep_poll_callback+0x1b9/0x240\n[ 167.005910] ? __nla_validate_parse.llvm.10713395753544950386+0x80/0xd70\n[ 167.020782] ? __wake_up_sync_key+0x52/0x80\n[ 167.030066] ? __mutex_lock+0xff/0x550\n[ 167.038382] ? security_capable+0x50/0x90\n[ 167.047279] rtnl_setlink+0x1c9/0x210\n[ 167.055403] ? ep_poll_callback+0x1b9/0x240\n[ 167.064684] ? security_capable+0x50/0x90\n[ 167.073579] rtnetlink_rcv_msg+0x2f9/0x310\n[ 167.082667] ? rtnetlink_bind+0x30/0x30\n[ 167.091173] netlink_rcv_skb+0xb1/0xe0\n[ 167.099492] netlink_unicast+0x20f/0x2e0\n[ 167.108191] netlink_sendmsg+0x389/0x420\n[ 167.116896] __sys_sendto+0x158/0x1c0\n[ 167.125024] __x64_sys_sendto+0x22/0x30\n[ 167.133534] do_syscall_64+0x63/0x130\n[ 167.141657] ? __irq_exit_rcu.llvm.17843942359718260576+0x52/0xd0\n[ 167.155181] entry_SYSCALL_64_after_hwframe+0x4b/0x53",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21717",
"url": "https://www.suse.com/security/cve/CVE-2025-21717"
},
{
"category": "external",
"summary": "SUSE Bug 1238866 for CVE-2025-21717",
"url": "https://bugzilla.suse.com/1238866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21717"
},
{
"cve": "CVE-2025-21729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21729"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: fix race between cancel_hw_scan and hw_scan completion\n\nThe rtwdev-\u003escanning flag isn\u0027t protected by mutex originally, so\ncancel_hw_scan can pass the condition, but suddenly hw_scan completion\nunset the flag and calls ieee80211_scan_completed() that will free\nlocal-\u003ehw_scan_req. Then, cancel_hw_scan raises null-ptr-deref and\nuse-after-free. Fix it by moving the check condition to where\nprotected by mutex.\n\n KASAN: null-ptr-deref in range [0x0000000000000088-0x000000000000008f]\n CPU: 2 PID: 6922 Comm: kworker/2:2 Tainted: G OE\n Hardware name: LENOVO 2356AD1/2356AD1, BIOS G7ETB6WW (2.76 ) 09/10/2019\n Workqueue: events cfg80211_conn_work [cfg80211]\n RIP: 0010:rtw89_fw_h2c_scan_offload_be+0xc33/0x13c3 [rtw89_core]\n Code: 00 45 89 6c 24 1c 0f 85 23 01 00 00 48 8b 85 20 ff ff ff 48 8d\n RSP: 0018:ffff88811fd9f068 EFLAGS: 00010206\n RAX: dffffc0000000000 RBX: ffff88811fd9f258 RCX: 0000000000000001\n RDX: 0000000000000011 RSI: 0000000000000001 RDI: 0000000000000089\n RBP: ffff88811fd9f170 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff88811fd9f108 R11: 0000000000000000 R12: ffff88810e47f960\n R13: 0000000000000000 R14: 000000000000ffff R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8881d6f00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007531dfca55b0 CR3: 00000001be296004 CR4: 00000000001706e0\n Call Trace:\n \u003cTASK\u003e\n ? show_regs+0x61/0x73\n ? __die_body+0x20/0x73\n ? die_addr+0x4f/0x7b\n ? exc_general_protection+0x191/0x1db\n ? asm_exc_general_protection+0x27/0x30\n ? rtw89_fw_h2c_scan_offload_be+0xc33/0x13c3 [rtw89_core]\n ? rtw89_fw_h2c_scan_offload_be+0x458/0x13c3 [rtw89_core]\n ? __pfx_rtw89_fw_h2c_scan_offload_be+0x10/0x10 [rtw89_core]\n ? do_raw_spin_lock+0x75/0xdb\n ? __pfx_do_raw_spin_lock+0x10/0x10\n rtw89_hw_scan_offload+0xb5e/0xbf7 [rtw89_core]\n ? _raw_spin_unlock+0xe/0x24\n ? __mutex_lock.constprop.0+0x40c/0x471\n ? __pfx_rtw89_hw_scan_offload+0x10/0x10 [rtw89_core]\n ? __mutex_lock_slowpath+0x13/0x1f\n ? mutex_lock+0xa2/0xdc\n ? __pfx_mutex_lock+0x10/0x10\n rtw89_hw_scan_abort+0x58/0xb7 [rtw89_core]\n rtw89_ops_cancel_hw_scan+0x120/0x13b [rtw89_core]\n ieee80211_scan_cancel+0x468/0x4d0 [mac80211]\n ieee80211_prep_connection+0x858/0x899 [mac80211]\n ieee80211_mgd_auth+0xbea/0xdde [mac80211]\n ? __pfx_ieee80211_mgd_auth+0x10/0x10 [mac80211]\n ? cfg80211_find_elem+0x15/0x29 [cfg80211]\n ? is_bss+0x1b7/0x1d7 [cfg80211]\n ieee80211_auth+0x18/0x27 [mac80211]\n cfg80211_mlme_auth+0x3bb/0x3e7 [cfg80211]\n cfg80211_conn_do_work+0x410/0xb81 [cfg80211]\n ? __pfx_cfg80211_conn_do_work+0x10/0x10 [cfg80211]\n ? __kasan_check_read+0x11/0x1f\n ? psi_group_change+0x8bc/0x944\n ? __kasan_check_write+0x14/0x22\n ? mutex_lock+0x8e/0xdc\n ? __pfx_mutex_lock+0x10/0x10\n ? __pfx___radix_tree_lookup+0x10/0x10\n cfg80211_conn_work+0x245/0x34d [cfg80211]\n ? __pfx_cfg80211_conn_work+0x10/0x10 [cfg80211]\n ? update_cfs_rq_load_avg+0x3bc/0x3d7\n ? sched_clock_noinstr+0x9/0x1a\n ? sched_clock+0x10/0x24\n ? sched_clock_cpu+0x7e/0x42e\n ? newidle_balance+0x796/0x937\n ? __pfx_sched_clock_cpu+0x10/0x10\n ? __pfx_newidle_balance+0x10/0x10\n ? __kasan_check_read+0x11/0x1f\n ? psi_group_change+0x8bc/0x944\n ? _raw_spin_unlock+0xe/0x24\n ? raw_spin_rq_unlock+0x47/0x54\n ? raw_spin_rq_unlock_irq+0x9/0x1f\n ? finish_task_switch.isra.0+0x347/0x586\n ? __schedule+0x27bf/0x2892\n ? mutex_unlock+0x80/0xd0\n ? do_raw_spin_lock+0x75/0xdb\n ? __pfx___schedule+0x10/0x10\n process_scheduled_works+0x58c/0x821\n worker_thread+0x4c7/0x586\n ? __kasan_check_read+0x11/0x1f\n kthread+0x285/0x294\n ? __pfx_worker_thread+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x6f\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21729",
"url": "https://www.suse.com/security/cve/CVE-2025-21729"
},
{
"category": "external",
"summary": "SUSE Bug 1237874 for CVE-2025-21729",
"url": "https://bugzilla.suse.com/1237874"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21729"
},
{
"cve": "CVE-2025-21739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix use-after free in init error and remove paths\n\ndevm_blk_crypto_profile_init() registers a cleanup handler to run when\nthe associated (platform-) device is being released. For UFS, the\ncrypto private data and pointers are stored as part of the ufs_hba\u0027s\ndata structure \u0027struct ufs_hba::crypto_profile\u0027. This structure is\nallocated as part of the underlying ufshcd and therefore Scsi_host\nallocation.\n\nDuring driver release or during error handling in ufshcd_pltfrm_init(),\nthis structure is released as part of ufshcd_dealloc_host() before the\n(platform-) device associated with the crypto call above is released.\nOnce this device is released, the crypto cleanup code will run, using\nthe just-released \u0027struct ufs_hba::crypto_profile\u0027. This causes a\nuse-after-free situation:\n\n Call trace:\n kfree+0x60/0x2d8 (P)\n kvfree+0x44/0x60\n blk_crypto_profile_destroy_callback+0x28/0x70\n devm_action_release+0x1c/0x30\n release_nodes+0x6c/0x108\n devres_release_all+0x98/0x100\n device_unbind_cleanup+0x20/0x70\n really_probe+0x218/0x2d0\n\nIn other words, the initialisation code flow is:\n\n platform-device probe\n ufshcd_pltfrm_init()\n ufshcd_alloc_host()\n scsi_host_alloc()\n allocation of struct ufs_hba\n creation of scsi-host devices\n devm_blk_crypto_profile_init()\n devm registration of cleanup handler using platform-device\n\nand during error handling of ufshcd_pltfrm_init() or during driver\nremoval:\n\n ufshcd_dealloc_host()\n scsi_host_put()\n put_device(scsi-host)\n release of struct ufs_hba\n put_device(platform-device)\n crypto cleanup handler\n\nTo fix this use-after free, change ufshcd_alloc_host() to register a\ndevres action to automatically cleanup the underlying SCSI device on\nufshcd destruction, without requiring explicit calls to\nufshcd_dealloc_host(). This way:\n\n * the crypto profile and all other ufs_hba-owned resources are\n destroyed before SCSI (as they\u0027ve been registered after)\n * a memleak is plugged in tc-dwc-g210-pci.c remove() as a\n side-effect\n * EXPORT_SYMBOL_GPL(ufshcd_dealloc_host) can be removed fully as\n it\u0027s not needed anymore\n * no future drivers using ufshcd_alloc_host() could ever forget\n adding the cleanup",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21739",
"url": "https://www.suse.com/security/cve/CVE-2025-21739"
},
{
"category": "external",
"summary": "SUSE Bug 1238506 for CVE-2025-21739",
"url": "https://bugzilla.suse.com/1238506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21739"
},
{
"cve": "CVE-2025-21753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21753"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free when attempting to join an aborted transaction\n\nWhen we are trying to join the current transaction and if it\u0027s aborted,\nwe read its \u0027aborted\u0027 field after unlocking fs_info-\u003etrans_lock and\nwithout holding any extra reference count on it. This means that a\nconcurrent task that is aborting the transaction may free the transaction\nbefore we read its \u0027aborted\u0027 field, leading to a use-after-free.\n\nFix this by reading the \u0027aborted\u0027 field while holding fs_info-\u003etrans_lock\nsince any freeing task must first acquire that lock and set\nfs_info-\u003erunning_transaction to NULL before freeing the transaction.\n\nThis was reported by syzbot and Dmitry with the following stack traces\nfrom KASAN:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n Read of size 4 at addr ffff888011839024 by task kworker/u4:9/1128\n\n CPU: 0 UID: 0 PID: 1128 Comm: kworker/u4:9 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Workqueue: events_unbound btrfs_async_reclaim_data_space\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n flush_space+0x448/0xcf0 fs/btrfs/space-info.c:803\n btrfs_async_reclaim_data_space+0x159/0x510 fs/btrfs/space-info.c:1321\n process_one_work kernel/workqueue.c:3236 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3317\n worker_thread+0x870/0xd30 kernel/workqueue.c:3398\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\n Allocated by task 5315:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n join_transaction+0x144/0xda0 fs/btrfs/transaction.c:308\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n btrfs_create_common+0x1b2/0x2e0 fs/btrfs/inode.c:6572\n lookup_open fs/namei.c:3649 [inline]\n open_last_lookups fs/namei.c:3748 [inline]\n path_openat+0x1c03/0x3590 fs/namei.c:3984\n do_filp_open+0x27f/0x4e0 fs/namei.c:4014\n do_sys_openat2+0x13e/0x1d0 fs/open.c:1402\n do_sys_open fs/open.c:1417 [inline]\n __do_sys_creat fs/open.c:1495 [inline]\n __se_sys_creat fs/open.c:1489 [inline]\n __x64_sys_creat+0x123/0x170 fs/open.c:1489\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 5336:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n cleanup_transaction fs/btrfs/transaction.c:2063 [inline]\n btrfs_commit_transaction+0x2c97/0x3720 fs/btrfs/transaction.c:2598\n insert_balance_item+0x1284/0x20b0 fs/btrfs/volumes.c:3757\n btrfs_balance+0x992/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21753",
"url": "https://www.suse.com/security/cve/CVE-2025-21753"
},
{
"category": "external",
"summary": "SUSE Bug 1237875 for CVE-2025-21753",
"url": "https://bugzilla.suse.com/1237875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21753"
},
{
"cve": "CVE-2025-21755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21755"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21755",
"url": "https://www.suse.com/security/cve/CVE-2025-21755"
},
{
"category": "external",
"summary": "SUSE Bug 1237882 for CVE-2025-21755",
"url": "https://bugzilla.suse.com/1237882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21755"
},
{
"cve": "CVE-2025-21758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: add RCU protection to mld_newpack()\n\nmld_newpack() can be called without RTNL or RCU being held.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21758",
"url": "https://www.suse.com/security/cve/CVE-2025-21758"
},
{
"category": "external",
"summary": "SUSE Bug 1238737 for CVE-2025-21758",
"url": "https://bugzilla.suse.com/1238737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21758"
},
{
"cve": "CVE-2025-21759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: extend RCU protection in igmp6_send()\n\nigmp6_send() can be called without RTNL or RCU being held.\n\nExtend RCU protection so that we can safely fetch the net pointer\nand avoid a potential UAF.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21759",
"url": "https://www.suse.com/security/cve/CVE-2025-21759"
},
{
"category": "external",
"summary": "SUSE Bug 1238738 for CVE-2025-21759",
"url": "https://bugzilla.suse.com/1238738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21759"
},
{
"cve": "CVE-2025-21760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21760"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: extend RCU protection in ndisc_send_skb()\n\nndisc_send_skb() can be called without RTNL or RCU held.\n\nAcquire rcu_read_lock() earlier, so that we can use dev_net_rcu()\nand avoid a potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21760",
"url": "https://www.suse.com/security/cve/CVE-2025-21760"
},
{
"category": "external",
"summary": "SUSE Bug 1238763 for CVE-2025-21760",
"url": "https://bugzilla.suse.com/1238763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21760"
},
{
"cve": "CVE-2025-21761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: use RCU protection in ovs_vport_cmd_fill_info()\n\novs_vport_cmd_fill_info() can be called without RTNL or RCU.\n\nUse RCU protection and dev_net_rcu() to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21761",
"url": "https://www.suse.com/security/cve/CVE-2025-21761"
},
{
"category": "external",
"summary": "SUSE Bug 1238775 for CVE-2025-21761",
"url": "https://bugzilla.suse.com/1238775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21761"
},
{
"cve": "CVE-2025-21762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: use RCU protection in arp_xmit()\n\narp_xmit() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21762",
"url": "https://www.suse.com/security/cve/CVE-2025-21762"
},
{
"category": "external",
"summary": "SUSE Bug 1238780 for CVE-2025-21762",
"url": "https://bugzilla.suse.com/1238780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21762"
},
{
"cve": "CVE-2025-21763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nneighbour: use RCU protection in __neigh_notify()\n\n__neigh_notify() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21763",
"url": "https://www.suse.com/security/cve/CVE-2025-21763"
},
{
"category": "external",
"summary": "SUSE Bug 1237897 for CVE-2025-21763",
"url": "https://bugzilla.suse.com/1237897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21763"
},
{
"cve": "CVE-2025-21764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: use RCU protection in ndisc_alloc_skb()\n\nndisc_alloc_skb() can be called without RTNL or RCU being held.\n\nAdd RCU protection to avoid possible UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21764",
"url": "https://www.suse.com/security/cve/CVE-2025-21764"
},
{
"category": "external",
"summary": "SUSE Bug 1237885 for CVE-2025-21764",
"url": "https://bugzilla.suse.com/1237885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU protection in ip6_default_advmss()\n\nip6_default_advmss() needs rcu protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21765",
"url": "https://www.suse.com/security/cve/CVE-2025-21765"
},
{
"category": "external",
"summary": "SUSE Bug 1237906 for CVE-2025-21765",
"url": "https://bugzilla.suse.com/1237906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: use RCU protection in __ip_rt_update_pmtu()\n\n__ip_rt_update_pmtu() must use RCU protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21766",
"url": "https://www.suse.com/security/cve/CVE-2025-21766"
},
{
"category": "external",
"summary": "SUSE Bug 1238754 for CVE-2025-21766",
"url": "https://bugzilla.suse.com/1238754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels\n\nSome lwtunnels have a dst cache for post-transformation dst.\nIf the packet destination did not change we may end up recording\na reference to the lwtunnel in its own cache, and the lwtunnel\nstate will never be freed.\n\nDiscovered by the ioam6.sh test, kmemleak was recently fixed\nto catch per-cpu memory leaks. I\u0027m not sure if rpl and seg6\ncan actually hit this, but in principle I don\u0027t see why not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21768",
"url": "https://www.suse.com/security/cve/CVE-2025-21768"
},
{
"category": "external",
"summary": "SUSE Bug 1238714 for CVE-2025-21768",
"url": "https://bugzilla.suse.com/1238714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21768"
},
{
"cve": "CVE-2025-21772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n (which results in partition table entries straddling sector boundaries),\n bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n termination - use strnlen() and strncmp() instead of strlen() and\n strcmp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21772",
"url": "https://www.suse.com/security/cve/CVE-2025-21772"
},
{
"category": "external",
"summary": "SUSE Bug 1238911 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "external",
"summary": "SUSE Bug 1238912 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: fix a oob in orangefs_debug_write\n\nI got a syzbot report: slab-out-of-bounds Read in\norangefs_debug_write... several people suggested fixes,\nI tested Al Viro\u0027s suggestion and made this patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21782",
"url": "https://www.suse.com/security/cve/CVE-2025-21782"
},
{
"category": "external",
"summary": "SUSE Bug 1239117 for CVE-2025-21782",
"url": "https://bugzilla.suse.com/1239117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21782"
},
{
"cve": "CVE-2025-21787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: better TEAM_OPTION_TYPE_STRING validation\n\nsyzbot reported following splat [1]\n\nMake sure user-provided data contains one nul byte.\n\n[1]\n BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inline]\n BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714\n string_nocheck lib/vsprintf.c:633 [inline]\n string+0x3ec/0x5f0 lib/vsprintf.c:714\n vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843\n __request_module+0x252/0x9f0 kernel/module/kmod.c:149\n team_mode_get drivers/net/team/team_core.c:480 [inline]\n team_change_mode drivers/net/team/team_core.c:607 [inline]\n team_mode_option_set+0x437/0x970 drivers/net/team/team_core.c:1401\n team_option_set drivers/net/team/team_core.c:375 [inline]\n team_nl_options_set_doit+0x1339/0x1f90 drivers/net/team/team_core.c:2662\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x1214/0x12c0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2543\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:733\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2573\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2627\n __sys_sendmsg net/socket.c:2659 [inline]\n __do_sys_sendmsg net/socket.c:2664 [inline]\n __se_sys_sendmsg net/socket.c:2662 [inline]\n __x64_sys_sendmsg+0x212/0x3c0 net/socket.c:2662\n x64_sys_call+0x2ed6/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21787",
"url": "https://www.suse.com/security/cve/CVE-2025-21787"
},
{
"category": "external",
"summary": "SUSE Bug 1238774 for CVE-2025-21787",
"url": "https://bugzilla.suse.com/1238774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21787"
},
{
"cve": "CVE-2025-21792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt\n\nIf an AX25 device is bound to a socket by setting the SO_BINDTODEVICE\nsocket option, a refcount leak will occur in ax25_release().\n\nCommit 9fd75b66b8f6 (\"ax25: Fix refcount leaks caused by ax25_cb_del()\")\nadded decrement of device refcounts in ax25_release(). In order for that\nto work correctly the refcounts must already be incremented when the\ndevice is bound to the socket. An AX25 device can be bound to a socket\nby either calling ax25_bind() or setting SO_BINDTODEVICE socket option.\nIn both cases the refcounts should be incremented, but in fact it is done\nonly in ax25_bind().\n\nThis bug leads to the following issue reported by Syzkaller:\n\n================================================================\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 1 PID: 5932 at lib/refcount.c:31 refcount_warn_saturate+0x1ed/0x210 lib/refcount.c:31\nModules linked in:\nCPU: 1 UID: 0 PID: 5932 Comm: syz-executor424 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:refcount_warn_saturate+0x1ed/0x210 lib/refcount.c:31\nCall Trace:\n \u003cTASK\u003e\n __refcount_dec include/linux/refcount.h:336 [inline]\n refcount_dec include/linux/refcount.h:351 [inline]\n ref_tracker_free+0x710/0x820 lib/ref_tracker.c:236\n netdev_tracker_free include/linux/netdevice.h:4156 [inline]\n netdev_put include/linux/netdevice.h:4173 [inline]\n netdev_put include/linux/netdevice.h:4169 [inline]\n ax25_release+0x33f/0xa10 net/ax25/af_ax25.c:1069\n __sock_release+0xb0/0x270 net/socket.c:640\n sock_close+0x1c/0x30 net/socket.c:1408\n ...\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n ...\n \u003c/TASK\u003e\n================================================================\n\nFix the implementation of ax25_setsockopt() by adding increment of\nrefcounts for the new device bound, and decrement of refcounts for\nthe old unbound device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21792",
"url": "https://www.suse.com/security/cve/CVE-2025-21792"
},
{
"category": "external",
"summary": "SUSE Bug 1238745 for CVE-2025-21792",
"url": "https://bugzilla.suse.com/1238745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21792"
},
{
"cve": "CVE-2025-21796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: clear acl_access/acl_default after releasing them\n\nIf getting acl_default fails, acl_access and acl_default will be released\nsimultaneously. However, acl_access will still retain a pointer pointing\nto the released posix_acl, which will trigger a WARNING in\nnfs3svc_release_getacl like this:\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 26 PID: 3199 at lib/refcount.c:28\nrefcount_warn_saturate+0xb5/0x170\nModules linked in:\nCPU: 26 UID: 0 PID: 3199 Comm: nfsd Not tainted\n6.12.0-rc6-00079-g04ae226af01f-dirty #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb5/0x170\nCode: cc cc 0f b6 1d b3 20 a5 03 80 fb 01 0f 87 65 48 d8 00 83 e3 01 75\ne4 48 c7 c7 c0 3b 9b 85 c6 05 97 20 a5 03 01 e8 fb 3e 30 ff \u003c0f\u003e 0b eb\ncd 0f b6 1d 8a3\nRSP: 0018:ffffc90008637cd8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff83904fde\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88871ed36380\nRBP: ffff888158beeb40 R08: 0000000000000001 R09: fffff520010c6f56\nR10: ffffc90008637ab7 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff888140e77400 R14: ffff888140e77408 R15: ffffffff858b42c0\nFS: 0000000000000000(0000) GS:ffff88871ed00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000562384d32158 CR3: 000000055cc6a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xb5/0x170\n ? __warn+0xa5/0x140\n ? refcount_warn_saturate+0xb5/0x170\n ? report_bug+0x1b1/0x1e0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x17/0x40\n ? asm_exc_invalid_op+0x1a/0x20\n ? tick_nohz_tick_stopped+0x1e/0x40\n ? refcount_warn_saturate+0xb5/0x170\n ? refcount_warn_saturate+0xb5/0x170\n nfs3svc_release_getacl+0xc9/0xe0\n svc_process_common+0x5db/0xb60\n ? __pfx_svc_process_common+0x10/0x10\n ? __rcu_read_unlock+0x69/0xa0\n ? __pfx_nfsd_dispatch+0x10/0x10\n ? svc_xprt_received+0xa1/0x120\n ? xdr_init_decode+0x11d/0x190\n svc_process+0x2a7/0x330\n svc_handle_xprt+0x69d/0x940\n svc_recv+0x180/0x2d0\n nfsd+0x168/0x200\n ? __pfx_nfsd+0x10/0x10\n kthread+0x1a2/0x1e0\n ? kthread+0xf4/0x1e0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nKernel panic - not syncing: kernel: panic_on_warn set ...\n\nClear acl_access/acl_default after posix_acl_release is called to prevent\nUAF from being triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21796",
"url": "https://www.suse.com/security/cve/CVE-2025-21796"
},
{
"category": "external",
"summary": "SUSE Bug 1238716 for CVE-2025-21796",
"url": "https://bugzilla.suse.com/1238716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: HWS, fix definer\u0027s HWS_SET32 macro for negative offset\n\nWhen bit offset for HWS_SET32 macro is negative,\nUBSAN complains about the shift-out-of-bounds:\n\n UBSAN: shift-out-of-bounds in\n drivers/net/ethernet/mellanox/mlx5/core/steering/hws/definer.c:177:2\n shift exponent -8 is negative",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21800",
"url": "https://www.suse.com/security/cve/CVE-2025-21800"
},
{
"category": "external",
"summary": "SUSE Bug 1238743 for CVE-2025-21800",
"url": "https://bugzilla.suse.com/1238743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21800"
},
{
"cve": "CVE-2025-21806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21806"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: let net.core.dev_weight always be non-zero\n\nThe following problem was encountered during stability test:\n\n(NULL net_device): NAPI poll function process_backlog+0x0/0x530 \\\n\treturned 1, exceeding its budget of 0.\n------------[ cut here ]------------\nlist_add double add: new=ffff88905f746f48, prev=ffff88905f746f48, \\\n\tnext=ffff88905f746e40.\nWARNING: CPU: 18 PID: 5462 at lib/list_debug.c:35 \\\n\t__list_add_valid_or_report+0xf3/0x130\nCPU: 18 UID: 0 PID: 5462 Comm: ping Kdump: loaded Not tainted 6.13.0-rc7+\nRIP: 0010:__list_add_valid_or_report+0xf3/0x130\nCall Trace:\n? __warn+0xcd/0x250\n? __list_add_valid_or_report+0xf3/0x130\nenqueue_to_backlog+0x923/0x1070\nnetif_rx_internal+0x92/0x2b0\n__netif_rx+0x15/0x170\nloopback_xmit+0x2ef/0x450\ndev_hard_start_xmit+0x103/0x490\n__dev_queue_xmit+0xeac/0x1950\nip_finish_output2+0x6cc/0x1620\nip_output+0x161/0x270\nip_push_pending_frames+0x155/0x1a0\nraw_sendmsg+0xe13/0x1550\n__sys_sendto+0x3bf/0x4e0\n__x64_sys_sendto+0xdc/0x1b0\ndo_syscall_64+0x5b/0x170\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe reproduction command is as follows:\n sysctl -w net.core.dev_weight=0\n ping 127.0.0.1\n\nThis is because when the napi\u0027s weight is set to 0, process_backlog() may\nreturn 0 and clear the NAPI_STATE_SCHED bit of napi-\u003estate, causing this\nnapi to be re-polled in net_rx_action() until __do_softirq() times out.\nSince the NAPI_STATE_SCHED bit has been cleared, napi_schedule_rps() can\nbe retriggered in enqueue_to_backlog(), causing this issue.\n\nMaking the napi\u0027s weight always non-zero solves this problem.\n\nTriggering this issue requires system-wide admin (setting is\nnot namespaced).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21806",
"url": "https://www.suse.com/security/cve/CVE-2025-21806"
},
{
"category": "external",
"summary": "SUSE Bug 1238746 for CVE-2025-21806",
"url": "https://bugzilla.suse.com/1238746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21806"
},
{
"cve": "CVE-2025-21808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21808"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: xdp: Disallow attaching device-bound programs in generic mode\n\nDevice-bound programs are used to support RX metadata kfuncs. These\nkfuncs are driver-specific and rely on the driver context to read the\nmetadata. This means they can\u0027t work in generic XDP mode. However, there\nis no check to disallow such programs from being attached in generic\nmode, in which case the metadata kfuncs will be called in an invalid\ncontext, leading to crashes.\n\nFix this by adding a check to disallow attaching device-bound programs\nin generic mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21808",
"url": "https://www.suse.com/security/cve/CVE-2025-21808"
},
{
"category": "external",
"summary": "SUSE Bug 1238742 for CVE-2025-21808",
"url": "https://bugzilla.suse.com/1238742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21808"
},
{
"cve": "CVE-2025-21812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: rcu protect dev-\u003eax25_ptr\n\nsyzbot found a lockdep issue [1].\n\nWe should remove ax25 RTNL dependency in ax25_setsockopt()\n\nThis should also fix a variety of possible UAF in ax25.\n\n[1]\n\nWARNING: possible circular locking dependency detected\n6.13.0-rc3-syzkaller-00762-g9268abe611b0 #0 Not tainted\n------------------------------------------------------\nsyz.5.1818/12806 is trying to acquire lock:\n ffffffff8fcb3988 (rtnl_mutex){+.+.}-{4:4}, at: ax25_setsockopt+0xa55/0xe90 net/ax25/af_ax25.c:680\n\nbut task is already holding lock:\n ffff8880617ac258 (sk_lock-AF_AX25){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1618 [inline]\n ffff8880617ac258 (sk_lock-AF_AX25){+.+.}-{0:0}, at: ax25_setsockopt+0x209/0xe90 net/ax25/af_ax25.c:574\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (sk_lock-AF_AX25){+.+.}-{0:0}:\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5849\n lock_sock_nested+0x48/0x100 net/core/sock.c:3642\n lock_sock include/net/sock.h:1618 [inline]\n ax25_kill_by_device net/ax25/af_ax25.c:101 [inline]\n ax25_device_event+0x24d/0x580 net/ax25/af_ax25.c:146\n notifier_call_chain+0x1a5/0x3f0 kernel/notifier.c:85\n __dev_notify_flags+0x207/0x400\n dev_change_flags+0xf0/0x1a0 net/core/dev.c:9026\n dev_ifsioc+0x7c8/0xe70 net/core/dev_ioctl.c:563\n dev_ioctl+0x719/0x1340 net/core/dev_ioctl.c:820\n sock_do_ioctl+0x240/0x460 net/socket.c:1234\n sock_ioctl+0x626/0x8e0 net/socket.c:1339\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n-\u003e #0 (rtnl_mutex){+.+.}-{4:4}:\n check_prev_add kernel/locking/lockdep.c:3161 [inline]\n check_prevs_add kernel/locking/lockdep.c:3280 [inline]\n validate_chain+0x18ef/0x5920 kernel/locking/lockdep.c:3904\n __lock_acquire+0x1397/0x2100 kernel/locking/lockdep.c:5226\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5849\n __mutex_lock_common kernel/locking/mutex.c:585 [inline]\n __mutex_lock+0x1ac/0xee0 kernel/locking/mutex.c:735\n ax25_setsockopt+0xa55/0xe90 net/ax25/af_ax25.c:680\n do_sock_setsockopt+0x3af/0x720 net/socket.c:2324\n __sys_setsockopt net/socket.c:2349 [inline]\n __do_sys_setsockopt net/socket.c:2355 [inline]\n __se_sys_setsockopt net/socket.c:2352 [inline]\n __x64_sys_setsockopt+0x1ee/0x280 net/socket.c:2352\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nother info that might help us debug this:\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(sk_lock-AF_AX25);\n lock(rtnl_mutex);\n lock(sk_lock-AF_AX25);\n lock(rtnl_mutex);\n\n *** DEADLOCK ***\n\n1 lock held by syz.5.1818/12806:\n #0: ffff8880617ac258 (sk_lock-AF_AX25){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1618 [inline]\n #0: ffff8880617ac258 (sk_lock-AF_AX25){+.+.}-{0:0}, at: ax25_setsockopt+0x209/0xe90 net/ax25/af_ax25.c:574\n\nstack backtrace:\nCPU: 1 UID: 0 PID: 12806 Comm: syz.5.1818 Not tainted 6.13.0-rc3-syzkaller-00762-g9268abe611b0 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_circular_bug+0x13a/0x1b0 kernel/locking/lockdep.c:2074\n check_noncircular+0x36a/0x4a0 kernel/locking/lockdep.c:2206\n check_prev_add kernel/locking/lockdep.c:3161 [inline]\n check_prevs_add kernel/lockin\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21812",
"url": "https://www.suse.com/security/cve/CVE-2025-21812"
},
{
"category": "external",
"summary": "SUSE Bug 1238471 for CVE-2025-21812",
"url": "https://bugzilla.suse.com/1238471"
},
{
"category": "external",
"summary": "SUSE Bug 1240736 for CVE-2025-21812",
"url": "https://bugzilla.suse.com/1240736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2025-21812"
},
{
"cve": "CVE-2025-21814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: Ensure info-\u003eenable callback is always set\n\nThe ioctl and sysfs handlers unconditionally call the -\u003eenable callback.\nNot all drivers implement that callback, leading to NULL dereferences.\nExample of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c.\n\nInstead use a dummy callback if no better was specified by the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21814",
"url": "https://www.suse.com/security/cve/CVE-2025-21814"
},
{
"category": "external",
"summary": "SUSE Bug 1238473 for CVE-2025-21814",
"url": "https://bugzilla.suse.com/1238473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21814"
},
{
"cve": "CVE-2025-21821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omap: use threaded IRQ for LCD DMA\n\nWhen using touchscreen and framebuffer, Nokia 770 crashes easily with:\n\n BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000\n Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd\n CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2\n Hardware name: Nokia 770\n Call trace:\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x54/0x5c\n dump_stack_lvl from __schedule_bug+0x50/0x70\n __schedule_bug from __schedule+0x4d4/0x5bc\n __schedule from schedule+0x34/0xa0\n schedule from schedule_preempt_disabled+0xc/0x10\n schedule_preempt_disabled from __mutex_lock.constprop.0+0x218/0x3b4\n __mutex_lock.constprop.0 from clk_prepare_lock+0x38/0xe4\n clk_prepare_lock from clk_set_rate+0x18/0x154\n clk_set_rate from sossi_read_data+0x4c/0x168\n sossi_read_data from hwa742_read_reg+0x5c/0x8c\n hwa742_read_reg from send_frame_handler+0xfc/0x300\n send_frame_handler from process_pending_requests+0x74/0xd0\n process_pending_requests from lcd_dma_irq_handler+0x50/0x74\n lcd_dma_irq_handler from __handle_irq_event_percpu+0x44/0x130\n __handle_irq_event_percpu from handle_irq_event+0x28/0x68\n handle_irq_event from handle_level_irq+0x9c/0x170\n handle_level_irq from generic_handle_domain_irq+0x2c/0x3c\n generic_handle_domain_irq from omap1_handle_irq+0x40/0x8c\n omap1_handle_irq from generic_handle_arch_irq+0x28/0x3c\n generic_handle_arch_irq from call_with_stack+0x1c/0x24\n call_with_stack from __irq_svc+0x94/0xa8\n Exception stack(0xc5255da0 to 0xc5255de8)\n 5da0: 00000001 c22fc620 00000000 00000000 c08384a8 c106fc00 00000000 c240c248\n 5dc0: c113a600 c3f6ec30 00000001 00000000 c22fc620 c5255df0 c22fc620 c0279a94\n 5de0: 60000013 ffffffff\n __irq_svc from clk_prepare_lock+0x4c/0xe4\n clk_prepare_lock from clk_get_rate+0x10/0x74\n clk_get_rate from uwire_setup_transfer+0x40/0x180\n uwire_setup_transfer from spi_bitbang_transfer_one+0x2c/0x9c\n spi_bitbang_transfer_one from spi_transfer_one_message+0x2d0/0x664\n spi_transfer_one_message from __spi_pump_transfer_message+0x29c/0x498\n __spi_pump_transfer_message from __spi_sync+0x1f8/0x2e8\n __spi_sync from spi_sync+0x24/0x40\n spi_sync from ads7846_halfd_read_state+0x5c/0x1c0\n ads7846_halfd_read_state from ads7846_irq+0x58/0x348\n ads7846_irq from irq_thread_fn+0x1c/0x78\n irq_thread_fn from irq_thread+0x120/0x228\n irq_thread from kthread+0xc8/0xe8\n kthread from ret_from_fork+0x14/0x28\n\nAs a quick fix, switch to a threaded IRQ which provides a stable system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21821",
"url": "https://www.suse.com/security/cve/CVE-2025-21821"
},
{
"category": "external",
"summary": "SUSE Bug 1239174 for CVE-2025-21821",
"url": "https://bugzilla.suse.com/1239174"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21821"
},
{
"cve": "CVE-2025-21832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don\u0027t revert iter for -EIOCBQUEUED\n\nblkdev_read_iter() has a few odd checks, like gating the position and\ncount adjustment on whether or not the result is bigger-than-or-equal to\nzero (where bigger than makes more sense), and not checking the return\nvalue of blkdev_direct_IO() before doing an iov_iter_revert(). The\nlatter can lead to attempting to revert with a negative value, which\nwhen passed to iov_iter_revert() as an unsigned value will lead to\nthrowing a WARN_ON() because unroll is bigger than MAX_RW_COUNT.\n\nBe sane and don\u0027t revert for -EIOCBQUEUED, like what is done in other\nspots.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21832",
"url": "https://www.suse.com/security/cve/CVE-2025-21832"
},
{
"category": "external",
"summary": "SUSE Bug 1239105 for CVE-2025-21832",
"url": "https://bugzilla.suse.com/1239105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21832"
},
{
"cve": "CVE-2025-21833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Avoid use of NULL after WARN_ON_ONCE\n\nThere is a WARN_ON_ONCE to catch an unlikely situation when\ndomain_remove_dev_pasid can\u0027t find the `pasid`. In case it nevertheless\nhappens we must avoid using a NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21833",
"url": "https://www.suse.com/security/cve/CVE-2025-21833"
},
{
"category": "external",
"summary": "SUSE Bug 1239108 for CVE-2025-21833",
"url": "https://bugzilla.suse.com/1239108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21833"
},
{
"cve": "CVE-2025-21836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/kbuf: reallocate buf lists on upgrade\n\nIORING_REGISTER_PBUF_RING can reuse an old struct io_buffer_list if it\nwas created for legacy selected buffer and has been emptied. It violates\nthe requirement that most of the field should stay stable after publish.\nAlways reallocate it instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21836",
"url": "https://www.suse.com/security/cve/CVE-2025-21836"
},
{
"category": "external",
"summary": "SUSE Bug 1239066 for CVE-2025-21836",
"url": "https://bugzilla.suse.com/1239066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21836"
},
{
"cve": "CVE-2025-21837",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21837"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21837",
"url": "https://www.suse.com/security/cve/CVE-2025-21837"
},
{
"category": "external",
"summary": "SUSE Bug 1239064 for CVE-2025-21837",
"url": "https://bugzilla.suse.com/1239064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21837"
},
{
"cve": "CVE-2025-21844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Add check for next_buffer in receive_encrypted_standard()\n\nAdd check for the return value of cifs_buf_get() and cifs_small_buf_get()\nin receive_encrypted_standard() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21844",
"url": "https://www.suse.com/security/cve/CVE-2025-21844"
},
{
"category": "external",
"summary": "SUSE Bug 1239512 for CVE-2025-21844",
"url": "https://bugzilla.suse.com/1239512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21844"
},
{
"cve": "CVE-2025-21846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacct: perform last write from workqueue\n\nIn [1] it was reported that the acct(2) system call can be used to\ntrigger NULL deref in cases where it is set to write to a file that\ntriggers an internal lookup. This can e.g., happen when pointing acc(2)\nto /sys/power/resume. At the point the where the write to this file\nhappens the calling task has already exited and called exit_fs(). A\nlookup will thus trigger a NULL-deref when accessing current-\u003efs.\n\nReorganize the code so that the the final write happens from the\nworkqueue but with the caller\u0027s credentials. This preserves the\n(strange) permission model and has almost no regression risk.\n\nThis api should stop to exist though.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21846",
"url": "https://www.suse.com/security/cve/CVE-2025-21846"
},
{
"category": "external",
"summary": "SUSE Bug 1239508 for CVE-2025-21846",
"url": "https://bugzilla.suse.com/1239508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21846"
},
{
"cve": "CVE-2025-21847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()\n\nThe nullity of sps-\u003ecstream should be checked similarly as it is done in\nsof_set_stream_data_offset() function.\nAssuming that it is not NULL if sps-\u003estream is NULL is incorrect and can\nlead to NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21847",
"url": "https://www.suse.com/security/cve/CVE-2025-21847"
},
{
"category": "external",
"summary": "SUSE Bug 1239471 for CVE-2025-21847",
"url": "https://bugzilla.suse.com/1239471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21847"
},
{
"cve": "CVE-2025-21848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: bpf: Add check for nfp_app_ctrl_msg_alloc()\n\nAdd check for the return value of nfp_app_ctrl_msg_alloc() in\nnfp_bpf_cmsg_alloc() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21848",
"url": "https://www.suse.com/security/cve/CVE-2025-21848"
},
{
"category": "external",
"summary": "SUSE Bug 1239479 for CVE-2025-21848",
"url": "https://bugzilla.suse.com/1239479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: Fix crash when a namespace is disabled\n\nThe namespace percpu counter protects pending I/O, and we can\nonly safely diable the namespace once the counter drop to zero.\nOtherwise we end up with a crash when running blktests/nvme/058\n(eg for loop transport):\n\n[ 2352.930426] [ T53909] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 2352.930431] [ T53909] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n[ 2352.930434] [ T53909] CPU: 3 UID: 0 PID: 53909 Comm: kworker/u16:5 Tainted: G W 6.13.0-rc6 #232\n[ 2352.930438] [ T53909] Tainted: [W]=WARN\n[ 2352.930440] [ T53909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\n[ 2352.930443] [ T53909] Workqueue: nvmet-wq nvme_loop_execute_work [nvme_loop]\n[ 2352.930449] [ T53909] RIP: 0010:blkcg_set_ioprio+0x44/0x180\n\nas the queue is already torn down when calling submit_bio();\n\nSo we need to init the percpu counter in nvmet_ns_enable(), and\nwait for it to drop to zero in nvmet_ns_disable() to avoid having\nI/O pending after the namespace has been disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21850",
"url": "https://www.suse.com/security/cve/CVE-2025-21850"
},
{
"category": "external",
"summary": "SUSE Bug 1239477 for CVE-2025-21850",
"url": "https://bugzilla.suse.com/1239477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21850"
},
{
"cve": "CVE-2025-21852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Add rx_skb of kfree_skb to raw_tp_null_args[].\n\nYan Zhai reported a BPF prog could trigger a null-ptr-deref [0]\nin trace_kfree_skb if the prog does not check if rx_sk is NULL.\n\nCommit c53795d48ee8 (\"net: add rx_sk to trace_kfree_skb\") added\nrx_sk to trace_kfree_skb, but rx_sk is optional and could be NULL.\n\nLet\u0027s add kfree_skb to raw_tp_null_args[] to let the BPF verifier\nvalidate such a prog and prevent the issue.\n\nNow we fail to load such a prog:\n\n libbpf: prog \u0027drop\u0027: -- BEGIN PROG LOAD LOG --\n 0: R1=ctx() R10=fp0\n ; int BPF_PROG(drop, struct sk_buff *skb, void *location, @ kfree_skb_sk_null.bpf.c:21\n 0: (79) r3 = *(u64 *)(r1 +24)\n func \u0027kfree_skb\u0027 arg3 has btf_id 5253 type STRUCT \u0027sock\u0027\n 1: R1=ctx() R3_w=trusted_ptr_or_null_sock(id=1)\n ; bpf_printk(\"sk: %d, %d\\n\", sk, sk-\u003e__sk_common.skc_family); @ kfree_skb_sk_null.bpf.c:24\n 1: (69) r4 = *(u16 *)(r3 +16)\n R3 invalid mem access \u0027trusted_ptr_or_null_\u0027\n processed 2 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0\n -- END PROG LOAD LOG --\n\nNote this fix requires commit 838a10bd2ebf (\"bpf: Augment raw_tp\narguments with PTR_MAYBE_NULL\").\n\n[0]:\nBUG: kernel NULL pointer dereference, address: 0000000000000010\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 0 P4D 0\nPREEMPT SMP\nRIP: 0010:bpf_prog_5e21a6db8fcff1aa_drop+0x10/0x2d\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x1f/0x60\n ? page_fault_oops+0x148/0x420\n ? search_bpf_extables+0x5b/0x70\n ? fixup_exception+0x27/0x2c0\n ? exc_page_fault+0x75/0x170\n ? asm_exc_page_fault+0x22/0x30\n ? bpf_prog_5e21a6db8fcff1aa_drop+0x10/0x2d\n bpf_trace_run4+0x68/0xd0\n ? unix_stream_connect+0x1f4/0x6f0\n sk_skb_reason_drop+0x90/0x120\n unix_stream_connect+0x1f4/0x6f0\n __sys_connect+0x7f/0xb0\n __x64_sys_connect+0x14/0x20\n do_syscall_64+0x47/0xc30\n entry_SYSCALL_64_after_hwframe+0x4b/0x53",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21852",
"url": "https://www.suse.com/security/cve/CVE-2025-21852"
},
{
"category": "external",
"summary": "SUSE Bug 1239487 for CVE-2025-21852",
"url": "https://bugzilla.suse.com/1239487"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21852"
},
{
"cve": "CVE-2025-21853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: avoid holding freeze_mutex during mmap operation\n\nWe use map-\u003efreeze_mutex to prevent races between map_freeze() and\nmemory mapping BPF map contents with writable permissions. The way we\nnaively do this means we\u0027ll hold freeze_mutex for entire duration of all\nthe mm and VMA manipulations, which is completely unnecessary. This can\npotentially also lead to deadlocks, as reported by syzbot in [0].\n\nSo, instead, hold freeze_mutex only during writeability checks, bump\n(proactively) \"write active\" count for the map, unlock the mutex and\nproceed with mmap logic. And only if something went wrong during mmap\nlogic, then undo that \"write active\" counter increment.\n\n [0] https://lore.kernel.org/bpf/678dcbc9.050a0220.303755.0066.GAE@google.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21853",
"url": "https://www.suse.com/security/cve/CVE-2025-21853"
},
{
"category": "external",
"summary": "SUSE Bug 1239476 for CVE-2025-21853",
"url": "https://bugzilla.suse.com/1239476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21853"
},
{
"cve": "CVE-2025-21854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsockmap, vsock: For connectible sockets allow only connected\n\nsockmap expects all vsocks to have a transport assigned, which is expressed\nin vsock_proto::psock_update_sk_prot(). However, there is an edge case\nwhere an unconnected (connectible) socket may lose its previously assigned\ntransport. This is handled with a NULL check in the vsock/BPF recv path.\n\nAnother design detail is that listening vsocks are not supposed to have any\ntransport assigned at all. Which implies they are not supported by the\nsockmap. But this is complicated by the fact that a socket, before\nswitching to TCP_LISTEN, may have had some transport assigned during a\nfailed connect() attempt. Hence, we may end up with a listening vsock in a\nsockmap, which blows up quickly:\n\nKASAN: null-ptr-deref in range [0x0000000000000120-0x0000000000000127]\nCPU: 7 UID: 0 PID: 56 Comm: kworker/7:0 Not tainted 6.14.0-rc1+\nWorkqueue: vsock-loopback vsock_loopback_work\nRIP: 0010:vsock_read_skb+0x4b/0x90\nCall Trace:\n sk_psock_verdict_data_ready+0xa4/0x2e0\n virtio_transport_recv_pkt+0x1ca8/0x2acc\n vsock_loopback_work+0x27d/0x3f0\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x35a/0x700\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n\nFor connectible sockets, instead of relying solely on the state of\nvsk-\u003etransport, tell sockmap to only allow those representing established\nconnections. This aligns with the behaviour for AF_INET and AF_UNIX.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21854",
"url": "https://www.suse.com/security/cve/CVE-2025-21854"
},
{
"category": "external",
"summary": "SUSE Bug 1239470 for CVE-2025-21854",
"url": "https://bugzilla.suse.com/1239470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21854"
},
{
"cve": "CVE-2025-21855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Don\u0027t reference skb after sending to VIOS\n\nPreviously, after successfully flushing the xmit buffer to VIOS,\nthe tx_bytes stat was incremented by the length of the skb.\n\nIt is invalid to access the skb memory after sending the buffer to\nthe VIOS because, at any point after sending, the VIOS can trigger\nan interrupt to free this memory. A race between reading skb-\u003elen\nand freeing the skb is possible (especially during LPM) and will\nresult in use-after-free:\n ==================================================================\n BUG: KASAN: slab-use-after-free in ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n Read of size 4 at addr c00000024eb48a70 by task hxecom/14495\n \u003c...\u003e\n Call Trace:\n [c000000118f66cf0] [c0000000018cba6c] dump_stack_lvl+0x84/0xe8 (unreliable)\n [c000000118f66d20] [c0000000006f0080] print_report+0x1a8/0x7f0\n [c000000118f66df0] [c0000000006f08f0] kasan_report+0x128/0x1f8\n [c000000118f66f00] [c0000000006f2868] __asan_load4+0xac/0xe0\n [c000000118f66f20] [c0080000046eac84] ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n [c000000118f67340] [c0000000014be168] dev_hard_start_xmit+0x150/0x358\n \u003c...\u003e\n Freed by task 0:\n kasan_save_stack+0x34/0x68\n kasan_save_track+0x2c/0x50\n kasan_save_free_info+0x64/0x108\n __kasan_mempool_poison_object+0x148/0x2d4\n napi_skb_cache_put+0x5c/0x194\n net_tx_action+0x154/0x5b8\n handle_softirqs+0x20c/0x60c\n do_softirq_own_stack+0x6c/0x88\n \u003c...\u003e\n The buggy address belongs to the object at c00000024eb48a00 which\n belongs to the cache skbuff_head_cache of size 224\n==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21855",
"url": "https://www.suse.com/security/cve/CVE-2025-21855"
},
{
"category": "external",
"summary": "SUSE Bug 1239484 for CVE-2025-21855",
"url": "https://bugzilla.suse.com/1239484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21855"
},
{
"cve": "CVE-2025-21856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ism: add release function for struct device\n\nAccording to device_release() in /drivers/base/core.c,\na device without a release function is a broken device\nand must be fixed.\n\nThe current code directly frees the device after calling device_add()\nwithout waiting for other kernel parts to release their references.\nThus, a reference could still be held to a struct device,\ne.g., by sysfs, leading to potential use-after-free\nissues if a proper release function is not set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21856",
"url": "https://www.suse.com/security/cve/CVE-2025-21856"
},
{
"category": "external",
"summary": "SUSE Bug 1239486 for CVE-2025-21856",
"url": "https://bugzilla.suse.com/1239486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21856"
},
{
"cve": "CVE-2025-21857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_api: fix error handling causing NULL dereference\n\ntcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can\nreturn 1 if the allocation succeeded after wrapping. This was treated as\nan error, with value 1 returned to caller tcf_exts_init_ex() which sets\nexts-\u003eactions to NULL and returns 1 to caller fl_change().\n\nfl_change() treats err == 1 as success, calling tcf_exts_validate_ex()\nwhich calls tcf_action_init() with exts-\u003eactions as argument, where it\nis dereferenced.\n\nExample trace:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCPU: 114 PID: 16151 Comm: handler114 Kdump: loaded Not tainted 5.14.0-503.16.1.el9_5.x86_64 #1\nRIP: 0010:tcf_action_init+0x1f8/0x2c0\nCall Trace:\n tcf_action_init+0x1f8/0x2c0\n tcf_exts_validate_ex+0x175/0x190\n fl_change+0x537/0x1120 [cls_flower]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21857",
"url": "https://www.suse.com/security/cve/CVE-2025-21857"
},
{
"category": "external",
"summary": "SUSE Bug 1239478 for CVE-2025-21857",
"url": "https://bugzilla.suse.com/1239478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21857"
},
{
"cve": "CVE-2025-21858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: Fix use-after-free in geneve_find_dev().\n\nsyzkaller reported a use-after-free in geneve_find_dev() [0]\nwithout repro.\n\ngeneve_configure() links struct geneve_dev.next to\nnet_generic(net, geneve_net_id)-\u003egeneve_list.\n\nThe net here could differ from dev_net(dev) if IFLA_NET_NS_PID,\nIFLA_NET_NS_FD, or IFLA_TARGET_NETNSID is set.\n\nWhen dev_net(dev) is dismantled, geneve_exit_batch_rtnl() finally\ncalls unregister_netdevice_queue() for each dev in the netns,\nand later the dev is freed.\n\nHowever, its geneve_dev.next is still linked to the backend UDP\nsocket netns.\n\nThen, use-after-free will occur when another geneve dev is created\nin the netns.\n\nLet\u0027s call geneve_dellink() instead in geneve_destroy_tunnels().\n\n[0]:\nBUG: KASAN: slab-use-after-free in geneve_find_dev drivers/net/geneve.c:1295 [inline]\nBUG: KASAN: slab-use-after-free in geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\nRead of size 2 at addr ffff000054d6ee24 by task syz.1.4029/13441\n\nCPU: 1 UID: 0 PID: 13441 Comm: syz.1.4029 Not tainted 6.13.0-g0ad9617c78ac #24 dc35ca22c79fb82e8e7bc5c9c9adafea898b1e3d\nHardware name: linux,dummy-virt (DT)\nCall trace:\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\n __asan_report_load2_noabort+0x20/0x30 mm/kasan/report_generic.c:379\n geneve_find_dev drivers/net/geneve.c:1295 [inline]\n geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\n geneve_newlink+0xb8/0x128 drivers/net/geneve.c:1634\n rtnl_newlink_create+0x23c/0x868 net/core/rtnetlink.c:3795\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:713 [inline]\n __sock_sendmsg net/socket.c:728 [inline]\n ____sys_sendmsg+0x410/0x6f8 net/socket.c:2568\n ___sys_sendmsg+0x178/0x1d8 net/socket.c:2622\n __sys_sendmsg net/socket.c:2654 [inline]\n __do_sys_sendmsg net/socket.c:2659 [inline]\n __se_sys_sendmsg net/socket.c:2657 [inline]\n __arm64_sys_sendmsg+0x12c/0x1c8 net/socket.c:2657\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\n el0_svc+0x4c/0xa8 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x1a0 arch/arm64/kernel/entry.S:600\n\nAllocated by task 13247:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4298 [inline]\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4304\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:645\n alloc_netdev_mqs+0xb8/0x11a0 net/core/dev.c:11470\n rtnl_create_link+0x2b8/0xb50 net/core/rtnetlink.c:3604\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3780\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21858",
"url": "https://www.suse.com/security/cve/CVE-2025-21858"
},
{
"category": "external",
"summary": "SUSE Bug 1239468 for CVE-2025-21858",
"url": "https://bugzilla.suse.com/1239468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21858"
},
{
"cve": "CVE-2025-21859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: f_midi: f_midi_complete to call queue_work\n\nWhen using USB MIDI, a lock is attempted to be acquired twice through a\nre-entrant call to f_midi_transmit, causing a deadlock.\n\nFix it by using queue_work() to schedule the inner f_midi_transmit() via\na high priority work queue from the completion handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21859",
"url": "https://www.suse.com/security/cve/CVE-2025-21859"
},
{
"category": "external",
"summary": "SUSE Bug 1239467 for CVE-2025-21859",
"url": "https://bugzilla.suse.com/1239467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21859"
},
{
"cve": "CVE-2025-21861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate_device: don\u0027t add folio to be freed to LRU in migrate_device_finalize()\n\nIf migration succeeded, we called\nfolio_migrate_flags()-\u003emem_cgroup_migrate() to migrate the memcg from the\nold to the new folio. This will set memcg_data of the old folio to 0.\n\nSimilarly, if migration failed, memcg_data of the dst folio is left unset.\n\nIf we call folio_putback_lru() on such folios (memcg_data == 0), we will\nadd the folio to be freed to the LRU, making memcg code unhappy. Running\nthe hmm selftests:\n\n # ./hmm-tests\n ...\n # RUN hmm.hmm_device_private.migrate ...\n [ 102.078007][T14893] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7ff27d200 pfn:0x13cc00\n [ 102.079974][T14893] anon flags: 0x17ff00000020018(uptodate|dirty|swapbacked|node=0|zone=2|lastcpupid=0x7ff)\n [ 102.082037][T14893] raw: 017ff00000020018 dead000000000100 dead000000000122 ffff8881353896c9\n [ 102.083687][T14893] raw: 00000007ff27d200 0000000000000000 00000001ffffffff 0000000000000000\n [ 102.085331][T14893] page dumped because: VM_WARN_ON_ONCE_FOLIO(!memcg \u0026\u0026 !mem_cgroup_disabled())\n [ 102.087230][T14893] ------------[ cut here ]------------\n [ 102.088279][T14893] WARNING: CPU: 0 PID: 14893 at ./include/linux/memcontrol.h:726 folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.090478][T14893] Modules linked in:\n [ 102.091244][T14893] CPU: 0 UID: 0 PID: 14893 Comm: hmm-tests Not tainted 6.13.0-09623-g6c216bc522fd #151\n [ 102.093089][T14893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n [ 102.094848][T14893] RIP: 0010:folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.096104][T14893] Code: ...\n [ 102.099908][T14893] RSP: 0018:ffffc900236c37b0 EFLAGS: 00010293\n [ 102.101152][T14893] RAX: 0000000000000000 RBX: ffffea0004f30000 RCX: ffffffff8183f426\n [ 102.102684][T14893] RDX: ffff8881063cb880 RSI: ffffffff81b8117f RDI: ffff8881063cb880\n [ 102.104227][T14893] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000\n [ 102.105757][T14893] R10: 0000000000000001 R11: 0000000000000002 R12: ffffc900236c37d8\n [ 102.107296][T14893] R13: ffff888277a2bcb0 R14: 000000000000001f R15: 0000000000000000\n [ 102.108830][T14893] FS: 00007ff27dbdd740(0000) GS:ffff888277a00000(0000) knlGS:0000000000000000\n [ 102.110643][T14893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 102.111924][T14893] CR2: 00007ff27d400000 CR3: 000000010866e000 CR4: 0000000000750ef0\n [ 102.113478][T14893] PKRU: 55555554\n [ 102.114172][T14893] Call Trace:\n [ 102.114805][T14893] \u003cTASK\u003e\n [ 102.115397][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.116547][T14893] ? __warn.cold+0x110/0x210\n [ 102.117461][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.118667][T14893] ? report_bug+0x1b9/0x320\n [ 102.119571][T14893] ? handle_bug+0x54/0x90\n [ 102.120494][T14893] ? exc_invalid_op+0x17/0x50\n [ 102.121433][T14893] ? asm_exc_invalid_op+0x1a/0x20\n [ 102.122435][T14893] ? __wake_up_klogd.part.0+0x76/0xd0\n [ 102.123506][T14893] ? dump_page+0x4f/0x60\n [ 102.124352][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.125500][T14893] folio_batch_move_lru+0xd4/0x200\n [ 102.126577][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.127505][T14893] __folio_batch_add_and_move+0x391/0x720\n [ 102.128633][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.129550][T14893] folio_putback_lru+0x16/0x80\n [ 102.130564][T14893] migrate_device_finalize+0x9b/0x530\n [ 102.131640][T14893] dmirror_migrate_to_device.constprop.0+0x7c5/0xad0\n [ 102.133047][T14893] dmirror_fops_unlocked_ioctl+0x89b/0xc80\n\nLikely, nothing else goes wrong: putting the last folio reference will\nremove the folio from the LRU again. So besides memcg complaining, adding\nthe folio to be freed to the LRU is just an unnecessary step.\n\nThe new flow resembles what we have in migrate_folio_move(): add the dst\nto the lru, rem\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21861",
"url": "https://www.suse.com/security/cve/CVE-2025-21861"
},
{
"category": "external",
"summary": "SUSE Bug 1239483 for CVE-2025-21861",
"url": "https://bugzilla.suse.com/1239483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21861"
},
{
"cve": "CVE-2025-21862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: fix incorrect initialization order\n\nSyzkaller reports the following bug:\n\nBUG: spinlock bad magic on CPU#1, syz-executor.0/7995\n lock: 0xffff88805303f3e0, .magic: 00000000, .owner: \u003cnone\u003e/-1, .owner_cpu: 0\nCPU: 1 PID: 7995 Comm: syz-executor.0 Tainted: G E 5.10.209+ #1\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x119/0x179 lib/dump_stack.c:118\n debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline]\n do_raw_spin_lock+0x1f6/0x270 kernel/locking/spinlock_debug.c:112\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]\n _raw_spin_lock_irqsave+0x50/0x70 kernel/locking/spinlock.c:159\n reset_per_cpu_data+0xe6/0x240 [drop_monitor]\n net_dm_cmd_trace+0x43d/0x17a0 [drop_monitor]\n genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2497\n genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x914/0xe00 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:651 [inline]\n __sock_sendmsg+0x157/0x190 net/socket.c:663\n ____sys_sendmsg+0x712/0x870 net/socket.c:2378\n ___sys_sendmsg+0xf8/0x170 net/socket.c:2432\n __sys_sendmsg+0xea/0x1b0 net/socket.c:2461\n do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\nRIP: 0033:0x7f3f9815aee9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f3f972bf0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f3f9826d050 RCX: 00007f3f9815aee9\nRDX: 0000000020000000 RSI: 0000000020001300 RDI: 0000000000000007\nRBP: 00007f3f981b63bd R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f3f9826d050 R15: 00007ffe01ee6768\n\nIf drop_monitor is built as a kernel module, syzkaller may have time\nto send a netlink NET_DM_CMD_START message during the module loading.\nThis will call the net_dm_monitor_start() function that uses\na spinlock that has not yet been initialized.\n\nTo fix this, let\u0027s place resource initialization above the registration\nof a generic netlink family.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21862",
"url": "https://www.suse.com/security/cve/CVE-2025-21862"
},
{
"category": "external",
"summary": "SUSE Bug 1239474 for CVE-2025-21862",
"url": "https://bugzilla.suse.com/1239474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: prevent opcode speculation\n\nsqe-\u003eopcode is used for different tables, make sure we santitise it\nagainst speculations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21863",
"url": "https://www.suse.com/security/cve/CVE-2025-21863"
},
{
"category": "external",
"summary": "SUSE Bug 1239475 for CVE-2025-21863",
"url": "https://bugzilla.suse.com/1239475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21863"
},
{
"cve": "CVE-2025-21864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: drop secpath at the same time as we currently drop dst\n\nXiumei reported hitting the WARN in xfrm6_tunnel_net_exit while\nrunning tests that boil down to:\n - create a pair of netns\n - run a basic TCP test over ipcomp6\n - delete the pair of netns\n\nThe xfrm_state found on spi_byaddr was not deleted at the time we\ndelete the netns, because we still have a reference on it. This\nlingering reference comes from a secpath (which holds a ref on the\nxfrm_state), which is still attached to an skb. This skb is not\nleaked, it ends up on sk_receive_queue and then gets defer-free\u0027d by\nskb_attempt_defer_free.\n\nThe problem happens when we defer freeing an skb (push it on one CPU\u0027s\ndefer_list), and don\u0027t flush that list before the netns is deleted. In\nthat case, we still have a reference on the xfrm_state that we don\u0027t\nexpect at this point.\n\nWe already drop the skb\u0027s dst in the TCP receive path when it\u0027s no\nlonger needed, so let\u0027s also drop the secpath. At this point,\ntcp_filter has already called into the LSM hooks that may require the\nsecpath, so it should not be needed anymore. However, in some of those\nplaces, the MPTCP extension has just been attached to the skb, so we\ncannot simply drop all extensions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21864",
"url": "https://www.suse.com/security/cve/CVE-2025-21864"
},
{
"category": "external",
"summary": "SUSE Bug 1239482 for CVE-2025-21864",
"url": "https://bugzilla.suse.com/1239482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().\n\nBrad Spengler reported the list_del() corruption splat in\ngtp_net_exit_batch_rtnl(). [0]\n\nCommit eb28fd76c0a0 (\"gtp: Destroy device along with udp socket\u0027s netns\ndismantle.\") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl()\nto destroy devices in each netns as done in geneve and ip tunnels.\n\nHowever, this could trigger -\u003edellink() twice for the same device during\n-\u003eexit_batch_rtnl().\n\nSay we have two netns A \u0026 B and gtp device B that resides in netns B but\nwhose UDP socket is in netns A.\n\n 1. cleanup_net() processes netns A and then B.\n\n 2. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns A\u0027s gn-\u003egtp_dev_list and calls -\u003edellink().\n\n [ device B is not yet unlinked from netns B\n as unregister_netdevice_many() has not been called. ]\n\n 3. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns B\u0027s for_each_netdev() and calls -\u003edellink().\n\ngtp_dellink() cleans up the device\u0027s hash table, unlinks the dev from\ngn-\u003egtp_dev_list, and calls unregister_netdevice_queue().\n\nBasically, calling gtp_dellink() multiple times is fine unless\nCONFIG_DEBUG_LIST is enabled.\n\nLet\u0027s remove for_each_netdev() in gtp_net_exit_batch_rtnl() and\ndelegate the destruction to default_device_exit_batch() as done\nin bareudp.\n\n[0]:\nlist_del corruption, ffff8880aaa62c00-\u003enext (autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]) is LIST_POISON1 (ffffffffffffff02) (prev is 0xffffffffffffff04)\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN\nCPU: 1 UID: 0 PID: 1804 Comm: kworker/u8:7 Tainted: G T 6.12.13-grsec-full-20250211091339 #1\nTainted: [T]=RANDSTRUCT\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:[\u003cffffffff84947381\u003e] __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nCode: c2 76 91 31 c0 e8 9f b1 f7 fc 0f 0b 4d 89 f0 48 c7 c1 02 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 e0 c2 76 91 31 c0 e8 7f b1 f7 fc \u003c0f\u003e 0b 4d 89 e8 48 c7 c1 04 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 60\nRSP: 0018:fffffe8040b4fbd0 EFLAGS: 00010283\nRAX: 00000000000000cc RBX: dffffc0000000000 RCX: ffffffff818c4054\nRDX: ffffffff84947381 RSI: ffffffff818d1512 RDI: 0000000000000000\nRBP: ffff8880aaa62c00 R08: 0000000000000001 R09: fffffbd008169f32\nR10: fffffe8040b4f997 R11: 0000000000000001 R12: a1988d84f24943e4\nR13: ffffffffffffff02 R14: ffffffffffffff04 R15: ffff8880aaa62c08\nRBX: kasan shadow of 0x0\nRCX: __wake_up_klogd.part.0+0x74/0xe0 kernel/printk/printk.c:4554\nRDX: __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nRSI: vprintk+0x72/0x100 kernel/printk/printk_safe.c:71\nRBP: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]\nRSP: process kstack fffffe8040b4fbd0+0x7bd0/0x8000 [kworker/u8:7+netns 1804 ]\nR09: kasan shadow of process kstack fffffe8040b4f990+0x7990/0x8000 [kworker/u8:7+netns 1804 ]\nR10: process kstack fffffe8040b4f997+0x7997/0x8000 [kworker/u8:7+netns 1804 ]\nR15: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc08/0x1000 [slab object]\nFS: 0000000000000000(0000) GS:ffff888116000000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000748f5372c000 CR3: 0000000015408000 CR4: 00000000003406f0 shadow CR4: 00000000003406f0\nStack:\n 0000000000000000 ffffffff8a0c35e7 ffffffff8a0c3603 ffff8880aaa62c00\n ffff8880aaa62c00 0000000000000004 ffff88811145311c 0000000000000005\n 0000000000000001 ffff8880aaa62000 fffffe8040b4fd40 ffffffff8a0c360d\nCall Trace:\n \u003cTASK\u003e\n [\u003cffffffff8a0c360d\u003e] __list_del_entry_valid include/linux/list.h:131 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] __list_del_entry include/linux/list.h:248 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] list_del include/linux/list.h:262 [inl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21865",
"url": "https://www.suse.com/security/cve/CVE-2025-21865"
},
{
"category": "external",
"summary": "SUSE Bug 1239481 for CVE-2025-21865",
"url": "https://bugzilla.suse.com/1239481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-21866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC\n\nErhard reported the following KASAN hit while booting his PowerMac G4\nwith a KASAN-enabled kernel 6.13-rc6:\n\n BUG: KASAN: vmalloc-out-of-bounds in copy_to_kernel_nofault+0xd8/0x1c8\n Write of size 8 at addr f1000000 by task chronyd/1293\n\n CPU: 0 UID: 123 PID: 1293 Comm: chronyd Tainted: G W 6.13.0-rc6-PMacG4 #2\n Tainted: [W]=WARN\n Hardware name: PowerMac3,6 7455 0x80010303 PowerMac\n Call Trace:\n [c2437590] [c1631a84] dump_stack_lvl+0x70/0x8c (unreliable)\n [c24375b0] [c0504998] print_report+0xdc/0x504\n [c2437610] [c050475c] kasan_report+0xf8/0x108\n [c2437690] [c0505a3c] kasan_check_range+0x24/0x18c\n [c24376a0] [c03fb5e4] copy_to_kernel_nofault+0xd8/0x1c8\n [c24376c0] [c004c014] patch_instructions+0x15c/0x16c\n [c2437710] [c00731a8] bpf_arch_text_copy+0x60/0x7c\n [c2437730] [c0281168] bpf_jit_binary_pack_finalize+0x50/0xac\n [c2437750] [c0073cf4] bpf_int_jit_compile+0xb30/0xdec\n [c2437880] [c0280394] bpf_prog_select_runtime+0x15c/0x478\n [c24378d0] [c1263428] bpf_prepare_filter+0xbf8/0xc14\n [c2437990] [c12677ec] bpf_prog_create_from_user+0x258/0x2b4\n [c24379d0] [c027111c] do_seccomp+0x3dc/0x1890\n [c2437ac0] [c001d8e0] system_call_exception+0x2dc/0x420\n [c2437f30] [c00281ac] ret_from_syscall+0x0/0x2c\n --- interrupt: c00 at 0x5a1274\n NIP: 005a1274 LR: 006a3b3c CTR: 005296c8\n REGS: c2437f40 TRAP: 0c00 Tainted: G W (6.13.0-rc6-PMacG4)\n MSR: 0200f932 \u003cVEC,EE,PR,FP,ME,IR,DR,RI\u003e CR: 24004422 XER: 00000000\n\n GPR00: 00000166 af8f3fa0 a7ee3540 00000001 00000000 013b6500 005a5858 0200f932\n GPR08: 00000000 00001fe9 013d5fc8 005296c8 2822244c 00b2fcd8 00000000 af8f4b57\n GPR16: 00000000 00000001 00000000 00000000 00000000 00000001 00000000 00000002\n GPR24: 00afdbb0 00000000 00000000 00000000 006e0004 013ce060 006e7c1c 00000001\n NIP [005a1274] 0x5a1274\n LR [006a3b3c] 0x6a3b3c\n --- interrupt: c00\n\n The buggy address belongs to the virtual mapping at\n [f1000000, f1002000) created by:\n text_area_cpu_up+0x20/0x190\n\n The buggy address belongs to the physical page:\n page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x76e30\n flags: 0x80000000(zone=2)\n raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001\n raw: 00000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n f0ffff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n f0ffff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003ef1000000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n f1000080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n f1000100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ==================================================================\n\nf8 corresponds to KASAN_VMALLOC_INVALID which means the area is not\ninitialised hence not supposed to be used yet.\n\nPowerpc text patching infrastructure allocates a virtual memory area\nusing get_vm_area() and flags it as VM_ALLOC. But that flag is meant\nto be used for vmalloc() and vmalloc() allocated memory is not\nsupposed to be used before a call to __vmalloc_node_range() which is\nnever called for that area.\n\nThat went undetected until commit e4137f08816b (\"mm, kasan, kmsan:\ninstrument copy_from/to_kernel_nofault\")\n\nThe area allocated by text_area_cpu_up() is not vmalloc memory, it is\nmapped directly on demand when needed by map_kernel_page(). There is\nno VM flag corresponding to such usage, so just pass no flag. That way\nthe area will be unpoisonned and usable immediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21866",
"url": "https://www.suse.com/security/cve/CVE-2025-21866"
},
{
"category": "external",
"summary": "SUSE Bug 1239473 for CVE-2025-21866",
"url": "https://bugzilla.suse.com/1239473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21866"
},
{
"cve": "CVE-2025-21867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, test_run: Fix use-after-free issue in eth_skb_pkt_type()\n\nKMSAN reported a use-after-free issue in eth_skb_pkt_type()[1]. The\ncause of the issue was that eth_skb_pkt_type() accessed skb\u0027s data\nthat didn\u0027t contain an Ethernet header. This occurs when\nbpf_prog_test_run_xdp() passes an invalid value as the user_data\nargument to bpf_test_init().\n\nFix this by returning an error when user_data is less than ETH_HLEN in\nbpf_test_init(). Additionally, remove the check for \"if (user_size \u003e\nsize)\" as it is unnecessary.\n\n[1]\nBUG: KMSAN: use-after-free in eth_skb_pkt_type include/linux/etherdevice.h:627 [inline]\nBUG: KMSAN: use-after-free in eth_type_trans+0x4ee/0x980 net/ethernet/eth.c:165\n eth_skb_pkt_type include/linux/etherdevice.h:627 [inline]\n eth_type_trans+0x4ee/0x980 net/ethernet/eth.c:165\n __xdp_build_skb_from_frame+0x5a8/0xa50 net/core/xdp.c:635\n xdp_recv_frames net/bpf/test_run.c:272 [inline]\n xdp_test_run_batch net/bpf/test_run.c:361 [inline]\n bpf_test_run_xdp_live+0x2954/0x3330 net/bpf/test_run.c:390\n bpf_prog_test_run_xdp+0x148e/0x1b10 net/bpf/test_run.c:1318\n bpf_prog_test_run+0x5b7/0xa30 kernel/bpf/syscall.c:4371\n __sys_bpf+0x6a6/0xe20 kernel/bpf/syscall.c:5777\n __do_sys_bpf kernel/bpf/syscall.c:5866 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5864 [inline]\n __x64_sys_bpf+0xa4/0xf0 kernel/bpf/syscall.c:5864\n x64_sys_call+0x2ea0/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:322\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n free_pages_prepare mm/page_alloc.c:1056 [inline]\n free_unref_page+0x156/0x1320 mm/page_alloc.c:2657\n __free_pages+0xa3/0x1b0 mm/page_alloc.c:4838\n bpf_ringbuf_free kernel/bpf/ringbuf.c:226 [inline]\n ringbuf_map_free+0xff/0x1e0 kernel/bpf/ringbuf.c:235\n bpf_map_free kernel/bpf/syscall.c:838 [inline]\n bpf_map_free_deferred+0x17c/0x310 kernel/bpf/syscall.c:862\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa2b/0x1b60 kernel/workqueue.c:3310\n worker_thread+0xedf/0x1550 kernel/workqueue.c:3391\n kthread+0x535/0x6b0 kernel/kthread.c:389\n ret_from_fork+0x6e/0x90 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nCPU: 1 UID: 0 PID: 17276 Comm: syz.1.16450 Not tainted 6.12.0-05490-g9bb88c659673 #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21867",
"url": "https://www.suse.com/security/cve/CVE-2025-21867"
},
{
"category": "external",
"summary": "SUSE Bug 1240181 for CVE-2025-21867",
"url": "https://bugzilla.suse.com/1240181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21867"
},
{
"cve": "CVE-2025-21869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Disable KASAN report during patching via temporary mm\n\nErhard reports the following KASAN hit on Talos II (power9) with kernel 6.13:\n\n[ 12.028126] ==================================================================\n[ 12.028198] BUG: KASAN: user-memory-access in copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028260] Write of size 8 at addr 0000187e458f2000 by task systemd/1\n\n[ 12.028346] CPU: 87 UID: 0 PID: 1 Comm: systemd Tainted: G T 6.13.0-P9-dirty #3\n[ 12.028408] Tainted: [T]=RANDSTRUCT\n[ 12.028446] Hardware name: T2P9D01 REV 1.01 POWER9 0x4e1202 opal:skiboot-bc106a0 PowerNV\n[ 12.028500] Call Trace:\n[ 12.028536] [c000000008dbf3b0] [c000000001656a48] dump_stack_lvl+0xbc/0x110 (unreliable)\n[ 12.028609] [c000000008dbf3f0] [c0000000006e2fc8] print_report+0x6b0/0x708\n[ 12.028666] [c000000008dbf4e0] [c0000000006e2454] kasan_report+0x164/0x300\n[ 12.028725] [c000000008dbf600] [c0000000006e54d4] kasan_check_range+0x314/0x370\n[ 12.028784] [c000000008dbf640] [c0000000006e6310] __kasan_check_write+0x20/0x40\n[ 12.028842] [c000000008dbf660] [c000000000578e8c] copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028902] [c000000008dbf6a0] [c0000000000acfe4] __patch_instructions+0x194/0x210\n[ 12.028965] [c000000008dbf6e0] [c0000000000ade80] patch_instructions+0x150/0x590\n[ 12.029026] [c000000008dbf7c0] [c0000000001159bc] bpf_arch_text_copy+0x6c/0xe0\n[ 12.029085] [c000000008dbf800] [c000000000424250] bpf_jit_binary_pack_finalize+0x40/0xc0\n[ 12.029147] [c000000008dbf830] [c000000000115dec] bpf_int_jit_compile+0x3bc/0x930\n[ 12.029206] [c000000008dbf990] [c000000000423720] bpf_prog_select_runtime+0x1f0/0x280\n[ 12.029266] [c000000008dbfa00] [c000000000434b18] bpf_prog_load+0xbb8/0x1370\n[ 12.029324] [c000000008dbfb70] [c000000000436ebc] __sys_bpf+0x5ac/0x2e00\n[ 12.029379] [c000000008dbfd00] [c00000000043a228] sys_bpf+0x28/0x40\n[ 12.029435] [c000000008dbfd20] [c000000000038eb4] system_call_exception+0x334/0x610\n[ 12.029497] [c000000008dbfe50] [c00000000000c270] system_call_vectored_common+0xf0/0x280\n[ 12.029561] --- interrupt: 3000 at 0x3fff82f5cfa8\n[ 12.029608] NIP: 00003fff82f5cfa8 LR: 00003fff82f5cfa8 CTR: 0000000000000000\n[ 12.029660] REGS: c000000008dbfe80 TRAP: 3000 Tainted: G T (6.13.0-P9-dirty)\n[ 12.029735] MSR: 900000000280f032 \u003cSF,HV,VEC,VSX,EE,PR,FP,ME,IR,DR,RI\u003e CR: 42004848 XER: 00000000\n[ 12.029855] IRQMASK: 0\n GPR00: 0000000000000169 00003fffdcf789a0 00003fff83067100 0000000000000005\n GPR04: 00003fffdcf78a98 0000000000000090 0000000000000000 0000000000000008\n GPR08: 0000000000000000 0000000000000000 0000000000000000 0000000000000000\n GPR12: 0000000000000000 00003fff836ff7e0 c000000000010678 0000000000000000\n GPR16: 0000000000000000 0000000000000000 00003fffdcf78f28 00003fffdcf78f90\n GPR20: 0000000000000000 0000000000000000 0000000000000000 00003fffdcf78f80\n GPR24: 00003fffdcf78f70 00003fffdcf78d10 00003fff835c7239 00003fffdcf78bd8\n GPR28: 00003fffdcf78a98 0000000000000000 0000000000000000 000000011f547580\n[ 12.030316] NIP [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030361] LR [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030405] --- interrupt: 3000\n[ 12.030444] ==================================================================\n\nCommit c28c15b6d28a (\"powerpc/code-patching: Use temporary mm for\nRadix MMU\") is inspired from x86 but unlike x86 is doesn\u0027t disable\nKASAN reports during patching. This wasn\u0027t a problem at the begining\nbecause __patch_mem() is not instrumented.\n\nCommit 465cabc97b42 (\"powerpc/code-patching: introduce\npatch_instructions()\") use copy_to_kernel_nofault() to copy several\ninstructions at once. But when using temporary mm the destination is\nnot regular kernel memory but a kind of kernel-like memory located\nin user address space. \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21869",
"url": "https://www.suse.com/security/cve/CVE-2025-21869"
},
{
"category": "external",
"summary": "SUSE Bug 1240182 for CVE-2025-21869",
"url": "https://bugzilla.suse.com/1240182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21869"
},
{
"cve": "CVE-2025-21870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers\n\nOther, non DAI copier widgets could have the same stream name (sname) as\nthe ALH copier and in that case the copier-\u003edata is NULL, no alh_data is\nattached, which could lead to NULL pointer dereference.\nWe could check for this NULL pointer in sof_ipc4_prepare_copier_module()\nand avoid the crash, but a similar loop in sof_ipc4_widget_setup_comp_dai()\nwill miscalculate the ALH device count, causing broken audio.\n\nThe correct fix is to harden the matching logic by making sure that the\n1. widget is a DAI widget - so dai = w-\u003eprivate is valid\n2. the dai (and thus the copier) is ALH copier",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21870",
"url": "https://www.suse.com/security/cve/CVE-2025-21870"
},
{
"category": "external",
"summary": "SUSE Bug 1240191 for CVE-2025-21870",
"url": "https://bugzilla.suse.com/1240191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21870"
},
{
"cve": "CVE-2025-21871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: optee: Fix supplicant wait loop\n\nOP-TEE supplicant is a user-space daemon and it\u0027s possible for it\nbe hung or crashed or killed in the middle of processing an OP-TEE\nRPC call. It becomes more complicated when there is incorrect shutdown\nordering of the supplicant process vs the OP-TEE client application which\ncan eventually lead to system hang-up waiting for the closure of the\nclient application.\n\nAllow the client process waiting in kernel for supplicant response to\nbe killed rather than indefinitely waiting in an unkillable state. Also,\na normal uninterruptible wait should not have resulted in the hung-task\nwatchdog getting triggered, but the endless loop would.\n\nThis fixes issues observed during system reboot/shutdown when supplicant\ngot hung for some reason or gets crashed/killed which lead to client\ngetting hung in an unkillable state. It in turn lead to system being in\nhung up state requiring hard power off/on to recover.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21871",
"url": "https://www.suse.com/security/cve/CVE-2025-21871"
},
{
"category": "external",
"summary": "SUSE Bug 1240183 for CVE-2025-21871",
"url": "https://bugzilla.suse.com/1240183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21871"
},
{
"cve": "CVE-2025-21873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: bsg: Fix crash when arpmb command fails\n\nIf the device doesn\u0027t support arpmb we\u0027ll crash due to copying user data in\nbsg_transport_sg_io_fn().\n\nIn the case where ufs_bsg_exec_advanced_rpmb_req() returns an error, do not\nset the job\u0027s reply_len.\n\nMemory crash backtrace:\n3,1290,531166405,-;ufshcd 0000:00:12.5: ARPMB OP failed: error code -22\n\n4,1308,531166555,-;Call Trace:\n\n4,1309,531166559,-; \u003cTASK\u003e\n\n4,1310,531166565,-; ? show_regs+0x6d/0x80\n\n4,1311,531166575,-; ? die+0x37/0xa0\n\n4,1312,531166583,-; ? do_trap+0xd4/0xf0\n\n4,1313,531166593,-; ? do_error_trap+0x71/0xb0\n\n4,1314,531166601,-; ? usercopy_abort+0x6c/0x80\n\n4,1315,531166610,-; ? exc_invalid_op+0x52/0x80\n\n4,1316,531166622,-; ? usercopy_abort+0x6c/0x80\n\n4,1317,531166630,-; ? asm_exc_invalid_op+0x1b/0x20\n\n4,1318,531166643,-; ? usercopy_abort+0x6c/0x80\n\n4,1319,531166652,-; __check_heap_object+0xe3/0x120\n\n4,1320,531166661,-; check_heap_object+0x185/0x1d0\n\n4,1321,531166670,-; __check_object_size.part.0+0x72/0x150\n\n4,1322,531166679,-; __check_object_size+0x23/0x30\n\n4,1323,531166688,-; bsg_transport_sg_io_fn+0x314/0x3b0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21873",
"url": "https://www.suse.com/security/cve/CVE-2025-21873"
},
{
"category": "external",
"summary": "SUSE Bug 1240184 for CVE-2025-21873",
"url": "https://bugzilla.suse.com/1240184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21873"
},
{
"cve": "CVE-2025-21875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: always handle address removal under msk socket lock\n\nSyzkaller reported a lockdep splat in the PM control path:\n\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sock_owned_by_me include/net/sock.h:1711 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Modules linked in:\n CPU: 0 UID: 0 PID: 6693 Comm: syz.0.205 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\n RIP: 0010:sock_owned_by_me include/net/sock.h:1711 [inline]\n RIP: 0010:msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n RIP: 0010:mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ca 7b d3 f5 eb b9 e8 c3 7b d3 f5 90 0f 0b 90 e9 dd fb ff ff e8 b5 7b d3 f5 90 \u003c0f\u003e 0b 90 e9 3e fb ff ff 44 89 f1 80 e1 07 38 c1 0f 8c eb fb ff ff\n RSP: 0000:ffffc900034f6f60 EFLAGS: 00010283\n RAX: ffffffff8bee3c2b RBX: 0000000000000001 RCX: 0000000000080000\n RDX: ffffc90004d42000 RSI: 000000000000a407 RDI: 000000000000a408\n RBP: ffffc900034f7030 R08: ffffffff8bee37f6 R09: 0100000000000000\n R10: dffffc0000000000 R11: ffffed100bcc62e4 R12: ffff88805e6316e0\n R13: ffff88805e630c00 R14: dffffc0000000000 R15: ffff88805e630c00\n FS: 00007f7e9a7e96c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000001b2fd18ff8 CR3: 0000000032c24000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n mptcp_pm_remove_addr+0x103/0x1d0 net/mptcp/pm.c:59\n mptcp_pm_remove_anno_addr+0x1f4/0x2f0 net/mptcp/pm_netlink.c:1486\n mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_netlink.c:1518 [inline]\n mptcp_pm_nl_del_addr_doit+0x118d/0x1af0 net/mptcp/pm_netlink.c:1629\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb1f/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x206/0x480 net/netlink/af_netlink.c:2543\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:733\n ____sys_sendmsg+0x53a/0x860 net/socket.c:2573\n ___sys_sendmsg net/socket.c:2627 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f7e9998cde9\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f7e9a7e9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f7e99ba5fa0 RCX: 00007f7e9998cde9\n RDX: 000000002000c094 RSI: 0000400000000000 RDI: 0000000000000007\n RBP: 00007f7e99a0e2a0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 0000000000000000 R14: 00007f7e99ba5fa0 R15: 00007fff49231088\n\nIndeed the PM can try to send a RM_ADDR over a msk without acquiring\nfirst the msk socket lock.\n\nThe bugged code-path comes from an early optimization: when there\nare no subflows, the PM should (usually) not send RM_ADDR\nnotifications.\n\nThe above statement is incorrect, as without locks another process\ncould concur\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21875",
"url": "https://www.suse.com/security/cve/CVE-2025-21875"
},
{
"category": "external",
"summary": "SUSE Bug 1240168 for CVE-2025-21875",
"url": "https://bugzilla.suse.com/1240168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21875"
},
{
"cve": "CVE-2025-21876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix suspicious RCU usage\n\nCommit \u003cd74169ceb0d2\u003e (\"iommu/vt-d: Allocate DMAR fault interrupts\nlocally\") moved the call to enable_drhd_fault_handling() to a code\npath that does not hold any lock while traversing the drhd list. Fix\nit by ensuring the dmar_global_lock lock is held when traversing the\ndrhd list.\n\nWithout this fix, the following warning is triggered:\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3 #55 Not tainted\n -----------------------------\n drivers/iommu/intel/dmar.c:2046 RCU-list traversed in non-reader section!!\n other info that might help us debug this:\n rcu_scheduler_active = 1, debug_locks = 1\n 2 locks held by cpuhp/1/23:\n #0: ffffffff84a67c50 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n #1: ffffffff84a6a380 (cpuhp_state-up){+.+.}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n stack backtrace:\n CPU: 1 UID: 0 PID: 23 Comm: cpuhp/1 Not tainted 6.14.0-rc3 #55\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xb7/0xd0\n lockdep_rcu_suspicious+0x159/0x1f0\n ? __pfx_enable_drhd_fault_handling+0x10/0x10\n enable_drhd_fault_handling+0x151/0x180\n cpuhp_invoke_callback+0x1df/0x990\n cpuhp_thread_fun+0x1ea/0x2c0\n smpboot_thread_fn+0x1f5/0x2e0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n kthread+0x12a/0x2d0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4a/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nHolding the lock in enable_drhd_fault_handling() triggers a lockdep splat\nabout a possible deadlock between dmar_global_lock and cpu_hotplug_lock.\nThis is avoided by not holding dmar_global_lock when calling\niommu_device_register(), which initiates the device probe process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21876",
"url": "https://www.suse.com/security/cve/CVE-2025-21876"
},
{
"category": "external",
"summary": "SUSE Bug 1240179 for CVE-2025-21876",
"url": "https://bugzilla.suse.com/1240179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21876"
},
{
"cve": "CVE-2025-21877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: gl620a: fix endpoint checking in genelink_bind()\n\nSyzbot reports [1] a warning in usb_submit_urb() triggered by\ninconsistencies between expected and actually present endpoints\nin gl620a driver. Since genelink_bind() does not properly\nverify whether specified eps are in fact provided by the device,\nin this case, an artificially manufactured one, one may get a\nmismatch.\n\nFix the issue by resorting to a usbnet utility function\nusbnet_get_endpoints(), usually reserved for this very problem.\nCheck for endpoints and return early before proceeding further if\nany are missing.\n\n[1] Syzbot report:\nusb 5-1: Manufacturer: syz\nusb 5-1: SerialNumber: syz\nusb 5-1: config 0 descriptor??\ngl620a 5-1:0.23 usb0: register \u0027gl620a\u0027 at usb-dummy_hcd.0-1, ...\n------------[ cut here ]------------\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 2 PID: 1841 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nModules linked in:\nCPU: 2 UID: 0 PID: 1841 Comm: kworker/2:2 Not tainted 6.12.0-syzkaller-07834-g06afb0f36106 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: mld mld_ifc_work\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n usbnet_start_xmit+0x6be/0x2780 drivers/net/usb/usbnet.c:1467\n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n xmit_one net/core/dev.c:3590 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3606\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:3827 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4400\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_resolve_output net/core/neighbour.c:1514 [inline]\n neigh_resolve_output+0x5bc/0x950 net/core/neighbour.c:1494\n neigh_output include/net/neighbour.h:539 [inline]\n ip6_finish_output2+0xb1b/0x2070 net/ipv6/ip6_output.c:141\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\n ip6_finish_output+0x3f9/0x1360 net/ipv6/ip6_output.c:226\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip6_output+0x1f8/0x540 net/ipv6/ip6_output.c:247\n dst_output include/net/dst.h:450 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n mld_sendpack+0x9f0/0x11d0 net/ipv6/mcast.c:1819\n mld_send_cr net/ipv6/mcast.c:2120 [inline]\n mld_ifc_work+0x740/0xca0 net/ipv6/mcast.c:2651\n process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21877",
"url": "https://www.suse.com/security/cve/CVE-2025-21877"
},
{
"category": "external",
"summary": "SUSE Bug 1240172 for CVE-2025-21877",
"url": "https://bugzilla.suse.com/1240172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21877"
},
{
"cve": "CVE-2025-21878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: npcm: disable interrupt enable bit before devm_request_irq\n\nThe customer reports that there is a soft lockup issue related to\nthe i2c driver. After checking, the i2c module was doing a tx transfer\nand the bmc machine reboots in the middle of the i2c transaction, the i2c\nmodule keeps the status without being reset.\n\nDue to such an i2c module status, the i2c irq handler keeps getting\ntriggered since the i2c irq handler is registered in the kernel booting\nprocess after the bmc machine is doing a warm rebooting.\nThe continuous triggering is stopped by the soft lockup watchdog timer.\n\nDisable the interrupt enable bit in the i2c module before calling\ndevm_request_irq to fix this issue since the i2c relative status bit\nis read-only.\n\nHere is the soft lockup log.\n[ 28.176395] watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [swapper/0:1]\n[ 28.183351] Modules linked in:\n[ 28.186407] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.15.120-yocto-s-dirty-bbebc78 #1\n[ 28.201174] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 28.208128] pc : __do_softirq+0xb0/0x368\n[ 28.212055] lr : __do_softirq+0x70/0x368\n[ 28.215972] sp : ffffff8035ebca00\n[ 28.219278] x29: ffffff8035ebca00 x28: 0000000000000002 x27: ffffff80071a3780\n[ 28.226412] x26: ffffffc008bdc000 x25: ffffffc008bcc640 x24: ffffffc008be50c0\n[ 28.233546] x23: ffffffc00800200c x22: 0000000000000000 x21: 000000000000001b\n[ 28.240679] x20: 0000000000000000 x19: ffffff80001c3200 x18: ffffffffffffffff\n[ 28.247812] x17: ffffffc02d2e0000 x16: ffffff8035eb8b40 x15: 00001e8480000000\n[ 28.254945] x14: 02c3647e37dbfcb6 x13: 02c364f2ab14200c x12: 0000000002c364f2\n[ 28.262078] x11: 00000000fa83b2da x10: 000000000000b67e x9 : ffffffc008010250\n[ 28.269211] x8 : 000000009d983d00 x7 : 7fffffffffffffff x6 : 0000036d74732434\n[ 28.276344] x5 : 00ffffffffffffff x4 : 0000000000000015 x3 : 0000000000000198\n[ 28.283476] x2 : ffffffc02d2e0000 x1 : 00000000000000e0 x0 : ffffffc008bdcb40\n[ 28.290611] Call trace:\n[ 28.293052] __do_softirq+0xb0/0x368\n[ 28.296625] __irq_exit_rcu+0xe0/0x100\n[ 28.300374] irq_exit+0x14/0x20\n[ 28.303513] handle_domain_irq+0x68/0x90\n[ 28.307440] gic_handle_irq+0x78/0xb0\n[ 28.311098] call_on_irq_stack+0x20/0x38\n[ 28.315019] do_interrupt_handler+0x54/0x5c\n[ 28.319199] el1_interrupt+0x2c/0x4c\n[ 28.322777] el1h_64_irq_handler+0x14/0x20\n[ 28.326872] el1h_64_irq+0x74/0x78\n[ 28.330269] __setup_irq+0x454/0x780\n[ 28.333841] request_threaded_irq+0xd0/0x1b4\n[ 28.338107] devm_request_threaded_irq+0x84/0x100\n[ 28.342809] npcm_i2c_probe_bus+0x188/0x3d0\n[ 28.346990] platform_probe+0x6c/0xc4\n[ 28.350653] really_probe+0xcc/0x45c\n[ 28.354227] __driver_probe_device+0x8c/0x160\n[ 28.358578] driver_probe_device+0x44/0xe0\n[ 28.362670] __driver_attach+0x124/0x1d0\n[ 28.366589] bus_for_each_dev+0x7c/0xe0\n[ 28.370426] driver_attach+0x28/0x30\n[ 28.373997] bus_add_driver+0x124/0x240\n[ 28.377830] driver_register+0x7c/0x124\n[ 28.381662] __platform_driver_register+0x2c/0x34\n[ 28.386362] npcm_i2c_init+0x3c/0x5c\n[ 28.389937] do_one_initcall+0x74/0x230\n[ 28.393768] kernel_init_freeable+0x24c/0x2b4\n[ 28.398126] kernel_init+0x28/0x130\n[ 28.401614] ret_from_fork+0x10/0x20\n[ 28.405189] Kernel panic - not syncing: softlockup: hung tasks\n[ 28.411011] SMP: stopping secondary CPUs\n[ 28.414933] Kernel Offset: disabled\n[ 28.418412] CPU features: 0x00000000,00000802\n[ 28.427644] Rebooting in 20 seconds..",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21878",
"url": "https://www.suse.com/security/cve/CVE-2025-21878"
},
{
"category": "external",
"summary": "SUSE Bug 1240192 for CVE-2025-21878",
"url": "https://bugzilla.suse.com/1240192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21878"
},
{
"cve": "CVE-2025-21881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuprobes: Reject the shared zeropage in uprobe_write_opcode()\n\nWe triggered the following crash in syzkaller tests:\n\n BUG: Bad page state in process syz.7.38 pfn:1eff3\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1eff3\n flags: 0x3fffff00004004(referenced|reserved|node=0|zone=1|lastcpupid=0x1fffff)\n raw: 003fffff00004004 ffffe6c6c07bfcc8 ffffe6c6c07bfcc8 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000fffffffe 0000000000000000\n page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x32/0x50\n bad_page+0x69/0xf0\n free_unref_page_prepare+0x401/0x500\n free_unref_page+0x6d/0x1b0\n uprobe_write_opcode+0x460/0x8e0\n install_breakpoint.part.0+0x51/0x80\n register_for_each_vma+0x1d9/0x2b0\n __uprobe_register+0x245/0x300\n bpf_uprobe_multi_link_attach+0x29b/0x4f0\n link_create+0x1e2/0x280\n __sys_bpf+0x75f/0xac0\n __x64_sys_bpf+0x1a/0x30\n do_syscall_64+0x56/0x100\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\n BUG: Bad rss-counter state mm:00000000452453e0 type:MM_FILEPAGES val:-1\n\nThe following syzkaller test case can be used to reproduce:\n\n r2 = creat(\u0026(0x7f0000000000)=\u0027./file0\\x00\u0027, 0x8)\n write$nbd(r2, \u0026(0x7f0000000580)=ANY=[], 0x10)\n r4 = openat(0xffffffffffffff9c, \u0026(0x7f0000000040)=\u0027./file0\\x00\u0027, 0x42, 0x0)\n mmap$IORING_OFF_SQ_RING(\u0026(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0)\n r5 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r5, 0xc018aa3f, \u0026(0x7f0000000040)={0xaa, 0x20})\n r6 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r6, 0xc018aa3f, \u0026(0x7f0000000140))\n ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, \u0026(0x7f0000000100)={{\u0026(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x2})\n ioctl$UFFDIO_ZEROPAGE(r5, 0xc020aa04, \u0026(0x7f0000000000)={{\u0026(0x7f0000ffd000/0x1000)=nil, 0x1000}})\n r7 = bpf$PROG_LOAD(0x5, \u0026(0x7f0000000140)={0x2, 0x3, \u0026(0x7f0000000200)=ANY=[@ANYBLOB=\"1800000000120000000000000000000095\"], \u0026(0x7f0000000000)=\u0027GPL\\x00\u0027, 0x7, 0x0, 0x0, 0x0, 0x0, \u0027\\x00\u0027, 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)\n bpf$BPF_LINK_CREATE_XDP(0x1c, \u0026(0x7f0000000040)={r7, 0x0, 0x30, 0x1e, @val=@uprobe_multi={\u0026(0x7f0000000080)=\u0027./file0\\x00\u0027, \u0026(0x7f0000000100)=[0x2], 0x0, 0x0, 0x1}}, 0x40)\n\nThe cause is that zero pfn is set to the PTE without increasing the RSS\ncount in mfill_atomic_pte_zeropage() and the refcount of zero folio does\nnot increase accordingly. Then, the operation on the same pfn is performed\nin uprobe_write_opcode()-\u003e__replace_page() to unconditional decrease the\nRSS count and old_folio\u0027s refcount.\n\nTherefore, two bugs are introduced:\n\n 1. The RSS count is incorrect, when process exit, the check_mm() report\n error \"Bad rss-count\".\n\n 2. The reserved folio (zero folio) is freed when folio-\u003erefcount is zero,\n then free_pages_prepare-\u003efree_page_is_bad() report error\n \"Bad page state\".\n\nThere is more, the following warning could also theoretically be triggered:\n\n __replace_page()\n -\u003e ...\n -\u003e folio_remove_rmap_pte()\n -\u003e VM_WARN_ON_FOLIO(is_zero_folio(folio), folio)\n\nConsidering that uprobe hit on the zero folio is a very rare case, just\nreject zero old folio immediately after get_user_page_vma_remote().\n\n[ mingo: Cleaned up the changelog ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21881",
"url": "https://www.suse.com/security/cve/CVE-2025-21881"
},
{
"category": "external",
"summary": "SUSE Bug 1240185 for CVE-2025-21881",
"url": "https://bugzilla.suse.com/1240185"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21881"
},
{
"cve": "CVE-2025-21882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21882"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix vport QoS cleanup on error\n\nWhen enabling vport QoS fails, the scheduling node was never freed,\ncausing a leak.\n\nAdd the missing free and reset the vport scheduling node pointer to\nNULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21882",
"url": "https://www.suse.com/security/cve/CVE-2025-21882"
},
{
"category": "external",
"summary": "SUSE Bug 1240187 for CVE-2025-21882",
"url": "https://bugzilla.suse.com/1240187"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21882"
},
{
"cve": "CVE-2025-21883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix deinitializing VF in error path\n\nIf ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees\nall VFs without removing them from snapshot PF-VF mailbox list, leading\nto list corruption.\n\nReproducer:\n devlink dev eswitch set $PF1_PCI mode switchdev\n ip l s $PF1 up\n ip l s $PF1 promisc on\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n\nTrace (minimized):\n list_add corruption. next-\u003eprev should be prev (ffff8882e241c6f0), but was 0000000000000000. (next=ffff888455da1330).\n kernel BUG at lib/list_debug.c:29!\n RIP: 0010:__list_add_valid_or_report+0xa6/0x100\n ice_mbx_init_vf_info+0xa7/0x180 [ice]\n ice_initialize_vf_entry+0x1fa/0x250 [ice]\n ice_sriov_configure+0x8d7/0x1520 [ice]\n ? __percpu_ref_switch_mode+0x1b1/0x5d0\n ? __pfx_ice_sriov_configure+0x10/0x10 [ice]\n\nSometimes a KASAN report can be seen instead with a similar stack trace:\n BUG: KASAN: use-after-free in __list_add_valid_or_report+0xf1/0x100\n\nVFs are added to this list in ice_mbx_init_vf_info(), but only removed\nin ice_free_vfs(). Move the removing to ice_free_vf_entries(), which is\nalso being called in other places where VFs are being removed (including\nice_free_vfs() itself).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21883",
"url": "https://www.suse.com/security/cve/CVE-2025-21883"
},
{
"category": "external",
"summary": "SUSE Bug 1240189 for CVE-2025-21883",
"url": "https://bugzilla.suse.com/1240189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21883"
},
{
"cve": "CVE-2025-21884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: better track kernel sockets lifetime\n\nWhile kernel sockets are dismantled during pernet_operations-\u003eexit(),\ntheir freeing can be delayed by any tx packets still held in qdisc\nor device queues, due to skb_set_owner_w() prior calls.\n\nThis then trigger the following warning from ref_tracker_dir_exit() [1]\n\nTo fix this, make sure that kernel sockets own a reference on net-\u003epassive.\n\nAdd sk_net_refcnt_upgrade() helper, used whenever a kernel socket\nis converted to a refcounted one.\n\n[1]\n\n[ 136.263918][ T35] ref_tracker: net notrefcnt@ffff8880638f01e0 has 1/2 users at\n[ 136.263918][ T35] sk_alloc+0x2b3/0x370\n[ 136.263918][ T35] inet6_create+0x6ce/0x10f0\n[ 136.263918][ T35] __sock_create+0x4c0/0xa30\n[ 136.263918][ T35] inet_ctl_sock_create+0xc2/0x250\n[ 136.263918][ T35] igmp6_net_init+0x39/0x390\n[ 136.263918][ T35] ops_init+0x31e/0x590\n[ 136.263918][ T35] setup_net+0x287/0x9e0\n[ 136.263918][ T35] copy_net_ns+0x33f/0x570\n[ 136.263918][ T35] create_new_namespaces+0x425/0x7b0\n[ 136.263918][ T35] unshare_nsproxy_namespaces+0x124/0x180\n[ 136.263918][ T35] ksys_unshare+0x57d/0xa70\n[ 136.263918][ T35] __x64_sys_unshare+0x38/0x40\n[ 136.263918][ T35] do_syscall_64+0xf3/0x230\n[ 136.263918][ T35] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 136.263918][ T35]\n[ 136.343488][ T35] ref_tracker: net notrefcnt@ffff8880638f01e0 has 1/2 users at\n[ 136.343488][ T35] sk_alloc+0x2b3/0x370\n[ 136.343488][ T35] inet6_create+0x6ce/0x10f0\n[ 136.343488][ T35] __sock_create+0x4c0/0xa30\n[ 136.343488][ T35] inet_ctl_sock_create+0xc2/0x250\n[ 136.343488][ T35] ndisc_net_init+0xa7/0x2b0\n[ 136.343488][ T35] ops_init+0x31e/0x590\n[ 136.343488][ T35] setup_net+0x287/0x9e0\n[ 136.343488][ T35] copy_net_ns+0x33f/0x570\n[ 136.343488][ T35] create_new_namespaces+0x425/0x7b0\n[ 136.343488][ T35] unshare_nsproxy_namespaces+0x124/0x180\n[ 136.343488][ T35] ksys_unshare+0x57d/0xa70\n[ 136.343488][ T35] __x64_sys_unshare+0x38/0x40\n[ 136.343488][ T35] do_syscall_64+0xf3/0x230\n[ 136.343488][ T35] entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21884",
"url": "https://www.suse.com/security/cve/CVE-2025-21884"
},
{
"category": "external",
"summary": "SUSE Bug 1240171 for CVE-2025-21884",
"url": "https://bugzilla.suse.com/1240171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21884"
},
{
"cve": "CVE-2025-21885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix the page details for the srq created by kernel consumers\n\nWhile using nvme target with use_srq on, below kernel panic is noticed.\n\n[ 549.698111] bnxt_en 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91 RS(544,514)\n[ 566.393619] Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n..\n[ 566.393799] \u003cTASK\u003e\n[ 566.393807] ? __die_body+0x1a/0x60\n[ 566.393823] ? die+0x38/0x60\n[ 566.393835] ? do_trap+0xe4/0x110\n[ 566.393847] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393867] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393881] ? do_error_trap+0x7c/0x120\n[ 566.393890] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393911] ? exc_divide_error+0x34/0x50\n[ 566.393923] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393939] ? asm_exc_divide_error+0x16/0x20\n[ 566.393966] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393997] bnxt_qplib_create_srq+0xc9/0x340 [bnxt_re]\n[ 566.394040] bnxt_re_create_srq+0x335/0x3b0 [bnxt_re]\n[ 566.394057] ? srso_return_thunk+0x5/0x5f\n[ 566.394068] ? __init_swait_queue_head+0x4a/0x60\n[ 566.394090] ib_create_srq_user+0xa7/0x150 [ib_core]\n[ 566.394147] nvmet_rdma_queue_connect+0x7d0/0xbe0 [nvmet_rdma]\n[ 566.394174] ? lock_release+0x22c/0x3f0\n[ 566.394187] ? srso_return_thunk+0x5/0x5f\n\nPage size and shift info is set only for the user space SRQs.\nSet page size and page shift for kernel space SRQs also.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21885",
"url": "https://www.suse.com/security/cve/CVE-2025-21885"
},
{
"category": "external",
"summary": "SUSE Bug 1240169 for CVE-2025-21885",
"url": "https://bugzilla.suse.com/1240169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21885"
},
{
"cve": "CVE-2025-21886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP hang on parent deregistration\n\nFix the destroy_unused_implicit_child_mr() to prevent hanging during\nparent deregistration as of below [1].\n\nUpon entering destroy_unused_implicit_child_mr(), the reference count\nfor the implicit MR parent is incremented using:\nrefcount_inc_not_zero().\n\nA corresponding decrement must be performed if\nfree_implicit_child_mr_work() is not called.\n\nThe code has been updated to properly manage the reference count that\nwas incremented.\n\n[1]\nINFO: task python3:2157 blocked for more than 120 seconds.\nNot tainted 6.12.0-rc7+ #1633\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:python3 state:D stack:0 pid:2157 tgid:2157 ppid:1685 flags:0x00000000\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\n__mlx5_ib_dereg_mr+0x379/0x5d0 [mlx5_ib]\n? __pfx_autoremove_wake_function+0x10/0x10\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n __x64_sys_ioctl+0x1b0/0xa70\n? kmem_cache_free+0x221/0x400\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f20f21f017b\nRSP: 002b:00007ffcfc4a77c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffcfc4a78d8 RCX: 00007f20f21f017b\nRDX: 00007ffcfc4a78c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffcfc4a78a0 R08: 000056147d125190 R09: 00007f20f1f14c60\nR10: 0000000000000001 R11: 0000000000000246 R12: 00007ffcfc4a7890\nR13: 000000000000001c R14: 000056147d100fc0 R15: 00007f20e365c9d0\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21886",
"url": "https://www.suse.com/security/cve/CVE-2025-21886"
},
{
"category": "external",
"summary": "SUSE Bug 1240188 for CVE-2025-21886",
"url": "https://bugzilla.suse.com/1240188"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21886"
},
{
"cve": "CVE-2025-21887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up\n\nThe issue was caused by dput(upper) being called before\novl_dentry_update_reval(), while upper-\u003ed_flags was still\naccessed in ovl_dentry_remote().\n\nMove dput(upper) after its last use to prevent use-after-free.\n\nBUG: KASAN: slab-use-after-free in ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\nBUG: KASAN: slab-use-after-free in ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\n ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n ovl_link_up fs/overlayfs/copy_up.c:610 [inline]\n ovl_copy_up_one+0x2105/0x3490 fs/overlayfs/copy_up.c:1170\n ovl_copy_up_flags+0x18d/0x200 fs/overlayfs/copy_up.c:1223\n ovl_rename+0x39e/0x18c0 fs/overlayfs/dir.c:1136\n vfs_rename+0xf84/0x20a0 fs/namei.c:4893\n...\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21887",
"url": "https://www.suse.com/security/cve/CVE-2025-21887"
},
{
"category": "external",
"summary": "SUSE Bug 1240176 for CVE-2025-21887",
"url": "https://bugzilla.suse.com/1240176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21887"
},
{
"cve": "CVE-2025-21888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a WARN during dereg_mr for DM type\n\nMemory regions (MR) of type DM (device memory) do not have an associated\numem.\n\nIn the __mlx5_ib_dereg_mr() -\u003e mlx5_free_priv_descs() flow, the code\nincorrectly takes the wrong branch, attempting to call\ndma_unmap_single() on a DMA address that is not mapped.\n\nThis results in a WARN [1], as shown below.\n\nThe issue is resolved by properly accounting for the DM type and\nensuring the correct branch is selected in mlx5_free_priv_descs().\n\n[1]\nWARNING: CPU: 12 PID: 1346 at drivers/iommu/dma-iommu.c:1230 iommu_dma_unmap_page+0x79/0x90\nModules linked in: ip6table_mangle ip6table_nat ip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry ovelay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\nCPU: 12 UID: 0 PID: 1346 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1631\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:iommu_dma_unmap_page+0x79/0x90\nCode: 2b 49 3b 29 72 26 49 3b 69 08 73 20 4d 89 f0 44 89 e9 4c 89 e2 48 89 ee 48 89 df 5b 5d 41 5c 41 5d 41 5e 41 5f e9 07 b8 88 ff \u003c0f\u003e 0b 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 66 0f 1f 44 00\nRSP: 0018:ffffc90001913a10 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88810194b0a8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001\nRBP: ffff88810194b0a8 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f537abdd740(0000) GS:ffff88885fb00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f537aeb8000 CR3: 000000010c248001 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n? __warn+0x84/0x190\n? iommu_dma_unmap_page+0x79/0x90\n? report_bug+0xf8/0x1c0\n? handle_bug+0x55/0x90\n? exc_invalid_op+0x13/0x60\n? asm_exc_invalid_op+0x16/0x20\n? iommu_dma_unmap_page+0x79/0x90\ndma_unmap_page_attrs+0xe6/0x290\nmlx5_free_priv_descs+0xb0/0xe0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x37e/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f537adaf17b\nCode: 0f 1e fa 48 8b 05 1d ad 0c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ed ac 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffff218f0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffff218f1d8 RCX: 00007f537adaf17b\nRDX: 00007ffff218f1c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffff218f1a0 R08: 00007f537aa8d010 R09: 0000561ee2e4f270\nR10: 00007f537aace3a8 R11: 0000000000000246 R12: 00007ffff218f190\nR13: 000000000000001c R14: 0000561ee2e4d7c0 R15: 00007ffff218f450\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21888",
"url": "https://www.suse.com/security/cve/CVE-2025-21888"
},
{
"category": "external",
"summary": "SUSE Bug 1240177 for CVE-2025-21888",
"url": "https://bugzilla.suse.com/1240177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21888"
},
{
"cve": "CVE-2025-21889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Add RCU read lock protection to perf_iterate_ctx()\n\nThe perf_iterate_ctx() function performs RCU list traversal but\ncurrently lacks RCU read lock protection. This causes lockdep warnings\nwhen running perf probe with unshare(1) under CONFIG_PROVE_RCU_LIST=y:\n\n\tWARNING: suspicious RCU usage\n\tkernel/events/core.c:8168 RCU-list traversed in non-reader section!!\n\n\t Call Trace:\n\t lockdep_rcu_suspicious\n\t ? perf_event_addr_filters_apply\n\t perf_iterate_ctx\n\t perf_event_exec\n\t begin_new_exec\n\t ? load_elf_phdrs\n\t load_elf_binary\n\t ? lock_acquire\n\t ? find_held_lock\n\t ? bprm_execve\n\t bprm_execve\n\t do_execveat_common.isra.0\n\t __x64_sys_execve\n\t do_syscall_64\n\t entry_SYSCALL_64_after_hwframe\n\nThis protection was previously present but was removed in commit\nbd2756811766 (\"perf: Rewrite core context handling\"). Add back the\nnecessary rcu_read_lock()/rcu_read_unlock() pair around\nperf_iterate_ctx() call in perf_event_exec().\n\n[ mingo: Use scoped_guard() as suggested by Peter ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21889",
"url": "https://www.suse.com/security/cve/CVE-2025-21889"
},
{
"category": "external",
"summary": "SUSE Bug 1240167 for CVE-2025-21889",
"url": "https://bugzilla.suse.com/1240167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21889"
},
{
"cve": "CVE-2025-21890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix checksums set in idpf_rx_rsc()\n\nidpf_rx_rsc() uses skb_transport_offset(skb) while the transport header\nis not set yet.\n\nThis triggers the following warning for CONFIG_DEBUG_NET=y builds.\n\nDEBUG_NET_WARN_ON_ONCE(!skb_transport_header_was_set(skb))\n\n[ 69.261620] WARNING: CPU: 7 PID: 0 at ./include/linux/skbuff.h:3020 idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261629] Modules linked in: vfat fat dummy bridge intel_uncore_frequency_tpmi intel_uncore_frequency_common intel_vsec_tpmi idpf intel_vsec cdc_ncm cdc_eem cdc_ether usbnet mii xhci_pci xhci_hcd ehci_pci ehci_hcd libeth\n[ 69.261644] CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Tainted: G S W 6.14.0-smp-DEV #1697\n[ 69.261648] Tainted: [S]=CPU_OUT_OF_SPEC, [W]=WARN\n[ 69.261650] RIP: 0010:idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261677] ? __warn (kernel/panic.c:242 kernel/panic.c:748)\n[ 69.261682] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261687] ? report_bug (lib/bug.c:?)\n[ 69.261690] ? handle_bug (arch/x86/kernel/traps.c:285)\n[ 69.261694] ? exc_invalid_op (arch/x86/kernel/traps.c:309)\n[ 69.261697] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)\n[ 69.261700] ? __pfx_idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:4011) idpf\n[ 69.261704] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261708] ? idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:3072) idpf\n[ 69.261712] __napi_poll (net/core/dev.c:7194)\n[ 69.261716] net_rx_action (net/core/dev.c:7265)\n[ 69.261718] ? __qdisc_run (net/sched/sch_generic.c:293)\n[ 69.261721] ? sched_clock (arch/x86/include/asm/preempt.h:84 arch/x86/kernel/tsc.c:288)\n[ 69.261726] handle_softirqs (kernel/softirq.c:561)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21890",
"url": "https://www.suse.com/security/cve/CVE-2025-21890"
},
{
"category": "external",
"summary": "SUSE Bug 1240173 for CVE-2025-21890",
"url": "https://bugzilla.suse.com/1240173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21890"
},
{
"cve": "CVE-2025-21891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: ensure network headers are in skb linear part\n\nsyzbot found that ipvlan_process_v6_outbound() was assuming\nthe IPv6 network header isis present in skb-\u003ehead [1]\n\nAdd the needed pskb_network_may_pull() calls for both\nIPv4 and IPv6 handlers.\n\n[1]\nBUG: KMSAN: uninit-value in __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n ipv6_addr_type include/net/ipv6.h:555 [inline]\n ip6_route_output_flags_noref net/ipv6/route.c:2616 [inline]\n ip6_route_output_flags+0x51/0x720 net/ipv6/route.c:2651\n ip6_route_output include/net/ip6_route.h:93 [inline]\n ipvlan_route_v6_outbound+0x24e/0x520 drivers/net/ipvlan/ipvlan_core.c:476\n ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:491 [inline]\n ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:541 [inline]\n ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:605 [inline]\n ipvlan_queue_xmit+0xd72/0x1780 drivers/net/ipvlan/ipvlan_core.c:671\n ipvlan_start_xmit+0x5b/0x210 drivers/net/ipvlan/ipvlan_main.c:223\n __netdev_start_xmit include/linux/netdevice.h:5150 [inline]\n netdev_start_xmit include/linux/netdevice.h:5159 [inline]\n xmit_one net/core/dev.c:3735 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3751\n sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343\n qdisc_restart net/sched/sch_generic.c:408 [inline]\n __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416\n qdisc_run+0x141/0x4d0 include/net/pkt_sched.h:127\n net_tx_action+0x78b/0x940 net/core/dev.c:5484\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4611\n dev_queue_xmit include/linux/netdevice.h:3311 [inline]\n packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3132 [inline]\n packet_sendmsg+0x93e0/0xa7e0 net/packet/af_packet.c:3164\n sock_sendmsg_nosec net/socket.c:718 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21891",
"url": "https://www.suse.com/security/cve/CVE-2025-21891"
},
{
"category": "external",
"summary": "SUSE Bug 1240186 for CVE-2025-21891",
"url": "https://bugzilla.suse.com/1240186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21891"
},
{
"cve": "CVE-2025-21892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix the recovery flow of the UMR QP\n\nThis patch addresses an issue in the recovery flow of the UMR QP,\nensuring tasks do not get stuck, as highlighted by the call trace [1].\n\nDuring recovery, before transitioning the QP to the RESET state, the\nsoftware must wait for all outstanding WRs to complete.\n\nFailing to do so can cause the firmware to skip sending some flushed\nCQEs with errors and simply discard them upon the RESET, as per the IB\nspecification.\n\nThis race condition can result in lost CQEs and tasks becoming stuck.\n\nTo resolve this, the patch sends a final WR which serves only as a\nbarrier before moving the QP state to RESET.\n\nOnce a CQE is received for that final WR, it guarantees that no\noutstanding WRs remain, making it safe to transition the QP to RESET and\nsubsequently back to RTS, restoring proper functionality.\n\nNote:\nFor the barrier WR, we simply reuse the failed and ready WR.\nSince the QP is in an error state, it will only receive\nIB_WC_WR_FLUSH_ERR. However, as it serves only as a barrier we don\u0027t\ncare about its status.\n\n[1]\nINFO: task rdma_resource_l:1922 blocked for more than 120 seconds.\nTainted: G W 6.12.0-rc7+ #1626\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:rdma_resource_l state:D stack:0 pid:1922 tgid:1922 ppid:1369\n flags:0x00004004\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\nschedule_timeout+0x280/0x300\n? mark_held_locks+0x48/0x80\n? lockdep_hardirqs_on_prepare+0xe5/0x1a0\nwait_for_completion+0x75/0x130\nmlx5r_umr_post_send_wait+0x3c2/0x5b0 [mlx5_ib]\n? __pfx_mlx5r_umr_done+0x10/0x10 [mlx5_ib]\nmlx5r_umr_revoke_mr+0x93/0xc0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x299/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? __lock_acquire+0x64e/0x2080\n? mark_held_locks+0x48/0x80\n? find_held_lock+0x2d/0xa0\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? __fget_files+0xc3/0x1b0\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f99c918b17b\nRSP: 002b:00007ffc766d0468 EFLAGS: 00000246 ORIG_RAX:\n 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffc766d0578 RCX:\n 00007f99c918b17b\nRDX: 00007ffc766d0560 RSI: 00000000c0181b01 RDI:\n 0000000000000003\nRBP: 00007ffc766d0540 R08: 00007f99c8f99010 R09:\n 000000000000bd7e\nR10: 00007f99c94c1c70 R11: 0000000000000246 R12:\n 00007ffc766d0530\nR13: 000000000000001c R14: 0000000040246a80 R15:\n 0000000000000000\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21892",
"url": "https://www.suse.com/security/cve/CVE-2025-21892"
},
{
"category": "external",
"summary": "SUSE Bug 1240175 for CVE-2025-21892",
"url": "https://bugzilla.suse.com/1240175"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21892"
},
{
"cve": "CVE-2025-21893",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21893"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkeys: Fix UAF in key_put()\n\nOnce a key\u0027s reference count has been reduced to 0, the garbage collector\nthread may destroy it at any time and so key_put() is not allowed to touch\nthe key after that point. The most key_put() is normally allowed to do is\nto touch key_gc_work as that\u0027s a static global variable.\n\nHowever, in an effort to speed up the reclamation of quota, this is now\ndone in key_put() once the key\u0027s usage is reduced to 0 - but now the code\nis looking at the key after the deadline, which is forbidden.\n\nFix this by using a flag to indicate that a key can be gc\u0027d now rather than\nlooking at the key\u0027s refcount in the garbage collector.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21893",
"url": "https://www.suse.com/security/cve/CVE-2025-21893"
},
{
"category": "external",
"summary": "SUSE Bug 1240427 for CVE-2025-21893",
"url": "https://bugzilla.suse.com/1240427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21893"
},
{
"cve": "CVE-2025-21894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC\n\nActually ENETC VFs do not support HWTSTAMP_TX_ONESTEP_SYNC because only\nENETC PF can access PMa_SINGLE_STEP registers. And there will be a crash\nif VFs are used to test one-step timestamp, the crash log as follows.\n\n[ 129.110909] Unable to handle kernel paging request at virtual address 00000000000080c0\n[ 129.287769] Call trace:\n[ 129.290219] enetc_port_mac_wr+0x30/0xec (P)\n[ 129.294504] enetc_start_xmit+0xda4/0xe74\n[ 129.298525] enetc_xmit+0x70/0xec\n[ 129.301848] dev_hard_start_xmit+0x98/0x118",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21894",
"url": "https://www.suse.com/security/cve/CVE-2025-21894"
},
{
"category": "external",
"summary": "SUSE Bug 1240581 for CVE-2025-21894",
"url": "https://bugzilla.suse.com/1240581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21894"
},
{
"cve": "CVE-2025-21895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21895"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Order the PMU list to fix warning about unordered pmu_ctx_list\n\nSyskaller triggers a warning due to prev_epc-\u003epmu != next_epc-\u003epmu in\nperf_event_swap_task_ctx_data(). vmcore shows that two lists have the same\nperf_event_pmu_context, but not in the same order.\n\nThe problem is that the order of pmu_ctx_list for the parent is impacted by\nthe time when an event/PMU is added. While the order for a child is\nimpacted by the event order in the pinned_groups and flexible_groups. So\nthe order of pmu_ctx_list in the parent and child may be different.\n\nTo fix this problem, insert the perf_event_pmu_context to its proper place\nafter iteration of the pmu_ctx_list.\n\nThe follow testcase can trigger above warning:\n\n # perf record -e cycles --call-graph lbr -- taskset -c 3 ./a.out \u0026\n # perf stat -e cpu-clock,cs -p xxx // xxx is the pid of a.out\n\n test.c\n\n void main() {\n int count = 0;\n pid_t pid;\n\n printf(\"%d running\\n\", getpid());\n sleep(30);\n printf(\"running\\n\");\n\n pid = fork();\n if (pid == -1) {\n printf(\"fork error\\n\");\n return;\n }\n if (pid == 0) {\n while (1) {\n count++;\n }\n } else {\n while (1) {\n count++;\n }\n }\n }\n\nThe testcase first opens an LBR event, so it will allocate task_ctx_data,\nand then open tracepoint and software events, so the parent context will\nhave 3 different perf_event_pmu_contexts. On inheritance, child ctx will\ninsert the perf_event_pmu_context in another order and the warning will\ntrigger.\n\n[ mingo: Tidied up the changelog. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21895",
"url": "https://www.suse.com/security/cve/CVE-2025-21895"
},
{
"category": "external",
"summary": "SUSE Bug 1240585 for CVE-2025-21895",
"url": "https://bugzilla.suse.com/1240585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21895"
},
{
"cve": "CVE-2025-21904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncaif_virtio: fix wrong pointer check in cfv_probe()\n\ndel_vqs() frees virtqueues, therefore cfv-\u003evq_tx pointer should be checked\nfor NULL before calling it, not cfv-\u003evdev. Also the current implementation\nis redundant because the pointer cfv-\u003evdev is dereferenced before it is\nchecked for NULL.\n\nFix this by checking cfv-\u003evq_tx for NULL instead of cfv-\u003evdev before\ncalling del_vqs().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21904",
"url": "https://www.suse.com/security/cve/CVE-2025-21904"
},
{
"category": "external",
"summary": "SUSE Bug 1240576 for CVE-2025-21904",
"url": "https://bugzilla.suse.com/1240576"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21904"
},
{
"cve": "CVE-2025-21905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: limit printed string from FW file\n\nThere\u0027s no guarantee here that the file is always with a\nNUL-termination, so reading the string may read beyond the\nend of the TLV. If that\u0027s the last TLV in the file, it can\nperhaps even read beyond the end of the file buffer.\n\nFix that by limiting the print format to the size of the\nbuffer we have.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21905",
"url": "https://www.suse.com/security/cve/CVE-2025-21905"
},
{
"category": "external",
"summary": "SUSE Bug 1240575 for CVE-2025-21905",
"url": "https://bugzilla.suse.com/1240575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21905"
},
{
"cve": "CVE-2025-21906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21906"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: clean up ROC on failure\n\nIf the firmware fails to start the session protection, then we\ndo call iwl_mvm_roc_finished() here, but that won\u0027t do anything\nat all because IWL_MVM_STATUS_ROC_P2P_RUNNING was never set.\nSet IWL_MVM_STATUS_ROC_P2P_RUNNING in the failure/stop path.\nIf it started successfully before, it\u0027s already set, so that\ndoesn\u0027t matter, and if it didn\u0027t start it needs to be set to\nclean up.\n\nNot doing so will lead to a WARN_ON() later on a fresh remain-\non-channel, since the link is already active when activated as\nit was never deactivated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21906",
"url": "https://www.suse.com/security/cve/CVE-2025-21906"
},
{
"category": "external",
"summary": "SUSE Bug 1240587 for CVE-2025-21906",
"url": "https://bugzilla.suse.com/1240587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21906"
},
{
"cve": "CVE-2025-21908",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21908"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: fix nfs_release_folio() to not deadlock via kcompactd writeback\n\nAdd PF_KCOMPACTD flag and current_is_kcompactd() helper to check for it so\nnfs_release_folio() can skip calling nfs_wb_folio() from kcompactd.\n\nOtherwise NFS can deadlock waiting for kcompactd enduced writeback which\nrecurses back to NFS (which triggers writeback to NFSD via NFS loopback\nmount on the same host, NFSD blocks waiting for XFS\u0027s call to\n__filemap_get_folio):\n\n6070.550357] INFO: task kcompactd0:58 blocked for more than 4435 seconds.\n\n{---\n[58] \"kcompactd0\"\n[\u003c0\u003e] folio_wait_bit+0xe8/0x200\n[\u003c0\u003e] folio_wait_writeback+0x2b/0x80\n[\u003c0\u003e] nfs_wb_folio+0x80/0x1b0 [nfs]\n[\u003c0\u003e] nfs_release_folio+0x68/0x130 [nfs]\n[\u003c0\u003e] split_huge_page_to_list_to_order+0x362/0x840\n[\u003c0\u003e] migrate_pages_batch+0x43d/0xb90\n[\u003c0\u003e] migrate_pages_sync+0x9a/0x240\n[\u003c0\u003e] migrate_pages+0x93c/0x9f0\n[\u003c0\u003e] compact_zone+0x8e2/0x1030\n[\u003c0\u003e] compact_node+0xdb/0x120\n[\u003c0\u003e] kcompactd+0x121/0x2e0\n[\u003c0\u003e] kthread+0xcf/0x100\n[\u003c0\u003e] ret_from_fork+0x31/0x40\n[\u003c0\u003e] ret_from_fork_asm+0x1a/0x30\n---}\n\n[akpm@linux-foundation.org: fix build]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21908",
"url": "https://www.suse.com/security/cve/CVE-2025-21908"
},
{
"category": "external",
"summary": "SUSE Bug 1240600 for CVE-2025-21908",
"url": "https://bugzilla.suse.com/1240600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21908"
},
{
"cve": "CVE-2025-21909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: reject cooked mode if it is set along with other flags\n\nIt is possible to set both MONITOR_FLAG_COOK_FRAMES and MONITOR_FLAG_ACTIVE\nflags simultaneously on the same monitor interface from the userspace. This\ncauses a sub-interface to be created with no IEEE80211_SDATA_IN_DRIVER bit\nset because the monitor interface is in the cooked state and it takes\nprecedence over all other states. When the interface is then being deleted\nthe kernel calls WARN_ONCE() from check_sdata_in_driver() because of missing\nthat bit.\n\nFix this by rejecting MONITOR_FLAG_COOK_FRAMES if it is set along with\nother flags.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21909",
"url": "https://www.suse.com/security/cve/CVE-2025-21909"
},
{
"category": "external",
"summary": "SUSE Bug 1240590 for CVE-2025-21909",
"url": "https://bugzilla.suse.com/1240590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21909"
},
{
"cve": "CVE-2025-21910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: regulatory: improve invalid hints checking\n\nSyzbot keeps reporting an issue [1] that occurs when erroneous symbols\nsent from userspace get through into user_alpha2[] via\nregulatory_hint_user() call. Such invalid regulatory hints should be\nrejected.\n\nWhile a sanity check from commit 47caf685a685 (\"cfg80211: regulatory:\nreject invalid hints\") looks to be enough to deter these very cases,\nthere is a way to get around it due to 2 reasons.\n\n1) The way isalpha() works, symbols other than latin lower and\nupper letters may be used to determine a country/domain.\nFor instance, greek letters will also be considered upper/lower\nletters and for such characters isalpha() will return true as well.\nHowever, ISO-3166-1 alpha2 codes should only hold latin\ncharacters.\n\n2) While processing a user regulatory request, between\nreg_process_hint_user() and regulatory_hint_user() there happens to\nbe a call to queue_regulatory_request() which modifies letters in\nrequest-\u003ealpha2[] with toupper(). This works fine for latin symbols,\nless so for weird letter characters from the second part of _ctype[].\n\nSyzbot triggers a warning in is_user_regdom_saved() by first sending\nover an unexpected non-latin letter that gets malformed by toupper()\ninto a character that ends up failing isalpha() check.\n\nPrevent this by enhancing is_an_alpha2() to ensure that incoming\nsymbols are latin letters and nothing else.\n\n[1] Syzbot report:\n------------[ cut here ]------------\nUnexpected user alpha2: A\ufffd\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 is_user_regdom_saved net/wireless/reg.c:440 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_alpha2 net/wireless/reg.c:3424 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\nModules linked in:\nCPU: 1 UID: 0 PID: 964 Comm: kworker/1:2 Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: events_power_efficient crda_timeout_work\nRIP: 0010:is_user_regdom_saved net/wireless/reg.c:440 [inline]\nRIP: 0010:restore_alpha2 net/wireless/reg.c:3424 [inline]\nRIP: 0010:restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\n...\nCall Trace:\n \u003cTASK\u003e\n crda_timeout_work+0x27/0x50 net/wireless/reg.c:542\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f2/0x390 kernel/kthread.c:389\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21910",
"url": "https://www.suse.com/security/cve/CVE-2025-21910"
},
{
"category": "external",
"summary": "SUSE Bug 1240583 for CVE-2025-21910",
"url": "https://bugzilla.suse.com/1240583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21910"
},
{
"cve": "CVE-2025-21912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: rcar: Use raw_spinlock to protect register access\n\nUse raw_spinlock in order to fix spurious messages about invalid context\nwhen spinlock debugging is enabled. The lock is only used to serialize\nregister access.\n\n [ 4.239592] =============================\n [ 4.239595] [ BUG: Invalid wait context ]\n [ 4.239599] 6.13.0-rc7-arm64-renesas-05496-gd088502a519f #35 Not tainted\n [ 4.239603] -----------------------------\n [ 4.239606] kworker/u8:5/76 is trying to lock:\n [ 4.239609] ffff0000091898a0 (\u0026p-\u003elock){....}-{3:3}, at: gpio_rcar_config_interrupt_input_mode+0x34/0x164\n [ 4.239641] other info that might help us debug this:\n [ 4.239643] context-{5:5}\n [ 4.239646] 5 locks held by kworker/u8:5/76:\n [ 4.239651] #0: ffff0000080fb148 ((wq_completion)async){+.+.}-{0:0}, at: process_one_work+0x190/0x62c\n [ 4.250180] OF: /soc/sound@ec500000/ports/port@0/endpoint: Read of boolean property \u0027frame-master\u0027 with a value.\n [ 4.254094] #1: ffff80008299bd80 ((work_completion)(\u0026entry-\u003ework)){+.+.}-{0:0}, at: process_one_work+0x1b8/0x62c\n [ 4.254109] #2: ffff00000920c8f8\n [ 4.258345] OF: /soc/sound@ec500000/ports/port@1/endpoint: Read of boolean property \u0027bitclock-master\u0027 with a value.\n [ 4.264803] (\u0026dev-\u003emutex){....}-{4:4}, at: __device_attach_async_helper+0x3c/0xdc\n [ 4.264820] #3: ffff00000a50ca40 (request_class#2){+.+.}-{4:4}, at: __setup_irq+0xa0/0x690\n [ 4.264840] #4:\n [ 4.268872] OF: /soc/sound@ec500000/ports/port@1/endpoint: Read of boolean property \u0027frame-master\u0027 with a value.\n [ 4.273275] ffff00000a50c8c8 (lock_class){....}-{2:2}, at: __setup_irq+0xc4/0x690\n [ 4.296130] renesas_sdhi_internal_dmac ee100000.mmc: mmc1 base at 0x00000000ee100000, max clock rate 200 MHz\n [ 4.304082] stack backtrace:\n [ 4.304086] CPU: 1 UID: 0 PID: 76 Comm: kworker/u8:5 Not tainted 6.13.0-rc7-arm64-renesas-05496-gd088502a519f #35\n [ 4.304092] Hardware name: Renesas Salvator-X 2nd version board based on r8a77965 (DT)\n [ 4.304097] Workqueue: async async_run_entry_fn\n [ 4.304106] Call trace:\n [ 4.304110] show_stack+0x14/0x20 (C)\n [ 4.304122] dump_stack_lvl+0x6c/0x90\n [ 4.304131] dump_stack+0x14/0x1c\n [ 4.304138] __lock_acquire+0xdfc/0x1584\n [ 4.426274] lock_acquire+0x1c4/0x33c\n [ 4.429942] _raw_spin_lock_irqsave+0x5c/0x80\n [ 4.434307] gpio_rcar_config_interrupt_input_mode+0x34/0x164\n [ 4.440061] gpio_rcar_irq_set_type+0xd4/0xd8\n [ 4.444422] __irq_set_trigger+0x5c/0x178\n [ 4.448435] __setup_irq+0x2e4/0x690\n [ 4.452012] request_threaded_irq+0xc4/0x190\n [ 4.456285] devm_request_threaded_irq+0x7c/0xf4\n [ 4.459398] ata1: link resume succeeded after 1 retries\n [ 4.460902] mmc_gpiod_request_cd_irq+0x68/0xe0\n [ 4.470660] mmc_start_host+0x50/0xac\n [ 4.474327] mmc_add_host+0x80/0xe4\n [ 4.477817] tmio_mmc_host_probe+0x2b0/0x440\n [ 4.482094] renesas_sdhi_probe+0x488/0x6f4\n [ 4.486281] renesas_sdhi_internal_dmac_probe+0x60/0x78\n [ 4.491509] platform_probe+0x64/0xd8\n [ 4.495178] really_probe+0xb8/0x2a8\n [ 4.498756] __driver_probe_device+0x74/0x118\n [ 4.503116] driver_probe_device+0x3c/0x154\n [ 4.507303] __device_attach_driver+0xd4/0x160\n [ 4.511750] bus_for_each_drv+0x84/0xe0\n [ 4.515588] __device_attach_async_helper+0xb0/0xdc\n [ 4.520470] async_run_entry_fn+0x30/0xd8\n [ 4.524481] process_one_work+0x210/0x62c\n [ 4.528494] worker_thread+0x1ac/0x340\n [ 4.532245] kthread+0x10c/0x110\n [ 4.535476] ret_from_fork+0x10/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21912",
"url": "https://www.suse.com/security/cve/CVE-2025-21912"
},
{
"category": "external",
"summary": "SUSE Bug 1240584 for CVE-2025-21912",
"url": "https://bugzilla.suse.com/1240584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21912"
},
{
"cve": "CVE-2025-21913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range()\n\nXen doesn\u0027t offer MSR_FAM10H_MMIO_CONF_BASE to all guests. This results\nin the following warning:\n\n unchecked MSR access error: RDMSR from 0xc0010058 at rIP: 0xffffffff8101d19f (xen_do_read_msr+0x7f/0xa0)\n Call Trace:\n xen_read_msr+0x1e/0x30\n amd_get_mmconfig_range+0x2b/0x80\n quirk_amd_mmconfig_area+0x28/0x100\n pnp_fixup_device+0x39/0x50\n __pnp_add_device+0xf/0x150\n pnp_add_device+0x3d/0x100\n pnpacpi_add_device_handler+0x1f9/0x280\n acpi_ns_get_device_callback+0x104/0x1c0\n acpi_ns_walk_namespace+0x1d0/0x260\n acpi_get_devices+0x8a/0xb0\n pnpacpi_init+0x50/0x80\n do_one_initcall+0x46/0x2e0\n kernel_init_freeable+0x1da/0x2f0\n kernel_init+0x16/0x1b0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\n\nbased on quirks for a \"PNP0c01\" device. Treating MMCFG as disabled is the\nright course of action, so no change is needed there.\n\nThis was most likely exposed by fixing the Xen MSR accessors to not be\nsilently-safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21913",
"url": "https://www.suse.com/security/cve/CVE-2025-21913"
},
{
"category": "external",
"summary": "SUSE Bug 1240591 for CVE-2025-21913",
"url": "https://bugzilla.suse.com/1240591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21913"
},
{
"cve": "CVE-2025-21914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nslimbus: messaging: Free transaction ID in delayed interrupt scenario\n\nIn case of interrupt delay for any reason, slim_do_transfer()\nreturns timeout error but the transaction ID (TID) is not freed.\nThis results into invalid memory access inside\nqcom_slim_ngd_rx_msgq_cb() due to invalid TID.\n\nFix the issue by freeing the TID in slim_do_transfer() before\nreturning timeout error to avoid invalid memory access.\n\nCall trace:\n__memcpy_fromio+0x20/0x190\nqcom_slim_ngd_rx_msgq_cb+0x130/0x290 [slim_qcom_ngd_ctrl]\nvchan_complete+0x2a0/0x4a0\ntasklet_action_common+0x274/0x700\ntasklet_action+0x28/0x3c\n_stext+0x188/0x620\nrun_ksoftirqd+0x34/0x74\nsmpboot_thread_fn+0x1d8/0x464\nkthread+0x178/0x238\nret_from_fork+0x10/0x20\nCode: aa0003e8 91000429 f100044a 3940002b (3800150b)\n---[ end trace 0fe00bec2b975c99 ]---\nKernel panic - not syncing: Oops: Fatal exception in interrupt.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21914",
"url": "https://www.suse.com/security/cve/CVE-2025-21914"
},
{
"category": "external",
"summary": "SUSE Bug 1240595 for CVE-2025-21914",
"url": "https://bugzilla.suse.com/1240595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21914"
},
{
"cve": "CVE-2025-21915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncdx: Fix possible UAF error in driver_override_show()\n\nFixed a possible UAF problem in driver_override_show() in drivers/cdx/cdx.c\n\nThis function driver_override_show() is part of DEVICE_ATTR_RW, which\nincludes both driver_override_show() and driver_override_store().\nThese functions can be executed concurrently in sysfs.\n\nThe driver_override_store() function uses driver_set_override() to\nupdate the driver_override value, and driver_set_override() internally\nlocks the device (device_lock(dev)). If driver_override_show() reads\ncdx_dev-\u003edriver_override without locking, it could potentially access\na freed pointer if driver_override_store() frees the string\nconcurrently. This could lead to printing a kernel address, which is a\nsecurity risk since DEVICE_ATTR can be read by all users.\n\nAdditionally, a similar pattern is used in drivers/amba/bus.c, as well\nas many other bus drivers, where device_lock() is taken in the show\nfunction, and it has been working without issues.\n\nThis potential bug was detected by our experimental static analysis\ntool, which analyzes locking APIs and paired functions to identify\ndata races and atomicity violations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21915",
"url": "https://www.suse.com/security/cve/CVE-2025-21915"
},
{
"category": "external",
"summary": "SUSE Bug 1240594 for CVE-2025-21915",
"url": "https://bugzilla.suse.com/1240594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21915"
},
{
"cve": "CVE-2025-21916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21916"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: atm: cxacru: fix a flaw in existing endpoint checks\n\nSyzbot once again identified a flaw in usb endpoint checking, see [1].\nThis time the issue stems from a commit authored by me (2eabb655a968\n(\"usb: atm: cxacru: fix endpoint checking in cxacru_bind()\")).\n\nWhile using usb_find_common_endpoints() may usually be enough to\ndiscard devices with wrong endpoints, in this case one needs more\nthan just finding and identifying the sufficient number of endpoints\nof correct types - one needs to check the endpoint\u0027s address as well.\n\nSince cxacru_bind() fills URBs with CXACRU_EP_CMD address in mind,\nswitch the endpoint verification approach to usb_check_XXX_endpoints()\ninstead to fix incomplete ep testing.\n\n[1] Syzbot report:\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 0 PID: 1378 at drivers/usb/core/urb.c:504 usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503\n...\nRIP: 0010:usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n cxacru_cm+0x3c8/0xe50 drivers/usb/atm/cxacru.c:649\n cxacru_card_status drivers/usb/atm/cxacru.c:760 [inline]\n cxacru_bind+0xcf9/0x1150 drivers/usb/atm/cxacru.c:1223\n usbatm_usb_probe+0x314/0x1d30 drivers/usb/atm/usbatm.c:1058\n cxacru_usb_probe+0x184/0x220 drivers/usb/atm/cxacru.c:1377\n usb_probe_interface+0x641/0xbb0 drivers/usb/core/driver.c:396\n really_probe+0x2b9/0xad0 drivers/base/dd.c:658\n __driver_probe_device+0x1a2/0x390 drivers/base/dd.c:800\n driver_probe_device+0x50/0x430 drivers/base/dd.c:830\n...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21916",
"url": "https://www.suse.com/security/cve/CVE-2025-21916"
},
{
"category": "external",
"summary": "SUSE Bug 1240582 for CVE-2025-21916",
"url": "https://bugzilla.suse.com/1240582"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21916"
},
{
"cve": "CVE-2025-21917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: renesas_usbhs: Flush the notify_hotplug_work\n\nWhen performing continuous unbind/bind operations on the USB drivers\navailable on the Renesas RZ/G2L SoC, a kernel crash with the message\n\"Unable to handle kernel NULL pointer dereference at virtual address\"\nmay occur. This issue points to the usbhsc_notify_hotplug() function.\n\nFlush the delayed work to avoid its execution when driver resources are\nunavailable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21917",
"url": "https://www.suse.com/security/cve/CVE-2025-21917"
},
{
"category": "external",
"summary": "SUSE Bug 1240596 for CVE-2025-21917",
"url": "https://bugzilla.suse.com/1240596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21917"
},
{
"cve": "CVE-2025-21918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Fix NULL pointer access\n\nResources should be released only after all threads that utilize them\nhave been destroyed.\nThis commit ensures that resources are not released prematurely by waiting\nfor the associated workqueue to complete before deallocating them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21918",
"url": "https://www.suse.com/security/cve/CVE-2025-21918"
},
{
"category": "external",
"summary": "SUSE Bug 1240592 for CVE-2025-21918",
"url": "https://bugzilla.suse.com/1240592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21918"
},
{
"cve": "CVE-2025-21919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Fix potential memory corruption in child_cfs_rq_on_list\n\nchild_cfs_rq_on_list attempts to convert a \u0027prev\u0027 pointer to a cfs_rq.\nThis \u0027prev\u0027 pointer can originate from struct rq\u0027s leaf_cfs_rq_list,\nmaking the conversion invalid and potentially leading to memory\ncorruption. Depending on the relative positions of leaf_cfs_rq_list and\nthe task group (tg) pointer within the struct, this can cause a memory\nfault or access garbage data.\n\nThe issue arises in list_add_leaf_cfs_rq, where both\ncfs_rq-\u003eleaf_cfs_rq_list and rq-\u003eleaf_cfs_rq_list are added to the same\nleaf list. Also, rq-\u003etmp_alone_branch can be set to rq-\u003eleaf_cfs_rq_list.\n\nThis adds a check `if (prev == \u0026rq-\u003eleaf_cfs_rq_list)` after the main\nconditional in child_cfs_rq_on_list. This ensures that the container_of\noperation will convert a correct cfs_rq struct.\n\nThis check is sufficient because only cfs_rqs on the same CPU are added\nto the list, so verifying the \u0027prev\u0027 pointer against the current rq\u0027s list\nhead is enough.\n\nFixes a potential memory corruption issue that due to current struct\nlayout might not be manifesting as a crash but could lead to unpredictable\nbehavior when the layout changes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21919",
"url": "https://www.suse.com/security/cve/CVE-2025-21919"
},
{
"category": "external",
"summary": "SUSE Bug 1240593 for CVE-2025-21919",
"url": "https://bugzilla.suse.com/1240593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21919"
},
{
"cve": "CVE-2025-21922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppp: Fix KMSAN uninit-value warning with bpf\n\nSyzbot caught an \"KMSAN: uninit-value\" warning [1], which is caused by the\nppp driver not initializing a 2-byte header when using socket filter.\n\nThe following code can generate a PPP filter BPF program:\n\u0027\u0027\u0027\nstruct bpf_program fp;\npcap_t *handle;\nhandle = pcap_open_dead(DLT_PPP_PPPD, 65535);\npcap_compile(handle, \u0026fp, \"ip and outbound\", 0, 0);\nbpf_dump(\u0026fp, 1);\n\u0027\u0027\u0027\nIts output is:\n\u0027\u0027\u0027\n(000) ldh [2]\n(001) jeq #0x21 jt 2 jf 5\n(002) ldb [0]\n(003) jeq #0x1 jt 4 jf 5\n(004) ret #65535\n(005) ret #0\n\u0027\u0027\u0027\nWen can find similar code at the following link:\nhttps://github.com/ppp-project/ppp/blob/master/pppd/options.c#L1680\nThe maintainer of this code repository is also the original maintainer\nof the ppp driver.\n\nAs you can see the BPF program skips 2 bytes of data and then reads the\n\u0027Protocol\u0027 field to determine if it\u0027s an IP packet. Then it read the first\nbyte of the first 2 bytes to determine the direction.\n\nThe issue is that only the first byte indicating direction is initialized\nin current ppp driver code while the second byte is not initialized.\n\nFor normal BPF programs generated by libpcap, uninitialized data won\u0027t be\nused, so it\u0027s not a problem. However, for carefully crafted BPF programs,\nsuch as those generated by syzkaller [2], which start reading from offset\n0, the uninitialized data will be used and caught by KMSAN.\n\n[1] https://syzkaller.appspot.com/bug?extid=853242d9c9917165d791\n[2] https://syzkaller.appspot.com/text?tag=ReproC\u0026x=11994913980000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21922",
"url": "https://www.suse.com/security/cve/CVE-2025-21922"
},
{
"category": "external",
"summary": "SUSE Bug 1240639 for CVE-2025-21922",
"url": "https://bugzilla.suse.com/1240639"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21922"
},
{
"cve": "CVE-2025-21923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-steam: Fix use-after-free when detaching device\n\nWhen a hid-steam device is removed it must clean up the client_hdev used for\nintercepting hidraw access. This can lead to scheduling deferred work to\nreattach the input device. Though the cleanup cancels the deferred work, this\nwas done before the client_hdev itself is cleaned up, so it gets rescheduled.\nThis patch fixes the ordering to make sure the deferred work is properly\ncanceled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21923",
"url": "https://www.suse.com/security/cve/CVE-2025-21923"
},
{
"category": "external",
"summary": "SUSE Bug 1240691 for CVE-2025-21923",
"url": "https://bugzilla.suse.com/1240691"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21923"
},
{
"cve": "CVE-2025-21924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error\n\nDuring the initialization of ptp, hclge_ptp_get_cycle might return an error\nand returned directly without unregister clock and free it. To avoid that,\ncall hclge_ptp_destroy_clock to unregist and free clock if\nhclge_ptp_get_cycle failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21924",
"url": "https://www.suse.com/security/cve/CVE-2025-21924"
},
{
"category": "external",
"summary": "SUSE Bug 1240720 for CVE-2025-21924",
"url": "https://bugzilla.suse.com/1240720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21924"
},
{
"cve": "CVE-2025-21925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: do not use skb_get() before dev_queue_xmit()\n\nsyzbot is able to crash hosts [1], using llc and devices\nnot supporting IFF_TX_SKB_SHARING.\n\nIn this case, e1000 driver calls eth_skb_pad(), while\nthe skb is shared.\n\nSimply replace skb_get() by skb_clone() in net/llc/llc_s_ac.c\n\nNote that e1000 driver might have an issue with pktgen,\nbecause it does not clear IFF_TX_SKB_SHARING, this is an\northogonal change.\n\nWe need to audit other skb_get() uses in net/llc.\n\n[1]\n\nkernel BUG at net/core/skbuff.c:2178 !\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 16371 Comm: syz.2.2764 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:pskb_expand_head+0x6ce/0x1240 net/core/skbuff.c:2178\nCall Trace:\n \u003cTASK\u003e\n __skb_pad+0x18a/0x610 net/core/skbuff.c:2466\n __skb_put_padto include/linux/skbuff.h:3843 [inline]\n skb_put_padto include/linux/skbuff.h:3862 [inline]\n eth_skb_pad include/linux/etherdevice.h:656 [inline]\n e1000_xmit_frame+0x2d99/0x5800 drivers/net/ethernet/intel/e1000/e1000_main.c:3128\n __netdev_start_xmit include/linux/netdevice.h:5151 [inline]\n netdev_start_xmit include/linux/netdevice.h:5160 [inline]\n xmit_one net/core/dev.c:3806 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3822\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:4045 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4621\n dev_queue_xmit include/linux/netdevice.h:3313 [inline]\n llc_sap_action_send_test_c+0x268/0x320 net/llc/llc_s_ac.c:144\n llc_exec_sap_trans_actions net/llc/llc_sap.c:153 [inline]\n llc_sap_next_state net/llc/llc_sap.c:182 [inline]\n llc_sap_state_process+0x239/0x510 net/llc/llc_sap.c:209\n llc_ui_sendmsg+0xd0d/0x14e0 net/llc/af_llc.c:993\n sock_sendmsg_nosec net/socket.c:718 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21925",
"url": "https://www.suse.com/security/cve/CVE-2025-21925"
},
{
"category": "external",
"summary": "SUSE Bug 1240713 for CVE-2025-21925",
"url": "https://bugzilla.suse.com/1240713"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21925"
},
{
"cve": "CVE-2025-21926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21926"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gso: fix ownership in __udp_gso_segment\n\nIn __udp_gso_segment the skb destructor is removed before segmenting the\nskb but the socket reference is kept as-is. This is an issue if the\noriginal skb is later orphaned as we can hit the following bug:\n\n kernel BUG at ./include/linux/skbuff.h:3312! (skb_orphan)\n RIP: 0010:ip_rcv_core+0x8b2/0xca0\n Call Trace:\n ip_rcv+0xab/0x6e0\n __netif_receive_skb_one_core+0x168/0x1b0\n process_backlog+0x384/0x1100\n __napi_poll.constprop.0+0xa1/0x370\n net_rx_action+0x925/0xe50\n\nThe above can happen following a sequence of events when using\nOpenVSwitch, when an OVS_ACTION_ATTR_USERSPACE action precedes an\nOVS_ACTION_ATTR_OUTPUT action:\n\n1. OVS_ACTION_ATTR_USERSPACE is handled (in do_execute_actions): the skb\n goes through queue_gso_packets and then __udp_gso_segment, where its\n destructor is removed.\n2. The segments\u0027 data are copied and sent to userspace.\n3. OVS_ACTION_ATTR_OUTPUT is handled (in do_execute_actions) and the\n same original skb is sent to its path.\n4. If it later hits skb_orphan, we hit the bug.\n\nFix this by also removing the reference to the socket in\n__udp_gso_segment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21926",
"url": "https://www.suse.com/security/cve/CVE-2025-21926"
},
{
"category": "external",
"summary": "SUSE Bug 1240712 for CVE-2025-21926",
"url": "https://bugzilla.suse.com/1240712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21926"
},
{
"cve": "CVE-2025-21927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()\n\nnvme_tcp_recv_pdu() doesn\u0027t check the validity of the header length.\nWhen header digests are enabled, a target might send a packet with an\ninvalid header length (e.g. 255), causing nvme_tcp_verify_hdgst()\nto access memory outside the allocated area and cause memory corruptions\nby overwriting it with the calculated digest.\n\nFix this by rejecting packets with an unexpected header length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21927",
"url": "https://www.suse.com/security/cve/CVE-2025-21927"
},
{
"category": "external",
"summary": "SUSE Bug 1240714 for CVE-2025-21927",
"url": "https://bugzilla.suse.com/1240714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21927"
},
{
"cve": "CVE-2025-21928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()\n\nThe system can experience a random crash a few minutes after the driver is\nremoved. This issue occurs due to improper handling of memory freeing in\nthe ishtp_hid_remove() function.\n\nThe function currently frees the `driver_data` directly within the loop\nthat destroys the HID devices, which can lead to accessing freed memory.\nSpecifically, `hid_destroy_device()` uses `driver_data` when it calls\n`hid_ishtp_set_feature()` to power off the sensor, so freeing\n`driver_data` beforehand can result in accessing invalid memory.\n\nThis patch resolves the issue by storing the `driver_data` in a temporary\nvariable before calling `hid_destroy_device()`, and then freeing the\n`driver_data` after the device is destroyed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21928",
"url": "https://www.suse.com/security/cve/CVE-2025-21928"
},
{
"category": "external",
"summary": "SUSE Bug 1240722 for CVE-2025-21928",
"url": "https://bugzilla.suse.com/1240722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21928"
},
{
"cve": "CVE-2025-21929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove()\n\nDuring the `rmmod` operation for the `intel_ishtp_hid` driver, a\nuse-after-free issue can occur in the hid_ishtp_cl_remove() function.\nThe function hid_ishtp_cl_deinit() is called before ishtp_hid_remove(),\nwhich can lead to accessing freed memory or resources during the\nremoval process.\n\nCall Trace:\n ? ishtp_cl_send+0x168/0x220 [intel_ishtp]\n ? hid_output_report+0xe3/0x150 [hid]\n hid_ishtp_set_feature+0xb5/0x120 [intel_ishtp_hid]\n ishtp_hid_request+0x7b/0xb0 [intel_ishtp_hid]\n hid_hw_request+0x1f/0x40 [hid]\n sensor_hub_set_feature+0x11f/0x190 [hid_sensor_hub]\n _hid_sensor_power_state+0x147/0x1e0 [hid_sensor_trigger]\n hid_sensor_runtime_resume+0x22/0x30 [hid_sensor_trigger]\n sensor_hub_remove+0xa8/0xe0 [hid_sensor_hub]\n hid_device_remove+0x49/0xb0 [hid]\n hid_destroy_device+0x6f/0x90 [hid]\n ishtp_hid_remove+0x42/0x70 [intel_ishtp_hid]\n hid_ishtp_cl_remove+0x6b/0xb0 [intel_ishtp_hid]\n ishtp_cl_device_remove+0x4a/0x60 [intel_ishtp]\n ...\n\nAdditionally, ishtp_hid_remove() is a HID level power off, which should\noccur before the ISHTP level disconnect.\n\nThis patch resolves the issue by reordering the calls in\nhid_ishtp_cl_remove(). The function ishtp_hid_remove() is now\ncalled before hid_ishtp_cl_deinit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21929",
"url": "https://www.suse.com/security/cve/CVE-2025-21929"
},
{
"category": "external",
"summary": "SUSE Bug 1240711 for CVE-2025-21929",
"url": "https://bugzilla.suse.com/1240711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21929"
},
{
"cve": "CVE-2025-21930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don\u0027t try to talk to a dead firmware\n\nThis fixes:\n\n bad state = 0\n WARNING: CPU: 10 PID: 702 at drivers/net/wireless/inel/iwlwifi/iwl-trans.c:178 iwl_trans_send_cmd+0xba/0xe0 [iwlwifi]\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0xca/0x1c0\n ? iwl_trans_send_cmd+0xba/0xe0 [iwlwifi 64fa9ad799a0e0d2ba53d4af93a53ad9a531f8d4]\n iwl_fw_dbg_clear_monitor_buf+0xd7/0x110 [iwlwifi 64fa9ad799a0e0d2ba53d4af93a53ad9a531f8d4]\n _iwl_dbgfs_fw_dbg_clear_write+0xe2/0x120 [iwlmvm 0e8adb18cea92d2c341766bcc10b18699290068a]\n\nAsk whether the firmware is alive before sending a command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21930",
"url": "https://www.suse.com/security/cve/CVE-2025-21930"
},
{
"category": "external",
"summary": "SUSE Bug 1240715 for CVE-2025-21930",
"url": "https://bugzilla.suse.com/1240715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21930"
},
{
"cve": "CVE-2025-21931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio\n\nCommit b15c87263a69 (\"hwpoison, memory_hotplug: allow hwpoisoned pages to\nbe offlined) add page poison checks in do_migrate_range in order to make\noffline hwpoisoned page possible by introducing isolate_lru_page and\ntry_to_unmap for hwpoisoned page. However folio lock must be held before\ncalling try_to_unmap. Add it to fix this problem.\n\nWarning will be produced if folio is not locked during unmap:\n\n ------------[ cut here ]------------\n kernel BUG at ./include/linux/swapops.h:400!\n Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n Modules linked in:\n CPU: 4 UID: 0 PID: 411 Comm: bash Tainted: G W 6.13.0-rc1-00016-g3c434c7ee82a-dirty #41\n Tainted: [W]=WARN\n Hardware name: QEMU QEMU Virtual Machine, BIOS 0.0.0 02/06/2015\n pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : try_to_unmap_one+0xb08/0xd3c\n lr : try_to_unmap_one+0x3dc/0xd3c\n Call trace:\n try_to_unmap_one+0xb08/0xd3c (P)\n try_to_unmap_one+0x3dc/0xd3c (L)\n rmap_walk_anon+0xdc/0x1f8\n rmap_walk+0x3c/0x58\n try_to_unmap+0x88/0x90\n unmap_poisoned_folio+0x30/0xa8\n do_migrate_range+0x4a0/0x568\n offline_pages+0x5a4/0x670\n memory_block_action+0x17c/0x374\n memory_subsys_offline+0x3c/0x78\n device_offline+0xa4/0xd0\n state_store+0x8c/0xf0\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x44/0x54\n kernfs_fop_write_iter+0x118/0x1a8\n vfs_write+0x3a8/0x4bc\n ksys_write+0x6c/0xf8\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x44/0x100\n el0_svc_common.constprop.0+0x40/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xd0\n el0t_64_sync_handler+0xc8/0xcc\n el0t_64_sync+0x198/0x19c\n Code: f9407be0 b5fff320 d4210000 17ffff97 (d4210000)\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21931",
"url": "https://www.suse.com/security/cve/CVE-2025-21931"
},
{
"category": "external",
"summary": "SUSE Bug 1240709 for CVE-2025-21931",
"url": "https://bugzilla.suse.com/1240709"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21931"
},
{
"cve": "CVE-2025-21934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrapidio: fix an API misues when rio_add_net() fails\n\nrio_add_net() calls device_register() and fails when device_register()\nfails. Thus, put_device() should be used rather than kfree(). Add\n\"mport-\u003enet = NULL;\" to avoid a use after free issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21934",
"url": "https://www.suse.com/security/cve/CVE-2025-21934"
},
{
"category": "external",
"summary": "SUSE Bug 1240708 for CVE-2025-21934",
"url": "https://bugzilla.suse.com/1240708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21934"
},
{
"cve": "CVE-2025-21935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrapidio: add check for rio_add_net() in rio_scan_alloc_net()\n\nThe return value of rio_add_net() should be checked. If it fails,\nput_device() should be called to free the memory and give up the reference\ninitialized in rio_add_net().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21935",
"url": "https://www.suse.com/security/cve/CVE-2025-21935"
},
{
"category": "external",
"summary": "SUSE Bug 1240700 for CVE-2025-21935",
"url": "https://bugzilla.suse.com/1240700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21935"
},
{
"cve": "CVE-2025-21936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()\n\nAdd check for the return value of mgmt_alloc_skb() in\nmgmt_device_connected() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21936",
"url": "https://www.suse.com/security/cve/CVE-2025-21936"
},
{
"category": "external",
"summary": "SUSE Bug 1240716 for CVE-2025-21936",
"url": "https://bugzilla.suse.com/1240716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21936"
},
{
"cve": "CVE-2025-21937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()\n\nAdd check for the return value of mgmt_alloc_skb() in\nmgmt_remote_name() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21937",
"url": "https://www.suse.com/security/cve/CVE-2025-21937"
},
{
"category": "external",
"summary": "SUSE Bug 1240643 for CVE-2025-21937",
"url": "https://bugzilla.suse.com/1240643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21937"
},
{
"cve": "CVE-2025-21941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21941"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null check for pipe_ctx-\u003eplane_state in resource_build_scaling_params\n\nNull pointer dereference issue could occur when pipe_ctx-\u003eplane_state\nis null. The fix adds a check to ensure \u0027pipe_ctx-\u003eplane_state\u0027 is not\nnull before accessing. This prevents a null pointer dereference.\n\nFound by code review.\n\n(cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21941",
"url": "https://www.suse.com/security/cve/CVE-2025-21941"
},
{
"category": "external",
"summary": "SUSE Bug 1240701 for CVE-2025-21941",
"url": "https://bugzilla.suse.com/1240701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21941"
},
{
"cve": "CVE-2025-21943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: aggregator: protect driver attr handlers against module unload\n\nBoth new_device_store and delete_device_store touch module global\nresources (e.g. gpio_aggregator_lock). To prevent race conditions with\nmodule unload, a reference needs to be held.\n\nAdd try_module_get() in these handlers.\n\nFor new_device_store, this eliminates what appears to be the most dangerous\nscenario: if an id is allocated from gpio_aggregator_idr but\nplatform_device_register has not yet been called or completed, a concurrent\nmodule unload could fail to unregister/delete the device, leaving behind a\ndangling platform device/GPIO forwarder. This can result in various issues.\nThe following simple reproducer demonstrates these problems:\n\n #!/bin/bash\n while :; do\n # note: whether \u0027gpiochip0 0\u0027 exists or not does not matter.\n echo \u0027gpiochip0 0\u0027 \u003e /sys/bus/platform/drivers/gpio-aggregator/new_device\n done \u0026\n while :; do\n modprobe gpio-aggregator\n modprobe -r gpio-aggregator\n done \u0026\n wait\n\n Starting with the following warning, several kinds of warnings will appear\n and the system may become unstable:\n\n ------------[ cut here ]------------\n list_del corruption, ffff888103e2e980-\u003enext is LIST_POISON1 (dead000000000100)\n WARNING: CPU: 1 PID: 1327 at lib/list_debug.c:56 __list_del_entry_valid_or_report+0xa3/0x120\n [...]\n RIP: 0010:__list_del_entry_valid_or_report+0xa3/0x120\n [...]\n Call Trace:\n \u003cTASK\u003e\n ? __list_del_entry_valid_or_report+0xa3/0x120\n ? __warn.cold+0x93/0xf2\n ? __list_del_entry_valid_or_report+0xa3/0x120\n ? report_bug+0xe6/0x170\n ? __irq_work_queue_local+0x39/0xe0\n ? handle_bug+0x58/0x90\n ? exc_invalid_op+0x13/0x60\n ? asm_exc_invalid_op+0x16/0x20\n ? __list_del_entry_valid_or_report+0xa3/0x120\n gpiod_remove_lookup_table+0x22/0x60\n new_device_store+0x315/0x350 [gpio_aggregator]\n kernfs_fop_write_iter+0x137/0x1f0\n vfs_write+0x262/0x430\n ksys_write+0x60/0xd0\n do_syscall_64+0x6c/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21943",
"url": "https://www.suse.com/security/cve/CVE-2025-21943"
},
{
"category": "external",
"summary": "SUSE Bug 1240647 for CVE-2025-21943",
"url": "https://bugzilla.suse.com/1240647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21943"
},
{
"cve": "CVE-2025-21948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: appleir: Fix potential NULL dereference at raw event handle\n\nSyzkaller reports a NULL pointer dereference issue in input_event().\n\nBUG: KASAN: null-ptr-deref in instrument_atomic_read include/linux/instrumented.h:68 [inline]\nBUG: KASAN: null-ptr-deref in _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\nBUG: KASAN: null-ptr-deref in is_event_supported drivers/input/input.c:67 [inline]\nBUG: KASAN: null-ptr-deref in input_event+0x42/0xa0 drivers/input/input.c:395\nRead of size 8 at addr 0000000000000028 by task syz-executor199/2949\n\nCPU: 0 UID: 0 PID: 2949 Comm: syz-executor199 Not tainted 6.13.0-rc4-syzkaller-00076-gf097a36ef88d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n instrument_atomic_read include/linux/instrumented.h:68 [inline]\n _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n is_event_supported drivers/input/input.c:67 [inline]\n input_event+0x42/0xa0 drivers/input/input.c:395\n input_report_key include/linux/input.h:439 [inline]\n key_down drivers/hid/hid-appleir.c:159 [inline]\n appleir_raw_event+0x3e5/0x5e0 drivers/hid/hid-appleir.c:232\n __hid_input_report.constprop.0+0x312/0x440 drivers/hid/hid-core.c:2111\n hid_ctrl+0x49f/0x550 drivers/hid/usbhid/hid-core.c:484\n __usb_hcd_giveback_urb+0x389/0x6e0 drivers/usb/core/hcd.c:1650\n usb_hcd_giveback_urb+0x396/0x450 drivers/usb/core/hcd.c:1734\n dummy_timer+0x17f7/0x3960 drivers/usb/gadget/udc/dummy_hcd.c:1993\n __run_hrtimer kernel/time/hrtimer.c:1739 [inline]\n __hrtimer_run_queues+0x20a/0xae0 kernel/time/hrtimer.c:1803\n hrtimer_run_softirq+0x17d/0x350 kernel/time/hrtimer.c:1820\n handle_softirqs+0x206/0x8d0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xfa/0x160 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0x90/0xb0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702\n __mod_timer+0x8f6/0xdc0 kernel/time/timer.c:1185\n add_timer+0x62/0x90 kernel/time/timer.c:1295\n schedule_timeout+0x11f/0x280 kernel/time/sleep_timeout.c:98\n usbhid_wait_io+0x1c7/0x380 drivers/hid/usbhid/hid-core.c:645\n usbhid_init_reports+0x19f/0x390 drivers/hid/usbhid/hid-core.c:784\n hiddev_ioctl+0x1133/0x15b0 drivers/hid/usbhid/hiddev.c:794\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl fs/ioctl.c:892 [inline]\n __x64_sys_ioctl+0x190/0x200 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThis happens due to the malformed report items sent by the emulated device\nwhich results in a report, that has no fields, being added to the report list.\nDue to this appleir_input_configured() is never called, hidinput_connect()\nfails which results in the HID_CLAIMED_INPUT flag is not being set. However,\nit does not make appleir_probe() fail and lets the event callback to be\ncalled without the associated input device.\n\nThus, add a check for the HID_CLAIMED_INPUT flag and leave the event hook\nearly if the driver didn\u0027t claim any input_dev for some reason. Moreover,\nsome other hid drivers accessing input_dev in their event callbacks do have\nsimilar checks, too.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21948",
"url": "https://www.suse.com/security/cve/CVE-2025-21948"
},
{
"category": "external",
"summary": "SUSE Bug 1240703 for CVE-2025-21948",
"url": "https://bugzilla.suse.com/1240703"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21948"
},
{
"cve": "CVE-2025-21950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl\n\nIn the \"pmcmd_ioctl\" function, three memory objects allocated by\nkmalloc are initialized by \"hcall_get_cpu_state\", which are then\ncopied to user space. The initializer is indeed implemented in\n\"acrn_hypercall2\" (arch/x86/include/asm/acrn.h). There is a risk of\ninformation leakage due to uninitialized bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21950",
"url": "https://www.suse.com/security/cve/CVE-2025-21950"
},
{
"category": "external",
"summary": "SUSE Bug 1240719 for CVE-2025-21950",
"url": "https://bugzilla.suse.com/1240719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21950"
},
{
"cve": "CVE-2025-21951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock\n\nThere are multiple places from where the recovery work gets scheduled\nasynchronously. Also, there are multiple places where the caller waits\nsynchronously for the recovery to be completed. One such place is during\nthe PM shutdown() callback.\n\nIf the device is not alive during recovery_work, it will try to reset the\ndevice using pci_reset_function(). This function internally will take the\ndevice_lock() first before resetting the device. By this time, if the lock\nhas already been acquired, then recovery_work will get stalled while\nwaiting for the lock. And if the lock was already acquired by the caller\nwhich waits for the recovery_work to be completed, it will lead to\ndeadlock.\n\nThis is what happened on the X1E80100 CRD device when the device died\nbefore shutdown() callback. Driver core calls the driver\u0027s shutdown()\ncallback while holding the device_lock() leading to deadlock.\n\nAnd this deadlock scenario can occur on other paths as well, like during\nthe PM suspend() callback, where the driver core would hold the\ndevice_lock() before calling driver\u0027s suspend() callback. And if the\nrecovery_work was already started, it could lead to deadlock. This is also\nobserved on the X1E80100 CRD.\n\nSo to fix both issues, use pci_try_reset_function() in recovery_work. This\nfunction first checks for the availability of the device_lock() before\ntrying to reset the device. If the lock is available, it will acquire it\nand reset the device. Otherwise, it will return -EAGAIN. If that happens,\nrecovery_work will fail with the error message \"Recovery failed\" as not\nmuch could be done.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21951",
"url": "https://www.suse.com/security/cve/CVE-2025-21951"
},
{
"category": "external",
"summary": "SUSE Bug 1240718 for CVE-2025-21951",
"url": "https://bugzilla.suse.com/1240718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21951"
},
{
"cve": "CVE-2025-21953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: cleanup mana struct after debugfs_remove()\n\nWhen on a MANA VM hibernation is triggered, as part of hibernate_snapshot(),\nmana_gd_suspend() and mana_gd_resume() are called. If during this\nmana_gd_resume(), a failure occurs with HWC creation, mana_port_debugfs\npointer does not get reinitialized and ends up pointing to older,\ncleaned-up dentry.\nFurther in the hibernation path, as part of power_down(), mana_gd_shutdown()\nis triggered. This call, unaware of the failures in resume, tries to cleanup\nthe already cleaned up mana_port_debugfs value and hits the following bug:\n\n[ 191.359296] mana 7870:00:00.0: Shutdown was called\n[ 191.359918] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 191.360584] #PF: supervisor write access in kernel mode\n[ 191.361125] #PF: error_code(0x0002) - not-present page\n[ 191.361727] PGD 1080ea067 P4D 0\n[ 191.362172] Oops: Oops: 0002 [#1] SMP NOPTI\n[ 191.362606] CPU: 11 UID: 0 PID: 1674 Comm: bash Not tainted 6.14.0-rc5+ #2\n[ 191.363292] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/21/2024\n[ 191.364124] RIP: 0010:down_write+0x19/0x50\n[ 191.364537] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 53 48 89 fb e8 de cd ff ff 31 c0 ba 01 00 00 00 \u003cf0\u003e 48 0f b1 13 75 16 65 48 8b 05 88 24 4c 6a 48 89 43 08 48 8b 5d\n[ 191.365867] RSP: 0000:ff45fbe0c1c037b8 EFLAGS: 00010246\n[ 191.366350] RAX: 0000000000000000 RBX: 0000000000000098 RCX: ffffff8100000000\n[ 191.366951] RDX: 0000000000000001 RSI: 0000000000000064 RDI: 0000000000000098\n[ 191.367600] RBP: ff45fbe0c1c037c0 R08: 0000000000000000 R09: 0000000000000001\n[ 191.368225] R10: ff45fbe0d2b01000 R11: 0000000000000008 R12: 0000000000000000\n[ 191.368874] R13: 000000000000000b R14: ff43dc27509d67c0 R15: 0000000000000020\n[ 191.369549] FS: 00007dbc5001e740(0000) GS:ff43dc663f380000(0000) knlGS:0000000000000000\n[ 191.370213] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 191.370830] CR2: 0000000000000098 CR3: 0000000168e8e002 CR4: 0000000000b73ef0\n[ 191.371557] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 191.372192] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\n[ 191.372906] Call Trace:\n[ 191.373262] \u003cTASK\u003e\n[ 191.373621] ? show_regs+0x64/0x70\n[ 191.374040] ? __die+0x24/0x70\n[ 191.374468] ? page_fault_oops+0x290/0x5b0\n[ 191.374875] ? do_user_addr_fault+0x448/0x800\n[ 191.375357] ? exc_page_fault+0x7a/0x160\n[ 191.375971] ? asm_exc_page_fault+0x27/0x30\n[ 191.376416] ? down_write+0x19/0x50\n[ 191.376832] ? down_write+0x12/0x50\n[ 191.377232] simple_recursive_removal+0x4a/0x2a0\n[ 191.377679] ? __pfx_remove_one+0x10/0x10\n[ 191.378088] debugfs_remove+0x44/0x70\n[ 191.378530] mana_detach+0x17c/0x4f0\n[ 191.378950] ? __flush_work+0x1e2/0x3b0\n[ 191.379362] ? __cond_resched+0x1a/0x50\n[ 191.379787] mana_remove+0xf2/0x1a0\n[ 191.380193] mana_gd_shutdown+0x3b/0x70\n[ 191.380642] pci_device_shutdown+0x3a/0x80\n[ 191.381063] device_shutdown+0x13e/0x230\n[ 191.381480] kernel_power_off+0x35/0x80\n[ 191.381890] hibernate+0x3c6/0x470\n[ 191.382312] state_store+0xcb/0xd0\n[ 191.382734] kobj_attr_store+0x12/0x30\n[ 191.383211] sysfs_kf_write+0x3e/0x50\n[ 191.383640] kernfs_fop_write_iter+0x140/0x1d0\n[ 191.384106] vfs_write+0x271/0x440\n[ 191.384521] ksys_write+0x72/0xf0\n[ 191.384924] __x64_sys_write+0x19/0x20\n[ 191.385313] x64_sys_call+0x2b0/0x20b0\n[ 191.385736] do_syscall_64+0x79/0x150\n[ 191.386146] ? __mod_memcg_lruvec_state+0xe7/0x240\n[ 191.386676] ? __lruvec_stat_mod_folio+0x79/0xb0\n[ 191.387124] ? __pfx_lru_add+0x10/0x10\n[ 191.387515] ? queued_spin_unlock+0x9/0x10\n[ 191.387937] ? do_anonymous_page+0x33c/0xa00\n[ 191.388374] ? __handle_mm_fault+0xcf3/0x1210\n[ 191.388805] ? __count_memcg_events+0xbe/0x180\n[ 191.389235] ? handle_mm_fault+0xae/0x300\n[ 19\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21953",
"url": "https://www.suse.com/security/cve/CVE-2025-21953"
},
{
"category": "external",
"summary": "SUSE Bug 1240727 for CVE-2025-21953",
"url": "https://bugzilla.suse.com/1240727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21953"
},
{
"cve": "CVE-2025-21956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Assign normalized_pix_clk when color depth = 14\n\n[WHY \u0026 HOW]\nA warning message \"WARNING: CPU: 4 PID: 459 at ... /dc_resource.c:3397\ncalculate_phy_pix_clks+0xef/0x100 [amdgpu]\" occurs because the\ndisplay_color_depth == COLOR_DEPTH_141414 is not handled. This is\nobserved in Radeon RX 6600 XT.\n\nIt is fixed by assigning pix_clk * (14 * 3) / 24 - same as the rests.\n\nAlso fixes the indentation in get_norm_pix_clk.\n\n(cherry picked from commit 274a87eb389f58eddcbc5659ab0b180b37e92775)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21956",
"url": "https://www.suse.com/security/cve/CVE-2025-21956"
},
{
"category": "external",
"summary": "SUSE Bug 1240739 for CVE-2025-21956",
"url": "https://bugzilla.suse.com/1240739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21956"
},
{
"cve": "CVE-2025-21957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla1280: Fix kernel oops when debug level \u003e 2\n\nA null dereference or oops exception will eventually occur when qla1280.c\ndriver is compiled with DEBUG_QLA1280 enabled and ql_debug_level \u003e 2. I\nthink its clear from the code that the intention here is sg_dma_len(s) not\nlength of sg_next(s) when printing the debug info.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21957",
"url": "https://www.suse.com/security/cve/CVE-2025-21957"
},
{
"category": "external",
"summary": "SUSE Bug 1240742 for CVE-2025-21957",
"url": "https://bugzilla.suse.com/1240742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21957"
},
{
"cve": "CVE-2025-21960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: do not update checksum in bnxt_xdp_build_skb()\n\nThe bnxt_rx_pkt() updates ip_summed value at the end if checksum offload\nis enabled.\nWhen the XDP-MB program is attached and it returns XDP_PASS, the\nbnxt_xdp_build_skb() is called to update skb_shared_info.\nThe main purpose of bnxt_xdp_build_skb() is to update skb_shared_info,\nbut it updates ip_summed value too if checksum offload is enabled.\nThis is actually duplicate work.\n\nWhen the bnxt_rx_pkt() updates ip_summed value, it checks if ip_summed\nis CHECKSUM_NONE or not.\nIt means that ip_summed should be CHECKSUM_NONE at this moment.\nBut ip_summed may already be updated to CHECKSUM_UNNECESSARY in the\nXDP-MB-PASS path.\nSo the by skb_checksum_none_assert() WARNS about it.\n\nThis is duplicate work and updating ip_summed in the\nbnxt_xdp_build_skb() is not needed.\n\nSplat looks like:\nWARNING: CPU: 3 PID: 5782 at ./include/linux/skbuff.h:5155 bnxt_rx_pkt+0x479b/0x7610 [bnxt_en]\nModules linked in: bnxt_re bnxt_en rdma_ucm rdma_cm iw_cm ib_cm ib_uverbs veth xt_nat xt_tcpudp xt_conntrack nft_chain_nat xt_MASQUERADE nf_]\nCPU: 3 UID: 0 PID: 5782 Comm: socat Tainted: G W 6.14.0-rc4+ #27\nTainted: [W]=WARN\nHardware name: ASUS System Product Name/PRIME Z690-P D4, BIOS 0603 11/01/2021\nRIP: 0010:bnxt_rx_pkt+0x479b/0x7610 [bnxt_en]\nCode: 54 24 0c 4c 89 f1 4c 89 ff c1 ea 1f ff d3 0f 1f 00 49 89 c6 48 85 c0 0f 84 4c e5 ff ff 48 89 c7 e8 ca 3d a0 c8 e9 8f f4 ff ff \u003c0f\u003e 0b f\nRSP: 0018:ffff88881ba09928 EFLAGS: 00010202\nRAX: 0000000000000000 RBX: 00000000c7590303 RCX: 0000000000000000\nRDX: 1ffff1104e7d1610 RSI: 0000000000000001 RDI: ffff8881c91300b8\nRBP: ffff88881ba09b28 R08: ffff888273e8b0d0 R09: ffff888273e8b070\nR10: ffff888273e8b010 R11: ffff888278b0f000 R12: ffff888273e8b080\nR13: ffff8881c9130e00 R14: ffff8881505d3800 R15: ffff888273e8b000\nFS: 00007f5a2e7be080(0000) GS:ffff88881ba00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fff2e708ff8 CR3: 000000013e3b0000 CR4: 00000000007506f0\nPKRU: 55555554\nCall Trace:\n \u003cIRQ\u003e\n ? __warn+0xcd/0x2f0\n ? bnxt_rx_pkt+0x479b/0x7610\n ? report_bug+0x326/0x3c0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x14/0x50\n ? asm_exc_invalid_op+0x16/0x20\n ? bnxt_rx_pkt+0x479b/0x7610\n ? bnxt_rx_pkt+0x3e41/0x7610\n ? __pfx_bnxt_rx_pkt+0x10/0x10\n ? napi_complete_done+0x2cf/0x7d0\n __bnxt_poll_work+0x4e8/0x1220\n ? __pfx___bnxt_poll_work+0x10/0x10\n ? __pfx_mark_lock.part.0+0x10/0x10\n bnxt_poll_p5+0x36a/0xfa0\n ? __pfx_bnxt_poll_p5+0x10/0x10\n __napi_poll.constprop.0+0xa0/0x440\n net_rx_action+0x899/0xd00\n...\n\nFollowing ping.py patch adds xdp-mb-pass case. so ping.py is going\nto be able to reproduce this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21960",
"url": "https://www.suse.com/security/cve/CVE-2025-21960"
},
{
"category": "external",
"summary": "SUSE Bug 1240815 for CVE-2025-21960",
"url": "https://bugzilla.suse.com/1240815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21960"
},
{
"cve": "CVE-2025-21961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix truesize for mb-xdp-pass case\n\nWhen mb-xdp is set and return is XDP_PASS, packet is converted from\nxdp_buff to sk_buff with xdp_update_skb_shared_info() in\nbnxt_xdp_build_skb().\nbnxt_xdp_build_skb() passes incorrect truesize argument to\nxdp_update_skb_shared_info().\nThe truesize is calculated as BNXT_RX_PAGE_SIZE * sinfo-\u003enr_frags but\nthe skb_shared_info was wiped by napi_build_skb() before.\nSo it stores sinfo-\u003enr_frags before bnxt_xdp_build_skb() and use it\ninstead of getting skb_shared_info from xdp_get_shared_info_from_buff().\n\nSplat looks like:\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 0 at net/core/skbuff.c:6072 skb_try_coalesce+0x504/0x590\n Modules linked in: xt_nat xt_tcpudp veth af_packet xt_conntrack nft_chain_nat xt_MASQUERADE nf_conntrack_netlink xfrm_user xt_addrtype nft_coms\n CPU: 2 UID: 0 PID: 0 Comm: swapper/2 Not tainted 6.14.0-rc2+ #3\n RIP: 0010:skb_try_coalesce+0x504/0x590\n Code: 4b fd ff ff 49 8b 34 24 40 80 e6 40 0f 84 3d fd ff ff 49 8b 74 24 48 40 f6 c6 01 0f 84 2e fd ff ff 48 8d 4e ff e9 25 fd ff ff \u003c0f\u003e 0b e99\n RSP: 0018:ffffb62c4120caa8 EFLAGS: 00010287\n RAX: 0000000000000003 RBX: ffffb62c4120cb14 RCX: 0000000000000ec0\n RDX: 0000000000001000 RSI: ffffa06e5d7dc000 RDI: 0000000000000003\n RBP: ffffa06e5d7ddec0 R08: ffffa06e6120a800 R09: ffffa06e7a119900\n R10: 0000000000002310 R11: ffffa06e5d7dcec0 R12: ffffe4360575f740\n R13: ffffe43600000000 R14: 0000000000000002 R15: 0000000000000002\n FS: 0000000000000000(0000) GS:ffffa0755f700000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f147b76b0f8 CR3: 00000001615d4000 CR4: 00000000007506f0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? __warn+0x84/0x130\n ? skb_try_coalesce+0x504/0x590\n ? report_bug+0x18a/0x1a0\n ? handle_bug+0x53/0x90\n ? exc_invalid_op+0x14/0x70\n ? asm_exc_invalid_op+0x16/0x20\n ? skb_try_coalesce+0x504/0x590\n inet_frag_reasm_finish+0x11f/0x2e0\n ip_defrag+0x37a/0x900\n ip_local_deliver+0x51/0x120\n ip_sublist_rcv_finish+0x64/0x70\n ip_sublist_rcv+0x179/0x210\n ip_list_rcv+0xf9/0x130\n\nHow to reproduce:\n\u003cNode A\u003e\nip link set $interface1 xdp obj xdp_pass.o\nip link set $interface1 mtu 9000 up\nip a a 10.0.0.1/24 dev $interface1\n\u003cNode B\u003e\nip link set $interfac2 mtu 9000 up\nip a a 10.0.0.2/24 dev $interface2\nping 10.0.0.1 -s 65000\n\nFollowing ping.py patch adds xdp-mb-pass case. so ping.py is going to be\nable to reproduce this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21961",
"url": "https://www.suse.com/security/cve/CVE-2025-21961"
},
{
"category": "external",
"summary": "SUSE Bug 1240816 for CVE-2025-21961",
"url": "https://bugzilla.suse.com/1240816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21961"
},
{
"cve": "CVE-2025-21962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21962"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing closetimeo mount option\n\nUser-provided mount parameter closetimeo of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21962",
"url": "https://www.suse.com/security/cve/CVE-2025-21962"
},
{
"category": "external",
"summary": "SUSE Bug 1240655 for CVE-2025-21962",
"url": "https://bugzilla.suse.com/1240655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21962"
},
{
"cve": "CVE-2025-21963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing acdirmax mount option\n\nUser-provided mount parameter acdirmax of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21963",
"url": "https://www.suse.com/security/cve/CVE-2025-21963"
},
{
"category": "external",
"summary": "SUSE Bug 1240717 for CVE-2025-21963",
"url": "https://bugzilla.suse.com/1240717"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21963"
},
{
"cve": "CVE-2025-21964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing acregmax mount option\n\nUser-provided mount parameter acregmax of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21964",
"url": "https://www.suse.com/security/cve/CVE-2025-21964"
},
{
"category": "external",
"summary": "SUSE Bug 1240740 for CVE-2025-21964",
"url": "https://bugzilla.suse.com/1240740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21964"
},
{
"cve": "CVE-2025-21966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21966"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-flakey: Fix memory corruption in optional corrupt_bio_byte feature\n\nFix memory corruption due to incorrect parameter being passed to bio_init",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21966",
"url": "https://www.suse.com/security/cve/CVE-2025-21966"
},
{
"category": "external",
"summary": "SUSE Bug 1240779 for CVE-2025-21966",
"url": "https://bugzilla.suse.com/1240779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21966"
},
{
"cve": "CVE-2025-21968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free on hdcp_work\n\n[Why]\nA slab-use-after-free is reported when HDCP is destroyed but the\nproperty_validate_dwork queue is still running.\n\n[How]\nCancel the delayed work when destroying workqueue.\n\n(cherry picked from commit 725a04ba5a95e89c89633d4322430cfbca7ce128)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21968",
"url": "https://www.suse.com/security/cve/CVE-2025-21968"
},
{
"category": "external",
"summary": "SUSE Bug 1240783 for CVE-2025-21968",
"url": "https://bugzilla.suse.com/1240783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21968"
},
{
"cve": "CVE-2025-21969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd\n\nAfter the hci sync command releases l2cap_conn, the hci receive data work\nqueue references the released l2cap_conn when sending to the upper layer.\nAdd hci dev lock to the hci receive data work queue to synchronize the two.\n\n[1]\nBUG: KASAN: slab-use-after-free in l2cap_send_cmd+0x187/0x8d0 net/bluetooth/l2cap_core.c:954\nRead of size 8 at addr ffff8880271a4000 by task kworker/u9:2/5837\n\nCPU: 0 UID: 0 PID: 5837 Comm: kworker/u9:2 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci1 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n l2cap_build_cmd net/bluetooth/l2cap_core.c:2964 [inline]\n l2cap_send_cmd+0x187/0x8d0 net/bluetooth/l2cap_core.c:954\n l2cap_sig_send_rej net/bluetooth/l2cap_core.c:5502 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5538 [inline]\n l2cap_recv_frame+0x221f/0x10db0 net/bluetooth/l2cap_core.c:6817\n hci_acldata_packet net/bluetooth/hci_core.c:3797 [inline]\n hci_rx_work+0x508/0xdb0 net/bluetooth/hci_core.c:4040\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nAllocated by task 5837:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n l2cap_conn_add+0xa9/0x8e0 net/bluetooth/l2cap_core.c:6860\n l2cap_connect_cfm+0x115/0x1090 net/bluetooth/l2cap_core.c:7239\n hci_connect_cfm include/net/bluetooth/hci_core.h:2057 [inline]\n hci_remote_features_evt+0x68e/0xac0 net/bluetooth/hci_event.c:3726\n hci_event_func net/bluetooth/hci_event.c:7473 [inline]\n hci_event_packet+0xac2/0x1540 net/bluetooth/hci_event.c:7525\n hci_rx_work+0x3f3/0xdb0 net/bluetooth/hci_core.c:4035\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nFreed by task 54:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n l2cap_connect_cfm+0xcc/0x1090 net/bluetooth/l2cap_core.c:7235\n hci_connect_cfm include/net/bluetooth/hci_core.h:2057 [inline]\n hci_conn_failed+0x287/0x400 net/bluetooth/hci_conn.c:1266\n hci_abort_conn_sync+0x56c/0x11f0 net/bluetooth/hci_sync.c:5603\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21969",
"url": "https://www.suse.com/security/cve/CVE-2025-21969"
},
{
"category": "external",
"summary": "SUSE Bug 1240784 for CVE-2025-21969",
"url": "https://bugzilla.suse.com/1240784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21969"
},
{
"cve": "CVE-2025-21970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Bridge, fix the crash caused by LAG state check\n\nWhen removing LAG device from bridge, NETDEV_CHANGEUPPER event is\ntriggered. Driver finds the lower devices (PFs) to flush all the\noffloaded entries. And mlx5_lag_is_shared_fdb is checked, it returns\nfalse if one of PF is unloaded. In such case,\nmlx5_esw_bridge_lag_rep_get() and its caller return NULL, instead of\nthe alive PF, and the flush is skipped.\n\nBesides, the bridge fdb entry\u0027s lastuse is updated in mlx5 bridge\nevent handler. But this SWITCHDEV_FDB_ADD_TO_BRIDGE event can be\nignored in this case because the upper interface for bond is deleted,\nand the entry will never be aged because lastuse is never updated.\n\nTo make things worse, as the entry is alive, mlx5 bridge workqueue\nkeeps sending that event, which is then handled by kernel bridge\nnotifier. It causes the following crash when accessing the passed bond\nnetdev which is already destroyed.\n\nTo fix this issue, remove such checks. LAG state is already checked in\ncommit 15f8f168952f (\"net/mlx5: Bridge, verify LAG state when adding\nbond to bridge\"), driver still need to skip offload if LAG becomes\ninvalid state after initialization.\n\n Oops: stack segment: 0000 [#1] SMP\n CPU: 3 UID: 0 PID: 23695 Comm: kworker/u40:3 Tainted: G OE 6.11.0_mlnx #1\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: mlx5_bridge_wq mlx5_esw_bridge_update_work [mlx5_core]\n RIP: 0010:br_switchdev_event+0x2c/0x110 [bridge]\n Code: 44 00 00 48 8b 02 48 f7 00 00 02 00 00 74 69 41 54 55 53 48 83 ec 08 48 8b a8 08 01 00 00 48 85 ed 74 4a 48 83 fe 02 48 89 d3 \u003c4c\u003e 8b 65 00 74 23 76 49 48 83 fe 05 74 7e 48 83 fe 06 75 2f 0f b7\n RSP: 0018:ffffc900092cfda0 EFLAGS: 00010297\n RAX: ffff888123bfe000 RBX: ffffc900092cfe08 RCX: 00000000ffffffff\n RDX: ffffc900092cfe08 RSI: 0000000000000001 RDI: ffffffffa0c585f0\n RBP: 6669746f6e690a30 R08: 0000000000000000 R09: ffff888123ae92c8\n R10: 0000000000000000 R11: fefefefefefefeff R12: ffff888123ae9c60\n R13: 0000000000000001 R14: ffffc900092cfe08 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff88852c980000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f15914c8734 CR3: 0000000002830005 CR4: 0000000000770ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die_body+0x1a/0x60\n ? die+0x38/0x60\n ? do_trap+0x10b/0x120\n ? do_error_trap+0x64/0xa0\n ? exc_stack_segment+0x33/0x50\n ? asm_exc_stack_segment+0x22/0x30\n ? br_switchdev_event+0x2c/0x110 [bridge]\n ? sched_balance_newidle.isra.149+0x248/0x390\n notifier_call_chain+0x4b/0xa0\n atomic_notifier_call_chain+0x16/0x20\n mlx5_esw_bridge_update+0xec/0x170 [mlx5_core]\n mlx5_esw_bridge_update_work+0x19/0x40 [mlx5_core]\n process_scheduled_works+0x81/0x390\n worker_thread+0x106/0x250\n ? bh_worker+0x110/0x110\n kthread+0xb7/0xe0\n ? kthread_park+0x80/0x80\n ret_from_fork+0x2d/0x50\n ? kthread_park+0x80/0x80\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21970",
"url": "https://www.suse.com/security/cve/CVE-2025-21970"
},
{
"category": "external",
"summary": "SUSE Bug 1240819 for CVE-2025-21970",
"url": "https://bugzilla.suse.com/1240819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21970"
},
{
"cve": "CVE-2025-21971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: Prevent creation of classes with TC_H_ROOT\n\nThe function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination\ncondition when traversing up the qdisc tree to update parent backlog\ncounters. However, if a class is created with classid TC_H_ROOT, the\ntraversal terminates prematurely at this class instead of reaching the\nactual root qdisc, causing parent statistics to be incorrectly maintained.\nIn case of DRR, this could lead to a crash as reported by Mingi Cho.\n\nPrevent the creation of any Qdisc class with classid TC_H_ROOT\n(0xFFFFFFFF) across all qdisc types, as suggested by Jamal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21971",
"url": "https://www.suse.com/security/cve/CVE-2025-21971"
},
{
"category": "external",
"summary": "SUSE Bug 1240799 for CVE-2025-21971",
"url": "https://bugzilla.suse.com/1240799"
},
{
"category": "external",
"summary": "SUSE Bug 1245794 for CVE-2025-21971",
"url": "https://bugzilla.suse.com/1245794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2025-21971"
},
{
"cve": "CVE-2025-21972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: unshare packets when reassembling\n\nEnsure that the frag_list used for reassembly isn\u0027t shared with other\npackets. This avoids incorrect reassembly when packets are cloned, and\nprevents a memory leak due to circular references between fragments and\ntheir skb_shared_info.\n\nThe upcoming MCTP-over-USB driver uses skb_clone which can trigger the\nproblem - other MCTP drivers don\u0027t share SKBs.\n\nA kunit test is added to reproduce the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21972",
"url": "https://www.suse.com/security/cve/CVE-2025-21972"
},
{
"category": "external",
"summary": "SUSE Bug 1240813 for CVE-2025-21972",
"url": "https://bugzilla.suse.com/1240813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21972"
},
{
"cve": "CVE-2025-21973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx}\n\nWhen qstats-get operation is executed, callbacks of netdev_stats_ops\nare called. The bnxt_get_queue_stats{rx | tx} collect per-queue stats\nfrom sw_stats in the rings.\nBut {rx | tx | cp}_ring are allocated when the interface is up.\nSo, these rings are not allocated when the interface is down.\n\nThe qstats-get is allowed even if the interface is down. However,\nthe bnxt_get_queue_stats{rx | tx}() accesses cp_ring and tx_ring\nwithout null check.\nSo, it needs to avoid accessing rings if the interface is down.\n\nReproducer:\n ip link set $interface down\n ./cli.py --spec netdev.yaml --dump qstats-get\nOR\n ip link set $interface down\n python ./stats.py\n\nSplat looks like:\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 1680fa067 P4D 1680fa067 PUD 16be3b067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 0 UID: 0 PID: 1495 Comm: python3 Not tainted 6.14.0-rc4+ #32 5cd0f999d5a15c574ac72b3e4b907341\n Hardware name: ASUS System Product Name/PRIME Z690-P D4, BIOS 0603 11/01/2021\n RIP: 0010:bnxt_get_queue_stats_rx+0xf/0x70 [bnxt_en]\n Code: c6 87 b5 18 00 00 02 eb a2 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 01\n RSP: 0018:ffffabef43cdb7e0 EFLAGS: 00010282\n RAX: 0000000000000000 RBX: ffffffffc04c8710 RCX: 0000000000000000\n RDX: ffffabef43cdb858 RSI: 0000000000000000 RDI: ffff8d504e850000\n RBP: ffff8d506c9f9c00 R08: 0000000000000004 R09: ffff8d506bcd901c\n R10: 0000000000000015 R11: ffff8d506bcd9000 R12: 0000000000000000\n R13: ffffabef43cdb8c0 R14: ffff8d504e850000 R15: 0000000000000000\n FS: 00007f2c5462b080(0000) GS:ffff8d575f600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000000167fd0000 CR4: 00000000007506f0\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x70\n ? page_fault_oops+0x15a/0x460\n ? sched_balance_find_src_group+0x58d/0xd10\n ? exc_page_fault+0x6e/0x180\n ? asm_exc_page_fault+0x22/0x30\n ? bnxt_get_queue_stats_rx+0xf/0x70 [bnxt_en cdd546fd48563c280cfd30e9647efa420db07bf1]\n netdev_nl_stats_by_netdev+0x2b1/0x4e0\n ? xas_load+0x9/0xb0\n ? xas_find+0x183/0x1d0\n ? xa_find+0x8b/0xe0\n netdev_nl_qstats_get_dumpit+0xbf/0x1e0\n genl_dumpit+0x31/0x90\n netlink_dump+0x1a8/0x360",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21973",
"url": "https://www.suse.com/security/cve/CVE-2025-21973"
},
{
"category": "external",
"summary": "SUSE Bug 1240803 for CVE-2025-21973",
"url": "https://bugzilla.suse.com/1240803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21973"
},
{
"cve": "CVE-2025-21974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: return fail if interface is down in bnxt_queue_mem_alloc()\n\nThe bnxt_queue_mem_alloc() is called to allocate new queue memory when\na queue is restarted.\nIt internally accesses rx buffer descriptor corresponding to the index.\nThe rx buffer descriptor is allocated and set when the interface is up\nand it\u0027s freed when the interface is down.\nSo, if queue is restarted if interface is down, kernel panic occurs.\n\nSplat looks like:\n BUG: unable to handle page fault for address: 000000000000b240\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 3 UID: 0 PID: 1563 Comm: ncdevmem2 Not tainted 6.14.0-rc2+ #9 844ddba6e7c459cafd0bf4db9a3198e\n Hardware name: ASUS System Product Name/PRIME Z690-P D4, BIOS 0603 11/01/2021\n RIP: 0010:bnxt_queue_mem_alloc+0x3f/0x4e0 [bnxt_en]\n Code: 41 54 4d 89 c4 4d 69 c0 c0 05 00 00 55 48 89 f5 53 48 89 fb 4c 8d b5 40 05 00 00 48 83 ec 15\n RSP: 0018:ffff9dcc83fef9e8 EFLAGS: 00010202\n RAX: ffffffffc0457720 RBX: ffff934ed8d40000 RCX: 0000000000000000\n RDX: 000000000000001f RSI: ffff934ea508f800 RDI: ffff934ea508f808\n RBP: ffff934ea508f800 R08: 000000000000b240 R09: ffff934e84f4b000\n R10: ffff9dcc83fefa30 R11: ffff934e84f4b000 R12: 000000000000001f\n R13: ffff934ed8d40ac0 R14: ffff934ea508fd40 R15: ffff934e84f4b000\n FS: 00007fa73888c740(0000) GS:ffff93559f780000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000000000b240 CR3: 0000000145a2e000 CR4: 00000000007506f0\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x70\n ? page_fault_oops+0x15a/0x460\n ? exc_page_fault+0x6e/0x180\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_bnxt_queue_mem_alloc+0x10/0x10 [bnxt_en 7f85e76f4d724ba07471d7e39d9e773aea6597b7]\n ? bnxt_queue_mem_alloc+0x3f/0x4e0 [bnxt_en 7f85e76f4d724ba07471d7e39d9e773aea6597b7]\n netdev_rx_queue_restart+0xc5/0x240\n net_devmem_bind_dmabuf_to_queue+0xf8/0x200\n netdev_nl_bind_rx_doit+0x3a7/0x450\n genl_family_rcv_msg_doit+0xd9/0x130\n genl_rcv_msg+0x184/0x2b0\n ? __pfx_netdev_nl_bind_rx_doit+0x10/0x10\n ? __pfx_genl_rcv_msg+0x10/0x10\n netlink_rcv_skb+0x54/0x100\n genl_rcv+0x24/0x40\n...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21974",
"url": "https://www.suse.com/security/cve/CVE-2025-21974"
},
{
"category": "external",
"summary": "SUSE Bug 1240800 for CVE-2025-21974",
"url": "https://bugzilla.suse.com/1240800"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21974"
},
{
"cve": "CVE-2025-21975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21975"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: handle errors in mlx5_chains_create_table()\n\nIn mlx5_chains_create_table(), the return value of mlx5_get_fdb_sub_ns()\nand mlx5_get_flow_namespace() must be checked to prevent NULL pointer\ndereferences. If either function fails, the function should log error\nmessage with mlx5_core_warn() and return error pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21975",
"url": "https://www.suse.com/security/cve/CVE-2025-21975"
},
{
"category": "external",
"summary": "SUSE Bug 1240812 for CVE-2025-21975",
"url": "https://bugzilla.suse.com/1240812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21975"
},
{
"cve": "CVE-2025-21978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/hyperv: Fix address space leak when Hyper-V DRM device is removed\n\nWhen a Hyper-V DRM device is probed, the driver allocates MMIO space for\nthe vram, and maps it cacheable. If the device removed, or in the error\npath for device probing, the MMIO space is released but no unmap is done.\nConsequently the kernel address space for the mapping is leaked.\n\nFix this by adding iounmap() calls in the device removal path, and in the\nerror path during device probing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21978",
"url": "https://www.suse.com/security/cve/CVE-2025-21978"
},
{
"category": "external",
"summary": "SUSE Bug 1240806 for CVE-2025-21978",
"url": "https://bugzilla.suse.com/1240806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21978"
},
{
"cve": "CVE-2025-21979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: cancel wiphy_work before freeing wiphy\n\nA wiphy_work can be queued from the moment the wiphy is allocated and\ninitialized (i.e. wiphy_new_nm). When a wiphy_work is queued, the\nrdev::wiphy_work is getting queued.\n\nIf wiphy_free is called before the rdev::wiphy_work had a chance to run,\nthe wiphy memory will be freed, and then when it eventally gets to run\nit\u0027ll use invalid memory.\n\nFix this by canceling the work before freeing the wiphy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21979",
"url": "https://www.suse.com/security/cve/CVE-2025-21979"
},
{
"category": "external",
"summary": "SUSE Bug 1240808 for CVE-2025-21979",
"url": "https://bugzilla.suse.com/1240808"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21979"
},
{
"cve": "CVE-2025-21980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: address a potential NULL pointer dereference in the GRED scheduler.\n\nIf kzalloc in gred_init returns a NULL pointer, the code follows the\nerror handling path, invoking gred_destroy. This, in turn, calls\ngred_offload, where memset could receive a NULL pointer as input,\npotentially leading to a kernel crash.\n\nWhen table-\u003eopt is NULL in gred_init(), gred_change_table_def()\nis not called yet, so it is not necessary to call -\u003endo_setup_tc()\nin gred_offload().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21980",
"url": "https://www.suse.com/security/cve/CVE-2025-21980"
},
{
"category": "external",
"summary": "SUSE Bug 1240809 for CVE-2025-21980",
"url": "https://bugzilla.suse.com/1240809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21980"
},
{
"cve": "CVE-2025-21981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix memory leak in aRFS after reset\n\nFix aRFS (accelerated Receive Flow Steering) structures memory leak by\nadding a checker to verify if aRFS memory is already allocated while\nconfiguring VSI. aRFS objects are allocated in two cases:\n- as part of VSI initialization (at probe), and\n- as part of reset handling\n\nHowever, VSI reconfiguration executed during reset involves memory\nallocation one more time, without prior releasing already allocated\nresources. This led to the memory leak with the following signature:\n\n[root@os-delivery ~]# cat /sys/kernel/debug/kmemleak\nunreferenced object 0xff3c1ca7252e6000 (size 8192):\n comm \"kworker/0:0\", pid 8, jiffies 4296833052\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 0):\n [\u003cffffffff991ec485\u003e] __kmalloc_cache_noprof+0x275/0x340\n [\u003cffffffffc0a6e06a\u003e] ice_init_arfs+0x3a/0xe0 [ice]\n [\u003cffffffffc09f1027\u003e] ice_vsi_cfg_def+0x607/0x850 [ice]\n [\u003cffffffffc09f244b\u003e] ice_vsi_setup+0x5b/0x130 [ice]\n [\u003cffffffffc09c2131\u003e] ice_init+0x1c1/0x460 [ice]\n [\u003cffffffffc09c64af\u003e] ice_probe+0x2af/0x520 [ice]\n [\u003cffffffff994fbcd3\u003e] local_pci_probe+0x43/0xa0\n [\u003cffffffff98f07103\u003e] work_for_cpu_fn+0x13/0x20\n [\u003cffffffff98f0b6d9\u003e] process_one_work+0x179/0x390\n [\u003cffffffff98f0c1e9\u003e] worker_thread+0x239/0x340\n [\u003cffffffff98f14abc\u003e] kthread+0xcc/0x100\n [\u003cffffffff98e45a6d\u003e] ret_from_fork+0x2d/0x50\n [\u003cffffffff98e083ba\u003e] ret_from_fork_asm+0x1a/0x30\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21981",
"url": "https://www.suse.com/security/cve/CVE-2025-21981"
},
{
"category": "external",
"summary": "SUSE Bug 1240612 for CVE-2025-21981",
"url": "https://bugzilla.suse.com/1240612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21981"
},
{
"cve": "CVE-2025-21985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix out-of-bound accesses\n\n[WHAT \u0026 HOW]\nhpo_stream_to_link_encoder_mapping has size MAX_HPO_DP2_ENCODERS(=4),\nbut location can have size up to 6. As a result, it is necessary to\ncheck location against MAX_HPO_DP2_ENCODERS.\n\nSimiliarly, disp_cfg_stream_location can be used as an array index which\nshould be 0..5, so the ASSERT\u0027s conditions should be less without equal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21985",
"url": "https://www.suse.com/security/cve/CVE-2025-21985"
},
{
"category": "external",
"summary": "SUSE Bug 1240811 for CVE-2025-21985",
"url": "https://bugzilla.suse.com/1240811"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21985"
},
{
"cve": "CVE-2025-21989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix missing .is_two_pixels_per_container\n\nStarting from 6.11, AMDGPU driver, while being loaded with amdgpu.dc=1,\ndue to lack of .is_two_pixels_per_container function in dce60_tg_funcs,\ncauses a NULL pointer dereference on PCs with old GPUs, such as R9 280X.\n\nSo this fix adds missing .is_two_pixels_per_container to dce60_tg_funcs.\n\n(cherry picked from commit bd4b125eb949785c6f8a53b0494e32795421209d)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21989",
"url": "https://www.suse.com/security/cve/CVE-2025-21989"
},
{
"category": "external",
"summary": "SUSE Bug 1240805 for CVE-2025-21989",
"url": "https://bugzilla.suse.com/1240805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21989"
},
{
"cve": "CVE-2025-21990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: NULL-check BO\u0027s backing store when determining GFX12 PTE flags\n\nPRT BOs may not have any backing store, so bo-\u003etbo.resource will be\nNULL. Check for that before dereferencing.\n\n(cherry picked from commit 3e3fcd29b505cebed659311337ea03b7698767fc)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21990",
"url": "https://www.suse.com/security/cve/CVE-2025-21990"
},
{
"category": "external",
"summary": "SUSE Bug 1240804 for CVE-2025-21990",
"url": "https://bugzilla.suse.com/1240804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21990"
},
{
"cve": "CVE-2025-21991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21991"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes\n\nCurrently, load_microcode_amd() iterates over all NUMA nodes, retrieves their\nCPU masks and unconditionally accesses per-CPU data for the first CPU of each\nmask.\n\nAccording to Documentation/admin-guide/mm/numaperf.rst:\n\n \"Some memory may share the same node as a CPU, and others are provided as\n memory only nodes.\"\n\nTherefore, some node CPU masks may be empty and wouldn\u0027t have a \"first CPU\".\n\nOn a machine with far memory (and therefore CPU-less NUMA nodes):\n- cpumask_of_node(nid) is 0\n- cpumask_first(0) is CONFIG_NR_CPUS\n- cpu_data(CONFIG_NR_CPUS) accesses the cpu_info per-CPU array at an\n index that is 1 out of bounds\n\nThis does not have any security implications since flashing microcode is\na privileged operation but I believe this has reliability implications by\npotentially corrupting memory while flashing a microcode update.\n\nWhen booting with CONFIG_UBSAN_BOUNDS=y on an AMD machine that flashes\na microcode update. I get the following splat:\n\n UBSAN: array-index-out-of-bounds in arch/x86/kernel/cpu/microcode/amd.c:X:Y\n index 512 is out of range for type \u0027unsigned long[512]\u0027\n [...]\n Call Trace:\n dump_stack\n __ubsan_handle_out_of_bounds\n load_microcode_amd\n request_microcode_amd\n reload_store\n kernfs_fop_write_iter\n vfs_write\n ksys_write\n do_syscall_64\n entry_SYSCALL_64_after_hwframe\n\nChange the loop to go over only NUMA nodes which have CPUs before determining\nwhether the first CPU on the respective node needs microcode update.\n\n [ bp: Massage commit message, fix typo. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21991",
"url": "https://www.suse.com/security/cve/CVE-2025-21991"
},
{
"category": "external",
"summary": "SUSE Bug 1240795 for CVE-2025-21991",
"url": "https://bugzilla.suse.com/1240795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21991"
},
{
"cve": "CVE-2025-21992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: ignore non-functional sensor in HP 5MP Camera\n\nThe HP 5MP Camera (USB ID 0408:5473) reports a HID sensor interface that\nis not actually implemented. Attempting to access this non-functional\nsensor via iio_info causes system hangs as runtime PM tries to wake up\nan unresponsive sensor.\n\n [453] hid-sensor-hub 0003:0408:5473.0003: Report latency attributes: ffffffff:ffffffff\n [453] hid-sensor-hub 0003:0408:5473.0003: common attributes: 5:1, 2:1, 3:1 ffffffff:ffffffff\n\nAdd this device to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21992",
"url": "https://www.suse.com/security/cve/CVE-2025-21992"
},
{
"category": "external",
"summary": "SUSE Bug 1240796 for CVE-2025-21992",
"url": "https://bugzilla.suse.com/1240796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21992"
},
{
"cve": "CVE-2025-21993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()\n\nWhen performing an iSCSI boot using IPv6, iscsistart still reads the\n/sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix\nlength is 64, this causes the shift exponent to become negative,\ntriggering a UBSAN warning. As the concept of a subnet mask does not\napply to IPv6, the value is set to ~0 to suppress the warning message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21993",
"url": "https://www.suse.com/security/cve/CVE-2025-21993"
},
{
"category": "external",
"summary": "SUSE Bug 1240797 for CVE-2025-21993",
"url": "https://bugzilla.suse.com/1240797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21993"
},
{
"cve": "CVE-2025-21995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Fix fence reference count leak\n\nThe last_scheduled fence leaks when an entity is being killed and adding\nthe cleanup callback fails.\n\nDecrement the reference count of prev when dma_fence_add_callback()\nfails, ensuring proper balance.\n\n[phasta: add git tag info for stable kernel]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21995",
"url": "https://www.suse.com/security/cve/CVE-2025-21995"
},
{
"category": "external",
"summary": "SUSE Bug 1240821 for CVE-2025-21995",
"url": "https://bugzilla.suse.com/1240821"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21995"
},
{
"cve": "CVE-2025-21996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix uninitialized size issue in radeon_vce_cs_parse()\n\nOn the off chance that command stream passed from userspace via\nioctl() call to radeon_vce_cs_parse() is weirdly crafted and\nfirst command to execute is to encode (case 0x03000001), the function\nin question will attempt to call radeon_vce_cs_reloc() with size\nargument that has not been properly initialized. Specifically, \u0027size\u0027\nwill point to \u0027tmp\u0027 variable before the latter had a chance to be\nassigned any value.\n\nPlay it safe and init \u0027tmp\u0027 with 0, thus ensuring that\nradeon_vce_cs_reloc() will catch an early error in cases like these.\n\nFound by Linux Verification Center (linuxtesting.org) with static\nanalysis tool SVACE.\n\n(cherry picked from commit 2d52de55f9ee7aaee0e09ac443f77855989c6b68)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21996",
"url": "https://www.suse.com/security/cve/CVE-2025-21996"
},
{
"category": "external",
"summary": "SUSE Bug 1240801 for CVE-2025-21996",
"url": "https://bugzilla.suse.com/1240801"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-21996"
},
{
"cve": "CVE-2025-21999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nproc: fix UAF in proc_get_inode()\n\nFix race between rmmod and /proc/XXX\u0027s inode instantiation.\n\nThe bug is that pde-\u003eproc_ops don\u0027t belong to /proc, it belongs to a\nmodule, therefore dereferencing it after /proc entry has been registered\nis a bug unless use_pde/unuse_pde() pair has been used.\n\nuse_pde/unuse_pde can be avoided (2 atomic ops!) because pde-\u003eproc_ops\nnever changes so information necessary for inode instantiation can be\nsaved _before_ proc_register() in PDE itself and used later, avoiding\npde-\u003eproc_ops-\u003e... dereference.\n\n rmmod lookup\nsys_delete_module\n proc_lookup_de\n\t\t\t pde_get(de);\n\t\t\t proc_get_inode(dir-\u003ei_sb, de);\n mod-\u003eexit()\n proc_remove\n remove_proc_subtree\n proc_entry_rundown(de);\n free_module(mod);\n\n if (S_ISREG(inode-\u003ei_mode))\n\t if (de-\u003eproc_ops-\u003eproc_read_iter)\n --\u003e As module is already freed, will trigger UAF\n\nBUG: unable to handle page fault for address: fffffbfff80a702b\nPGD 817fc4067 P4D 817fc4067 PUD 817fc0067 PMD 102ef4067 PTE 0\nOops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 26 UID: 0 PID: 2667 Comm: ls Tainted: G\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nRIP: 0010:proc_get_inode+0x302/0x6e0\nRSP: 0018:ffff88811c837998 EFLAGS: 00010a06\nRAX: dffffc0000000000 RBX: ffffffffc0538140 RCX: 0000000000000007\nRDX: 1ffffffff80a702b RSI: 0000000000000001 RDI: ffffffffc0538158\nRBP: ffff8881299a6000 R08: 0000000067bbe1e5 R09: 1ffff11023906f20\nR10: ffffffffb560ca07 R11: ffffffffb2b43a58 R12: ffff888105bb78f0\nR13: ffff888100518048 R14: ffff8881299a6004 R15: 0000000000000001\nFS: 00007f95b9686840(0000) GS:ffff8883af100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: fffffbfff80a702b CR3: 0000000117dd2000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n proc_lookup_de+0x11f/0x2e0\n __lookup_slow+0x188/0x350\n walk_component+0x2ab/0x4f0\n path_lookupat+0x120/0x660\n filename_lookup+0x1ce/0x560\n vfs_statx+0xac/0x150\n __do_sys_newstat+0x96/0x110\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n[adobriyan@gmail.com: don\u0027t do 2 atomic ops on the common path]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21999",
"url": "https://www.suse.com/security/cve/CVE-2025-21999"
},
{
"category": "external",
"summary": "SUSE Bug 1240802 for CVE-2025-21999",
"url": "https://bugzilla.suse.com/1240802"
},
{
"category": "external",
"summary": "SUSE Bug 1242579 for CVE-2025-21999",
"url": "https://bugzilla.suse.com/1242579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2025-21999"
},
{
"cve": "CVE-2025-22001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/qaic: Fix integer overflow in qaic_validate_req()\n\nThese are u64 variables that come from the user via\nqaic_attach_slice_bo_ioctl(). Use check_add_overflow() to ensure that\nthe math doesn\u0027t have an integer wrapping bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22001",
"url": "https://www.suse.com/security/cve/CVE-2025-22001"
},
{
"category": "external",
"summary": "SUSE Bug 1240873 for CVE-2025-22001",
"url": "https://bugzilla.suse.com/1240873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22001"
},
{
"cve": "CVE-2025-22003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22003"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ucan: fix out of bound read in strscpy() source\n\nCommit 7fdaf8966aae (\"can: ucan: use strscpy() to instead of strncpy()\")\nunintentionally introduced a one byte out of bound read on strscpy()\u0027s\nsource argument (which is kind of ironic knowing that strscpy() is meant\nto be a more secure alternative :)).\n\nLet\u0027s consider below buffers:\n\n dest[len + 1]; /* will be NUL terminated */\n src[len]; /* may not be NUL terminated */\n\nWhen doing:\n\n strncpy(dest, src, len);\n dest[len] = \u0027\\0\u0027;\n\nstrncpy() will read up to len bytes from src.\n\nOn the other hand:\n\n strscpy(dest, src, len + 1);\n\nwill read up to len + 1 bytes from src, that is to say, an out of bound\nread of one byte will occur on src if it is not NUL terminated. Note\nthat the src[len] byte is never copied, but strscpy() still needs to\nread it to check whether a truncation occurred or not.\n\nThis exact pattern happened in ucan.\n\nThe root cause is that the source is not NUL terminated. Instead of\ndoing a copy in a local buffer, directly NUL terminate it as soon as\nusb_control_msg() returns. With this, the local firmware_str[] variable\ncan be removed.\n\nOn top of this do a couple refactors:\n\n - ucan_ctl_payload-\u003eraw is only used for the firmware string, so\n rename it to ucan_ctl_payload-\u003efw_str and change its type from u8 to\n char.\n\n - ucan_device_request_in() is only used to retrieve the firmware\n string, so rename it to ucan_get_fw_str() and refactor it to make it\n directly handle all the string termination logic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22003",
"url": "https://www.suse.com/security/cve/CVE-2025-22003"
},
{
"category": "external",
"summary": "SUSE Bug 1240825 for CVE-2025-22003",
"url": "https://bugzilla.suse.com/1240825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22003"
},
{
"cve": "CVE-2025-22007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix error code in chan_alloc_skb_cb()\n\nThe chan_alloc_skb_cb() function is supposed to return error pointers on\nerror. Returning NULL will lead to a NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22007",
"url": "https://www.suse.com/security/cve/CVE-2025-22007"
},
{
"category": "external",
"summary": "SUSE Bug 1240829 for CVE-2025-22007",
"url": "https://bugzilla.suse.com/1240829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22007"
},
{
"cve": "CVE-2025-22008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: check that dummy regulator has been probed before using it\n\nDue to asynchronous driver probing there is a chance that the dummy\nregulator hasn\u0027t already been probed when first accessing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22008",
"url": "https://www.suse.com/security/cve/CVE-2025-22008"
},
{
"category": "external",
"summary": "SUSE Bug 1240942 for CVE-2025-22008",
"url": "https://bugzilla.suse.com/1240942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22008"
},
{
"cve": "CVE-2025-22009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: dummy: force synchronous probing\n\nSometimes I get a NULL pointer dereference at boot time in kobject_get()\nwith the following call stack:\n\nanatop_regulator_probe()\n devm_regulator_register()\n regulator_register()\n regulator_resolve_supply()\n kobject_get()\n\nBy placing some extra BUG_ON() statements I could verify that this is\nraised because probing of the \u0027dummy\u0027 regulator driver is not completed\n(\u0027dummy_regulator_rdev\u0027 is still NULL).\n\nIn the JTAG debugger I can see that dummy_regulator_probe() and\nanatop_regulator_probe() can be run by different kernel threads\n(kworker/u4:*). I haven\u0027t further investigated whether this can be\nchanged or if there are other possibilities to force synchronization\nbetween these two probe routines. On the other hand I don\u0027t expect much\nboot time penalty by probing the \u0027dummy\u0027 regulator synchronously.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22009",
"url": "https://www.suse.com/security/cve/CVE-2025-22009"
},
{
"category": "external",
"summary": "SUSE Bug 1240940 for CVE-2025-22009",
"url": "https://bugzilla.suse.com/1240940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22009"
},
{
"cve": "CVE-2025-22010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix soft lockup during bt pages loop\n\nDriver runs a for-loop when allocating bt pages and mapping them with\nbuffer pages. When a large buffer (e.g. MR over 100GB) is being allocated,\nit may require a considerable loop count. This will lead to soft lockup:\n\n watchdog: BUG: soft lockup - CPU#27 stuck for 22s!\n ...\n Call trace:\n hem_list_alloc_mid_bt+0x124/0x394 [hns_roce_hw_v2]\n hns_roce_hem_list_request+0xf8/0x160 [hns_roce_hw_v2]\n hns_roce_mtr_create+0x2e4/0x360 [hns_roce_hw_v2]\n alloc_mr_pbl+0xd4/0x17c [hns_roce_hw_v2]\n hns_roce_reg_user_mr+0xf8/0x190 [hns_roce_hw_v2]\n ib_uverbs_reg_mr+0x118/0x290\n\n watchdog: BUG: soft lockup - CPU#35 stuck for 23s!\n ...\n Call trace:\n hns_roce_hem_list_find_mtt+0x7c/0xb0 [hns_roce_hw_v2]\n mtr_map_bufs+0xc4/0x204 [hns_roce_hw_v2]\n hns_roce_mtr_create+0x31c/0x3c4 [hns_roce_hw_v2]\n alloc_mr_pbl+0xb0/0x160 [hns_roce_hw_v2]\n hns_roce_reg_user_mr+0x108/0x1c0 [hns_roce_hw_v2]\n ib_uverbs_reg_mr+0x120/0x2bc\n\nAdd a cond_resched() to fix soft lockup during these loops. In order not\nto affect the allocation performance of normal-size buffer, set the loop\ncount of a 100GB MR as the threshold to call cond_resched().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22010",
"url": "https://www.suse.com/security/cve/CVE-2025-22010"
},
{
"category": "external",
"summary": "SUSE Bug 1240943 for CVE-2025-22010",
"url": "https://bugzilla.suse.com/1240943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22010"
},
{
"cve": "CVE-2025-22013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state\n\nThere are several problems with the way hyp code lazily saves the host\u0027s\nFPSIMD/SVE state, including:\n\n* Host SVE being discarded unexpectedly due to inconsistent\n configuration of TIF_SVE and CPACR_ELx.ZEN. This has been seen to\n result in QEMU crashes where SVE is used by memmove(), as reported by\n Eric Auger:\n\n https://issues.redhat.com/browse/RHEL-68997\n\n* Host SVE state is discarded *after* modification by ptrace, which was an\n unintentional ptrace ABI change introduced with lazy discarding of SVE state.\n\n* The host FPMR value can be discarded when running a non-protected VM,\n where FPMR support is not exposed to a VM, and that VM uses\n FPSIMD/SVE. In these cases the hyp code does not save the host\u0027s FPMR\n before unbinding the host\u0027s FPSIMD/SVE/SME state, leaving a stale\n value in memory.\n\nAvoid these by eagerly saving and \"flushing\" the host\u0027s FPSIMD/SVE/SME\nstate when loading a vCPU such that KVM does not need to save any of the\nhost\u0027s FPSIMD/SVE/SME state. For clarity, fpsimd_kvm_prepare() is\nremoved and the necessary call to fpsimd_save_and_flush_cpu_state() is\nplaced in kvm_arch_vcpu_load_fp(). As \u0027fpsimd_state\u0027 and \u0027fpmr_ptr\u0027\nshould not be used, they are set to NULL; all uses of these will be\nremoved in subsequent patches.\n\nHistorical problems go back at least as far as v5.17, e.g. erroneous\nassumptions about TIF_SVE being clear in commit:\n\n 8383741ab2e773a9 (\"KVM: arm64: Get rid of host SVE tracking/saving\")\n\n... and so this eager save+flush probably needs to be backported to ALL\nstable trees.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22013",
"url": "https://www.suse.com/security/cve/CVE-2025-22013"
},
{
"category": "external",
"summary": "SUSE Bug 1240938 for CVE-2025-22013",
"url": "https://bugzilla.suse.com/1240938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22013"
},
{
"cve": "CVE-2025-22014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: pdr: Fix the potential deadlock\n\nWhen some client process A call pdr_add_lookup() to add the look up for\nthe service and does schedule locator work, later a process B got a new\nserver packet indicating locator is up and call pdr_locator_new_server()\nwhich eventually sets pdr-\u003elocator_init_complete to true which process A\nsees and takes list lock and queries domain list but it will timeout due\nto deadlock as the response will queued to the same qmi-\u003ewq and it is\nordered workqueue and process B is not able to complete new server\nrequest work due to deadlock on list lock.\n\nFix it by removing the unnecessary list iteration as the list iteration\nis already being done inside locator work, so avoid it here and just\ncall schedule_work() here.\n\n Process A Process B\n\n process_scheduled_works()\npdr_add_lookup() qmi_data_ready_work()\n process_scheduled_works() pdr_locator_new_server()\n pdr-\u003elocator_init_complete=true;\n pdr_locator_work()\n mutex_lock(\u0026pdr-\u003elist_lock);\n\n pdr_locate_service() mutex_lock(\u0026pdr-\u003elist_lock);\n\n pdr_get_domain_list()\n pr_err(\"PDR: %s get domain list\n txn wait failed: %d\\n\",\n req-\u003eservice_name,\n ret);\n\nTimeout error log due to deadlock:\n\n\"\n PDR: tms/servreg get domain list txn wait failed: -110\n PDR: service lookup for msm/adsp/sensor_pd:tms/servreg failed: -110\n\"\n\nThanks to Bjorn and Johan for letting me know that this commit also fixes\nan audio regression when using the in-kernel pd-mapper as that makes it\neasier to hit this race. [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22014",
"url": "https://www.suse.com/security/cve/CVE-2025-22014"
},
{
"category": "external",
"summary": "SUSE Bug 1240937 for CVE-2025-22014",
"url": "https://bugzilla.suse.com/1240937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22014"
},
{
"cve": "CVE-2025-22015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate: fix shmem xarray update during migration\n\nA shmem folio can be either in page cache or in swap cache, but not at the\nsame time. Namely, once it is in swap cache, folio-\u003emapping should be\nNULL, and the folio is no longer in a shmem mapping.\n\nIn __folio_migrate_mapping(), to determine the number of xarray entries to\nupdate, folio_test_swapbacked() is used, but that conflates shmem in page\ncache case and shmem in swap cache case. It leads to xarray multi-index\nentry corruption, since it turns a sibling entry to a normal entry during\nxas_store() (see [1] for a userspace reproduction). Fix it by only using\nfolio_test_swapcache() to determine whether xarray is storing swap cache\nentries or not to choose the right number of xarray entries to update.\n\n[1] https://lore.kernel.org/linux-mm/Z8idPCkaJW1IChjT@casper.infradead.org/\n\nNote:\nIn __split_huge_page(), folio_test_anon() \u0026\u0026 folio_test_swapcache() is\nused to get swap_cache address space, but that ignores the shmem folio in\nswap cache case. It could lead to NULL pointer dereferencing when a\nin-swap-cache shmem folio is split at __xa_store(), since\n!folio_test_anon() is true and folio-\u003emapping is NULL. But fortunately,\nits caller split_huge_page_to_list_to_order() bails out early with EBUSY\nwhen folio-\u003emapping is NULL. So no need to take care of it here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22015",
"url": "https://www.suse.com/security/cve/CVE-2025-22015"
},
{
"category": "external",
"summary": "SUSE Bug 1240944 for CVE-2025-22015",
"url": "https://bugzilla.suse.com/1240944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22015"
},
{
"cve": "CVE-2025-22016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndpll: fix xa_alloc_cyclic() error handling\n\nIn case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will\nbe returned, which will cause IS_ERR() to be false. Which can lead to\ndereference not allocated pointer (pin).\n\nFix it by checking if err is lower than zero.\n\nThis wasn\u0027t found in real usecase, only noticed. Credit to Pierre.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22016",
"url": "https://www.suse.com/security/cve/CVE-2025-22016"
},
{
"category": "external",
"summary": "SUSE Bug 1240934 for CVE-2025-22016",
"url": "https://bugzilla.suse.com/1240934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22016"
},
{
"cve": "CVE-2025-22017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndevlink: fix xa_alloc_cyclic() error handling\n\nIn case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will\nbe returned, which will cause IS_ERR() to be false. Which can lead to\ndereference not allocated pointer (rel).\n\nFix it by checking if err is lower than zero.\n\nThis wasn\u0027t found in real usecase, only noticed. Credit to Pierre.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22017",
"url": "https://www.suse.com/security/cve/CVE-2025-22017"
},
{
"category": "external",
"summary": "SUSE Bug 1240936 for CVE-2025-22017",
"url": "https://bugzilla.suse.com/1240936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22017"
},
{
"cve": "CVE-2025-22018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Fix NULL pointer dereference\n\nWhen MPOA_cache_impos_rcvd() receives the msg, it can trigger\nNull Pointer Dereference Vulnerability if both entry and\nholding_time are NULL. Because there is only for the situation\nwhere entry is NULL and holding_time exists, it can be passed\nwhen both entry and holding_time are NULL. If these are NULL,\nthe entry will be passd to eg_cache_put() as parameter and\nit is referenced by entry-\u003euse code in it.\n\nkasan log:\n\n[ 3.316691] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006:I\n[ 3.317568] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\n[ 3.318188] CPU: 3 UID: 0 PID: 79 Comm: ex Not tainted 6.14.0-rc2 #102\n[ 3.318601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n[ 3.319298] RIP: 0010:eg_cache_remove_entry+0xa5/0x470\n[ 3.319677] Code: c1 f7 6e fd 48 c7 c7 00 7e 38 b2 e8 95 64 54 fd 48 c7 c7 40 7e 38 b2 48 89 ee e80\n[ 3.321220] RSP: 0018:ffff88800583f8a8 EFLAGS: 00010006\n[ 3.321596] RAX: 0000000000000006 RBX: ffff888005989000 RCX: ffffffffaecc2d8e\n[ 3.322112] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000030\n[ 3.322643] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff6558b88\n[ 3.323181] R10: 0000000000000003 R11: 203a207972746e65 R12: 1ffff11000b07f15\n[ 3.323707] R13: dffffc0000000000 R14: ffff888005989000 R15: ffff888005989068\n[ 3.324185] FS: 000000001b6313c0(0000) GS:ffff88806d380000(0000) knlGS:0000000000000000\n[ 3.325042] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 3.325545] CR2: 00000000004b4b40 CR3: 000000000248e000 CR4: 00000000000006f0\n[ 3.326430] Call Trace:\n[ 3.326725] \u003cTASK\u003e\n[ 3.326927] ? die_addr+0x3c/0xa0\n[ 3.327330] ? exc_general_protection+0x161/0x2a0\n[ 3.327662] ? asm_exc_general_protection+0x26/0x30\n[ 3.328214] ? vprintk_emit+0x15e/0x420\n[ 3.328543] ? eg_cache_remove_entry+0xa5/0x470\n[ 3.328910] ? eg_cache_remove_entry+0x9a/0x470\n[ 3.329294] ? __pfx_eg_cache_remove_entry+0x10/0x10\n[ 3.329664] ? console_unlock+0x107/0x1d0\n[ 3.329946] ? __pfx_console_unlock+0x10/0x10\n[ 3.330283] ? do_syscall_64+0xa6/0x1a0\n[ 3.330584] ? entry_SYSCALL_64_after_hwframe+0x47/0x7f\n[ 3.331090] ? __pfx_prb_read_valid+0x10/0x10\n[ 3.331395] ? down_trylock+0x52/0x80\n[ 3.331703] ? vprintk_emit+0x15e/0x420\n[ 3.331986] ? __pfx_vprintk_emit+0x10/0x10\n[ 3.332279] ? down_trylock+0x52/0x80\n[ 3.332527] ? _printk+0xbf/0x100\n[ 3.332762] ? __pfx__printk+0x10/0x10\n[ 3.333007] ? _raw_write_lock_irq+0x81/0xe0\n[ 3.333284] ? __pfx__raw_write_lock_irq+0x10/0x10\n[ 3.333614] msg_from_mpoad+0x1185/0x2750\n[ 3.333893] ? __build_skb_around+0x27b/0x3a0\n[ 3.334183] ? __pfx_msg_from_mpoad+0x10/0x10\n[ 3.334501] ? __alloc_skb+0x1c0/0x310\n[ 3.334809] ? __pfx___alloc_skb+0x10/0x10\n[ 3.335283] ? _raw_spin_lock+0xe0/0xe0\n[ 3.335632] ? finish_wait+0x8d/0x1e0\n[ 3.335975] vcc_sendmsg+0x684/0xba0\n[ 3.336250] ? __pfx_vcc_sendmsg+0x10/0x10\n[ 3.336587] ? __pfx_autoremove_wake_function+0x10/0x10\n[ 3.337056] ? fdget+0x176/0x3e0\n[ 3.337348] __sys_sendto+0x4a2/0x510\n[ 3.337663] ? __pfx___sys_sendto+0x10/0x10\n[ 3.337969] ? ioctl_has_perm.constprop.0.isra.0+0x284/0x400\n[ 3.338364] ? sock_ioctl+0x1bb/0x5a0\n[ 3.338653] ? __rseq_handle_notify_resume+0x825/0xd20\n[ 3.339017] ? __pfx_sock_ioctl+0x10/0x10\n[ 3.339316] ? __pfx___rseq_handle_notify_resume+0x10/0x10\n[ 3.339727] ? selinux_file_ioctl+0xa4/0x260\n[ 3.340166] __x64_sys_sendto+0xe0/0x1c0\n[ 3.340526] ? syscall_exit_to_user_mode+0x123/0x140\n[ 3.340898] do_syscall_64+0xa6/0x1a0\n[ 3.341170] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 3.341533] RIP: 0033:0x44a380\n[ 3.341757] Code: 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c00\n[ \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22018",
"url": "https://www.suse.com/security/cve/CVE-2025-22018"
},
{
"category": "external",
"summary": "SUSE Bug 1241266 for CVE-2025-22018",
"url": "https://bugzilla.suse.com/1241266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22018"
},
{
"cve": "CVE-2025-22020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove\n\nThis fixes the following crash:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in rtsx_usb_ms_poll_card+0x159/0x200 [rtsx_usb_ms]\nRead of size 8 at addr ffff888136335380 by task kworker/6:0/140241\n\nCPU: 6 UID: 0 PID: 140241 Comm: kworker/6:0 Kdump: loaded Tainted: G E 6.14.0-rc6+ #1\nTainted: [E]=UNSIGNED_MODULE\nHardware name: LENOVO 30FNA1V7CW/1057, BIOS S0EKT54A 07/01/2024\nWorkqueue: events rtsx_usb_ms_poll_card [rtsx_usb_ms]\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x51/0x70\n print_address_description.constprop.0+0x27/0x320\n ? rtsx_usb_ms_poll_card+0x159/0x200 [rtsx_usb_ms]\n print_report+0x3e/0x70\n kasan_report+0xab/0xe0\n ? rtsx_usb_ms_poll_card+0x159/0x200 [rtsx_usb_ms]\n rtsx_usb_ms_poll_card+0x159/0x200 [rtsx_usb_ms]\n ? __pfx_rtsx_usb_ms_poll_card+0x10/0x10 [rtsx_usb_ms]\n ? __pfx___schedule+0x10/0x10\n ? kick_pool+0x3b/0x270\n process_one_work+0x357/0x660\n worker_thread+0x390/0x4c0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x190/0x1d0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2d/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 161446:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x10/0x30\n __kasan_kmalloc+0x7b/0x90\n __kmalloc_noprof+0x1a7/0x470\n memstick_alloc_host+0x1f/0xe0 [memstick]\n rtsx_usb_ms_drv_probe+0x47/0x320 [rtsx_usb_ms]\n platform_probe+0x60/0xe0\n call_driver_probe+0x35/0x120\n really_probe+0x123/0x410\n __driver_probe_device+0xc7/0x1e0\n driver_probe_device+0x49/0xf0\n __device_attach_driver+0xc6/0x160\n bus_for_each_drv+0xe4/0x160\n __device_attach+0x13a/0x2b0\n bus_probe_device+0xbd/0xd0\n device_add+0x4a5/0x760\n platform_device_add+0x189/0x370\n mfd_add_device+0x587/0x5e0\n mfd_add_devices+0xb1/0x130\n rtsx_usb_probe+0x28e/0x2e0 [rtsx_usb]\n usb_probe_interface+0x15c/0x460\n call_driver_probe+0x35/0x120\n really_probe+0x123/0x410\n __driver_probe_device+0xc7/0x1e0\n driver_probe_device+0x49/0xf0\n __device_attach_driver+0xc6/0x160\n bus_for_each_drv+0xe4/0x160\n __device_attach+0x13a/0x2b0\n rebind_marked_interfaces.isra.0+0xcc/0x110\n usb_reset_device+0x352/0x410\n usbdev_do_ioctl+0xe5c/0x1860\n usbdev_ioctl+0xa/0x20\n __x64_sys_ioctl+0xc5/0xf0\n do_syscall_64+0x59/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 161506:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x36/0x60\n __kasan_slab_free+0x34/0x50\n kfree+0x1fd/0x3b0\n device_release+0x56/0xf0\n kobject_cleanup+0x73/0x1c0\n rtsx_usb_ms_drv_remove+0x13d/0x220 [rtsx_usb_ms]\n platform_remove+0x2f/0x50\n device_release_driver_internal+0x24b/0x2e0\n bus_remove_device+0x124/0x1d0\n device_del+0x239/0x530\n platform_device_del.part.0+0x19/0xe0\n platform_device_unregister+0x1c/0x40\n mfd_remove_devices_fn+0x167/0x170\n device_for_each_child_reverse+0xc9/0x130\n mfd_remove_devices+0x6e/0xa0\n rtsx_usb_disconnect+0x2e/0xd0 [rtsx_usb]\n usb_unbind_interface+0xf3/0x3f0\n device_release_driver_internal+0x24b/0x2e0\n proc_disconnect_claim+0x13d/0x220\n usbdev_do_ioctl+0xb5e/0x1860\n usbdev_ioctl+0xa/0x20\n __x64_sys_ioctl+0xc5/0xf0\n do_syscall_64+0x59/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nLast potentially related work creation:\n kasan_save_stack+0x20/0x40\n kasan_record_aux_stack+0x85/0x90\n insert_work+0x29/0x100\n __queue_work+0x34a/0x540\n call_timer_fn+0x2a/0x160\n expire_timers+0x5f/0x1f0\n __run_timer_base.part.0+0x1b6/0x1e0\n run_timer_softirq+0x8b/0xe0\n handle_softirqs+0xf9/0x360\n __irq_exit_rcu+0x114/0x130\n sysvec_apic_timer_interrupt+0x72/0x90\n asm_sysvec_apic_timer_interrupt+0x16/0x20\n\nSecond to last potentially related work creation:\n kasan_save_stack+0x20/0x40\n kasan_record_aux_stack+0x85/0x90\n insert_work+0x29/0x100\n __queue_work+0x34a/0x540\n call_timer_fn+0x2a/0x160\n expire_timers+0x5f/0x1f0\n __run_timer_base.part.0+0x1b6/0x1e0\n run_timer_softirq+0x8b/0xe0\n handle_softirqs+0xf9/0x\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22020",
"url": "https://www.suse.com/security/cve/CVE-2025-22020"
},
{
"category": "external",
"summary": "SUSE Bug 1241280 for CVE-2025-22020",
"url": "https://bugzilla.suse.com/1241280"
},
{
"category": "external",
"summary": "SUSE Bug 1241281 for CVE-2025-22020",
"url": "https://bugzilla.suse.com/1241281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2025-22020"
},
{
"cve": "CVE-2025-22021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: socket: Lookup orig tuple for IPv6 SNAT\n\nnf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to\nrestore the original 5-tuple in case of SNAT, to be able to find the\nright socket (if any). Then socket_match() can correctly check whether\nthe socket was transparent.\n\nHowever, the IPv6 counterpart (nf_sk_lookup_slow_v6) lacks this\nconntrack lookup, making xt_socket fail to match on the socket when the\npacket was SNATed. Add the same logic to nf_sk_lookup_slow_v6.\n\nIPv6 SNAT is used in Kubernetes clusters for pod-to-world packets, as\npods\u0027 addresses are in the fd00::/8 ULA subnet and need to be replaced\nwith the node\u0027s external address. Cilium leverages Envoy to enforce L7\npolicies, and Envoy uses transparent sockets. Cilium inserts an iptables\nprerouting rule that matches on `-m socket --transparent` and redirects\nthe packets to localhost, but it fails to match SNATed IPv6 packets due\nto that missing conntrack lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22021",
"url": "https://www.suse.com/security/cve/CVE-2025-22021"
},
{
"category": "external",
"summary": "SUSE Bug 1241282 for CVE-2025-22021",
"url": "https://bugzilla.suse.com/1241282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "low"
}
],
"title": "CVE-2025-22021"
},
{
"cve": "CVE-2025-22025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22025"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: put dl_stid if fail to queue dl_recall\n\nBefore calling nfsd4_run_cb to queue dl_recall to the callback_wq, we\nincrement the reference count of dl_stid.\nWe expect that after the corresponding work_struct is processed, the\nreference count of dl_stid will be decremented through the callback\nfunction nfsd4_cb_recall_release.\nHowever, if the call to nfsd4_run_cb fails, the incremented reference\ncount of dl_stid will not be decremented correspondingly, leading to the\nfollowing nfs4_stid leak:\nunreferenced object 0xffff88812067b578 (size 344):\n comm \"nfsd\", pid 2761, jiffies 4295044002 (age 5541.241s)\n hex dump (first 32 bytes):\n 01 00 00 00 6b 6b 6b 6b b8 02 c0 e2 81 88 ff ff ....kkkk........\n 00 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 ad 4e ad de .kkkkkkk.....N..\n backtrace:\n kmem_cache_alloc+0x4b9/0x700\n nfsd4_process_open1+0x34/0x300\n nfsd4_open+0x2d1/0x9d0\n nfsd4_proc_compound+0x7a2/0xe30\n nfsd_dispatch+0x241/0x3e0\n svc_process_common+0x5d3/0xcc0\n svc_process+0x2a3/0x320\n nfsd+0x180/0x2e0\n kthread+0x199/0x1d0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\nunreferenced object 0xffff8881499f4d28 (size 368):\n comm \"nfsd\", pid 2761, jiffies 4295044005 (age 5541.239s)\n hex dump (first 32 bytes):\n 01 00 00 00 00 00 00 00 30 4d 9f 49 81 88 ff ff ........0M.I....\n 30 4d 9f 49 81 88 ff ff 20 00 00 00 01 00 00 00 0M.I.... .......\n backtrace:\n kmem_cache_alloc+0x4b9/0x700\n nfs4_alloc_stid+0x29/0x210\n alloc_init_deleg+0x92/0x2e0\n nfs4_set_delegation+0x284/0xc00\n nfs4_open_delegation+0x216/0x3f0\n nfsd4_process_open2+0x2b3/0xee0\n nfsd4_open+0x770/0x9d0\n nfsd4_proc_compound+0x7a2/0xe30\n nfsd_dispatch+0x241/0x3e0\n svc_process_common+0x5d3/0xcc0\n svc_process+0x2a3/0x320\n nfsd+0x180/0x2e0\n kthread+0x199/0x1d0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\nFix it by checking the result of nfsd4_run_cb and call nfs4_put_stid if\nfail to queue dl_recall.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22025",
"url": "https://www.suse.com/security/cve/CVE-2025-22025"
},
{
"category": "external",
"summary": "SUSE Bug 1241361 for CVE-2025-22025",
"url": "https://bugzilla.suse.com/1241361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22025"
},
{
"cve": "CVE-2025-22027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22027"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: streamzap: fix race between device disconnection and urb callback\n\nSyzkaller has reported a general protection fault at function\nir_raw_event_store_with_filter(). This crash is caused by a NULL pointer\ndereference of dev-\u003eraw pointer, even though it is checked for NULL in\nthe same function, which means there is a race condition. It occurs due\nto the incorrect order of actions in the streamzap_disconnect() function:\nrc_unregister_device() is called before usb_kill_urb(). The dev-\u003eraw\npointer is freed and set to NULL in rc_unregister_device(), and only\nafter that usb_kill_urb() waits for in-progress requests to finish.\n\nIf rc_unregister_device() is called while streamzap_callback() handler is\nnot finished, this can lead to accessing freed resources. Thus\nrc_unregister_device() should be called after usb_kill_urb().\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22027",
"url": "https://www.suse.com/security/cve/CVE-2025-22027"
},
{
"category": "external",
"summary": "SUSE Bug 1241369 for CVE-2025-22027",
"url": "https://bugzilla.suse.com/1241369"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22027"
},
{
"cve": "CVE-2025-22030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()\n\nCurrently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding\nthe per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_lock\n(through crypto_exit_scomp_ops_async()).\n\nOn the other hand, crypto_alloc_acomp_node() holds the scomp_lock (through\ncrypto_scomp_init_tfm()), and then allocates memory. If the allocation\nresults in reclaim, we may attempt to hold the per-CPU acomp_ctx mutex.\n\nThe above dependencies can cause an ABBA deadlock. For example in the\nfollowing scenario:\n\n(1) Task A running on CPU #1:\n crypto_alloc_acomp_node()\n Holds scomp_lock\n Enters reclaim\n Reads per_cpu_ptr(pool-\u003eacomp_ctx, 1)\n\n(2) Task A is descheduled\n\n(3) CPU #1 goes offline\n zswap_cpu_comp_dead(CPU #1)\n Holds per_cpu_ptr(pool-\u003eacomp_ctx, 1))\n Calls crypto_free_acomp()\n Waits for scomp_lock\n\n(4) Task A running on CPU #2:\n Waits for per_cpu_ptr(pool-\u003eacomp_ctx, 1) // Read on CPU #1\n DEADLOCK\n\nSince there is no requirement to call crypto_free_acomp() with the per-CPU\nacomp_ctx mutex held in zswap_cpu_comp_dead(), move it after the mutex is\nunlocked. Also move the acomp_request_free() and kfree() calls for\nconsistency and to avoid any potential sublte locking dependencies in the\nfuture.\n\nWith this, only setting acomp_ctx fields to NULL occurs with the mutex\nheld. This is similar to how zswap_cpu_comp_prepare() only initializes\nacomp_ctx fields with the mutex held, after performing all allocations\nbefore holding the mutex.\n\nOpportunistically, move the NULL check on acomp_ctx so that it takes place\nbefore the mutex dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22030",
"url": "https://www.suse.com/security/cve/CVE-2025-22030"
},
{
"category": "external",
"summary": "SUSE Bug 1241376 for CVE-2025-22030",
"url": "https://bugzilla.suse.com/1241376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22030"
},
{
"cve": "CVE-2025-22033",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22033"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: Don\u0027t call NULL in do_compat_alignment_fixup()\n\ndo_alignment_t32_to_handler() only fixes up alignment faults for\nspecific instructions; it returns NULL otherwise (e.g. LDREX). When\nthat\u0027s the case, signal to the caller that it needs to proceed with the\nregular alignment fault handling (i.e. SIGBUS). Without this patch, the\nkernel panics:\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n Mem abort info:\n ESR = 0x0000000086000006\n EC = 0x21: IABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x06: level 2 translation fault\n user pgtable: 4k pages, 48-bit VAs, pgdp=00000800164aa000\n [0000000000000000] pgd=0800081fdbd22003, p4d=0800081fdbd22003, pud=08000815d51c6003, pmd=0000000000000000\n Internal error: Oops: 0000000086000006 [#1] SMP\n Modules linked in: cfg80211 rfkill xt_nat xt_tcpudp xt_conntrack nft_chain_nat xt_MASQUERADE nf_nat nf_conntrack_netlink nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xfrm_user xfrm_algo xt_addrtype nft_compat br_netfilter veth nvme_fa\u003e\n libcrc32c crc32c_generic raid0 multipath linear dm_mod dax raid1 md_mod xhci_pci nvme xhci_hcd nvme_core t10_pi usbcore igb crc64_rocksoft crc64 crc_t10dif crct10dif_generic crct10dif_ce crct10dif_common usb_common i2c_algo_bit i2c\u003e\n CPU: 2 PID: 3932954 Comm: WPEWebProcess Not tainted 6.1.0-31-arm64 #1 Debian 6.1.128-1\n Hardware name: GIGABYTE MP32-AR1-00/MP32-AR1-00, BIOS F18v (SCP: 1.08.20211002) 12/01/2021\n pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : 0x0\n lr : do_compat_alignment_fixup+0xd8/0x3dc\n sp : ffff80000f973dd0\n x29: ffff80000f973dd0 x28: ffff081b42526180 x27: 0000000000000000\n x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\n x23: 0000000000000004 x22: 0000000000000000 x21: 0000000000000001\n x20: 00000000e8551f00 x19: ffff80000f973eb0 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000 x9 : ffffaebc949bc488\n x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n x5 : 0000000000400000 x4 : 0000fffffffffffe x3 : 0000000000000000\n x2 : ffff80000f973eb0 x1 : 00000000e8551f00 x0 : 0000000000000001\n Call trace:\n 0x0\n do_alignment_fault+0x40/0x50\n do_mem_abort+0x4c/0xa0\n el0_da+0x48/0xf0\n el0t_32_sync_handler+0x110/0x140\n el0t_32_sync+0x190/0x194\n Code: bad PC value\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22033",
"url": "https://www.suse.com/security/cve/CVE-2025-22033"
},
{
"category": "external",
"summary": "SUSE Bug 1241436 for CVE-2025-22033",
"url": "https://bugzilla.suse.com/1241436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22033"
},
{
"cve": "CVE-2025-22036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix random stack corruption after get_block\n\nWhen get_block is called with a buffer_head allocated on the stack, such\nas do_mpage_readpage, stack corruption due to buffer_head UAF may occur in\nthe following race condition situation.\n\n \u003cCPU 0\u003e \u003cCPU 1\u003e\nmpage_read_folio\n \u003c\u003cbh on stack\u003e\u003e\n do_mpage_readpage\n exfat_get_block\n bh_read\n __bh_read\n\t get_bh(bh)\n submit_bh\n wait_on_buffer\n ...\n end_buffer_read_sync\n __end_buffer_read_notouch\n unlock_buffer\n \u003c\u003ckeep going\u003e\u003e\n ...\n ...\n ...\n ...\n\u003c\u003cbh is not valid out of mpage_read_folio\u003e\u003e\n .\n .\nanother_function\n \u003c\u003cvariable A on stack\u003e\u003e\n put_bh(bh)\n atomic_dec(bh-\u003eb_count)\n * stack corruption here *\n\nThis patch returns -EAGAIN if a folio does not have buffers when bh_read\nneeds to be called. By doing this, the caller can fallback to functions\nlike block_read_full_folio(), create a buffer_head in the folio, and then\ncall get_block again.\n\nLet\u0027s do not call bh_read() with on-stack buffer_head.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22036",
"url": "https://www.suse.com/security/cve/CVE-2025-22036"
},
{
"category": "external",
"summary": "SUSE Bug 1241426 for CVE-2025-22036",
"url": "https://bugzilla.suse.com/1241426"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22036"
},
{
"cve": "CVE-2025-22044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacpi: nfit: fix narrowing conversion in acpi_nfit_ctl\n\nSyzkaller has reported a warning in to_nfit_bus_uuid(): \"only secondary\nbus families can be translated\". This warning is emited if the argument\nis equal to NVDIMM_BUS_FAMILY_NFIT == 0. Function acpi_nfit_ctl() first\nverifies that a user-provided value call_pkg-\u003end_family of type u64 is\nnot equal to 0. Then the value is converted to int, and only after that\nis compared to NVDIMM_BUS_FAMILY_MAX. This can lead to passing an invalid\nargument to acpi_nfit_ctl(), if call_pkg-\u003end_family is non-zero, while\nthe lower 32 bits are zero.\n\nFurthermore, it is best to return EINVAL immediately upon seeing the\ninvalid user input. The WARNING is insufficient to prevent further\nundefined behavior based on other invalid user input.\n\nAll checks of the input value should be applied to the original variable\ncall_pkg-\u003end_family.\n\n[iweiny: update commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22044",
"url": "https://www.suse.com/security/cve/CVE-2025-22044"
},
{
"category": "external",
"summary": "SUSE Bug 1241424 for CVE-2025-22044",
"url": "https://bugzilla.suse.com/1241424"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22044"
},
{
"cve": "CVE-2025-22045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm: Fix flush_tlb_range() when used for zapping normal PMDs\n\nOn the following path, flush_tlb_range() can be used for zapping normal\nPMD entries (PMD entries that point to page tables) together with the PTE\nentries in the pointed-to page table:\n\n collapse_pte_mapped_thp\n pmdp_collapse_flush\n flush_tlb_range\n\nThe arm64 version of flush_tlb_range() has a comment describing that it can\nbe used for page table removal, and does not use any last-level\ninvalidation optimizations. Fix the X86 version by making it behave the\nsame way.\n\nCurrently, X86 only uses this information for the following two purposes,\nwhich I think means the issue doesn\u0027t have much impact:\n\n - In native_flush_tlb_multi() for checking if lazy TLB CPUs need to be\n IPI\u0027d to avoid issues with speculative page table walks.\n - In Hyper-V TLB paravirtualization, again for lazy TLB stuff.\n\nThe patch \"x86/mm: only invalidate final translations with INVLPGB\" which\nis currently under review (see\n\u003chttps://lore.kernel.org/all/20241230175550.4046587-13-riel@surriel.com/\u003e)\nwould probably be making the impact of this a lot worse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22045",
"url": "https://www.suse.com/security/cve/CVE-2025-22045"
},
{
"category": "external",
"summary": "SUSE Bug 1241433 for CVE-2025-22045",
"url": "https://bugzilla.suse.com/1241433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22045"
},
{
"cve": "CVE-2025-22050",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22050"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet:fix NPE during rx_complete\n\nMissing usbnet_going_away Check in Critical Path.\nThe usb_submit_urb function lacks a usbnet_going_away\nvalidation, whereas __usbnet_queue_skb includes this check.\n\nThis inconsistency creates a race condition where:\nA URB request may succeed, but the corresponding SKB data\nfails to be queued.\n\nSubsequent processes:\n(e.g., rx_complete \u2192 defer_bh \u2192 __skb_unlink(skb, list))\nattempt to access skb-\u003enext, triggering a NULL pointer\ndereference (Kernel Panic).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22050",
"url": "https://www.suse.com/security/cve/CVE-2025-22050"
},
{
"category": "external",
"summary": "SUSE Bug 1241441 for CVE-2025-22050",
"url": "https://bugzilla.suse.com/1241441"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22050"
},
{
"cve": "CVE-2025-22053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ibmveth: make veth_pool_store stop hanging\n\nv2:\n- Created a single error handling unlock and exit in veth_pool_store\n- Greatly expanded commit message with previous explanatory-only text\n\nSummary: Use rtnl_mutex to synchronize veth_pool_store with itself,\nibmveth_close and ibmveth_open, preventing multiple calls in a row to\nnapi_disable.\n\nBackground: Two (or more) threads could call veth_pool_store through\nwriting to /sys/devices/vio/30000002/pool*/*. You can do this easily\nwith a little shell script. This causes a hang.\n\nI configured LOCKDEP, compiled ibmveth.c with DEBUG, and built a new\nkernel. I ran this test again and saw:\n\n Setting pool0/active to 0\n Setting pool1/active to 1\n [ 73.911067][ T4365] ibmveth 30000002 eth0: close starting\n Setting pool1/active to 1\n Setting pool1/active to 0\n [ 73.911367][ T4366] ibmveth 30000002 eth0: close starting\n [ 73.916056][ T4365] ibmveth 30000002 eth0: close complete\n [ 73.916064][ T4365] ibmveth 30000002 eth0: open starting\n [ 110.808564][ T712] systemd-journald[712]: Sent WATCHDOG=1 notification.\n [ 230.808495][ T712] systemd-journald[712]: Sent WATCHDOG=1 notification.\n [ 243.683786][ T123] INFO: task stress.sh:4365 blocked for more than 122 seconds.\n [ 243.683827][ T123] Not tainted 6.14.0-01103-g2df0c02dab82-dirty #8\n [ 243.683833][ T123] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n [ 243.683838][ T123] task:stress.sh state:D stack:28096 pid:4365 tgid:4365 ppid:4364 task_flags:0x400040 flags:0x00042000\n [ 243.683852][ T123] Call Trace:\n [ 243.683857][ T123] [c00000000c38f690] [0000000000000001] 0x1 (unreliable)\n [ 243.683868][ T123] [c00000000c38f840] [c00000000001f908] __switch_to+0x318/0x4e0\n [ 243.683878][ T123] [c00000000c38f8a0] [c000000001549a70] __schedule+0x500/0x12a0\n [ 243.683888][ T123] [c00000000c38f9a0] [c00000000154a878] schedule+0x68/0x210\n [ 243.683896][ T123] [c00000000c38f9d0] [c00000000154ac80] schedule_preempt_disabled+0x30/0x50\n [ 243.683904][ T123] [c00000000c38fa00] [c00000000154dbb0] __mutex_lock+0x730/0x10f0\n [ 243.683913][ T123] [c00000000c38fb10] [c000000001154d40] napi_enable+0x30/0x60\n [ 243.683921][ T123] [c00000000c38fb40] [c000000000f4ae94] ibmveth_open+0x68/0x5dc\n [ 243.683928][ T123] [c00000000c38fbe0] [c000000000f4aa20] veth_pool_store+0x220/0x270\n [ 243.683936][ T123] [c00000000c38fc70] [c000000000826278] sysfs_kf_write+0x68/0xb0\n [ 243.683944][ T123] [c00000000c38fcb0] [c0000000008240b8] kernfs_fop_write_iter+0x198/0x2d0\n [ 243.683951][ T123] [c00000000c38fd00] [c00000000071b9ac] vfs_write+0x34c/0x650\n [ 243.683958][ T123] [c00000000c38fdc0] [c00000000071bea8] ksys_write+0x88/0x150\n [ 243.683966][ T123] [c00000000c38fe10] [c0000000000317f4] system_call_exception+0x124/0x340\n [ 243.683973][ T123] [c00000000c38fe50] [c00000000000d05c] system_call_vectored_common+0x15c/0x2ec\n ...\n [ 243.684087][ T123] Showing all locks held in the system:\n [ 243.684095][ T123] 1 lock held by khungtaskd/123:\n [ 243.684099][ T123] #0: c00000000278e370 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x50/0x248\n [ 243.684114][ T123] 4 locks held by stress.sh/4365:\n [ 243.684119][ T123] #0: c00000003a4cd3f8 (sb_writers#3){.+.+}-{0:0}, at: ksys_write+0x88/0x150\n [ 243.684132][ T123] #1: c000000041aea888 (\u0026of-\u003emutex#2){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x154/0x2d0\n [ 243.684143][ T123] #2: c0000000366fb9a8 (kn-\u003eactive#64){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x160/0x2d0\n [ 243.684155][ T123] #3: c000000035ff4cb8 (\u0026dev-\u003elock){+.+.}-{3:3}, at: napi_enable+0x30/0x60\n [ 243.684166][ T123] 5 locks held by stress.sh/4366:\n [ 243.684170][ T123] #0: c00000003a4cd3f8 (sb_writers#3){.+.+}-{0:0}, at: ksys_write+0x88/0x150\n [ 243.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22053",
"url": "https://www.suse.com/security/cve/CVE-2025-22053"
},
{
"category": "external",
"summary": "SUSE Bug 1241373 for CVE-2025-22053",
"url": "https://bugzilla.suse.com/1241373"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22053"
},
{
"cve": "CVE-2025-22056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_tunnel: fix geneve_opt type confusion addition\n\nWhen handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the\nparsing logic should place every geneve_opt structure one by one\ncompactly. Hence, when deciding the next geneve_opt position, the\npointer addition should be in units of char *.\n\nHowever, the current implementation erroneously does type conversion\nbefore the addition, which will lead to heap out-of-bounds write.\n\n[ 6.989857] ==================================================================\n[ 6.990293] BUG: KASAN: slab-out-of-bounds in nft_tunnel_obj_init+0x977/0xa70\n[ 6.990725] Write of size 124 at addr ffff888005f18974 by task poc/178\n[ 6.991162]\n[ 6.991259] CPU: 0 PID: 178 Comm: poc-oob-write Not tainted 6.1.132 #1\n[ 6.991655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 6.992281] Call Trace:\n[ 6.992423] \u003cTASK\u003e\n[ 6.992586] dump_stack_lvl+0x44/0x5c\n[ 6.992801] print_report+0x184/0x4be\n[ 6.993790] kasan_report+0xc5/0x100\n[ 6.994252] kasan_check_range+0xf3/0x1a0\n[ 6.994486] memcpy+0x38/0x60\n[ 6.994692] nft_tunnel_obj_init+0x977/0xa70\n[ 6.995677] nft_obj_init+0x10c/0x1b0\n[ 6.995891] nf_tables_newobj+0x585/0x950\n[ 6.996922] nfnetlink_rcv_batch+0xdf9/0x1020\n[ 6.998997] nfnetlink_rcv+0x1df/0x220\n[ 6.999537] netlink_unicast+0x395/0x530\n[ 7.000771] netlink_sendmsg+0x3d0/0x6d0\n[ 7.001462] __sock_sendmsg+0x99/0xa0\n[ 7.001707] ____sys_sendmsg+0x409/0x450\n[ 7.002391] ___sys_sendmsg+0xfd/0x170\n[ 7.003145] __sys_sendmsg+0xea/0x170\n[ 7.004359] do_syscall_64+0x5e/0x90\n[ 7.005817] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 7.006127] RIP: 0033:0x7ec756d4e407\n[ 7.006339] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 7.007364] RSP: 002b:00007ffed5d46760 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n[ 7.007827] RAX: ffffffffffffffda RBX: 00007ec756cc4740 RCX: 00007ec756d4e407\n[ 7.008223] RDX: 0000000000000000 RSI: 00007ffed5d467f0 RDI: 0000000000000003\n[ 7.008620] RBP: 00007ffed5d468a0 R08: 0000000000000000 R09: 0000000000000000\n[ 7.009039] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n[ 7.009429] R13: 00007ffed5d478b0 R14: 00007ec756ee5000 R15: 00005cbd4e655cb8\n\nFix this bug with correct pointer addition and conversion in parse\nand dump code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22056",
"url": "https://www.suse.com/security/cve/CVE-2025-22056"
},
{
"category": "external",
"summary": "SUSE Bug 1241525 for CVE-2025-22056",
"url": "https://bugzilla.suse.com/1241525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22056"
},
{
"cve": "CVE-2025-22057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: decrease cached dst counters in dst_release\n\nUpstream fix ac888d58869b (\"net: do not delay dst_entries_add() in\ndst_release()\") moved decrementing the dst count from dst_destroy to\ndst_release to avoid accessing already freed data in case of netns\ndismantle. However in case CONFIG_DST_CACHE is enabled and OvS+tunnels\nare used, this fix is incomplete as the same issue will be seen for\ncached dsts:\n\n Unable to handle kernel paging request at virtual address ffff5aabf6b5c000\n Call trace:\n percpu_counter_add_batch+0x3c/0x160 (P)\n dst_release+0xec/0x108\n dst_cache_destroy+0x68/0xd8\n dst_destroy+0x13c/0x168\n dst_destroy_rcu+0x1c/0xb0\n rcu_do_batch+0x18c/0x7d0\n rcu_core+0x174/0x378\n rcu_core_si+0x18/0x30\n\nFix this by invalidating the cache, and thus decrementing cached dst\ncounters, in dst_release too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22057",
"url": "https://www.suse.com/security/cve/CVE-2025-22057"
},
{
"category": "external",
"summary": "SUSE Bug 1241533 for CVE-2025-22057",
"url": "https://bugzilla.suse.com/1241533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22057"
},
{
"cve": "CVE-2025-22058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Fix memory accounting leak.\n\nMatt Dowling reported a weird UDP memory usage issue.\n\nUnder normal operation, the UDP memory usage reported in /proc/net/sockstat\nremains close to zero. However, it occasionally spiked to 524,288 pages\nand never dropped. Moreover, the value doubled when the application was\nterminated. Finally, it caused intermittent packet drops.\n\nWe can reproduce the issue with the script below [0]:\n\n 1. /proc/net/sockstat reports 0 pages\n\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 1 mem 0\n\n 2. Run the script till the report reaches 524,288\n\n # python3 test.py \u0026 sleep 5\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 3 mem 524288 \u003c-- (INT_MAX + 1) \u003e\u003e PAGE_SHIFT\n\n 3. Kill the socket and confirm the number never drops\n\n # pkill python3 \u0026\u0026 sleep 5\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 1 mem 524288\n\n 4. (necessary since v6.0) Trigger proto_memory_pcpu_drain()\n\n # python3 test.py \u0026 sleep 1 \u0026\u0026 pkill python3\n\n 5. The number doubles\n\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 1 mem 1048577\n\nThe application set INT_MAX to SO_RCVBUF, which triggered an integer\noverflow in udp_rmem_release().\n\nWhen a socket is close()d, udp_destruct_common() purges its receive\nqueue and sums up skb-\u003etruesize in the queue. This total is calculated\nand stored in a local unsigned integer variable.\n\nThe total size is then passed to udp_rmem_release() to adjust memory\naccounting. However, because the function takes a signed integer\nargument, the total size can wrap around, causing an overflow.\n\nThen, the released amount is calculated as follows:\n\n 1) Add size to sk-\u003esk_forward_alloc.\n 2) Round down sk-\u003esk_forward_alloc to the nearest lower multiple of\n PAGE_SIZE and assign it to amount.\n 3) Subtract amount from sk-\u003esk_forward_alloc.\n 4) Pass amount \u003e\u003e PAGE_SHIFT to __sk_mem_reduce_allocated().\n\nWhen the issue occurred, the total in udp_destruct_common() was 2147484480\n(INT_MAX + 833), which was cast to -2147482816 in udp_rmem_release().\n\nAt 1) sk-\u003esk_forward_alloc is changed from 3264 to -2147479552, and\n2) sets -2147479552 to amount. 3) reverts the wraparound, so we don\u0027t\nsee a warning in inet_sock_destruct(). However, udp_memory_allocated\nends up doubling at 4).\n\nSince commit 3cd3399dd7a8 (\"net: implement per-cpu reserves for\nmemory_allocated\"), memory usage no longer doubles immediately after\na socket is close()d because __sk_mem_reduce_allocated() caches the\namount in udp_memory_per_cpu_fw_alloc. However, the next time a UDP\nsocket receives a packet, the subtraction takes effect, causing UDP\nmemory usage to double.\n\nThis issue makes further memory allocation fail once the socket\u0027s\nsk-\u003esk_rmem_alloc exceeds net.ipv4.udp_rmem_min, resulting in packet\ndrops.\n\nTo prevent this issue, let\u0027s use unsigned int for the calculation and\ncall sk_forward_alloc_add() only once for the small delta.\n\nNote that first_packet_length() also potentially has the same problem.\n\n[0]:\nfrom socket import *\n\nSO_RCVBUFFORCE = 33\nINT_MAX = (2 ** 31) - 1\n\ns = socket(AF_INET, SOCK_DGRAM)\ns.bind((\u0027\u0027, 0))\ns.setsockopt(SOL_SOCKET, SO_RCVBUFFORCE, INT_MAX)\n\nc = socket(AF_INET, SOCK_DGRAM)\nc.connect(s.getsockname())\n\ndata = b\u0027a\u0027 * 100\n\nwhile True:\n c.send(data)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22058",
"url": "https://www.suse.com/security/cve/CVE-2025-22058"
},
{
"category": "external",
"summary": "SUSE Bug 1241332 for CVE-2025-22058",
"url": "https://bugzilla.suse.com/1241332"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22058"
},
{
"cve": "CVE-2025-22060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvpp2: Prevent parser TCAM memory corruption\n\nProtect the parser TCAM/SRAM memory, and the cached (shadow) SRAM\ninformation, from concurrent modifications.\n\nBoth the TCAM and SRAM tables are indirectly accessed by configuring\nan index register that selects the row to read or write to. This means\nthat operations must be atomic in order to, e.g., avoid spreading\nwrites across multiple rows. Since the shadow SRAM array is used to\nfind free rows in the hardware table, it must also be protected in\norder to avoid TOCTOU errors where multiple cores allocate the same\nrow.\n\nThis issue was detected in a situation where `mvpp2_set_rx_mode()` ran\nconcurrently on two CPUs. In this particular case the\nMVPP2_PE_MAC_UC_PROMISCUOUS entry was corrupted, causing the\nclassifier unit to drop all incoming unicast - indicated by the\n`rx_classifier_drops` counter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22060",
"url": "https://www.suse.com/security/cve/CVE-2025-22060"
},
{
"category": "external",
"summary": "SUSE Bug 1241526 for CVE-2025-22060",
"url": "https://bugzilla.suse.com/1241526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22060"
},
{
"cve": "CVE-2025-22062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: add mutual exclusion in proc_sctp_do_udp_port()\n\nWe must serialize calls to sctp_udp_sock_stop() and sctp_udp_sock_start()\nor risk a crash as syzbot reported:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000000d: 0000 [#1] SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f]\nCPU: 1 UID: 0 PID: 6551 Comm: syz.1.44 Not tainted 6.14.0-syzkaller-g7f2ff7b62617 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\n RIP: 0010:kernel_sock_shutdown+0x47/0x70 net/socket.c:3653\nCall Trace:\n \u003cTASK\u003e\n udp_tunnel_sock_release+0x68/0x80 net/ipv4/udp_tunnel_core.c:181\n sctp_udp_sock_stop+0x71/0x160 net/sctp/protocol.c:930\n proc_sctp_do_udp_port+0x264/0x450 net/sctp/sysctl.c:553\n proc_sys_call_handler+0x3d0/0x5b0 fs/proc/proc_sysctl.c:601\n iter_file_splice_write+0x91c/0x1150 fs/splice.c:738\n do_splice_from fs/splice.c:935 [inline]\n direct_splice_actor+0x18f/0x6c0 fs/splice.c:1158\n splice_direct_to_actor+0x342/0xa30 fs/splice.c:1102\n do_splice_direct_actor fs/splice.c:1201 [inline]\n do_splice_direct+0x174/0x240 fs/splice.c:1227\n do_sendfile+0xafd/0xe50 fs/read_write.c:1368\n __do_sys_sendfile64 fs/read_write.c:1429 [inline]\n __se_sys_sendfile64 fs/read_write.c:1415 [inline]\n __x64_sys_sendfile64+0x1d8/0x220 fs/read_write.c:1415\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22062",
"url": "https://www.suse.com/security/cve/CVE-2025-22062"
},
{
"category": "external",
"summary": "SUSE Bug 1241412 for CVE-2025-22062",
"url": "https://bugzilla.suse.com/1241412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22062"
},
{
"cve": "CVE-2025-22063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets\n\nWhen calling netlbl_conn_setattr(), addr-\u003esa_family is used\nto determine the function behavior. If sk is an IPv4 socket,\nbut the connect function is called with an IPv6 address,\nthe function calipso_sock_setattr() is triggered.\nInside this function, the following code is executed:\n\nsk_fullsock(__sk) ? inet_sk(__sk)-\u003epinet6 : NULL;\n\nSince sk is an IPv4 socket, pinet6 is NULL, leading to a\nnull pointer dereference.\n\nThis patch fixes the issue by checking if inet6_sk(sk)\nreturns a NULL pointer before accessing pinet6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22063",
"url": "https://www.suse.com/security/cve/CVE-2025-22063"
},
{
"category": "external",
"summary": "SUSE Bug 1241351 for CVE-2025-22063",
"url": "https://bugzilla.suse.com/1241351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22063"
},
{
"cve": "CVE-2025-22064",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22064"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t unregister hook when table is dormant\n\nWhen nf_tables_updchain encounters an error, hook registration needs to\nbe rolled back.\n\nThis should only be done if the hook has been registered, which won\u0027t\nhappen when the table is flagged as dormant (inactive).\n\nJust move the assignment into the registration block.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22064",
"url": "https://www.suse.com/security/cve/CVE-2025-22064"
},
{
"category": "external",
"summary": "SUSE Bug 1241413 for CVE-2025-22064",
"url": "https://bugzilla.suse.com/1241413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22064"
},
{
"cve": "CVE-2025-22065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix adapter NULL pointer dereference on reboot\n\nWith SRIOV enabled, idpf ends up calling into idpf_remove() twice.\nFirst via idpf_shutdown() and then again when idpf_remove() calls into\nsriov_disable(), because the VF devices use the idpf driver, hence the\nsame remove routine. When that happens, it is possible for the adapter\nto be NULL from the first call to idpf_remove(), leading to a NULL\npointer dereference.\n\necho 1 \u003e /sys/class/net/\u003cnetif\u003e/device/sriov_numvfs\nreboot\n\nBUG: kernel NULL pointer dereference, address: 0000000000000020\n...\nRIP: 0010:idpf_remove+0x22/0x1f0 [idpf]\n...\n? idpf_remove+0x22/0x1f0 [idpf]\n? idpf_remove+0x1e4/0x1f0 [idpf]\npci_device_remove+0x3f/0xb0\ndevice_release_driver_internal+0x19f/0x200\npci_stop_bus_device+0x6d/0x90\npci_stop_and_remove_bus_device+0x12/0x20\npci_iov_remove_virtfn+0xbe/0x120\nsriov_disable+0x34/0xe0\nidpf_sriov_configure+0x58/0x140 [idpf]\nidpf_remove+0x1b9/0x1f0 [idpf]\nidpf_shutdown+0x12/0x30 [idpf]\npci_device_shutdown+0x35/0x60\ndevice_shutdown+0x156/0x200\n...\n\nReplace the direct idpf_remove() call in idpf_shutdown() with\nidpf_vc_core_deinit() and idpf_deinit_dflt_mbx(), which perform\nthe bulk of the cleanup, such as stopping the init task, freeing IRQs,\ndestroying the vports and freeing the mailbox. This avoids the calls to\nsriov_disable() in addition to a small netdev cleanup, and destroying\nworkqueues, which don\u0027t seem to be required on shutdown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22065",
"url": "https://www.suse.com/security/cve/CVE-2025-22065"
},
{
"category": "external",
"summary": "SUSE Bug 1241333 for CVE-2025-22065",
"url": "https://bugzilla.suse.com/1241333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22065"
},
{
"cve": "CVE-2025-22070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: fix NULL pointer dereference on mkdir\n\nWhen a 9p tree was mounted with option \u0027posixacl\u0027, parent directory had a\ndefault ACL set for its subdirectories, e.g.:\n\n setfacl -m default:group:simpsons:rwx parentdir\n\nthen creating a subdirectory crashed 9p client, as v9fs_fid_add() call in\nfunction v9fs_vfs_mkdir_dotl() sets the passed \u0027fid\u0027 pointer to NULL\n(since dafbe689736) even though the subsequent v9fs_set_create_acl() call\nexpects a valid non-NULL \u0027fid\u0027 pointer:\n\n [ 37.273191] BUG: kernel NULL pointer dereference, address: 0000000000000000\n ...\n [ 37.322338] Call Trace:\n [ 37.323043] \u003cTASK\u003e\n [ 37.323621] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434)\n [ 37.324448] ? page_fault_oops (arch/x86/mm/fault.c:714)\n [ 37.325532] ? search_module_extables (kernel/module/main.c:3733)\n [ 37.326742] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.328006] ? search_bpf_extables (kernel/bpf/core.c:804)\n [ 37.329142] ? exc_page_fault (./arch/x86/include/asm/paravirt.h:686 arch/x86/mm/fault.c:1488 arch/x86/mm/fault.c:1538)\n [ 37.330196] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:574)\n [ 37.331330] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.332562] ? v9fs_fid_xattr_get (fs/9p/xattr.c:30) 9p\n [ 37.333824] v9fs_fid_xattr_set (fs/9p/fid.h:23 fs/9p/xattr.c:121) 9p\n [ 37.335077] v9fs_set_acl (fs/9p/acl.c:276) 9p\n [ 37.336112] v9fs_set_create_acl (fs/9p/acl.c:307) 9p\n [ 37.337326] v9fs_vfs_mkdir_dotl (fs/9p/vfs_inode_dotl.c:411) 9p\n [ 37.338590] vfs_mkdir (fs/namei.c:4313)\n [ 37.339535] do_mkdirat (fs/namei.c:4336)\n [ 37.340465] __x64_sys_mkdir (fs/namei.c:4354)\n [ 37.341455] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n [ 37.342447] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by simply swapping the sequence of these two calls in\nv9fs_vfs_mkdir_dotl(), i.e. calling v9fs_set_create_acl() before\nv9fs_fid_add().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22070",
"url": "https://www.suse.com/security/cve/CVE-2025-22070"
},
{
"category": "external",
"summary": "SUSE Bug 1241305 for CVE-2025-22070",
"url": "https://bugzilla.suse.com/1241305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22070"
},
{
"cve": "CVE-2025-22075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: Allocate vfinfo size for VF GUIDs when supported\n\nCommit 30aad41721e0 (\"net/core: Add support for getting VF GUIDs\")\nadded support for getting VF port and node GUIDs in netlink ifinfo\nmessages, but their size was not taken into consideration in the\nfunction that allocates the netlink message, causing the following\nwarning when a netlink message is filled with many VF port and node\nGUIDs:\n # echo 64 \u003e /sys/bus/pci/devices/0000\\:08\\:00.0/sriov_numvfs\n # ip link show dev ib0\n RTNETLINK answers: Message too long\n Cannot send link get request: Message too long\n\nKernel warning:\n\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 1930 at net/core/rtnetlink.c:4151 rtnl_getlink+0x586/0x5a0\n Modules linked in: xt_conntrack xt_MASQUERADE nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter overlay mlx5_ib macsec mlx5_core tls rpcrdma rdma_ucm ib_uverbs ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm iw_cm ib_ipoib fuse ib_cm ib_core\n CPU: 2 UID: 0 PID: 1930 Comm: ip Not tainted 6.14.0-rc2+ #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:rtnl_getlink+0x586/0x5a0\n Code: cb 82 e8 3d af 0a 00 4d 85 ff 0f 84 08 ff ff ff 4c 89 ff 41 be ea ff ff ff e8 66 63 5b ff 49 c7 07 80 4f cb 82 e9 36 fc ff ff \u003c0f\u003e 0b e9 16 fe ff ff e8 de a0 56 00 66 66 2e 0f 1f 84 00 00 00 00\n RSP: 0018:ffff888113557348 EFLAGS: 00010246\n RAX: 00000000ffffffa6 RBX: ffff88817e87aa34 RCX: dffffc0000000000\n RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffff88817e87afb8\n RBP: 0000000000000009 R08: ffffffff821f44aa R09: 0000000000000000\n R10: ffff8881260f79a8 R11: ffff88817e87af00 R12: ffff88817e87aa00\n R13: ffffffff8563d300 R14: 00000000ffffffa6 R15: 00000000ffffffff\n FS: 00007f63a5dbf280(0000) GS:ffff88881ee00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f63a5ba4493 CR3: 00000001700fe002 CR4: 0000000000772eb0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0xa5/0x230\n ? rtnl_getlink+0x586/0x5a0\n ? report_bug+0x22d/0x240\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x14/0x50\n ? asm_exc_invalid_op+0x16/0x20\n ? skb_trim+0x6a/0x80\n ? rtnl_getlink+0x586/0x5a0\n ? __pfx_rtnl_getlink+0x10/0x10\n ? rtnetlink_rcv_msg+0x1e5/0x860\n ? __pfx___mutex_lock+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? __pfx_lock_acquire+0x10/0x10\n ? stack_trace_save+0x90/0xd0\n ? filter_irq_stacks+0x1d/0x70\n ? kasan_save_stack+0x30/0x40\n ? kasan_save_stack+0x20/0x40\n ? kasan_save_track+0x10/0x30\n rtnetlink_rcv_msg+0x21c/0x860\n ? entry_SYSCALL_64_after_hwframe+0x76/0x7e\n ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n ? arch_stack_walk+0x9e/0xf0\n ? rcu_is_watching+0x34/0x60\n ? lock_acquire+0xd5/0x410\n ? rcu_is_watching+0x34/0x60\n netlink_rcv_skb+0xe0/0x210\n ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n ? __pfx_netlink_rcv_skb+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? __pfx___netlink_lookup+0x10/0x10\n ? lock_release+0x62/0x200\n ? netlink_deliver_tap+0xfd/0x290\n ? rcu_is_watching+0x34/0x60\n ? lock_release+0x62/0x200\n ? netlink_deliver_tap+0x95/0x290\n netlink_unicast+0x31f/0x480\n ? __pfx_netlink_unicast+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? lock_acquire+0xd5/0x410\n netlink_sendmsg+0x369/0x660\n ? lock_release+0x62/0x200\n ? __pfx_netlink_sendmsg+0x10/0x10\n ? import_ubuf+0xb9/0xf0\n ? __import_iovec+0x254/0x2b0\n ? lock_release+0x62/0x200\n ? __pfx_netlink_sendmsg+0x10/0x10\n ____sys_sendmsg+0x559/0x5a0\n ? __pfx_____sys_sendmsg+0x10/0x10\n ? __pfx_copy_msghdr_from_user+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? do_read_fault+0x213/0x4a0\n ? rcu_is_watching+0x34/0x60\n ___sys_sendmsg+0xe4/0x150\n ? __pfx____sys_sendmsg+0x10/0x10\n ? do_fault+0x2cc/0x6f0\n ? handle_pte_fault+0x2e3/0x3d0\n ? __pfx_handle_pte_fault+0x10/0x10\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22075",
"url": "https://www.suse.com/security/cve/CVE-2025-22075"
},
{
"category": "external",
"summary": "SUSE Bug 1241402 for CVE-2025-22075",
"url": "https://bugzilla.suse.com/1241402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22075"
},
{
"cve": "CVE-2025-22080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Prevent integer overflow in hdr_first_de()\n\nThe \"de_off\" and \"used\" variables come from the disk so they both need to\ncheck. The problem is that on 32bit systems if they\u0027re both greater than\nUINT_MAX - 16 then the check does work as intended because of an integer\noverflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22080",
"url": "https://www.suse.com/security/cve/CVE-2025-22080"
},
{
"category": "external",
"summary": "SUSE Bug 1241416 for CVE-2025-22080",
"url": "https://bugzilla.suse.com/1241416"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22080"
},
{
"cve": "CVE-2025-22085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Fix use-after-free when rename device name\n\nSyzbot reported a slab-use-after-free with the following call trace:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in nla_put+0xd3/0x150 lib/nlattr.c:1099\nRead of size 5 at addr ffff888140ea1c60 by task syz.0.988/10025\n\nCPU: 0 UID: 0 PID: 10025 Comm: syz.0.988\nNot tainted 6.14.0-rc4-syzkaller-00859-gf77f12010f67 #0\nHardware name: Google Compute Engine, BIOS Google 02/12/2025\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0x16e/0x5b0 mm/kasan/report.c:521\n kasan_report+0x143/0x180 mm/kasan/report.c:634\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105\n nla_put+0xd3/0x150 lib/nlattr.c:1099\n nla_put_string include/net/netlink.h:1621 [inline]\n fill_nldev_handle+0x16e/0x200 drivers/infiniband/core/nldev.c:265\n rdma_nl_notify_event+0x561/0xef0 drivers/infiniband/core/nldev.c:2857\n ib_device_notify_register+0x22/0x230 drivers/infiniband/core/device.c:1344\n ib_register_device+0x1292/0x1460 drivers/infiniband/core/device.c:1460\n rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540\n rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550\n rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212\n nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795\n rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline]\n rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259\n netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339\n netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1883\n sock_sendmsg_nosec net/socket.c:709 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:724\n ____sys_sendmsg+0x53a/0x860 net/socket.c:2564\n ___sys_sendmsg net/socket.c:2618 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2650\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f42d1b8d169\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 ...\nRSP: 002b:00007f42d2960038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f42d1da6320 RCX: 00007f42d1b8d169\nRDX: 0000000000000000 RSI: 00004000000002c0 RDI: 000000000000000c\nRBP: 00007f42d1c0e2a0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007f42d1da6320 R15: 00007ffe399344a8\n \u003c/TASK\u003e\n\nAllocated by task 10025:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4294 [inline]\n __kmalloc_node_track_caller_noprof+0x28b/0x4c0 mm/slub.c:4313\n __kmemdup_nul mm/util.c:61 [inline]\n kstrdup+0x42/0x100 mm/util.c:81\n kobject_set_name_vargs+0x61/0x120 lib/kobject.c:274\n dev_set_name+0xd5/0x120 drivers/base/core.c:3468\n assign_name drivers/infiniband/core/device.c:1202 [inline]\n ib_register_device+0x178/0x1460 drivers/infiniband/core/device.c:1384\n rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540\n rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550\n rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212\n nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795\n rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline]\n rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259\n netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339\n netlink_sendmsg+0x8de/0xcb0 net\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22085",
"url": "https://www.suse.com/security/cve/CVE-2025-22085"
},
{
"category": "external",
"summary": "SUSE Bug 1241419 for CVE-2025-22085",
"url": "https://bugzilla.suse.com/1241419"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22085"
},
{
"cve": "CVE-2025-22086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow\n\nWhen cur_qp isn\u0027t NULL, in order to avoid fetching the QP from\nthe radix tree again we check if the next cqe QP is identical to\nthe one we already have.\n\nThe bug however is that we are checking if the QP is identical by\nchecking the QP number inside the CQE against the QP number inside the\nmlx5_ib_qp, but that\u0027s wrong since the QP number from the CQE is from\nFW so it should be matched against mlx5_core_qp which is our FW QP\nnumber.\n\nOtherwise we could use the wrong QP when handling a CQE which could\ncause the kernel trace below.\n\nThis issue is mainly noticeable over QPs 0 \u0026 1, since for now they are\nthe only QPs in our driver whereas the QP number inside mlx5_ib_qp\ndoesn\u0027t match the QP number inside mlx5_core_qp.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000012\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP\n CPU: 0 UID: 0 PID: 7927 Comm: kworker/u62:1 Not tainted 6.14.0-rc3+ #189\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n Workqueue: ib-comp-unb-wq ib_cq_poll_work [ib_core]\n RIP: 0010:mlx5_ib_poll_cq+0x4c7/0xd90 [mlx5_ib]\n Code: 03 00 00 8d 58 ff 21 cb 66 39 d3 74 39 48 c7 c7 3c 89 6e a0 0f b7 db e8 b7 d2 b3 e0 49 8b 86 60 03 00 00 48 c7 c7 4a 89 6e a0 \u003c0f\u003e b7 5c 98 02 e8 9f d2 b3 e0 41 0f b7 86 78 03 00 00 83 e8 01 21\n RSP: 0018:ffff88810511bd60 EFLAGS: 00010046\n RAX: 0000000000000010 RBX: 0000000000000000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff88885fa1b3c0 RDI: ffffffffa06e894a\n RBP: 00000000000000b0 R08: 0000000000000000 R09: ffff88810511bc10\n R10: 0000000000000001 R11: 0000000000000001 R12: ffff88810d593000\n R13: ffff88810e579108 R14: ffff888105146000 R15: 00000000000000b0\n FS: 0000000000000000(0000) GS:ffff88885fa00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000012 CR3: 00000001077e6001 CR4: 0000000000370eb0\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x150/0x3e0\n ? exc_page_fault+0x74/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? mlx5_ib_poll_cq+0x4c7/0xd90 [mlx5_ib]\n __ib_process_cq+0x5a/0x150 [ib_core]\n ib_cq_poll_work+0x31/0x90 [ib_core]\n process_one_work+0x169/0x320\n worker_thread+0x288/0x3a0\n ? work_busy+0xb0/0xb0\n kthread+0xd7/0x1f0\n ? kthreads_online_cpu+0x130/0x130\n ? kthreads_online_cpu+0x130/0x130\n ret_from_fork+0x2d/0x50\n ? kthreads_online_cpu+0x130/0x130\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22086",
"url": "https://www.suse.com/security/cve/CVE-2025-22086"
},
{
"category": "external",
"summary": "SUSE Bug 1241458 for CVE-2025-22086",
"url": "https://bugzilla.suse.com/1241458"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22086"
},
{
"cve": "CVE-2025-22088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/erdma: Prevent use-after-free in erdma_accept_newconn()\n\nAfter the erdma_cep_put(new_cep) being called, new_cep will be freed,\nand the following dereference will cause a UAF problem. Fix this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22088",
"url": "https://www.suse.com/security/cve/CVE-2025-22088"
},
{
"category": "external",
"summary": "SUSE Bug 1241528 for CVE-2025-22088",
"url": "https://bugzilla.suse.com/1241528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22088"
},
{
"cve": "CVE-2025-22090",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22090"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range()\n\nIf track_pfn_copy() fails, we already added the dst VMA to the maple\ntree. As fork() fails, we\u0027ll cleanup the maple tree, and stumble over\nthe dst VMA for which we neither performed any reservation nor copied\nany page tables.\n\nConsequently untrack_pfn() will see VM_PAT and try obtaining the\nPAT information from the page table -- which fails because the page\ntable was not copied.\n\nThe easiest fix would be to simply clear the VM_PAT flag of the dst VMA\nif track_pfn_copy() fails. However, the whole thing is about \"simply\"\nclearing the VM_PAT flag is shaky as well: if we passed track_pfn_copy()\nand performed a reservation, but copying the page tables fails, we\u0027ll\nsimply clear the VM_PAT flag, not properly undoing the reservation ...\nwhich is also wrong.\n\nSo let\u0027s fix it properly: set the VM_PAT flag only if the reservation\nsucceeded (leaving it clear initially), and undo the reservation if\nanything goes wrong while copying the page tables: clearing the VM_PAT\nflag after undoing the reservation.\n\nNote that any copied page table entries will get zapped when the VMA will\nget removed later, after copy_page_range() succeeded; as VM_PAT is not set\nthen, we won\u0027t try cleaning VM_PAT up once more and untrack_pfn() will be\nhappy. Note that leaving these page tables in place without a reservation\nis not a problem, as we are aborting fork(); this process will never run.\n\nA reproducer can trigger this usually at the first try:\n\n https://gitlab.com/davidhildenbrand/scratchspace/-/raw/main/reproducers/pat_fork.c\n\n WARNING: CPU: 26 PID: 11650 at arch/x86/mm/pat/memtype.c:983 get_pat_info+0xf6/0x110\n Modules linked in: ...\n CPU: 26 UID: 0 PID: 11650 Comm: repro3 Not tainted 6.12.0-rc5+ #92\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n RIP: 0010:get_pat_info+0xf6/0x110\n ...\n Call Trace:\n \u003cTASK\u003e\n ...\n untrack_pfn+0x52/0x110\n unmap_single_vma+0xa6/0xe0\n unmap_vmas+0x105/0x1f0\n exit_mmap+0xf6/0x460\n __mmput+0x4b/0x120\n copy_process+0x1bf6/0x2aa0\n kernel_clone+0xab/0x440\n __do_sys_clone+0x66/0x90\n do_syscall_64+0x95/0x180\n\nLikely this case was missed in:\n\n d155df53f310 (\"x86/mm/pat: clear VM_PAT if copy_p4d_range failed\")\n\n... and instead of undoing the reservation we simply cleared the VM_PAT flag.\n\nKeep the documentation of these functions in include/linux/pgtable.h,\none place is more than sufficient -- we should clean that up for the other\nfunctions like track_pfn_remap/untrack_pfn separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22090",
"url": "https://www.suse.com/security/cve/CVE-2025-22090"
},
{
"category": "external",
"summary": "SUSE Bug 1241537 for CVE-2025-22090",
"url": "https://bugzilla.suse.com/1241537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22090"
},
{
"cve": "CVE-2025-22091",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22091"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix page_size variable overflow\n\nChange all variables storing mlx5_umem_mkc_find_best_pgsz() result to\nunsigned long to support values larger than 31 and avoid overflow.\n\nFor example: If we try to register 4GB of memory that is contiguous in\nphysical memory, the driver will optimize the page_size and try to use\nan mkey with 4GB entity size. The \u0027unsigned int\u0027 page_size variable will\noverflow to \u00270\u0027 and we\u0027ll hit the WARN_ON() in alloc_cacheable_mr().\n\nWARNING: CPU: 2 PID: 1203 at drivers/infiniband/hw/mlx5/mr.c:1124 alloc_cacheable_mr+0x22/0x580 [mlx5_ib]\nModules linked in: mlx5_ib mlx5_core bonding ip6_gre ip6_tunnel tunnel6 ip_gre gre rdma_rxe rdma_ucm ib_uverbs ib_ipoib ib_umad rpcrdma ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm fuse ib_core [last unloaded: mlx5_core]\nCPU: 2 UID: 70878 PID: 1203 Comm: rdma_resource_l Tainted: G W 6.14.0-rc4-dirty #43\nTainted: [W]=WARN\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:alloc_cacheable_mr+0x22/0x580 [mlx5_ib]\nCode: 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 41 52 53 48 83 ec 30 f6 46 28 04 4c 8b 77 08 75 21 \u003c0f\u003e 0b 49 c7 c2 ea ff ff ff 48 8d 65 d0 4c 89 d0 5b 41 5a 41 5c 41\nRSP: 0018:ffffc900006ffac8 EFLAGS: 00010246\nRAX: 0000000004c0d0d0 RBX: ffff888217a22000 RCX: 0000000000100001\nRDX: 00007fb7ac480000 RSI: ffff8882037b1240 RDI: ffff8882046f0600\nRBP: ffffc900006ffb28 R08: 0000000000000001 R09: 0000000000000000\nR10: 00000000000007e0 R11: ffffea0008011d40 R12: ffff8882037b1240\nR13: ffff8882046f0600 R14: ffff888217a22000 R15: ffffc900006ffe00\nFS: 00007fb7ed013340(0000) GS:ffff88885fd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fb7ed1d8000 CR3: 00000001fd8f6006 CR4: 0000000000772eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __warn+0x81/0x130\n ? alloc_cacheable_mr+0x22/0x580 [mlx5_ib]\n ? report_bug+0xfc/0x1e0\n ? handle_bug+0x55/0x90\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? alloc_cacheable_mr+0x22/0x580 [mlx5_ib]\n create_real_mr+0x54/0x150 [mlx5_ib]\n ib_uverbs_reg_mr+0x17f/0x2a0 [ib_uverbs]\n ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0xca/0x140 [ib_uverbs]\n ib_uverbs_run_method+0x6d0/0x780 [ib_uverbs]\n ? __pfx_ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0x10/0x10 [ib_uverbs]\n ib_uverbs_cmd_verbs+0x19b/0x360 [ib_uverbs]\n ? walk_system_ram_range+0x79/0xd0\n ? ___pte_offset_map+0x1b/0x110\n ? __pte_offset_map_lock+0x80/0x100\n ib_uverbs_ioctl+0xac/0x110 [ib_uverbs]\n __x64_sys_ioctl+0x94/0xb0\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7fb7ecf0737b\nCode: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 7d 2a 0f 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffdbe03ecc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffdbe03edb8 RCX: 00007fb7ecf0737b\nRDX: 00007ffdbe03eda0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffdbe03ed80 R08: 00007fb7ecc84010 R09: 00007ffdbe03eed4\nR10: 0000000000000009 R11: 0000000000000246 R12: 00007ffdbe03eed4\nR13: 000000000000000c R14: 000000000000000c R15: 00007fb7ecc84150\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22091",
"url": "https://www.suse.com/security/cve/CVE-2025-22091"
},
{
"category": "external",
"summary": "SUSE Bug 1241535 for CVE-2025-22091",
"url": "https://bugzilla.suse.com/1241535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22091"
},
{
"cve": "CVE-2025-22093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: avoid NPD when ASIC does not support DMUB\n\nctx-\u003edmub_srv will de NULL if the ASIC does not support DMUB, which is\ntested in dm_dmub_sw_init.\n\nHowever, it will be dereferenced in dmub_hw_lock_mgr_cmd if\nshould_use_dmub_lock returns true.\n\nThis has been the case since dmub support has been added for PSR1.\n\nFix this by checking for dmub_srv in should_use_dmub_lock.\n\n[ 37.440832] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 37.447808] #PF: supervisor read access in kernel mode\n[ 37.452959] #PF: error_code(0x0000) - not-present page\n[ 37.458112] PGD 0 P4D 0\n[ 37.460662] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 37.465553] CPU: 2 UID: 1000 PID: 1745 Comm: DrmThread Not tainted 6.14.0-rc1-00003-gd62e938120f0 #23 99720e1cb1e0fc4773b8513150932a07de3c6e88\n[ 37.478324] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[ 37.487103] RIP: 0010:dmub_hw_lock_mgr_cmd+0x77/0xb0\n[ 37.492074] Code: 44 24 0e 00 00 00 00 48 c7 04 24 45 00 00 0c 40 88 74 24 0d 0f b6 02 88 44 24 0c 8b 01 89 44 24 08 85 f6 75 05 c6 44 24 0e 01 \u003c48\u003e 8b 7f 58 48 89 e6 ba 01 00 00 00 e8 08 3c 2a 00 65 48 8b 04 5\n[ 37.510822] RSP: 0018:ffff969442853300 EFLAGS: 00010202\n[ 37.516052] RAX: 0000000000000000 RBX: ffff92db03000000 RCX: ffff969442853358\n[ 37.523185] RDX: ffff969442853368 RSI: 0000000000000001 RDI: 0000000000000000\n[ 37.530322] RBP: 0000000000000001 R08: 00000000000004a7 R09: 00000000000004a5\n[ 37.537453] R10: 0000000000000476 R11: 0000000000000062 R12: ffff92db0ade8000\n[ 37.544589] R13: ffff92da01180ae0 R14: ffff92da011802a8 R15: ffff92db03000000\n[ 37.551725] FS: 0000784a9cdfc6c0(0000) GS:ffff92db2af00000(0000) knlGS:0000000000000000\n[ 37.559814] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 37.565562] CR2: 0000000000000058 CR3: 0000000112b1c000 CR4: 00000000003506f0\n[ 37.572697] Call Trace:\n[ 37.575152] \u003cTASK\u003e\n[ 37.577258] ? __die_body+0x66/0xb0\n[ 37.580756] ? page_fault_oops+0x3e7/0x4a0\n[ 37.584861] ? exc_page_fault+0x3e/0xe0\n[ 37.588706] ? exc_page_fault+0x5c/0xe0\n[ 37.592550] ? asm_exc_page_fault+0x22/0x30\n[ 37.596742] ? dmub_hw_lock_mgr_cmd+0x77/0xb0\n[ 37.601107] dcn10_cursor_lock+0x1e1/0x240\n[ 37.605211] program_cursor_attributes+0x81/0x190\n[ 37.609923] commit_planes_for_stream+0x998/0x1ef0\n[ 37.614722] update_planes_and_stream_v2+0x41e/0x5c0\n[ 37.619703] dc_update_planes_and_stream+0x78/0x140\n[ 37.624588] amdgpu_dm_atomic_commit_tail+0x4362/0x49f0\n[ 37.629832] ? srso_return_thunk+0x5/0x5f\n[ 37.633847] ? mark_held_locks+0x6d/0xd0\n[ 37.637774] ? _raw_spin_unlock_irq+0x24/0x50\n[ 37.642135] ? srso_return_thunk+0x5/0x5f\n[ 37.646148] ? lockdep_hardirqs_on+0x95/0x150\n[ 37.650510] ? srso_return_thunk+0x5/0x5f\n[ 37.654522] ? _raw_spin_unlock_irq+0x2f/0x50\n[ 37.658883] ? srso_return_thunk+0x5/0x5f\n[ 37.662897] ? wait_for_common+0x186/0x1c0\n[ 37.666998] ? srso_return_thunk+0x5/0x5f\n[ 37.671009] ? drm_crtc_next_vblank_start+0xc3/0x170\n[ 37.675983] commit_tail+0xf5/0x1c0\n[ 37.679478] drm_atomic_helper_commit+0x2a2/0x2b0\n[ 37.684186] drm_atomic_commit+0xd6/0x100\n[ 37.688199] ? __cfi___drm_printfn_info+0x10/0x10\n[ 37.692911] drm_atomic_helper_update_plane+0xe5/0x130\n[ 37.698054] drm_mode_cursor_common+0x501/0x670\n[ 37.702600] ? __cfi_drm_mode_cursor_ioctl+0x10/0x10\n[ 37.707572] drm_mode_cursor_ioctl+0x48/0x70\n[ 37.711851] drm_ioctl_kernel+0xf2/0x150\n[ 37.715781] drm_ioctl+0x363/0x590\n[ 37.719189] ? __cfi_drm_mode_cursor_ioctl+0x10/0x10\n[ 37.724165] amdgpu_drm_ioctl+0x41/0x80\n[ 37.728013] __se_sys_ioctl+0x7f/0xd0\n[ 37.731685] do_syscall_64+0x87/0x100\n[ 37.735355] ? vma_end_read+0x12/0xe0\n[ 37.739024] ? srso_return_thunk+0x5/0x5f\n[ 37.743041] ? find_held_lock+0x47/0xf0\n[ 37.746884] ? vma_end_read+0x12/0xe0\n[ 37.750552] ? srso_return_thunk+0x5/0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22093",
"url": "https://www.suse.com/security/cve/CVE-2025-22093"
},
{
"category": "external",
"summary": "SUSE Bug 1241545 for CVE-2025-22093",
"url": "https://bugzilla.suse.com/1241545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22093"
},
{
"cve": "CVE-2025-22094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/perf: Fix ref-counting on the PMU \u0027vpa_pmu\u0027\n\nCommit 176cda0619b6 (\"powerpc/perf: Add perf interface to expose vpa\ncounters\") introduced \u0027vpa_pmu\u0027 to expose Book3s-HV nested APIv2 provided\nL1\u003c-\u003eL2 context switch latency counters to L1 user-space via\nperf-events. However the newly introduced PMU named \u0027vpa_pmu\u0027 doesn\u0027t\nassign ownership of the PMU to the module \u0027vpa_pmu\u0027. Consequently the\nmodule \u0027vpa_pmu\u0027 can be unloaded while one of the perf-events are still\nactive, which can lead to kernel oops and panic of the form below on a\nPseries-LPAR:\n\nBUG: Kernel NULL pointer dereference on read at 0x00000058\n\u003csnip\u003e\n NIP [c000000000506cb8] event_sched_out+0x40/0x258\n LR [c00000000050e8a4] __perf_remove_from_context+0x7c/0x2b0\n Call Trace:\n [c00000025fc3fc30] [c00000025f8457a8] 0xc00000025f8457a8 (unreliable)\n [c00000025fc3fc80] [fffffffffffffee0] 0xfffffffffffffee0\n [c00000025fc3fcd0] [c000000000501e70] event_function+0xa8/0x120\n\u003csnip\u003e\n Kernel panic - not syncing: Aiee, killing interrupt handler!\n\nFix this by adding the module ownership to \u0027vpa_pmu\u0027 so that the module\n\u0027vpa_pmu\u0027 is ref-counted and prevented from being unloaded when perf-events\nare initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22094",
"url": "https://www.suse.com/security/cve/CVE-2025-22094"
},
{
"category": "external",
"summary": "SUSE Bug 1241512 for CVE-2025-22094",
"url": "https://bugzilla.suse.com/1241512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22094"
},
{
"cve": "CVE-2025-22097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vkms: Fix use after free and double free on init error\n\nIf the driver initialization fails, the vkms_exit() function might\naccess an uninitialized or freed default_config pointer and it might\ndouble free it.\n\nFix both possible errors by initializing default_config only when the\ndriver initialization succeeded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22097",
"url": "https://www.suse.com/security/cve/CVE-2025-22097"
},
{
"category": "external",
"summary": "SUSE Bug 1241541 for CVE-2025-22097",
"url": "https://bugzilla.suse.com/1241541"
},
{
"category": "external",
"summary": "SUSE Bug 1241542 for CVE-2025-22097",
"url": "https://bugzilla.suse.com/1241542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2025-22097"
},
{
"cve": "CVE-2025-22102",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22102"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Fix kernel panic during FW release\n\nThis fixes a kernel panic seen during release FW in a stress test\nscenario where WLAN and BT FW download occurs simultaneously, and due to\na HW bug, chip sends out only 1 bootloader signatures.\n\nWhen driver receives the bootloader signature, it enters FW download\nmode, but since no consequtive bootloader signatures seen, FW file is\nnot requested.\n\nAfter 60 seconds, when FW download times out, release_firmware causes a\nkernel panic.\n\n[ 2601.949184] Unable to handle kernel paging request at virtual address 0000312e6f006573\n[ 2601.992076] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000111802000\n[ 2601.992080] [0000312e6f006573] pgd=0000000000000000, p4d=0000000000000000\n[ 2601.992087] Internal error: Oops: 0000000096000021 [#1] PREEMPT SMP\n[ 2601.992091] Modules linked in: algif_hash algif_skcipher af_alg btnxpuart(O) pciexxx(O) mlan(O) overlay fsl_jr_uio caam_jr caamkeyblob_desc caamhash_desc caamalg_desc crypto_engine authenc libdes crct10dif_ce polyval_ce snd_soc_fsl_easrc snd_soc_fsl_asoc_card imx8_media_dev(C) snd_soc_fsl_micfil polyval_generic snd_soc_fsl_xcvr snd_soc_fsl_sai snd_soc_imx_audmux snd_soc_fsl_asrc snd_soc_imx_card snd_soc_imx_hdmi snd_soc_fsl_aud2htx snd_soc_fsl_utils imx_pcm_dma dw_hdmi_cec flexcan can_dev\n[ 2602.001825] CPU: 2 PID: 20060 Comm: hciconfig Tainted: G C O 6.6.23-lts-next-06236-gb586a521770e #1\n[ 2602.010182] Hardware name: NXP i.MX8MPlus EVK board (DT)\n[ 2602.010185] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 2602.010191] pc : _raw_spin_lock+0x34/0x68\n[ 2602.010201] lr : free_fw_priv+0x20/0xfc\n[ 2602.020561] sp : ffff800089363b30\n[ 2602.020563] x29: ffff800089363b30 x28: ffff0000d0eb5880 x27: 0000000000000000\n[ 2602.020570] x26: 0000000000000000 x25: ffff0000d728b330 x24: 0000000000000000\n[ 2602.020577] x23: ffff0000dc856f38\n[ 2602.033797] x22: ffff800089363b70 x21: ffff0000dc856000\n[ 2602.033802] x20: ff00312e6f006573 x19: ffff0000d0d9ea80 x18: 0000000000000000\n[ 2602.033809] x17: 0000000000000000 x16: 0000000000000000 x15: 0000aaaad80dd480\n[ 2602.083320] x14: 0000000000000000 x13: 00000000000001b9 x12: 0000000000000002\n[ 2602.083326] x11: 0000000000000000 x10: 0000000000000a60 x9 : ffff800089363a30\n[ 2602.083333] x8 : ffff0001793d75c0 x7 : ffff0000d6dbc400 x6 : 0000000000000000\n[ 2602.083339] x5 : 00000000410fd030 x4 : 0000000000000000 x3 : 0000000000000001\n[ 2602.083346] x2 : 0000000000000000 x1 : 0000000000000001 x0 : ff00312e6f006573\n[ 2602.083354] Call trace:\n[ 2602.083356] _raw_spin_lock+0x34/0x68\n[ 2602.083364] release_firmware+0x48/0x6c\n[ 2602.083370] nxp_setup+0x3c4/0x540 [btnxpuart]\n[ 2602.083383] hci_dev_open_sync+0xf0/0xa34\n[ 2602.083391] hci_dev_open+0xd8/0x178\n[ 2602.083399] hci_sock_ioctl+0x3b0/0x590\n[ 2602.083405] sock_do_ioctl+0x60/0x118\n[ 2602.083413] sock_ioctl+0x2f4/0x374\n[ 2602.091430] __arm64_sys_ioctl+0xac/0xf0\n[ 2602.091437] invoke_syscall+0x48/0x110\n[ 2602.091445] el0_svc_common.constprop.0+0xc0/0xe0\n[ 2602.091452] do_el0_svc+0x1c/0x28\n[ 2602.091457] el0_svc+0x40/0xe4\n[ 2602.091465] el0t_64_sync_handler+0x120/0x12c\n[ 2602.091470] el0t_64_sync+0x190/0x194",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22102",
"url": "https://www.suse.com/security/cve/CVE-2025-22102"
},
{
"category": "external",
"summary": "SUSE Bug 1241456 for CVE-2025-22102",
"url": "https://bugzilla.suse.com/1241456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22102"
},
{
"cve": "CVE-2025-22103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix NULL pointer dereference in l3mdev_l3_rcv\n\nWhen delete l3s ipvlan:\n\n ip link del link eth0 ipvlan1 type ipvlan mode l3s\n\nThis may cause a null pointer dereference:\n\n Call trace:\n ip_rcv_finish+0x48/0xd0\n ip_rcv+0x5c/0x100\n __netif_receive_skb_one_core+0x64/0xb0\n __netif_receive_skb+0x20/0x80\n process_backlog+0xb4/0x204\n napi_poll+0xe8/0x294\n net_rx_action+0xd8/0x22c\n __do_softirq+0x12c/0x354\n\nThis is because l3mdev_l3_rcv() visit dev-\u003el3mdev_ops after\nipvlan_l3s_unregister() assign the dev-\u003el3mdev_ops to NULL. The process\nlike this:\n\n (CPU1) | (CPU2)\n l3mdev_l3_rcv() |\n check dev-\u003epriv_flags: |\n master = skb-\u003edev; |\n |\n | ipvlan_l3s_unregister()\n | set dev-\u003epriv_flags\n | dev-\u003el3mdev_ops = NULL;\n |\n visit master-\u003el3mdev_ops |\n\nTo avoid this by do not set dev-\u003el3mdev_ops when unregister l3s ipvlan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22103",
"url": "https://www.suse.com/security/cve/CVE-2025-22103"
},
{
"category": "external",
"summary": "SUSE Bug 1241448 for CVE-2025-22103",
"url": "https://bugzilla.suse.com/1241448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22103"
},
{
"cve": "CVE-2025-22104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Use kernel helpers for hex dumps\n\nPreviously, when the driver was printing hex dumps, the buffer was cast\nto an 8 byte long and printed using string formatters. If the buffer\nsize was not a multiple of 8 then a read buffer overflow was possible.\n\nTherefore, create a new ibmvnic function that loops over a buffer and\ncalls hex_dump_to_buffer instead.\n\nThis patch address KASAN reports like the one below:\n ibmvnic 30000003 env3: Login Buffer:\n ibmvnic 30000003 env3: 01000000af000000\n \u003c...\u003e\n ibmvnic 30000003 env3: 2e6d62692e736261\n ibmvnic 30000003 env3: 65050003006d6f63\n ==================================================================\n BUG: KASAN: slab-out-of-bounds in ibmvnic_login+0xacc/0xffc [ibmvnic]\n Read of size 8 at addr c0000001331a9aa8 by task ip/17681\n \u003c...\u003e\n Allocated by task 17681:\n \u003c...\u003e\n ibmvnic_login+0x2f0/0xffc [ibmvnic]\n ibmvnic_open+0x148/0x308 [ibmvnic]\n __dev_open+0x1ac/0x304\n \u003c...\u003e\n The buggy address is located 168 bytes inside of\n allocated 175-byte region [c0000001331a9a00, c0000001331a9aaf)\n \u003c...\u003e\n =================================================================\n ibmvnic 30000003 env3: 000000000033766e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22104",
"url": "https://www.suse.com/security/cve/CVE-2025-22104"
},
{
"category": "external",
"summary": "SUSE Bug 1241550 for CVE-2025-22104",
"url": "https://bugzilla.suse.com/1241550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22104"
},
{
"cve": "CVE-2025-22105",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22105"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: check xdp prog when set bond mode\n\nFollowing operations can trigger a warning[1]:\n\n ip netns add ns1\n ip netns exec ns1 ip link add bond0 type bond mode balance-rr\n ip netns exec ns1 ip link set dev bond0 xdp obj af_xdp_kern.o sec xdp\n ip netns exec ns1 ip link set bond0 type bond mode broadcast\n ip netns del ns1\n\nWhen delete the namespace, dev_xdp_uninstall() is called to remove xdp\nprogram on bond dev, and bond_xdp_set() will check the bond mode. If bond\nmode is changed after attaching xdp program, the warning may occur.\n\nSome bond modes (broadcast, etc.) do not support native xdp. Set bond mode\nwith xdp program attached is not good. Add check for xdp program when set\nbond mode.\n\n [1]\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 11 at net/core/dev.c:9912 unregister_netdevice_many_notify+0x8d9/0x930\n Modules linked in:\n CPU: 0 UID: 0 PID: 11 Comm: kworker/u4:0 Not tainted 6.14.0-rc4 #107\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.15.0-0-g2dd4b9b3f840-prebuilt.qemu.org 04/01/2014\n Workqueue: netns cleanup_net\n RIP: 0010:unregister_netdevice_many_notify+0x8d9/0x930\n Code: 00 00 48 c7 c6 6f e3 a2 82 48 c7 c7 d0 b3 96 82 e8 9c 10 3e ...\n RSP: 0018:ffffc90000063d80 EFLAGS: 00000282\n RAX: 00000000ffffffa1 RBX: ffff888004959000 RCX: 00000000ffffdfff\n RDX: 0000000000000000 RSI: 00000000ffffffea RDI: ffffc90000063b48\n RBP: ffffc90000063e28 R08: ffffffff82d39b28 R09: 0000000000009ffb\n R10: 0000000000000175 R11: ffffffff82d09b40 R12: ffff8880049598e8\n R13: 0000000000000001 R14: dead000000000100 R15: ffffc90000045000\n FS: 0000000000000000(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000000d406b60 CR3: 000000000483e000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x83/0x130\n ? unregister_netdevice_many_notify+0x8d9/0x930\n ? report_bug+0x18e/0x1a0\n ? handle_bug+0x54/0x90\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? unregister_netdevice_many_notify+0x8d9/0x930\n ? bond_net_exit_batch_rtnl+0x5c/0x90\n cleanup_net+0x237/0x3d0\n process_one_work+0x163/0x390\n worker_thread+0x293/0x3b0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xec/0x1e0\n ? __pfx_kthread+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2f/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22105",
"url": "https://www.suse.com/security/cve/CVE-2025-22105"
},
{
"category": "external",
"summary": "SUSE Bug 1241548 for CVE-2025-22105",
"url": "https://bugzilla.suse.com/1241548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22105"
},
{
"cve": "CVE-2025-22106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: unregister xdp rxq info in the reset path\n\nvmxnet3 does not unregister xdp rxq info in the\nvmxnet3_reset_work() code path as vmxnet3_rq_destroy()\nis not invoked in this code path. So, we get below message with a\nbacktrace.\n\nMissing unregister, handled but fix driver\nWARNING: CPU:48 PID: 500 at net/core/xdp.c:182\n__xdp_rxq_info_reg+0x93/0xf0\n\nThis patch fixes the problem by moving the unregister\ncode of XDP from vmxnet3_rq_destroy() to vmxnet3_rq_cleanup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22106",
"url": "https://www.suse.com/security/cve/CVE-2025-22106"
},
{
"category": "external",
"summary": "SUSE Bug 1241547 for CVE-2025-22106",
"url": "https://bugzilla.suse.com/1241547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22106"
},
{
"cve": "CVE-2025-22107",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22107"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry()\n\nThere are actually 2 problems:\n- deleting the last element doesn\u0027t require the memmove of elements\n [i + 1, end) over it. Actually, element i+1 is out of bounds.\n- The memmove itself should move size - i - 1 elements, because the last\n element is out of bounds.\n\nThe out-of-bounds element still remains out of bounds after being\naccessed, so the problem is only that we touch it, not that it becomes\nin active use. But I suppose it can lead to issues if the out-of-bounds\nelement is part of an unmapped page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22107",
"url": "https://www.suse.com/security/cve/CVE-2025-22107"
},
{
"category": "external",
"summary": "SUSE Bug 1241575 for CVE-2025-22107",
"url": "https://bugzilla.suse.com/1241575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22107"
},
{
"cve": "CVE-2025-22108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22108"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Mask the bd_cnt field in the TX BD properly\n\nThe bd_cnt field in the TX BD specifies the total number of BDs for\nthe TX packet. The bd_cnt field has 5 bits and the maximum number\nsupported is 32 with the value 0.\n\nCONFIG_MAX_SKB_FRAGS can be modified and the total number of SKB\nfragments can approach or exceed the maximum supported by the chip.\nAdd a macro to properly mask the bd_cnt field so that the value 32\nwill be properly masked and set to 0 in the bd_cnd field.\n\nWithout this patch, the out-of-range bd_cnt value will corrupt the\nTX BD and may cause TX timeout.\n\nThe next patch will check for values exceeding 32.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22108",
"url": "https://www.suse.com/security/cve/CVE-2025-22108"
},
{
"category": "external",
"summary": "SUSE Bug 1241574 for CVE-2025-22108",
"url": "https://bugzilla.suse.com/1241574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22108"
},
{
"cve": "CVE-2025-22109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22109"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Remove broken autobind\n\nBinding AX25 socket by using the autobind feature leads to memory leaks\nin ax25_connect() and also refcount leaks in ax25_release(). Memory\nleak was detected with kmemleak:\n\n================================================================\nunreferenced object 0xffff8880253cd680 (size 96):\nbacktrace:\n__kmalloc_node_track_caller_noprof (./include/linux/kmemleak.h:43)\nkmemdup_noprof (mm/util.c:136)\nax25_rt_autobind (net/ax25/ax25_route.c:428)\nax25_connect (net/ax25/af_ax25.c:1282)\n__sys_connect_file (net/socket.c:2045)\n__sys_connect (net/socket.c:2064)\n__x64_sys_connect (net/socket.c:2067)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n================================================================\n\nWhen socket is bound, refcounts must be incremented the way it is done\nin ax25_bind() and ax25_setsockopt() (SO_BINDTODEVICE). In case of\nautobind, the refcounts are not incremented.\n\nThis bug leads to the following issue reported by Syzkaller:\n\n================================================================\nax25_connect(): syz-executor318 uses autobind, please contact jreuter@yaina.de\n------------[ cut here ]------------\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 0 PID: 5317 at lib/refcount.c:31 refcount_warn_saturate+0xfa/0x1d0 lib/refcount.c:31\nModules linked in:\nCPU: 0 UID: 0 PID: 5317 Comm: syz-executor318 Not tainted 6.14.0-rc4-syzkaller-00278-gece144f151ac #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xfa/0x1d0 lib/refcount.c:31\n...\nCall Trace:\n \u003cTASK\u003e\n __refcount_dec include/linux/refcount.h:336 [inline]\n refcount_dec include/linux/refcount.h:351 [inline]\n ref_tracker_free+0x6af/0x7e0 lib/ref_tracker.c:236\n netdev_tracker_free include/linux/netdevice.h:4302 [inline]\n netdev_put include/linux/netdevice.h:4319 [inline]\n ax25_release+0x368/0x960 net/ax25/af_ax25.c:1080\n __sock_release net/socket.c:647 [inline]\n sock_close+0xbc/0x240 net/socket.c:1398\n __fput+0x3e9/0x9f0 fs/file_table.c:464\n __do_sys_close fs/open.c:1580 [inline]\n __se_sys_close fs/open.c:1565 [inline]\n __x64_sys_close+0x7f/0x110 fs/open.c:1565\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n ...\n \u003c/TASK\u003e\n================================================================\n\nConsidering the issues above and the comments left in the code that say:\n\"check if we can remove this feature. It is broken.\"; \"autobinding in this\nmay or may not work\"; - it is better to completely remove this feature than\nto fix it because it is broken and leads to various kinds of memory bugs.\n\nNow calling connect() without first binding socket will result in an\nerror (-EINVAL). Userspace software that relies on the autobind feature\nmight get broken. However, this feature does not seem widely used with\nthis specific driver as it was not reliable at any point of time, and it\nis already broken anyway. E.g. ax25-tools and ax25-apps packages for\npopular distributions do not use the autobind feature for AF_AX25.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22109",
"url": "https://www.suse.com/security/cve/CVE-2025-22109"
},
{
"category": "external",
"summary": "SUSE Bug 1241573 for CVE-2025-22109",
"url": "https://bugzilla.suse.com/1241573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22109"
},
{
"cve": "CVE-2025-22112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix out-of-range access of vnic_info array\n\nThe bnxt_queue_{start | stop}() access vnic_info as much as allocated,\nwhich indicates bp-\u003enr_vnics.\nSo, it should not reach bp-\u003evnic_info[bp-\u003enr_vnics].",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22112",
"url": "https://www.suse.com/security/cve/CVE-2025-22112"
},
{
"category": "external",
"summary": "SUSE Bug 1241581 for CVE-2025-22112",
"url": "https://bugzilla.suse.com/1241581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22112"
},
{
"cve": "CVE-2025-22116",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22116"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: check error for register_netdev() on init\n\nCurrent init logic ignores the error code from register_netdev(),\nwhich will cause WARN_ON() on attempt to unregister it, if there was one,\nand there is no info for the user that the creation of the netdev failed.\n\nWARNING: CPU: 89 PID: 6902 at net/core/dev.c:11512 unregister_netdevice_many_notify+0x211/0x1a10\n...\n[ 3707.563641] unregister_netdev+0x1c/0x30\n[ 3707.563656] idpf_vport_dealloc+0x5cf/0xce0 [idpf]\n[ 3707.563684] idpf_deinit_task+0xef/0x160 [idpf]\n[ 3707.563712] idpf_vc_core_deinit+0x84/0x320 [idpf]\n[ 3707.563739] idpf_remove+0xbf/0x780 [idpf]\n[ 3707.563769] pci_device_remove+0xab/0x1e0\n[ 3707.563786] device_release_driver_internal+0x371/0x530\n[ 3707.563803] driver_detach+0xbf/0x180\n[ 3707.563816] bus_remove_driver+0x11b/0x2a0\n[ 3707.563829] pci_unregister_driver+0x2a/0x250\n\nIntroduce an error check and log the vport number and error code.\nOn removal make sure to check VPORT_REG_NETDEV flag prior to calling\nunregister and free on the netdev.\n\nAdd local variables for idx, vport_config and netdev for readability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22116",
"url": "https://www.suse.com/security/cve/CVE-2025-22116"
},
{
"category": "external",
"summary": "SUSE Bug 1241459 for CVE-2025-22116",
"url": "https://bugzilla.suse.com/1241459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22116"
},
{
"cve": "CVE-2025-22121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22121"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()\n\nThere\u0027s issue as follows:\nBUG: KASAN: use-after-free in ext4_xattr_inode_dec_ref_all+0x6ff/0x790\nRead of size 4 at addr ffff88807b003000 by task syz-executor.0/15172\n\nCPU: 3 PID: 15172 Comm: syz-executor.0\nCall Trace:\n __dump_stack lib/dump_stack.c:82 [inline]\n dump_stack+0xbe/0xfd lib/dump_stack.c:123\n print_address_description.constprop.0+0x1e/0x280 mm/kasan/report.c:400\n __kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560\n kasan_report+0x3a/0x50 mm/kasan/report.c:585\n ext4_xattr_inode_dec_ref_all+0x6ff/0x790 fs/ext4/xattr.c:1137\n ext4_xattr_delete_inode+0x4c7/0xda0 fs/ext4/xattr.c:2896\n ext4_evict_inode+0xb3b/0x1670 fs/ext4/inode.c:323\n evict+0x39f/0x880 fs/inode.c:622\n iput_final fs/inode.c:1746 [inline]\n iput fs/inode.c:1772 [inline]\n iput+0x525/0x6c0 fs/inode.c:1758\n ext4_orphan_cleanup fs/ext4/super.c:3298 [inline]\n ext4_fill_super+0x8c57/0xba40 fs/ext4/super.c:5300\n mount_bdev+0x355/0x410 fs/super.c:1446\n legacy_get_tree+0xfe/0x220 fs/fs_context.c:611\n vfs_get_tree+0x8d/0x2f0 fs/super.c:1576\n do_new_mount fs/namespace.c:2983 [inline]\n path_mount+0x119a/0x1ad0 fs/namespace.c:3316\n do_mount+0xfc/0x110 fs/namespace.c:3329\n __do_sys_mount fs/namespace.c:3540 [inline]\n __se_sys_mount+0x219/0x2e0 fs/namespace.c:3514\n do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nMemory state around the buggy address:\n ffff88807b002f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff88807b002f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n\u003effff88807b003000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ^\n ffff88807b003080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ffff88807b003100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n\nAbove issue happens as ext4_xattr_delete_inode() isn\u0027t check xattr\nis valid if xattr is in inode.\nTo solve above issue call xattr_check_inode() check if xattr if valid\nin inode. In fact, we can directly verify in ext4_iget_extra_inode(),\nso that there is no divergent verification.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22121",
"url": "https://www.suse.com/security/cve/CVE-2025-22121"
},
{
"category": "external",
"summary": "SUSE Bug 1241593 for CVE-2025-22121",
"url": "https://bugzilla.suse.com/1241593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22121"
},
{
"cve": "CVE-2025-22125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1,raid10: don\u0027t ignore IO flags\n\nIf blk-wbt is enabled by default, it\u0027s found that raid write performance\nis quite bad because all IO are throttled by wbt of underlying disks,\ndue to flag REQ_IDLE is ignored. And turns out this behaviour exist since\nblk-wbt is introduced.\n\nOther than REQ_IDLE, other flags should not be ignored as well, for\nexample REQ_META can be set for filesystems, clearing it can cause priority\nreverse problems; And REQ_NOWAIT should not be cleared as well, because\nio will wait instead of failing directly in underlying disks.\n\nFix those problems by keep IO flags from master bio.\n\nFises: f51d46d0e7cb (\"md: add support for REQ_NOWAIT\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22125",
"url": "https://www.suse.com/security/cve/CVE-2025-22125"
},
{
"category": "external",
"summary": "SUSE Bug 1241596 for CVE-2025-22125",
"url": "https://bugzilla.suse.com/1241596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22125"
},
{
"cve": "CVE-2025-22126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix mddev uaf while iterating all_mddevs list\n\nWhile iterating all_mddevs list from md_notify_reboot() and md_exit(),\nlist_for_each_entry_safe is used, and this can race with deletint the\nnext mddev, causing UAF:\n\nt1:\nspin_lock\n//list_for_each_entry_safe(mddev, n, ...)\n mddev_get(mddev1)\n // assume mddev2 is the next entry\n spin_unlock\n t2:\n //remove mddev2\n ...\n mddev_free\n spin_lock\n list_del\n spin_unlock\n kfree(mddev2)\n mddev_put(mddev1)\n spin_lock\n //continue dereference mddev2-\u003eall_mddevs\n\nThe old helper for_each_mddev() actually grab the reference of mddev2\nwhile holding the lock, to prevent from being freed. This problem can be\nfixed the same way, however, the code will be complex.\n\nHence switch to use list_for_each_entry, in this case mddev_put() can free\nthe mddev1 and it\u0027s not safe as well. Refer to md_seq_show(), also factor\nout a helper mddev_put_locked() to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22126",
"url": "https://www.suse.com/security/cve/CVE-2025-22126"
},
{
"category": "external",
"summary": "SUSE Bug 1241597 for CVE-2025-22126",
"url": "https://bugzilla.suse.com/1241597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22126"
},
{
"cve": "CVE-2025-22128",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22128"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path\n\nIf a shared IRQ is used by the driver due to platform limitation, then the\nIRQ affinity hint is set right after the allocation of IRQ vectors in\nath12k_pci_msi_alloc(). This does no harm unless one of the functions\nrequesting the IRQ fails and attempt to free the IRQ.\n\nThis may end up with a warning from the IRQ core that is expecting the\naffinity hint to be cleared before freeing the IRQ:\n\nkernel/irq/manage.c:\n\n\t/* make sure affinity_hint is cleaned up */\n\tif (WARN_ON_ONCE(desc-\u003eaffinity_hint))\n\t\tdesc-\u003eaffinity_hint = NULL;\n\nSo to fix this issue, clear the IRQ affinity hint before calling\nath12k_pci_free_irq() in the error path. The affinity will be cleared once\nagain further down the error path due to code organization, but that does\nno harm.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22128",
"url": "https://www.suse.com/security/cve/CVE-2025-22128"
},
{
"category": "external",
"summary": "SUSE Bug 1241598 for CVE-2025-22128",
"url": "https://bugzilla.suse.com/1241598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-22128"
},
{
"cve": "CVE-2025-2312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-2312"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host\u0027s Kerberos credentials cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-2312",
"url": "https://www.suse.com/security/cve/CVE-2025-2312"
},
{
"category": "external",
"summary": "SUSE Bug 1239680 for CVE-2025-2312",
"url": "https://bugzilla.suse.com/1239680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-2312"
},
{
"cve": "CVE-2025-23129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23129"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path\n\nIf a shared IRQ is used by the driver due to platform limitation, then the\nIRQ affinity hint is set right after the allocation of IRQ vectors in\nath11k_pci_alloc_msi(). This does no harm unless one of the functions\nrequesting the IRQ fails and attempt to free the IRQ. This results in the\nbelow warning:\n\nWARNING: CPU: 7 PID: 349 at kernel/irq/manage.c:1929 free_irq+0x278/0x29c\nCall trace:\n free_irq+0x278/0x29c\n ath11k_pcic_free_irq+0x70/0x10c [ath11k]\n ath11k_pci_probe+0x800/0x820 [ath11k_pci]\n local_pci_probe+0x40/0xbc\n\nThe warning is due to not clearing the affinity hint before freeing the\nIRQs.\n\nSo to fix this issue, clear the IRQ affinity hint before calling\nath11k_pcic_free_irq() in the error path. The affinity will be cleared once\nagain further down the error path due to code organization, but that does\nno harm.\n\nTested-on: QCA6390 hw2.0 PCI WLAN.HST.1.0.1-05266-QCAHSTSWPLZ_V2_TO_X86-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23129",
"url": "https://www.suse.com/security/cve/CVE-2025-23129"
},
{
"category": "external",
"summary": "SUSE Bug 1241599 for CVE-2025-23129",
"url": "https://bugzilla.suse.com/1241599"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-23129"
},
{
"cve": "CVE-2025-23131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndlm: prevent NPD when writing a positive value to event_done\n\ndo_uevent returns the value written to event_done. In case it is a\npositive value, new_lockspace would undo all the work, and lockspace\nwould not be set. __dlm_new_lockspace, however, would treat that\npositive value as a success due to commit 8511a2728ab8 (\"dlm: fix use\ncount with multiple joins\").\n\nDown the line, device_create_lockspace would pass that NULL lockspace to\ndlm_find_lockspace_local, leading to a NULL pointer dereference.\n\nTreating such positive values as successes prevents the problem. Given\nthis has been broken for so long, this is unlikely to break userspace\nexpectations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23131",
"url": "https://www.suse.com/security/cve/CVE-2025-23131"
},
{
"category": "external",
"summary": "SUSE Bug 1241601 for CVE-2025-23131",
"url": "https://bugzilla.suse.com/1241601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-23131"
},
{
"cve": "CVE-2025-23133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23133"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: update channel list in reg notifier instead reg worker\n\nCurrently when ath11k gets a new channel list, it will be processed\naccording to the following steps:\n1. update new channel list to cfg80211 and queue reg_work.\n2. cfg80211 handles new channel list during reg_work.\n3. update cfg80211\u0027s handled channel list to firmware by\nath11k_reg_update_chan_list().\n\nBut ath11k will immediately execute step 3 after reg_work is just\nqueued. Since step 2 is asynchronous, cfg80211 may not have completed\nhandling the new channel list, which may leading to an out-of-bounds\nwrite error:\nBUG: KASAN: slab-out-of-bounds in ath11k_reg_update_chan_list\nCall Trace:\n ath11k_reg_update_chan_list+0xbfe/0xfe0 [ath11k]\n kfree+0x109/0x3a0\n ath11k_regd_update+0x1cf/0x350 [ath11k]\n ath11k_regd_update_work+0x14/0x20 [ath11k]\n process_one_work+0xe35/0x14c0\n\nShould ensure step 2 is completely done before executing step 3. Thus\nWen raised patch[1]. When flag NL80211_REGDOM_SET_BY_DRIVER is set,\ncfg80211 will notify ath11k after step 2 is done.\n\nSo enable the flag NL80211_REGDOM_SET_BY_DRIVER then cfg80211 will\nnotify ath11k after step 2 is done. At this time, there will be no\nKASAN bug during the execution of the step 3.\n\n[1] https://patchwork.kernel.org/project/linux-wireless/patch/20230201065313.27203-1-quic_wgong@quicinc.com/\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23133",
"url": "https://www.suse.com/security/cve/CVE-2025-23133"
},
{
"category": "external",
"summary": "SUSE Bug 1241451 for CVE-2025-23133",
"url": "https://bugzilla.suse.com/1241451"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-23133"
},
{
"cve": "CVE-2025-23134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23134"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: timer: Don\u0027t take register_mutex with copy_from/to_user()\n\nThe infamous mmap_lock taken in copy_from/to_user() can be often\nproblematic when it\u0027s called inside another mutex, as they might lead\nto deadlocks.\n\nIn the case of ALSA timer code, the bad pattern is with\nguard(mutex)(\u0026register_mutex) that covers copy_from/to_user() -- which\nwas mistakenly introduced at converting to guard(), and it had been\ncarefully worked around in the past.\n\nThis patch fixes those pieces simply by moving copy_from/to_user() out\nof the register mutex lock again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23134",
"url": "https://www.suse.com/security/cve/CVE-2025-23134"
},
{
"category": "external",
"summary": "SUSE Bug 1241628 for CVE-2025-23134",
"url": "https://bugzilla.suse.com/1241628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-23134"
},
{
"cve": "CVE-2025-23136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23136"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: int340x: Add NULL check for adev\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL.\nThis is similar to the commit cd2fd6eab480\n(\"platform/x86: int3472: Check for adev == NULL\").\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in int3402_thermal_probe().\n\nNote, under the same directory, int3400_thermal_probe() has such a\ncheck.\n\n[ rjw: Subject edit, added Fixes: ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23136",
"url": "https://www.suse.com/security/cve/CVE-2025-23136"
},
{
"category": "external",
"summary": "SUSE Bug 1241357 for CVE-2025-23136",
"url": "https://bugzilla.suse.com/1241357"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-23136"
},
{
"cve": "CVE-2025-23138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatch_queue: fix pipe accounting mismatch\n\nCurrently, watch_queue_set_size() modifies the pipe buffers charged to\nuser-\u003epipe_bufs without updating the pipe-\u003enr_accounted on the pipe\nitself, due to the if (!pipe_has_watch_queue()) test in\npipe_resize_ring(). This means that when the pipe is ultimately freed,\nwe decrement user-\u003epipe_bufs by something other than what than we had\ncharged to it, potentially leading to an underflow. This in turn can\ncause subsequent too_many_pipe_buffers_soft() tests to fail with -EPERM.\n\nTo remedy this, explicitly account for the pipe usage in\nwatch_queue_set_size() to match the number set via account_pipe_buffers()\n\n(It\u0027s unclear why watch_queue_set_size() does not update nr_accounted;\nit may be due to intentional overprovisioning in watch_queue_set_size()?)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23138",
"url": "https://www.suse.com/security/cve/CVE-2025-23138"
},
{
"category": "external",
"summary": "SUSE Bug 1241648 for CVE-2025-23138",
"url": "https://bugzilla.suse.com/1241648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-23138"
},
{
"cve": "CVE-2025-23140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error\n\nAfter devm_request_irq() fails with error in pci_endpoint_test_request_irq(),\nthe pci_endpoint_test_free_irq_vectors() is called assuming that all IRQs\nhave been released.\n\nHowever, some requested IRQs remain unreleased, so there are still\n/proc/irq/* entries remaining, and this results in WARN() with the\nfollowing message:\n\n remove_proc_entry: removing non-empty directory \u0027irq/30\u0027, leaking at least \u0027pci-endpoint-test.0\u0027\n WARNING: CPU: 0 PID: 202 at fs/proc/generic.c:719 remove_proc_entry +0x190/0x19c\n\nTo solve this issue, set the number of remaining IRQs to test-\u003enum_irqs,\nand release IRQs in advance by calling pci_endpoint_test_release_irq().\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23140",
"url": "https://www.suse.com/security/cve/CVE-2025-23140"
},
{
"category": "external",
"summary": "SUSE Bug 1242763 for CVE-2025-23140",
"url": "https://bugzilla.suse.com/1242763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-23140"
},
{
"cve": "CVE-2025-23145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix NULL pointer in can_accept_new_subflow\n\nWhen testing valkey benchmark tool with MPTCP, the kernel panics in\n\u0027mptcp_can_accept_new_subflow\u0027 because subflow_req-\u003emsk is NULL.\n\nCall trace:\n\n mptcp_can_accept_new_subflow (./net/mptcp/subflow.c:63 (discriminator 4)) (P)\n subflow_syn_recv_sock (./net/mptcp/subflow.c:854)\n tcp_check_req (./net/ipv4/tcp_minisocks.c:863)\n tcp_v4_rcv (./net/ipv4/tcp_ipv4.c:2268)\n ip_protocol_deliver_rcu (./net/ipv4/ip_input.c:207)\n ip_local_deliver_finish (./net/ipv4/ip_input.c:234)\n ip_local_deliver (./net/ipv4/ip_input.c:254)\n ip_rcv_finish (./net/ipv4/ip_input.c:449)\n ...\n\nAccording to the debug log, the same req received two SYN-ACK in a very\nshort time, very likely because the client retransmits the syn ack due\nto multiple reasons.\n\nEven if the packets are transmitted with a relevant time interval, they\ncan be processed by the server on different CPUs concurrently). The\n\u0027subflow_req-\u003emsk\u0027 ownership is transferred to the subflow the first,\nand there will be a risk of a null pointer dereference here.\n\nThis patch fixes this issue by moving the \u0027subflow_req-\u003emsk\u0027 under the\n`own_req == true` conditional.\n\nNote that the !msk check in subflow_hmac_valid() can be dropped, because\nthe same check already exists under the own_req mpj branch where the\ncode has been moved to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23145",
"url": "https://www.suse.com/security/cve/CVE-2025-23145"
},
{
"category": "external",
"summary": "SUSE Bug 1242596 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "external",
"summary": "SUSE Bug 1242882 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2025-23145"
},
{
"cve": "CVE-2025-23150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off-by-one error in do_split\n\nSyzkaller detected a use-after-free issue in ext4_insert_dentry that was\ncaused by out-of-bounds access due to incorrect splitting in do_split.\n\nBUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nWrite of size 251 at addr ffff888074572f14 by task syz-executor335/5847\n\nCPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\n ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\n add_dirent_to_buf+0x3d9/0x750 fs/ext4/namei.c:2154\n make_indexed_dir+0xf98/0x1600 fs/ext4/namei.c:2351\n ext4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2455\n ext4_add_nondir+0x8d/0x290 fs/ext4/namei.c:2796\n ext4_symlink+0x920/0xb50 fs/ext4/namei.c:3431\n vfs_symlink+0x137/0x2e0 fs/namei.c:4615\n do_symlinkat+0x222/0x3a0 fs/namei.c:4641\n __do_sys_symlink fs/namei.c:4662 [inline]\n __se_sys_symlink fs/namei.c:4660 [inline]\n __x64_sys_symlink+0x7a/0x90 fs/namei.c:4660\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThe following loop is located right above \u0027if\u0027 statement.\n\nfor (i = count-1; i \u003e= 0; i--) {\n\t/* is more than half of this entry in 2nd half of the block? */\n\tif (size + map[i].size/2 \u003e blocksize/2)\n\t\tbreak;\n\tsize += map[i].size;\n\tmove++;\n}\n\n\u0027i\u0027 in this case could go down to -1, in which case sum of active entries\nwouldn\u0027t exceed half the block size, but previous behaviour would also do\nsplit in half if sum would exceed at the very last block, which in case of\nhaving too many long name files in a single block could lead to\nout-of-bounds access and following use-after-free.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23150",
"url": "https://www.suse.com/security/cve/CVE-2025-23150"
},
{
"category": "external",
"summary": "SUSE Bug 1242513 for CVE-2025-23150",
"url": "https://bugzilla.suse.com/1242513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-23150"
},
{
"cve": "CVE-2025-23154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23154"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/net: fix io_req_post_cqe abuse by send bundle\n\n[ 114.987980][ T5313] WARNING: CPU: 6 PID: 5313 at io_uring/io_uring.c:872 io_req_post_cqe+0x12e/0x4f0\n[ 114.991597][ T5313] RIP: 0010:io_req_post_cqe+0x12e/0x4f0\n[ 115.001880][ T5313] Call Trace:\n[ 115.002222][ T5313] \u003cTASK\u003e\n[ 115.007813][ T5313] io_send+0x4fe/0x10f0\n[ 115.009317][ T5313] io_issue_sqe+0x1a6/0x1740\n[ 115.012094][ T5313] io_wq_submit_work+0x38b/0xed0\n[ 115.013223][ T5313] io_worker_handle_work+0x62a/0x1600\n[ 115.013876][ T5313] io_wq_worker+0x34f/0xdf0\n\nAs the comment states, io_req_post_cqe() should only be used by\nmultishot requests, i.e. REQ_F_APOLL_MULTISHOT, which bundled sends are\nnot. Add a flag signifying whether a request wants to post multiple\nCQEs. Eventually REQ_F_APOLL_MULTISHOT should imply the new flag, but\nthat\u0027s left out for simplicity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23154",
"url": "https://www.suse.com/security/cve/CVE-2025-23154"
},
{
"category": "external",
"summary": "SUSE Bug 1242533 for CVE-2025-23154",
"url": "https://bugzilla.suse.com/1242533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-23154"
},
{
"cve": "CVE-2025-23160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization\n\nOn Mediatek devices with a system companion processor (SCP) the mtk_scp\nstructure has to be removed explicitly to avoid a resource leak.\nFree the structure in case the allocation of the firmware structure fails\nduring the firmware initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23160",
"url": "https://www.suse.com/security/cve/CVE-2025-23160"
},
{
"category": "external",
"summary": "SUSE Bug 1242507 for CVE-2025-23160",
"url": "https://bugzilla.suse.com/1242507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-23160"
},
{
"cve": "CVE-2025-37747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37747",
"url": "https://www.suse.com/security/cve/CVE-2025-37747"
},
{
"category": "external",
"summary": "SUSE Bug 1242520 for CVE-2025-37747",
"url": "https://bugzilla.suse.com/1242520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37747"
},
{
"cve": "CVE-2025-37748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37748"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group\n\nCurrently, mtk_iommu calls during probe iommu_device_register before\nthe hw_list from driver data is initialized. Since iommu probing issue\nfix, it leads to NULL pointer dereference in mtk_iommu_device_group when\nhw_list is accessed with list_first_entry (not null safe).\n\nSo, change the call order to ensure iommu_device_register is called\nafter the driver data are initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37748",
"url": "https://www.suse.com/security/cve/CVE-2025-37748"
},
{
"category": "external",
"summary": "SUSE Bug 1242523 for CVE-2025-37748",
"url": "https://bugzilla.suse.com/1242523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37748"
},
{
"cve": "CVE-2025-37749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ppp: Add bound checking for skb data on ppp_sync_txmung\n\nEnsure we have enough data in linear buffer from skb before accessing\ninitial bytes. This prevents potential out-of-bounds accesses\nwhen processing short packets.\n\nWhen ppp_sync_txmung receives an incoming package with an empty\npayload:\n(remote) gef\u27a4 p *(struct pppoe_hdr *) (skb-\u003ehead + skb-\u003enetwork_header)\n$18 = {\n\ttype = 0x1,\n\tver = 0x1,\n\tcode = 0x0,\n\tsid = 0x2,\n length = 0x0,\n\ttag = 0xffff8880371cdb96\n}\n\nfrom the skb struct (trimmed)\n tail = 0x16,\n end = 0x140,\n head = 0xffff88803346f400 \"4\",\n data = 0xffff88803346f416 \":\\377\",\n truesize = 0x380,\n len = 0x0,\n data_len = 0x0,\n mac_len = 0xe,\n hdr_len = 0x0,\n\nit is not safe to access data[2].\n\n[pabeni@redhat.com: fixed subj typo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37749",
"url": "https://www.suse.com/security/cve/CVE-2025-37749"
},
{
"category": "external",
"summary": "SUSE Bug 1242859 for CVE-2025-37749",
"url": "https://bugzilla.suse.com/1242859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37749"
},
{
"cve": "CVE-2025-37750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in decryption with multichannel\n\nAfter commit f7025d861694 (\"smb: client: allocate crypto only for\nprimary server\") and commit b0abcd65ec54 (\"smb: client: fix UAF in\nasync decryption\"), the channels started reusing AEAD TFM from primary\nchannel to perform synchronous decryption, but that can\u0027t done as\nthere could be multiple cifsd threads (one per channel) simultaneously\naccessing it to perform decryption.\n\nThis fixes the following KASAN splat when running fstest generic/249\nwith \u0027vers=3.1.1,multichannel,max_channels=4,seal\u0027 against Windows\nServer 2022:\n\nBUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xba/0x110\nRead of size 8 at addr ffff8881046c18a0 by task cifsd/986\nCPU: 3 UID: 0 PID: 986 Comm: cifsd Not tainted 6.15.0-rc1 #1\nPREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n print_report+0x156/0x528\n ? gf128mul_4k_lle+0xba/0x110\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? gf128mul_4k_lle+0xba/0x110\n kasan_report+0xdf/0x1a0\n ? gf128mul_4k_lle+0xba/0x110\n gf128mul_4k_lle+0xba/0x110\n ghash_update+0x189/0x210\n shash_ahash_update+0x295/0x370\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_extract_iter_to_sg+0x10/0x10\n ? ___kmalloc_large_node+0x10e/0x180\n ? __asan_memset+0x23/0x50\n crypto_ahash_update+0x3c/0xc0\n gcm_hash_assoc_remain_continue+0x93/0xc0\n crypt_message+0xe09/0xec0 [cifs]\n ? __pfx_crypt_message+0x10/0x10 [cifs]\n ? _raw_spin_unlock+0x23/0x40\n ? __pfx_cifs_readv_from_socket+0x10/0x10 [cifs]\n decrypt_raw_data+0x229/0x380 [cifs]\n ? __pfx_decrypt_raw_data+0x10/0x10 [cifs]\n ? __pfx_cifs_read_iter_from_socket+0x10/0x10 [cifs]\n smb3_receive_transform+0x837/0xc80 [cifs]\n ? __pfx_smb3_receive_transform+0x10/0x10 [cifs]\n ? __pfx___might_resched+0x10/0x10\n ? __pfx_smb3_is_transform_hdr+0x10/0x10 [cifs]\n cifs_demultiplex_thread+0x692/0x1570 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n ? rcu_is_watching+0x20/0x50\n ? rcu_lockdep_current_cpu_online+0x62/0xb0\n ? find_held_lock+0x32/0x90\n ? kvm_sched_clock_read+0x11/0x20\n ? local_clock_noinstr+0xd/0xd0\n ? trace_irq_enable.constprop.0+0xa8/0xe0\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0x1fe/0x380\n ? kthread+0x10f/0x380\n ? __pfx_kthread+0x10/0x10\n ? local_clock_noinstr+0xd/0xd0\n ? ret_from_fork+0x1b/0x60\n ? local_clock+0x15/0x30\n ? lock_release+0x29b/0x390\n ? rcu_is_watching+0x20/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37750",
"url": "https://www.suse.com/security/cve/CVE-2025-37750"
},
{
"category": "external",
"summary": "SUSE Bug 1242510 for CVE-2025-37750",
"url": "https://bugzilla.suse.com/1242510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37750"
},
{
"cve": "CVE-2025-37755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37755"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: handle page_pool_dev_alloc_pages error\n\npage_pool_dev_alloc_pages could return NULL. There was a WARN_ON(!page)\nbut it would still proceed to use the NULL pointer and then crash.\n\nThis is similar to commit 001ba0902046\n(\"net: fec: handle page_pool_dev_alloc_pages error\").\n\nThis is found by our static analysis tool KNighter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37755",
"url": "https://www.suse.com/security/cve/CVE-2025-37755"
},
{
"category": "external",
"summary": "SUSE Bug 1242506 for CVE-2025-37755",
"url": "https://bugzilla.suse.com/1242506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37755"
},
{
"cve": "CVE-2025-37773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtiofs: add filesystem context source name check\n\nIn certain scenarios, for example, during fuzz testing, the source\nname may be NULL, which could lead to a kernel panic. Therefore, an\nextra check for the source name should be added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37773",
"url": "https://www.suse.com/security/cve/CVE-2025-37773"
},
{
"category": "external",
"summary": "SUSE Bug 1242502 for CVE-2025-37773",
"url": "https://bugzilla.suse.com/1242502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37773"
},
{
"cve": "CVE-2025-37780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Prevent the use of too small fid\n\nsyzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1]\n\nThe handle_bytes value passed in by the reproducing program is equal to 12.\nIn handle_to_path(), only 12 bytes of memory are allocated for the structure\nfile_handle-\u003ef_handle member, which causes an out-of-bounds access when\naccessing the member parent_block of the structure isofs_fid in isofs,\nbecause accessing parent_block requires at least 16 bytes of f_handle.\nHere, fh_len is used to indirectly confirm that the value of handle_bytes\nis greater than 3 before accessing parent_block.\n\n[1]\nBUG: KASAN: slab-out-of-bounds in isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\nRead of size 4 at addr ffff0000cc030d94 by task syz-executor215/6466\nCPU: 1 UID: 0 PID: 6466 Comm: syz-executor215 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0x198/0x550 mm/kasan/report.c:521\n kasan_report+0xd8/0x138 mm/kasan/report.c:634\n __asan_report_load4_noabort+0x20/0x2c mm/kasan/report_generic.c:380\n isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\n exportfs_decode_fh_raw+0x2dc/0x608 fs/exportfs/expfs.c:523\n do_handle_to_path+0xa0/0x198 fs/fhandle.c:257\n handle_to_path fs/fhandle.c:385 [inline]\n do_handle_open+0x8cc/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nAllocated by task 6466:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x40/0x50 mm/kasan/generic.c:562\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xac/0xc4 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4294 [inline]\n __kmalloc_noprof+0x32c/0x54c mm/slub.c:4306\n kmalloc_noprof include/linux/slab.h:905 [inline]\n handle_to_path fs/fhandle.c:357 [inline]\n do_handle_open+0x5a4/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37780",
"url": "https://www.suse.com/security/cve/CVE-2025-37780"
},
{
"category": "external",
"summary": "SUSE Bug 1242786 for CVE-2025-37780",
"url": "https://bugzilla.suse.com/1242786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37780"
},
{
"cve": "CVE-2025-37785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37785"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix OOB read when checking dotdot dir\n\nMounting a corrupted filesystem with directory which contains \u0027.\u0027 dir\nentry with rec_len == block size results in out-of-bounds read (later\non, when the corrupted directory is removed).\n\next4_empty_dir() assumes every ext4 directory contains at least \u0027.\u0027\nand \u0027..\u0027 as directory entries in the first data block. It first loads\nthe \u0027.\u0027 dir entry, performs sanity checks by calling ext4_check_dir_entry()\nand then uses its rec_len member to compute the location of \u0027..\u0027 dir\nentry (in ext4_next_entry). It assumes the \u0027..\u0027 dir entry fits into the\nsame data block.\n\nIf the rec_len of \u0027.\u0027 is precisely one block (4KB), it slips through the\nsanity checks (it is considered the last directory entry in the data\nblock) and leaves \"struct ext4_dir_entry_2 *de\" point exactly past the\nmemory slot allocated to the data block. The following call to\next4_check_dir_entry() on new value of de then dereferences this pointer\nwhich results in out-of-bounds mem access.\n\nFix this by extending __ext4_check_dir_entry() to check for \u0027.\u0027 dir\nentries that reach the end of data block. Make sure to ignore the phony\ndir entries for checksum (by checking name_len for non-zero).\n\nNote: This is reported by KASAN as use-after-free in case another\nstructure was recently freed from the slot past the bound, but it is\nreally an OOB read.\n\nThis issue was found by syzkaller tool.\n\nCall Trace:\n[ 38.594108] BUG: KASAN: slab-use-after-free in __ext4_check_dir_entry+0x67e/0x710\n[ 38.594649] Read of size 2 at addr ffff88802b41a004 by task syz-executor/5375\n[ 38.595158]\n[ 38.595288] CPU: 0 UID: 0 PID: 5375 Comm: syz-executor Not tainted 6.14.0-rc7 #1\n[ 38.595298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 38.595304] Call Trace:\n[ 38.595308] \u003cTASK\u003e\n[ 38.595311] dump_stack_lvl+0xa7/0xd0\n[ 38.595325] print_address_description.constprop.0+0x2c/0x3f0\n[ 38.595339] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595349] print_report+0xaa/0x250\n[ 38.595359] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595368] ? kasan_addr_to_slab+0x9/0x90\n[ 38.595378] kasan_report+0xab/0xe0\n[ 38.595389] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595400] __ext4_check_dir_entry+0x67e/0x710\n[ 38.595410] ext4_empty_dir+0x465/0x990\n[ 38.595421] ? __pfx_ext4_empty_dir+0x10/0x10\n[ 38.595432] ext4_rmdir.part.0+0x29a/0xd10\n[ 38.595441] ? __dquot_initialize+0x2a7/0xbf0\n[ 38.595455] ? __pfx_ext4_rmdir.part.0+0x10/0x10\n[ 38.595464] ? __pfx___dquot_initialize+0x10/0x10\n[ 38.595478] ? down_write+0xdb/0x140\n[ 38.595487] ? __pfx_down_write+0x10/0x10\n[ 38.595497] ext4_rmdir+0xee/0x140\n[ 38.595506] vfs_rmdir+0x209/0x670\n[ 38.595517] ? lookup_one_qstr_excl+0x3b/0x190\n[ 38.595529] do_rmdir+0x363/0x3c0\n[ 38.595537] ? __pfx_do_rmdir+0x10/0x10\n[ 38.595544] ? strncpy_from_user+0x1ff/0x2e0\n[ 38.595561] __x64_sys_unlinkat+0xf0/0x130\n[ 38.595570] do_syscall_64+0x5b/0x180\n[ 38.595583] entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37785",
"url": "https://www.suse.com/security/cve/CVE-2025-37785"
},
{
"category": "external",
"summary": "SUSE Bug 1241640 for CVE-2025-37785",
"url": "https://bugzilla.suse.com/1241640"
},
{
"category": "external",
"summary": "SUSE Bug 1241698 for CVE-2025-37785",
"url": "https://bugzilla.suse.com/1241698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37785"
},
{
"cve": "CVE-2025-37787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered\n\nRussell King reports that a system with mv88e6xxx dereferences a NULL\npointer when unbinding this driver:\nhttps://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/\n\nThe crash seems to be in devlink_region_destroy(), which is not NULL\ntolerant but is given a NULL devlink global region pointer.\n\nAt least on some chips, some devlink regions are conditionally registered\nsince the blamed commit, see mv88e6xxx_setup_devlink_regions_global():\n\n\t\tif (cond \u0026\u0026 !cond(chip))\n\t\t\tcontinue;\n\nThese are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip\ndoes not have an STU or PVT, it should crash like this.\n\nTo fix the issue, avoid unregistering those regions which are NULL, i.e.\nwere skipped at mv88e6xxx_setup_devlink_regions_global() time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37787",
"url": "https://www.suse.com/security/cve/CVE-2025-37787"
},
{
"category": "external",
"summary": "SUSE Bug 1242585 for CVE-2025-37787",
"url": "https://bugzilla.suse.com/1242585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37787"
},
{
"cve": "CVE-2025-37789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix nested key length validation in the set() action\n\nIt\u0027s not safe to access nla_len(ovs_key) if the data is smaller than\nthe netlink header. Check that the attribute is OK first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37789",
"url": "https://www.suse.com/security/cve/CVE-2025-37789"
},
{
"category": "external",
"summary": "SUSE Bug 1242762 for CVE-2025-37789",
"url": "https://bugzilla.suse.com/1242762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37789"
},
{
"cve": "CVE-2025-37790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Set SOCK_RCU_FREE\n\nBind lookup runs under RCU, so ensure that a socket doesn\u0027t go away in\nthe middle of a lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37790",
"url": "https://www.suse.com/security/cve/CVE-2025-37790"
},
{
"category": "external",
"summary": "SUSE Bug 1242509 for CVE-2025-37790",
"url": "https://bugzilla.suse.com/1242509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37790"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37799"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp\n\nvmxnet3 driver\u0027s XDP handling is buggy for packet sizes using ring0 (that\nis, packet sizes between 128 - 3k bytes).\n\nWe noticed MTU-related connectivity issues with Cilium\u0027s service load-\nbalancing in case of vmxnet3 as NIC underneath. A simple curl to a HTTP\nbackend service where the XDP LB was doing IPIP encap led to overly large\npacket sizes but only for *some* of the packets (e.g. HTTP GET request)\nwhile others (e.g. the prior TCP 3WHS) looked completely fine on the wire.\n\nIn fact, the pcap recording on the backend node actually revealed that the\nnode with the XDP LB was leaking uninitialized kernel data onto the wire\nfor the affected packets, for example, while the packets should have been\n152 bytes their actual size was 1482 bytes, so the remainder after 152 bytes\nwas padded with whatever other data was in that page at the time (e.g. we\nsaw user/payload data from prior processed packets).\n\nWe only noticed this through an MTU issue, e.g. when the XDP LB node and\nthe backend node both had the same MTU (e.g. 1500) then the curl request\ngot dropped on the backend node\u0027s NIC given the packet was too large even\nthough the IPIP-encapped packet normally would never even come close to\nthe MTU limit. Lowering the MTU on the XDP LB (e.g. 1480) allowed to let\nthe curl request succeed (which also indicates that the kernel ignored the\npadding, and thus the issue wasn\u0027t very user-visible).\n\nCommit e127ce7699c1 (\"vmxnet3: Fix missing reserved tailroom\") was too eager\nto also switch xdp_prepare_buff() from rcd-\u003elen to rbi-\u003elen. It really needs\nto stick to rcd-\u003elen which is the actual packet length from the descriptor.\nThe latter we also feed into vmxnet3_process_xdp_small(), by the way, and\nit indicates the correct length needed to initialize the xdp-\u003e{data,data_end}\nparts. For e127ce7699c1 (\"vmxnet3: Fix missing reserved tailroom\") the\nrelevant part was adapting xdp_init_buff() to address the warning given the\nxdp_data_hard_end() depends on xdp-\u003eframe_sz. With that fixed, traffic on\nthe wire looks good again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37799",
"url": "https://www.suse.com/security/cve/CVE-2025-37799"
},
{
"category": "external",
"summary": "SUSE Bug 1242283 for CVE-2025-37799",
"url": "https://bugzilla.suse.com/1242283"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37799"
},
{
"cve": "CVE-2025-37803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudmabuf: fix a buf size overflow issue during udmabuf creation\n\nby casting size_limit_mb to u64 when calculate pglimit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37803",
"url": "https://www.suse.com/security/cve/CVE-2025-37803"
},
{
"category": "external",
"summary": "SUSE Bug 1242852 for CVE-2025-37803",
"url": "https://bugzilla.suse.com/1242852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37803"
},
{
"cve": "CVE-2025-37804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37804"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37804",
"url": "https://www.suse.com/security/cve/CVE-2025-37804"
},
{
"category": "external",
"summary": "SUSE Bug 1242854 for CVE-2025-37804",
"url": "https://bugzilla.suse.com/1242854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37804"
},
{
"cve": "CVE-2025-37809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Fix NULL pointer access\n\nConcurrent calls to typec_partner_unlink_device can lead to a NULL pointer\ndereference. This patch adds a mutex to protect USB device pointers and\nprevent this issue. The same mutex protects both the device pointers and\nthe partner device registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37809",
"url": "https://www.suse.com/security/cve/CVE-2025-37809"
},
{
"category": "external",
"summary": "SUSE Bug 1242856 for CVE-2025-37809",
"url": "https://bugzilla.suse.com/1242856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37809"
},
{
"cve": "CVE-2025-37820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen-netfront: handle NULL returned by xdp_convert_buff_to_frame()\n\nThe function xdp_convert_buff_to_frame() may return NULL if it fails\nto correctly convert the XDP buffer into an XDP frame due to memory\nconstraints, internal errors, or invalid data. Failing to check for NULL\nmay lead to a NULL pointer dereference if the result is used later in\nprocessing, potentially causing crashes, data corruption, or undefined\nbehavior.\n\nOn XDP redirect failure, the associated page must be released explicitly\nif it was previously retained via get_page(). Failing to do so may result\nin a memory leak, as the pages reference count is not decremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37820",
"url": "https://www.suse.com/security/cve/CVE-2025-37820"
},
{
"category": "external",
"summary": "SUSE Bug 1242866 for CVE-2025-37820",
"url": "https://bugzilla.suse.com/1242866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37820"
},
{
"cve": "CVE-2025-37823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don\u0027t have a reliable reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37823",
"url": "https://www.suse.com/security/cve/CVE-2025-37823"
},
{
"category": "external",
"summary": "SUSE Bug 1242924 for CVE-2025-37823",
"url": "https://bugzilla.suse.com/1242924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37823"
},
{
"cve": "CVE-2025-37824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix NULL pointer dereference in tipc_mon_reinit_self()\n\nsyzbot reported:\n\ntipc: Node number set to 1055423674\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 3 UID: 0 PID: 6017 Comm: kworker/3:5 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: events tipc_net_finalize_work\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tipc_net_finalize+0x10b/0x180 net/tipc/net.c:140\n process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238\n process_scheduled_works kernel/workqueue.c:3319 [inline]\n worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400\n kthread+0x3c2/0x780 kernel/kthread.c:464\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n...\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\nThere is a racing condition between workqueue created when enabling\nbearer and another thread created when disabling bearer right after\nthat as follow:\n\nenabling_bearer | disabling_bearer\n--------------- | ----------------\ntipc_disc_timeout() |\n{ | bearer_disable()\n ... | {\n schedule_work(\u0026tn-\u003ework); | tipc_mon_delete()\n ... | {\n} | ...\n | write_lock_bh(\u0026mon-\u003elock);\n | mon-\u003eself = NULL;\n | write_unlock_bh(\u0026mon-\u003elock);\n | ...\n | }\ntipc_net_finalize_work() | }\n{ |\n ... |\n tipc_net_finalize() |\n { |\n ... |\n tipc_mon_reinit_self() |\n { |\n ... |\n write_lock_bh(\u0026mon-\u003elock); |\n mon-\u003eself-\u003eaddr = tipc_own_addr(net); |\n write_unlock_bh(\u0026mon-\u003elock); |\n ... \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37824",
"url": "https://www.suse.com/security/cve/CVE-2025-37824"
},
{
"category": "external",
"summary": "SUSE Bug 1242867 for CVE-2025-37824",
"url": "https://bugzilla.suse.com/1242867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37824"
},
{
"cve": "CVE-2025-37829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scpi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37829",
"url": "https://www.suse.com/security/cve/CVE-2025-37829"
},
{
"category": "external",
"summary": "SUSE Bug 1242875 for CVE-2025-37829",
"url": "https://bugzilla.suse.com/1242875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37829"
},
{
"cve": "CVE-2025-37830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scmi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.\n\nAdd NULL check after cpufreq_cpu_get_raw() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37830",
"url": "https://www.suse.com/security/cve/CVE-2025-37830"
},
{
"category": "external",
"summary": "SUSE Bug 1242860 for CVE-2025-37830",
"url": "https://bugzilla.suse.com/1242860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37830"
},
{
"cve": "CVE-2025-37831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. apple_soc_cpufreq_get_rate() does not check\nfor this case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37831",
"url": "https://www.suse.com/security/cve/CVE-2025-37831"
},
{
"category": "external",
"summary": "SUSE Bug 1242861 for CVE-2025-37831",
"url": "https://bugzilla.suse.com/1242861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37831"
},
{
"cve": "CVE-2025-37833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads\n\nFix niu_try_msix() to not cause a fatal trap on sparc systems.\n\nSet PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to\nwork around a bug in the hardware or firmware.\n\nFor each vector entry in the msix table, niu chips will cause a fatal\ntrap if any registers in that entry are read before that entries\u0027\nENTRY_DATA register is written to. Testing indicates writes to other\nregisters are not sufficient to prevent the fatal trap, however the value\ndoes not appear to matter. This only needs to happen once after power up,\nso simply rebooting into a kernel lacking this fix will NOT cause the\ntrap.\n\nNON-RESUMABLE ERROR: Reporting on cpu 64\nNON-RESUMABLE ERROR: TPC [0x00000000005f6900] \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\nNON-RESUMABLE ERROR: RAW [4010000000000016:00000e37f93e32ff:0000000202000080:ffffffffffffffff\nNON-RESUMABLE ERROR: 0000000800000000:0000000000000000:0000000000000000:0000000000000000]\nNON-RESUMABLE ERROR: handle [0x4010000000000016] stick [0x00000e37f93e32ff]\nNON-RESUMABLE ERROR: type [precise nonresumable]\nNON-RESUMABLE ERROR: attrs [0x02000080] \u003c ASI sp-faulted priv \u003e\nNON-RESUMABLE ERROR: raddr [0xffffffffffffffff]\nNON-RESUMABLE ERROR: insn effective address [0x000000c50020000c]\nNON-RESUMABLE ERROR: size [0x8]\nNON-RESUMABLE ERROR: asi [0x00]\nCPU: 64 UID: 0 PID: 745 Comm: kworker/64:1 Not tainted 6.11.5 #63\nWorkqueue: events work_for_cpu_fn\nTSTATE: 0000000011001602 TPC: 00000000005f6900 TNPC: 00000000005f6904 Y: 00000000 Not tainted\nTPC: \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\ng0: 00000000000002e9 g1: 000000000000000c g2: 000000c50020000c g3: 0000000000000100\ng4: ffff8000470307c0 g5: ffff800fec5be000 g6: ffff800047a08000 g7: 0000000000000000\no0: ffff800014feb000 o1: ffff800047a0b620 o2: 0000000000000011 o3: ffff800047a0b620\no4: 0000000000000080 o5: 0000000000000011 sp: ffff800047a0ad51 ret_pc: 00000000005f7128\nRPC: \u003c__pci_enable_msix_range+0x3cc/0x460\u003e\nl0: 000000000000000d l1: 000000000000c01f l2: ffff800014feb0a8 l3: 0000000000000020\nl4: 000000000000c000 l5: 0000000000000001 l6: 0000000020000000 l7: ffff800047a0b734\ni0: ffff800014feb000 i1: ffff800047a0b730 i2: 0000000000000001 i3: 000000000000000d\ni4: 0000000000000000 i5: 0000000000000000 i6: ffff800047a0ae81 i7: 00000000101888b0\nI7: \u003cniu_try_msix.constprop.0+0xc0/0x130 [niu]\u003e\nCall Trace:\n[\u003c00000000101888b0\u003e] niu_try_msix.constprop.0+0xc0/0x130 [niu]\n[\u003c000000001018f840\u003e] niu_get_invariants+0x183c/0x207c [niu]\n[\u003c00000000101902fc\u003e] niu_pci_init_one+0x27c/0x2fc [niu]\n[\u003c00000000005ef3e4\u003e] local_pci_probe+0x28/0x74\n[\u003c0000000000469240\u003e] work_for_cpu_fn+0x8/0x1c\n[\u003c000000000046b008\u003e] process_scheduled_works+0x144/0x210\n[\u003c000000000046b518\u003e] worker_thread+0x13c/0x1c0\n[\u003c00000000004710e0\u003e] kthread+0xb8/0xc8\n[\u003c00000000004060c8\u003e] ret_from_fork+0x1c/0x2c\n[\u003c0000000000000000\u003e] 0x0\nKernel panic - not syncing: Non-resumable error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37833",
"url": "https://www.suse.com/security/cve/CVE-2025-37833"
},
{
"category": "external",
"summary": "SUSE Bug 1242868 for CVE-2025-37833",
"url": "https://bugzilla.suse.com/1242868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37833"
},
{
"cve": "CVE-2025-37842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fsl-qspi: use devm function instead of driver remove\n\nDriver use devm APIs to manage clk/irq/resources and register the spi\ncontroller, but the legacy remove function will be called first during\ndevice detach and trigger kernel panic. Drop the remove function and use\ndevm_add_action_or_reset() for driver cleanup to ensure the release\nsequence.\n\nTrigger kernel panic on i.MX8MQ by\necho 30bb0000.spi \u003e/sys/bus/platform/drivers/fsl-quadspi/unbind",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37842",
"url": "https://www.suse.com/security/cve/CVE-2025-37842"
},
{
"category": "external",
"summary": "SUSE Bug 1242951 for CVE-2025-37842",
"url": "https://bugzilla.suse.com/1242951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37842"
},
{
"cve": "CVE-2025-37860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37860"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsfc: fix NULL dereferences in ef100_process_design_param()\n\nSince cited commit, ef100_probe_main() and hence also\n ef100_check_design_params() run before efx-\u003enet_dev is created;\n consequently, we cannot netif_set_tso_max_size() or _segs() at this\n point.\nMove those netif calls to ef100_probe_netdev(), and also replace\n netif_err within the design params code with pci_err.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37860",
"url": "https://www.suse.com/security/cve/CVE-2025-37860"
},
{
"category": "external",
"summary": "SUSE Bug 1241452 for CVE-2025-37860",
"url": "https://bugzilla.suse.com/1241452"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37860"
},
{
"cve": "CVE-2025-37870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: prevent hang on link training fail\n\n[Why]\nWhen link training fails, the phy clock will be disabled. However, in\nenable_streams, it is assumed that link training succeeded and the\nmux selects the phy clock, causing a hang when a register write is made.\n\n[How]\nWhen enable_stream is hit, check if link training failed. If it did, fall\nback to the ref clock to avoid a hang and keep the system in a recoverable\nstate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37870",
"url": "https://www.suse.com/security/cve/CVE-2025-37870"
},
{
"category": "external",
"summary": "SUSE Bug 1243056 for CVE-2025-37870",
"url": "https://bugzilla.suse.com/1243056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37870"
},
{
"cve": "CVE-2025-37879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37879"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/net: fix improper handling of bogus negative read/write replies\n\nIn p9_client_write() and p9_client_read_once(), if the server\nincorrectly replies with success but a negative write/read count then we\nwould consider written (negative) \u003c= rsize (positive) because both\nvariables were signed.\n\nMake variables unsigned to avoid this problem.\n\nThe reproducer linked below now fails with the following error instead\nof a null pointer deref:\n9pnet: bogus RWRITE count (4294967295 \u003e 3)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37879",
"url": "https://www.suse.com/security/cve/CVE-2025-37879"
},
{
"category": "external",
"summary": "SUSE Bug 1243077 for CVE-2025-37879",
"url": "https://bugzilla.suse.com/1243077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37879"
},
{
"cve": "CVE-2025-37886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: make wait_context part of q_info\n\nMake the wait_context a full part of the q_info struct rather\nthan a stack variable that goes away after pdsc_adminq_post()\nis done so that the context is still available after the wait\nloop has given up.\n\nThere was a case where a slow development firmware caused\nthe adminq request to time out, but then later the FW finally\nfinished the request and sent the interrupt. The handler tried\nto complete_all() the completion context that had been created\non the stack in pdsc_adminq_post() but no longer existed.\nThis caused bad pointer usage, kernel crashes, and much wailing\nand gnashing of teeth.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37886",
"url": "https://www.suse.com/security/cve/CVE-2025-37886"
},
{
"category": "external",
"summary": "SUSE Bug 1242944 for CVE-2025-37886",
"url": "https://bugzilla.suse.com/1242944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37886"
},
{
"cve": "CVE-2025-37887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result\n\nIf the FW doesn\u0027t support the PDS_CORE_CMD_FW_CONTROL command\nthe driver might at the least print garbage and at the worst\ncrash when the user runs the \"devlink dev info\" devlink command.\n\nThis happens because the stack variable fw_list is not 0\ninitialized which results in fw_list.num_fw_slots being a\ngarbage value from the stack. Then the driver tries to access\nfw_list.fw_names[i] with i \u003e= ARRAY_SIZE and runs off the end\nof the array.\n\nFix this by initializing the fw_list and by not failing\ncompletely if the devcmd fails because other useful information\nis printed via devlink dev info even if the devcmd fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37887",
"url": "https://www.suse.com/security/cve/CVE-2025-37887"
},
{
"category": "external",
"summary": "SUSE Bug 1242962 for CVE-2025-37887",
"url": "https://bugzilla.suse.com/1242962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37887"
},
{
"cve": "CVE-2025-37949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxenbus: Use kref to track req lifetime\n\nMarek reported seeing a NULL pointer fault in the xenbus_thread\ncallstack:\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: e030:__wake_up_common+0x4c/0x180\nCall Trace:\n \u003cTASK\u003e\n __wake_up_common_lock+0x82/0xd0\n process_msg+0x18e/0x2f0\n xenbus_thread+0x165/0x1c0\n\nprocess_msg+0x18e is req-\u003ecb(req). req-\u003ecb is set to xs_wake_up(), a\nthin wrapper around wake_up(), or xenbus_dev_queue_reply(). It seems\nlike it was xs_wake_up() in this case.\n\nIt seems like req may have woken up the xs_wait_for_reply(), which\nkfree()ed the req. When xenbus_thread resumes, it faults on the zero-ed\ndata.\n\nLinux Device Drivers 2nd edition states:\n\"Normally, a wake_up call can cause an immediate reschedule to happen,\nmeaning that other processes might run before wake_up returns.\"\n... which would match the behaviour observed.\n\nChange to keeping two krefs on each request. One for the caller, and\none for xenbus_thread. Each will kref_put() when finished, and the last\nwill free it.\n\nThis use of kref matches the description in\nDocumentation/core-api/kref.rst",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37949",
"url": "https://www.suse.com/security/cve/CVE-2025-37949"
},
{
"category": "external",
"summary": "SUSE Bug 1243541 for CVE-2025-37949",
"url": "https://bugzilla.suse.com/1243541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37949"
},
{
"cve": "CVE-2025-37957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception\n\nPreviously, commit ed129ec9057f (\"KVM: x86: forcibly leave nested mode\non vCPU reset\") addressed an issue where a triple fault occurring in\nnested mode could lead to use-after-free scenarios. However, the commit\ndid not handle the analogous situation for System Management Mode (SMM).\n\nThis omission results in triggering a WARN when KVM forces a vCPU INIT\nafter SHUTDOWN interception while the vCPU is in SMM. This situation was\nreprodused using Syzkaller by:\n\n 1) Creating a KVM VM and vCPU\n 2) Sending a KVM_SMI ioctl to explicitly enter SMM\n 3) Executing invalid instructions causing consecutive exceptions and\n eventually a triple fault\n\nThe issue manifests as follows:\n\n WARNING: CPU: 0 PID: 25506 at arch/x86/kvm/x86.c:12112\n kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Modules linked in:\n CPU: 0 PID: 25506 Comm: syz-executor.0 Not tainted\n 6.1.130-syzkaller-00157-g164fe5dde9b6 #0\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),\n BIOS 1.12.0-1 04/01/2014\n RIP: 0010:kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Call Trace:\n \u003cTASK\u003e\n shutdown_interception+0x66/0xb0 arch/x86/kvm/svm/svm.c:2136\n svm_invoke_exit_handler+0x110/0x530 arch/x86/kvm/svm/svm.c:3395\n svm_handle_exit+0x424/0x920 arch/x86/kvm/svm/svm.c:3457\n vcpu_enter_guest arch/x86/kvm/x86.c:10959 [inline]\n vcpu_run+0x2c43/0x5a90 arch/x86/kvm/x86.c:11062\n kvm_arch_vcpu_ioctl_run+0x50f/0x1cf0 arch/x86/kvm/x86.c:11283\n kvm_vcpu_ioctl+0x570/0xf00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4122\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nArchitecturally, INIT is blocked when the CPU is in SMM, hence KVM\u0027s WARN()\nin kvm_vcpu_reset() to guard against KVM bugs, e.g. to detect improper\nemulation of INIT. SHUTDOWN on SVM is a weird edge case where KVM needs to\ndo _something_ sane with the VMCB, since it\u0027s technically undefined, and\nINIT is the least awful choice given KVM\u0027s ABI.\n\nSo, double down on stuffing INIT on SHUTDOWN, and force the vCPU out of\nSMM to avoid any weirdness (and the WARN).\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.\n\n[sean: massage changelog, make it clear this isn\u0027t architectural behavior]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37957",
"url": "https://www.suse.com/security/cve/CVE-2025-37957"
},
{
"category": "external",
"summary": "SUSE Bug 1243513 for CVE-2025-37957",
"url": "https://bugzilla.suse.com/1243513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37957"
},
{
"cve": "CVE-2025-37958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: fix dereferencing invalid pmd migration entry\n\nWhen migrating a THP, concurrent access to the PMD migration entry during\na deferred split scan can lead to an invalid address access, as\nillustrated below. To prevent this invalid access, it is necessary to\ncheck the PMD migration entry and return early. In this context, there is\nno need to use pmd_to_swp_entry and pfn_swap_entry_to_page to verify the\nequality of the target folio. Since the PMD migration entry is locked, it\ncannot be served as the target.\n\nMailing list discussion and explanation from Hugh Dickins: \"An anon_vma\nlookup points to a location which may contain the folio of interest, but\nmight instead contain another folio: and weeding out those other folios is\nprecisely what the \"folio != pmd_folio((*pmd)\" check (and the \"risk of\nreplacing the wrong folio\" comment a few lines above it) is for.\"\n\nBUG: unable to handle page fault for address: ffffea60001db008\nCPU: 0 UID: 0 PID: 2199114 Comm: tee Not tainted 6.14.0+ #4 NONE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:split_huge_pmd_locked+0x3b5/0x2b60\nCall Trace:\n\u003cTASK\u003e\ntry_to_migrate_one+0x28c/0x3730\nrmap_walk_anon+0x4f6/0x770\nunmap_folio+0x196/0x1f0\nsplit_huge_page_to_list_to_order+0x9f6/0x1560\ndeferred_split_scan+0xac5/0x12a0\nshrinker_debugfs_scan_write+0x376/0x470\nfull_proxy_write+0x15c/0x220\nvfs_write+0x2fc/0xcb0\nksys_write+0x146/0x250\ndo_syscall_64+0x6a/0x120\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe bug is found by syzkaller on an internal kernel, then confirmed on\nupstream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37958",
"url": "https://www.suse.com/security/cve/CVE-2025-37958"
},
{
"category": "external",
"summary": "SUSE Bug 1243539 for CVE-2025-37958",
"url": "https://bugzilla.suse.com/1243539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37958"
},
{
"cve": "CVE-2025-37960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemblock: Accept allocated memory before use in memblock_double_array()\n\nWhen increasing the array size in memblock_double_array() and the slab\nis not yet available, a call to memblock_find_in_range() is used to\nreserve/allocate memory. However, the range returned may not have been\naccepted, which can result in a crash when booting an SNP guest:\n\n RIP: 0010:memcpy_orig+0x68/0x130\n Code: ...\n RSP: 0000:ffffffff9cc03ce8 EFLAGS: 00010006\n RAX: ff11001ff83e5000 RBX: 0000000000000000 RCX: fffffffffffff000\n RDX: 0000000000000bc0 RSI: ffffffff9dba8860 RDI: ff11001ff83e5c00\n RBP: 0000000000002000 R08: 0000000000000000 R09: 0000000000002000\n R10: 000000207fffe000 R11: 0000040000000000 R12: ffffffff9d06ef78\n R13: ff11001ff83e5000 R14: ffffffff9dba7c60 R15: 0000000000000c00\n memblock_double_array+0xff/0x310\n memblock_add_range+0x1fb/0x2f0\n memblock_reserve+0x4f/0xa0\n memblock_alloc_range_nid+0xac/0x130\n memblock_alloc_internal+0x53/0xc0\n memblock_alloc_try_nid+0x3d/0xa0\n swiotlb_init_remap+0x149/0x2f0\n mem_init+0xb/0xb0\n mm_core_init+0x8f/0x350\n start_kernel+0x17e/0x5d0\n x86_64_start_reservations+0x14/0x30\n x86_64_start_kernel+0x92/0xa0\n secondary_startup_64_no_verify+0x194/0x19b\n\nMitigate this by calling accept_memory() on the memory range returned\nbefore the slab is available.\n\nPrior to v6.12, the accept_memory() interface used a \u0027start\u0027 and \u0027end\u0027\nparameter instead of \u0027start\u0027 and \u0027size\u0027, therefore the accept_memory()\ncall must be adjusted to specify \u0027start + size\u0027 for \u0027end\u0027 when applying\nto kernels prior to v6.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37960",
"url": "https://www.suse.com/security/cve/CVE-2025-37960"
},
{
"category": "external",
"summary": "SUSE Bug 1243519 for CVE-2025-37960",
"url": "https://bugzilla.suse.com/1243519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37960"
},
{
"cve": "CVE-2025-37974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix missing check for zpci_create_device() error return\n\nThe zpci_create_device() function returns an error pointer that needs to\nbe checked before dereferencing it as a struct zpci_dev pointer. Add the\nmissing check in __clp_add() where it was missed when adding the\nscan_list in the fixed commit. Simply not adding the device to the scan\nlist results in the previous behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37974",
"url": "https://www.suse.com/security/cve/CVE-2025-37974"
},
{
"category": "external",
"summary": "SUSE Bug 1243547 for CVE-2025-37974",
"url": "https://bugzilla.suse.com/1243547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-37974"
},
{
"cve": "CVE-2025-38152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Clear table_sz when rproc_shutdown\n\nThere is case as below could trigger kernel dump:\nUse U-Boot to start remote processor(rproc) with resource table\npublished to a fixed address by rproc. After Kernel boots up,\nstop the rproc, load a new firmware which doesn\u0027t have resource table\n,and start rproc.\n\nWhen starting rproc with a firmware not have resource table,\n`memcpy(loaded_table, rproc-\u003ecached_table, rproc-\u003etable_sz)` will\ntrigger dump, because rproc-\u003ecache_table is set to NULL during the last\nstop operation, but rproc-\u003etable_sz is still valid.\n\nThis issue is found on i.MX8MP and i.MX9.\n\nDump as below:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af63000\n[0000000000000000] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in:\nCPU: 2 UID: 0 PID: 1060 Comm: sh Not tainted 6.14.0-rc7-next-20250317-dirty #38\nHardware name: NXP i.MX8MPlus EVK board (DT)\npstate: a0000005 (NzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __pi_memcpy_generic+0x110/0x22c\nlr : rproc_start+0x88/0x1e0\nCall trace:\n __pi_memcpy_generic+0x110/0x22c (P)\n rproc_boot+0x198/0x57c\n state_store+0x40/0x104\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x7c/0x94\n kernfs_fop_write_iter+0x120/0x1cc\n vfs_write+0x240/0x378\n ksys_write+0x70/0x108\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xcc\n el0t_64_sync_handler+0x10c/0x138\n el0t_64_sync+0x198/0x19c\n\nClear rproc-\u003etable_sz to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38152",
"url": "https://www.suse.com/security/cve/CVE-2025-38152"
},
{
"category": "external",
"summary": "SUSE Bug 1241627 for CVE-2025-38152",
"url": "https://bugzilla.suse.com/1241627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-38152"
},
{
"cve": "CVE-2025-38637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: skbprio: Remove overly strict queue assertions\n\nIn the current implementation, skbprio enqueue/dequeue contains an assertion\nthat fails under certain conditions when SKBPRIO is used as a child qdisc under\nTBF with specific parameters. The failure occurs because TBF sometimes peeks at\npackets in the child qdisc without actually dequeuing them when tokens are\nunavailable.\n\nThis peek operation creates a discrepancy between the parent and child qdisc\nqueue length counters. When TBF later receives a high-priority packet,\nSKBPRIO\u0027s queue length may show a different value than what\u0027s reflected in its\ninternal priority queue tracking, triggering the assertion.\n\nThe fix removes this overly strict assertions in SKBPRIO, they are not\nnecessary at all.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38637",
"url": "https://www.suse.com/security/cve/CVE-2025-38637"
},
{
"category": "external",
"summary": "SUSE Bug 1241657 for CVE-2025-38637",
"url": "https://bugzilla.suse.com/1241657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-38637"
},
{
"cve": "CVE-2025-39728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39728"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: samsung: Fix UBSAN panic in samsung_clk_init()\n\nWith UBSAN_ARRAY_BOUNDS=y, I\u0027m hitting the below panic due to\ndereferencing `ctx-\u003eclk_data.hws` before setting\n`ctx-\u003eclk_data.num = nr_clks`. Move that up to fix the crash.\n\n UBSAN: array index out of bounds: 00000000f2005512 [#1] PREEMPT SMP\n \u003csnip\u003e\n Call trace:\n samsung_clk_init+0x110/0x124 (P)\n samsung_clk_init+0x48/0x124 (L)\n samsung_cmu_register_one+0x3c/0xa0\n exynos_arm64_register_cmu+0x54/0x64\n __gs101_cmu_top_of_clk_init_declare+0x28/0x60\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39728",
"url": "https://www.suse.com/security/cve/CVE-2025-39728"
},
{
"category": "external",
"summary": "SUSE Bug 1241626 for CVE-2025-39728",
"url": "https://bugzilla.suse.com/1241626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-39728"
},
{
"cve": "CVE-2025-40325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: wait barrier before returning discard request with REQ_NOWAIT\n\nraid10_handle_discard should wait barrier before returning a discard bio\nwhich has REQ_NOWAIT. And there is no need to print warning calltrace\nif a discard bio has REQ_NOWAIT flag. Quality engineer usually checks\ndmesg and reports error if dmesg has warning/error calltrace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40325",
"url": "https://www.suse.com/security/cve/CVE-2025-40325"
},
{
"category": "external",
"summary": "SUSE Bug 1241638 for CVE-2025-40325",
"url": "https://bugzilla.suse.com/1241638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_3-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.3.1.150700.17.2.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T13:54:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-40325"
}
]
}
suse-su-2025:01967-1
Vulnerability from csaf_suse
Published
2025-06-16 14:56
Modified
2025-06-16 14:56
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).
- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).
- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).
- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).
- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).
- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).
- CVE-2024-49570: drm/xe/tracing: Fix a potential TP_printk UAF (bsc#1238782).
- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).
- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).
- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).
- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074).
- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).
- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).
- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56638: kABI fix for 'netfilter: nft_inner: incorrect percpu area handling under softirq' (bsc#1235524).
- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).
- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).
- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).
- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).
- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).
- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).
- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).
- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).
- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).
- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).
- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).
- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).
- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).
- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).
- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).
- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).
- CVE-2024-58074: drm/i915: Grab intel_display from the encoder to avoid potential (bsc#1238972).
- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).
- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).
- CVE-2024-58091: drm/fbdev-dma: Add shadow buffering for deferred I/O (bsc#1240174).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).
- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).
- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).
- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).
- CVE-2025-21717: net/mlx5e: add missing cpu_to_node to kvzalloc_node in mlx5e_open_xdpredirect_sq (bsc#1238866).
- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).
- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).
- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).
- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).
- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).
- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).
- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).
- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).
- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).
- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).
- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).
- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).
- CVE-2025-21800: net/mlx5: HWS, fix definer's HWS_SET32 macro for negative offset (bsc#1238743).
- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).
- CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742).
- CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108).
- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).
- CVE-2025-21837: io_uring/uring_cmd: unconditionally copy SQEs at prep time (bsc#1239064).
- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).
- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).
- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).
- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).
- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).
- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).
- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).
- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).
- CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181).
- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).
- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).
- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).
- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).
- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).
- CVE-2025-21882: net/mlx5: Fix vport QoS cleanup on error (bsc#1240187).
- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).
- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).
- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).
- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).
- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).
- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).
- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).
- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).
- CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576).
- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).
- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).
- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).
- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error (bsc#1240720).
- CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713).
- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).
- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).
- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level > 2 (bsc#1240742).
- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).
- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).
- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).
- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).
- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).
- CVE-2025-21969: kABI workaround for l2cap_conn changes (bsc#1240784).
- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).
- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).
- CVE-2025-21973: eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx} (bsc#1240803).
- CVE-2025-21974: eth: bnxt: return fail if interface is down in bnxt_queue_mem_alloc() (bsc#1240800).
- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).
- CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809).
- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).
- CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811).
- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).
- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).
- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).
- CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944).
- CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934).
- CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936).
- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22029: exec: fix the racy usage of fs_struct->in_exec (bsc#1241378).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426).
- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).
- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).
- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).
- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416).
- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).
- CVE-2025-22094: powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu' (bsc#1241512).
- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).
- CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548).
- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).
- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578).
- CVE-2025-22117: ice: fix using untrusted value of pkt_len in ice_vc_fdir_parse_raw() (bsc#1241633).
- CVE-2025-22118: ice: validate queue quanta parameters to prevent OOB access (bsc#1241562).
- CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593).
- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).
- CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451).
- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23154: io_uring/net: fix io_req_post_cqe abuse by send bundle (bsc#1242533).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37747: kABI workaround for perf-Fix-hang-while-freeing-sigtrap-event (References: bsc#1242520).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37798: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414).
- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
- CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626).
The following non-security bugs were fixed:
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).
- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).
- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable-fixes).
- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes).
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).
- ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes).
- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).
- ALSA: hda/realtek: Bass speaker fixup for ASUS UM5606KA (stable-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP OMEN 16 Laptop xd000xx (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git-fixes).
- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).
- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).
- ALSA: hda/realtek: fix micmute LEDs on HP Laptops with ALC3315 (stable-fixes).
- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).
- ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes).
- ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes).
- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: timer: Do not take register_mutex with copy_from/to_user() (git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).
- ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044).
- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).
- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).
- ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes).
- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).
- ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes).
- ASoC: Intel: sof_sdw: Fix unlikely uninitialized variable use in create_sdw_dailinks() (git-fixes).
- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).
- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
- ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable-fixes).
- ASoC: Use of_property_read_bool() (stable-fixes).
- ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes).
- ASoC: amd: acp: Fix for enabling DMIC on acp platforms via _DSD entry (git-fixes).
- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).
- ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes).
- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).
- ASoC: codecs: rt5665: Fix some error handling paths in rt5665_probe() (git-fixes).
- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes).
- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).
- ASoC: cs42l43: Fix maximum ADC Volume (git-fixes).
- ASoC: cs42l43: Reset clamp override on jack removal (git-fixes).
- ASoC: dwc: always enable/disable i2s irqs (git-fixes).
- ASoC: fsl: fsl_qmc_audio: Reset audio data pointers on TRIGGER_START event (git-fixes).
- ASoC: fsl_audmix: register card device depends on 'dais' property (stable-fixes).
- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).
- ASoC: ops: Consistently treat platform_max as control value (git-fixes).
- ASoC: q6apm-dai: make use of q6apm_get_hw_pointer (git-fixes).
- ASoC: q6apm-dai: schedule all available frames to avoid dsp under-runs (git-fixes).
- ASoC: q6apm: add q6apm_get_hw_pointer helper (git-fixes).
- ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes).
- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes).
- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes).
- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git-fixes).
- ASoC: rt722-sdca: add missing readable registers (git-fixes).
- ASoC: simple-card-utils.c: add missing dlc->of_node (stable-fixes).
- ASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction (git-fixes).
- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).
- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).
- ASoC: tas2764: Fix power control mask (stable-fixes).
- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).
- ASoC: tas2770: Fix volume scale (stable-fixes).
- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).
- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).
- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).
- Bluetooth: L2CAP: Fix corrupted list in hci_chan_del (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
- Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd (stable-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).
- Bluetooth: btintel_pcie: Add additional to checks to clear TX/RX paths (git-fixes).
- Bluetooth: btnxpuart: Fix kernel panic during FW release (git-fixes).
- Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes).
- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).
- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).
- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes).
- Bluetooth: hci_uart: Fix another race during initialization (git-fixes).
- Bluetooth: hci_uart: fix race during initialization (stable-fixes).
- Bluetooth: l2cap: Check encryption key size on incoming connection (git-fixes).
- Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes).
- Bluetooth: qca: simplify WCN399x NVM loading (stable-fixes).
- Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes).
- APEI: Delete patches.suse/APEI-GHES-Have-GHES-honor-the-panic-setting.patch (bsc#1239615)
- Documentation: qat: fix auto_reset attribute details (git-fixes).
- Documentation: qat: fix auto_reset section (git-fixes).
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).
- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).
- pci: Drop PCI patch that caused a regression (bsc#1241123).
- EDAC/i10nm: Add Intel Clearwater Forest server support (jsc#PED-10190).
- Fix mismerge from SLE15-SP6 to SLE15-SP7 (bsc#1241591).
- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- HID: Enable playstation driver independently of sony driver (git-fixes).
- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).
- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).
- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).
- HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable-fixes).
- HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes).
- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).
- HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove() (git-fixes).
- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).
- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).
- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- IB/mad: Check available slots before posting receive WRs (git-fixes)
- Input: ads7846 - fix gpiod allocation (git-fixes).
- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).
- Input: cyttsp5 - fix power control issue on wakeup (git-fixes).
- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).
- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).
- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).
- Input: iqs7222 - preserve system status register (git-fixes).
- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).
- Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git-fixes).
- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
- Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes).
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).
- Input: xpad - add multiple supported devices (stable-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
- Input: xpad - add support for TECNO Pocket Go (stable-fixes).
- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).
- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
- Input: xpad - fix two controller table values (git-fixes).
- Input: xpad - rename QH controller to Legion Go S (stable-fixes).
- KVM: PPC: Book3S HV: Fix IRQ map warnings with XICS on pSeries KVM Guest (bsc#1242205 ltc#212592).
- KVM: PPC: Enable CAP_SPAPR_TCE_VFIO on pSeries KVM guests (jsc#PED-10539 git-fixes).
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- KVM: SVM: Do not change target vCPU state on AP Creation VMGEXIT error (git-fixes).
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
- KVM: SVM: Refuse to attempt VRMUN if an SEV-ES+ guest had an invalid VMSA (git-fixes).
- KVM: SVM: Save host DR masks on CPUs with DebugSwap (jsc#PED-348).
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
- KVM: arm64: Mark some header functions as inline (git-fixes).
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).
- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
- KVM: x86/mmu: Check and free obsolete roots in kvm_mmu_reload() (git-fixes).
- KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).
- KVM: x86: Check that the high 32bits are clear in kvm_arch_vcpu_ioctl_run() (git-fixes).
- KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
- KVM: x86: block KVM_CAP_SYNC_REGS if guest state is protected (git-fixes).
- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (git-fixes).
- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
- OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961)
- PCI/ACS: Fix 'pci=config_acs=' parameter (git-fixes).
- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).
- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git-fixes).
- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).
- PCI: Avoid reset when disabled via sysfs (git-fixes).
- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).
- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).
- PCI: Fix reference leak in pci_register_host_bridge() (git-fixes).
- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).
- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).
- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).
- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).
- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).
- PCI: brcmstb: Use internal register to change link capability (git-fixes).
- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).
- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).
- PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes).
- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).
- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes).
- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).
- PM: sleep: Adjust check before setting power.must_resume (git-fixes).
- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)
- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)
- RDMA/bnxt_re: Fix allocation of QP table (git-fixes)
- RDMA/bnxt_re: Fix budget handling of notification queue (git-fixes)
- RDMA/bnxt_re: Fix reporting maximum SRQs on P7 chips (git-fixes)
- RDMA/bnxt_re: Remove unusable nq variable (git-fixes)
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes)
- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)
- RDMA/core: Fix 'KASAN: slab-use-after-free Read in ib_register_device' problem (git-fixes)
- RDMA/core: Fix use-after-free when rename device name (git-fixes)
- RDMA/core: Silence oversized kvmalloc() warning (git-fixes)
- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)
- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)
- RDMA/hns: Fix invalid sq params not being blocked (git-fixes)
- RDMA/hns: Fix missing xa_destroy() (git-fixes)
- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)
- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)
- RDMA/hns: Fix wrong maximum DMA segment size (git-fixes)
- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- RDMA/mana_ib: Ensure variable err is initialized (git-fixes).
- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).
- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)
- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)
- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)
- RDMA/mlx5: Fix page_size variable overflow (git-fixes)
- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)
- RDMA/rxe: Fix 'trying to register non-static key in rxe_qp_do_cleanup' bug (git-fixes)
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)
- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes)
- RFC cgroup/cpuset-v1: Add deprecation messages to sched_relax_domain_level (jsc#PED-12405).
- kernel: Remove debug flavor (bsc#1243919).
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).
- USB: VLI disk crashes if LPM is used (stable-fixes).
- USB: gadget: core: create sysfs link between udc and gadget (git-fixes).
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).
- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).
- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).
- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).
- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).
- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).
- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).
- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).
- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).
- USB: wdm: add annotation (git-fixes).
- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes).
- USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes).
- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes).
- Update config. Enable HiSi accel VFIO PCI (jsc#PED-12622 bsc#1241095) - Update config files. CONFIG_HISI_ACC_VFIO_PCI=m - supported.conf: + drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci
- Update config. Enable HiSi accel VFIO PCI (jsc#PED-12622) - Update config files. CONFIG_HISI_ACC_VFIO_PCI=m - supported.conf: + drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci
- Update config. Enable SPI DW mmio driver (jsc#PED-12622 bsc#1241095) - CONFIG_SPI_DW_MMIO=m - supported.conf + drivers/spi/spi-dw + drivers/spi/spi-dw-mmio
- Update config. Enable SPI DW mmio driver (jsc#PED-12622) - CONFIG_SPI_DW_MMIO=m - supported.conf + drivers/spi/spi-dw + drivers/spi/spi-dw-mmio
- Update patches.suse/KVM-PPC-Enable-CAP_SPAPR_TCE_VFIO-on-pSeries-KVM-gue.patch (jsc#PED-10539 git-fixes bsc#1240419 ltc#212279).
- Update patches.suse/RDMA-core-Don-t-expose-hw_counters-outside-of-init-n.patch (git-fixes bsc#1239925).
- Update patches.suse/kABI-fix-for-RDMA-core-Don-t-expose-hw_counters-outs.patch (git-fixes bsc#1239925). Add bug reference.
- Update patches.suse/net-smc-Introduce-IPPROTO_SMC.patch (jsc#PED-10299 bsc#1241689).
- Update patches.suse/net-smc-do-not-leave-a-dangling-sk-pointer-in-__smc_create.patch (jsc#PED-10299 bsc#1241689).
- Update patches.suse/net-smc-expose-smc-proto-operations.patch (jsc#PED-10299 bsc#1241689).
- Update patches.suse/net-smc-fix-lacks-of-icsk_syn_mss-with-IPPROTO_SMC.patch (jsc#PED-10299 bsc#1241689).
- Update patches.suse/net-smc-prevent-UAF-in-inet_create.patch (jsc#PED-10299 bsc#1241689).
- Update patches.suse/net-smc-refactoring-initialization-of-smc-sock.patch (jsc#PED-10299 bsc#1241689).
- Update patches.suse/nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch (git-fixes bsc#1235149).
- Update patches.suse/nvme-re-read-ANA-log-page-after-ns-scan-completes.patch (git-fixes bsc#1235149).
- Update patches.suse/smc-Fix-lockdep-false-positive-for-IPPROTO_SMC.patch (bsc#1241689 jsc#PED-10299 bsc#1241689).
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- accel/ivpu: Fix PM related deadlocks in MS IOCTLs (git-fixes).
- accel/ivpu: Fix deadlock in ivpu_ms_cleanup() (git-fixes).
- accel/ivpu: Fix warning in ivpu_ipc_send_receive_internal() (git-fixes).
- accel/ivpu: Increase DMA address range (PED-12367).
- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).
- accel/qaic: Fix possible data corruption in BOs > 2G (git-fixes).
- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes).
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).
- affs: do not write overlarge OFS data block size fields (git-fixes).
- affs: generate OFS sequence numbers starting at 1 (git-fixes).
- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
- afs: Make it possible to find the volumes that are using a server (git-fixes).
- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes).
- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)
- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)
- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)
- arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes)
- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)
- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)
- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)
- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (bsc#1242778).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (bsc#1242778).
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)
- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)
- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)
- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)
- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)
- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)
- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)
- arm64: insn: Add support for encoding DSB (bsc#1242778).
- arm64: insn: Add support for encoding DSB (git-fixes)
- arm64: mm: Correct the update of max_pfn (git-fixes)
- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (bsc#1242778).
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- arm64: proton-pack: Expose whether the branchy loop k value (bsc#1242778).
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by firmware (bsc#1242778).
- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)
- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).
- asus-laptop: Fix an uninitialized variable (git-fixes).
- ata: ahci: Add mask_port_map module parameter (git-fixes).
- ata: libata-sata: Save all fields from sense data descriptor (git-fixes).
- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).
- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).
- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).
- ata: libata-scsi: Improve CDL control (git-fixes).
- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).
- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).
- ata: pata_parport: add custom version of wait_after_reset (git-fixes).
- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).
- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes).
- ata: pata_serverworks: Do not use the term blacklist (git-fixes).
- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).
- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).
- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes).
- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).
- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).
- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).
- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).
- badblocks: Fix error shitf ops (git-fixes).
- badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes).
- badblocks: fix missing bad blocks on retry in _badblocks_check() (git-fixes).
- badblocks: fix the using of MAX_BADBLOCKS (git-fixes).
- badblocks: return error directly when setting badblocks exceeds 512 (git-fixes).
- badblocks: return error if any badblock set fails (git-fixes).
- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).
- bitmap: Align documentation between bitmap_gather() and bitmap_scatter() (git-fixes).
- bitmap: introduce generic optimized bitmap_size() (git-fixes).
- blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes).
- block: change blk_mq_add_to_batch() third argument type to bool (git-fixes).
- block: fix 'kmem_cache of name 'bio-108' already exists' (git-fixes).
- block: fix conversion of GPT partition name to 7-bit (git-fixes).
- block: fix resource leak in blk_register_queue() error path (git-fixes).
- block: integrity: Do not call set_page_dirty_lock() (git-fixes).
- block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
- bnxt_en: Fix ethtool selftest output in one of the failure cases (git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
- bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes).
- bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes).
- bnxt_en: call pci_alloc_irq_vectors() after bnxt_reserve_rings() (git-fixes).
- bnxt_en: fix module unload sequence (git-fixes).
- bnxt_en: improve TX timestamping FIFO configuration (git-fixes).
- bonding: fix incorrect MAC address setting to receive NS messages (git-fixes).
- bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes).
- bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes).
- bpf: Check size for BTF-based ctx access of pointer members (git-fixes).
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).
- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes).
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- bpf: add find_containing_subprog() utility function (bsc#1241590).
- bpf: avoid holding freeze_mutex during mmap operation (git-fixes).
- bpf: check changes_pkt_data property for extension programs (bsc#1241590).
- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).
- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).
- bpf: fix potential error return (git-fixes).
- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).
- bpf: track changes_pkt_data property for global functions (bsc#1241590).
- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes).
- broadcom: fix supported flag check in periodic output function (git-fixes).
- btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204).
- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).
- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
- btrfs: check delayed refs when we're checking if a ref exists (bsc#1239605).
- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).
- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).
- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).
- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
- btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151).
- btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204).
- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
- btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204).
- btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204).
- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).
- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).
- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).
- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).
- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).
- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- can: bcm: add missing rcu read protection for procfs content (git-fixes).
- can: flexcan: disable transceiver during system PM (git-fixes).
- can: flexcan: only change CAN state when link up in system PM (git-fixes).
- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).
- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).
- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).
- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).
- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).
- can: slcan: allow reception of short error messages (git-fixes).
- can: ucan: fix out of bound read in strscpy() source (git-fixes).
- cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes).
- cgroup/blkio: Add deprecation messages to reset_stats (jsc#PED-12405).
- cgroup/cpuset-v1: Add deprecation messages to mem_exclusive and mem_hardwall (jsc#PED-12405).
- cgroup/cpuset-v1: Add deprecation messages to memory_migrate (jsc#PED-12405).
- cgroup/cpuset-v1: Add deprecation messages to memory_spread_page and memory_spread_slab (jsc#PED-12405).
- cgroup/cpuset-v1: Add deprecation messages to sched_load_balance and memory_pressure_enabled (jsc#PED-12405).
- cgroup/cpuset: Fix error handling in remote_partition_disable() (bsc#1241166).
- cgroup/cpuset: Fix incorrect isolated_cpus update in update_parent_effective_cpumask() (bsc#1241166).
- cgroup/cpuset: Fix spelling errors in file kernel/cgroup/cpuset.c (bsc#1241166).
- cgroup: Add deprecation message to legacy freezer controller (jsc#PED-12405).
- cgroup: Print message when /proc/cgroups is read on v2-only system (jsc#PED-12405).
- char: misc: register chrdev region with all possible minors (git-fixes).
- check-for-config-changes: Fix flag name typo
- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).
- cifs: reduce warning log level for server not advertising interfaces (git-fixes).
- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).
- config: Re-enable rbd (bsc#1239991)
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- counter: fix privdata alignment (git-fixes).
- counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes).
- counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes).
- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).
- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052)
- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052)
- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052) Keep the feature disabled by default on x86_64
- cpumask: add cpumask_weight_andnot() (bsc#1239015).
- cpumask: define cleanup function for cpumasks (bsc#1239015).
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes).
- crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes).
- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).
- crypto: ccp - Fix check for the primary ASP device (git-fixes).
- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).
- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).
- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).
- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).
- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).
- crypto: iaa - Change desc->priv to 0 (jsc#PED-12416).
- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).
- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove header table code (jsc#PED-12416).
- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).
- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).
- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).
- crypto: iaa - Test the correct request flag (git-fixes).
- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).
- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).
- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).
- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).
- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).
- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).
- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).
- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).
- crypto: qat - Fix spelling mistake 'Invalide' -> 'Invalid' (jsc#PED-12416).
- crypto: qat - Fix typo 'accelaration' (jsc#PED-12416).
- crypto: qat - Fix typo (jsc#PED-12416).
- crypto: qat - Remove trailing space after \n newline (jsc#PED-12416).
- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).
- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).
- crypto: qat - add auto reset on error (jsc#PED-12416).
- crypto: qat - add bank save and restore flows (jsc#PED-12416).
- crypto: qat - add fatal error notification (jsc#PED-12416).
- crypto: qat - add fatal error notify method (jsc#PED-12416).
- crypto: qat - add heartbeat error simulator (jsc#PED-12416).
- crypto: qat - add interface for live migration (jsc#PED-12416).
- crypto: qat - add shutdown handler to qat_420xx (bsc#1239934).
- crypto: qat - add shutdown handler to qat_4xxx (bsc#1239934).
- crypto: qat - add shutdown handler to qat_c3xxx (bsc#1239934).
- crypto: qat - add shutdown handler to qat_c62x (bsc#1239934).
- crypto: qat - add shutdown handler to qat_dh895xcc (bsc#1239934).
- crypto: qat - add support for 420xx devices (jsc#PED-12416).
- crypto: qat - add support for device telemetry (jsc#PED-12416). - Refresh patches.suse/crypto-qat-disable-IOV-in-adf_dev_stop.patch. - Refresh patches.suse/crypto-qat-remove-check-after-debugfs_create_dir.patch.
- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).
- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).
- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).
- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).
- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).
- crypto: qat - disable arbitration before reset (jsc#PED-12416).
- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).
- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).
- crypto: qat - fix 'Full Going True' macro definition (jsc#PED-12416).
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).
- crypto: qat - fix comment structure (jsc#PED-12416).
- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).
- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).
- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).
- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).
- crypto: qat - implement dh fallback for primes > 4K (jsc#PED-12416).
- crypto: qat - implement interface for live migration (jsc#PED-12416).
- crypto: qat - improve aer error reset handling (jsc#PED-12416).
- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).
- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).
- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).
- crypto: qat - limit heartbeat notifications (jsc#PED-12416).
- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).
- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).
- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).
- crypto: qat - move fw config related structures (jsc#PED-12416).
- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).
- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).
- crypto: qat - relocate CSR access code (jsc#PED-12416).
- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).
- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).
- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).
- crypto: qat - remove redundant prototypes in qat_c3xxx (bsc#1239934).
- crypto: qat - remove redundant prototypes in qat_c62x (bsc#1239934).
- crypto: qat - remove redundant prototypes in qat_dh895xcc (bsc#1239934).
- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).
- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).
- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).
- crypto: qat - set parity error mask for qat_420xx (git-fixes).
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).
- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).
- crypto: qat - validate slices count returned by FW (jsc#PED-12416).
- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).
- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git-fixes).
- cxl/core/regs.c: Skip Memory Space Enable check for RCD and RCH Ports (bsc#1242125).
- devlink: fix port new reply cmd type (git-fixes).
- dlm: prevent NPD when writing a positive value to event_done (git-fixes).
- dm array: fix cursor index when skipping across block boundaries (git-fixes).
- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).
- dm init: Handle minors larger than 255 (git-fixes).
- dm integrity: fix out-of-range warning (git-fixes).
- dm persistent data: fix memory allocation failure (git-fixes).
- dm resume: do not return EINVAL when signalled (git-fixes).
- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).
- dm thin: Add missing destroy_work_on_stack() (git-fixes).
- dm-bufio: do not schedule in atomic context (git-fixes).
- dm-crypt: do not update io->sector after kcryptd_crypt_write_io_submit() (git-fixes).
- dm-crypt: track tag_offset in convert_context (git-fixes).
- dm-delay: fix hung task introduced by kthread mode (git-fixes).
- dm-delay: fix max_delay calculations (git-fixes).
- dm-delay: fix workqueue delay_timer race (git-fixes).
- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).
- dm-ebs: fix prefetch-vs-suspend race (git-fixes).
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).
- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).
- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).
- dm-integrity: fix a warning on invalid table line (git-fixes).
- dm-integrity: set ti->error on memory allocation failure (git-fixes).
- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes). mwilck: some hand editing because d95e2c34a3ca ('dm verity: Fix IO priority lost when reading FEC and hash') is missing
- dm-verity: fix prefetch-vs-suspend race (git-fixes).
- dm: Fix typo in error message (git-fixes).
- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).
- dm: always update the array size in realloc_argv on success (git-fixes).
- dm: fix copying after src array boundaries (git-fixes).
- dma-buf/sw_sync: Decrement refcount on error in sw_sync_ioctl_get_deadline() (git-fixes).
- dma-buf: insert memory barrier before updating num_fences (git-fixes).
- dmaengine: Revert 'dmaengine: dmatest: Fix dmatest waiting less when interrupted' (git-fixes).
- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).
- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).
- docs: perf: Fix build warning of hisi-pcie-pmu.rst (bsc#1237704 bsc#1241095)
- docs: perf: Fix build warning of hisi-pcie-pmu.rst (bsc#1237704)
- docs: perf: Update usage for target filter of hisi-pcie-pmu (bsc#1237704 bsc#1241095)
- docs: perf: Update usage for target filter of hisi-pcie-pmu (bsc#1237704)
- docs: thermal: sync hardware protection doc with code (git-fixes).
- driver core: Remove needless return in void API device_remove_group() (git-fixes).
- drivers/perf: hisi_pcie: Add more events for counting TLP bandwidth (bsc#1237704 bsc#1241095)
- drivers/perf: hisi_pcie: Add more events for counting TLP bandwidth (bsc#1237704)
- drivers/perf: hisi_pcie: Check the target filter properly (bsc#1237704 bsc#1241095)
- drivers/perf: hisi_pcie: Check the target filter properly (bsc#1237704)
- drivers/perf: hisi_pcie: Fix incorrect counting under metric mode (bsc#1237704 bsc#1241095)
- drivers/perf: hisi_pcie: Fix incorrect counting under metric mode (bsc#1237704)
- drivers/perf: hisi_pcie: Introduce hisi_pcie_pmu_get_event_ctrl_val() (bsc#1237704 bsc#1241095)
- drivers/perf: hisi_pcie: Introduce hisi_pcie_pmu_get_event_ctrl_val() (bsc#1237704)
- drivers/perf: hisi_pcie: Merge find_related_event() and (bsc#1237704 bsc#1241095)
- drivers/perf: hisi_pcie: Merge find_related_event() and (bsc#1237704)
- drivers/perf: hisi_pcie: Relax the check on related events (bsc#1237704 bsc#1241095)
- drivers/perf: hisi_pcie: Relax the check on related events (bsc#1237704)
- drivers/perf: hisi_pcie: Rename hisi_pcie_pmu_{config,clear}_filter() (bsc#1237704 bsc#1241095)
- drivers/perf: hisi_pcie: Rename hisi_pcie_pmu_{config,clear}_filter() (bsc#1237704)
- drivers: base: devres: Allow to release group on device release (stable-fixes).
- drm/amd/amdkfd: Evict all queues even HWS remove queue failed (stable-fixes).
- drm/amd/display/dml2: use vzalloc rather than kzalloc (bsc#1241568).
- drm/amd/display: Actually do immediate vblank disable (git-fixes).
- drm/amd/display: Add HP Elitebook 645 to the quirk list for eDP on DP1 (stable-fixes).
- drm/amd/display: Add HP Probook 445 and 465 to the quirk list for eDP on DP1 (stable-fixes).
- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
- drm/amd/display: Copy AUX read reply data whenever length > 0 (git-fixes).
- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).
- drm/amd/display: Do not enable Replay and PSR while VRR is on in amdgpu_dm_commit_planes() (git-fixes).
- drm/amd/display: Do not write DP_MSTM_CTRL after LT (stable-fixes).
- drm/amd/display: Enable urgent latency adjustment on DCN35 (stable-fixes).
- drm/amd/display: Exit idle optimizations before accessing PHY (git-fixes).
- drm/amd/display: Fix gpu reset in multidisplay config (git-fixes).
- drm/amd/display: Fix invalid context error in dml helper (git-fixes).
- drm/amd/display: Fix message for support_edp0_on_dp1 (git-fixes).
- drm/amd/display: Fix out-of-bound accesses (stable-fixes).
- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).
- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).
- drm/amd/display: Force full update in gpu reset (stable-fixes).
- drm/amd/display: Increase vblank offdelay for PSR panels (git-fixes).
- drm/amd/display: Protect FPU in dml21_copy() (git-fixes).
- drm/amd/display: Protect FPU in dml2_init()/dml21_init() (git-fixes).
- drm/amd/display: Protect FPU in dml2_validate()/dml21_validate() (git-fixes).
- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).
- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).
- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).
- drm/amd/display: Temporarily disable hostvm on DCN31 (stable-fixes).
- drm/amd/display: Update Cursor request mode to the beginning prefetch always (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).
- drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes).
- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).
- drm/amd/display: fix an indent issue in DML21 (git-fixes).
- drm/amd/display: fix default brightness (git-fixes).
- drm/amd/display: fix missing .is_two_pixels_per_container (git-fixes).
- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
- drm/amd/display: prevent hang on link training fail (stable-fixes).
- drm/amd/display: stop DML2 from removing pipes based on planes (stable-fixes).
- drm/amd/pm/smu11: Prevent division by zero (git-fixes).
- drm/amd/pm: Prevent division by zero (git-fixes).
- drm/amd/pm: add unique_id for gfx12 (stable-fixes).
- drm/amd/pm: always allow ih interrupt from fw (stable-fixes).
- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
- drm/amd: Handle being compiled without SI or CIK support better (stable-fixes).
- drm/amd: Keep display off while going into S4 (stable-fixes).
- drm/amdgpu/display: Allow DCC for video formats on GFX12 (stable-fixes).
- drm/amdgpu/dma_buf: fix page_link check (git-fixes).
- drm/amdgpu/gfx11: fix num_mec (git-fixes).
- drm/amdgpu/gfx12: correct cleanup of 'me' field with gfx_v12_0_me_fini() (git-fixes).
- drm/amdgpu/gfx12: fix num_mec (git-fixes).
- drm/amdgpu/hdp4: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu/hdp5: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu/hdp6: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu/hdp7: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu/mes11: optimize MES pipe FW version fetching (git-fixes).
- drm/amdgpu/mes12: optimize MES pipe FW version fetching (git-fixes).
- drm/amdgpu/pm: Handle SCLK offset correctly in overdrive for smu 14.0.2 (stable-fixes).
- drm/amdgpu/pm: wire up hwmon fan speed for smu 14.0.2 (stable-fixes).
- drm/amdgpu/umsch: declare umsch firmware (git-fixes).
- drm/amdgpu/umsch: fix ucode check (git-fixes).
- drm/amdgpu/vcn: using separate VCN1_AON_SOC offset (stable-fixes).
- drm/amdgpu: Add back JPEG to video caps for carrizo and newer (git-fixes).
- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).
- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).
- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).
- drm/amdgpu: Fix offset for HDP remap in nbio v7.11 (stable-fixes).
- drm/amdgpu: Increase KIQ invalidate_tlbs timeout (stable-fixes).
- drm/amdgpu: NULL-check BO's backing store when determining GFX12 PTE flags (git-fixes).
- drm/amdgpu: Prefer shadow rom when available (git-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: Remove JPEG from vega and carrizo video caps (stable-fixes).
- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).
- drm/amdgpu: Restore uncached behaviour on GFX12 (stable-fixes).
- drm/amdgpu: Unlocked unmap only clear page table leaves (stable-fixes).
- drm/amdgpu: Use the right function for hdp flush (stable-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- drm/amdgpu: fix warning of drm_mm_clean (git-fixes).
- drm/amdgpu: grab an additional reference on the gang fence v2 (stable-fixes).
- drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes).
- drm/amdgpu: immediately use GTT for new allocations (git-fixes).
- drm/amdgpu: refine smu send msg debug log format (git-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
- drm/amdgpu: use a dummy owner for sysfs triggered cleaner shaders v4 (stable-fixes).
- drm/amdkfd: Fix Circular Locking Dependency in 'svm_range_cpu_invalidate_pagetables' (git-fixes).
- drm/amdkfd: Fix mode1 reset crash issue (stable-fixes).
- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes).
- drm/amdkfd: Fix user queue validation on Gfx7/8 (git-fixes).
- drm/amdkfd: clamp queue size to minimum (stable-fixes).
- drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes).
- drm/ast: Fix ast_dp connection status (git-fixes).
- drm/atomic: Filter out redundant DPMS calls (stable-fixes).
- drm/bridge: Fix spelling mistake 'gettin' -> 'getting' (git-fixes).
- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).
- drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes).
- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).
- drm/debugfs: fix printk format for bridge index (stable-fixes).
- drm/dp_mst: Add a helper to queue a topology probe (stable-fixes).
- drm/dp_mst: Factor out function to queue a topology probe work (stable-fixes).
- drm/dp_mst: Fix drm RAD print (git-fixes).
- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
- drm/fdinfo: Protect against driver unbind (git-fixes).
- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).
- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).
- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).
- drm/i915/color: Extract intel_color_modeset() (stable-fixes).
- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).
- drm/i915/dg2: wait for HuC load completion before running selftests (stable-fixes).
- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro (git-fixes).
- drm/i915/dsi: convert to struct intel_display (stable-fixes).
- drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes).
- drm/i915/huc: Fix fence not released on early probe errors (git-fixes).
- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' (git-fixes).
- drm/i915/vrr: Add vrr.vsync_{start, end} in vrr_params_changed (git-fixes).
- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).
- drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes).
- drm/i915: Disable RPG during live selftest (git-fixes).
- drm/i915: Increase I915_PARAM_MMAP_GTT_VERSION version to indicate support for partial mmaps (git-fixes).
- drm/i915: Plumb 'dsb' all way to the plane hooks (stable-fixes).
- drm/imagination: fix firmware memory leaks (git-fixes).
- drm/imagination: take paired job reference (git-fixes).
- drm/mediatek: Fix config_updating flag never false when no mbox channel (git-fixes).
- drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr (git-fixes).
- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).
- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable-fixes).
- drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable-fixes).
- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).
- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).
- drm/mgag200: Fix value in <VBLKSTR> register (git-fixes).
- drm/mipi-dbi: Fix blanking for non-16 bit formats (git-fixes).
- drm/msm/a6xx+: Do not let IB_SIZE overflow (git-fixes).
- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).
- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).
- drm/msm/dpu: do not set crtc_state->mode_changed from atomic_check() (git-fixes).
- drm/msm/dpu: do not use active in atomic_check() (git-fixes).
- drm/msm/dsi/phy: Program clock inverters in correct register (git-fixes).
- drm/msm/dsi: Add check for devm_kstrdup() (git-fixes).
- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).
- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).
- drm/nouveau: Do not override forced connector status (stable-fixes).
- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).
- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).
- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).
- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).
- drm/panic: fix overindented list items in documentation (git-fixes).
- drm/panic: use `div_ceil` to clean Clippy warning (git-fixes).
- drm/panthor: Update CS_STATUS_ defines to correct values (git-fixes).
- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).
- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).
- drm/repaper: fix integer overflows in repeat functions (git-fixes).
- drm/sched: Fix fence reference count leak (git-fixes).
- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).
- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).
- drm/ssd130x: fix ssd132x encoding (git-fixes).
- drm/sti: remove duplicate object names (git-fixes).
- drm/tests: Add helper to create mock crtc (stable-fixes).
- drm/tests: Add helper to create mock plane (stable-fixes).
- drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git-fixes).
- drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: hdmi: Remove redundant assignments (stable-fixes).
- drm/tests: helpers: Add atomic helpers (stable-fixes).
- drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable-fixes).
- drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes).
- drm/tests: helpers: Fix compiler warning (git-fixes).
- drm/tests: modes: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: modeset: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: shmem: Fix memleak (git-fixes).
- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).
- drm/vkms: Fix use after free and double free on init error (git-fixes).
- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).
- drm/vmwgfx: Use VMware hypercall API (jsc#PED-11518).
- drm/xe/dma_buf: stop relying on placement in unmap (git-fixes).
- drm/xe/hw_engine: define sysfs_ops on all directories (git-fixes).
- drm/xe/pm: Temporarily disable D3Cold on BMG (git-fixes).
- drm/xe/tests/mocs: Hold XE_FORCEWAKE_ALL for LNCF regs (git-fixes).
- drm/xe/tests/mocs: Update xe_force_wake_get() return handling (stable-fixes).
- drm/xe/userptr: Fix an incorrect assert (git-fixes).
- drm/xe/userptr: fix notifier vs folio deadlock (git-fixes).
- drm/xe/vf: Do not try to trigger a full GT reset if VF (stable-fixes).
- drm/xe/xe3lpg: Apply Wa_14022293748, Wa_22019794406 (stable-fixes).
- drm/xe/xelp: Move Wa_16011163337 from tunings to workarounds (stable-fixes).
- drm/xe: Add page queue multiplier (git-fixes).
- drm/xe: Fix GT 'for each engine' workarounds (stable-fixes).
- drm/xe: Fix an out-of-bounds shift when invalidating TLB (git-fixes).
- drm/xe: Fix exporting xe buffers multiple times (git-fixes).
- drm/xe: Release guc ids before cancelling work (git-fixes).
- drm/xe: Remove double pageflip (git-fixes).
- drm/xe: Save CTX_TIMESTAMP mmio value instead of LRC value (git-fixes).
- drm/xe: Set LRC addresses before guc load (git-fixes).
- drm/xe: Use local fence in error path of xe_migrate_clear (git-fixes).
- drm/xe: remove redundant check in xe_vm_create_ioctl() (git-fixes).
- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).
- drm: allow encoder mode_set even when connectors change for crtc (stable-fixes).
- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes).
- drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes).
- drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes).
- drm: panel: jd9365da: fix reset signal polarity in unprepare (git-fixes).
- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).
- dummycon: fix default rows/cols (git-fixes).
- e1000e: change k1 configuration on MTP and later platforms (git-fixes).
- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).
- enable IMA (bsc#1240617)
- eth: bnxt: do not use BNXT_VNIC_NTUPLE unconditionally in queue restart logic (git-fixes).
- eth: bnxt: fix memory leak in queue reset (git-fixes).
- eth: bnxt: fix missing ring index trim on error path (git-fixes).
- eth: bnxt: fix out-of-range access of vnic_info array (git-fixes).
- ethtool: Fix context creation with no parameters (git-fixes).
- ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes).
- ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git-fixes).
- ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll() (git-fixes).
- ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes).
- ethtool: fix setting key and resetting indir at once (git-fixes).
- ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes).
- ethtool: netlink: do not return SQI value if link is down (git-fixes).
- ethtool: ntuple: fix rss + ring_cookie check (git-fixes).
- ethtool: plca: fix plca enable data type while parsing the value (git-fixes).
- ethtool: rss: echo the context number back (git-fixes).
- ethtool: rss: fix hiding unsupported fields in dumps (git-fixes).
- exfat: do not fallback to buffered write (git-fixes).
- exfat: drop ->i_size_ondisk (git-fixes).
- exfat: fix potential wrong error return from get_block (git-fixes).
- exfat: fix soft lockup in exfat_clear_bitmap (git-fixes).
- exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes).
- exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes).
- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).
- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).
- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).
- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).
- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).
- ext4: goto right label 'out_mmap_sem' in ext4_setattr() (bsc#1242556).
- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).
- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).
- ext4: protect ext4_release_dquot against freezing (bsc#1242335).
- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536). Refresh patches.suse/ext4-move-setting-of-trimmed-bit-into-ext4_try_to_tr.patch Refresh patches.suse/ext4-fix-inconsistent-between-segment-fstrim-and-ful.patch
- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).
- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538). Refresh: patches.suse/ext4-avoid-online-resizing-failures-due-to-oversized.patch
- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).
- fbdev: omapfb: Add 'plane' value check (stable-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).
- fbdev: sm501fb: Add some geometry checks (git-fixes).
- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).
- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).
- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).
- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).
- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (git-fixes).
- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).
- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).
- fs/jfs: Prevent integer overflow in AG size calculation (git-fixes).
- fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes).
- fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250).
- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528). Refresh patches.suse/dcache-keep-dentry_hashtable-or-d_hash_shift-even-when-not.patch
- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).
- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).
- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).
- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).
- gpio: tegra186: fix resource handling in ACPI probe path (git-fixes).
- gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes).
- gpu: cdns-mhdp8546: fix call balance of mhdp->clk handling routines (git-fixes).
- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).
- gve: handle overflow when reporting TX consumed descriptors (git-fixes).
- gve: set xdp redirect target only when it is available (git-fixes).
- gve: unlink old napi only if page pool exists (git-fixes).
- gve: unlink old napi when stopping a queue using queue API (git-fixes).
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable-fixes).
- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).
- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).
- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).
- i2c: atr: Fix wrong include (git-fixes).
- i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes).
- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).
- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).
- i2c: omap: fix IRQ storms (git-fixes).
- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).
- i3c: master: svc: Fix missing the IBI rules (git-fixes).
- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).
- ice: Add check for devm_kzalloc() (git-fixes).
- ice: Avoid setting default Rx VSI twice in switchdev setup (git-fixes).
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).
- ice: Fix switchdev slow-path in LAG (git-fixes).
- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).
- ice: do not configure destination override for switchdev (git-fixes).
- ice: ensure periodic output start time is in the future (git-fixes).
- ice: fix ice_parser_rt::bst_key array size (git-fixes).
- ice: fix input validation for virtchnl BW (git-fixes).
- ice: fix reservation of resources for RDMA when disabled (git-fixes).
- ice: remove invalid parameter of equalizer (git-fixes).
- ice: stop truncating queue ids when checking (git-fixes).
- idpf: Acquire the lock before accessing the xn->salt (git-fixes).
- idpf: check error for register_netdev() on init (git-fixes).
- idpf: fix adapter NULL pointer dereference on reboot (git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure (git-fixes).
- idpf: fix transaction timeouts on reset (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- idpf: record rx queue in skb for RSC packets (git-fixes).
- igb: reject invalid external timestamp requests for 82580-based HW (git-fixes).
- igc: add lock preventing multiple simultaneous PTM transactions (git-fixes).
- igc: cleanup PTP module if probe fails (git-fixes).
- igc: fix PTM cycle trigger logic (git-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes).
- igc: increase wait time before retrying PTM (git-fixes).
- igc: move ktime snapshot into PTM retry loop (git-fixes).
- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).
- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).
- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).
- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).
- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).
- iio: adc: ad7606: fix serial register access (git-fixes).
- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).
- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).
- iio: adis16201: Correct inclinometer channel resolution (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).
- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).
- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).
- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).
- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).
- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
- init: add initramfs_internal.h (bsc#1232848).
- initramfs: allocate heap buffers together (bsc#1232848).
- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).
- input/vmmouse: Use VMware hypercall API (jsc#PED-11518).
- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).
- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).
- intel_th: pci: Add Arrow Lake support (stable-fixes).
- intel_th: pci: Add Panther Lake-H support (stable-fixes).
- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).
- io_uring/sqpoll: Increase task_work submission batch size (bsc#1238585).
- ioam6: improve checks on user data (git-fixes).
- iommu/arm-smmu-v3: Fix pgsize_bit for sva domains (bsc#1243341)
- iommu/vt-d: Assign owner to the static identity domain (bsc#1241193).
- iommu/vt-d: Fix suspicious RCU usage (git-fixes).
- iommu/vt-d: Remove device comparison in context_setup_pass_through_cb (git-fixes).
- iommu: Allow attaching static domains in iommu_attach_device_pasid() (bsc#1241193).
- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- ipv4: Fix incorrect source address in Record Route option (git-fixes).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr (git-fixes).
- ipv4: fix source address selection with route leak (git-fixes).
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes).
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).
- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- ipv6: Align behavior across nexthops during path selection (git-fixes).
- ipv6: Do not consider link down nexthops in path selection (git-fixes).
- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).
- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).
- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).
- ipv6: Start path selection from the first nexthop (git-fixes).
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).
- ipv6: avoid atomic fragment on GSO packets (git-fixes).
- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).
- ipv6: fib: hide unused 'pn' variable (git-fixes).
- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).
- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).
- ipv6: fix potential NULL deref in fib6_add() (git-fixes).
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- ipv6: introduce dst_rt6_info() helper (git-fixes).
- ipv6: ioam: block BH from ioam6_output() (git-fixes).
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).
- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- ipv6: sr: add missing seg6_local_exit (git-fixes).
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).
- ipv6: take care of scope when choosing the src addr (git-fixes).
- irqchip/davinci: Remove leftover header (git-fixes).
- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes).
- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).
- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).
- iwlwifi: correct modinfo firmware ucode (bsc#1243020).
- ixgbe: fix media type detection for E610 device (git-fixes).
- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).
- jbd2: fix off-by-one while erasing journal (bsc#1242344).
- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).
- jbd2: increase IO priority for writing revoke records (bsc#1242332).
- jbd2: increase the journal IO's priority (bsc#1242537).
- jbd2: remove wrong sb->s_sequence check (bsc#1242343).
- jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes).
- jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes).
- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).
- jfs: add check read-only before txBeginAnon() call (git-fixes).
- jfs: add index corruption check to DT_GETPAGE() (git-fixes).
- jfs: add sanity check for agwidth in dbMount (git-fixes).
- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).
- jfs: reject on-disk inodes of an unsupported type (git-fixes).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)
- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).
- kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).
- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).
- kABI workaround for hci_core changes (git-fixes).
- kABI workaround for intel-ish-hid (git-fixes).
- kABI workaround for l2cap_conn changes (git-fixes).
- kABI workaround for powercap update (bsc#1241010).
- kABI workaround for soc_mixer_control changes (git-fixes).
- kbuild: hdrcheck: fix cross build with clang (git-fixes).
- kernel-binary: Support livepatch_rt with merged RT branch
- kernel-obs-qa: Use srchash for dependency as well
- keys: Fix UAF in key_put() (git-fixes).
- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes).
- kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes).
- kunit: qemu_configs: sparc: use Zilog console (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).
- lib: 842: Improve error handling in sw842_compress() (git-fixes).
- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes).
- libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__default_new() to perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309).
- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: LOOP_SET_FD: send uevents for partitions (git-fixes).
- loop: aio inherit the ioprio of original request (git-fixes).
- loop: do not require ->write_iter for writable files in loop_configure (git-fixes).
- loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes).
- loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes).
- md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212) Also reenable patches.suse/md-md-bitmap-fix-writing-non-bitmap-pages-ab99.patch
- md/raid1,raid10: do not ignore IO flags (git-fixes).
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- md: add a new callback pers->bitmap_sector() (git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md: preserve KABI in struct md_personality v2 (git-fixes). Added to mitigate md-add-a-new-callback-pers-bitmap_sector.patch, which was a git-fix.
- mdacon: rework dependency list (git-fixes).
- media: chips-media: wave5: Fix a hang after seeking (git-fixes).
- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly in probe (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly in remove (git-fixes).
- media: i2c: imx214: Rectify probe error handling related to runtime PM (git-fixes).
- media: i2c: imx219: Rectify runtime PM handling in probe and remove (git-fixes).
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).
- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).
- media: intel/ipu6: set the dev_parent of video device to pdev (git-fixes).
- media: omap3isp: Handle ARM dma_iommu_mapping (git-fixes).
- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).
- media: platform: stm32: Add check for clk_enable() (git-fixes).
- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).
- media: streamzap: fix race between device disconnection and urb callback (git-fixes).
- media: streamzap: prevent processing IR data on URB failure (git-fixes).
- media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes).
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).
- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).
- media: venus: hfi: add check to handle incorrect queue size (git-fixes).
- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).
- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).
- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).
- media: vim2m: print device name after registering device (git-fixes).
- media: visl: Fix ERANGE error when setting enum controls (git-fixes).
- mei: me: add panther lake H DID (stable-fixes).
- mei: me: add panther lake P DID (stable-fixes).
- mei: vsc: Fix fortify-panic caused by invalid counted_by() use (git-fixes).
- memblock tests: fix warning: '__ALIGN_KERNEL' redefined (git-fixes). Fix tools/ build breakage introduced by suse commit 3d6cb93162fd 'bitmap: introduce generic optimized bitmap_size() (git-fixes)'
- memcg: initiate deprecation of oom_control (jsc#PED-12405).
- memcg: initiate deprecation of pressure_level (jsc#PED-12405).
- memcg: initiate deprecation of v1 soft limit (jsc#PED-12405).
- memcg: initiate deprecation of v1 tcp accounting (jsc#PED-12405).
- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).
- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).
- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).
- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).
- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).
- mfd: syscon: Remove extern from function prototypes (stable-fixes).
- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).
- misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes).
- misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes).
- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).
- mm/readahead: fix large folio support in async readahead (bsc#1242321).
- mm: Add transformation message for per-memcg swappiness (jsc#PED-12405).
- mm: Fix a build breakage in memcontrol.c (jsc#PED-12405).
- mm: accept to promo watermark (bsc#1239600).
- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).
- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).
- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).
- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).
- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).
- mm: memcontrol: clarify swapaccount=0 deprecation warning (jsc#PED-12405).
- mm: zswap: move allocations during CPU init outside the lock (git-fixes).
- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).
- mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable-fixes).
- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).
- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes).
- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).
- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).
- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).
- mptcp: fix rcv buffer auto-tuning (bsc#1220419 bsc#1222656 bsc#1236394).
- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).
- mptcp: refine opt_mp_capable determination (git-fixes).
- mptcp: relax check on MPC passive fallback (git-fixes).
- mptcp: strict validation before using mp_opt->hmac (git-fixes).
- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).
- mtd: Add check for devm_kcalloc() (git-fixes).
- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).
- mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes).
- mtd: nand: Fix a kdoc comment (git-fixes).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- mtd: rawnand: Add status chack in r852_ready() (git-fixes).
- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- neighbour: delete redundant judgment statements (git-fixes).
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).
- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
- net/mlx5: Fill out devlink dev info only for PFs (git-fixes).
- net/mlx5: Fix incorrect IRQ pool usage when releasing IRQs (git-fixes).
- net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table() (git-fixes).
- net/mlx5: HWS, Rightsize bwc matcher priority (git-fixes).
- net/mlx5: IRQ, Fix null string in debug print (git-fixes).
- net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git-fixes).
- net/mlx5: Move ttc allocation after switch case to prevent leaks (git-fixes).
- net/mlx5: Restore missing trace event when enabling vport QoS (git-fixes).
- net/mlx5: Start health poll after enable hca (git-fixes).
- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
- net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes).
- net/mlx5e: Fix lock order in mlx5e_tx_reporter_ptpsq_unhealthy_recover (git-fixes).
- net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes).
- net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes).
- net/mlx5e: TC, Continue the attr process even if encap entry is invalid (git-fixes).
- net/mlx5e: Use custom tunnel header for vxlan gbp (git-fixes).
- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).
- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).
- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).
- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).
- net/sched: flower: Add lock protection when remove filter handle (git-fixes).
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (git-fixes).
- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).
- net/smc: Introduce IPPROTO_SMC (jsc#PED-10299).
- net/smc: do not leave a dangling sk pointer in __smc_create() (jsc#PED-10299).
- net/smc: expose smc proto operations (jsc#PED-10299).
- net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC (jsc#PED-10299).
- net/smc: prevent UAF in inet_create() (jsc#PED-10299).
- net/smc: refactoring initialization of smc sock (jsc#PED-10299).
- net/tcp: refactor tcp_inet6_sk() (git-fixes).
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).
- net: Handle napi_schedule() calls from non-interrupt (git-fixes).
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).
- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
- net: add dev_net_rcu() helper (bsc#1239994).
- net: annotate data-races around sk->sk_dst_pending_confirm (git-fixes).
- net: annotate data-races around sk->sk_tx_queue_mapping (git-fixes).
- net: blackhole_dev: fix build warning for ethh set but not used (git-fixes).
- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).
- net: do not dump stack on queue timeout (git-fixes).
- net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes).
- net: ethtool: Fix RSS setting (git-fixes).
- net: free_netdev: exit earlier if dummy (bsc#1243215).
- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).
- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).
- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).
- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).
- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).
- net: ipv6: ioam6: code alignment (git-fixes).
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- net: ipv6: ioam6: new feature tunsrc (git-fixes).
- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).
- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).
- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).
- net: mana: Allow variable size indirection table (bsc#1239016).
- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Support holes in device list reply msg (git-fixes).
- net: mana: Switch to page pool for jumbo frames (git-fixes).
- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).
- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).
- net: mark racy access on sk->sk_rcvbuf (git-fixes).
- net: phy: leds: fix memory leak (git-fixes).
- net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).
- net: sctp: fix skb leak in sctp_inq_free() (git-fixes).
- net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes).
- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).
- net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes).
- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).
- net: use unrcu_pointer() helper (git-fixes).
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).
- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).
- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).
- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: sch_sfq: annotate data-races around q->perturb_period (git-fixes).
- net_sched: sch_sfq: handle bigger packets (git-fixes).
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- netlink: specs: rt-link: add an attr layer around alt-ifname (git-fixes).
- netlink: specs: rt-link: adjust mctp attribute naming (git-fixes).
- netlink: specs: rtnetlink: attribute naming corrections (git-fixes).
- netlink: specs: tc: all actions are indexed arrays (git-fixes).
- netlink: specs: tc: fix a couple of attribute names (git-fixes).
- netpoll: Ensure clean state on setup failures (git-fixes).
- netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes).
- nfs: add missing selections of CONFIG_CRC32 (git-fixes).
- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).
- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).
- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes).
- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).
- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).
- ntb: Force physically contiguous allocation of rx ring buffers (git-fixes).
- ntb: intel: Fix using link status DB's (git-fixes).
- ntb: reduce stack usage in idt_scan_mws (stable-fixes).
- ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes).
- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).
- ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes).
- ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes).
- ntb_perf: Fix printk format (git-fixes).
- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).
- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).
- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).
- nvme-ioctl: fix leaked requests on mapping error (git-fixes).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
- nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes).
- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).
- nvme-pci: remove stale comment (git-fixes).
- nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes).
- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).
- nvme-tcp: Fix a C2HTermReq error message (git-fixes).
- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).
- nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes).
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).
- nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git-fixes).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).
- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).
- nvme: move passthrough logging attribute to head (git-fixes).
- nvme: multipath: fix return value of nvme_available_path (git-fixes).
- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvme: unblock ctrl state transition for firmware update (git-fixes).
- nvmet-fc: Remove unused functions (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvmet-fcloop: swap list_add_tail arguments (git-fixes).
- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).
- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).
- nvmet: remove old function prototype (git-fixes).
- objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git-fixes).
- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).
- objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes).
- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).
- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).
- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- ocfs2: handle a symlink read error correctly (git-fixes).
- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).
- octeontx2-pf: Do not reallocate all ntuple filters (git-fixes).
- octeontx2-pf: Fix ethtool support for SDP representors (git-fixes).
- octeontx2-pf: handle otx2_mbox_get_rsp errors (git-fixes).
- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
- padata: do not leak refcount in reorder_work (git-fixes).
- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- perf tools: annotate asm_pure_loop.S (bsc#1239906).
- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).
- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)
- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)
- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)
- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).
- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).
- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).
- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).
- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).
- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).
- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).
- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).
- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).
- platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes).
- platform/x86/intel/ifs: Add Clearwater Forest to CPU support list (jsc#PED-10213).
- platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes).
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).
- platform/x86: ISST: Correct command storage data length (git-fixes).
- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).
- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).
- platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes).
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).
- pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes).
- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).
- powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes).
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010).
- powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010).
- powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes).
- powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes).
- powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes).
- powerpc/boot: Check for ld-option support (bsc#1215199).
- powerpc/boot: Fix dash warning (bsc#1215199).
- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).
- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).
- powerpc/pseries/iommu: Fix kmemleak in TCE table userspace view (jsc#PED-10539 git-fixes).
- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- powerpc: Do not use --- in kernel logs (git-fixes).
- powerpc: Stop using no_llseek (bsc#1239573).
- ptp/vmware: Use VMware hypercall API (jsc#PED-11518).
- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes).
- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes).
- pwm: rcar: Improve register calculation (git-fixes).
- qibfs: fix _another_ leak (git-fixes)
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- rcu: Introduce rcu_cpu_online() (git-fixes)
- regulator: check that dummy regulator has been probed before using it (stable-fixes).
- regulator: core: Fix deadlock in create_regulator() (git-fixes).
- regulator: dummy: force synchronous probing (git-fixes).
- regulator: max20086: fix invalid memory access (git-fixes).
- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN Both spellings are actually used
- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).
- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986).
- rpm/kernel-binary.spec.in: Use OrderWithRequires (boo#1228659 boo#1241038).
- rpm/package-descriptions: Add rt and rt_debug descriptions
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).
- rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013).
- s390/ap: Fix CCA crypto card behavior within protected execution environment (git-fixes bsc#1243817 LTC#213623).
- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
- s390/cio: Fix CHPID 'configure' attribute caching (git-fixes bsc#1240979).
- s390/cpumf: Update CPU Measurement facility extended counter set support (bsc#1243115).
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes).
- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978).
- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).
- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).
- s390: Add z17 elf platform (bsc#1243116).
- sched/fair: Fix CPU bandwidth limit bypass during CPU hotplug (BSC#1241319).
- sched/fair: Fix CPU bandwidth limit bypass during CPU hotplug (bsc#1241319).
- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)
- sched/topology: Refinement to topology_span_sane speedup (bsc#1242119).
- sched/topology: improve topology_span_sane speed (bsc#1242119).
- sched: Add deprecation warning for users of RT_GROUP_SCHED (jsc#PED-11761 jsc#PED-12405).
- scsi: Improve CDL control (git-fixes).
- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
- scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes).
- scsi: fnic: Fix indentation and remove unnecessary parenthesis (git-fixes).
- scsi: fnic: Remove unnecessary debug print (git-fixes).
- scsi: fnic: Remove unnecessary spinlock locking and unlocking (git-fixes).
- scsi: fnic: Replace fnic->lock_flags with local flags (git-fixes).
- scsi: fnic: Replace use of sizeof with standard usage (git-fixes).
- scsi: hisi_sas: Check whether debugfs is enabled before removing or (bsc#1237546 bsc#1241095)
- scsi: hisi_sas: Check whether debugfs is enabled before removing or (bsc#1237546)
- scsi: hisi_sas: Enable force phy when SATA disk directly connected (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: hisi_sas: Remove hisi_hba->timer for v3 hw (bsc#1237545 bsc#1241095)
- scsi: hisi_sas: Remove hisi_hba->timer for v3 hw (bsc#1237545)
- scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes).
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).
- scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag (git-fixes).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (bsc#1241388 jsc#PED-11258).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: megaraid_sas: Driver version update to 07.734.00.00-rc1 (bsc#1241388 jsc#PED-11258).
- scsi: megaraid_sas: Make most module parameters static (bsc#1241388 jsc#PED-11258).
- scsi: mpi3mr: Add level check to control event logging (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Avoid reply queue full condition (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Check admin reply queue from Watchdog (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Fix locking in an error path (git-fixes).
- scsi: mpi3mr: Fix pending I/O counter (git-fixes).
- scsi: mpi3mr: Fix spelling mistake 'skiping' -> 'skipping' (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Handling of fault code for insufficient power (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Reset the pending interrupt flag (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Support for Segmented Hardware Trace buffer (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Synchronize access to ioctl data buffer (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Task Abort EH Support (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Update MPI Headers to revision 35 (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Update driver version to 8.12.0.3.50 (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Update driver version to 8.12.1.0.50 (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Update driver version to 8.13.0.5.50 (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Update timestamp only for supervisor IOCs (bsc#1241388 jsc#PED-12372).
- scsi: mpt3sas: Add details to EEDPTagMode error message (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Add support for MCTP Passthrough commands (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Fix a locking bug in an error path (git-fixes).
- scsi: mpt3sas: Fix buffer overflow in mpt3sas_send_mctp_passthru_req() (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Fix spelling mistake 'receveid' -> 'received' (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes).
- scsi: mpt3sas: Remove unused config functions (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Report driver capability as part of IOCINFO command (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Send a diag reset if target reset fails (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Update MPI headers to 02.00.62 version (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: update driver version to 52.100.00.00 (bsc#1241388 jsc#PED-11253).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).
- scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes).
- scsi: smartpqi: Use is_kdump_kernel() to check for kdump (git-fixes).
- sctp: Fix undefined behavior in left shift operation (git-fixes).
- sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes).
- sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes).
- sctp: fix association labeling in the duplicate COOKIE-ECHO case (git-fixes).
- sctp: fix busy polling (git-fixes).
- sctp: prefer struct_size over open coded arithmetic (git-fixes).
- sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes).
- security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375).
- selftests/bpf: Add a few tests to cover (git-fixes).
- selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes).
- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).
- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).
- selftests/bpf: test for changing packet data from global functions (bsc#1241590).
- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).
- selftests/futex: futex_waitv wouldblock test should fail (git-fixes).
- selftests/mm/cow: fix the incorrect error handling (git-fixes).
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
- selftests/mm: generate a temporary mountpoint for cgroup filesystem (git-fixes).
- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).
- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).
- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).
- selinux: Implement mptcp_add_subflow hook (bsc#1240375).
- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).
- serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes).
- serial: msm: Configure correct working mode before starting earlycon (git-fixes).
- serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes).
- series.conf: temporarily disable patches.suse/md-md-bitmap-fix-writing-non-bitmap-pages-ab99.patch (bsc#1238212)
- smb: client: destroy cfid_put_wq on module exit (git-fixes).
- smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265).
- smb: client: fix open_cached_dir retries with 'hard' mount option (bsc#1240616).
- smc: Fix lockdep false-positive for IPPROTO_SMC (bsc#1241689 jsc#PED-10299).
- soc: imx8m: Remove global soc_uid (stable-fixes).
- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).
- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).
- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).
- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).
- soc: qcom: pdr: Fix the potential deadlock (git-fixes).
- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).
- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).
- soundwire: bus: Fix race on the creation of the IRQ domain (git-fixes).
- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).
- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).
- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).
- spi: tegra114: Use value to check for invalid delays (git-fixes).
- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).
- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).
- splice: do not checksum AF_UNIX sockets (bsc#1240333).
- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).
- sqpoll: increase tw batch size (bsc#1238585).
- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).
- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).
- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).
- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).
- string: Add load_unaligned_zeropad() code path to sized_strscpy() (git-fixes).
- supported.conf: Mark HiSi DMA controller as supported (jsc#PED-12622 bsc#1241095)
- supported.conf: Mark HiSi PMU drivers as supported (jsc#PED-12622 bsc#1241095)
- supported.conf: Mark HiSi PMU drivers as supported (jsc#PED-12622)
- supported.conf: Mark HiSi TRNG v2 as supported (jsc#PED-12622 bsc#1241095)
- supported.conf: Mark HiSi TRNG v2 as supported (jsc#PED-12622)
- supported.conf: add now-included qat_420xx (external, intel)
- tcp: Add memory barrier to tcp_push() (git-fixes).
- tcp: Adjust clamping window for applications specifying SO_RCVBUF (bsc#1220419 bsc#1222656 bsc#1236394).
- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset (git-fixes).
- tcp: Defer ts_recent changes until req is owned (git-fixes).
- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).
- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).
- tcp: Update window clamping condition (bsc#1220419 bsc#1222656 bsc#1236394).
- tcp: Update window clamping condition (git-fixes).
- tcp: add tcp_done_with_error() helper (git-fixes).
- tcp: adjust rcvq_space after updating scaling ratio (bsc#1220419 bsc#1222656 bsc#1236394).
- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).
- tcp: annotate data-races around tp->window_clamp (bsc#1220419 bsc#1222656 bsc#1236394).
- tcp: annotate data-races around tp->window_clamp (git-fixes).
- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).
- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).
- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).
- tcp: check space before adding MPTCP SYN options (git-fixes).
- tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).
- tcp: define initial scaling factor value as a macro (bsc#1220419 bsc#1222656 bsc#1236394).
- tcp: define initial scaling factor value as a macro (git-fixes).
- tcp: derive delack_max from rto_min (git-fixes).
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).
- tcp: fix cookie_init_timestamp() overflows (git-fixes).
- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).
- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).
- tcp: fix mid stream window clamp (git-fixes).
- tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes).
- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).
- tcp: fix race in tcp_write_err() (git-fixes).
- tcp: fix races in tcp_abort() (git-fixes).
- tcp: fix races in tcp_v_err() (git-fixes).
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe (git-fixes).
- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).
- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).
- tcp: get rid of sysctl_tcp_adv_win_scale (bsc#1220419 bsc#1222656 bsc#1236394).
- tcp: increase the default TCP scaling ratio (bsc#1220419 bsc#1222656 bsc#1236394).
- tcp: increase the default TCP scaling ratio (git-fixes).
- tcp: introduce tcp_clock_ms() (git-fixes).
- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).
- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).
- tcp: remove 64 KByte limit for initial tp->rcv_wnd value (git-fixes).
- tcp: replace tcp_time_stamp_raw() (git-fixes).
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).
- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
- thermal/drivers/mediatek/lvts: Disable Stage 3 thermal threshold (git-fixes).
- thermal/drivers/mediatek/lvts: Disable monitor mode during suspend (git-fixes).
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).
- thermal: int340x: Add NULL check for adev (git-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).
- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).
- tools/hv: update route parsing in kvp daemon (git-fixes).
- tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175).
- tools/power turbostat: report CoreThr per measurement interval (git-fixes).
- tools: move alignment-related macros to new <linux/align.h> (git-fixes).
- topology: Set capacity_freq_ref in all cases (bsc#1238052)
- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).
- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).
- tpm: do not start chip while suspended (git-fixes).
- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).
- tpm: tis: Double the timeout B to 4s (bsc#1235870).
- tpm_tis: Move CRC check to generic send routine (bsc#1235870).
- tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870).
- tty: Require CAP_SYS_ADMIN for all usages of TIOCL_SELMOUSEREPORT (git-fixes).
- tty: n_tty: use uint for space returned by tty_write_room() (git-fixes).
- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).
- tty: serial: 8250: Add some more device IDs (stable-fixes).
- tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes).
- tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes).
- ubi: Add a check for ubi_num (git-fixes).
- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).
- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).
- ubi: correct the calculation of fastmap size (stable-fixes).
- ubi: eba: properly rollback inside self_check_eba (git-fixes).
- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).
- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).
- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).
- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).
- ublk: set_params: properly check if parameters can be applied (git-fixes).
- ucsi_ccg: Do not show failed to get FW build information error (git-fixes).
- udf: Fix inode_getblk() return value (bsc#1242313).
- udf: Skip parent dir link count update if corrupted (bsc#1242315).
- udf: Verify inode link counts before performing rename (bsc#1242314).
- usb: cdns3: Fix deadlock when using NCM gadget (git-fixes).
- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).
- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git-fixes).
- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git-fixes).
- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).
- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).
- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).
- usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes).
- usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes).
- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).
- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).
- usb: gadget: f_ecm: Add get_status callback (git-fixes).
- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).
- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).
- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).
- usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func (stable-fixes).
- usb: phy: generic: Use proper helper for property detection (stable-fixes).
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).
- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).
- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).
- usb: uhci-platform: Make the clock really optional (git-fixes).
- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).
- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).
- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).
- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).
- usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running (stable-fixes).
- usb: xhci: Do not skip on Stopped - Length Invalid (git-fixes).
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (stable-fixes).
- usb: xhci: Fix invalid pointer dereference in Etron workaround (git-fixes).
- usb: xhci: correct debug message page size calculation (git-fixes).
- usb: xhci: remove 'retval' from xhci_pci_resume() (git-fixes).
- usbnet:fix NPE during rx_complete (git-fixes).
- vboxsf: fix building with GCC 15 (stable-fixes).
- vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes).
- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).
- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).
- video: screen_info: Update framebuffers behind PCI bridges (bsc#1240696).
- virtchnl: make proto and filter action count unsigned (git-fixes).
- virtio_console: fix missing byte order handling for cols and rows (git-fixes).
- vmxnet3: Fix tx queue race condition with XDP (bsc#1241394).
- vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394).
- wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes).
- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).
- wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode (git-fixes).
- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).
- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).
- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).
- wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes).
- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).
- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).
- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).
- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).
- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).
- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes).
- wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable-fixes).
- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).
- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).
- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).
- wifi: brcmfmac: keep power during suspend if board requires it (stable-fixes).
- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).
- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).
- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).
- wifi: iwlwifi: do not warn if the NIC is gone in resume (git-fixes).
- wifi: iwlwifi: fix the check for the SCRATCH register upon resume (git-fixes).
- wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes).
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).
- wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes).
- wifi: iwlwifi: pcie: Fix TSO preparation (git-fixes).
- wifi: iwlwifi: support BIOS override for 5G9 in CA also in LARI version 8 (stable-fixes).
- wifi: mac80211, cfg80211: miscellaneous spelling fixes (git-fixes).
- wifi: mac80211: Cleanup sta TXQs on flush (stable-fixes).
- wifi: mac80211: Fix sparse warning for monitor_sdata (git-fixes).
- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes).
- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).
- wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (git-fixes).
- wifi: mac80211: check basic rates validity in sta_link_apply_parameters (git-fixes).
- wifi: mac80211: do not queue sdata::work for a non-running sdata (git-fixes).
- wifi: mac80211: ensure sdata->work is canceled before initialized (stable-fixes).
- wifi: mac80211: fix SA Query processing in MLO (stable-fixes).
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).
- wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes).
- wifi: mac80211: remove debugfs dir for virtual monitor (stable-fixes).
- wifi: mt76: Add check for devm_kstrdup() (git-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable-fixes).
- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).
- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).
- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).
- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).
- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).
- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).
- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).
- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).
- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).
- wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes).
- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).
- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).
- x86/bugs: Add RSB mitigation document (git-fixes).
- x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes).
- x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes).
- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).
- x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes).
- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).
- x86/coco: Replace 'static const cc_mask' with the newly introduced cc_get_mask() function (git-fixes).
- x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes).
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).
- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).
- x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes).
- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).
- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).
- x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes).
- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).
- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- x86/microcode/32: Move early loading after paging enable (git-fixes).
- x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes).
- x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes).
- x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes).
- x86/microcode/AMD: Split load_microcode_amd() (git-fixes).
- x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes).
- x86/microcode/amd: Cache builtin microcode too (git-fixes).
- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).
- x86/microcode/amd: Use cached microcode for AP load (git-fixes).
- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).
- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).
- x86/microcode/intel: Cleanup code further (git-fixes).
- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).
- x86/microcode/intel: Remove debug code (git-fixes).
- x86/microcode/intel: Remove pointless mutex (git-fixes).
- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).
- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).
- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).
- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).
- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).
- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).
- x86/microcode/intel: Set new revision only after a successful update (git-fixes).
- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).
- x86/microcode/intel: Simplify early loading (git-fixes).
- x86/microcode/intel: Simplify scan_microcode() (git-fixes).
- x86/microcode/intel: Switch to kvmalloc() (git-fixes).
- x86/microcode/intel: Unify microcode apply() functions (git-fixes).
- x86/microcode: Add per CPU control field (git-fixes).
- x86/microcode: Add per CPU result state (git-fixes).
- x86/microcode: Clarify the late load logic (git-fixes).
- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).
- x86/microcode: Get rid of the schedule work indirection (git-fixes).
- x86/microcode: Handle 'nosmt' correctly (git-fixes).
- x86/microcode: Handle 'offline' CPUs correctly (git-fixes).
- x86/microcode: Hide the config knob (git-fixes).
- x86/microcode: Include vendor headers into microcode.h (git-fixes).
- x86/microcode: Make reload_early_microcode() static (git-fixes).
- x86/microcode: Mop up early loading leftovers (git-fixes).
- x86/microcode: Move core specific defines to local header (git-fixes).
- x86/microcode: Prepare for minimal revision check (git-fixes).
- x86/microcode: Protect against instrumentation (git-fixes).
- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).
- x86/microcode: Provide new control functions (git-fixes).
- x86/microcode: Remove microcode_mutex (git-fixes).
- x86/microcode: Remove pointless apply() invocation (git-fixes).
- x86/microcode: Remove the driver announcement and version (git-fixes).
- x86/microcode: Rendezvous and load in NMI (git-fixes).
- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).
- x86/microcode: Rework early revisions reporting (git-fixes).
- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).
- x86/mm: Remove unused microcode.h include (git-fixes).
- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- x86/sev: Move sev_setup_arch() to mem_encrypt.c (bsc#1239314).
- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).
- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).
- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).
- x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes).
- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes).
- x86/vmware: Add TDX hypercall support (jsc#PED-11518).
- x86/vmware: Correct macro names (jsc#PED-11518).
- x86/vmware: Introduce VMware hypercall API (jsc#PED-11518).
- x86/vmware: Remove legacy VMWARE_HYPERCALL* macros (jsc#PED-11518).
- x86/vmware: Use VMware hypercall API (jsc#PED-11518).
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- xenfs/xensyms: respect hypervisor's 'next' indication (git-fixes).
- xfs: flush inodegc before swapon (git-fixes).
- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).
- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).
- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).
- xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550).
- xhci: Limit time spent with xHC interrupts disabled during bus resume (stable-fixes).
- xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550).
- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).
- xhci: dbc: Convert to use sysfs_streq() (git-fixes).
- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).
- xhci: dbc: Fix STALL transfer event handling (git-fixes).
- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).
- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).
- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).
- xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550).
- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).
- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).
- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).
- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).
- xhci: pci: Use standard pattern for device IDs (git-fixes).
- xhci: split free interrupter into separate remove and free parts (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- xsk: Do not assume metadata is always requested in TX completion (git-fixes).
- zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167).
Patchnames
SUSE-2025-1967,SUSE-SLE-Module-Public-Cloud-15-SP7-2025-1967
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).\n- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).\n- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).\n- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).\n- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).\n- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).\n- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).\n- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).\n- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).\n- CVE-2024-49570: drm/xe/tracing: Fix a potential TP_printk UAF (bsc#1238782).\n- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).\n- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).\n- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).\n- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).\n- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).\n- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).\n- CVE-2024-53124: net: fix data-races around sk-\u003esk_forward_alloc (bsc#1234074).\n- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).\n- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).\n- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).\n- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).\n- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).\n- CVE-2024-56638: kABI fix for \u0027netfilter: nft_inner: incorrect percpu area handling under softirq\u0027 (bsc#1235524).\n- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).\n- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).\n- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).\n- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).\n- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).\n- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).\n- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).\n- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).\n- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).\n- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).\n- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).\n- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).\n- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).\n- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).\n- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).\n- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).\n- CVE-2024-58074: drm/i915: Grab intel_display from the encoder to avoid potential (bsc#1238972).\n- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).\n- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).\n- CVE-2024-58091: drm/fbdev-dma: Add shadow buffering for deferred I/O (bsc#1240174).\n- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy (bsc#1236111).\n- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).\n- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).\n- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).\n- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).\n- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).\n- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1237312).\n- CVE-2025-21703: netem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).\n- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).\n- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).\n- CVE-2025-21717: net/mlx5e: add missing cpu_to_node to kvzalloc_node in mlx5e_open_xdpredirect_sq (bsc#1238866).\n- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).\n- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).\n- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).\n- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).\n- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).\n- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).\n- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).\n- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).\n- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).\n- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).\n- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).\n- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).\n- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).\n- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).\n- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).\n- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).\n- CVE-2025-21800: net/mlx5: HWS, fix definer\u0027s HWS_SET32 macro for negative offset (bsc#1238743).\n- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).\n- CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742).\n- CVE-2025-21812: ax25: rcu protect dev-\u003eax25_ptr (bsc#1238471).\n- CVE-2025-21814: ptp: Ensure info-\u003eenable callback is always set (bsc#1238473).\n- CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108).\n- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).\n- CVE-2025-21837: io_uring/uring_cmd: unconditionally copy SQEs at prep time (bsc#1239064).\n- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).\n- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).\n- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).\n- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).\n- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).\n- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).\n- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).\n- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).\n- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).\n- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).\n- CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181).\n- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).\n- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).\n- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).\n- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).\n- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).\n- CVE-2025-21882: net/mlx5: Fix vport QoS cleanup on error (bsc#1240187).\n- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).\n- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).\n- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).\n- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).\n- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).\n- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).\n- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).\n- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).\n- CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576).\n- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).\n- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).\n- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).\n- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).\n- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).\n- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error (bsc#1240720).\n- CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713).\n- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).\n- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).\n- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level \u003e 2 (bsc#1240742).\n- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).\n- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).\n- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).\n- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).\n- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).\n- CVE-2025-21969: kABI workaround for l2cap_conn changes (bsc#1240784).\n- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).\n- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).\n- CVE-2025-21973: eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx} (bsc#1240803).\n- CVE-2025-21974: eth: bnxt: return fail if interface is down in bnxt_queue_mem_alloc() (bsc#1240800).\n- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).\n- CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809).\n- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).\n- CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811).\n- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).\n- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).\n- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).\n- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).\n- CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944).\n- CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934).\n- CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936).\n- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).\n- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).\n- CVE-2025-22029: exec: fix the racy usage of fs_struct-\u003ein_exec (bsc#1241378).\n- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).\n- CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426).\n- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).\n- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).\n- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).\n- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).\n- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).\n- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).\n- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).\n- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).\n- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).\n- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).\n- CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416).\n- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).\n- CVE-2025-22094: powerpc/perf: Fix ref-counting on the PMU \u0027vpa_pmu\u0027 (bsc#1241512).\n- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).\n- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).\n- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).\n- CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548).\n- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).\n- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).\n- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578).\n- CVE-2025-22117: ice: fix using untrusted value of pkt_len in ice_vc_fdir_parse_raw() (bsc#1241633).\n- CVE-2025-22118: ice: validate queue quanta parameters to prevent OOB access (bsc#1241562).\n- CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593).\n- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).\n- CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451).\n- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).\n- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).\n- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).\n- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).\n- CVE-2025-23154: io_uring/net: fix io_req_post_cqe abuse by send bundle (bsc#1242533).\n- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).\n- CVE-2025-37747: kABI workaround for perf-Fix-hang-while-freeing-sigtrap-event (References: bsc#1242520).\n- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).\n- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).\n- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).\n- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).\n- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).\n- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).\n- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).\n- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).\n- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).\n- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).\n- CVE-2025-37798: codel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414).\n- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).\n- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).\n- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).\n- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).\n- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).\n- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).\n- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).\n- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).\n- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).\n- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).\n- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).\n- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).\n- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).\n- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).\n- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).\n- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).\n- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).\n- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).\n- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).\n- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).\n- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).\n- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).\n- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).\n- CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626).\n\nThe following non-security bugs were fixed:\n\n- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).\n- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).\n- ACPI: PPTT: Fix processor subtable walk (git-fixes).\n- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).\n- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).\n- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable-fixes).\n- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes).\n- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).\n- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).\n- ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes).\n- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).\n- ALSA: hda/realtek: Bass speaker fixup for ASUS UM5606KA (stable-fixes).\n- ALSA: hda/realtek: Enable Mute LED on HP OMEN 16 Laptop xd000xx (stable-fixes).\n- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git-fixes).\n- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).\n- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).\n- ALSA: hda/realtek: fix micmute LEDs on HP Laptops with ALC3315 (stable-fixes).\n- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).\n- ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes).\n- ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes).\n- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).\n- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).\n- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).\n- ALSA: timer: Do not take register_mutex with copy_from/to_user() (git-fixes).\n- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).\n- ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044).\n- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).\n- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).\n- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).\n- ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes).\n- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).\n- ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes).\n- ASoC: Intel: sof_sdw: Fix unlikely uninitialized variable use in create_sdw_dailinks() (git-fixes).\n- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).\n- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).\n- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).\n- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).\n- ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable-fixes).\n- ASoC: Use of_property_read_bool() (stable-fixes).\n- ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes).\n- ASoC: amd: acp: Fix for enabling DMIC on acp platforms via _DSD entry (git-fixes).\n- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).\n- ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes).\n- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).\n- ASoC: codecs: rt5665: Fix some error handling paths in rt5665_probe() (git-fixes).\n- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).\n- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes).\n- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes).\n- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).\n- ASoC: cs42l43: Fix maximum ADC Volume (git-fixes).\n- ASoC: cs42l43: Reset clamp override on jack removal (git-fixes).\n- ASoC: dwc: always enable/disable i2s irqs (git-fixes).\n- ASoC: fsl: fsl_qmc_audio: Reset audio data pointers on TRIGGER_START event (git-fixes).\n- ASoC: fsl_audmix: register card device depends on \u0027dais\u0027 property (stable-fixes).\n- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).\n- ASoC: ops: Consistently treat platform_max as control value (git-fixes).\n- ASoC: q6apm-dai: make use of q6apm_get_hw_pointer (git-fixes).\n- ASoC: q6apm-dai: schedule all available frames to avoid dsp under-runs (git-fixes).\n- ASoC: q6apm: add q6apm_get_hw_pointer helper (git-fixes).\n- ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes).\n- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes).\n- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes).\n- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git-fixes).\n- ASoC: rt722-sdca: add missing readable registers (git-fixes).\n- ASoC: simple-card-utils.c: add missing dlc-\u003eof_node (stable-fixes).\n- ASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction (git-fixes).\n- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).\n- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).\n- ASoC: tas2764: Fix power control mask (stable-fixes).\n- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).\n- ASoC: tas2770: Fix volume scale (stable-fixes).\n- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).\n- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).\n- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).\n- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).\n- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).\n- Bluetooth: L2CAP: Fix corrupted list in hci_chan_del (git-fixes).\n- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).\n- Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd (stable-fixes).\n- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).\n- Bluetooth: btintel_pcie: Add additional to checks to clear TX/RX paths (git-fixes).\n- Bluetooth: btnxpuart: Fix kernel panic during FW release (git-fixes).\n- Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes).\n- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).\n- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).\n- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).\n- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).\n- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes).\n- Bluetooth: hci_uart: Fix another race during initialization (git-fixes).\n- Bluetooth: hci_uart: fix race during initialization (stable-fixes).\n- Bluetooth: l2cap: Check encryption key size on incoming connection (git-fixes).\n- Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes).\n- Bluetooth: qca: simplify WCN399x NVM loading (stable-fixes).\n- Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes).\n- APEI: Delete patches.suse/APEI-GHES-Have-GHES-honor-the-panic-setting.patch (bsc#1239615)\n- Documentation: qat: fix auto_reset attribute details (git-fixes).\n- Documentation: qat: fix auto_reset section (git-fixes).\n- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).\n- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).\n- pci: Drop PCI patch that caused a regression (bsc#1241123). \n- EDAC/i10nm: Add Intel Clearwater Forest server support (jsc#PED-10190).\n- Fix mismerge from SLE15-SP6 to SLE15-SP7 (bsc#1241591).\n- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).\n- HID: Enable playstation driver independently of sony driver (git-fixes).\n- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).\n- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).\n- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).\n- HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable-fixes).\n- HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes).\n- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).\n- HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove() (git-fixes).\n- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).\n- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).\n- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).\n- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).\n- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).\n- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).\n- IB/cm: use rwlock for MAD agent lock (git-fixes)\n- IB/mad: Check available slots before posting receive WRs (git-fixes)\n- Input: ads7846 - fix gpiod allocation (git-fixes).\n- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).\n- Input: cyttsp5 - fix power control issue on wakeup (git-fixes).\n- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).\n- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).\n- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).\n- Input: iqs7222 - preserve system status register (git-fixes).\n- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).\n- Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git-fixes).\n- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).\n- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).\n- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).\n- Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes).\n- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).\n- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).\n- Input: xpad - add multiple supported devices (stable-fixes).\n- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).\n- Input: xpad - add support for TECNO Pocket Go (stable-fixes).\n- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).\n- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).\n- Input: xpad - fix two controller table values (git-fixes).\n- Input: xpad - rename QH controller to Legion Go S (stable-fixes).\n- KVM: PPC: Book3S HV: Fix IRQ map warnings with XICS on pSeries KVM Guest (bsc#1242205 ltc#212592).\n- KVM: PPC: Enable CAP_SPAPR_TCE_VFIO on pSeries KVM guests (jsc#PED-10539 git-fixes).\n- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).\n- KVM: SVM: Do not change target vCPU state on AP Creation VMGEXIT error (git-fixes).\n- KVM: SVM: Drop DEBUGCTL[5:2] from guest\u0027s effective value (git-fixes).\n- KVM: SVM: Refuse to attempt VRMUN if an SEV-ES+ guest had an invalid VMSA (git-fixes).\n- KVM: SVM: Save host DR masks on CPUs with DebugSwap (jsc#PED-348).\n- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).\n- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).\n- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).\n- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).\n- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).\n- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).\n- KVM: arm64: Mark some header functions as inline (git-fixes).\n- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).\n- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).\n- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).\n- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).\n- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).\n- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).\n- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).\n- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).\n- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).\n- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).\n- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).\n- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).\n- KVM: x86/mmu: Check and free obsolete roots in kvm_mmu_reload() (git-fixes).\n- KVM: x86/xen: Use guest\u0027s copy of pvclock when starting timer (git-fixes).\n- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).\n- KVM: x86: Check that the high 32bits are clear in kvm_arch_vcpu_ioctl_run() (git-fixes).\n- KVM: x86: Do not take kvm-\u003elock when iterating over vCPUs in suspend notifier (git-fixes).\n- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).\n- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn\u0027t supported by KVM (git-fixes).\n- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).\n- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).\n- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).\n- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).\n- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).\n- KVM: x86: block KVM_CAP_SYNC_REGS if guest state is protected (git-fixes).\n- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).\n- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn\u0027t up (git-fixes).\n- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).\n- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).\n- OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961)\n- PCI/ACS: Fix \u0027pci=config_acs=\u0027 parameter (git-fixes).\n- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).\n- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git-fixes).\n- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).\n- PCI: Avoid reset when disabled via sysfs (git-fixes).\n- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).\n- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).\n- PCI: Fix reference leak in pci_register_host_bridge() (git-fixes).\n- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).\n- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).\n- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).\n- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).\n- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).\n- PCI: brcmstb: Use internal register to change link capability (git-fixes).\n- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).\n- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).\n- PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes).\n- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).\n- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes).\n- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).\n- PM: sleep: Adjust check before setting power.must_resume (git-fixes).\n- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).\n- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).\n- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)\n- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)\n- RDMA/bnxt_re: Fix allocation of QP table (git-fixes)\n- RDMA/bnxt_re: Fix budget handling of notification queue (git-fixes)\n- RDMA/bnxt_re: Fix reporting maximum SRQs on P7 chips (git-fixes)\n- RDMA/bnxt_re: Remove unusable nq variable (git-fixes)\n- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)\n- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes)\n- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)\n- RDMA/core: Fix \u0027KASAN: slab-use-after-free Read in ib_register_device\u0027 problem (git-fixes)\n- RDMA/core: Fix use-after-free when rename device name (git-fixes)\n- RDMA/core: Silence oversized kvmalloc() warning (git-fixes)\n- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)\n- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)\n- RDMA/hns: Fix invalid sq params not being blocked (git-fixes)\n- RDMA/hns: Fix missing xa_destroy() (git-fixes)\n- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)\n- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)\n- RDMA/hns: Fix wrong maximum DMA segment size (git-fixes)\n- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)\n- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)\n- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)\n- RDMA/mana_ib: Ensure variable err is initialized (git-fixes).\n- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).\n- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)\n- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)\n- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)\n- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)\n- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)\n- RDMA/mlx5: Fix page_size variable overflow (git-fixes)\n- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)\n- RDMA/rxe: Fix \u0027trying to register non-static key in rxe_qp_do_cleanup\u0027 bug (git-fixes)\n- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)\n- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)\n- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes)\n- RFC cgroup/cpuset-v1: Add deprecation messages to sched_relax_domain_level (jsc#PED-12405).\n- kernel: Remove debug flavor (bsc#1243919).\n- Squashfs: check return result of sb_min_blocksize (git-fixes).\n- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).\n- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).\n- USB: VLI disk crashes if LPM is used (stable-fixes).\n- USB: gadget: core: create sysfs link between udc and gadget (git-fixes).\n- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).\n- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).\n- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).\n- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).\n- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).\n- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).\n- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).\n- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).\n- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).\n- USB: wdm: add annotation (git-fixes).\n- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes).\n- USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes).\n- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes).\n- Update config. Enable HiSi accel VFIO PCI (jsc#PED-12622 bsc#1241095) - Update config files. \tCONFIG_HISI_ACC_VFIO_PCI=m - supported.conf: \t+ drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci\n- Update config. Enable HiSi accel VFIO PCI (jsc#PED-12622) - Update config files. \tCONFIG_HISI_ACC_VFIO_PCI=m - supported.conf: \t+ drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci\n- Update config. Enable SPI DW mmio driver (jsc#PED-12622 bsc#1241095) - CONFIG_SPI_DW_MMIO=m - supported.conf \t+ drivers/spi/spi-dw \t+ drivers/spi/spi-dw-mmio\n- Update config. Enable SPI DW mmio driver (jsc#PED-12622) - CONFIG_SPI_DW_MMIO=m - supported.conf \t+ drivers/spi/spi-dw \t+ drivers/spi/spi-dw-mmio\n- Update patches.suse/KVM-PPC-Enable-CAP_SPAPR_TCE_VFIO-on-pSeries-KVM-gue.patch (jsc#PED-10539 git-fixes bsc#1240419 ltc#212279).\n- Update patches.suse/RDMA-core-Don-t-expose-hw_counters-outside-of-init-n.patch (git-fixes bsc#1239925).\n- Update patches.suse/kABI-fix-for-RDMA-core-Don-t-expose-hw_counters-outs.patch (git-fixes bsc#1239925). Add bug reference.\n- Update patches.suse/net-smc-Introduce-IPPROTO_SMC.patch (jsc#PED-10299 bsc#1241689).\n- Update patches.suse/net-smc-do-not-leave-a-dangling-sk-pointer-in-__smc_create.patch (jsc#PED-10299 bsc#1241689).\n- Update patches.suse/net-smc-expose-smc-proto-operations.patch (jsc#PED-10299 bsc#1241689).\n- Update patches.suse/net-smc-fix-lacks-of-icsk_syn_mss-with-IPPROTO_SMC.patch (jsc#PED-10299 bsc#1241689).\n- Update patches.suse/net-smc-prevent-UAF-in-inet_create.patch (jsc#PED-10299 bsc#1241689).\n- Update patches.suse/net-smc-refactoring-initialization-of-smc-sock.patch (jsc#PED-10299 bsc#1241689).\n- Update patches.suse/nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch (git-fixes bsc#1235149).\n- Update patches.suse/nvme-re-read-ANA-log-page-after-ns-scan-completes.patch (git-fixes bsc#1235149).\n- Update patches.suse/smc-Fix-lockdep-false-positive-for-IPPROTO_SMC.patch (bsc#1241689 jsc#PED-10299 bsc#1241689).\n- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).\n- accel/ivpu: Fix PM related deadlocks in MS IOCTLs (git-fixes).\n- accel/ivpu: Fix deadlock in ivpu_ms_cleanup() (git-fixes).\n- accel/ivpu: Fix warning in ivpu_ipc_send_receive_internal() (git-fixes).\n- accel/ivpu: Increase DMA address range (PED-12367).\n- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).\n- accel/qaic: Fix possible data corruption in BOs \u003e 2G (git-fixes).\n- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes).\n- add bug reference for an existing hv_netvsc change (bsc#1243737).\n- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).\n- affs: do not write overlarge OFS data block size fields (git-fixes).\n- affs: generate OFS sequence numbers starting at 1 (git-fixes).\n- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).\n- afs: Make it possible to find the volumes that are using a server (git-fixes).\n- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes).\n- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)\n- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)\n- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)\n- arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes)\n- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)\n- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)\n- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)\n- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)\n- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (bsc#1242778).\n- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)\n- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (bsc#1242778).\n- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)\n- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)\n- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)\n- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)\n- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)\n- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)\n- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)\n- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)\n- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)\n- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)\n- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)\n- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)\n- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)\n- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)\n- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)\n- arm64: insn: Add support for encoding DSB (bsc#1242778).\n- arm64: insn: Add support for encoding DSB (git-fixes)\n- arm64: mm: Correct the update of max_pfn (git-fixes)\n- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)\n- arm64: proton-pack: Add new CPUs \u0027k\u0027 values for branch mitigation (bsc#1242778).\n- arm64: proton-pack: Add new CPUs \u0027k\u0027 values for branch mitigation (git-fixes)\n- arm64: proton-pack: Expose whether the branchy loop k value (bsc#1242778).\n- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)\n- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)\n- arm64: proton-pack: Expose whether the platform is mitigated by firmware (bsc#1242778).\n- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)\n- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).\n- asus-laptop: Fix an uninitialized variable (git-fixes).\n- ata: ahci: Add mask_port_map module parameter (git-fixes).\n- ata: libata-sata: Save all fields from sense data descriptor (git-fixes).\n- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).\n- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).\n- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).\n- ata: libata-scsi: Improve CDL control (git-fixes).\n- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).\n- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).\n- ata: pata_parport: add custom version of wait_after_reset (git-fixes).\n- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).\n- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes).\n- ata: pata_serverworks: Do not use the term blacklist (git-fixes).\n- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).\n- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).\n- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes).\n- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).\n- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).\n- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).\n- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).\n- badblocks: Fix error shitf ops (git-fixes).\n- badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes).\n- badblocks: fix missing bad blocks on retry in _badblocks_check() (git-fixes).\n- badblocks: fix the using of MAX_BADBLOCKS (git-fixes).\n- badblocks: return error directly when setting badblocks exceeds 512 (git-fixes).\n- badblocks: return error if any badblock set fails (git-fixes).\n- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).\n- bitmap: Align documentation between bitmap_gather() and bitmap_scatter() (git-fixes).\n- bitmap: introduce generic optimized bitmap_size() (git-fixes).\n- blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes).\n- block: change blk_mq_add_to_batch() third argument type to bool (git-fixes).\n- block: fix \u0027kmem_cache of name \u0027bio-108\u0027 already exists\u0027 (git-fixes).\n- block: fix conversion of GPT partition name to 7-bit (git-fixes).\n- block: fix resource leak in blk_register_queue() error path (git-fixes).\n- block: integrity: Do not call set_page_dirty_lock() (git-fixes).\n- block: make sure -\u003enr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes).\n- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).\n- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).\n- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).\n- bnxt_en: Fix ethtool selftest output in one of the failure cases (git-fixes).\n- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).\n- bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes).\n- bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes).\n- bnxt_en: call pci_alloc_irq_vectors() after bnxt_reserve_rings() (git-fixes).\n- bnxt_en: fix module unload sequence (git-fixes).\n- bnxt_en: improve TX timestamping FIFO configuration (git-fixes).\n- bonding: fix incorrect MAC address setting to receive NS messages (git-fixes).\n- bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes).\n- bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes).\n- bpf: Check size for BTF-based ctx access of pointer members (git-fixes).\n- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).\n- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes).\n- bpf: Scrub packet on bpf_redirect_peer (git-fixes).\n- bpf: add find_containing_subprog() utility function (bsc#1241590).\n- bpf: avoid holding freeze_mutex during mmap operation (git-fixes).\n- bpf: check changes_pkt_data property for extension programs (bsc#1241590).\n- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).\n- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).\n- bpf: fix potential error return (git-fixes).\n- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).\n- bpf: track changes_pkt_data property for global functions (bsc#1241590).\n- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes).\n- broadcom: fix supported flag check in periodic output function (git-fixes).\n- btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204).\n- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).\n- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).\n- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).\n- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).\n- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).\n- btrfs: check delayed refs when we\u0027re checking if a ref exists (bsc#1239605).\n- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).\n- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).\n- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).\n- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).\n- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).\n- btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151).\n- btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204).\n- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).\n- btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204).\n- btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204).\n- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).\n- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).\n- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).\n- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).\n- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).\n- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).\n- can: bcm: add locking for bcm_op runtime updates (git-fixes).\n- can: bcm: add missing rcu read protection for procfs content (git-fixes).\n- can: flexcan: disable transceiver during system PM (git-fixes).\n- can: flexcan: only change CAN state when link up in system PM (git-fixes).\n- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).\n- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).\n- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).\n- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).\n- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).\n- can: slcan: allow reception of short error messages (git-fixes).\n- can: ucan: fix out of bound read in strscpy() source (git-fixes).\n- cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes).\n- cgroup/blkio: Add deprecation messages to reset_stats (jsc#PED-12405).\n- cgroup/cpuset-v1: Add deprecation messages to mem_exclusive and mem_hardwall (jsc#PED-12405).\n- cgroup/cpuset-v1: Add deprecation messages to memory_migrate (jsc#PED-12405).\n- cgroup/cpuset-v1: Add deprecation messages to memory_spread_page and memory_spread_slab (jsc#PED-12405).\n- cgroup/cpuset-v1: Add deprecation messages to sched_load_balance and memory_pressure_enabled (jsc#PED-12405).\n- cgroup/cpuset: Fix error handling in remote_partition_disable() (bsc#1241166).\n- cgroup/cpuset: Fix incorrect isolated_cpus update in update_parent_effective_cpumask() (bsc#1241166).\n- cgroup/cpuset: Fix spelling errors in file kernel/cgroup/cpuset.c (bsc#1241166).\n- cgroup: Add deprecation message to legacy freezer controller (jsc#PED-12405).\n- cgroup: Print message when /proc/cgroups is read on v2-only system (jsc#PED-12405).\n- char: misc: register chrdev region with all possible minors (git-fixes).\n- check-for-config-changes: Fix flag name typo\n- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).\n- cifs: reduce warning log level for server not advertising interfaces (git-fixes).\n- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).\n- config: Re-enable rbd (bsc#1239991)\n- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).\n- counter: fix privdata alignment (git-fixes).\n- counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes).\n- counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes).\n- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).\n- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052)\n- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052)\n- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052) Keep the feature disabled by default on x86_64\n- cpumask: add cpumask_weight_andnot() (bsc#1239015).\n- cpumask: define cleanup function for cpumasks (bsc#1239015).\n- crypto: algif_hash - fix double free in hash_accept (git-fixes).\n- crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes).\n- crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes).\n- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).\n- crypto: ccp - Fix check for the primary ASP device (git-fixes).\n- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).\n- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).\n- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).\n- crypto: iaa - Change desc-\u003epriv to 0 (jsc#PED-12416).\n- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).\n- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove header table code (jsc#PED-12416).\n- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).\n- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).\n- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).\n- crypto: iaa - Test the correct request flag (git-fixes).\n- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).\n- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).\n- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).\n- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).\n- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).\n- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).\n- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).\n- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).\n- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).\n- crypto: qat - Fix spelling mistake \u0027Invalide\u0027 -\u003e \u0027Invalid\u0027 (jsc#PED-12416).\n- crypto: qat - Fix typo \u0027accelaration\u0027 (jsc#PED-12416).\n- crypto: qat - Fix typo (jsc#PED-12416).\n- crypto: qat - Remove trailing space after \\n newline (jsc#PED-12416).\n- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).\n- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).\n- crypto: qat - add auto reset on error (jsc#PED-12416).\n- crypto: qat - add bank save and restore flows (jsc#PED-12416).\n- crypto: qat - add fatal error notification (jsc#PED-12416).\n- crypto: qat - add fatal error notify method (jsc#PED-12416).\n- crypto: qat - add heartbeat error simulator (jsc#PED-12416).\n- crypto: qat - add interface for live migration (jsc#PED-12416).\n- crypto: qat - add shutdown handler to qat_420xx (bsc#1239934).\n- crypto: qat - add shutdown handler to qat_4xxx (bsc#1239934).\n- crypto: qat - add shutdown handler to qat_c3xxx (bsc#1239934).\n- crypto: qat - add shutdown handler to qat_c62x (bsc#1239934).\n- crypto: qat - add shutdown handler to qat_dh895xcc (bsc#1239934).\n- crypto: qat - add support for 420xx devices (jsc#PED-12416).\n- crypto: qat - add support for device telemetry (jsc#PED-12416). - Refresh patches.suse/crypto-qat-disable-IOV-in-adf_dev_stop.patch. - Refresh patches.suse/crypto-qat-remove-check-after-debugfs_create_dir.patch.\n- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).\n- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).\n- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).\n- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).\n- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).\n- crypto: qat - disable arbitration before reset (jsc#PED-12416).\n- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).\n- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).\n- crypto: qat - fix \u0027Full Going True\u0027 macro definition (jsc#PED-12416).\n- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).\n- crypto: qat - fix comment structure (jsc#PED-12416).\n- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).\n- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).\n- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).\n- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).\n- crypto: qat - implement dh fallback for primes \u003e 4K (jsc#PED-12416).\n- crypto: qat - implement interface for live migration (jsc#PED-12416).\n- crypto: qat - improve aer error reset handling (jsc#PED-12416).\n- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).\n- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).\n- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).\n- crypto: qat - limit heartbeat notifications (jsc#PED-12416).\n- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).\n- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).\n- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).\n- crypto: qat - move fw config related structures (jsc#PED-12416).\n- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).\n- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).\n- crypto: qat - relocate CSR access code (jsc#PED-12416).\n- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).\n- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).\n- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).\n- crypto: qat - remove redundant prototypes in qat_c3xxx (bsc#1239934).\n- crypto: qat - remove redundant prototypes in qat_c62x (bsc#1239934).\n- crypto: qat - remove redundant prototypes in qat_dh895xcc (bsc#1239934).\n- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).\n- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).\n- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).\n- crypto: qat - set parity error mask for qat_420xx (git-fixes).\n- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).\n- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).\n- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).\n- crypto: qat - validate slices count returned by FW (jsc#PED-12416).\n- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).\n- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git-fixes).\n- cxl/core/regs.c: Skip Memory Space Enable check for RCD and RCH Ports (bsc#1242125).\n- devlink: fix port new reply cmd type (git-fixes).\n- dlm: prevent NPD when writing a positive value to event_done (git-fixes).\n- dm array: fix cursor index when skipping across block boundaries (git-fixes).\n- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).\n- dm init: Handle minors larger than 255 (git-fixes).\n- dm integrity: fix out-of-range warning (git-fixes).\n- dm persistent data: fix memory allocation failure (git-fixes).\n- dm resume: do not return EINVAL when signalled (git-fixes).\n- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).\n- dm thin: Add missing destroy_work_on_stack() (git-fixes).\n- dm-bufio: do not schedule in atomic context (git-fixes).\n- dm-crypt: do not update io-\u003esector after kcryptd_crypt_write_io_submit() (git-fixes).\n- dm-crypt: track tag_offset in convert_context (git-fixes).\n- dm-delay: fix hung task introduced by kthread mode (git-fixes).\n- dm-delay: fix max_delay calculations (git-fixes).\n- dm-delay: fix workqueue delay_timer race (git-fixes).\n- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).\n- dm-ebs: fix prefetch-vs-suspend race (git-fixes).\n- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).\n- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).\n- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).\n- dm-integrity: fix a warning on invalid table line (git-fixes).\n- dm-integrity: set ti-\u003eerror on memory allocation failure (git-fixes).\n- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).\n- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).\n- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes). mwilck: some hand editing because d95e2c34a3ca (\u0027dm verity: Fix IO priority lost when reading FEC and hash\u0027) is missing\n- dm-verity: fix prefetch-vs-suspend race (git-fixes).\n- dm: Fix typo in error message (git-fixes).\n- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).\n- dm: always update the array size in realloc_argv on success (git-fixes).\n- dm: fix copying after src array boundaries (git-fixes).\n- dma-buf/sw_sync: Decrement refcount on error in sw_sync_ioctl_get_deadline() (git-fixes).\n- dma-buf: insert memory barrier before updating num_fences (git-fixes).\n- dmaengine: Revert \u0027dmaengine: dmatest: Fix dmatest waiting less when interrupted\u0027 (git-fixes).\n- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).\n- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).\n- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).\n- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).\n- dmaengine: idxd: Fix -\u003epoll() return value (git-fixes).\n- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).\n- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).\n- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).\n- dmaengine: mediatek: drop unused variable (git-fixes).\n- dmaengine: ti: k3-udma: Add missing locking (git-fixes).\n- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).\n- docs: perf: Fix build warning of hisi-pcie-pmu.rst (bsc#1237704 bsc#1241095)\n- docs: perf: Fix build warning of hisi-pcie-pmu.rst (bsc#1237704)\n- docs: perf: Update usage for target filter of hisi-pcie-pmu (bsc#1237704 bsc#1241095)\n- docs: perf: Update usage for target filter of hisi-pcie-pmu (bsc#1237704)\n- docs: thermal: sync hardware protection doc with code (git-fixes).\n- driver core: Remove needless return in void API device_remove_group() (git-fixes).\n- drivers/perf: hisi_pcie: Add more events for counting TLP bandwidth (bsc#1237704 bsc#1241095)\n- drivers/perf: hisi_pcie: Add more events for counting TLP bandwidth (bsc#1237704)\n- drivers/perf: hisi_pcie: Check the target filter properly (bsc#1237704 bsc#1241095)\n- drivers/perf: hisi_pcie: Check the target filter properly (bsc#1237704)\n- drivers/perf: hisi_pcie: Fix incorrect counting under metric mode (bsc#1237704 bsc#1241095)\n- drivers/perf: hisi_pcie: Fix incorrect counting under metric mode (bsc#1237704)\n- drivers/perf: hisi_pcie: Introduce hisi_pcie_pmu_get_event_ctrl_val() (bsc#1237704 bsc#1241095)\n- drivers/perf: hisi_pcie: Introduce hisi_pcie_pmu_get_event_ctrl_val() (bsc#1237704)\n- drivers/perf: hisi_pcie: Merge find_related_event() and (bsc#1237704 bsc#1241095)\n- drivers/perf: hisi_pcie: Merge find_related_event() and (bsc#1237704)\n- drivers/perf: hisi_pcie: Relax the check on related events (bsc#1237704 bsc#1241095)\n- drivers/perf: hisi_pcie: Relax the check on related events (bsc#1237704)\n- drivers/perf: hisi_pcie: Rename hisi_pcie_pmu_{config,clear}_filter() (bsc#1237704 bsc#1241095)\n- drivers/perf: hisi_pcie: Rename hisi_pcie_pmu_{config,clear}_filter() (bsc#1237704)\n- drivers: base: devres: Allow to release group on device release (stable-fixes).\n- drm/amd/amdkfd: Evict all queues even HWS remove queue failed (stable-fixes).\n- drm/amd/display/dml2: use vzalloc rather than kzalloc (bsc#1241568).\n- drm/amd/display: Actually do immediate vblank disable (git-fixes).\n- drm/amd/display: Add HP Elitebook 645 to the quirk list for eDP on DP1 (stable-fixes).\n- drm/amd/display: Add HP Probook 445 and 465 to the quirk list for eDP on DP1 (stable-fixes).\n- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).\n- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).\n- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).\n- drm/amd/display: Copy AUX read reply data whenever length \u003e 0 (git-fixes).\n- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).\n- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).\n- drm/amd/display: Do not enable Replay and PSR while VRR is on in amdgpu_dm_commit_planes() (git-fixes).\n- drm/amd/display: Do not write DP_MSTM_CTRL after LT (stable-fixes).\n- drm/amd/display: Enable urgent latency adjustment on DCN35 (stable-fixes).\n- drm/amd/display: Exit idle optimizations before accessing PHY (git-fixes).\n- drm/amd/display: Fix gpu reset in multidisplay config (git-fixes).\n- drm/amd/display: Fix invalid context error in dml helper (git-fixes).\n- drm/amd/display: Fix message for support_edp0_on_dp1 (git-fixes).\n- drm/amd/display: Fix out-of-bound accesses (stable-fixes).\n- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).\n- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).\n- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).\n- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).\n- drm/amd/display: Force full update in gpu reset (stable-fixes).\n- drm/amd/display: Increase vblank offdelay for PSR panels (git-fixes).\n- drm/amd/display: Protect FPU in dml21_copy() (git-fixes).\n- drm/amd/display: Protect FPU in dml2_init()/dml21_init() (git-fixes).\n- drm/amd/display: Protect FPU in dml2_validate()/dml21_validate() (git-fixes).\n- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).\n- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).\n- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).\n- drm/amd/display: Temporarily disable hostvm on DCN31 (stable-fixes).\n- drm/amd/display: Update Cursor request mode to the beginning prefetch always (stable-fixes).\n- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).\n- drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes).\n- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).\n- drm/amd/display: fix an indent issue in DML21 (git-fixes).\n- drm/amd/display: fix default brightness (git-fixes).\n- drm/amd/display: fix missing .is_two_pixels_per_container (git-fixes).\n- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).\n- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).\n- drm/amd/display: prevent hang on link training fail (stable-fixes).\n- drm/amd/display: stop DML2 from removing pipes based on planes (stable-fixes).\n- drm/amd/pm/smu11: Prevent division by zero (git-fixes).\n- drm/amd/pm: Prevent division by zero (git-fixes).\n- drm/amd/pm: add unique_id for gfx12 (stable-fixes).\n- drm/amd/pm: always allow ih interrupt from fw (stable-fixes).\n- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).\n- drm/amd: Handle being compiled without SI or CIK support better (stable-fixes).\n- drm/amd: Keep display off while going into S4 (stable-fixes).\n- drm/amdgpu/display: Allow DCC for video formats on GFX12 (stable-fixes).\n- drm/amdgpu/dma_buf: fix page_link check (git-fixes).\n- drm/amdgpu/gfx11: fix num_mec (git-fixes).\n- drm/amdgpu/gfx12: correct cleanup of \u0027me\u0027 field with gfx_v12_0_me_fini() (git-fixes).\n- drm/amdgpu/gfx12: fix num_mec (git-fixes).\n- drm/amdgpu/hdp4: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu/hdp5: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu/hdp6: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu/hdp7: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu/mes11: optimize MES pipe FW version fetching (git-fixes).\n- drm/amdgpu/mes12: optimize MES pipe FW version fetching (git-fixes).\n- drm/amdgpu/pm: Handle SCLK offset correctly in overdrive for smu 14.0.2 (stable-fixes).\n- drm/amdgpu/pm: wire up hwmon fan speed for smu 14.0.2 (stable-fixes).\n- drm/amdgpu/umsch: declare umsch firmware (git-fixes).\n- drm/amdgpu/umsch: fix ucode check (git-fixes).\n- drm/amdgpu/vcn: using separate VCN1_AON_SOC offset (stable-fixes).\n- drm/amdgpu: Add back JPEG to video caps for carrizo and newer (git-fixes).\n- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).\n- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).\n- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).\n- drm/amdgpu: Fix offset for HDP remap in nbio v7.11 (stable-fixes).\n- drm/amdgpu: Increase KIQ invalidate_tlbs timeout (stable-fixes).\n- drm/amdgpu: NULL-check BO\u0027s backing store when determining GFX12 PTE flags (git-fixes).\n- drm/amdgpu: Prefer shadow rom when available (git-fixes).\n- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).\n- drm/amdgpu: Remove JPEG from vega and carrizo video caps (stable-fixes).\n- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).\n- drm/amdgpu: Restore uncached behaviour on GFX12 (stable-fixes).\n- drm/amdgpu: Unlocked unmap only clear page table leaves (stable-fixes).\n- drm/amdgpu: Use the right function for hdp flush (stable-fixes).\n- drm/amdgpu: fix pm notifier handling (git-fixes).\n- drm/amdgpu: fix warning of drm_mm_clean (git-fixes).\n- drm/amdgpu: grab an additional reference on the gang fence v2 (stable-fixes).\n- drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes).\n- drm/amdgpu: immediately use GTT for new allocations (git-fixes).\n- drm/amdgpu: refine smu send msg debug log format (git-fixes).\n- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).\n- drm/amdgpu: use a dummy owner for sysfs triggered cleaner shaders v4 (stable-fixes).\n- drm/amdkfd: Fix Circular Locking Dependency in \u0027svm_range_cpu_invalidate_pagetables\u0027 (git-fixes).\n- drm/amdkfd: Fix mode1 reset crash issue (stable-fixes).\n- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes).\n- drm/amdkfd: Fix user queue validation on Gfx7/8 (git-fixes).\n- drm/amdkfd: clamp queue size to minimum (stable-fixes).\n- drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes).\n- drm/ast: Fix ast_dp connection status (git-fixes).\n- drm/atomic: Filter out redundant DPMS calls (stable-fixes).\n- drm/bridge: Fix spelling mistake \u0027gettin\u0027 -\u003e \u0027getting\u0027 (git-fixes).\n- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).\n- drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes).\n- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).\n- drm/debugfs: fix printk format for bridge index (stable-fixes).\n- drm/dp_mst: Add a helper to queue a topology probe (stable-fixes).\n- drm/dp_mst: Factor out function to queue a topology probe work (stable-fixes).\n- drm/dp_mst: Fix drm RAD print (git-fixes).\n- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).\n- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).\n- drm/fdinfo: Protect against driver unbind (git-fixes).\n- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).\n- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).\n- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).\n- drm/i915/color: Extract intel_color_modeset() (stable-fixes).\n- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).\n- drm/i915/dg2: wait for HuC load completion before running selftests (stable-fixes).\n- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL\u0027s own port width macro (git-fixes).\n- drm/i915/dsi: convert to struct intel_display (stable-fixes).\n- drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes).\n- drm/i915/huc: Fix fence not released on early probe errors (git-fixes).\n- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions\u0027 (git-fixes).\n- drm/i915/vrr: Add vrr.vsync_{start, end} in vrr_params_changed (git-fixes).\n- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).\n- drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes).\n- drm/i915: Disable RPG during live selftest (git-fixes).\n- drm/i915: Increase I915_PARAM_MMAP_GTT_VERSION version to indicate support for partial mmaps (git-fixes).\n- drm/i915: Plumb \u0027dsb\u0027 all way to the plane hooks (stable-fixes).\n- drm/imagination: fix firmware memory leaks (git-fixes).\n- drm/imagination: take paired job reference (git-fixes).\n- drm/mediatek: Fix config_updating flag never false when no mbox channel (git-fixes).\n- drm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr (git-fixes).\n- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).\n- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable-fixes).\n- drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable-fixes).\n- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).\n- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).\n- drm/mgag200: Fix value in \u0026lt;VBLKSTR\u003e register (git-fixes).\n- drm/mipi-dbi: Fix blanking for non-16 bit formats (git-fixes).\n- drm/msm/a6xx+: Do not let IB_SIZE overflow (git-fixes).\n- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).\n- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).\n- drm/msm/dpu: do not set crtc_state-\u003emode_changed from atomic_check() (git-fixes).\n- drm/msm/dpu: do not use active in atomic_check() (git-fixes).\n- drm/msm/dsi/phy: Program clock inverters in correct register (git-fixes).\n- drm/msm/dsi: Add check for devm_kstrdup() (git-fixes).\n- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).\n- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).\n- drm/nouveau: Do not override forced connector status (stable-fixes).\n- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).\n- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).\n- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).\n- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).\n- drm/panic: fix overindented list items in documentation (git-fixes).\n- drm/panic: use `div_ceil` to clean Clippy warning (git-fixes).\n- drm/panthor: Update CS_STATUS_ defines to correct values (git-fixes).\n- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).\n- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).\n- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).\n- drm/repaper: fix integer overflows in repeat functions (git-fixes).\n- drm/sched: Fix fence reference count leak (git-fixes).\n- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).\n- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).\n- drm/ssd130x: fix ssd132x encoding (git-fixes).\n- drm/sti: remove duplicate object names (git-fixes).\n- drm/tests: Add helper to create mock crtc (stable-fixes).\n- drm/tests: Add helper to create mock plane (stable-fixes).\n- drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git-fixes).\n- drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes).\n- drm/tests: hdmi: Remove redundant assignments (stable-fixes).\n- drm/tests: helpers: Add atomic helpers (stable-fixes).\n- drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable-fixes).\n- drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes).\n- drm/tests: helpers: Fix compiler warning (git-fixes).\n- drm/tests: modes: Fix drm_display_mode memory leak (git-fixes).\n- drm/tests: modeset: Fix drm_display_mode memory leak (git-fixes).\n- drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes).\n- drm/tests: shmem: Fix memleak (git-fixes).\n- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).\n- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).\n- drm/vkms: Fix use after free and double free on init error (git-fixes).\n- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).\n- drm/vmwgfx: Use VMware hypercall API (jsc#PED-11518).\n- drm/xe/dma_buf: stop relying on placement in unmap (git-fixes).\n- drm/xe/hw_engine: define sysfs_ops on all directories (git-fixes).\n- drm/xe/pm: Temporarily disable D3Cold on BMG (git-fixes).\n- drm/xe/tests/mocs: Hold XE_FORCEWAKE_ALL for LNCF regs (git-fixes).\n- drm/xe/tests/mocs: Update xe_force_wake_get() return handling (stable-fixes).\n- drm/xe/userptr: Fix an incorrect assert (git-fixes).\n- drm/xe/userptr: fix notifier vs folio deadlock (git-fixes).\n- drm/xe/vf: Do not try to trigger a full GT reset if VF (stable-fixes).\n- drm/xe/xe3lpg: Apply Wa_14022293748, Wa_22019794406 (stable-fixes).\n- drm/xe/xelp: Move Wa_16011163337 from tunings to workarounds (stable-fixes).\n- drm/xe: Add page queue multiplier (git-fixes).\n- drm/xe: Fix GT \u0027for each engine\u0027 workarounds (stable-fixes).\n- drm/xe: Fix an out-of-bounds shift when invalidating TLB (git-fixes).\n- drm/xe: Fix exporting xe buffers multiple times (git-fixes).\n- drm/xe: Release guc ids before cancelling work (git-fixes).\n- drm/xe: Remove double pageflip (git-fixes).\n- drm/xe: Save CTX_TIMESTAMP mmio value instead of LRC value (git-fixes).\n- drm/xe: Set LRC addresses before guc load (git-fixes).\n- drm/xe: Use local fence in error path of xe_migrate_clear (git-fixes).\n- drm/xe: remove redundant check in xe_vm_create_ioctl() (git-fixes).\n- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).\n- drm: allow encoder mode_set even when connectors change for crtc (stable-fixes).\n- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes).\n- drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes).\n- drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes).\n- drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes).\n- drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes).\n- drm: panel: jd9365da: fix reset signal polarity in unprepare (git-fixes).\n- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).\n- dummycon: fix default rows/cols (git-fixes).\n- e1000e: change k1 configuration on MTP and later platforms (git-fixes).\n- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).\n- enable IMA (bsc#1240617)\n- eth: bnxt: do not use BNXT_VNIC_NTUPLE unconditionally in queue restart logic (git-fixes).\n- eth: bnxt: fix memory leak in queue reset (git-fixes).\n- eth: bnxt: fix missing ring index trim on error path (git-fixes).\n- eth: bnxt: fix out-of-range access of vnic_info array (git-fixes).\n- ethtool: Fix context creation with no parameters (git-fixes).\n- ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes).\n- ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git-fixes).\n- ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll() (git-fixes).\n- ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes).\n- ethtool: fix setting key and resetting indir at once (git-fixes).\n- ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes).\n- ethtool: netlink: do not return SQI value if link is down (git-fixes).\n- ethtool: ntuple: fix rss + ring_cookie check (git-fixes).\n- ethtool: plca: fix plca enable data type while parsing the value (git-fixes).\n- ethtool: rss: echo the context number back (git-fixes).\n- ethtool: rss: fix hiding unsupported fields in dumps (git-fixes).\n- exfat: do not fallback to buffered write (git-fixes).\n- exfat: drop -\u003ei_size_ondisk (git-fixes).\n- exfat: fix potential wrong error return from get_block (git-fixes).\n- exfat: fix soft lockup in exfat_clear_bitmap (git-fixes).\n- exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes).\n- exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes).\n- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).\n- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).\n- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).\n- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).\n- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).\n- ext4: goto right label \u0027out_mmap_sem\u0027 in ext4_setattr() (bsc#1242556).\n- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).\n- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).\n- ext4: protect ext4_release_dquot against freezing (bsc#1242335).\n- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536). Refresh patches.suse/ext4-move-setting-of-trimmed-bit-into-ext4_try_to_tr.patch Refresh patches.suse/ext4-fix-inconsistent-between-segment-fstrim-and-ful.patch\n- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).\n- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538). Refresh: patches.suse/ext4-avoid-online-resizing-failures-due-to-oversized.patch\n- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).\n- fbdev: omapfb: Add \u0027plane\u0027 value check (stable-fixes).\n- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).\n- fbdev: sm501fb: Add some geometry checks (git-fixes).\n- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).\n- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).\n- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).\n- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).\n- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (git-fixes).\n- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).\n- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).\n- fs/jfs: Prevent integer overflow in AG size calculation (git-fixes).\n- fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes).\n- fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250).\n- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528). Refresh patches.suse/dcache-keep-dentry_hashtable-or-d_hash_shift-even-when-not.patch\n- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).\n- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).\n- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).\n- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).\n- gpio: tegra186: fix resource handling in ACPI probe path (git-fixes).\n- gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes).\n- gpu: cdns-mhdp8546: fix call balance of mhdp-\u003eclk handling routines (git-fixes).\n- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).\n- gve: handle overflow when reporting TX consumed descriptors (git-fixes).\n- gve: set xdp redirect target only when it is available (git-fixes).\n- gve: unlink old napi only if page pool exists (git-fixes).\n- gve: unlink old napi when stopping a queue using queue API (git-fixes).\n- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes).\n- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).\n- hv_netvsc: Remove rmsg_pgcnt (git-fixes).\n- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).\n- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable-fixes).\n- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).\n- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).\n- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).\n- i2c: atr: Fix wrong include (git-fixes).\n- i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes).\n- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).\n- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).\n- i2c: omap: fix IRQ storms (git-fixes).\n- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).\n- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).\n- i3c: master: svc: Fix missing the IBI rules (git-fixes).\n- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).\n- ice: Add check for devm_kzalloc() (git-fixes).\n- ice: Avoid setting default Rx VSI twice in switchdev setup (git-fixes).\n- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).\n- ice: Fix switchdev slow-path in LAG (git-fixes).\n- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).\n- ice: do not configure destination override for switchdev (git-fixes).\n- ice: ensure periodic output start time is in the future (git-fixes).\n- ice: fix ice_parser_rt::bst_key array size (git-fixes).\n- ice: fix input validation for virtchnl BW (git-fixes).\n- ice: fix reservation of resources for RDMA when disabled (git-fixes).\n- ice: remove invalid parameter of equalizer (git-fixes).\n- ice: stop truncating queue ids when checking (git-fixes).\n- idpf: Acquire the lock before accessing the xn-\u003esalt (git-fixes).\n- idpf: check error for register_netdev() on init (git-fixes).\n- idpf: fix adapter NULL pointer dereference on reboot (git-fixes).\n- idpf: fix offloads support for encapsulated packets (git-fixes).\n- idpf: fix potential memory leak on kcalloc() failure (git-fixes).\n- idpf: fix transaction timeouts on reset (git-fixes).\n- idpf: protect shutdown from reset (git-fixes).\n- idpf: record rx queue in skb for RSC packets (git-fixes).\n- igb: reject invalid external timestamp requests for 82580-based HW (git-fixes).\n- igc: add lock preventing multiple simultaneous PTM transactions (git-fixes).\n- igc: cleanup PTP module if probe fails (git-fixes).\n- igc: fix PTM cycle trigger logic (git-fixes).\n- igc: fix lock order in igc_ptp_reset (git-fixes).\n- igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes).\n- igc: increase wait time before retrying PTM (git-fixes).\n- igc: move ktime snapshot into PTM retry loop (git-fixes).\n- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).\n- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).\n- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).\n- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).\n- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).\n- iio: adc: ad7606: fix serial register access (git-fixes).\n- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).\n- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).\n- iio: adis16201: Correct inclinometer channel resolution (git-fixes).\n- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).\n- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).\n- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).\n- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).\n- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).\n- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).\n- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).\n- init: add initramfs_internal.h (bsc#1232848).\n- initramfs: allocate heap buffers together (bsc#1232848).\n- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).\n- input/vmmouse: Use VMware hypercall API (jsc#PED-11518).\n- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).\n- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).\n- intel_th: pci: Add Arrow Lake support (stable-fixes).\n- intel_th: pci: Add Panther Lake-H support (stable-fixes).\n- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).\n- io_uring/sqpoll: Increase task_work submission batch size (bsc#1238585).\n- ioam6: improve checks on user data (git-fixes).\n- iommu/arm-smmu-v3: Fix pgsize_bit for sva domains (bsc#1243341)\n- iommu/vt-d: Assign owner to the static identity domain (bsc#1241193).\n- iommu/vt-d: Fix suspicious RCU usage (git-fixes).\n- iommu/vt-d: Remove device comparison in context_setup_pass_through_cb (git-fixes).\n- iommu: Allow attaching static domains in iommu_attach_device_pasid() (bsc#1241193).\n- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).\n- ipv4/route: avoid unused-but-set-variable warning (git-fixes).\n- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).\n- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).\n- ipv4: Fix incorrect source address in Record Route option (git-fixes).\n- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).\n- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).\n- ipv4: fib: annotate races around nh-\u003enh_saddr_genid and nh-\u003enh_saddr (git-fixes).\n- ipv4: fix source address selection with route leak (git-fixes).\n- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).\n- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).\n- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes).\n- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).\n- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).\n- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).\n- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).\n- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).\n- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).\n- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).\n- ipv6: Align behavior across nexthops during path selection (git-fixes).\n- ipv6: Do not consider link down nexthops in path selection (git-fixes).\n- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).\n- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).\n- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).\n- ipv6: Start path selection from the first nexthop (git-fixes).\n- ipv6: Use RCU in ip6_input() (bsc#1239994).\n- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).\n- ipv6: avoid atomic fragment on GSO packets (git-fixes).\n- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).\n- ipv6: fib: hide unused \u0027pn\u0027 variable (git-fixes).\n- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).\n- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).\n- ipv6: fix potential NULL deref in fib6_add() (git-fixes).\n- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).\n- ipv6: introduce dst_rt6_info() helper (git-fixes).\n- ipv6: ioam: block BH from ioam6_output() (git-fixes).\n- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).\n- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- ipv6: sr: add missing seg6_local_exit (git-fixes).\n- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).\n- ipv6: take care of scope when choosing the src addr (git-fixes).\n- irqchip/davinci: Remove leftover header (git-fixes).\n- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes).\n- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).\n- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).\n- iwlwifi: correct modinfo firmware ucode (bsc#1243020).\n- ixgbe: fix media type detection for E610 device (git-fixes).\n- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).\n- jbd2: fix off-by-one while erasing journal (bsc#1242344).\n- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).\n- jbd2: increase IO priority for writing revoke records (bsc#1242332).\n- jbd2: increase the journal IO\u0027s priority (bsc#1242537).\n- jbd2: remove wrong sb-\u003es_sequence check (bsc#1242343).\n- jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes).\n- jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes).\n- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).\n- jfs: add check read-only before txBeginAnon() call (git-fixes).\n- jfs: add index corruption check to DT_GETPAGE() (git-fixes).\n- jfs: add sanity check for agwidth in dbMount (git-fixes).\n- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).\n- jfs: reject on-disk inodes of an unsupported type (git-fixes).\n- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).\n- jiffies: Define secs_to_jiffies() (bsc#1242993).\n- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)\n- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).\n- kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).\n- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).\n- kABI workaround for hci_core changes (git-fixes).\n- kABI workaround for intel-ish-hid (git-fixes).\n- kABI workaround for l2cap_conn changes (git-fixes).\n- kABI workaround for powercap update (bsc#1241010).\n- kABI workaround for soc_mixer_control changes (git-fixes).\n- kbuild: hdrcheck: fix cross build with clang (git-fixes).\n- kernel-binary: Support livepatch_rt with merged RT branch\n- kernel-obs-qa: Use srchash for dependency as well\n- keys: Fix UAF in key_put() (git-fixes).\n- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes).\n- kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes).\n- kunit: qemu_configs: sparc: use Zilog console (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).\n- lib: 842: Improve error handling in sw842_compress() (git-fixes).\n- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes).\n- libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__default_new() to perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309).\n- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).\n- loop: Add sanity check for read/write_iter (git-fixes).\n- loop: LOOP_SET_FD: send uevents for partitions (git-fixes).\n- loop: aio inherit the ioprio of original request (git-fixes).\n- loop: do not require -\u003ewrite_iter for writable files in loop_configure (git-fixes).\n- loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes).\n- loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes).\n- md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212) Also reenable patches.suse/md-md-bitmap-fix-writing-non-bitmap-pages-ab99.patch\n- md/raid1,raid10: do not ignore IO flags (git-fixes).\n- md/raid10: fix missing discard IO accounting (git-fixes).\n- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).\n- md/raid1: Add check for missing source disk in process_checks() (git-fixes).\n- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).\n- md/raid5: implement pers-\u003ebitmap_sector() (git-fixes).\n- md: add a new callback pers-\u003ebitmap_sector() (git-fixes).\n- md: ensure resync is prioritized over recovery (git-fixes).\n- md: fix mddev uaf while iterating all_mddevs list (git-fixes).\n- md: preserve KABI in struct md_personality v2 (git-fixes). Added to mitigate md-add-a-new-callback-pers-bitmap_sector.patch, which was a git-fix.\n- mdacon: rework dependency list (git-fixes).\n- media: chips-media: wave5: Fix a hang after seeking (git-fixes).\n- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).\n- media: i2c: ccs: Set the device\u0027s runtime PM status correctly in probe (git-fixes).\n- media: i2c: ccs: Set the device\u0027s runtime PM status correctly in remove (git-fixes).\n- media: i2c: imx214: Rectify probe error handling related to runtime PM (git-fixes).\n- media: i2c: imx219: Rectify runtime PM handling in probe and remove (git-fixes).\n- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).\n- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).\n- media: intel/ipu6: set the dev_parent of video device to pdev (git-fixes).\n- media: omap3isp: Handle ARM dma_iommu_mapping (git-fixes).\n- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).\n- media: platform: stm32: Add check for clk_enable() (git-fixes).\n- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).\n- media: streamzap: fix race between device disconnection and urb callback (git-fixes).\n- media: streamzap: prevent processing IR data on URB failure (git-fixes).\n- media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes).\n- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).\n- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).\n- media: venus: hfi: add check to handle incorrect queue size (git-fixes).\n- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).\n- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).\n- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).\n- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).\n- media: vim2m: print device name after registering device (git-fixes).\n- media: visl: Fix ERANGE error when setting enum controls (git-fixes).\n- mei: me: add panther lake H DID (stable-fixes).\n- mei: me: add panther lake P DID (stable-fixes).\n- mei: vsc: Fix fortify-panic caused by invalid counted_by() use (git-fixes).\n- memblock tests: fix warning: \u0027__ALIGN_KERNEL\u0027 redefined (git-fixes). Fix tools/ build breakage introduced by suse commit 3d6cb93162fd \u0027bitmap: introduce generic optimized bitmap_size() (git-fixes)\u0027\n- memcg: initiate deprecation of oom_control (jsc#PED-12405).\n- memcg: initiate deprecation of pressure_level (jsc#PED-12405).\n- memcg: initiate deprecation of v1 soft limit (jsc#PED-12405).\n- memcg: initiate deprecation of v1 tcp accounting (jsc#PED-12405).\n- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).\n- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).\n- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).\n- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).\n- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).\n- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).\n- mfd: syscon: Remove extern from function prototypes (stable-fixes).\n- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).\n- misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes).\n- misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes).\n- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).\n- mm/readahead: fix large folio support in async readahead (bsc#1242321).\n- mm: Add transformation message for per-memcg swappiness (jsc#PED-12405).\n- mm: Fix a build breakage in memcontrol.c (jsc#PED-12405).\n- mm: accept to promo watermark (bsc#1239600).\n- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).\n- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).\n- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).\n- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).\n- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).\n- mm: memcontrol: clarify swapaccount=0 deprecation warning (jsc#PED-12405).\n- mm: zswap: move allocations during CPU init outside the lock (git-fixes).\n- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).\n- mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable-fixes).\n- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).\n- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes).\n- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).\n- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).\n- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).\n- mptcp: fix rcv buffer auto-tuning (bsc#1220419 bsc#1222656 bsc#1236394).\n- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).\n- mptcp: refine opt_mp_capable determination (git-fixes).\n- mptcp: relax check on MPC passive fallback (git-fixes).\n- mptcp: strict validation before using mp_opt-\u003ehmac (git-fixes).\n- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).\n- mtd: Add check for devm_kcalloc() (git-fixes).\n- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).\n- mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes).\n- mtd: nand: Fix a kdoc comment (git-fixes).\n- mtd: phram: Add the kernel lock down check (bsc#1232649).\n- mtd: rawnand: Add status chack in r852_ready() (git-fixes).\n- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).\n- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).\n- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).\n- neighbour: delete redundant judgment statements (git-fixes).\n- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).\n- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).\n- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).\n- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).\n- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).\n- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).\n- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).\n- net/mlx5: Fill out devlink dev info only for PFs (git-fixes).\n- net/mlx5: Fix incorrect IRQ pool usage when releasing IRQs (git-fixes).\n- net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table() (git-fixes).\n- net/mlx5: HWS, Rightsize bwc matcher priority (git-fixes).\n- net/mlx5: IRQ, Fix null string in debug print (git-fixes).\n- net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git-fixes).\n- net/mlx5: Move ttc allocation after switch case to prevent leaks (git-fixes).\n- net/mlx5: Restore missing trace event when enabling vport QoS (git-fixes).\n- net/mlx5: Start health poll after enable hca (git-fixes).\n- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).\n- net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes).\n- net/mlx5e: Fix lock order in mlx5e_tx_reporter_ptpsq_unhealthy_recover (git-fixes).\n- net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes).\n- net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes).\n- net/mlx5e: TC, Continue the attr process even if encap entry is invalid (git-fixes).\n- net/mlx5e: Use custom tunnel header for vxlan gbp (git-fixes).\n- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).\n- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).\n- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).\n- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).\n- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).\n- net/sched: flower: Add lock protection when remove filter handle (git-fixes).\n- net/sched: taprio: make q-\u003epicos_per_byte available to fill_sched_entry() (git-fixes).\n- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).\n- net/smc: Introduce IPPROTO_SMC (jsc#PED-10299).\n- net/smc: do not leave a dangling sk pointer in __smc_create() (jsc#PED-10299).\n- net/smc: expose smc proto operations (jsc#PED-10299).\n- net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC (jsc#PED-10299).\n- net/smc: prevent UAF in inet_create() (jsc#PED-10299).\n- net/smc: refactoring initialization of smc sock (jsc#PED-10299).\n- net/tcp: refactor tcp_inet6_sk() (git-fixes).\n- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).\n- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).\n- net: Handle napi_schedule() calls from non-interrupt (git-fixes).\n- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).\n- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).\n- net: add dev_net_rcu() helper (bsc#1239994).\n- net: annotate data-races around sk-\u003esk_dst_pending_confirm (git-fixes).\n- net: annotate data-races around sk-\u003esk_tx_queue_mapping (git-fixes).\n- net: blackhole_dev: fix build warning for ethh set but not used (git-fixes).\n- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).\n- net: do not dump stack on queue timeout (git-fixes).\n- net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes).\n- net: ethtool: Fix RSS setting (git-fixes).\n- net: free_netdev: exit earlier if dummy (bsc#1243215).\n- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).\n- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).\n- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).\n- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).\n- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).\n- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).\n- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).\n- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).\n- net: ipv6: ioam6: code alignment (git-fixes).\n- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).\n- net: ipv6: ioam6: new feature tunsrc (git-fixes).\n- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).\n- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).\n- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).\n- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).\n- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).\n- net: mana: Allow variable size indirection table (bsc#1239016).\n- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).\n- net: mana: Avoid open coded arithmetic (bsc#1239016).\n- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Support holes in device list reply msg (git-fixes).\n- net: mana: Switch to page pool for jumbo frames (git-fixes).\n- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).\n- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).\n- net: mark racy access on sk-\u003esk_rcvbuf (git-fixes).\n- net: phy: leds: fix memory leak (git-fixes).\n- net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes).\n- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).\n- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).\n- net: sctp: fix skb leak in sctp_inq_free() (git-fixes).\n- net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes).\n- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).\n- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).\n- net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes).\n- net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes).\n- net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes).\n- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).\n- net: use unrcu_pointer() helper (git-fixes).\n- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).\n- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).\n- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).\n- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).\n- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).\n- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).\n- net_sched: sch_sfq: annotate data-races around q-\u003eperturb_period (git-fixes).\n- net_sched: sch_sfq: handle bigger packets (git-fixes).\n- netdev-genl: avoid empty messages in queue dump (git-fixes).\n- netdev: fix repeated netlink messages in queue dump (git-fixes).\n- netlink: annotate data-races around sk-\u003esk_err (git-fixes).\n- netlink: specs: rt-link: add an attr layer around alt-ifname (git-fixes).\n- netlink: specs: rt-link: adjust mctp attribute naming (git-fixes).\n- netlink: specs: rtnetlink: attribute naming corrections (git-fixes).\n- netlink: specs: tc: all actions are indexed arrays (git-fixes).\n- netlink: specs: tc: fix a couple of attribute names (git-fixes).\n- netpoll: Ensure clean state on setup failures (git-fixes).\n- netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes).\n- nfs: add missing selections of CONFIG_CRC32 (git-fixes).\n- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).\n- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).\n- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).\n- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).\n- nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes).\n- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).\n- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).\n- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).\n- ntb: Force physically contiguous allocation of rx ring buffers (git-fixes).\n- ntb: intel: Fix using link status DB\u0027s (git-fixes).\n- ntb: reduce stack usage in idt_scan_mws (stable-fixes).\n- ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes).\n- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).\n- ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes).\n- ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes).\n- ntb_perf: Fix printk format (git-fixes).\n- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).\n- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).\n- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).\n- nvme-ioctl: fix leaked requests on mapping error (git-fixes).\n- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).\n- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).\n- nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes).\n- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).\n- nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes).\n- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).\n- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).\n- nvme-pci: remove stale comment (git-fixes).\n- nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes).\n- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).\n- nvme-tcp: Fix a C2HTermReq error message (git-fixes).\n- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).\n- nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes).\n- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).\n- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).\n- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).\n- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).\n- nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git-fixes).\n- nvme: Add \u0027partial_nid\u0027 quirk (bsc#1241148).\n- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).\n- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).\n- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).\n- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).\n- nvme: move passthrough logging attribute to head (git-fixes).\n- nvme: multipath: fix return value of nvme_available_path (git-fixes).\n- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).\n- nvme: re-read ANA log page after ns scan completes (git-fixes).\n- nvme: requeue namespace scan on missed AENs (git-fixes).\n- nvme: unblock ctrl state transition for firmware update (git-fixes).\n- nvmet-fc: Remove unused functions (git-fixes).\n- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).\n- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).\n- nvmet-fc: put ref when assoc-\u003edel_work is already scheduled (git-fixes).\n- nvmet-fc: take tgtport reference only once (git-fixes).\n- nvmet-fc: update tgtport ref per assoc (git-fixes).\n- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).\n- nvmet-fcloop: add ref counting to lport (git-fixes).\n- nvmet-fcloop: replace kref with refcount (git-fixes).\n- nvmet-fcloop: swap list_add_tail arguments (git-fixes).\n- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).\n- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).\n- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).\n- nvmet: remove old function prototype (git-fixes).\n- objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git-fixes).\n- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).\n- objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes).\n- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).\n- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).\n- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).\n- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).\n- ocfs2: handle a symlink read error correctly (git-fixes).\n- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).\n- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).\n- octeontx2-pf: Do not reallocate all ntuple filters (git-fixes).\n- octeontx2-pf: Fix ethtool support for SDP representors (git-fixes).\n- octeontx2-pf: handle otx2_mbox_get_rsp errors (git-fixes).\n- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).\n- padata: do not leak refcount in reorder_work (git-fixes).\n- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).\n- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).\n- perf tools: annotate asm_pure_loop.S (bsc#1239906).\n- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).\n- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)\n- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)\n- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)\n- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)\n- phy: Fix error handling in tegra_xusb_port_init (git-fixes).\n- phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).\n- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).\n- phy: tegra: xusb: remove a stray unlock (git-fixes).\n- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).\n- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).\n- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).\n- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).\n- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).\n- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).\n- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).\n- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).\n- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).\n- platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes).\n- platform/x86/intel/ifs: Add Clearwater Forest to CPU support list (jsc#PED-10213).\n- platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes).\n- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).\n- platform/x86: ISST: Correct command storage data length (git-fixes).\n- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).\n- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).\n- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).\n- platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes).\n- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).\n- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).\n- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).\n- pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes).\n- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).\n- powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes).\n- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).\n- powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010).\n- powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010).\n- powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes).\n- powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes).\n- powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes).\n- powerpc/boot: Check for ld-option support (bsc#1215199).\n- powerpc/boot: Fix dash warning (bsc#1215199).\n- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).\n- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).\n- powerpc/pseries/iommu: Fix kmemleak in TCE table userspace view (jsc#PED-10539 git-fixes).\n- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).\n- powerpc: Do not use --- in kernel logs (git-fixes).\n- powerpc: Stop using no_llseek (bsc#1239573).\n- ptp/vmware: Use VMware hypercall API (jsc#PED-11518).\n- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes).\n- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes).\n- pwm: rcar: Improve register calculation (git-fixes).\n- qibfs: fix _another_ leak (git-fixes)\n- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)\n- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)\n- rcu: Break rcu_node_0 --\u003e \u0026rq-\u003e__lock order (git-fixes)\n- rcu: Introduce rcu_cpu_online() (git-fixes)\n- regulator: check that dummy regulator has been probed before using it (stable-fixes).\n- regulator: core: Fix deadlock in create_regulator() (git-fixes).\n- regulator: dummy: force synchronous probing (git-fixes).\n- regulator: max20086: fix invalid memory access (git-fixes).\n- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).\n- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN\n- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN Both spellings are actually used\n- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).\n- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986).\n- rpm/kernel-binary.spec.in: Use OrderWithRequires (boo#1228659 boo#1241038). \n- rpm/package-descriptions: Add rt and rt_debug descriptions\n- rpm/release-projects: Update the ALP projects again (bsc#1231293).\n- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).\n- rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013).\n- s390/ap: Fix CCA crypto card behavior within protected execution environment (git-fixes bsc#1243817 LTC#213623).\n- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).\n- s390/cio: Fix CHPID \u0027configure\u0027 attribute caching (git-fixes bsc#1240979).\n- s390/cpumf: Update CPU Measurement facility extended counter set support (bsc#1243115).\n- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes).\n- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978).\n- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).\n- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).\n- s390: Add z17 elf platform (bsc#1243116).\n- sched/fair: Fix CPU bandwidth limit bypass during CPU hotplug (BSC#1241319).\n- sched/fair: Fix CPU bandwidth limit bypass during CPU hotplug (bsc#1241319).\n- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)\n- sched/topology: Refinement to topology_span_sane speedup (bsc#1242119).\n- sched/topology: improve topology_span_sane speed (bsc#1242119).\n- sched: Add deprecation warning for users of RT_GROUP_SCHED (jsc#PED-11761 jsc#PED-12405).\n- scsi: Improve CDL control (git-fixes).\n- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).\n- scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes).\n- scsi: fnic: Fix indentation and remove unnecessary parenthesis (git-fixes).\n- scsi: fnic: Remove unnecessary debug print (git-fixes).\n- scsi: fnic: Remove unnecessary spinlock locking and unlocking (git-fixes).\n- scsi: fnic: Replace fnic-\u003elock_flags with local flags (git-fixes).\n- scsi: fnic: Replace use of sizeof with standard usage (git-fixes).\n- scsi: hisi_sas: Check whether debugfs is enabled before removing or (bsc#1237546 bsc#1241095)\n- scsi: hisi_sas: Check whether debugfs is enabled before removing or (bsc#1237546)\n- scsi: hisi_sas: Enable force phy when SATA disk directly connected (git-fixes).\n- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).\n- scsi: hisi_sas: Remove hisi_hba-\u003etimer for v3 hw (bsc#1237545 bsc#1241095)\n- scsi: hisi_sas: Remove hisi_hba-\u003etimer for v3 hw (bsc#1237545)\n- scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes).\n- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).\n- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).\n- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).\n- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).\n- scsi: lpfc: Fix spelling mistake \u0027Toplogy\u0027 -\u003e \u0027Topology\u0027 (bsc#1242993).\n- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).\n- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).\n- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).\n- scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp-\u003enlp_flag (git-fixes).\n- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).\n- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).\n- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (bsc#1241388 jsc#PED-11258).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).\n- scsi: megaraid_sas: Driver version update to 07.734.00.00-rc1 (bsc#1241388 jsc#PED-11258).\n- scsi: megaraid_sas: Make most module parameters static (bsc#1241388 jsc#PED-11258).\n- scsi: mpi3mr: Add level check to control event logging (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Avoid reply queue full condition (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Check admin reply queue from Watchdog (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Fix locking in an error path (git-fixes).\n- scsi: mpi3mr: Fix pending I/O counter (git-fixes).\n- scsi: mpi3mr: Fix spelling mistake \u0027skiping\u0027 -\u003e \u0027skipping\u0027 (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Handling of fault code for insufficient power (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Reset the pending interrupt flag (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Support for Segmented Hardware Trace buffer (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Synchronize access to ioctl data buffer (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Task Abort EH Support (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Update MPI Headers to revision 35 (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Update driver version to 8.12.0.3.50 (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Update driver version to 8.12.1.0.50 (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Update driver version to 8.13.0.5.50 (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Update timestamp only for supervisor IOCs (bsc#1241388 jsc#PED-12372).\n- scsi: mpt3sas: Add details to EEDPTagMode error message (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Add support for MCTP Passthrough commands (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Fix a locking bug in an error path (git-fixes).\n- scsi: mpt3sas: Fix buffer overflow in mpt3sas_send_mctp_passthru_req() (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Fix spelling mistake \u0027receveid\u0027 -\u003e \u0027received\u0027 (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes).\n- scsi: mpt3sas: Remove unused config functions (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Report driver capability as part of IOCINFO command (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Send a diag reset if target reset fails (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Update MPI headers to 02.00.62 version (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: update driver version to 52.100.00.00 (bsc#1241388 jsc#PED-11253).\n- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).\n- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).\n- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).\n- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).\n- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).\n- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).\n- scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes).\n- scsi: smartpqi: Use is_kdump_kernel() to check for kdump (git-fixes).\n- sctp: Fix undefined behavior in left shift operation (git-fixes).\n- sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes).\n- sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).\n- sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes).\n- sctp: fix association labeling in the duplicate COOKIE-ECHO case (git-fixes).\n- sctp: fix busy polling (git-fixes).\n- sctp: prefer struct_size over open coded arithmetic (git-fixes).\n- sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes).\n- security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375).\n- selftests/bpf: Add a few tests to cover (git-fixes).\n- selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes).\n- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).\n- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).\n- selftests/bpf: test for changing packet data from global functions (bsc#1241590).\n- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).\n- selftests/futex: futex_waitv wouldblock test should fail (git-fixes).\n- selftests/mm/cow: fix the incorrect error handling (git-fixes).\n- selftests/mm: fix incorrect buffer-\u003emirror size in hmm2 double_map test (bsc#1242203).\n- selftests/mm: generate a temporary mountpoint for cgroup filesystem (git-fixes).\n- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).\n- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).\n- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).\n- selinux: Implement mptcp_add_subflow hook (bsc#1240375).\n- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).\n- serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes).\n- serial: msm: Configure correct working mode before starting earlycon (git-fixes).\n- serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes).\n- series.conf: temporarily disable patches.suse/md-md-bitmap-fix-writing-non-bitmap-pages-ab99.patch (bsc#1238212)\n- smb: client: destroy cfid_put_wq on module exit (git-fixes).\n- smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265).\n- smb: client: fix open_cached_dir retries with \u0027hard\u0027 mount option (bsc#1240616).\n- smc: Fix lockdep false-positive for IPPROTO_SMC (bsc#1241689 jsc#PED-10299).\n- soc: imx8m: Remove global soc_uid (stable-fixes).\n- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).\n- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).\n- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).\n- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).\n- soc: qcom: pdr: Fix the potential deadlock (git-fixes).\n- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).\n- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).\n- soundwire: bus: Fix race on the creation of the IRQ domain (git-fixes).\n- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).\n- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).\n- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).\n- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).\n- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).\n- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).\n- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).\n- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).\n- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).\n- spi: tegra114: Use value to check for invalid delays (git-fixes).\n- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).\n- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).\n- splice: do not checksum AF_UNIX sockets (bsc#1240333).\n- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).\n- sqpoll: increase tw batch size (bsc#1238585).\n- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).\n- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).\n- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).\n- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).\n- string: Add load_unaligned_zeropad() code path to sized_strscpy() (git-fixes).\n- supported.conf: Mark HiSi DMA controller as supported (jsc#PED-12622 bsc#1241095)\n- supported.conf: Mark HiSi PMU drivers as supported (jsc#PED-12622 bsc#1241095)\n- supported.conf: Mark HiSi PMU drivers as supported (jsc#PED-12622)\n- supported.conf: Mark HiSi TRNG v2 as supported (jsc#PED-12622 bsc#1241095)\n- supported.conf: Mark HiSi TRNG v2 as supported (jsc#PED-12622)\n- supported.conf: add now-included qat_420xx (external, intel)\n- tcp: Add memory barrier to tcp_push() (git-fixes).\n- tcp: Adjust clamping window for applications specifying SO_RCVBUF (bsc#1220419 bsc#1222656 bsc#1236394).\n- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).\n- tcp: Annotate data-race around sk-\u003esk_mark in tcp_v4_send_reset (git-fixes).\n- tcp: Defer ts_recent changes until req is owned (git-fixes).\n- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).\n- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).\n- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).\n- tcp: Update window clamping condition (bsc#1220419 bsc#1222656 bsc#1236394).\n- tcp: Update window clamping condition (git-fixes).\n- tcp: add tcp_done_with_error() helper (git-fixes).\n- tcp: adjust rcvq_space after updating scaling ratio (bsc#1220419 bsc#1222656 bsc#1236394).\n- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).\n- tcp: annotate data-races around tp-\u003ewindow_clamp (bsc#1220419 bsc#1222656 bsc#1236394).\n- tcp: annotate data-races around tp-\u003ewindow_clamp (git-fixes).\n- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).\n- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).\n- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).\n- tcp: check space before adding MPTCP SYN options (git-fixes).\n- tcp: clear tp-\u003eretrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).\n- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).\n- tcp: define initial scaling factor value as a macro (bsc#1220419 bsc#1222656 bsc#1236394).\n- tcp: define initial scaling factor value as a macro (git-fixes).\n- tcp: derive delack_max from rto_min (git-fixes).\n- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).\n- tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).\n- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).\n- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).\n- tcp: fix mid stream window clamp (git-fixes).\n- tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes).\n- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).\n- tcp: fix race in tcp_write_err() (git-fixes).\n- tcp: fix races in tcp_abort() (git-fixes).\n- tcp: fix races in tcp_v_err() (git-fixes).\n- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it\u0027s safe (git-fixes).\n- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).\n- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).\n- tcp: get rid of sysctl_tcp_adv_win_scale (bsc#1220419 bsc#1222656 bsc#1236394).\n- tcp: increase the default TCP scaling ratio (bsc#1220419 bsc#1222656 bsc#1236394).\n- tcp: increase the default TCP scaling ratio (git-fixes).\n- tcp: introduce tcp_clock_ms() (git-fixes).\n- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).\n- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).\n- tcp: remove 64 KByte limit for initial tp-\u003ercv_wnd value (git-fixes).\n- tcp: replace tcp_time_stamp_raw() (git-fixes).\n- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).\n- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).\n- thermal/drivers/mediatek/lvts: Disable Stage 3 thermal threshold (git-fixes).\n- thermal/drivers/mediatek/lvts: Disable monitor mode during suspend (git-fixes).\n- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).\n- thermal: int340x: Add NULL check for adev (git-fixes).\n- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).\n- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).\n- tools/hv: update route parsing in kvp daemon (git-fixes).\n- tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175).\n- tools/power turbostat: report CoreThr per measurement interval (git-fixes).\n- tools: move alignment-related macros to new \u0026lt;linux/align.h\u003e (git-fixes).\n- topology: Set capacity_freq_ref in all cases (bsc#1238052)\n- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).\n- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).\n- tpm: do not start chip while suspended (git-fixes).\n- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).\n- tpm: tis: Double the timeout B to 4s (bsc#1235870).\n- tpm_tis: Move CRC check to generic send routine (bsc#1235870).\n- tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870).\n- tty: Require CAP_SYS_ADMIN for all usages of TIOCL_SELMOUSEREPORT (git-fixes).\n- tty: n_tty: use uint for space returned by tty_write_room() (git-fixes).\n- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).\n- tty: serial: 8250: Add some more device IDs (stable-fixes).\n- tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes).\n- tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes).\n- ubi: Add a check for ubi_num (git-fixes).\n- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).\n- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).\n- ubi: correct the calculation of fastmap size (stable-fixes).\n- ubi: eba: properly rollback inside self_check_eba (git-fixes).\n- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).\n- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).\n- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).\n- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).\n- ublk: set_params: properly check if parameters can be applied (git-fixes).\n- ucsi_ccg: Do not show failed to get FW build information error (git-fixes).\n- udf: Fix inode_getblk() return value (bsc#1242313).\n- udf: Skip parent dir link count update if corrupted (bsc#1242315).\n- udf: Verify inode link counts before performing rename (bsc#1242314).\n- usb: cdns3: Fix deadlock when using NCM gadget (git-fixes).\n- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).\n- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git-fixes).\n- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git-fixes).\n- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).\n- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).\n- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).\n- usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes).\n- usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes).\n- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).\n- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).\n- usb: gadget: f_ecm: Add get_status callback (git-fixes).\n- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).\n- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).\n- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).\n- usb: host: xhci-plat: mvebu: use -\u003equirks instead of -\u003einit_quirk() func (stable-fixes).\n- usb: phy: generic: Use proper helper for property detection (stable-fixes).\n- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).\n- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).\n- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).\n- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).\n- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).\n- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).\n- usb: uhci-platform: Make the clock really optional (git-fixes).\n- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).\n- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).\n- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).\n- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).\n- usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running (stable-fixes).\n- usb: xhci: Do not skip on Stopped - Length Invalid (git-fixes).\n- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).\n- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (stable-fixes).\n- usb: xhci: Fix invalid pointer dereference in Etron workaround (git-fixes).\n- usb: xhci: correct debug message page size calculation (git-fixes).\n- usb: xhci: remove \u0027retval\u0027 from xhci_pci_resume() (git-fixes).\n- usbnet:fix NPE during rx_complete (git-fixes).\n- vboxsf: fix building with GCC 15 (stable-fixes).\n- vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes).\n- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).\n- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).\n- video: screen_info: Update framebuffers behind PCI bridges (bsc#1240696).\n- virtchnl: make proto and filter action count unsigned (git-fixes).\n- virtio_console: fix missing byte order handling for cols and rows (git-fixes).\n- vmxnet3: Fix tx queue race condition with XDP (bsc#1241394).\n- vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394).\n- wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes).\n- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).\n- wifi: ath11k: add srng-\u003elock for ath11k_hal_srng_* in monitor mode (git-fixes).\n- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).\n- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).\n- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).\n- wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes).\n- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).\n- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).\n- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).\n- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).\n- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).\n- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes).\n- wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable-fixes).\n- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).\n- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).\n- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).\n- wifi: brcmfmac: keep power during suspend if board requires it (stable-fixes).\n- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).\n- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).\n- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).\n- wifi: iwlwifi: do not warn if the NIC is gone in resume (git-fixes).\n- wifi: iwlwifi: fix the check for the SCRATCH register upon resume (git-fixes).\n- wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes).\n- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).\n- wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes).\n- wifi: iwlwifi: pcie: Fix TSO preparation (git-fixes).\n- wifi: iwlwifi: support BIOS override for 5G9 in CA also in LARI version 8 (stable-fixes).\n- wifi: mac80211, cfg80211: miscellaneous spelling fixes (git-fixes).\n- wifi: mac80211: Cleanup sta TXQs on flush (stable-fixes).\n- wifi: mac80211: Fix sparse warning for monitor_sdata (git-fixes).\n- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes).\n- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).\n- wifi: mac80211: Update skb\u0027s control block key in ieee80211_tx_dequeue() (git-fixes).\n- wifi: mac80211: check basic rates validity in sta_link_apply_parameters (git-fixes).\n- wifi: mac80211: do not queue sdata::work for a non-running sdata (git-fixes).\n- wifi: mac80211: ensure sdata-\u003ework is canceled before initialized (stable-fixes).\n- wifi: mac80211: fix SA Query processing in MLO (stable-fixes).\n- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).\n- wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes).\n- wifi: mac80211: remove debugfs dir for virtual monitor (stable-fixes).\n- wifi: mt76: Add check for devm_kstrdup() (git-fixes).\n- wifi: mt76: disable napi on driver removal (git-fixes).\n- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable-fixes).\n- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).\n- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).\n- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).\n- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).\n- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).\n- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).\n- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).\n- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).\n- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).\n- wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes).\n- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).\n- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).\n- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).\n- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).\n- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).\n- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).\n- x86/bugs: Add RSB mitigation document (git-fixes).\n- x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes).\n- x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes).\n- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).\n- x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes).\n- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).\n- x86/coco: Replace \u0027static const cc_mask\u0027 with the newly introduced cc_get_mask() function (git-fixes).\n- x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes).\n- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).\n- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).\n- x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes).\n- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).\n- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).\n- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).\n- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).\n- x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes).\n- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).\n- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).\n- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).\n- x86/microcode/32: Move early loading after paging enable (git-fixes).\n- x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes).\n- x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes).\n- x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes).\n- x86/microcode/AMD: Split load_microcode_amd() (git-fixes).\n- x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes).\n- x86/microcode/amd: Cache builtin microcode too (git-fixes).\n- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).\n- x86/microcode/amd: Use cached microcode for AP load (git-fixes).\n- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).\n- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).\n- x86/microcode/intel: Cleanup code further (git-fixes).\n- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).\n- x86/microcode/intel: Remove debug code (git-fixes).\n- x86/microcode/intel: Remove pointless mutex (git-fixes).\n- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).\n- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).\n- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).\n- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).\n- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).\n- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).\n- x86/microcode/intel: Set new revision only after a successful update (git-fixes).\n- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).\n- x86/microcode/intel: Simplify early loading (git-fixes).\n- x86/microcode/intel: Simplify scan_microcode() (git-fixes).\n- x86/microcode/intel: Switch to kvmalloc() (git-fixes).\n- x86/microcode/intel: Unify microcode apply() functions (git-fixes).\n- x86/microcode: Add per CPU control field (git-fixes).\n- x86/microcode: Add per CPU result state (git-fixes).\n- x86/microcode: Clarify the late load logic (git-fixes).\n- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).\n- x86/microcode: Get rid of the schedule work indirection (git-fixes).\n- x86/microcode: Handle \u0027nosmt\u0027 correctly (git-fixes).\n- x86/microcode: Handle \u0027offline\u0027 CPUs correctly (git-fixes).\n- x86/microcode: Hide the config knob (git-fixes).\n- x86/microcode: Include vendor headers into microcode.h (git-fixes).\n- x86/microcode: Make reload_early_microcode() static (git-fixes).\n- x86/microcode: Mop up early loading leftovers (git-fixes).\n- x86/microcode: Move core specific defines to local header (git-fixes).\n- x86/microcode: Prepare for minimal revision check (git-fixes).\n- x86/microcode: Protect against instrumentation (git-fixes).\n- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).\n- x86/microcode: Provide new control functions (git-fixes).\n- x86/microcode: Remove microcode_mutex (git-fixes).\n- x86/microcode: Remove pointless apply() invocation (git-fixes).\n- x86/microcode: Remove the driver announcement and version (git-fixes).\n- x86/microcode: Rendezvous and load in NMI (git-fixes).\n- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).\n- x86/microcode: Rework early revisions reporting (git-fixes).\n- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).\n- x86/mm: Remove unused microcode.h include (git-fixes).\n- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).\n- x86/platform/olpc: Remove unused variable \u0027len\u0027 in olpc_dt_compatible_match() (git-fixes).\n- x86/sev: Move sev_setup_arch() to mem_encrypt.c (bsc#1239314).\n- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).\n- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).\n- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).\n- x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes).\n- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()\u0027s description (git-fixes).\n- x86/vmware: Add TDX hypercall support (jsc#PED-11518).\n- x86/vmware: Correct macro names (jsc#PED-11518).\n- x86/vmware: Introduce VMware hypercall API (jsc#PED-11518).\n- x86/vmware: Remove legacy VMWARE_HYPERCALL* macros (jsc#PED-11518).\n- x86/vmware: Use VMware hypercall API (jsc#PED-11518).\n- x86/xen: move xen_reserve_extra_memory() (git-fixes).\n- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).\n- xen: Change xen-acpi-processor dom0 dependency (git-fixes).\n- xenfs/xensyms: respect hypervisor\u0027s \u0027next\u0027 indication (git-fixes).\n- xfs: flush inodegc before swapon (git-fixes).\n- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).\n- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).\n- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).\n- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).\n- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).\n- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).\n- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).\n- xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550).\n- xhci: Limit time spent with xHC interrupts disabled during bus resume (stable-fixes).\n- xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550).\n- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).\n- xhci: dbc: Convert to use sysfs_streq() (git-fixes).\n- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).\n- xhci: dbc: Fix STALL transfer event handling (git-fixes).\n- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).\n- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).\n- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).\n- xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550).\n- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).\n- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).\n- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).\n- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).\n- xhci: pci: Use standard pattern for device IDs (git-fixes).\n- xhci: split free interrupter into separate remove and free parts (git-fixes).\n- xsk: Add truesize to skb_add_rx_frag() (git-fixes).\n- xsk: Do not assume metadata is always requested in TX completion (git-fixes).\n- zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1967,SUSE-SLE-Module-Public-Cloud-15-SP7-2025-1967",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01967-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01967-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501967-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01967-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021533.html"
},
{
"category": "self",
"summary": "SUSE Bug 1207948",
"url": "https://bugzilla.suse.com/1207948"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1220419",
"url": "https://bugzilla.suse.com/1220419"
},
{
"category": "self",
"summary": "SUSE Bug 1222649",
"url": "https://bugzilla.suse.com/1222649"
},
{
"category": "self",
"summary": "SUSE Bug 1222656",
"url": "https://bugzilla.suse.com/1222656"
},
{
"category": "self",
"summary": "SUSE Bug 1223096",
"url": "https://bugzilla.suse.com/1223096"
},
{
"category": "self",
"summary": "SUSE Bug 1223809",
"url": "https://bugzilla.suse.com/1223809"
},
{
"category": "self",
"summary": "SUSE Bug 1224013",
"url": "https://bugzilla.suse.com/1224013"
},
{
"category": "self",
"summary": "SUSE Bug 1224489",
"url": "https://bugzilla.suse.com/1224489"
},
{
"category": "self",
"summary": "SUSE Bug 1224597",
"url": "https://bugzilla.suse.com/1224597"
},
{
"category": "self",
"summary": "SUSE Bug 1224757",
"url": "https://bugzilla.suse.com/1224757"
},
{
"category": "self",
"summary": "SUSE Bug 1225742",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "self",
"summary": "SUSE Bug 1225770",
"url": "https://bugzilla.suse.com/1225770"
},
{
"category": "self",
"summary": "SUSE Bug 1226871",
"url": "https://bugzilla.suse.com/1226871"
},
{
"category": "self",
"summary": "SUSE Bug 1227858",
"url": "https://bugzilla.suse.com/1227858"
},
{
"category": "self",
"summary": "SUSE Bug 1228659",
"url": "https://bugzilla.suse.com/1228659"
},
{
"category": "self",
"summary": "SUSE Bug 1229311",
"url": "https://bugzilla.suse.com/1229311"
},
{
"category": "self",
"summary": "SUSE Bug 1230497",
"url": "https://bugzilla.suse.com/1230497"
},
{
"category": "self",
"summary": "SUSE Bug 1230581",
"url": "https://bugzilla.suse.com/1230581"
},
{
"category": "self",
"summary": "SUSE Bug 1230764",
"url": "https://bugzilla.suse.com/1230764"
},
{
"category": "self",
"summary": "SUSE Bug 1230769",
"url": "https://bugzilla.suse.com/1230769"
},
{
"category": "self",
"summary": "SUSE Bug 1231016",
"url": "https://bugzilla.suse.com/1231016"
},
{
"category": "self",
"summary": "SUSE Bug 1231103",
"url": "https://bugzilla.suse.com/1231103"
},
{
"category": "self",
"summary": "SUSE Bug 1231293",
"url": "https://bugzilla.suse.com/1231293"
},
{
"category": "self",
"summary": "SUSE Bug 1231910",
"url": "https://bugzilla.suse.com/1231910"
},
{
"category": "self",
"summary": "SUSE Bug 1232364",
"url": "https://bugzilla.suse.com/1232364"
},
{
"category": "self",
"summary": "SUSE Bug 1232389",
"url": "https://bugzilla.suse.com/1232389"
},
{
"category": "self",
"summary": "SUSE Bug 1232493",
"url": "https://bugzilla.suse.com/1232493"
},
{
"category": "self",
"summary": "SUSE Bug 1232649",
"url": "https://bugzilla.suse.com/1232649"
},
{
"category": "self",
"summary": "SUSE Bug 1232848",
"url": "https://bugzilla.suse.com/1232848"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1232895",
"url": "https://bugzilla.suse.com/1232895"
},
{
"category": "self",
"summary": "SUSE Bug 1233060",
"url": "https://bugzilla.suse.com/1233060"
},
{
"category": "self",
"summary": "SUSE Bug 1233192",
"url": "https://bugzilla.suse.com/1233192"
},
{
"category": "self",
"summary": "SUSE Bug 1233479",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "self",
"summary": "SUSE Bug 1233551",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "self",
"summary": "SUSE Bug 1233557",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "self",
"summary": "SUSE Bug 1234074",
"url": "https://bugzilla.suse.com/1234074"
},
{
"category": "self",
"summary": "SUSE Bug 1234157",
"url": "https://bugzilla.suse.com/1234157"
},
{
"category": "self",
"summary": "SUSE Bug 1234222",
"url": "https://bugzilla.suse.com/1234222"
},
{
"category": "self",
"summary": "SUSE Bug 1234480",
"url": "https://bugzilla.suse.com/1234480"
},
{
"category": "self",
"summary": "SUSE Bug 1234698",
"url": "https://bugzilla.suse.com/1234698"
},
{
"category": "self",
"summary": "SUSE Bug 1234828",
"url": "https://bugzilla.suse.com/1234828"
},
{
"category": "self",
"summary": "SUSE Bug 1234936",
"url": "https://bugzilla.suse.com/1234936"
},
{
"category": "self",
"summary": "SUSE Bug 1235149",
"url": "https://bugzilla.suse.com/1235149"
},
{
"category": "self",
"summary": "SUSE Bug 1235436",
"url": "https://bugzilla.suse.com/1235436"
},
{
"category": "self",
"summary": "SUSE Bug 1235455",
"url": "https://bugzilla.suse.com/1235455"
},
{
"category": "self",
"summary": "SUSE Bug 1235501",
"url": "https://bugzilla.suse.com/1235501"
},
{
"category": "self",
"summary": "SUSE Bug 1235524",
"url": "https://bugzilla.suse.com/1235524"
},
{
"category": "self",
"summary": "SUSE Bug 1235526",
"url": "https://bugzilla.suse.com/1235526"
},
{
"category": "self",
"summary": "SUSE Bug 1235550",
"url": "https://bugzilla.suse.com/1235550"
},
{
"category": "self",
"summary": "SUSE Bug 1235589",
"url": "https://bugzilla.suse.com/1235589"
},
{
"category": "self",
"summary": "SUSE Bug 1235591",
"url": "https://bugzilla.suse.com/1235591"
},
{
"category": "self",
"summary": "SUSE Bug 1235621",
"url": "https://bugzilla.suse.com/1235621"
},
{
"category": "self",
"summary": "SUSE Bug 1235637",
"url": "https://bugzilla.suse.com/1235637"
},
{
"category": "self",
"summary": "SUSE Bug 1235711",
"url": "https://bugzilla.suse.com/1235711"
},
{
"category": "self",
"summary": "SUSE Bug 1235712",
"url": "https://bugzilla.suse.com/1235712"
},
{
"category": "self",
"summary": "SUSE Bug 1235715",
"url": "https://bugzilla.suse.com/1235715"
},
{
"category": "self",
"summary": "SUSE Bug 1235729",
"url": "https://bugzilla.suse.com/1235729"
},
{
"category": "self",
"summary": "SUSE Bug 1235733",
"url": "https://bugzilla.suse.com/1235733"
},
{
"category": "self",
"summary": "SUSE Bug 1235870",
"url": "https://bugzilla.suse.com/1235870"
},
{
"category": "self",
"summary": "SUSE Bug 1235973",
"url": "https://bugzilla.suse.com/1235973"
},
{
"category": "self",
"summary": "SUSE Bug 1236086",
"url": "https://bugzilla.suse.com/1236086"
},
{
"category": "self",
"summary": "SUSE Bug 1236111",
"url": "https://bugzilla.suse.com/1236111"
},
{
"category": "self",
"summary": "SUSE Bug 1236142",
"url": "https://bugzilla.suse.com/1236142"
},
{
"category": "self",
"summary": "SUSE Bug 1236206",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1236333",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "self",
"summary": "SUSE Bug 1236394",
"url": "https://bugzilla.suse.com/1236394"
},
{
"category": "self",
"summary": "SUSE Bug 1236704",
"url": "https://bugzilla.suse.com/1236704"
},
{
"category": "self",
"summary": "SUSE Bug 1237029",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "self",
"summary": "SUSE Bug 1237111",
"url": "https://bugzilla.suse.com/1237111"
},
{
"category": "self",
"summary": "SUSE Bug 1237164",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1237313",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "self",
"summary": "SUSE Bug 1237530",
"url": "https://bugzilla.suse.com/1237530"
},
{
"category": "self",
"summary": "SUSE Bug 1237545",
"url": "https://bugzilla.suse.com/1237545"
},
{
"category": "self",
"summary": "SUSE Bug 1237546",
"url": "https://bugzilla.suse.com/1237546"
},
{
"category": "self",
"summary": "SUSE Bug 1237704",
"url": "https://bugzilla.suse.com/1237704"
},
{
"category": "self",
"summary": "SUSE Bug 1237757",
"url": "https://bugzilla.suse.com/1237757"
},
{
"category": "self",
"summary": "SUSE Bug 1237874",
"url": "https://bugzilla.suse.com/1237874"
},
{
"category": "self",
"summary": "SUSE Bug 1237875",
"url": "https://bugzilla.suse.com/1237875"
},
{
"category": "self",
"summary": "SUSE Bug 1237882",
"url": "https://bugzilla.suse.com/1237882"
},
{
"category": "self",
"summary": "SUSE Bug 1237885",
"url": "https://bugzilla.suse.com/1237885"
},
{
"category": "self",
"summary": "SUSE Bug 1237897",
"url": "https://bugzilla.suse.com/1237897"
},
{
"category": "self",
"summary": "SUSE Bug 1237906",
"url": "https://bugzilla.suse.com/1237906"
},
{
"category": "self",
"summary": "SUSE Bug 1238052",
"url": "https://bugzilla.suse.com/1238052"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238471",
"url": "https://bugzilla.suse.com/1238471"
},
{
"category": "self",
"summary": "SUSE Bug 1238473",
"url": "https://bugzilla.suse.com/1238473"
},
{
"category": "self",
"summary": "SUSE Bug 1238506",
"url": "https://bugzilla.suse.com/1238506"
},
{
"category": "self",
"summary": "SUSE Bug 1238512",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "self",
"summary": "SUSE Bug 1238527",
"url": "https://bugzilla.suse.com/1238527"
},
{
"category": "self",
"summary": "SUSE Bug 1238528",
"url": "https://bugzilla.suse.com/1238528"
},
{
"category": "self",
"summary": "SUSE Bug 1238532",
"url": "https://bugzilla.suse.com/1238532"
},
{
"category": "self",
"summary": "SUSE Bug 1238565",
"url": "https://bugzilla.suse.com/1238565"
},
{
"category": "self",
"summary": "SUSE Bug 1238585",
"url": "https://bugzilla.suse.com/1238585"
},
{
"category": "self",
"summary": "SUSE Bug 1238714",
"url": "https://bugzilla.suse.com/1238714"
},
{
"category": "self",
"summary": "SUSE Bug 1238716",
"url": "https://bugzilla.suse.com/1238716"
},
{
"category": "self",
"summary": "SUSE Bug 1238737",
"url": "https://bugzilla.suse.com/1238737"
},
{
"category": "self",
"summary": "SUSE Bug 1238738",
"url": "https://bugzilla.suse.com/1238738"
},
{
"category": "self",
"summary": "SUSE Bug 1238742",
"url": "https://bugzilla.suse.com/1238742"
},
{
"category": "self",
"summary": "SUSE Bug 1238743",
"url": "https://bugzilla.suse.com/1238743"
},
{
"category": "self",
"summary": "SUSE Bug 1238745",
"url": "https://bugzilla.suse.com/1238745"
},
{
"category": "self",
"summary": "SUSE Bug 1238746",
"url": "https://bugzilla.suse.com/1238746"
},
{
"category": "self",
"summary": "SUSE Bug 1238754",
"url": "https://bugzilla.suse.com/1238754"
},
{
"category": "self",
"summary": "SUSE Bug 1238763",
"url": "https://bugzilla.suse.com/1238763"
},
{
"category": "self",
"summary": "SUSE Bug 1238774",
"url": "https://bugzilla.suse.com/1238774"
},
{
"category": "self",
"summary": "SUSE Bug 1238775",
"url": "https://bugzilla.suse.com/1238775"
},
{
"category": "self",
"summary": "SUSE Bug 1238780",
"url": "https://bugzilla.suse.com/1238780"
},
{
"category": "self",
"summary": "SUSE Bug 1238782",
"url": "https://bugzilla.suse.com/1238782"
},
{
"category": "self",
"summary": "SUSE Bug 1238862",
"url": "https://bugzilla.suse.com/1238862"
},
{
"category": "self",
"summary": "SUSE Bug 1238866",
"url": "https://bugzilla.suse.com/1238866"
},
{
"category": "self",
"summary": "SUSE Bug 1238911",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "self",
"summary": "SUSE Bug 1238961",
"url": "https://bugzilla.suse.com/1238961"
},
{
"category": "self",
"summary": "SUSE Bug 1238970",
"url": "https://bugzilla.suse.com/1238970"
},
{
"category": "self",
"summary": "SUSE Bug 1238972",
"url": "https://bugzilla.suse.com/1238972"
},
{
"category": "self",
"summary": "SUSE Bug 1238983",
"url": "https://bugzilla.suse.com/1238983"
},
{
"category": "self",
"summary": "SUSE Bug 1238990",
"url": "https://bugzilla.suse.com/1238990"
},
{
"category": "self",
"summary": "SUSE Bug 1238992",
"url": "https://bugzilla.suse.com/1238992"
},
{
"category": "self",
"summary": "SUSE Bug 1238997",
"url": "https://bugzilla.suse.com/1238997"
},
{
"category": "self",
"summary": "SUSE Bug 1239015",
"url": "https://bugzilla.suse.com/1239015"
},
{
"category": "self",
"summary": "SUSE Bug 1239016",
"url": "https://bugzilla.suse.com/1239016"
},
{
"category": "self",
"summary": "SUSE Bug 1239036",
"url": "https://bugzilla.suse.com/1239036"
},
{
"category": "self",
"summary": "SUSE Bug 1239045",
"url": "https://bugzilla.suse.com/1239045"
},
{
"category": "self",
"summary": "SUSE Bug 1239064",
"url": "https://bugzilla.suse.com/1239064"
},
{
"category": "self",
"summary": "SUSE Bug 1239066",
"url": "https://bugzilla.suse.com/1239066"
},
{
"category": "self",
"summary": "SUSE Bug 1239079",
"url": "https://bugzilla.suse.com/1239079"
},
{
"category": "self",
"summary": "SUSE Bug 1239105",
"url": "https://bugzilla.suse.com/1239105"
},
{
"category": "self",
"summary": "SUSE Bug 1239108",
"url": "https://bugzilla.suse.com/1239108"
},
{
"category": "self",
"summary": "SUSE Bug 1239117",
"url": "https://bugzilla.suse.com/1239117"
},
{
"category": "self",
"summary": "SUSE Bug 1239174",
"url": "https://bugzilla.suse.com/1239174"
},
{
"category": "self",
"summary": "SUSE Bug 1239314",
"url": "https://bugzilla.suse.com/1239314"
},
{
"category": "self",
"summary": "SUSE Bug 1239346",
"url": "https://bugzilla.suse.com/1239346"
},
{
"category": "self",
"summary": "SUSE Bug 1239349",
"url": "https://bugzilla.suse.com/1239349"
},
{
"category": "self",
"summary": "SUSE Bug 1239467",
"url": "https://bugzilla.suse.com/1239467"
},
{
"category": "self",
"summary": "SUSE Bug 1239468",
"url": "https://bugzilla.suse.com/1239468"
},
{
"category": "self",
"summary": "SUSE Bug 1239470",
"url": "https://bugzilla.suse.com/1239470"
},
{
"category": "self",
"summary": "SUSE Bug 1239471",
"url": "https://bugzilla.suse.com/1239471"
},
{
"category": "self",
"summary": "SUSE Bug 1239473",
"url": "https://bugzilla.suse.com/1239473"
},
{
"category": "self",
"summary": "SUSE Bug 1239474",
"url": "https://bugzilla.suse.com/1239474"
},
{
"category": "self",
"summary": "SUSE Bug 1239475",
"url": "https://bugzilla.suse.com/1239475"
},
{
"category": "self",
"summary": "SUSE Bug 1239476",
"url": "https://bugzilla.suse.com/1239476"
},
{
"category": "self",
"summary": "SUSE Bug 1239477",
"url": "https://bugzilla.suse.com/1239477"
},
{
"category": "self",
"summary": "SUSE Bug 1239478",
"url": "https://bugzilla.suse.com/1239478"
},
{
"category": "self",
"summary": "SUSE Bug 1239479",
"url": "https://bugzilla.suse.com/1239479"
},
{
"category": "self",
"summary": "SUSE Bug 1239481",
"url": "https://bugzilla.suse.com/1239481"
},
{
"category": "self",
"summary": "SUSE Bug 1239482",
"url": "https://bugzilla.suse.com/1239482"
},
{
"category": "self",
"summary": "SUSE Bug 1239483",
"url": "https://bugzilla.suse.com/1239483"
},
{
"category": "self",
"summary": "SUSE Bug 1239484",
"url": "https://bugzilla.suse.com/1239484"
},
{
"category": "self",
"summary": "SUSE Bug 1239486",
"url": "https://bugzilla.suse.com/1239486"
},
{
"category": "self",
"summary": "SUSE Bug 1239487",
"url": "https://bugzilla.suse.com/1239487"
},
{
"category": "self",
"summary": "SUSE Bug 1239508",
"url": "https://bugzilla.suse.com/1239508"
},
{
"category": "self",
"summary": "SUSE Bug 1239510",
"url": "https://bugzilla.suse.com/1239510"
},
{
"category": "self",
"summary": "SUSE Bug 1239512",
"url": "https://bugzilla.suse.com/1239512"
},
{
"category": "self",
"summary": "SUSE Bug 1239518",
"url": "https://bugzilla.suse.com/1239518"
},
{
"category": "self",
"summary": "SUSE Bug 1239573",
"url": "https://bugzilla.suse.com/1239573"
},
{
"category": "self",
"summary": "SUSE Bug 1239594",
"url": "https://bugzilla.suse.com/1239594"
},
{
"category": "self",
"summary": "SUSE Bug 1239595",
"url": "https://bugzilla.suse.com/1239595"
},
{
"category": "self",
"summary": "SUSE Bug 1239600",
"url": "https://bugzilla.suse.com/1239600"
},
{
"category": "self",
"summary": "SUSE Bug 1239605",
"url": "https://bugzilla.suse.com/1239605"
},
{
"category": "self",
"summary": "SUSE Bug 1239615",
"url": "https://bugzilla.suse.com/1239615"
},
{
"category": "self",
"summary": "SUSE Bug 1239644",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "self",
"summary": "SUSE Bug 1239684",
"url": "https://bugzilla.suse.com/1239684"
},
{
"category": "self",
"summary": "SUSE Bug 1239691",
"url": "https://bugzilla.suse.com/1239691"
},
{
"category": "self",
"summary": "SUSE Bug 1239707",
"url": "https://bugzilla.suse.com/1239707"
},
{
"category": "self",
"summary": "SUSE Bug 1239906",
"url": "https://bugzilla.suse.com/1239906"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1239934",
"url": "https://bugzilla.suse.com/1239934"
},
{
"category": "self",
"summary": "SUSE Bug 1239986",
"url": "https://bugzilla.suse.com/1239986"
},
{
"category": "self",
"summary": "SUSE Bug 1239991",
"url": "https://bugzilla.suse.com/1239991"
},
{
"category": "self",
"summary": "SUSE Bug 1239994",
"url": "https://bugzilla.suse.com/1239994"
},
{
"category": "self",
"summary": "SUSE Bug 1239997",
"url": "https://bugzilla.suse.com/1239997"
},
{
"category": "self",
"summary": "SUSE Bug 1240167",
"url": "https://bugzilla.suse.com/1240167"
},
{
"category": "self",
"summary": "SUSE Bug 1240168",
"url": "https://bugzilla.suse.com/1240168"
},
{
"category": "self",
"summary": "SUSE Bug 1240169",
"url": "https://bugzilla.suse.com/1240169"
},
{
"category": "self",
"summary": "SUSE Bug 1240171",
"url": "https://bugzilla.suse.com/1240171"
},
{
"category": "self",
"summary": "SUSE Bug 1240172",
"url": "https://bugzilla.suse.com/1240172"
},
{
"category": "self",
"summary": "SUSE Bug 1240173",
"url": "https://bugzilla.suse.com/1240173"
},
{
"category": "self",
"summary": "SUSE Bug 1240174",
"url": "https://bugzilla.suse.com/1240174"
},
{
"category": "self",
"summary": "SUSE Bug 1240175",
"url": "https://bugzilla.suse.com/1240175"
},
{
"category": "self",
"summary": "SUSE Bug 1240176",
"url": "https://bugzilla.suse.com/1240176"
},
{
"category": "self",
"summary": "SUSE Bug 1240177",
"url": "https://bugzilla.suse.com/1240177"
},
{
"category": "self",
"summary": "SUSE Bug 1240179",
"url": "https://bugzilla.suse.com/1240179"
},
{
"category": "self",
"summary": "SUSE Bug 1240181",
"url": "https://bugzilla.suse.com/1240181"
},
{
"category": "self",
"summary": "SUSE Bug 1240182",
"url": "https://bugzilla.suse.com/1240182"
},
{
"category": "self",
"summary": "SUSE Bug 1240183",
"url": "https://bugzilla.suse.com/1240183"
},
{
"category": "self",
"summary": "SUSE Bug 1240184",
"url": "https://bugzilla.suse.com/1240184"
},
{
"category": "self",
"summary": "SUSE Bug 1240185",
"url": "https://bugzilla.suse.com/1240185"
},
{
"category": "self",
"summary": "SUSE Bug 1240186",
"url": "https://bugzilla.suse.com/1240186"
},
{
"category": "self",
"summary": "SUSE Bug 1240187",
"url": "https://bugzilla.suse.com/1240187"
},
{
"category": "self",
"summary": "SUSE Bug 1240188",
"url": "https://bugzilla.suse.com/1240188"
},
{
"category": "self",
"summary": "SUSE Bug 1240189",
"url": "https://bugzilla.suse.com/1240189"
},
{
"category": "self",
"summary": "SUSE Bug 1240191",
"url": "https://bugzilla.suse.com/1240191"
},
{
"category": "self",
"summary": "SUSE Bug 1240192",
"url": "https://bugzilla.suse.com/1240192"
},
{
"category": "self",
"summary": "SUSE Bug 1240333",
"url": "https://bugzilla.suse.com/1240333"
},
{
"category": "self",
"summary": "SUSE Bug 1240334",
"url": "https://bugzilla.suse.com/1240334"
},
{
"category": "self",
"summary": "SUSE Bug 1240375",
"url": "https://bugzilla.suse.com/1240375"
},
{
"category": "self",
"summary": "SUSE Bug 1240419",
"url": "https://bugzilla.suse.com/1240419"
},
{
"category": "self",
"summary": "SUSE Bug 1240427",
"url": "https://bugzilla.suse.com/1240427"
},
{
"category": "self",
"summary": "SUSE Bug 1240557",
"url": "https://bugzilla.suse.com/1240557"
},
{
"category": "self",
"summary": "SUSE Bug 1240575",
"url": "https://bugzilla.suse.com/1240575"
},
{
"category": "self",
"summary": "SUSE Bug 1240576",
"url": "https://bugzilla.suse.com/1240576"
},
{
"category": "self",
"summary": "SUSE Bug 1240581",
"url": "https://bugzilla.suse.com/1240581"
},
{
"category": "self",
"summary": "SUSE Bug 1240582",
"url": "https://bugzilla.suse.com/1240582"
},
{
"category": "self",
"summary": "SUSE Bug 1240583",
"url": "https://bugzilla.suse.com/1240583"
},
{
"category": "self",
"summary": "SUSE Bug 1240584",
"url": "https://bugzilla.suse.com/1240584"
},
{
"category": "self",
"summary": "SUSE Bug 1240585",
"url": "https://bugzilla.suse.com/1240585"
},
{
"category": "self",
"summary": "SUSE Bug 1240587",
"url": "https://bugzilla.suse.com/1240587"
},
{
"category": "self",
"summary": "SUSE Bug 1240590",
"url": "https://bugzilla.suse.com/1240590"
},
{
"category": "self",
"summary": "SUSE Bug 1240591",
"url": "https://bugzilla.suse.com/1240591"
},
{
"category": "self",
"summary": "SUSE Bug 1240592",
"url": "https://bugzilla.suse.com/1240592"
},
{
"category": "self",
"summary": "SUSE Bug 1240593",
"url": "https://bugzilla.suse.com/1240593"
},
{
"category": "self",
"summary": "SUSE Bug 1240594",
"url": "https://bugzilla.suse.com/1240594"
},
{
"category": "self",
"summary": "SUSE Bug 1240595",
"url": "https://bugzilla.suse.com/1240595"
},
{
"category": "self",
"summary": "SUSE Bug 1240596",
"url": "https://bugzilla.suse.com/1240596"
},
{
"category": "self",
"summary": "SUSE Bug 1240600",
"url": "https://bugzilla.suse.com/1240600"
},
{
"category": "self",
"summary": "SUSE Bug 1240612",
"url": "https://bugzilla.suse.com/1240612"
},
{
"category": "self",
"summary": "SUSE Bug 1240616",
"url": "https://bugzilla.suse.com/1240616"
},
{
"category": "self",
"summary": "SUSE Bug 1240617",
"url": "https://bugzilla.suse.com/1240617"
},
{
"category": "self",
"summary": "SUSE Bug 1240639",
"url": "https://bugzilla.suse.com/1240639"
},
{
"category": "self",
"summary": "SUSE Bug 1240643",
"url": "https://bugzilla.suse.com/1240643"
},
{
"category": "self",
"summary": "SUSE Bug 1240647",
"url": "https://bugzilla.suse.com/1240647"
},
{
"category": "self",
"summary": "SUSE Bug 1240655",
"url": "https://bugzilla.suse.com/1240655"
},
{
"category": "self",
"summary": "SUSE Bug 1240691",
"url": "https://bugzilla.suse.com/1240691"
},
{
"category": "self",
"summary": "SUSE Bug 1240696",
"url": "https://bugzilla.suse.com/1240696"
},
{
"category": "self",
"summary": "SUSE Bug 1240700",
"url": "https://bugzilla.suse.com/1240700"
},
{
"category": "self",
"summary": "SUSE Bug 1240701",
"url": "https://bugzilla.suse.com/1240701"
},
{
"category": "self",
"summary": "SUSE Bug 1240703",
"url": "https://bugzilla.suse.com/1240703"
},
{
"category": "self",
"summary": "SUSE Bug 1240708",
"url": "https://bugzilla.suse.com/1240708"
},
{
"category": "self",
"summary": "SUSE Bug 1240709",
"url": "https://bugzilla.suse.com/1240709"
},
{
"category": "self",
"summary": "SUSE Bug 1240711",
"url": "https://bugzilla.suse.com/1240711"
},
{
"category": "self",
"summary": "SUSE Bug 1240712",
"url": "https://bugzilla.suse.com/1240712"
},
{
"category": "self",
"summary": "SUSE Bug 1240713",
"url": "https://bugzilla.suse.com/1240713"
},
{
"category": "self",
"summary": "SUSE Bug 1240714",
"url": "https://bugzilla.suse.com/1240714"
},
{
"category": "self",
"summary": "SUSE Bug 1240715",
"url": "https://bugzilla.suse.com/1240715"
},
{
"category": "self",
"summary": "SUSE Bug 1240716",
"url": "https://bugzilla.suse.com/1240716"
},
{
"category": "self",
"summary": "SUSE Bug 1240717",
"url": "https://bugzilla.suse.com/1240717"
},
{
"category": "self",
"summary": "SUSE Bug 1240718",
"url": "https://bugzilla.suse.com/1240718"
},
{
"category": "self",
"summary": "SUSE Bug 1240719",
"url": "https://bugzilla.suse.com/1240719"
},
{
"category": "self",
"summary": "SUSE Bug 1240720",
"url": "https://bugzilla.suse.com/1240720"
},
{
"category": "self",
"summary": "SUSE Bug 1240722",
"url": "https://bugzilla.suse.com/1240722"
},
{
"category": "self",
"summary": "SUSE Bug 1240727",
"url": "https://bugzilla.suse.com/1240727"
},
{
"category": "self",
"summary": "SUSE Bug 1240739",
"url": "https://bugzilla.suse.com/1240739"
},
{
"category": "self",
"summary": "SUSE Bug 1240740",
"url": "https://bugzilla.suse.com/1240740"
},
{
"category": "self",
"summary": "SUSE Bug 1240742",
"url": "https://bugzilla.suse.com/1240742"
},
{
"category": "self",
"summary": "SUSE Bug 1240779",
"url": "https://bugzilla.suse.com/1240779"
},
{
"category": "self",
"summary": "SUSE Bug 1240783",
"url": "https://bugzilla.suse.com/1240783"
},
{
"category": "self",
"summary": "SUSE Bug 1240784",
"url": "https://bugzilla.suse.com/1240784"
},
{
"category": "self",
"summary": "SUSE Bug 1240785",
"url": "https://bugzilla.suse.com/1240785"
},
{
"category": "self",
"summary": "SUSE Bug 1240795",
"url": "https://bugzilla.suse.com/1240795"
},
{
"category": "self",
"summary": "SUSE Bug 1240796",
"url": "https://bugzilla.suse.com/1240796"
},
{
"category": "self",
"summary": "SUSE Bug 1240797",
"url": "https://bugzilla.suse.com/1240797"
},
{
"category": "self",
"summary": "SUSE Bug 1240799",
"url": "https://bugzilla.suse.com/1240799"
},
{
"category": "self",
"summary": "SUSE Bug 1240800",
"url": "https://bugzilla.suse.com/1240800"
},
{
"category": "self",
"summary": "SUSE Bug 1240801",
"url": "https://bugzilla.suse.com/1240801"
},
{
"category": "self",
"summary": "SUSE Bug 1240802",
"url": "https://bugzilla.suse.com/1240802"
},
{
"category": "self",
"summary": "SUSE Bug 1240803",
"url": "https://bugzilla.suse.com/1240803"
},
{
"category": "self",
"summary": "SUSE Bug 1240804",
"url": "https://bugzilla.suse.com/1240804"
},
{
"category": "self",
"summary": "SUSE Bug 1240805",
"url": "https://bugzilla.suse.com/1240805"
},
{
"category": "self",
"summary": "SUSE Bug 1240806",
"url": "https://bugzilla.suse.com/1240806"
},
{
"category": "self",
"summary": "SUSE Bug 1240808",
"url": "https://bugzilla.suse.com/1240808"
},
{
"category": "self",
"summary": "SUSE Bug 1240809",
"url": "https://bugzilla.suse.com/1240809"
},
{
"category": "self",
"summary": "SUSE Bug 1240811",
"url": "https://bugzilla.suse.com/1240811"
},
{
"category": "self",
"summary": "SUSE Bug 1240812",
"url": "https://bugzilla.suse.com/1240812"
},
{
"category": "self",
"summary": "SUSE Bug 1240813",
"url": "https://bugzilla.suse.com/1240813"
},
{
"category": "self",
"summary": "SUSE Bug 1240815",
"url": "https://bugzilla.suse.com/1240815"
},
{
"category": "self",
"summary": "SUSE Bug 1240816",
"url": "https://bugzilla.suse.com/1240816"
},
{
"category": "self",
"summary": "SUSE Bug 1240819",
"url": "https://bugzilla.suse.com/1240819"
},
{
"category": "self",
"summary": "SUSE Bug 1240821",
"url": "https://bugzilla.suse.com/1240821"
},
{
"category": "self",
"summary": "SUSE Bug 1240825",
"url": "https://bugzilla.suse.com/1240825"
},
{
"category": "self",
"summary": "SUSE Bug 1240829",
"url": "https://bugzilla.suse.com/1240829"
},
{
"category": "self",
"summary": "SUSE Bug 1240835",
"url": "https://bugzilla.suse.com/1240835"
},
{
"category": "self",
"summary": "SUSE Bug 1240873",
"url": "https://bugzilla.suse.com/1240873"
},
{
"category": "self",
"summary": "SUSE Bug 1240934",
"url": "https://bugzilla.suse.com/1240934"
},
{
"category": "self",
"summary": "SUSE Bug 1240936",
"url": "https://bugzilla.suse.com/1240936"
},
{
"category": "self",
"summary": "SUSE Bug 1240937",
"url": "https://bugzilla.suse.com/1240937"
},
{
"category": "self",
"summary": "SUSE Bug 1240938",
"url": "https://bugzilla.suse.com/1240938"
},
{
"category": "self",
"summary": "SUSE Bug 1240940",
"url": "https://bugzilla.suse.com/1240940"
},
{
"category": "self",
"summary": "SUSE Bug 1240942",
"url": "https://bugzilla.suse.com/1240942"
},
{
"category": "self",
"summary": "SUSE Bug 1240943",
"url": "https://bugzilla.suse.com/1240943"
},
{
"category": "self",
"summary": "SUSE Bug 1240944",
"url": "https://bugzilla.suse.com/1240944"
},
{
"category": "self",
"summary": "SUSE Bug 1240966",
"url": "https://bugzilla.suse.com/1240966"
},
{
"category": "self",
"summary": "SUSE Bug 1240978",
"url": "https://bugzilla.suse.com/1240978"
},
{
"category": "self",
"summary": "SUSE Bug 1240979",
"url": "https://bugzilla.suse.com/1240979"
},
{
"category": "self",
"summary": "SUSE Bug 1241010",
"url": "https://bugzilla.suse.com/1241010"
},
{
"category": "self",
"summary": "SUSE Bug 1241038",
"url": "https://bugzilla.suse.com/1241038"
},
{
"category": "self",
"summary": "SUSE Bug 1241051",
"url": "https://bugzilla.suse.com/1241051"
},
{
"category": "self",
"summary": "SUSE Bug 1241095",
"url": "https://bugzilla.suse.com/1241095"
},
{
"category": "self",
"summary": "SUSE Bug 1241123",
"url": "https://bugzilla.suse.com/1241123"
},
{
"category": "self",
"summary": "SUSE Bug 1241148",
"url": "https://bugzilla.suse.com/1241148"
},
{
"category": "self",
"summary": "SUSE Bug 1241151",
"url": "https://bugzilla.suse.com/1241151"
},
{
"category": "self",
"summary": "SUSE Bug 1241166",
"url": "https://bugzilla.suse.com/1241166"
},
{
"category": "self",
"summary": "SUSE Bug 1241167",
"url": "https://bugzilla.suse.com/1241167"
},
{
"category": "self",
"summary": "SUSE Bug 1241175",
"url": "https://bugzilla.suse.com/1241175"
},
{
"category": "self",
"summary": "SUSE Bug 1241193",
"url": "https://bugzilla.suse.com/1241193"
},
{
"category": "self",
"summary": "SUSE Bug 1241204",
"url": "https://bugzilla.suse.com/1241204"
},
{
"category": "self",
"summary": "SUSE Bug 1241250",
"url": "https://bugzilla.suse.com/1241250"
},
{
"category": "self",
"summary": "SUSE Bug 1241265",
"url": "https://bugzilla.suse.com/1241265"
},
{
"category": "self",
"summary": "SUSE Bug 1241266",
"url": "https://bugzilla.suse.com/1241266"
},
{
"category": "self",
"summary": "SUSE Bug 1241280",
"url": "https://bugzilla.suse.com/1241280"
},
{
"category": "self",
"summary": "SUSE Bug 1241282",
"url": "https://bugzilla.suse.com/1241282"
},
{
"category": "self",
"summary": "SUSE Bug 1241305",
"url": "https://bugzilla.suse.com/1241305"
},
{
"category": "self",
"summary": "SUSE Bug 1241319",
"url": "https://bugzilla.suse.com/1241319"
},
{
"category": "self",
"summary": "SUSE Bug 1241332",
"url": "https://bugzilla.suse.com/1241332"
},
{
"category": "self",
"summary": "SUSE Bug 1241333",
"url": "https://bugzilla.suse.com/1241333"
},
{
"category": "self",
"summary": "SUSE Bug 1241341",
"url": "https://bugzilla.suse.com/1241341"
},
{
"category": "self",
"summary": "SUSE Bug 1241343",
"url": "https://bugzilla.suse.com/1241343"
},
{
"category": "self",
"summary": "SUSE Bug 1241344",
"url": "https://bugzilla.suse.com/1241344"
},
{
"category": "self",
"summary": "SUSE Bug 1241347",
"url": "https://bugzilla.suse.com/1241347"
},
{
"category": "self",
"summary": "SUSE Bug 1241351",
"url": "https://bugzilla.suse.com/1241351"
},
{
"category": "self",
"summary": "SUSE Bug 1241357",
"url": "https://bugzilla.suse.com/1241357"
},
{
"category": "self",
"summary": "SUSE Bug 1241361",
"url": "https://bugzilla.suse.com/1241361"
},
{
"category": "self",
"summary": "SUSE Bug 1241369",
"url": "https://bugzilla.suse.com/1241369"
},
{
"category": "self",
"summary": "SUSE Bug 1241371",
"url": "https://bugzilla.suse.com/1241371"
},
{
"category": "self",
"summary": "SUSE Bug 1241373",
"url": "https://bugzilla.suse.com/1241373"
},
{
"category": "self",
"summary": "SUSE Bug 1241376",
"url": "https://bugzilla.suse.com/1241376"
},
{
"category": "self",
"summary": "SUSE Bug 1241378",
"url": "https://bugzilla.suse.com/1241378"
},
{
"category": "self",
"summary": "SUSE Bug 1241388",
"url": "https://bugzilla.suse.com/1241388"
},
{
"category": "self",
"summary": "SUSE Bug 1241394",
"url": "https://bugzilla.suse.com/1241394"
},
{
"category": "self",
"summary": "SUSE Bug 1241402",
"url": "https://bugzilla.suse.com/1241402"
},
{
"category": "self",
"summary": "SUSE Bug 1241412",
"url": "https://bugzilla.suse.com/1241412"
},
{
"category": "self",
"summary": "SUSE Bug 1241413",
"url": "https://bugzilla.suse.com/1241413"
},
{
"category": "self",
"summary": "SUSE Bug 1241416",
"url": "https://bugzilla.suse.com/1241416"
},
{
"category": "self",
"summary": "SUSE Bug 1241419",
"url": "https://bugzilla.suse.com/1241419"
},
{
"category": "self",
"summary": "SUSE Bug 1241424",
"url": "https://bugzilla.suse.com/1241424"
},
{
"category": "self",
"summary": "SUSE Bug 1241426",
"url": "https://bugzilla.suse.com/1241426"
},
{
"category": "self",
"summary": "SUSE Bug 1241433",
"url": "https://bugzilla.suse.com/1241433"
},
{
"category": "self",
"summary": "SUSE Bug 1241436",
"url": "https://bugzilla.suse.com/1241436"
},
{
"category": "self",
"summary": "SUSE Bug 1241441",
"url": "https://bugzilla.suse.com/1241441"
},
{
"category": "self",
"summary": "SUSE Bug 1241442",
"url": "https://bugzilla.suse.com/1241442"
},
{
"category": "self",
"summary": "SUSE Bug 1241443",
"url": "https://bugzilla.suse.com/1241443"
},
{
"category": "self",
"summary": "SUSE Bug 1241448",
"url": "https://bugzilla.suse.com/1241448"
},
{
"category": "self",
"summary": "SUSE Bug 1241451",
"url": "https://bugzilla.suse.com/1241451"
},
{
"category": "self",
"summary": "SUSE Bug 1241452",
"url": "https://bugzilla.suse.com/1241452"
},
{
"category": "self",
"summary": "SUSE Bug 1241456",
"url": "https://bugzilla.suse.com/1241456"
},
{
"category": "self",
"summary": "SUSE Bug 1241458",
"url": "https://bugzilla.suse.com/1241458"
},
{
"category": "self",
"summary": "SUSE Bug 1241459",
"url": "https://bugzilla.suse.com/1241459"
},
{
"category": "self",
"summary": "SUSE Bug 1241492",
"url": "https://bugzilla.suse.com/1241492"
},
{
"category": "self",
"summary": "SUSE Bug 1241512",
"url": "https://bugzilla.suse.com/1241512"
},
{
"category": "self",
"summary": "SUSE Bug 1241525",
"url": "https://bugzilla.suse.com/1241525"
},
{
"category": "self",
"summary": "SUSE Bug 1241526",
"url": "https://bugzilla.suse.com/1241526"
},
{
"category": "self",
"summary": "SUSE Bug 1241528",
"url": "https://bugzilla.suse.com/1241528"
},
{
"category": "self",
"summary": "SUSE Bug 1241533",
"url": "https://bugzilla.suse.com/1241533"
},
{
"category": "self",
"summary": "SUSE Bug 1241535",
"url": "https://bugzilla.suse.com/1241535"
},
{
"category": "self",
"summary": "SUSE Bug 1241537",
"url": "https://bugzilla.suse.com/1241537"
},
{
"category": "self",
"summary": "SUSE Bug 1241541",
"url": "https://bugzilla.suse.com/1241541"
},
{
"category": "self",
"summary": "SUSE Bug 1241545",
"url": "https://bugzilla.suse.com/1241545"
},
{
"category": "self",
"summary": "SUSE Bug 1241547",
"url": "https://bugzilla.suse.com/1241547"
},
{
"category": "self",
"summary": "SUSE Bug 1241548",
"url": "https://bugzilla.suse.com/1241548"
},
{
"category": "self",
"summary": "SUSE Bug 1241550",
"url": "https://bugzilla.suse.com/1241550"
},
{
"category": "self",
"summary": "SUSE Bug 1241562",
"url": "https://bugzilla.suse.com/1241562"
},
{
"category": "self",
"summary": "SUSE Bug 1241568",
"url": "https://bugzilla.suse.com/1241568"
},
{
"category": "self",
"summary": "SUSE Bug 1241573",
"url": "https://bugzilla.suse.com/1241573"
},
{
"category": "self",
"summary": "SUSE Bug 1241574",
"url": "https://bugzilla.suse.com/1241574"
},
{
"category": "self",
"summary": "SUSE Bug 1241575",
"url": "https://bugzilla.suse.com/1241575"
},
{
"category": "self",
"summary": "SUSE Bug 1241578",
"url": "https://bugzilla.suse.com/1241578"
},
{
"category": "self",
"summary": "SUSE Bug 1241581",
"url": "https://bugzilla.suse.com/1241581"
},
{
"category": "self",
"summary": "SUSE Bug 1241590",
"url": "https://bugzilla.suse.com/1241590"
},
{
"category": "self",
"summary": "SUSE Bug 1241591",
"url": "https://bugzilla.suse.com/1241591"
},
{
"category": "self",
"summary": "SUSE Bug 1241593",
"url": "https://bugzilla.suse.com/1241593"
},
{
"category": "self",
"summary": "SUSE Bug 1241596",
"url": "https://bugzilla.suse.com/1241596"
},
{
"category": "self",
"summary": "SUSE Bug 1241597",
"url": "https://bugzilla.suse.com/1241597"
},
{
"category": "self",
"summary": "SUSE Bug 1241598",
"url": "https://bugzilla.suse.com/1241598"
},
{
"category": "self",
"summary": "SUSE Bug 1241599",
"url": "https://bugzilla.suse.com/1241599"
},
{
"category": "self",
"summary": "SUSE Bug 1241601",
"url": "https://bugzilla.suse.com/1241601"
},
{
"category": "self",
"summary": "SUSE Bug 1241626",
"url": "https://bugzilla.suse.com/1241626"
},
{
"category": "self",
"summary": "SUSE Bug 1241627",
"url": "https://bugzilla.suse.com/1241627"
},
{
"category": "self",
"summary": "SUSE Bug 1241628",
"url": "https://bugzilla.suse.com/1241628"
},
{
"category": "self",
"summary": "SUSE Bug 1241633",
"url": "https://bugzilla.suse.com/1241633"
},
{
"category": "self",
"summary": "SUSE Bug 1241638",
"url": "https://bugzilla.suse.com/1241638"
},
{
"category": "self",
"summary": "SUSE Bug 1241640",
"url": "https://bugzilla.suse.com/1241640"
},
{
"category": "self",
"summary": "SUSE Bug 1241648",
"url": "https://bugzilla.suse.com/1241648"
},
{
"category": "self",
"summary": "SUSE Bug 1241657",
"url": "https://bugzilla.suse.com/1241657"
},
{
"category": "self",
"summary": "SUSE Bug 1241689",
"url": "https://bugzilla.suse.com/1241689"
},
{
"category": "self",
"summary": "SUSE Bug 1242006",
"url": "https://bugzilla.suse.com/1242006"
},
{
"category": "self",
"summary": "SUSE Bug 1242012",
"url": "https://bugzilla.suse.com/1242012"
},
{
"category": "self",
"summary": "SUSE Bug 1242044",
"url": "https://bugzilla.suse.com/1242044"
},
{
"category": "self",
"summary": "SUSE Bug 1242119",
"url": "https://bugzilla.suse.com/1242119"
},
{
"category": "self",
"summary": "SUSE Bug 1242125",
"url": "https://bugzilla.suse.com/1242125"
},
{
"category": "self",
"summary": "SUSE Bug 1242172",
"url": "https://bugzilla.suse.com/1242172"
},
{
"category": "self",
"summary": "SUSE Bug 1242203",
"url": "https://bugzilla.suse.com/1242203"
},
{
"category": "self",
"summary": "SUSE Bug 1242205",
"url": "https://bugzilla.suse.com/1242205"
},
{
"category": "self",
"summary": "SUSE Bug 1242283",
"url": "https://bugzilla.suse.com/1242283"
},
{
"category": "self",
"summary": "SUSE Bug 1242307",
"url": "https://bugzilla.suse.com/1242307"
},
{
"category": "self",
"summary": "SUSE Bug 1242313",
"url": "https://bugzilla.suse.com/1242313"
},
{
"category": "self",
"summary": "SUSE Bug 1242314",
"url": "https://bugzilla.suse.com/1242314"
},
{
"category": "self",
"summary": "SUSE Bug 1242315",
"url": "https://bugzilla.suse.com/1242315"
},
{
"category": "self",
"summary": "SUSE Bug 1242321",
"url": "https://bugzilla.suse.com/1242321"
},
{
"category": "self",
"summary": "SUSE Bug 1242326",
"url": "https://bugzilla.suse.com/1242326"
},
{
"category": "self",
"summary": "SUSE Bug 1242327",
"url": "https://bugzilla.suse.com/1242327"
},
{
"category": "self",
"summary": "SUSE Bug 1242328",
"url": "https://bugzilla.suse.com/1242328"
},
{
"category": "self",
"summary": "SUSE Bug 1242332",
"url": "https://bugzilla.suse.com/1242332"
},
{
"category": "self",
"summary": "SUSE Bug 1242333",
"url": "https://bugzilla.suse.com/1242333"
},
{
"category": "self",
"summary": "SUSE Bug 1242335",
"url": "https://bugzilla.suse.com/1242335"
},
{
"category": "self",
"summary": "SUSE Bug 1242336",
"url": "https://bugzilla.suse.com/1242336"
},
{
"category": "self",
"summary": "SUSE Bug 1242342",
"url": "https://bugzilla.suse.com/1242342"
},
{
"category": "self",
"summary": "SUSE Bug 1242343",
"url": "https://bugzilla.suse.com/1242343"
},
{
"category": "self",
"summary": "SUSE Bug 1242344",
"url": "https://bugzilla.suse.com/1242344"
},
{
"category": "self",
"summary": "SUSE Bug 1242345",
"url": "https://bugzilla.suse.com/1242345"
},
{
"category": "self",
"summary": "SUSE Bug 1242346",
"url": "https://bugzilla.suse.com/1242346"
},
{
"category": "self",
"summary": "SUSE Bug 1242347",
"url": "https://bugzilla.suse.com/1242347"
},
{
"category": "self",
"summary": "SUSE Bug 1242348",
"url": "https://bugzilla.suse.com/1242348"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242417",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "self",
"summary": "SUSE Bug 1242502",
"url": "https://bugzilla.suse.com/1242502"
},
{
"category": "self",
"summary": "SUSE Bug 1242506",
"url": "https://bugzilla.suse.com/1242506"
},
{
"category": "self",
"summary": "SUSE Bug 1242507",
"url": "https://bugzilla.suse.com/1242507"
},
{
"category": "self",
"summary": "SUSE Bug 1242509",
"url": "https://bugzilla.suse.com/1242509"
},
{
"category": "self",
"summary": "SUSE Bug 1242510",
"url": "https://bugzilla.suse.com/1242510"
},
{
"category": "self",
"summary": "SUSE Bug 1242513",
"url": "https://bugzilla.suse.com/1242513"
},
{
"category": "self",
"summary": "SUSE Bug 1242520",
"url": "https://bugzilla.suse.com/1242520"
},
{
"category": "self",
"summary": "SUSE Bug 1242523",
"url": "https://bugzilla.suse.com/1242523"
},
{
"category": "self",
"summary": "SUSE Bug 1242526",
"url": "https://bugzilla.suse.com/1242526"
},
{
"category": "self",
"summary": "SUSE Bug 1242528",
"url": "https://bugzilla.suse.com/1242528"
},
{
"category": "self",
"summary": "SUSE Bug 1242533",
"url": "https://bugzilla.suse.com/1242533"
},
{
"category": "self",
"summary": "SUSE Bug 1242534",
"url": "https://bugzilla.suse.com/1242534"
},
{
"category": "self",
"summary": "SUSE Bug 1242535",
"url": "https://bugzilla.suse.com/1242535"
},
{
"category": "self",
"summary": "SUSE Bug 1242536",
"url": "https://bugzilla.suse.com/1242536"
},
{
"category": "self",
"summary": "SUSE Bug 1242537",
"url": "https://bugzilla.suse.com/1242537"
},
{
"category": "self",
"summary": "SUSE Bug 1242538",
"url": "https://bugzilla.suse.com/1242538"
},
{
"category": "self",
"summary": "SUSE Bug 1242539",
"url": "https://bugzilla.suse.com/1242539"
},
{
"category": "self",
"summary": "SUSE Bug 1242540",
"url": "https://bugzilla.suse.com/1242540"
},
{
"category": "self",
"summary": "SUSE Bug 1242546",
"url": "https://bugzilla.suse.com/1242546"
},
{
"category": "self",
"summary": "SUSE Bug 1242556",
"url": "https://bugzilla.suse.com/1242556"
},
{
"category": "self",
"summary": "SUSE Bug 1242585",
"url": "https://bugzilla.suse.com/1242585"
},
{
"category": "self",
"summary": "SUSE Bug 1242596",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "self",
"summary": "SUSE Bug 1242710",
"url": "https://bugzilla.suse.com/1242710"
},
{
"category": "self",
"summary": "SUSE Bug 1242762",
"url": "https://bugzilla.suse.com/1242762"
},
{
"category": "self",
"summary": "SUSE Bug 1242763",
"url": "https://bugzilla.suse.com/1242763"
},
{
"category": "self",
"summary": "SUSE Bug 1242778",
"url": "https://bugzilla.suse.com/1242778"
},
{
"category": "self",
"summary": "SUSE Bug 1242786",
"url": "https://bugzilla.suse.com/1242786"
},
{
"category": "self",
"summary": "SUSE Bug 1242831",
"url": "https://bugzilla.suse.com/1242831"
},
{
"category": "self",
"summary": "SUSE Bug 1242852",
"url": "https://bugzilla.suse.com/1242852"
},
{
"category": "self",
"summary": "SUSE Bug 1242854",
"url": "https://bugzilla.suse.com/1242854"
},
{
"category": "self",
"summary": "SUSE Bug 1242856",
"url": "https://bugzilla.suse.com/1242856"
},
{
"category": "self",
"summary": "SUSE Bug 1242859",
"url": "https://bugzilla.suse.com/1242859"
},
{
"category": "self",
"summary": "SUSE Bug 1242860",
"url": "https://bugzilla.suse.com/1242860"
},
{
"category": "self",
"summary": "SUSE Bug 1242861",
"url": "https://bugzilla.suse.com/1242861"
},
{
"category": "self",
"summary": "SUSE Bug 1242866",
"url": "https://bugzilla.suse.com/1242866"
},
{
"category": "self",
"summary": "SUSE Bug 1242867",
"url": "https://bugzilla.suse.com/1242867"
},
{
"category": "self",
"summary": "SUSE Bug 1242868",
"url": "https://bugzilla.suse.com/1242868"
},
{
"category": "self",
"summary": "SUSE Bug 1242875",
"url": "https://bugzilla.suse.com/1242875"
},
{
"category": "self",
"summary": "SUSE Bug 1242924",
"url": "https://bugzilla.suse.com/1242924"
},
{
"category": "self",
"summary": "SUSE Bug 1242944",
"url": "https://bugzilla.suse.com/1242944"
},
{
"category": "self",
"summary": "SUSE Bug 1242951",
"url": "https://bugzilla.suse.com/1242951"
},
{
"category": "self",
"summary": "SUSE Bug 1242962",
"url": "https://bugzilla.suse.com/1242962"
},
{
"category": "self",
"summary": "SUSE Bug 1242993",
"url": "https://bugzilla.suse.com/1242993"
},
{
"category": "self",
"summary": "SUSE Bug 1243020",
"url": "https://bugzilla.suse.com/1243020"
},
{
"category": "self",
"summary": "SUSE Bug 1243044",
"url": "https://bugzilla.suse.com/1243044"
},
{
"category": "self",
"summary": "SUSE Bug 1243056",
"url": "https://bugzilla.suse.com/1243056"
},
{
"category": "self",
"summary": "SUSE Bug 1243077",
"url": "https://bugzilla.suse.com/1243077"
},
{
"category": "self",
"summary": "SUSE Bug 1243090",
"url": "https://bugzilla.suse.com/1243090"
},
{
"category": "self",
"summary": "SUSE Bug 1243115",
"url": "https://bugzilla.suse.com/1243115"
},
{
"category": "self",
"summary": "SUSE Bug 1243116",
"url": "https://bugzilla.suse.com/1243116"
},
{
"category": "self",
"summary": "SUSE Bug 1243215",
"url": "https://bugzilla.suse.com/1243215"
},
{
"category": "self",
"summary": "SUSE Bug 1243341",
"url": "https://bugzilla.suse.com/1243341"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243513",
"url": "https://bugzilla.suse.com/1243513"
},
{
"category": "self",
"summary": "SUSE Bug 1243519",
"url": "https://bugzilla.suse.com/1243519"
},
{
"category": "self",
"summary": "SUSE Bug 1243539",
"url": "https://bugzilla.suse.com/1243539"
},
{
"category": "self",
"summary": "SUSE Bug 1243541",
"url": "https://bugzilla.suse.com/1243541"
},
{
"category": "self",
"summary": "SUSE Bug 1243547",
"url": "https://bugzilla.suse.com/1243547"
},
{
"category": "self",
"summary": "SUSE Bug 1243657",
"url": "https://bugzilla.suse.com/1243657"
},
{
"category": "self",
"summary": "SUSE Bug 1243658",
"url": "https://bugzilla.suse.com/1243658"
},
{
"category": "self",
"summary": "SUSE Bug 1243737",
"url": "https://bugzilla.suse.com/1243737"
},
{
"category": "self",
"summary": "SUSE Bug 1243805",
"url": "https://bugzilla.suse.com/1243805"
},
{
"category": "self",
"summary": "SUSE Bug 1243817",
"url": "https://bugzilla.suse.com/1243817"
},
{
"category": "self",
"summary": "SUSE Bug 1243919",
"url": "https://bugzilla.suse.com/1243919"
},
{
"category": "self",
"summary": "SUSE Bug 1243963",
"url": "https://bugzilla.suse.com/1243963"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52927 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53034 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27018 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27415 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35840 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35910 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38606 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43820 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46713 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46763 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46782 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46865 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47408 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47794 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49570 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49570/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49571 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50038 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50038/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50126 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50223 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50290 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53124 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53139 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53163 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53680 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54458 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54683 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56638 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56640 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56641 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56702 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56703 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56718 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56719 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56751 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56758 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56770 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57998 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58001 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58018 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58019 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58068 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58070 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58071 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58074 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58088 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58091 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58091/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58093 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58094 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58095 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58096 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58096/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58097 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21648 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21659 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21683 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21693 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21696 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21701 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21706 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21707 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21717 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21729 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21739 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21753 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21759 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21760 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21761 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21762 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21763 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21791 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21800 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21806 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21808 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21821 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21832 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21837 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21846 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21847 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21848 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21855 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21856 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21857 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21859 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21861 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21863 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21864 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21866 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21867 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21876 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21877 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21878 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21882 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21883 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21884 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21888 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21893 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21893/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21894 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21895 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21904 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21906 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21908 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21908/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21909 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21910 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21916 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21917 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21919 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21922 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21923 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21924 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21926 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21927 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21929 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21934 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21935 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21936 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21941 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21950 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21956 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21961 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21962 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21964 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21966 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21968 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21971 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21974 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21975 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21980 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21981 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21989 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21990 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21991 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21992 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21993 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21995 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21996 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21999 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22001 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22003 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22004 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22007 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22008 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22009 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22010 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22013 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22015 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22016 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22017 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22018 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22020 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22025 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22027 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22029 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22030 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22033 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22033/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22036 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22044 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22045 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22050 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22050/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22053 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22055 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22056 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22058 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22060 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22062 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22063 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22064 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22064/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22070 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22075 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22080 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22085 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22086 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22088 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22090 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22090/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22091 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22091/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22093 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22094 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22097 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22102 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22102/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22105 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22105/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22106 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22107 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22107/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22108 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22109 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22112 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22115 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22116 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22116/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22117 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22118 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22121 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22126 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22128 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22128/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-2312 page",
"url": "https://www.suse.com/security/cve/CVE-2025-2312/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23129 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23131 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23133 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23134 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23136 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23138 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23145 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23150 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23154 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37748 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37785 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37789 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37799 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37803 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37809 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37860 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37879 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37949 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37958 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37974 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38152 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39728 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40325 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40325/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-06-16T14:56:02Z",
"generator": {
"date": "2025-06-16T14:56:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01967-1",
"initial_release_date": "2025-06-16T14:56:02Z",
"revision_history": [
{
"date": "2025-06-16T14:56:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-6.4.0-150700.20.3.1.aarch64",
"product": {
"name": "cluster-md-kmp-azure-6.4.0-150700.20.3.1.aarch64",
"product_id": "cluster-md-kmp-azure-6.4.0-150700.20.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-6.4.0-150700.20.3.1.aarch64",
"product": {
"name": "dlm-kmp-azure-6.4.0-150700.20.3.1.aarch64",
"product_id": "dlm-kmp-azure-6.4.0-150700.20.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-6.4.0-150700.20.3.1.aarch64",
"product": {
"name": "gfs2-kmp-azure-6.4.0-150700.20.3.1.aarch64",
"product_id": "gfs2-kmp-azure-6.4.0-150700.20.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.4.0-150700.20.3.1.aarch64",
"product": {
"name": "kernel-azure-6.4.0-150700.20.3.1.aarch64",
"product_id": "kernel-azure-6.4.0-150700.20.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"product": {
"name": "kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"product_id": "kernel-azure-devel-6.4.0-150700.20.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.4.0-150700.20.3.1.aarch64",
"product": {
"name": "kernel-azure-extra-6.4.0-150700.20.3.1.aarch64",
"product_id": "kernel-azure-extra-6.4.0-150700.20.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-6.4.0-150700.20.3.1.aarch64",
"product": {
"name": "kernel-azure-optional-6.4.0-150700.20.3.1.aarch64",
"product_id": "kernel-azure-optional-6.4.0-150700.20.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"product": {
"name": "kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"product_id": "kernel-syms-azure-6.4.0-150700.20.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-6.4.0-150700.20.3.1.aarch64",
"product": {
"name": "kselftests-kmp-azure-6.4.0-150700.20.3.1.aarch64",
"product_id": "kselftests-kmp-azure-6.4.0-150700.20.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-6.4.0-150700.20.3.1.aarch64",
"product": {
"name": "ocfs2-kmp-azure-6.4.0-150700.20.3.1.aarch64",
"product_id": "ocfs2-kmp-azure-6.4.0-150700.20.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-6.4.0-150700.20.3.1.aarch64",
"product": {
"name": "reiserfs-kmp-azure-6.4.0-150700.20.3.1.aarch64",
"product_id": "reiserfs-kmp-azure-6.4.0-150700.20.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"product": {
"name": "kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"product_id": "kernel-devel-azure-6.4.0-150700.20.3.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"product": {
"name": "kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"product_id": "kernel-source-azure-6.4.0-150700.20.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-6.4.0-150700.20.3.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-6.4.0-150700.20.3.1.x86_64",
"product_id": "cluster-md-kmp-azure-6.4.0-150700.20.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-6.4.0-150700.20.3.1.x86_64",
"product": {
"name": "dlm-kmp-azure-6.4.0-150700.20.3.1.x86_64",
"product_id": "dlm-kmp-azure-6.4.0-150700.20.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-6.4.0-150700.20.3.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-6.4.0-150700.20.3.1.x86_64",
"product_id": "gfs2-kmp-azure-6.4.0-150700.20.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.4.0-150700.20.3.1.x86_64",
"product": {
"name": "kernel-azure-6.4.0-150700.20.3.1.x86_64",
"product_id": "kernel-azure-6.4.0-150700.20.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"product": {
"name": "kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"product_id": "kernel-azure-devel-6.4.0-150700.20.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.4.0-150700.20.3.1.x86_64",
"product": {
"name": "kernel-azure-extra-6.4.0-150700.20.3.1.x86_64",
"product_id": "kernel-azure-extra-6.4.0-150700.20.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-6.4.0-150700.20.3.1.x86_64",
"product": {
"name": "kernel-azure-optional-6.4.0-150700.20.3.1.x86_64",
"product_id": "kernel-azure-optional-6.4.0-150700.20.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-vdso-6.4.0-150700.20.3.1.x86_64",
"product": {
"name": "kernel-azure-vdso-6.4.0-150700.20.3.1.x86_64",
"product_id": "kernel-azure-vdso-6.4.0-150700.20.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-6.4.0-150700.20.3.1.x86_64",
"product": {
"name": "kernel-syms-azure-6.4.0-150700.20.3.1.x86_64",
"product_id": "kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-6.4.0-150700.20.3.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-6.4.0-150700.20.3.1.x86_64",
"product_id": "kselftests-kmp-azure-6.4.0-150700.20.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-6.4.0-150700.20.3.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-6.4.0-150700.20.3.1.x86_64",
"product_id": "ocfs2-kmp-azure-6.4.0-150700.20.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-6.4.0-150700.20.3.1.x86_64",
"product": {
"name": "reiserfs-kmp-azure-6.4.0-150700.20.3.1.x86_64",
"product_id": "reiserfs-kmp-azure-6.4.0-150700.20.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150700.20.3.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64"
},
"product_reference": "kernel-azure-6.4.0-150700.20.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150700.20.3.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64"
},
"product_reference": "kernel-azure-6.4.0-150700.20.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150700.20.3.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64"
},
"product_reference": "kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150700.20.3.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64"
},
"product_reference": "kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-6.4.0-150700.20.3.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch"
},
"product_reference": "kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-6.4.0-150700.20.3.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch"
},
"product_reference": "kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150700.20.3.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64"
},
"product_reference": "kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150700.20.3.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
},
"product_reference": "kernel-syms-azure-6.4.0-150700.20.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52927",
"url": "https://www.suse.com/security/cve/CVE-2023-52927"
},
{
"category": "external",
"summary": "SUSE Bug 1239644 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "external",
"summary": "SUSE Bug 1246016 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1246016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2023-53034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans\n\nThere is a kernel API ntb_mw_clear_trans() would pass 0 to both addr and\nsize. This would make xlate_pos negative.\n\n[ 23.734156] switchtec switchtec0: MW 0: part 0 addr 0x0000000000000000 size 0x0000000000000000\n[ 23.734158] ================================================================================\n[ 23.734172] UBSAN: shift-out-of-bounds in drivers/ntb/hw/mscc/ntb_hw_switchtec.c:293:7\n[ 23.734418] shift exponent -1 is negative\n\nEnsuring xlate_pos is a positive or zero before BIT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53034",
"url": "https://www.suse.com/security/cve/CVE-2023-53034"
},
{
"category": "external",
"summary": "SUSE Bug 1241341 for CVE-2023-53034",
"url": "https://bugzilla.suse.com/1241341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-53034"
},
{
"cve": "CVE-2024-27018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: br_netfilter: skip conntrack input hook for promisc packets\n\nFor historical reasons, when bridge device is in promisc mode, packets\nthat are directed to the taps follow bridge input hook path. This patch\nadds a workaround to reset conntrack for these packets.\n\nJianbo Liu reports warning splats in their test infrastructure where\ncloned packets reach the br_netfilter input hook to confirm the\nconntrack object.\n\nScratch one bit from BR_INPUT_SKB_CB to annotate that this packet has\nreached the input hook because it is passed up to the bridge device to\nreach the taps.\n\n[ 57.571874] WARNING: CPU: 1 PID: 0 at net/bridge/br_netfilter_hooks.c:616 br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.572749] Modules linked in: xt_MASQUERADE nf_conntrack_netlink nfnetlink iptable_nat xt_addrtype xt_conntrack nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_isc si ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core mlx5ctl mlx5_core\n[ 57.575158] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.8.0+ #19\n[ 57.575700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 57.576662] RIP: 0010:br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.577195] Code: fe ff ff 41 bd 04 00 00 00 be 04 00 00 00 e9 4a ff ff ff be 04 00 00 00 48 89 ef e8 f3 a9 3c e1 66 83 ad b4 00 00 00 04 eb 91 \u003c0f\u003e 0b e9 f1 fe ff ff 0f 0b e9 df fe ff ff 48 89 df e8 b3 53 47 e1\n[ 57.578722] RSP: 0018:ffff88885f845a08 EFLAGS: 00010202\n[ 57.579207] RAX: 0000000000000002 RBX: ffff88812dfe8000 RCX: 0000000000000000\n[ 57.579830] RDX: ffff88885f845a60 RSI: ffff8881022dc300 RDI: 0000000000000000\n[ 57.580454] RBP: ffff88885f845a60 R08: 0000000000000001 R09: 0000000000000003\n[ 57.581076] R10: 00000000ffff1300 R11: 0000000000000002 R12: 0000000000000000\n[ 57.581695] R13: ffff8881047ffe00 R14: ffff888108dbee00 R15: ffff88814519b800\n[ 57.582313] FS: 0000000000000000(0000) GS:ffff88885f840000(0000) knlGS:0000000000000000\n[ 57.583040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 57.583564] CR2: 000000c4206aa000 CR3: 0000000103847001 CR4: 0000000000370eb0\n[ 57.584194] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[ 57.584820] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[ 57.585440] Call Trace:\n[ 57.585721] \u003cIRQ\u003e\n[ 57.585976] ? __warn+0x7d/0x130\n[ 57.586323] ? br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.586811] ? report_bug+0xf1/0x1c0\n[ 57.587177] ? handle_bug+0x3f/0x70\n[ 57.587539] ? exc_invalid_op+0x13/0x60\n[ 57.587929] ? asm_exc_invalid_op+0x16/0x20\n[ 57.588336] ? br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.588825] nf_hook_slow+0x3d/0xd0\n[ 57.589188] ? br_handle_vlan+0x4b/0x110\n[ 57.589579] br_pass_frame_up+0xfc/0x150\n[ 57.589970] ? br_port_flags_change+0x40/0x40\n[ 57.590396] br_handle_frame_finish+0x346/0x5e0\n[ 57.590837] ? ipt_do_table+0x32e/0x430\n[ 57.591221] ? br_handle_local_finish+0x20/0x20\n[ 57.591656] br_nf_hook_thresh+0x4b/0xf0 [br_netfilter]\n[ 57.592286] ? br_handle_local_finish+0x20/0x20\n[ 57.592802] br_nf_pre_routing_finish+0x178/0x480 [br_netfilter]\n[ 57.593348] ? br_handle_local_finish+0x20/0x20\n[ 57.593782] ? nf_nat_ipv4_pre_routing+0x25/0x60 [nf_nat]\n[ 57.594279] br_nf_pre_routing+0x24c/0x550 [br_netfilter]\n[ 57.594780] ? br_nf_hook_thresh+0xf0/0xf0 [br_netfilter]\n[ 57.595280] br_handle_frame+0x1f3/0x3d0\n[ 57.595676] ? br_handle_local_finish+0x20/0x20\n[ 57.596118] ? br_handle_frame_finish+0x5e0/0x5e0\n[ 57.596566] __netif_receive_skb_core+0x25b/0xfc0\n[ 57.597017] ? __napi_build_skb+0x37/0x40\n[ 57.597418] __netif_receive_skb_list_core+0xfb/0x220",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27018",
"url": "https://www.suse.com/security/cve/CVE-2024-27018"
},
{
"category": "external",
"summary": "SUSE Bug 1223809 for CVE-2024-27018",
"url": "https://bugzilla.suse.com/1223809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-27018"
},
{
"cve": "CVE-2024-27415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27415"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: bridge: confirm multicast packets before passing them up the stack\n\nconntrack nf_confirm logic cannot handle cloned skbs referencing\nthe same nf_conn entry, which will happen for multicast (broadcast)\nframes on bridges.\n\n Example:\n macvlan0\n |\n br0\n / \\\n ethX ethY\n\n ethX (or Y) receives a L2 multicast or broadcast packet containing\n an IP packet, flow is not yet in conntrack table.\n\n 1. skb passes through bridge and fake-ip (br_netfilter)Prerouting.\n -\u003e skb-\u003e_nfct now references a unconfirmed entry\n 2. skb is broad/mcast packet. bridge now passes clones out on each bridge\n interface.\n 3. skb gets passed up the stack.\n 4. In macvlan case, macvlan driver retains clone(s) of the mcast skb\n and schedules a work queue to send them out on the lower devices.\n\n The clone skb-\u003e_nfct is not a copy, it is the same entry as the\n original skb. The macvlan rx handler then returns RX_HANDLER_PASS.\n 5. Normal conntrack hooks (in NF_INET_LOCAL_IN) confirm the orig skb.\n\nThe Macvlan broadcast worker and normal confirm path will race.\n\nThis race will not happen if step 2 already confirmed a clone. In that\ncase later steps perform skb_clone() with skb-\u003e_nfct already confirmed (in\nhash table). This works fine.\n\nBut such confirmation won\u0027t happen when eb/ip/nftables rules dropped the\npackets before they reached the nf_confirm step in postrouting.\n\nPablo points out that nf_conntrack_bridge doesn\u0027t allow use of stateful\nnat, so we can safely discard the nf_conn entry and let inet call\nconntrack again.\n\nThis doesn\u0027t work for bridge netfilter: skb could have a nat\ntransformation. Also bridge nf prevents re-invocation of inet prerouting\nvia \u0027sabotage_in\u0027 hook.\n\nWork around this problem by explicit confirmation of the entry at LOCAL_IN\ntime, before upper layer has a chance to clone the unconfirmed entry.\n\nThe downside is that this disables NAT and conntrack helpers.\n\nAlternative fix would be to add locking to all code parts that deal with\nunconfirmed packets, but even if that could be done in a sane way this\nopens up other problems, for example:\n\n-m physdev --physdev-out eth0 -j SNAT --snat-to 1.2.3.4\n-m physdev --physdev-out eth1 -j SNAT --snat-to 1.2.3.5\n\nFor multicast case, only one of such conflicting mappings will be\ncreated, conntrack only handles 1:1 NAT mappings.\n\nUsers should set create a setup that explicitly marks such traffic\nNOTRACK (conntrack bypass) to avoid this, but we cannot auto-bypass\nthem, ruleset might have accept rules for untracked traffic already,\nso user-visible behaviour would change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27415",
"url": "https://www.suse.com/security/cve/CVE-2024-27415"
},
{
"category": "external",
"summary": "SUSE Bug 1224757 for CVE-2024-27415",
"url": "https://bugzilla.suse.com/1224757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-27415"
},
{
"cve": "CVE-2024-28956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28956"
}
],
"notes": [
{
"category": "general",
"text": "Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28956",
"url": "https://www.suse.com/security/cve/CVE-2024-28956"
},
{
"category": "external",
"summary": "SUSE Bug 1242006 for CVE-2024-28956",
"url": "https://bugzilla.suse.com/1242006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-28956"
},
{
"cve": "CVE-2024-35840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()\n\nsubflow_finish_connect() uses four fields (backup, join_id, thmac, none)\nthat may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set\nin mptcp_parse_option()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35840",
"url": "https://www.suse.com/security/cve/CVE-2024-35840"
},
{
"category": "external",
"summary": "SUSE Bug 1224597 for CVE-2024-35840",
"url": "https://bugzilla.suse.com/1224597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35840"
},
{
"cve": "CVE-2024-35910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: properly terminate timers for kernel sockets\n\nWe had various syzbot reports about tcp timers firing after\nthe corresponding netns has been dismantled.\n\nFortunately Josef Bacik could trigger the issue more often,\nand could test a patch I wrote two years ago.\n\nWhen TCP sockets are closed, we call inet_csk_clear_xmit_timers()\nto \u0027stop\u0027 the timers.\n\ninet_csk_clear_xmit_timers() can be called from any context,\nincluding when socket lock is held.\nThis is the reason it uses sk_stop_timer(), aka del_timer().\nThis means that ongoing timers might finish much later.\n\nFor user sockets, this is fine because each running timer\nholds a reference on the socket, and the user socket holds\na reference on the netns.\n\nFor kernel sockets, we risk that the netns is freed before\ntimer can complete, because kernel sockets do not hold\nreference on the netns.\n\nThis patch adds inet_csk_clear_xmit_timers_sync() function\nthat using sk_stop_timer_sync() to make sure all timers\nare terminated before the kernel socket is released.\nModules using kernel sockets close them in their netns exit()\nhandler.\n\nAlso add sock_not_owned_by_me() helper to get LOCKDEP\nsupport : inet_csk_clear_xmit_timers_sync() must not be called\nwhile socket lock is held.\n\nIt is very possible we can revert in the future commit\n3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\")\nwhich attempted to solve the issue in rds only.\n(net/smc/af_smc.c and net/mptcp/subflow.c have similar code)\n\nWe probably can remove the check_net() tests from\ntcp_out_of_resources() and __tcp_close() in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35910",
"url": "https://www.suse.com/security/cve/CVE-2024-35910"
},
{
"category": "external",
"summary": "SUSE Bug 1224489 for CVE-2024-35910",
"url": "https://bugzilla.suse.com/1224489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35910"
},
{
"cve": "CVE-2024-38606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38606"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - validate slices count returned by FW\n\nThe function adf_send_admin_tl_start() enables the telemetry (TL)\nfeature on a QAT device by sending the ICP_QAT_FW_TL_START message to\nthe firmware. This triggers the FW to start writing TL data to a DMA\nbuffer in memory and returns an array containing the number of\naccelerators of each type (slices) supported by this HW.\nThe pointer to this array is stored in the adf_tl_hw_data data\nstructure called slice_cnt.\n\nThe array slice_cnt is then used in the function tl_print_dev_data()\nto report in debugfs only statistics about the supported accelerators.\nAn incorrect value of the elements in slice_cnt might lead to an out\nof bounds memory read.\nAt the moment, there isn\u0027t an implementation of FW that returns a wrong\nvalue, but for robustness validate the slice count array returned by FW.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38606",
"url": "https://www.suse.com/security/cve/CVE-2024-38606"
},
{
"category": "external",
"summary": "SUSE Bug 1226871 for CVE-2024-38606",
"url": "https://bugzilla.suse.com/1226871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38606"
},
{
"cve": "CVE-2024-41005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetpoll: Fix race condition in netpoll_owner_active\n\nKCSAN detected a race condition in netpoll:\n\n\tBUG: KCSAN: data-race in net_rx_action / netpoll_send_skb\n\twrite (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10:\n\tnet_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822)\n\u003csnip\u003e\n\tread to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2:\n\tnetpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393)\n\tnetpoll_send_udp (net/core/netpoll.c:?)\n\u003csnip\u003e\n\tvalue changed: 0x0000000a -\u003e 0xffffffff\n\nThis happens because netpoll_owner_active() needs to check if the\ncurrent CPU is the owner of the lock, touching napi-\u003epoll_owner\nnon atomically. The -\u003epoll_owner field contains the current CPU holding\nthe lock.\n\nUse an atomic read to check if the poll owner is the current CPU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41005",
"url": "https://www.suse.com/security/cve/CVE-2024-41005"
},
{
"category": "external",
"summary": "SUSE Bug 1227858 for CVE-2024-41005",
"url": "https://bugzilla.suse.com/1227858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-41005"
},
{
"cve": "CVE-2024-43820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume\n\nrm-raid devices will occasionally trigger the following warning when\nbeing resumed after a table load because DM_RECOVERY_RUNNING is set:\n\nWARNING: CPU: 7 PID: 5660 at drivers/md/dm-raid.c:4105 raid_resume+0xee/0x100 [dm_raid]\n\nThe failing check is:\nWARN_ON_ONCE(test_bit(MD_RECOVERY_RUNNING, \u0026mddev-\u003erecovery));\n\nThis check is designed to make sure that the sync thread isn\u0027t\nregistered, but md_check_recovery can set MD_RECOVERY_RUNNING without\nthe sync_thread ever getting registered. Instead of checking if\nMD_RECOVERY_RUNNING is set, check if sync_thread is non-NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43820",
"url": "https://www.suse.com/security/cve/CVE-2024-43820"
},
{
"category": "external",
"summary": "SUSE Bug 1229311 for CVE-2024-43820",
"url": "https://bugzilla.suse.com/1229311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-43820"
},
{
"cve": "CVE-2024-46713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/aux: Fix AUX buffer serialization\n\nOle reported that event-\u003emmap_mutex is strictly insufficient to\nserialize the AUX buffer, add a per RB mutex to fully serialize it.\n\nNote that in the lock order comment the perf_event::mmap_mutex order\nwas already wrong, that is, it nesting under mmap_lock is not new with\nthis patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46713",
"url": "https://www.suse.com/security/cve/CVE-2024-46713"
},
{
"category": "external",
"summary": "SUSE Bug 1230581 for CVE-2024-46713",
"url": "https://bugzilla.suse.com/1230581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-46713"
},
{
"cve": "CVE-2024-46763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfou: Fix null-ptr-deref in GRO.\n\nWe observed a null-ptr-deref in fou_gro_receive() while shutting down\na host. [0]\n\nThe NULL pointer is sk-\u003esk_user_data, and the offset 8 is of protocol\nin struct fou.\n\nWhen fou_release() is called due to netns dismantle or explicit tunnel\nteardown, udp_tunnel_sock_release() sets NULL to sk-\u003esk_user_data.\nThen, the tunnel socket is destroyed after a single RCU grace period.\n\nSo, in-flight udp4_gro_receive() could find the socket and execute the\nFOU GRO handler, where sk-\u003esk_user_data could be NULL.\n\nLet\u0027s use rcu_dereference_sk_user_data() in fou_from_sock() and add NULL\nchecks in FOU GRO handlers.\n\n[0]:\nBUG: kernel NULL pointer dereference, address: 0000000000000008\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 80000001032f4067 P4D 80000001032f4067 PUD 103240067 PMD 0\nSMP PTI\nCPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.10.216-204.855.amzn2.x86_64 #1\nHardware name: Amazon EC2 c5.large/, BIOS 1.0 10/16/2017\nRIP: 0010:fou_gro_receive (net/ipv4/fou.c:233) [fou]\nCode: 41 5f c3 cc cc cc cc e8 e7 2e 69 f4 0f 1f 80 00 00 00 00 0f 1f 44 00 00 49 89 f8 41 54 48 89 f7 48 89 d6 49 8b 80 88 02 00 00 \u003c0f\u003e b6 48 08 0f b7 42 4a 66 25 fd fd 80 cc 02 66 89 42 4a 0f b6 42\nRSP: 0018:ffffa330c0003d08 EFLAGS: 00010297\nRAX: 0000000000000000 RBX: ffff93d9e3a6b900 RCX: 0000000000000010\nRDX: ffff93d9e3a6b900 RSI: ffff93d9e3a6b900 RDI: ffff93dac2e24d08\nRBP: ffff93d9e3a6b900 R08: ffff93dacbce6400 R09: 0000000000000002\nR10: 0000000000000000 R11: ffffffffb5f369b0 R12: ffff93dacbce6400\nR13: ffff93dac2e24d08 R14: 0000000000000000 R15: ffffffffb4edd1c0\nFS: 0000000000000000(0000) GS:ffff93daee800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 0000000102140001 CR4: 00000000007706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cIRQ\u003e\n ? show_trace_log_lvl (arch/x86/kernel/dumpstack.c:259)\n ? __die_body.cold (arch/x86/kernel/dumpstack.c:478 arch/x86/kernel/dumpstack.c:420)\n ? no_context (arch/x86/mm/fault.c:752)\n ? exc_page_fault (arch/x86/include/asm/irqflags.h:49 arch/x86/include/asm/irqflags.h:89 arch/x86/mm/fault.c:1435 arch/x86/mm/fault.c:1483)\n ? asm_exc_page_fault (arch/x86/include/asm/idtentry.h:571)\n ? fou_gro_receive (net/ipv4/fou.c:233) [fou]\n udp_gro_receive (include/linux/netdevice.h:2552 net/ipv4/udp_offload.c:559)\n udp4_gro_receive (net/ipv4/udp_offload.c:604)\n inet_gro_receive (net/ipv4/af_inet.c:1549 (discriminator 7))\n dev_gro_receive (net/core/dev.c:6035 (discriminator 4))\n napi_gro_receive (net/core/dev.c:6170)\n ena_clean_rx_irq (drivers/amazon/net/ena/ena_netdev.c:1558) [ena]\n ena_io_poll (drivers/amazon/net/ena/ena_netdev.c:1742) [ena]\n napi_poll (net/core/dev.c:6847)\n net_rx_action (net/core/dev.c:6917)\n __do_softirq (arch/x86/include/asm/jump_label.h:25 include/linux/jump_label.h:200 include/trace/events/irq.h:142 kernel/softirq.c:299)\n asm_call_irq_on_stack (arch/x86/entry/entry_64.S:809)\n\u003c/IRQ\u003e\n do_softirq_own_stack (arch/x86/include/asm/irq_stack.h:27 arch/x86/include/asm/irq_stack.h:77 arch/x86/kernel/irq_64.c:77)\n irq_exit_rcu (kernel/softirq.c:393 kernel/softirq.c:423 kernel/softirq.c:435)\n common_interrupt (arch/x86/kernel/irq.c:239)\n asm_common_interrupt (arch/x86/include/asm/idtentry.h:626)\nRIP: 0010:acpi_idle_do_entry (arch/x86/include/asm/irqflags.h:49 arch/x86/include/asm/irqflags.h:89 drivers/acpi/processor_idle.c:114 drivers/acpi/processor_idle.c:575)\nCode: 8b 15 d1 3c c4 02 ed c3 cc cc cc cc 65 48 8b 04 25 40 ef 01 00 48 8b 00 a8 08 75 eb 0f 1f 44 00 00 0f 00 2d d5 09 55 00 fb f4 \u003cfa\u003e c3 cc cc cc cc e9 be fc ff ff 66 66 2e 0f 1f 84 00 00 00 00 00\nRSP: 0018:ffffffffb5603e58 EFLAGS: 00000246\nRAX: 0000000000004000 RBX: ffff93dac0929c00 RCX: ffff93daee833900\nRDX: ffff93daee800000 RSI: ffff93d\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46763",
"url": "https://www.suse.com/security/cve/CVE-2024-46763"
},
{
"category": "external",
"summary": "SUSE Bug 1230764 for CVE-2024-46763",
"url": "https://bugzilla.suse.com/1230764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-46763"
},
{
"cve": "CVE-2024-46782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: call nf_unregister_net_hooks() sooner\n\nsyzbot found an use-after-free Read in ila_nf_input [1]\n\nIssue here is that ila_xlat_exit_net() frees the rhashtable,\nthen call nf_unregister_net_hooks().\n\nIt should be done in the reverse way, with a synchronize_rcu().\n\nThis is a good match for a pre_exit() method.\n\n[1]\n BUG: KASAN: use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: use-after-free in __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\nRead of size 4 at addr ffff888064620008 by task ksoftirqd/0/16\n\nCPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:132 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1fe/0x3c0 net/ipv6/ila/ila_xlat.c:190\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK+0x29e/0x450 include/linux/netfilter.h:312\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6108\n __napi_poll+0xcb/0x490 net/core/dev.c:6772\n napi_poll net/core/dev.c:6841 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6963\n handle_softirqs+0x2c4/0x970 kernel/softirq.c:554\n run_ksoftirqd+0xca/0x130 kernel/softirq.c:928\n smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nThe buggy address belongs to the physical page:\npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64620\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xbfffffff(buddy)\nraw: 00fff00000000000 ffffea0000959608 ffffea00019d9408 0000000000000000\nraw: 0000000000000000 0000000000000003 00000000bfffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 3, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 5242, tgid 5242 (syz-executor), ts 73611328570, free_ts 618981657187\n set_page_owner include/linux/page_owner.h:32 [inline]\n post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1493\n prep_new_page mm/page_alloc.c:1501 [inline]\n get_page_from_freelist+0x2e4c/0x2f10 mm/page_alloc.c:3439\n __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4695\n __alloc_pages_node_noprof include/linux/gfp.h:269 [inline]\n alloc_pages_node_noprof include/linux/gfp.h:296 [inline]\n ___kmalloc_large_node+0x8b/0x1d0 mm/slub.c:4103\n __kmalloc_large_node_noprof+0x1a/0x80 mm/slub.c:4130\n __do_kmalloc_node mm/slub.c:4146 [inline]\n __kmalloc_node_noprof+0x2d2/0x440 mm/slub.c:4164\n __kvmalloc_node_noprof+0x72/0x190 mm/util.c:650\n bucket_table_alloc lib/rhashtable.c:186 [inline]\n rhashtable_init_noprof+0x534/0xa60 lib/rhashtable.c:1071\n ila_xlat_init_net+0xa0/0x110 net/ipv6/ila/ila_xlat.c:613\n ops_ini\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46782",
"url": "https://www.suse.com/security/cve/CVE-2024-46782"
},
{
"category": "external",
"summary": "SUSE Bug 1230769 for CVE-2024-46782",
"url": "https://bugzilla.suse.com/1230769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-46782"
},
{
"cve": "CVE-2024-46865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfou: fix initialization of grc\n\nThe grc must be initialize first. There can be a condition where if\nfou is NULL, goto out will be executed and grc would be used\nuninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46865",
"url": "https://www.suse.com/security/cve/CVE-2024-46865"
},
{
"category": "external",
"summary": "SUSE Bug 1231103 for CVE-2024-46865",
"url": "https://bugzilla.suse.com/1231103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-46865"
},
{
"cve": "CVE-2024-47408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check smcd_v2_ext_offset when receiving proposal msg\n\nWhen receiving proposal msg in server, the field smcd_v2_ext_offset in\nproposal msg is from the remote client and can not be fully trusted.\nOnce the value of smcd_v2_ext_offset exceed the max value, there has\nthe chance to access wrong address, and crash may happen.\n\nThis patch checks the value of smcd_v2_ext_offset before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47408",
"url": "https://www.suse.com/security/cve/CVE-2024-47408"
},
{
"category": "external",
"summary": "SUSE Bug 1235711 for CVE-2024-47408",
"url": "https://bugzilla.suse.com/1235711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-47408"
},
{
"cve": "CVE-2024-47794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tailcall infinite loop caused by freplace\n\nThere is a potential infinite loop issue that can occur when using a\ncombination of tail calls and freplace.\n\nIn an upcoming selftest, the attach target for entry_freplace of\ntailcall_freplace.c is subprog_tc of tc_bpf2bpf.c, while the tail call in\nentry_freplace leads to entry_tc. This results in an infinite loop:\n\nentry_tc -\u003e subprog_tc -\u003e entry_freplace --tailcall-\u003e entry_tc.\n\nThe problem arises because the tail_call_cnt in entry_freplace resets to\nzero each time entry_freplace is executed, causing the tail call mechanism\nto never terminate, eventually leading to a kernel panic.\n\nTo fix this issue, the solution is twofold:\n\n1. Prevent updating a program extended by an freplace program to a\n prog_array map.\n2. Prevent extending a program that is already part of a prog_array map\n with an freplace program.\n\nThis ensures that:\n\n* If a program or its subprogram has been extended by an freplace program,\n it can no longer be updated to a prog_array map.\n* If a program has been added to a prog_array map, neither it nor its\n subprograms can be extended by an freplace program.\n\nMoreover, an extension program should not be tailcalled. As such, return\n-EINVAL if the program has a type of BPF_PROG_TYPE_EXT when adding it to a\nprog_array map.\n\nAdditionally, fix a minor code style issue by replacing eight spaces with a\ntab for proper formatting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47794",
"url": "https://www.suse.com/security/cve/CVE-2024-47794"
},
{
"category": "external",
"summary": "SUSE Bug 1235712 for CVE-2024-47794",
"url": "https://bugzilla.suse.com/1235712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-47794"
},
{
"cve": "CVE-2024-49570",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49570"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/tracing: Fix a potential TP_printk UAF\n\nThe commit\nafd2627f727b (\"tracing: Check \"%s\" dereference via the field and not the TP_printk format\")\nexposes potential UAFs in the xe_bo_move trace event.\n\nFix those by avoiding dereferencing the\nxe_mem_type_to_name[] array at TP_printk time.\n\nSince some code refactoring has taken place, explicit backporting may\nbe needed for kernels older than 6.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49570",
"url": "https://www.suse.com/security/cve/CVE-2024-49570"
},
{
"category": "external",
"summary": "SUSE Bug 1238782 for CVE-2024-49570",
"url": "https://bugzilla.suse.com/1238782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-49570"
},
{
"cve": "CVE-2024-49571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the field iparea_offset\nand the field ipv6_prefixes_cnt in proposal msg are from the\nremote client and can not be fully trusted. Especially the\nfield iparea_offset, once exceed the max value, there has the\nchance to access wrong address, and crash may happen.\n\nThis patch checks iparea_offset and ipv6_prefixes_cnt before using them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49571",
"url": "https://www.suse.com/security/cve/CVE-2024-49571"
},
{
"category": "external",
"summary": "SUSE Bug 1235733 for CVE-2024-49571",
"url": "https://bugzilla.suse.com/1235733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-49571"
},
{
"cve": "CVE-2024-49924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: pxafb: Fix possible use after free in pxafb_task()\n\nIn the pxafb_probe function, it calls the pxafb_init_fbinfo function,\nafter which \u0026fbi-\u003etask is associated with pxafb_task. Moreover,\nwithin this pxafb_init_fbinfo function, the pxafb_blank function\nwithin the \u0026pxafb_ops struct is capable of scheduling work.\n\nIf we remove the module which will call pxafb_remove to make cleanup,\nit will call unregister_framebuffer function which can call\ndo_unregister_framebuffer to free fbi-\u003efb through\nput_fb_info(fb_info), while the work mentioned above will be used.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | pxafb_task\npxafb_remove |\nunregister_framebuffer(info) |\ndo_unregister_framebuffer(fb_info) |\nput_fb_info(fb_info) |\n// free fbi-\u003efb | set_ctrlr_state(fbi, state)\n | __pxafb_lcd_power(fbi, 0)\n | fbi-\u003elcd_power(on, \u0026fbi-\u003efb.var)\n | //use fbi-\u003efb\n\nFix it by ensuring that the work is canceled before proceeding\nwith the cleanup in pxafb_remove.\n\nNote that only root user can remove the driver at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49924",
"url": "https://www.suse.com/security/cve/CVE-2024-49924"
},
{
"category": "external",
"summary": "SUSE Bug 1232364 for CVE-2024-49924",
"url": "https://bugzilla.suse.com/1232364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-49924"
},
{
"cve": "CVE-2024-49994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix integer overflow in BLKSECDISCARD\n\nI independently rediscovered\n\n\tcommit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155\n\tblock: fix overflow in blk_ioctl_discard()\n\nbut for secure erase.\n\nSame problem:\n\n\tuint64_t r[2] = {512, 18446744073709551104ULL};\n\tioctl(fd, BLKSECDISCARD, r);\n\nwill enter near infinite loop inside blkdev_issue_secure_erase():\n\n\ta.out: attempt to access beyond end of device\n\tloop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048\n\tbio_check_eod: 3286214 callbacks suppressed",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49994",
"url": "https://www.suse.com/security/cve/CVE-2024-49994"
},
{
"category": "external",
"summary": "SUSE Bug 1237757 for CVE-2024-49994",
"url": "https://bugzilla.suse.com/1237757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-49994"
},
{
"cve": "CVE-2024-50038",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50038"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xtables: avoid NFPROTO_UNSPEC where needed\n\nsyzbot managed to call xt_cluster match via ebtables:\n\n WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780\n [..]\n ebt_do_table+0x174b/0x2a40\n\nModule registers to NFPROTO_UNSPEC, but it assumes ipv4/ipv6 packet\nprocessing. As this is only useful to restrict locally terminating\nTCP/UDP traffic, register this for ipv4 and ipv6 family only.\n\nPablo points out that this is a general issue, direct users of the\nset/getsockopt interface can call into targets/matches that were only\nintended for use with ip(6)tables.\n\nCheck all UNSPEC matches and targets for similar issues:\n\n- matches and targets are fine except if they assume skb_network_header()\n is valid -- this is only true when called from inet layer: ip(6) stack\n pulls the ip/ipv6 header into linear data area.\n- targets that return XT_CONTINUE or other xtables verdicts must be\n restricted too, they are incompatbile with the ebtables traverser, e.g.\n EBT_CONTINUE is a completely different value than XT_CONTINUE.\n\nMost matches/targets are changed to register for NFPROTO_IPV4/IPV6, as\nthey are provided for use by ip(6)tables.\n\nThe MARK target is also used by arptables, so register for NFPROTO_ARP too.\n\nWhile at it, bail out if connbytes fails to enable the corresponding\nconntrack family.\n\nThis change passes the selftests in iptables.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50038",
"url": "https://www.suse.com/security/cve/CVE-2024-50038"
},
{
"category": "external",
"summary": "SUSE Bug 1231910 for CVE-2024-50038",
"url": "https://bugzilla.suse.com/1231910"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-50038"
},
{
"cve": "CVE-2024-50056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c\n\nFix potential dereferencing of ERR_PTR() in find_format_by_pix()\nand uvc_v4l2_enum_format().\n\nFix the following smatch errors:\n\ndrivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\ndrivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\nAlso, fix similar issue in uvc_v4l2_try_format() for potential\ndereferencing of ERR_PTR().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50056",
"url": "https://www.suse.com/security/cve/CVE-2024-50056"
},
{
"category": "external",
"summary": "SUSE Bug 1232389 for CVE-2024-50056",
"url": "https://bugzilla.suse.com/1232389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-50056"
},
{
"cve": "CVE-2024-50083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix mptcp DSS corruption due to large pmtu xmit\n\nSyzkaller was able to trigger a DSS corruption:\n\n TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 5227 at net/mptcp/protocol.c:695 __mptcp_move_skbs_from_subflow+0x20a9/0x21f0 net/mptcp/protocol.c:695\n Modules linked in:\n CPU: 0 UID: 0 PID: 5227 Comm: syz-executor350 Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\n RIP: 0010:__mptcp_move_skbs_from_subflow+0x20a9/0x21f0 net/mptcp/protocol.c:695\n Code: 0f b6 dc 31 ff 89 de e8 b5 dd ea f5 89 d8 48 81 c4 50 01 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 98 da ea f5 90 \u003c0f\u003e 0b 90 e9 47 ff ff ff e8 8a da ea f5 90 0f 0b 90 e9 99 e0 ff ff\n RSP: 0018:ffffc90000006db8 EFLAGS: 00010246\n RAX: ffffffff8ba9df18 RBX: 00000000000055f0 RCX: ffff888030023c00\n RDX: 0000000000000100 RSI: 00000000000081e5 RDI: 00000000000055f0\n RBP: 1ffff110062bf1ae R08: ffffffff8ba9cf12 R09: 1ffff110062bf1b8\n R10: dffffc0000000000 R11: ffffed10062bf1b9 R12: 0000000000000000\n R13: dffffc0000000000 R14: 00000000700cec61 R15: 00000000000081e5\n FS: 000055556679c380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020287000 CR3: 0000000077892000 CR4: 00000000003506f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cIRQ\u003e\n move_skbs_to_msk net/mptcp/protocol.c:811 [inline]\n mptcp_data_ready+0x29c/0xa90 net/mptcp/protocol.c:854\n subflow_data_ready+0x34a/0x920 net/mptcp/subflow.c:1490\n tcp_data_queue+0x20fd/0x76c0 net/ipv4/tcp_input.c:5283\n tcp_rcv_established+0xfba/0x2020 net/ipv4/tcp_input.c:6237\n tcp_v4_do_rcv+0x96d/0xc70 net/ipv4/tcp_ipv4.c:1915\n tcp_v4_rcv+0x2dc0/0x37f0 net/ipv4/tcp_ipv4.c:2350\n ip_protocol_deliver_rcu+0x22e/0x440 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n __netif_receive_skb_one_core net/core/dev.c:5662 [inline]\n __netif_receive_skb+0x2bf/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6107\n __napi_poll+0xcb/0x490 net/core/dev.c:6771\n napi_poll net/core/dev.c:6840 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6962\n handle_softirqs+0x2c5/0x980 kernel/softirq.c:554\n do_softirq+0x11b/0x1e0 kernel/softirq.c:455\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:382\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x1764/0x3e80 net/core/dev.c:4451\n dev_queue_xmit include/linux/netdevice.h:3094 [inline]\n neigh_hh_output include/net/neighbour.h:526 [inline]\n neigh_output include/net/neighbour.h:540 [inline]\n ip_finish_output2+0xd41/0x1390 net/ipv4/ip_output.c:236\n ip_local_out net/ipv4/ip_output.c:130 [inline]\n __ip_queue_xmit+0x118c/0x1b80 net/ipv4/ip_output.c:536\n __tcp_transmit_skb+0x2544/0x3b30 net/ipv4/tcp_output.c:1466\n tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline]\n tcp_mtu_probe net/ipv4/tcp_output.c:2547 [inline]\n tcp_write_xmit+0x641d/0x6bf0 net/ipv4/tcp_output.c:2752\n __tcp_push_pending_frames+0x9b/0x360 net/ipv4/tcp_output.c:3015\n tcp_push_pending_frames include/net/tcp.h:2107 [inline]\n tcp_data_snd_check net/ipv4/tcp_input.c:5714 [inline]\n tcp_rcv_established+0x1026/0x2020 net/ipv4/tcp_input.c:6239\n tcp_v4_do_rcv+0x96d/0xc70 net/ipv4/tcp_ipv4.c:1915\n sk_backlog_rcv include/net/sock.h:1113 [inline]\n __release_sock+0x214/0x350 net/core/sock.c:3072\n release_sock+0x61/0x1f0 net/core/sock.c:3626\n mptcp_push_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50083",
"url": "https://www.suse.com/security/cve/CVE-2024-50083"
},
{
"category": "external",
"summary": "SUSE Bug 1232493 for CVE-2024-50083",
"url": "https://bugzilla.suse.com/1232493"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-50083"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.com/1232882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-50106"
},
{
"cve": "CVE-2024-50126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: use RCU read-side critical section in taprio_dump()\n\nFix possible use-after-free in \u0027taprio_dump()\u0027 by adding RCU\nread-side critical section there. Never seen on x86 but\nfound on a KASAN-enabled arm64 system when investigating\nhttps://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa:\n\n[T15862] BUG: KASAN: slab-use-after-free in taprio_dump+0xa0c/0xbb0\n[T15862] Read of size 4 at addr ffff0000d4bb88f8 by task repro/15862\n[T15862]\n[T15862] CPU: 0 UID: 0 PID: 15862 Comm: repro Not tainted 6.11.0-rc1-00293-gdefaf1a2113a-dirty #2\n[T15862] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-20240524-5.fc40 05/24/2024\n[T15862] Call trace:\n[T15862] dump_backtrace+0x20c/0x220\n[T15862] show_stack+0x2c/0x40\n[T15862] dump_stack_lvl+0xf8/0x174\n[T15862] print_report+0x170/0x4d8\n[T15862] kasan_report+0xb8/0x1d4\n[T15862] __asan_report_load4_noabort+0x20/0x2c\n[T15862] taprio_dump+0xa0c/0xbb0\n[T15862] tc_fill_qdisc+0x540/0x1020\n[T15862] qdisc_notify.isra.0+0x330/0x3a0\n[T15862] tc_modify_qdisc+0x7b8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Allocated by task 15857:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_alloc_info+0x40/0x60\n[T15862] __kasan_kmalloc+0xd4/0xe0\n[T15862] __kmalloc_cache_noprof+0x194/0x334\n[T15862] taprio_change+0x45c/0x2fe0\n[T15862] tc_modify_qdisc+0x6a8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Freed by task 6192:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_free_info+0x4c/0x80\n[T15862] poison_slab_object+0x110/0x160\n[T15862] __kasan_slab_free+0x3c/0x74\n[T15862] kfree+0x134/0x3c0\n[T15862] taprio_free_sched_cb+0x18c/0x220\n[T15862] rcu_core+0x920/0x1b7c\n[T15862] rcu_core_si+0x10/0x1c\n[T15862] handle_softirqs+0x2e8/0xd64\n[T15862] __do_softirq+0x14/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50126",
"url": "https://www.suse.com/security/cve/CVE-2024-50126"
},
{
"category": "external",
"summary": "SUSE Bug 1232895 for CVE-2024-50126",
"url": "https://bugzilla.suse.com/1232895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-50126"
},
{
"cve": "CVE-2024-50140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Disable page allocation in task_tick_mm_cid()\n\nWith KASAN and PREEMPT_RT enabled, calling task_work_add() in\ntask_tick_mm_cid() may cause the following splat.\n\n[ 63.696416] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 63.696416] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 610, name: modprobe\n[ 63.696416] preempt_count: 10001, expected: 0\n[ 63.696416] RCU nest depth: 1, expected: 1\n\nThis problem is caused by the following call trace.\n\n sched_tick() [ acquire rq-\u003e__lock ]\n -\u003e task_tick_mm_cid()\n -\u003e task_work_add()\n -\u003e __kasan_record_aux_stack()\n -\u003e kasan_save_stack()\n -\u003e stack_depot_save_flags()\n -\u003e alloc_pages_mpol_noprof()\n -\u003e __alloc_pages_noprof()\n\t -\u003e get_page_from_freelist()\n\t -\u003e rmqueue()\n\t -\u003e rmqueue_pcplist()\n\t -\u003e __rmqueue_pcplist()\n\t -\u003e rmqueue_bulk()\n\t -\u003e rt_spin_lock()\n\nThe rq lock is a raw_spinlock_t. We can\u0027t sleep while holding\nit. IOW, we can\u0027t call alloc_pages() in stack_depot_save_flags().\n\nThe task_tick_mm_cid() function with its task_work_add() call was\nintroduced by commit 223baf9d17f2 (\"sched: Fix performance regression\nintroduced by mm_cid\") in v6.4 kernel.\n\nFortunately, there is a kasan_record_aux_stack_noalloc() variant that\ncalls stack_depot_save_flags() while not allowing it to allocate\nnew pages. To allow task_tick_mm_cid() to use task_work without\npage allocation, a new TWAF_NO_ALLOC flag is added to enable calling\nkasan_record_aux_stack_noalloc() instead of kasan_record_aux_stack()\nif set. The task_tick_mm_cid() function is modified to add this new flag.\n\nThe possible downside is the missing stack trace in a KASAN report due\nto new page allocation required when task_work_add_noallloc() is called\nwhich should be rare.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50140",
"url": "https://www.suse.com/security/cve/CVE-2024-50140"
},
{
"category": "external",
"summary": "SUSE Bug 1233060 for CVE-2024-50140",
"url": "https://bugzilla.suse.com/1233060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-50140"
},
{
"cve": "CVE-2024-50223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50223"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: Fix the potential null pointer dereference in task_numa_work()\n\nWhen running stress-ng-vm-segv test, we found a null pointer dereference\nerror in task_numa_work(). Here is the backtrace:\n\n [323676.066985] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ......\n [323676.067108] CPU: 35 PID: 2694524 Comm: stress-ng-vm-se\n ......\n [323676.067113] pstate: 23401009 (nzCv daif +PAN -UAO +TCO +DIT +SSBS BTYPE=--)\n [323676.067115] pc : vma_migratable+0x1c/0xd0\n [323676.067122] lr : task_numa_work+0x1ec/0x4e0\n [323676.067127] sp : ffff8000ada73d20\n [323676.067128] x29: ffff8000ada73d20 x28: 0000000000000000 x27: 000000003e89f010\n [323676.067130] x26: 0000000000080000 x25: ffff800081b5c0d8 x24: ffff800081b27000\n [323676.067133] x23: 0000000000010000 x22: 0000000104d18cc0 x21: ffff0009f7158000\n [323676.067135] x20: 0000000000000000 x19: 0000000000000000 x18: ffff8000ada73db8\n [323676.067138] x17: 0001400000000000 x16: ffff800080df40b0 x15: 0000000000000035\n [323676.067140] x14: ffff8000ada73cc8 x13: 1fffe0017cc72001 x12: ffff8000ada73cc8\n [323676.067142] x11: ffff80008001160c x10: ffff000be639000c x9 : ffff8000800f4ba4\n [323676.067145] x8 : ffff000810375000 x7 : ffff8000ada73974 x6 : 0000000000000001\n [323676.067147] x5 : 0068000b33e26707 x4 : 0000000000000001 x3 : ffff0009f7158000\n [323676.067149] x2 : 0000000000000041 x1 : 0000000000004400 x0 : 0000000000000000\n [323676.067152] Call trace:\n [323676.067153] vma_migratable+0x1c/0xd0\n [323676.067155] task_numa_work+0x1ec/0x4e0\n [323676.067157] task_work_run+0x78/0xd8\n [323676.067161] do_notify_resume+0x1ec/0x290\n [323676.067163] el0_svc+0x150/0x160\n [323676.067167] el0t_64_sync_handler+0xf8/0x128\n [323676.067170] el0t_64_sync+0x17c/0x180\n [323676.067173] Code: d2888001 910003fd f9000bf3 aa0003f3 (f9401000)\n [323676.067177] SMP: stopping secondary CPUs\n [323676.070184] Starting crashdump kernel...\n\nstress-ng-vm-segv in stress-ng is used to stress test the SIGSEGV error\nhandling function of the system, which tries to cause a SIGSEGV error on\nreturn from unmapping the whole address space of the child process.\n\nNormally this program will not cause kernel crashes. But before the\nmunmap system call returns to user mode, a potential task_numa_work()\nfor numa balancing could be added and executed. In this scenario, since the\nchild process has no vma after munmap, the vma_next() in task_numa_work()\nwill return a null pointer even if the vma iterator restarts from 0.\n\nRecheck the vma pointer before dereferencing it in task_numa_work().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50223",
"url": "https://www.suse.com/security/cve/CVE-2024-50223"
},
{
"category": "external",
"summary": "SUSE Bug 1233192 for CVE-2024-50223",
"url": "https://bugzilla.suse.com/1233192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-50223"
},
{
"cve": "CVE-2024-50290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50290",
"url": "https://www.suse.com/security/cve/CVE-2024-50290"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233479 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "external",
"summary": "SUSE Bug 1233681 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-53057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT\n\nIn qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed\nto be either root or ingress. This assumption is bogus since it\u0027s valid\nto create egress qdiscs with major handle ffff:\nBudimir Markovic found that for qdiscs like DRR that maintain an active\nclass list, it will cause a UAF with a dangling class pointer.\n\nIn 066a3b5b2346, the concern was to avoid iterating over the ingress\nqdisc since its parent is itself. The proper fix is to stop when parent\nTC_H_ROOT is reached because the only way to retrieve ingress is when a\nhierarchy which does not contain a ffff: major handle call into\nqdisc_lookup with TC_H_MAJ(TC_H_ROOT).\n\nIn the scenario where major ffff: is an egress qdisc in any of the tree\nlevels, the updates will also propagate to TC_H_ROOT, which then the\niteration must stop.\n\n\n net/sched/sch_api.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53057",
"url": "https://www.suse.com/security/cve/CVE-2024-53057"
},
{
"category": "external",
"summary": "SUSE Bug 1233551 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "external",
"summary": "SUSE Bug 1245816 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1245816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2024-53057"
},
{
"cve": "CVE-2024-53063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53063",
"url": "https://www.suse.com/security/cve/CVE-2024-53063"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233557 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "external",
"summary": "SUSE Bug 1233619 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-53124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix data-races around sk-\u003esk_forward_alloc\n\nSyzkaller reported this warning:\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0\n Modules linked in:\n CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.12.0-rc5 #26\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n RIP: 0010:inet_sock_destruct+0x1c5/0x1e0\n Code: 24 12 4c 89 e2 5b 48 c7 c7 98 ec bb 82 41 5c e9 d1 18 17 ff 4c 89 e6 5b 48 c7 c7 d0 ec bb 82 41 5c e9 bf 18 17 ff 0f 0b eb 83 \u003c0f\u003e 0b eb 97 0f 0b eb 87 0f 0b e9 68 ff ff ff 66 66 2e 0f 1f 84 00\n RSP: 0018:ffffc9000008bd90 EFLAGS: 00010206\n RAX: 0000000000000300 RBX: ffff88810b172a90 RCX: 0000000000000007\n RDX: 0000000000000002 RSI: 0000000000000300 RDI: ffff88810b172a00\n RBP: ffff88810b172a00 R08: ffff888104273c00 R09: 0000000000100007\n R10: 0000000000020000 R11: 0000000000000006 R12: ffff88810b172a00\n R13: 0000000000000004 R14: 0000000000000000 R15: ffff888237c31f78\n FS: 0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ffc63fecac8 CR3: 000000000342e000 CR4: 00000000000006f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x88/0x130\n ? inet_sock_destruct+0x1c5/0x1e0\n ? report_bug+0x18e/0x1a0\n ? handle_bug+0x53/0x90\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? inet_sock_destruct+0x1c5/0x1e0\n __sk_destruct+0x2a/0x200\n rcu_do_batch+0x1aa/0x530\n ? rcu_do_batch+0x13b/0x530\n rcu_core+0x159/0x2f0\n handle_softirqs+0xd3/0x2b0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n run_ksoftirqd+0x25/0x30\n smpboot_thread_fn+0xdd/0x1d0\n kthread+0xd3/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n\nIts possible that two threads call tcp_v6_do_rcv()/sk_forward_alloc_add()\nconcurrently when sk-\u003esk_state == TCP_LISTEN with sk-\u003esk_lock unlocked,\nwhich triggers a data-race around sk-\u003esk_forward_alloc:\ntcp_v6_rcv\n tcp_v6_do_rcv\n skb_clone_and_charge_r\n sk_rmem_schedule\n __sk_mem_schedule\n sk_forward_alloc_add()\n skb_set_owner_r\n sk_mem_charge\n sk_forward_alloc_add()\n __kfree_skb\n skb_release_all\n skb_release_head_state\n sock_rfree\n sk_mem_uncharge\n sk_forward_alloc_add()\n sk_mem_reclaim\n // set local var reclaimable\n __sk_mem_reclaim\n sk_forward_alloc_add()\n\nIn this syzkaller testcase, two threads call\ntcp_v6_do_rcv() with skb-\u003etruesize=768, the sk_forward_alloc changes like\nthis:\n (cpu 1) | (cpu 2) | sk_forward_alloc\n ... | ... | 0\n __sk_mem_schedule() | | +4096 = 4096\n | __sk_mem_schedule() | +4096 = 8192\n sk_mem_charge() | | -768 = 7424\n | sk_mem_charge() | -768 = 6656\n ... | ... |\n sk_mem_uncharge() | | +768 = 7424\n reclaimable=7424 | |\n | sk_mem_uncharge() | +768 = 8192\n | reclaimable=8192 |\n __sk_mem_reclaim() | | -4096 = 4096\n | __sk_mem_reclaim() | -8192 = -4096 != 0\n\nThe skb_clone_and_charge_r() should not be called in tcp_v6_do_rcv() when\nsk-\u003esk_state is TCP_LISTEN, it happens later in tcp_v6_syn_recv_sock().\nFix the same issue in dccp_v6_do_rcv().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53124",
"url": "https://www.suse.com/security/cve/CVE-2024-53124"
},
{
"category": "external",
"summary": "SUSE Bug 1234074 for CVE-2024-53124",
"url": "https://bugzilla.suse.com/1234074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-53124"
},
{
"cve": "CVE-2024-53139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53139"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: fix possible UAF in sctp_v6_available()\n\nA lockdep report [1] with CONFIG_PROVE_RCU_LIST=y hints\nthat sctp_v6_available() is calling dev_get_by_index_rcu()\nand ipv6_chk_addr() without holding rcu.\n\n[1]\n =============================\n WARNING: suspicious RCU usage\n 6.12.0-rc5-virtme #1216 Tainted: G W\n -----------------------------\n net/core/dev.c:876 RCU-list traversed in non-reader section!!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by sctp_hello/31495:\n #0: ffff9f1ebbdb7418 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sctp_bind (./arch/x86/include/asm/jump_label.h:27 net/sctp/socket.c:315) sctp\n\nstack backtrace:\n CPU: 7 UID: 0 PID: 31495 Comm: sctp_hello Tainted: G W 6.12.0-rc5-virtme #1216\n Tainted: [W]=WARN\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl (lib/dump_stack.c:123)\n lockdep_rcu_suspicious (kernel/locking/lockdep.c:6822)\n dev_get_by_index_rcu (net/core/dev.c:876 (discriminator 7))\n sctp_v6_available (net/sctp/ipv6.c:701) sctp\n sctp_do_bind (net/sctp/socket.c:400 (discriminator 1)) sctp\n sctp_bind (net/sctp/socket.c:320) sctp\n inet6_bind_sk (net/ipv6/af_inet6.c:465)\n ? security_socket_bind (security/security.c:4581 (discriminator 1))\n __sys_bind (net/socket.c:1848 net/socket.c:1869)\n ? do_user_addr_fault (./include/linux/rcupdate.h:347 ./include/linux/rcupdate.h:880 ./include/linux/mm.h:729 arch/x86/mm/fault.c:1340)\n ? do_user_addr_fault (./arch/x86/include/asm/preempt.h:84 (discriminator 13) ./include/linux/rcupdate.h:98 (discriminator 13) ./include/linux/rcupdate.h:882 (discriminator 13) ./include/linux/mm.h:729 (discriminator 13) arch/x86/mm/fault.c:1340 (discriminator 13))\n __x64_sys_bind (net/socket.c:1877 (discriminator 1) net/socket.c:1875 (discriminator 1) net/socket.c:1875 (discriminator 1))\n do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n RIP: 0033:0x7f59b934a1e7\n Code: 44 00 00 48 8b 15 39 8c 0c 00 f7 d8 64 89 02 b8 ff ff ff ff eb bd 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 31 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 09 8c 0c 00 f7 d8 64 89 01 48\nAll code\n========\n 0:\t44 00 00 \tadd %r8b,(%rax)\n 3:\t48 8b 15 39 8c 0c 00 \tmov 0xc8c39(%rip),%rdx # 0xc8c43\n a:\tf7 d8 \tneg %eax\n c:\t64 89 02 \tmov %eax,%fs:(%rdx)\n f:\tb8 ff ff ff ff \tmov $0xffffffff,%eax\n 14:\teb bd \tjmp 0xffffffffffffffd3\n 16:\t66 2e 0f 1f 84 00 00 \tcs nopw 0x0(%rax,%rax,1)\n 1d:\t00 00 00\n 20:\t0f 1f 00 \tnopl (%rax)\n 23:\tb8 31 00 00 00 \tmov $0x31,%eax\n 28:\t0f 05 \tsyscall\n 2a:*\t48 3d 01 f0 ff ff \tcmp $0xfffffffffffff001,%rax\t\t\u003c-- trapping instruction\n 30:\t73 01 \tjae 0x33\n 32:\tc3 \tret\n 33:\t48 8b 0d 09 8c 0c 00 \tmov 0xc8c09(%rip),%rcx # 0xc8c43\n 3a:\tf7 d8 \tneg %eax\n 3c:\t64 89 01 \tmov %eax,%fs:(%rcx)\n 3f:\t48 \trex.W\n\nCode starting with the faulting instruction\n===========================================\n 0:\t48 3d 01 f0 ff ff \tcmp $0xfffffffffffff001,%rax\n 6:\t73 01 \tjae 0x9\n 8:\tc3 \tret\n 9:\t48 8b 0d 09 8c 0c 00 \tmov 0xc8c09(%rip),%rcx # 0xc8c19\n 10:\tf7 d8 \tneg %eax\n 12:\t64 89 01 \tmov %eax,%fs:(%rcx)\n 15:\t48 \trex.W\n RSP: 002b:00007ffe2d0ad398 EFLAGS: 00000202 ORIG_RAX: 0000000000000031\n RAX: ffffffffffffffda RBX: 00007ffe2d0ad3d0 RCX: 00007f59b934a1e7\n RDX: 000000000000001c RSI: 00007ffe2d0ad3d0 RDI: 0000000000000005\n RBP: 0000000000000005 R08: 1999999999999999 R09: 0000000000000000\n R10: 00007f59b9253298 R11: 000000000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53139",
"url": "https://www.suse.com/security/cve/CVE-2024-53139"
},
{
"category": "external",
"summary": "SUSE Bug 1234157 for CVE-2024-53139",
"url": "https://bugzilla.suse.com/1234157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-53139"
},
{
"cve": "CVE-2024-53140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: terminate outstanding dump on socket close\n\nNetlink supports iterative dumping of data. It provides the families\nthe following ops:\n - start - (optional) kicks off the dumping process\n - dump - actual dump helper, keeps getting called until it returns 0\n - done - (optional) pairs with .start, can be used for cleanup\nThe whole process is asynchronous and the repeated calls to .dump\ndon\u0027t actually happen in a tight loop, but rather are triggered\nin response to recvmsg() on the socket.\n\nThis gives the user full control over the dump, but also means that\nthe user can close the socket without getting to the end of the dump.\nTo make sure .start is always paired with .done we check if there\nis an ongoing dump before freeing the socket, and if so call .done.\n\nThe complication is that sockets can get freed from BH and .done\nis allowed to sleep. So we use a workqueue to defer the call, when\nneeded.\n\nUnfortunately this does not work correctly. What we defer is not\nthe cleanup but rather releasing a reference on the socket.\nWe have no guarantee that we own the last reference, if someone\nelse holds the socket they may release it in BH and we\u0027re back\nto square one.\n\nThe whole dance, however, appears to be unnecessary. Only the user\ncan interact with dumps, so we can clean up when socket is closed.\nAnd close always happens in process context. Some async code may\nstill access the socket after close, queue notification skbs to it etc.\nbut no dumps can start, end or otherwise make progress.\n\nDelete the workqueue and flush the dump state directly from the release\nhandler. Note that further cleanup is possible in -next, for instance\nwe now always call .done before releasing the main module reference,\nso dump doesn\u0027t have to take a reference of its own.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53140",
"url": "https://www.suse.com/security/cve/CVE-2024-53140"
},
{
"category": "external",
"summary": "SUSE Bug 1234222 for CVE-2024-53140",
"url": "https://bugzilla.suse.com/1234222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-53140"
},
{
"cve": "CVE-2024-53163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53163"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_420xx - fix off by one in uof_get_name()\n\nThis is called from uof_get_name_420xx() where \"num_objs\" is the\nARRAY_SIZE() of fw_objs[]. The \u003e needs to be \u003e= to prevent an out of\nbounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53163",
"url": "https://www.suse.com/security/cve/CVE-2024-53163"
},
{
"category": "external",
"summary": "SUSE Bug 1234828 for CVE-2024-53163",
"url": "https://bugzilla.suse.com/1234828"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-53163"
},
{
"cve": "CVE-2024-53680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 14: ; preds = %11\n %15 = getelementptr inbounds i8, ptr %1, i64 63\n %16 = load i8, ptr %15, align 1\n %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n %18 = icmp eq i8 %16, 0\n %19 = select i1 %17, i1 %18, i1 false\n br i1 %19, label %20, label %23\n\n 20: ; preds = %14\n %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n ...\n\n 23: ; preds = %14, %11, %20\n %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n ...\n }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 12: ; preds = %11\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n unreachable\n }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53680",
"url": "https://www.suse.com/security/cve/CVE-2024-53680"
},
{
"category": "external",
"summary": "SUSE Bug 1235715 for CVE-2024-53680",
"url": "https://bugzilla.suse.com/1235715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-53680"
},
{
"cve": "CVE-2024-54458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: bsg: Set bsg_queue to NULL after removal\n\nCurrently, this does not cause any issues, but I believe it is necessary to\nset bsg_queue to NULL after removing it to prevent potential use-after-free\n(UAF) access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54458",
"url": "https://www.suse.com/security/cve/CVE-2024-54458"
},
{
"category": "external",
"summary": "SUSE Bug 1238992 for CVE-2024-54458",
"url": "https://bugzilla.suse.com/1238992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-54458"
},
{
"cve": "CVE-2024-54683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: IDLETIMER: Fix for possible ABBA deadlock\n\nDeletion of the last rule referencing a given idletimer may happen at\nthe same time as a read of its file in sysfs:\n\n| ======================================================\n| WARNING: possible circular locking dependency detected\n| 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted\n| ------------------------------------------------------\n| iptables/3303 is trying to acquire lock:\n| ffff8881057e04b8 (kn-\u003eactive#48){++++}-{0:0}, at: __kernfs_remove+0x20\n|\n| but task is already holding lock:\n| ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v]\n|\n| which lock already depends on the new lock.\n\nA simple reproducer is:\n\n| #!/bin/bash\n|\n| while true; do\n| iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| done \u0026\n| while true; do\n| cat /sys/class/xt_idletimer/timers/testme \u003e/dev/null\n| done\n\nAvoid this by freeing list_mutex right after deleting the element from\nthe list, then continuing with the teardown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54683",
"url": "https://www.suse.com/security/cve/CVE-2024-54683"
},
{
"category": "external",
"summary": "SUSE Bug 1235729 for CVE-2024-54683",
"url": "https://bugzilla.suse.com/1235729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-54683"
},
{
"cve": "CVE-2024-56638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: incorrect percpu area handling under softirq\n\nSoftirq can interrupt ongoing packet from process context that is\nwalking over the percpu area that contains inner header offsets.\n\nDisable bh and perform three checks before restoring the percpu inner\nheader offsets to validate that the percpu area is valid for this\nskbuff:\n\n1) If the NFT_PKTINFO_INNER_FULL flag is set on, then this skbuff\n has already been parsed before for inner header fetching to\n register.\n\n2) Validate that the percpu area refers to this skbuff using the\n skbuff pointer as a cookie. If there is a cookie mismatch, then\n this skbuff needs to be parsed again.\n\n3) Finally, validate if the percpu area refers to this tunnel type.\n\nOnly after these three checks the percpu area is restored to a on-stack\ncopy and bh is enabled again.\n\nAfter inner header fetching, the on-stack copy is stored back to the\npercpu area.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56638",
"url": "https://www.suse.com/security/cve/CVE-2024-56638"
},
{
"category": "external",
"summary": "SUSE Bug 1235524 for CVE-2024-56638",
"url": "https://bugzilla.suse.com/1235524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-56638"
},
{
"cve": "CVE-2024-56640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix LGR and link use-after-free issue\n\nWe encountered a LGR/link use-after-free issue, which manifested as\nthe LGR/link refcnt reaching 0 early and entering the clear process,\nmaking resource access unsafe.\n\n refcount_t: addition on 0; use-after-free.\n WARNING: CPU: 14 PID: 107447 at lib/refcount.c:25 refcount_warn_saturate+0x9c/0x140\n Workqueue: events smc_lgr_terminate_work [smc]\n Call trace:\n refcount_warn_saturate+0x9c/0x140\n __smc_lgr_terminate.part.45+0x2a8/0x370 [smc]\n smc_lgr_terminate_work+0x28/0x30 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nor\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 6 PID: 93140 at lib/refcount.c:28 refcount_warn_saturate+0xf0/0x140\n Workqueue: smc_hs_wq smc_listen_work [smc]\n Call trace:\n refcount_warn_saturate+0xf0/0x140\n smcr_link_put+0x1cc/0x1d8 [smc]\n smc_conn_free+0x110/0x1b0 [smc]\n smc_conn_abort+0x50/0x60 [smc]\n smc_listen_find_device+0x75c/0x790 [smc]\n smc_listen_work+0x368/0x8a0 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nIt is caused by repeated release of LGR/link refcnt. One suspect is that\nsmc_conn_free() is called repeatedly because some smc_conn_free() from\nserver listening path are not protected by sock lock.\n\ne.g.\n\nCalls under socklock | smc_listen_work\n-------------------------------------------------------\nlock_sock(sk) | smc_conn_abort\nsmc_conn_free | \\- smc_conn_free\n\\- smcr_link_put | \\- smcr_link_put (duplicated)\nrelease_sock(sk)\n\nSo here add sock lock protection in smc_listen_work() path, making it\nexclusive with other connection operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56640",
"url": "https://www.suse.com/security/cve/CVE-2024-56640"
},
{
"category": "external",
"summary": "SUSE Bug 1235436 for CVE-2024-56640",
"url": "https://bugzilla.suse.com/1235436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-56640"
},
{
"cve": "CVE-2024-56641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56641"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: initialize close_work early to avoid warning\n\nWe encountered a warning that close_work was canceled before\ninitialization.\n\n WARNING: CPU: 7 PID: 111103 at kernel/workqueue.c:3047 __flush_work+0x19e/0x1b0\n Workqueue: events smc_lgr_terminate_work [smc]\n RIP: 0010:__flush_work+0x19e/0x1b0\n Call Trace:\n ? __wake_up_common+0x7a/0x190\n ? work_busy+0x80/0x80\n __cancel_work_timer+0xe3/0x160\n smc_close_cancel_work+0x1a/0x70 [smc]\n smc_close_active_abort+0x207/0x360 [smc]\n __smc_lgr_terminate.part.38+0xc8/0x180 [smc]\n process_one_work+0x19e/0x340\n worker_thread+0x30/0x370\n ? process_one_work+0x340/0x340\n kthread+0x117/0x130\n ? __kthread_cancel_work+0x50/0x50\n ret_from_fork+0x22/0x30\n\nThis is because when smc_close_cancel_work is triggered, e.g. the RDMA\ndriver is rmmod and the LGR is terminated, the conn-\u003eclose_work is\nflushed before initialization, resulting in WARN_ON(!work-\u003efunc).\n\n__smc_lgr_terminate | smc_connect_{rdma|ism}\n-------------------------------------------------------------\n | smc_conn_create\n\t\t\t\t| \\- smc_lgr_register_conn\nfor conn in lgr-\u003econns_all |\n\\- smc_conn_kill |\n \\- smc_close_active_abort |\n \\- smc_close_cancel_work |\n \\- cancel_work_sync |\n \\- __flush_work |\n\t (close_work) |\n\t | smc_close_init\n\t | \\- INIT_WORK(\u0026close_work)\n\nSo fix this by initializing close_work before establishing the\nconnection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56641",
"url": "https://www.suse.com/security/cve/CVE-2024-56641"
},
{
"category": "external",
"summary": "SUSE Bug 1235526 for CVE-2024-56641",
"url": "https://bugzilla.suse.com/1235526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-56641"
},
{
"cve": "CVE-2024-56702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Mark raw_tp arguments with PTR_MAYBE_NULL\n\nArguments to a raw tracepoint are tagged as trusted, which carries the\nsemantics that the pointer will be non-NULL. However, in certain cases,\na raw tracepoint argument may end up being NULL. More context about this\nissue is available in [0].\n\nThus, there is a discrepancy between the reality, that raw_tp arguments\ncan actually be NULL, and the verifier\u0027s knowledge, that they are never\nNULL, causing explicit NULL checks to be deleted, and accesses to such\npointers potentially crashing the kernel.\n\nTo fix this, mark raw_tp arguments as PTR_MAYBE_NULL, and then special\ncase the dereference and pointer arithmetic to permit it, and allow\npassing them into helpers/kfuncs; these exceptions are made for raw_tp\nprograms only. Ensure that we don\u0027t do this when ref_obj_id \u003e 0, as in\nthat case this is an acquired object and doesn\u0027t need such adjustment.\n\nThe reason we do mask_raw_tp_trusted_reg logic is because other will\nrecheck in places whether the register is a trusted_reg, and then\nconsider our register as untrusted when detecting the presence of the\nPTR_MAYBE_NULL flag.\n\nTo allow safe dereference, we enable PROBE_MEM marking when we see loads\ninto trusted pointers with PTR_MAYBE_NULL.\n\nWhile trusted raw_tp arguments can also be passed into helpers or kfuncs\nwhere such broken assumption may cause issues, a future patch set will\ntackle their case separately, as PTR_TO_BTF_ID (without PTR_TRUSTED) can\nalready be passed into helpers and causes similar problems. Thus, they\nare left alone for now.\n\nIt is possible that these checks also permit passing non-raw_tp args\nthat are trusted PTR_TO_BTF_ID with null marking. In such a case,\nallowing dereference when pointer is NULL expands allowed behavior, so\nwon\u0027t regress existing programs, and the case of passing these into\nhelpers is the same as above and will be dealt with later.\n\nAlso update the failure case in tp_btf_nullable selftest to capture the\nnew behavior, as the verifier will no longer cause an error when\ndirectly dereference a raw tracepoint argument marked as __nullable.\n\n [0]: https://lore.kernel.org/bpf/ZrCZS6nisraEqehw@jlelli-thinkpadt14gen4.remote.csb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56702",
"url": "https://www.suse.com/security/cve/CVE-2024-56702"
},
{
"category": "external",
"summary": "SUSE Bug 1235501 for CVE-2024-56702",
"url": "https://bugzilla.suse.com/1235501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-56702"
},
{
"cve": "CVE-2024-56703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix soft lockups in fib6_select_path under high next hop churn\n\nSoft lockups have been observed on a cluster of Linux-based edge routers\nlocated in a highly dynamic environment. Using the `bird` service, these\nrouters continuously update BGP-advertised routes due to frequently\nchanging nexthop destinations, while also managing significant IPv6\ntraffic. The lockups occur during the traversal of the multipath\ncircular linked-list in the `fib6_select_path` function, particularly\nwhile iterating through the siblings in the list. The issue typically\narises when the nodes of the linked list are unexpectedly deleted\nconcurrently on a different core\u2014indicated by their \u0027next\u0027 and\n\u0027previous\u0027 elements pointing back to the node itself and their reference\ncount dropping to zero. This results in an infinite loop, leading to a\nsoft lockup that triggers a system panic via the watchdog timer.\n\nApply RCU primitives in the problematic code sections to resolve the\nissue. Where necessary, update the references to fib6_siblings to\nannotate or use the RCU APIs.\n\nInclude a test script that reproduces the issue. The script\nperiodically updates the routing table while generating a heavy load\nof outgoing IPv6 traffic through multiple iperf3 clients. It\nconsistently induces infinite soft lockups within a couple of minutes.\n\nKernel log:\n\n 0 [ffffbd13003e8d30] machine_kexec at ffffffff8ceaf3eb\n 1 [ffffbd13003e8d90] __crash_kexec at ffffffff8d0120e3\n 2 [ffffbd13003e8e58] panic at ffffffff8cef65d4\n 3 [ffffbd13003e8ed8] watchdog_timer_fn at ffffffff8d05cb03\n 4 [ffffbd13003e8f08] __hrtimer_run_queues at ffffffff8cfec62f\n 5 [ffffbd13003e8f70] hrtimer_interrupt at ffffffff8cfed756\n 6 [ffffbd13003e8fd0] __sysvec_apic_timer_interrupt at ffffffff8cea01af\n 7 [ffffbd13003e8ff0] sysvec_apic_timer_interrupt at ffffffff8df1b83d\n-- \u003cIRQ stack\u003e --\n 8 [ffffbd13003d3708] asm_sysvec_apic_timer_interrupt at ffffffff8e000ecb\n [exception RIP: fib6_select_path+299]\n RIP: ffffffff8ddafe7b RSP: ffffbd13003d37b8 RFLAGS: 00000287\n RAX: ffff975850b43600 RBX: ffff975850b40200 RCX: 0000000000000000\n RDX: 000000003fffffff RSI: 0000000051d383e4 RDI: ffff975850b43618\n RBP: ffffbd13003d3800 R8: 0000000000000000 R9: ffff975850b40200\n R10: 0000000000000000 R11: 0000000000000000 R12: ffffbd13003d3830\n R13: ffff975850b436a8 R14: ffff975850b43600 R15: 0000000000000007\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n 9 [ffffbd13003d3808] ip6_pol_route at ffffffff8ddb030c\n10 [ffffbd13003d3888] ip6_pol_route_input at ffffffff8ddb068c\n11 [ffffbd13003d3898] fib6_rule_lookup at ffffffff8ddf02b5\n12 [ffffbd13003d3928] ip6_route_input at ffffffff8ddb0f47\n13 [ffffbd13003d3a18] ip6_rcv_finish_core.constprop.0 at ffffffff8dd950d0\n14 [ffffbd13003d3a30] ip6_list_rcv_finish.constprop.0 at ffffffff8dd96274\n15 [ffffbd13003d3a98] ip6_sublist_rcv at ffffffff8dd96474\n16 [ffffbd13003d3af8] ipv6_list_rcv at ffffffff8dd96615\n17 [ffffbd13003d3b60] __netif_receive_skb_list_core at ffffffff8dc16fec\n18 [ffffbd13003d3be0] netif_receive_skb_list_internal at ffffffff8dc176b3\n19 [ffffbd13003d3c50] napi_gro_receive at ffffffff8dc565b9\n20 [ffffbd13003d3c80] ice_receive_skb at ffffffffc087e4f5 [ice]\n21 [ffffbd13003d3c90] ice_clean_rx_irq at ffffffffc0881b80 [ice]\n22 [ffffbd13003d3d20] ice_napi_poll at ffffffffc088232f [ice]\n23 [ffffbd13003d3d80] __napi_poll at ffffffff8dc18000\n24 [ffffbd13003d3db8] net_rx_action at ffffffff8dc18581\n25 [ffffbd13003d3e40] __do_softirq at ffffffff8df352e9\n26 [ffffbd13003d3eb0] run_ksoftirqd at ffffffff8ceffe47\n27 [ffffbd13003d3ec0] smpboot_thread_fn at ffffffff8cf36a30\n28 [ffffbd13003d3ee8] kthread at ffffffff8cf2b39f\n29 [ffffbd13003d3f28] ret_from_fork at ffffffff8ce5fa64\n30 [ffffbd13003d3f50] ret_from_fork_asm at ffffffff8ce03cbb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56703",
"url": "https://www.suse.com/security/cve/CVE-2024-56703"
},
{
"category": "external",
"summary": "SUSE Bug 1235455 for CVE-2024-56703",
"url": "https://bugzilla.suse.com/1235455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-56703"
},
{
"cve": "CVE-2024-56718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: protect link down work from execute after lgr freed\n\nlink down work may be scheduled before lgr freed but execute\nafter lgr freed, which may result in crash. So it is need to\nhold a reference before shedule link down work, and put the\nreference after work executed or canceled.\n\nThe relevant crash call stack as follows:\n list_del corruption. prev-\u003enext should be ffffb638c9c0fe20,\n but was 0000000000000000\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:51!\n invalid opcode: 0000 [#1] SMP NOPTI\n CPU: 6 PID: 978112 Comm: kworker/6:119 Kdump: loaded Tainted: G #1\n Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 2221b89 04/01/2014\n Workqueue: events smc_link_down_work [smc]\n RIP: 0010:__list_del_entry_valid.cold+0x31/0x47\n RSP: 0018:ffffb638c9c0fdd8 EFLAGS: 00010086\n RAX: 0000000000000054 RBX: ffff942fb75e5128 RCX: 0000000000000000\n RDX: ffff943520930aa0 RSI: ffff94352091fc80 RDI: ffff94352091fc80\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb638c9c0fc38\n R10: ffffb638c9c0fc30 R11: ffffffffa015eb28 R12: 0000000000000002\n R13: ffffb638c9c0fe20 R14: 0000000000000001 R15: ffff942f9cd051c0\n FS: 0000000000000000(0000) GS:ffff943520900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f4f25214000 CR3: 000000025fbae004 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n rwsem_down_write_slowpath+0x17e/0x470\n smc_link_down_work+0x3c/0x60 [smc]\n process_one_work+0x1ac/0x350\n worker_thread+0x49/0x2f0\n ? rescuer_thread+0x360/0x360\n kthread+0x118/0x140\n ? __kthread_bind_mask+0x60/0x60\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56718",
"url": "https://www.suse.com/security/cve/CVE-2024-56718"
},
{
"category": "external",
"summary": "SUSE Bug 1235589 for CVE-2024-56718",
"url": "https://bugzilla.suse.com/1235589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-56718"
},
{
"cve": "CVE-2024-56719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix TSO DMA API usage causing oops\n\nCommit 66600fac7a98 (\"net: stmmac: TSO: Fix unbalanced DMA map/unmap\nfor non-paged SKB data\") moved the assignment of tx_skbuff_dma[]\u0027s\nmembers to be later in stmmac_tso_xmit().\n\nThe buf (dma cookie) and len stored in this structure are passed to\ndma_unmap_single() by stmmac_tx_clean(). The DMA API requires that\nthe dma cookie passed to dma_unmap_single() is the same as the value\nreturned from dma_map_single(). However, by moving the assignment\nlater, this is not the case when priv-\u003edma_cap.addr64 \u003e 32 as \"des\"\nis offset by proto_hdr_len.\n\nThis causes problems such as:\n\n dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed\n\nand with DMA_API_DEBUG enabled:\n\n DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes]\n\nFix this by maintaining \"des\" as the original DMA cookie, and use\ntso_des to pass the offset DMA cookie to stmmac_tso_allocator().\n\nFull details of the crashes can be found at:\nhttps://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/\nhttps://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56719",
"url": "https://www.suse.com/security/cve/CVE-2024-56719"
},
{
"category": "external",
"summary": "SUSE Bug 1235591 for CVE-2024-56719",
"url": "https://bugzilla.suse.com/1235591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-56719"
},
{
"cve": "CVE-2024-56751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: release nexthop on device removal\n\nThe CI is hitting some aperiodic hangup at device removal time in the\npmtu.sh self-test:\n\nunregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6\nref_tracker: veth_A-R1@ffff888013df15d8 has 1/5 users at\n\tdst_init+0x84/0x4a0\n\tdst_alloc+0x97/0x150\n\tip6_dst_alloc+0x23/0x90\n\tip6_rt_pcpu_alloc+0x1e6/0x520\n\tip6_pol_route+0x56f/0x840\n\tfib6_rule_lookup+0x334/0x630\n\tip6_route_output_flags+0x259/0x480\n\tip6_dst_lookup_tail.constprop.0+0x5c2/0x940\n\tip6_dst_lookup_flow+0x88/0x190\n\tudp_tunnel6_dst_lookup+0x2a7/0x4c0\n\tvxlan_xmit_one+0xbde/0x4a50 [vxlan]\n\tvxlan_xmit+0x9ad/0xf20 [vxlan]\n\tdev_hard_start_xmit+0x10e/0x360\n\t__dev_queue_xmit+0xf95/0x18c0\n\tarp_solicit+0x4a2/0xe00\n\tneigh_probe+0xaa/0xf0\n\nWhile the first suspect is the dst_cache, explicitly tracking the dst\nowing the last device reference via probes proved such dst is held by\nthe nexthop in the originating fib6_info.\n\nSimilar to commit f5b51fe804ec (\"ipv6: route: purge exception on\nremoval\"), we need to explicitly release the originating fib info when\ndisconnecting a to-be-removed device from a live ipv6 dst: move the\nfib6_info cleanup into ip6_dst_ifdown().\n\nTested running:\n\n./pmtu.sh cleanup_ipv6_exception\n\nin a tight loop for more than 400 iterations with no spat, running an\nunpatched kernel I observed a splat every ~10 iterations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56751",
"url": "https://www.suse.com/security/cve/CVE-2024-56751"
},
{
"category": "external",
"summary": "SUSE Bug 1234936 for CVE-2024-56751",
"url": "https://bugzilla.suse.com/1234936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-56751"
},
{
"cve": "CVE-2024-56758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: check folio mapping after unlock in relocate_one_folio()\n\nWhen we call btrfs_read_folio() to bring a folio uptodate, we unlock the\nfolio. The result of that is that a different thread can modify the\nmapping (like remove it with invalidate) before we call folio_lock().\nThis results in an invalid page and we need to try again.\n\nIn particular, if we are relocating concurrently with aborting a\ntransaction, this can result in a crash like the following:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP\n CPU: 76 PID: 1411631 Comm: kworker/u322:5\n Workqueue: events_unbound btrfs_reclaim_bgs_work\n RIP: 0010:set_page_extent_mapped+0x20/0xb0\n RSP: 0018:ffffc900516a7be8 EFLAGS: 00010246\n RAX: ffffea009e851d08 RBX: ffffea009e0b1880 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffffc900516a7b90 RDI: ffffea009e0b1880\n RBP: 0000000003573000 R08: 0000000000000001 R09: ffff88c07fd2f3f0\n R10: 0000000000000000 R11: 0000194754b575be R12: 0000000003572000\n R13: 0000000003572fff R14: 0000000000100cca R15: 0000000005582fff\n FS: 0000000000000000(0000) GS:ffff88c07fd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 000000407d00f002 CR4: 00000000007706f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x78/0xc0\n ? page_fault_oops+0x2a8/0x3a0\n ? __switch_to+0x133/0x530\n ? wq_worker_running+0xa/0x40\n ? exc_page_fault+0x63/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? set_page_extent_mapped+0x20/0xb0\n relocate_file_extent_cluster+0x1a7/0x940\n relocate_data_extent+0xaf/0x120\n relocate_block_group+0x20f/0x480\n btrfs_relocate_block_group+0x152/0x320\n btrfs_relocate_chunk+0x3d/0x120\n btrfs_reclaim_bgs_work+0x2ae/0x4e0\n process_scheduled_works+0x184/0x370\n worker_thread+0xc6/0x3e0\n ? blk_add_timer+0xb0/0xb0\n kthread+0xae/0xe0\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork+0x2f/0x40\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThis occurs because cleanup_one_transaction() calls\ndestroy_delalloc_inodes() which calls invalidate_inode_pages2() which\ntakes the folio_lock before setting mapping to NULL. We fail to check\nthis, and subsequently call set_extent_mapping(), which assumes that\nmapping != NULL (in fact it asserts that in debug mode)\n\nNote that the \"fixes\" patch here is not the one that introduced the\nrace (the very first iteration of this code from 2009) but a more recent\nchange that made this particular crash happen in practice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56758",
"url": "https://www.suse.com/security/cve/CVE-2024-56758"
},
{
"category": "external",
"summary": "SUSE Bug 1235621 for CVE-2024-56758",
"url": "https://bugzilla.suse.com/1235621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-56758"
},
{
"cve": "CVE-2024-56770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: netem: account for backlog updates from child qdisc\n\nIn general, \u0027qlen\u0027 of any classful qdisc should keep track of the\nnumber of packets that the qdisc itself and all of its children holds.\nIn case of netem, \u0027qlen\u0027 only accounts for the packets in its internal\ntfifo. When netem is used with a child qdisc, the child qdisc can use\n\u0027qdisc_tree_reduce_backlog\u0027 to inform its parent, netem, about created\nor dropped SKBs. This function updates \u0027qlen\u0027 and the backlog statistics\nof netem, but netem does not account for changes made by a child qdisc.\n\u0027qlen\u0027 then indicates the wrong number of packets in the tfifo.\nIf a child qdisc creates new SKBs during enqueue and informs its parent\nabout this, netem\u0027s \u0027qlen\u0027 value is increased. When netem dequeues the\nnewly created SKBs from the child, the \u0027qlen\u0027 in netem is not updated.\nIf \u0027qlen\u0027 reaches the configured sch-\u003elimit, the enqueue function stops\nworking, even though the tfifo is not full.\n\nReproduce the bug:\nEnsure that the sender machine has GSO enabled. Configure netem as root\nqdisc and tbf as its child on the outgoing interface of the machine\nas follows:\n$ tc qdisc add dev \u003coif\u003e root handle 1: netem delay 100ms limit 100\n$ tc qdisc add dev \u003coif\u003e parent 1:0 tbf rate 50Mbit burst 1542 latency 50ms\n\nSend bulk TCP traffic out via this interface, e.g., by running an iPerf3\nclient on the machine. Check the qdisc statistics:\n$ tc -s qdisc show dev \u003coif\u003e\n\nStatistics after 10s of iPerf3 TCP test before the fix (note that\nnetem\u0027s backlog \u003e limit, netem stopped accepting packets):\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 2767766 bytes 1848 pkt (dropped 652, overlimits 0 requeues 0)\n backlog 4294528236b 1155p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 2767766 bytes 1848 pkt (dropped 327, overlimits 7601 requeues 0)\n backlog 0b 0p requeues 0\n\nStatistics after the fix:\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 37766372 bytes 24974 pkt (dropped 9, overlimits 0 requeues 0)\n backlog 0b 0p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 37766372 bytes 24974 pkt (dropped 327, overlimits 96017 requeues 0)\n backlog 0b 0p requeues 0\n\ntbf segments the GSO SKBs (tbf_segment) and updates the netem\u0027s \u0027qlen\u0027.\nThe interface fully stops transferring packets and \"locks\". In this case,\nthe child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at\nits limit and no more packets are accepted.\n\nThis patch adds a counter for the entries in the tfifo. Netem\u0027s \u0027qlen\u0027 is\nonly decreased when a packet is returned by its dequeue function, and not\nduring enqueuing into the child qdisc. External updates to \u0027qlen\u0027 are thus\naccounted for and only the behavior of the backlog statistics changes. As\nin other qdiscs, \u0027qlen\u0027 then keeps track of how many packets are held in\nnetem and all of its children. As before, sch-\u003elimit remains as the\nmaximum number of packets in the tfifo. The same applies to netem\u0027s\nbacklog statistics.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56770",
"url": "https://www.suse.com/security/cve/CVE-2024-56770"
},
{
"category": "external",
"summary": "SUSE Bug 1235637 for CVE-2024-56770",
"url": "https://bugzilla.suse.com/1235637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-56770"
},
{
"cve": "CVE-2024-57900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: serialize calls to nf_register_net_hooks()\n\nsyzbot found a race in ila_add_mapping() [1]\n\ncommit 031ae72825ce (\"ila: call nf_unregister_net_hooks() sooner\")\nattempted to fix a similar issue.\n\nLooking at the syzbot repro, we have concurrent ILA_CMD_ADD commands.\n\nAdd a mutex to make sure at most one thread is calling nf_register_net_hooks().\n\n[1]\n BUG: KASAN: slab-use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: slab-use-after-free in __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\nRead of size 4 at addr ffff888028f40008 by task dhcpcd/5501\n\nCPU: 1 UID: 0 PID: 5501 Comm: dhcpcd Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:489\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626\n nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309\n __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672\n __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785\n process_backlog+0x443/0x15f0 net/core/dev.c:6117\n __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0xa94/0x1010 net/core/dev.c:7074\n handle_softirqs+0x213/0x8f0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57900",
"url": "https://www.suse.com/security/cve/CVE-2024-57900"
},
{
"category": "external",
"summary": "SUSE Bug 1235973 for CVE-2024-57900",
"url": "https://bugzilla.suse.com/1235973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-57900"
},
{
"cve": "CVE-2024-57924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: relax assertions on failure to encode file handles\n\nEncoding file handles is usually performed by a filesystem \u003eencode_fh()\nmethod that may fail for various reasons.\n\nThe legacy users of exportfs_encode_fh(), namely, nfsd and\nname_to_handle_at(2) syscall are ready to cope with the possibility\nof failure to encode a file handle.\n\nThere are a few other users of exportfs_encode_{fh,fid}() that\ncurrently have a WARN_ON() assertion when -\u003eencode_fh() fails.\nRelax those assertions because they are wrong.\n\nThe second linked bug report states commit 16aac5ad1fa9 (\"ovl: support\nencoding non-decodable file handles\") in v6.6 as the regressing commit,\nbut this is not accurate.\n\nThe aforementioned commit only increases the chances of the assertion\nand allows triggering the assertion with the reproducer using overlayfs,\ninotify and drop_caches.\n\nTriggering this assertion was always possible with other filesystems and\nother reasons of -\u003eencode_fh() failures and more particularly, it was\nalso possible with the exact same reproducer using overlayfs that is\nmounted with options index=on,nfs_export=on also on kernels \u003c v6.6.\nTherefore, I am not listing the aforementioned commit as a Fixes commit.\n\nBackport hint: this patch will have a trivial conflict applying to\nv6.6.y, and other trivial conflicts applying to stable kernels \u003c v6.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57924",
"url": "https://www.suse.com/security/cve/CVE-2024-57924"
},
{
"category": "external",
"summary": "SUSE Bug 1236086 for CVE-2024-57924",
"url": "https://bugzilla.suse.com/1236086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-57924"
},
{
"cve": "CVE-2024-57947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f-\u003ebsize of the first element\nis smaller than m-\u003ebsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn\u0027t enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57947",
"url": "https://www.suse.com/security/cve/CVE-2024-57947"
},
{
"category": "external",
"summary": "SUSE Bug 1236333 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "external",
"summary": "SUSE Bug 1245799 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1245799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2024-57947"
},
{
"cve": "CVE-2024-57974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Deal with race between UDP socket address change and rehash\n\nIf a UDP socket changes its local address while it\u0027s receiving\ndatagrams, as a result of connect(), there is a period during which\na lookup operation might fail to find it, after the address is changed\nbut before the secondary hash (port and address) and the four-tuple\nhash (local and remote ports and addresses) are updated.\n\nSecondary hash chains were introduced by commit 30fff9231fad (\"udp:\nbind() optimisation\") and, as a result, a rehash operation became\nneeded to make a bound socket reachable again after a connect().\n\nThis operation was introduced by commit 719f835853a9 (\"udp: add\nrehash on connect()\") which isn\u0027t however a complete fix: the\nsocket will be found once the rehashing completes, but not while\nit\u0027s pending.\n\nThis is noticeable with a socat(1) server in UDP4-LISTEN mode, and a\nclient sending datagrams to it. After the server receives the first\ndatagram (cf. _xioopen_ipdgram_listen()), it issues a connect() to\nthe address of the sender, in order to set up a directed flow.\n\nNow, if the client, running on a different CPU thread, happens to\nsend a (subsequent) datagram while the server\u0027s socket changes its\naddress, but is not rehashed yet, this will result in a failed\nlookup and a port unreachable error delivered to the client, as\napparent from the following reproducer:\n\n LEN=$(($(cat /proc/sys/net/core/wmem_default) / 4))\n dd if=/dev/urandom bs=1 count=${LEN} of=tmp.in\n\n while :; do\n \ttaskset -c 1 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.1 || sleep 1\n \ttaskset -c 2 socat OPEN:tmp.in UDP4:localhost:1337,shut-null\n \twait\n done\n\nwhere the client will eventually get ECONNREFUSED on a write()\n(typically the second or third one of a given iteration):\n\n 2024/11/13 21:28:23 socat[46901] E write(6, 0x556db2e3c000, 8192): Connection refused\n\nThis issue was first observed as a seldom failure in Podman\u0027s tests\nchecking UDP functionality while using pasta(1) to connect the\ncontainer\u0027s network namespace, which leads us to a reproducer with\nthe lookup error resulting in an ICMP packet on a tap device:\n\n LOCAL_ADDR=\"$(ip -j -4 addr show|jq -rM \u0027.[] | .addr_info[0] | select(.scope == \"global\").local\u0027)\"\n\n while :; do\n \t./pasta --config-net -p pasta.pcap -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.2 || sleep 1\n \tsocat OPEN:tmp.in UDP4:${LOCAL_ADDR}:1337,shut-null\n \twait\n \tcmp tmp.in tmp.out\n done\n\nOnce this fails:\n\n tmp.in tmp.out differ: char 8193, line 29\n\nwe can finally have a look at what\u0027s going on:\n\n $ tshark -r pasta.pcap\n 1 0.000000 :: ? ff02::16 ICMPv6 110 Multicast Listener Report Message v2\n 2 0.168690 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 3 0.168767 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 4 0.168806 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 5 0.168827 c6:47:05:8d:dc:04 ? Broadcast ARP 42 Who has 88.198.0.161? Tell 88.198.0.164\n 6 0.168851 9a:55:9a:55:9a:55 ? c6:47:05:8d:dc:04 ARP 42 88.198.0.161 is at 9a:55:9a:55:9a:55\n 7 0.168875 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 8 0.168896 88.198.0.164 ? 88.198.0.161 ICMP 590 Destination unreachable (Port unreachable)\n 9 0.168926 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 10 0.168959 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 11 0.168989 88.198.0.161 ? 88.198.0.164 UDP 4138 60260 ? 1337 Len=4096\n 12 0.169010 88.198.0.161 ? 88.198.0.164 UDP 42 60260 ? 1337 Len=0\n\nOn the third datagram received, the network namespace of the container\ninitiates an ARP lookup to deliver the ICMP message.\n\nIn another variant of this reproducer, starting the client with:\n\n strace -f pasta --config-net -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,tru\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57974",
"url": "https://www.suse.com/security/cve/CVE-2024-57974"
},
{
"category": "external",
"summary": "SUSE Bug 1238532 for CVE-2024-57974",
"url": "https://bugzilla.suse.com/1238532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-57974"
},
{
"cve": "CVE-2024-57998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nOPP: add index check to assert to avoid buffer overflow in _read_freq()\n\nPass the freq index to the assert function to make sure\nwe do not read a freq out of the opp-\u003erates[] table when called\nfrom the indexed variants:\ndev_pm_opp_find_freq_exact_indexed() or\ndev_pm_opp_find_freq_ceil/floor_indexed().\n\nAdd a secondary parameter to the assert function, unused\nfor assert_single_clk() then add assert_clk_index() which\nwill check for the clock index when called from the _indexed()\nfind functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57998",
"url": "https://www.suse.com/security/cve/CVE-2024-57998"
},
{
"category": "external",
"summary": "SUSE Bug 1238527 for CVE-2024-57998",
"url": "https://bugzilla.suse.com/1238527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-57998"
},
{
"cve": "CVE-2024-58001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: handle a symlink read error correctly\n\nPatch series \"Convert ocfs2 to use folios\".\n\nMark did a conversion of ocfs2 to use folios and sent it to me as a\ngiant patch for review ;-)\n\nSo I\u0027ve redone it as individual patches, and credited Mark for the patches\nwhere his code is substantially the same. It\u0027s not a bad way to do it;\nhis patch had some bugs and my patches had some bugs. Hopefully all our\nbugs were different from each other. And hopefully Mark likes all the\nchanges I made to his code!\n\n\nThis patch (of 23):\n\nIf we can\u0027t read the buffer, be sure to unlock the page before returning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58001",
"url": "https://www.suse.com/security/cve/CVE-2024-58001"
},
{
"category": "external",
"summary": "SUSE Bug 1239079 for CVE-2024-58001",
"url": "https://bugzilla.suse.com/1239079"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "low"
}
],
"title": "CVE-2024-58001"
},
{
"cve": "CVE-2024-58018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm: correctly calculate the available space of the GSP cmdq buffer\n\nr535_gsp_cmdq_push() waits for the available page in the GSP cmdq\nbuffer when handling a large RPC request. When it sees at least one\navailable page in the cmdq, it quits the waiting with the amount of\nfree buffer pages in the queue.\n\nUnfortunately, it always takes the [write pointer, buf_size) as\navailable buffer pages before rolling back and wrongly calculates the\nsize of the data should be copied. Thus, it can overwrite the RPC\nrequest that GSP is currently reading, which causes GSP hang due\nto corrupted RPC request:\n\n[ 549.209389] ------------[ cut here ]------------\n[ 549.214010] WARNING: CPU: 8 PID: 6314 at drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c:116 r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.225678] Modules linked in: nvkm(E+) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) mlx5_ib(E) amd64_edac(E) edac_mce_amd(E) kvm_amd(E) ib_uverbs(E) kvm(E) ib_core(E) acpi_ipmi(E) ipmi_si(E) mxm_wmi(E) ipmi_devintf(E) rapl(E) i2c_piix4(E) wmi_bmof(E) joydev(E) ptdma(E) acpi_cpufreq(E) k10temp(E) pcspkr(E) ipmi_msghandler(E) xfs(E) libcrc32c(E) ast(E) i2c_algo_bit(E) crct10dif_pclmul(E) drm_shmem_helper(E) nvme_tcp(E) crc32_pclmul(E) ahci(E) drm_kms_helper(E) libahci(E) nvme_fabrics(E) crc32c_intel(E) nvme(E) cdc_ether(E) mlx5_core(E) nvme_core(E) usbnet(E) drm(E) libata(E) ccp(E) ghash_clmulni_intel(E) mii(E) t10_pi(E) mlxfw(E) sp5100_tco(E) psample(E) pci_hyperv_intf(E) wmi(E) dm_multipath(E) sunrpc(E) dm_mirror(E) dm_region_hash(E) dm_log(E) dm_mod(E) be2iscsi(E) bnx2i(E) cnic(E) uio(E) cxgb4i(E) cxgb4(E) tls(E) libcxgbi(E) libcxgb(E) qla4xxx(E)\n[ 549.225752] iscsi_boot_sysfs(E) iscsi_tcp(E) libiscsi_tcp(E) libiscsi(E) scsi_transport_iscsi(E) fuse(E) [last unloaded: gsp_log(E)]\n[ 549.326293] CPU: 8 PID: 6314 Comm: insmod Tainted: G E 6.9.0-rc6+ #1\n[ 549.334039] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[ 549.341781] RIP: 0010:r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.347343] Code: 08 00 00 89 da c1 e2 0c 48 8d ac 11 00 10 00 00 48 8b 0c 24 48 85 c9 74 1f c1 e0 0c 4c 8d 6d 30 83 e8 30 89 01 e9 68 ff ff ff \u003c0f\u003e 0b 49 c7 c5 92 ff ff ff e9 5a ff ff ff ba ff ff ff ff be c0 0c\n[ 549.366090] RSP: 0018:ffffacbccaaeb7d0 EFLAGS: 00010246\n[ 549.371315] RAX: 0000000000000000 RBX: 0000000000000012 RCX: 0000000000923e28\n[ 549.378451] RDX: 0000000000000000 RSI: 0000000055555554 RDI: ffffacbccaaeb730\n[ 549.385590] RBP: 0000000000000001 R08: ffff8bd14d235f70 R09: ffff8bd14d235f70\n[ 549.392721] R10: 0000000000000002 R11: ffff8bd14d233864 R12: 0000000000000020\n[ 549.399854] R13: ffffacbccaaeb818 R14: 0000000000000020 R15: ffff8bb298c67000\n[ 549.406988] FS: 00007f5179244740(0000) GS:ffff8bd14d200000(0000) knlGS:0000000000000000\n[ 549.415076] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 549.420829] CR2: 00007fa844000010 CR3: 00000001567dc005 CR4: 0000000000770ef0\n[ 549.427963] PKRU: 55555554\n[ 549.430672] Call Trace:\n[ 549.433126] \u003cTASK\u003e\n[ 549.435233] ? __warn+0x7f/0x130\n[ 549.438473] ? r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.443426] ? report_bug+0x18a/0x1a0\n[ 549.447098] ? handle_bug+0x3c/0x70\n[ 549.450589] ? exc_invalid_op+0x14/0x70\n[ 549.454430] ? asm_exc_invalid_op+0x16/0x20\n[ 549.458619] ? r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.463565] r535_gsp_msg_recv+0x46/0x230 [nvkm]\n[ 549.468257] r535_gsp_rpc_push+0x106/0x160 [nvkm]\n[ 549.473033] r535_gsp_rpc_rm_ctrl_push+0x40/0x130 [nvkm]\n[ 549.478422] nvidia_grid_init_vgpu_types+0xbc/0xe0 [nvkm]\n[ 549.483899] nvidia_grid_init+0xb1/0xd0 [nvkm]\n[ 549.488420] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 549.493213] nvkm_device_pci_probe+0x305/0x420 [nvkm]\n[ 549.498338] local_pci_probe+0x46/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58018",
"url": "https://www.suse.com/security/cve/CVE-2024-58018"
},
{
"category": "external",
"summary": "SUSE Bug 1238990 for CVE-2024-58018",
"url": "https://bugzilla.suse.com/1238990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-58018"
},
{
"cve": "CVE-2024-58019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm/gsp: correctly advance the read pointer of GSP message queue\n\nA GSP event message consists three parts: message header, RPC header,\nmessage body. GSP calculates the number of pages to write from the\ntotal size of a GSP message. This behavior can be observed from the\nmovement of the write pointer.\n\nHowever, nvkm takes only the size of RPC header and message body as\nthe message size when advancing the read pointer. When handling a\ntwo-page GSP message in the non rollback case, It wrongly takes the\nmessage body of the previous message as the message header of the next\nmessage. As the \"message length\" tends to be zero, in the calculation of\nsize needs to be copied (0 - size of (message header)), the size needs to\nbe copied will be \"0xffffffxx\". It also triggers a kernel panic due to a\nNULL pointer error.\n\n[ 547.614102] msg: 00000f90: ff ff ff ff ff ff ff ff 40 d7 18 fb 8b 00 00 00 ........@.......\n[ 547.622533] msg: 00000fa0: 00 00 00 00 ff ff ff ff ff ff ff ff 00 00 00 00 ................\n[ 547.630965] msg: 00000fb0: ff ff ff ff ff ff ff ff 00 00 00 00 ff ff ff ff ................\n[ 547.639397] msg: 00000fc0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff ................\n[ 547.647832] nvkm 0000:c1:00.0: gsp: peek msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.655225] nvkm 0000:c1:00.0: gsp: get msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.662532] BUG: kernel NULL pointer dereference, address: 0000000000000020\n[ 547.669485] #PF: supervisor read access in kernel mode\n[ 547.674624] #PF: error_code(0x0000) - not-present page\n[ 547.679755] PGD 0 P4D 0\n[ 547.682294] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 547.686643] CPU: 22 PID: 322 Comm: kworker/22:1 Tainted: G E 6.9.0-rc6+ #1\n[ 547.694893] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[ 547.702626] Workqueue: events r535_gsp_msgq_work [nvkm]\n[ 547.707921] RIP: 0010:r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.713375] Code: 00 8b 70 08 48 89 e1 31 d2 4c 89 f7 e8 12 f5 ff ff 48 89 c5 48 85 c0 0f 84 cf 00 00 00 48 81 fd 00 f0 ff ff 0f 87 c4 00 00 00 \u003c8b\u003e 55 10 41 8b 46 30 85 d2 0f 85 f6 00 00 00 83 f8 04 76 10 ba 05\n[ 547.732119] RSP: 0018:ffffabe440f87e10 EFLAGS: 00010203\n[ 547.737335] RAX: 0000000000000010 RBX: 0000000000000008 RCX: 000000000000003f\n[ 547.744461] RDX: 0000000000000000 RSI: ffffabe4480a8030 RDI: 0000000000000010\n[ 547.751585] RBP: 0000000000000010 R08: 0000000000000000 R09: ffffabe440f87bb0\n[ 547.758707] R10: ffffabe440f87dc8 R11: 0000000000000010 R12: 0000000000000000\n[ 547.765834] R13: 0000000000000000 R14: ffff9351df1e5000 R15: 0000000000000000\n[ 547.772958] FS: 0000000000000000(0000) GS:ffff93708eb00000(0000) knlGS:0000000000000000\n[ 547.781035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 547.786771] CR2: 0000000000000020 CR3: 00000003cc220002 CR4: 0000000000770ef0\n[ 547.793896] PKRU: 55555554\n[ 547.796600] Call Trace:\n[ 547.799046] \u003cTASK\u003e\n[ 547.801152] ? __die+0x20/0x70\n[ 547.804211] ? page_fault_oops+0x75/0x170\n[ 547.808221] ? print_hex_dump+0x100/0x160\n[ 547.812226] ? exc_page_fault+0x64/0x150\n[ 547.816152] ? asm_exc_page_fault+0x22/0x30\n[ 547.820341] ? r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.825184] r535_gsp_msgq_work+0x42/0x50 [nvkm]\n[ 547.829845] process_one_work+0x196/0x3d0\n[ 547.833861] worker_thread+0x2fc/0x410\n[ 547.837613] ? __pfx_worker_thread+0x10/0x10\n[ 547.841885] kthread+0xdf/0x110\n[ 547.845031] ? __pfx_kthread+0x10/0x10\n[ 547.848775] ret_from_fork+0x30/0x50\n[ 547.852354] ? __pfx_kthread+0x10/0x10\n[ 547.856097] ret_from_fork_asm+0x1a/0x30\n[ 547.860019] \u003c/TASK\u003e\n[ 547.862208] Modules linked in: nvkm(E) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) amd64_edac(E) mlx5_ib(E) edac_mce_amd(E) kvm_amd\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58019",
"url": "https://www.suse.com/security/cve/CVE-2024-58019"
},
{
"category": "external",
"summary": "SUSE Bug 1238997 for CVE-2024-58019",
"url": "https://bugzilla.suse.com/1238997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-58019"
},
{
"cve": "CVE-2024-58020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Add NULL check in mt_input_configured\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in mt_input_configured() is not checked.\nAdd NULL check in mt_input_configured(), to handle kernel NULL\npointer dereference error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58020",
"url": "https://www.suse.com/security/cve/CVE-2024-58020"
},
{
"category": "external",
"summary": "SUSE Bug 1239346 for CVE-2024-58020",
"url": "https://bugzilla.suse.com/1239346"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-58020"
},
{
"cve": "CVE-2024-58068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nOPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized\n\nIf a driver calls dev_pm_opp_find_bw_ceil/floor() the retrieve bandwidth\nfrom the OPP table but the bandwidth table was not created because the\ninterconnect properties were missing in the OPP consumer node, the\nkernel will crash with:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000004\n...\npc : _read_bw+0x8/0x10\nlr : _opp_table_find_key+0x9c/0x174\n...\nCall trace:\n _read_bw+0x8/0x10 (P)\n _opp_table_find_key+0x9c/0x174 (L)\n _find_key+0x98/0x168\n dev_pm_opp_find_bw_ceil+0x50/0x88\n...\n\nIn order to fix the crash, create an assert function to check\nif the bandwidth table was created before trying to get a\nbandwidth with _read_bw().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58068",
"url": "https://www.suse.com/security/cve/CVE-2024-58068"
},
{
"category": "external",
"summary": "SUSE Bug 1238961 for CVE-2024-58068",
"url": "https://bugzilla.suse.com/1238961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-58068"
},
{
"cve": "CVE-2024-58070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT\n\nIn PREEMPT_RT, kmalloc(GFP_ATOMIC) is still not safe in non preemptible\ncontext. bpf_mem_alloc must be used in PREEMPT_RT. This patch is\nto enforce bpf_mem_alloc in the bpf_local_storage when CONFIG_PREEMPT_RT\nis enabled.\n\n[ 35.118559] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 35.118566] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1832, name: test_progs\n[ 35.118569] preempt_count: 1, expected: 0\n[ 35.118571] RCU nest depth: 1, expected: 1\n[ 35.118577] INFO: lockdep is turned off.\n ...\n[ 35.118647] __might_resched+0x433/0x5b0\n[ 35.118677] rt_spin_lock+0xc3/0x290\n[ 35.118700] ___slab_alloc+0x72/0xc40\n[ 35.118723] __kmalloc_noprof+0x13f/0x4e0\n[ 35.118732] bpf_map_kzalloc+0xe5/0x220\n[ 35.118740] bpf_selem_alloc+0x1d2/0x7b0\n[ 35.118755] bpf_local_storage_update+0x2fa/0x8b0\n[ 35.118784] bpf_sk_storage_get_tracing+0x15a/0x1d0\n[ 35.118791] bpf_prog_9a118d86fca78ebb_trace_inet_sock_set_state+0x44/0x66\n[ 35.118795] bpf_trace_run3+0x222/0x400\n[ 35.118820] __bpf_trace_inet_sock_set_state+0x11/0x20\n[ 35.118824] trace_inet_sock_set_state+0x112/0x130\n[ 35.118830] inet_sk_state_store+0x41/0x90\n[ 35.118836] tcp_set_state+0x3b3/0x640\n\nThere is no need to adjust the gfp_flags passing to the\nbpf_mem_cache_alloc_flags() which only honors the GFP_KERNEL.\nThe verifier has ensured GFP_KERNEL is passed only in sleepable context.\n\nIt has been an old issue since the first introduction of the\nbpf_local_storage ~5 years ago, so this patch targets the bpf-next.\n\nbpf_mem_alloc is needed to solve it, so the Fixes tag is set\nto the commit when bpf_mem_alloc was first used in the bpf_local_storage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58070",
"url": "https://www.suse.com/security/cve/CVE-2024-58070"
},
{
"category": "external",
"summary": "SUSE Bug 1238983 for CVE-2024-58070",
"url": "https://bugzilla.suse.com/1238983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-58070"
},
{
"cve": "CVE-2024-58071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58071"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: prevent adding a device which is already a team device lower\n\nPrevent adding a device which is already a team device lower,\ne.g. adding veth0 if vlan1 was already added and veth0 is a lower of\nvlan1.\n\nThis is not useful in practice and can lead to recursive locking:\n\n$ ip link add veth0 type veth peer name veth1\n$ ip link set veth0 up\n$ ip link set veth1 up\n$ ip link add link veth0 name veth0.1 type vlan protocol 802.1Q id 1\n$ ip link add team0 type team\n$ ip link set veth0.1 down\n$ ip link set veth0.1 master team0\nteam0: Port device veth0.1 added\n$ ip link set veth0 down\n$ ip link set veth0 master team0\n\n============================================\nWARNING: possible recursive locking detected\n6.13.0-rc2-virtme-00441-ga14a429069bb #46 Not tainted\n--------------------------------------------\nip/7684 is trying to acquire lock:\nffff888016848e00 (team-\u003eteam_lock_key){+.+.}-{4:4}, at: team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n\nbut task is already holding lock:\nffff888016848e00 (team-\u003eteam_lock_key){+.+.}-{4:4}, at: team_add_slave (drivers/net/team/team_core.c:1147 drivers/net/team/team_core.c:1977)\n\nother info that might help us debug this:\nPossible unsafe locking scenario:\n\nCPU0\n----\nlock(team-\u003eteam_lock_key);\nlock(team-\u003eteam_lock_key);\n\n*** DEADLOCK ***\n\nMay be due to missing lock nesting notation\n\n2 locks held by ip/7684:\n\nstack backtrace:\nCPU: 3 UID: 0 PID: 7684 Comm: ip Not tainted 6.13.0-rc2-virtme-00441-ga14a429069bb #46\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:122)\nprint_deadlock_bug.cold (kernel/locking/lockdep.c:3040)\n__lock_acquire (kernel/locking/lockdep.c:3893 kernel/locking/lockdep.c:5226)\n? netlink_broadcast_filtered (net/netlink/af_netlink.c:1548)\nlock_acquire.part.0 (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? trace_lock_acquire (./include/trace/events/lock.h:24 (discriminator 2))\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? lock_acquire (kernel/locking/lockdep.c:5822)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n__mutex_lock (kernel/locking/mutex.c:587 kernel/locking/mutex.c:735)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? fib_sync_up (net/ipv4/fib_semantics.c:2167)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\nteam_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\nnotifier_call_chain (kernel/notifier.c:85)\ncall_netdevice_notifiers_info (net/core/dev.c:1996)\n__dev_notify_flags (net/core/dev.c:8993)\n? __dev_change_flags (net/core/dev.c:8975)\ndev_change_flags (net/core/dev.c:9027)\nvlan_device_event (net/8021q/vlan.c:85 net/8021q/vlan.c:470)\n? br_device_event (net/bridge/br.c:143)\nnotifier_call_chain (kernel/notifier.c:85)\ncall_netdevice_notifiers_info (net/core/dev.c:1996)\ndev_open (net/core/dev.c:1519 net/core/dev.c:1505)\nteam_add_slave (drivers/net/team/team_core.c:1219 drivers/net/team/team_core.c:1977)\n? __pfx_team_add_slave (drivers/net/team/team_core.c:1972)\ndo_set_master (net/core/rtnetlink.c:2917)\ndo_setlink.isra.0 (net/core/rtnetlink.c:3117)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58071",
"url": "https://www.suse.com/security/cve/CVE-2024-58071"
},
{
"category": "external",
"summary": "SUSE Bug 1238970 for CVE-2024-58071",
"url": "https://bugzilla.suse.com/1238970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-58071"
},
{
"cve": "CVE-2024-58074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: Grab intel_display from the encoder to avoid potential oopsies\n\nGrab the intel_display from \u0027encoder\u0027 rather than \u0027state\u0027\nin the encoder hooks to avoid the massive footgun that is\nintel_sanitize_encoder(), which passes NULL as the \u0027state\u0027\nargument to encoder .disable() and .post_disable().\n\nTODO: figure out how to actually fix intel_sanitize_encoder()...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58074",
"url": "https://www.suse.com/security/cve/CVE-2024-58074"
},
{
"category": "external",
"summary": "SUSE Bug 1238972 for CVE-2024-58074",
"url": "https://bugzilla.suse.com/1238972"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-58074"
},
{
"cve": "CVE-2024-58083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Explicitly verify target vCPU is online in kvm_get_vcpu()\n\nExplicitly verify the target vCPU is fully online _prior_ to clamping the\nindex in kvm_get_vcpu(). If the index is \"bad\", the nospec clamping will\ngenerate \u00270\u0027, i.e. KVM will return vCPU0 instead of NULL.\n\nIn practice, the bug is unlikely to cause problems, as it will only come\ninto play if userspace or the guest is buggy or misbehaving, e.g. KVM may\nsend interrupts to vCPU0 instead of dropping them on the floor.\n\nHowever, returning vCPU0 when it shouldn\u0027t exist per online_vcpus is\nproblematic now that KVM uses an xarray for the vCPUs array, as KVM needs\nto insert into the xarray before publishing the vCPU to userspace (see\ncommit c5b077549136 (\"KVM: Convert the kvm-\u003evcpus array to a xarray\")),\ni.e. before vCPU creation is guaranteed to succeed.\n\nAs a result, incorrectly providing access to vCPU0 will trigger a\nuse-after-free if vCPU0 is dereferenced and kvm_vm_ioctl_create_vcpu()\nbails out of vCPU creation due to an error and frees vCPU0. Commit\nafb2acb2e3a3 (\"KVM: Fix vcpu_array[0] races\") papered over that issue, but\nin doing so introduced an unsolvable teardown conundrum. Preventing\naccesses to vCPU0 before it\u0027s fully online will allow reverting commit\nafb2acb2e3a3, without re-introducing the vcpu_array[0] UAF race.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58083",
"url": "https://www.suse.com/security/cve/CVE-2024-58083"
},
{
"category": "external",
"summary": "SUSE Bug 1239036 for CVE-2024-58083",
"url": "https://bugzilla.suse.com/1239036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-58083"
},
{
"cve": "CVE-2024-58088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix deadlock when freeing cgroup storage\n\nThe following commit\nbc235cdb423a (\"bpf: Prevent deadlock from recursive bpf_task_storage_[get|delete]\")\nfirst introduced deadlock prevention for fentry/fexit programs attaching\non bpf_task_storage helpers. That commit also employed the logic in map\nfree path in its v6 version.\n\nLater bpf_cgrp_storage was first introduced in\nc4bcfb38a95e (\"bpf: Implement cgroup storage available to non-cgroup-attached bpf progs\")\nwhich faces the same issue as bpf_task_storage, instead of its busy\ncounter, NULL was passed to bpf_local_storage_map_free() which opened\na window to cause deadlock:\n\n\t\u003cTASK\u003e\n\t\t(acquiring local_storage-\u003elock)\n\t_raw_spin_lock_irqsave+0x3d/0x50\n\tbpf_local_storage_update+0xd1/0x460\n\tbpf_cgrp_storage_get+0x109/0x130\n\tbpf_prog_a4d4a370ba857314_cgrp_ptr+0x139/0x170\n\t? __bpf_prog_enter_recur+0x16/0x80\n\tbpf_trampoline_6442485186+0x43/0xa4\n\tcgroup_storage_ptr+0x9/0x20\n\t\t(holding local_storage-\u003elock)\n\tbpf_selem_unlink_storage_nolock.constprop.0+0x135/0x160\n\tbpf_selem_unlink_storage+0x6f/0x110\n\tbpf_local_storage_map_free+0xa2/0x110\n\tbpf_map_free_deferred+0x5b/0x90\n\tprocess_one_work+0x17c/0x390\n\tworker_thread+0x251/0x360\n\tkthread+0xd2/0x100\n\tret_from_fork+0x34/0x50\n\tret_from_fork_asm+0x1a/0x30\n\t\u003c/TASK\u003e\n\nProgs:\n - A: SEC(\"fentry/cgroup_storage_ptr\")\n - cgid (BPF_MAP_TYPE_HASH)\n\tRecord the id of the cgroup the current task belonging\n\tto in this hash map, using the address of the cgroup\n\tas the map key.\n - cgrpa (BPF_MAP_TYPE_CGRP_STORAGE)\n\tIf current task is a kworker, lookup the above hash\n\tmap using function parameter @owner as the key to get\n\tits corresponding cgroup id which is then used to get\n\ta trusted pointer to the cgroup through\n\tbpf_cgroup_from_id(). This trusted pointer can then\n\tbe passed to bpf_cgrp_storage_get() to finally trigger\n\tthe deadlock issue.\n - B: SEC(\"tp_btf/sys_enter\")\n - cgrpb (BPF_MAP_TYPE_CGRP_STORAGE)\n\tThe only purpose of this prog is to fill Prog A\u0027s\n\thash map by calling bpf_cgrp_storage_get() for as\n\tmany userspace tasks as possible.\n\nSteps to reproduce:\n - Run A;\n - while (true) { Run B; Destroy B; }\n\nFix this issue by passing its busy counter to the free procedure so\nit can be properly incremented before storage/smap locking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58088",
"url": "https://www.suse.com/security/cve/CVE-2024-58088"
},
{
"category": "external",
"summary": "SUSE Bug 1239510 for CVE-2024-58088",
"url": "https://bugzilla.suse.com/1239510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-58088"
},
{
"cve": "CVE-2024-58091",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58091"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/fbdev-dma: Add shadow buffering for deferred I/O\n\nDMA areas are not necessarily backed by struct page, so we cannot\nrely on it for deferred I/O. Allocate a shadow buffer for drivers\nthat require deferred I/O and use it as framebuffer memory.\n\nFixes driver errors about being \"Unable to handle kernel NULL pointer\ndereference at virtual address\" or \"Unable to handle kernel paging\nrequest at virtual address\".\n\nThe patch splits drm_fbdev_dma_driver_fbdev_probe() in an initial\nallocation, which creates the DMA-backed buffer object, and a tail\nthat sets up the fbdev data structures. There is a tail function for\ndirect memory mappings and a tail function for deferred I/O with\nthe shadow buffer.\n\nIt is no longer possible to use deferred I/O without shadow buffer.\nIt can be re-added if there exists a reliably test for usable struct\npage in the allocated DMA-backed buffer object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58091",
"url": "https://www.suse.com/security/cve/CVE-2024-58091"
},
{
"category": "external",
"summary": "SUSE Bug 1240174 for CVE-2024-58091",
"url": "https://bugzilla.suse.com/1240174"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-58091"
},
{
"cve": "CVE-2024-58093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/ASPM: Fix link state exit during switch upstream function removal\n\nBefore 456d8aa37d0f (\"PCI/ASPM: Disable ASPM on MFD function removal to\navoid use-after-free\"), we would free the ASPM link only after the last\nfunction on the bus pertaining to the given link was removed.\n\nThat was too late. If function 0 is removed before sibling function,\nlink-\u003edownstream would point to free\u0027d memory after.\n\nAfter above change, we freed the ASPM parent link state upon any function\nremoval on the bus pertaining to a given link.\n\nThat is too early. If the link is to a PCIe switch with MFD on the upstream\nport, then removing functions other than 0 first would free a link which\nstill remains parent_link to the remaining downstream ports.\n\nThe resulting GPFs are especially frequent during hot-unplug, because\npciehp removes devices on the link bus in reverse order.\n\nOn that switch, function 0 is the virtual P2P bridge to the internal bus.\nFree exactly when function 0 is removed -- before the parent link is\nobsolete, but after all subordinate links are gone.\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58093",
"url": "https://www.suse.com/security/cve/CVE-2024-58093"
},
{
"category": "external",
"summary": "SUSE Bug 1241347 for CVE-2024-58093",
"url": "https://bugzilla.suse.com/1241347"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-58093"
},
{
"cve": "CVE-2024-58094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add check read-only before truncation in jfs_truncate_nolock()\n\nAdded a check for \"read-only\" mode in the `jfs_truncate_nolock`\nfunction to avoid errors related to writing to a read-only\nfilesystem.\n\nCall stack:\n\nblock_write_begin() {\n jfs_write_failed() {\n jfs_truncate() {\n jfs_truncate_nolock() {\n txEnd() {\n ...\n log = JFS_SBI(tblk-\u003esb)-\u003elog;\n // (log == NULL)\n\nIf the `isReadOnly(ip)` condition is triggered in\n`jfs_truncate_nolock`, the function execution will stop, and no\nfurther data modification will occur. Instead, the `xtTruncate`\nfunction will be called with the \"COMMIT_WMAP\" flag, preventing\nmodifications in \"read-only\" mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58094",
"url": "https://www.suse.com/security/cve/CVE-2024-58094"
},
{
"category": "external",
"summary": "SUSE Bug 1241443 for CVE-2024-58094",
"url": "https://bugzilla.suse.com/1241443"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-58094"
},
{
"cve": "CVE-2024-58095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add check read-only before txBeginAnon() call\n\nAdded a read-only check before calling `txBeginAnon` in `extAlloc`\nand `extRecord`. This prevents modification attempts on a read-only\nmounted filesystem, avoiding potential errors or crashes.\n\nCall trace:\n txBeginAnon+0xac/0x154\n extAlloc+0xe8/0xdec fs/jfs/jfs_extent.c:78\n jfs_get_block+0x340/0xb98 fs/jfs/inode.c:248\n __block_write_begin_int+0x580/0x166c fs/buffer.c:2128\n __block_write_begin fs/buffer.c:2177 [inline]\n block_write_begin+0x98/0x11c fs/buffer.c:2236\n jfs_write_begin+0x44/0x88 fs/jfs/inode.c:299",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58095",
"url": "https://www.suse.com/security/cve/CVE-2024-58095"
},
{
"category": "external",
"summary": "SUSE Bug 1241442 for CVE-2024-58095",
"url": "https://bugzilla.suse.com/1241442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-58095"
},
{
"cve": "CVE-2024-58096",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58096"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: add srng-\u003elock for ath11k_hal_srng_* in monitor mode\n\nath11k_hal_srng_* should be used with srng-\u003elock to protect srng data.\n\nFor ath11k_dp_rx_mon_dest_process() and ath11k_dp_full_mon_process_rx(),\nthey use ath11k_hal_srng_* for many times but never call srng-\u003elock.\n\nSo when running (full) monitor mode, warning will occur:\nRIP: 0010:ath11k_hal_srng_dst_peek+0x18/0x30 [ath11k]\nCall Trace:\n ? ath11k_hal_srng_dst_peek+0x18/0x30 [ath11k]\n ath11k_dp_rx_process_mon_status+0xc45/0x1190 [ath11k]\n ? idr_alloc_u32+0x97/0xd0\n ath11k_dp_rx_process_mon_rings+0x32a/0x550 [ath11k]\n ath11k_dp_service_srng+0x289/0x5a0 [ath11k]\n ath11k_pcic_ext_grp_napi_poll+0x30/0xd0 [ath11k]\n __napi_poll+0x30/0x1f0\n net_rx_action+0x198/0x320\n __do_softirq+0xdd/0x319\n\nSo add srng-\u003elock for them to avoid such warnings.\n\nInorder to fetch the srng-\u003elock, should change srng\u0027s definition from\n\u0027void\u0027 to \u0027struct hal_srng\u0027. And initialize them elsewhere to prevent\none line of code from being too long. This is consistent with other ring\nprocess functions, such as ath11k_dp_process_rx().\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30\nTested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58096",
"url": "https://www.suse.com/security/cve/CVE-2024-58096"
},
{
"category": "external",
"summary": "SUSE Bug 1241344 for CVE-2024-58096",
"url": "https://bugzilla.suse.com/1241344"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-58096"
},
{
"cve": "CVE-2024-58097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix RCU stall while reaping monitor destination ring\n\nWhile processing the monitor destination ring, MSDUs are reaped from the\nlink descriptor based on the corresponding buf_id.\n\nHowever, sometimes the driver cannot obtain a valid buffer corresponding\nto the buf_id received from the hardware. This causes an infinite loop\nin the destination processing, resulting in a kernel crash.\n\nkernel log:\nath11k_pci 0000:58:00.0: data msdu_pop: invalid buf_id 309\nath11k_pci 0000:58:00.0: data dp_rx_monitor_link_desc_return failed\nath11k_pci 0000:58:00.0: data msdu_pop: invalid buf_id 309\nath11k_pci 0000:58:00.0: data dp_rx_monitor_link_desc_return failed\n\nFix this by skipping the problematic buf_id and reaping the next entry,\nreplacing the break with the next MSDU processing.\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30\nTested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58097",
"url": "https://www.suse.com/security/cve/CVE-2024-58097"
},
{
"category": "external",
"summary": "SUSE Bug 1241343 for CVE-2024-58097",
"url": "https://bugzilla.suse.com/1241343"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-58097"
},
{
"cve": "CVE-2025-21635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe per-netns structure can be obtained from the table-\u003edata using\ncontainer_of(), then the \u0027net\u0027 one can be retrieved from the listen\nsocket (if available).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21635",
"url": "https://www.suse.com/security/cve/CVE-2025-21635"
},
{
"category": "external",
"summary": "SUSE Bug 1236111 for CVE-2025-21635",
"url": "https://bugzilla.suse.com/1236111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21635"
},
{
"cve": "CVE-2025-21648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\n\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\nresizing hashtable because __GFP_NOWARN is unset. See:\n\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\n\nNote: hashtable resize is only possible from init_netns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21648",
"url": "https://www.suse.com/security/cve/CVE-2025-21648"
},
{
"category": "external",
"summary": "SUSE Bug 1236142 for CVE-2025-21648",
"url": "https://bugzilla.suse.com/1236142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21648"
},
{
"cve": "CVE-2025-21659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdev: prevent accessing NAPI instances from another namespace\n\nThe NAPI IDs were not fully exposed to user space prior to the netlink\nAPI, so they were never namespaced. The netlink API must ensure that\nat the very least NAPI instance belongs to the same netns as the owner\nof the genl sock.\n\nnapi_by_id() can become static now, but it needs to move because of\ndev_get_by_napi_id().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21659",
"url": "https://www.suse.com/security/cve/CVE-2025-21659"
},
{
"category": "external",
"summary": "SUSE Bug 1236206 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "external",
"summary": "SUSE Bug 1236207 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-21659"
},
{
"cve": "CVE-2025-21683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix bpf_sk_select_reuseport() memory leak\n\nAs pointed out in the original comment, lookup in sockmap can return a TCP\nESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUSEPORT_EBPF\nset before it was ESTABLISHED. In other words, a non-NULL sk_reuseport_cb\ndoes not imply a non-refcounted socket.\n\nDrop sk\u0027s reference in both error paths.\n\nunreferenced object 0xffff888101911800 (size 2048):\n comm \"test_progs\", pid 44109, jiffies 4297131437\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 80 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 9336483b):\n __kmalloc_noprof+0x3bf/0x560\n __reuseport_alloc+0x1d/0x40\n reuseport_alloc+0xca/0x150\n reuseport_attach_prog+0x87/0x140\n sk_reuseport_attach_bpf+0xc8/0x100\n sk_setsockopt+0x1181/0x1990\n do_sock_setsockopt+0x12b/0x160\n __sys_setsockopt+0x7b/0xc0\n __x64_sys_setsockopt+0x1b/0x30\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21683",
"url": "https://www.suse.com/security/cve/CVE-2025-21683"
},
{
"category": "external",
"summary": "SUSE Bug 1236704 for CVE-2025-21683",
"url": "https://bugzilla.suse.com/1236704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "low"
}
],
"title": "CVE-2025-21683"
},
{
"cve": "CVE-2025-21693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: properly synchronize freeing resources during CPU hotunplug\n\nIn zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the\ncurrent CPU at the beginning of the operation is retrieved and used\nthroughout. However, since neither preemption nor migration are disabled,\nit is possible that the operation continues on a different CPU.\n\nIf the original CPU is hotunplugged while the acomp_ctx is still in use,\nwe run into a UAF bug as some of the resources attached to the acomp_ctx\nare freed during hotunplug in zswap_cpu_comp_dead() (i.e. \nacomp_ctx.buffer, acomp_ctx.req, or acomp_ctx.acomp).\n\nThe problem was introduced in commit 1ec3b5fe6eec (\"mm/zswap: move to use\ncrypto_acomp API for hardware acceleration\") when the switch to the\ncrypto_acomp API was made. Prior to that, the per-CPU crypto_comp was\nretrieved using get_cpu_ptr() which disables preemption and makes sure the\nCPU cannot go away from under us. Preemption cannot be disabled with the\ncrypto_acomp API as a sleepable context is needed.\n\nUse the acomp_ctx.mutex to synchronize CPU hotplug callbacks allocating\nand freeing resources with compression/decompression paths. Make sure\nthat acomp_ctx.req is NULL when the resources are freed. In the\ncompression/decompression paths, check if acomp_ctx.req is NULL after\nacquiring the mutex (meaning the CPU was offlined) and retry on the new\nCPU.\n\nThe initialization of acomp_ctx.mutex is moved from the CPU hotplug\ncallback to the pool initialization where it belongs (where the mutex is\nallocated). In addition to adding clarity, this makes sure that CPU\nhotplug cannot reinitialize a mutex that is already locked by\ncompression/decompression.\n\nPreviously a fix was attempted by holding cpus_read_lock() [1]. This\nwould have caused a potential deadlock as it is possible for code already\nholding the lock to fall into reclaim and enter zswap (causing a\ndeadlock). A fix was also attempted using SRCU for synchronization, but\nJohannes pointed out that synchronize_srcu() cannot be used in CPU hotplug\nnotifiers [2].\n\nAlternative fixes that were considered/attempted and could have worked:\n- Refcounting the per-CPU acomp_ctx. This involves complexity in\n handling the race between the refcount dropping to zero in\n zswap_[de]compress() and the refcount being re-initialized when the\n CPU is onlined.\n- Disabling migration before getting the per-CPU acomp_ctx [3], but\n that\u0027s discouraged and is a much bigger hammer than needed, and could\n result in subtle performance issues.\n\n[1]https://lkml.kernel.org/20241219212437.2714151-1-yosryahmed@google.com/\n[2]https://lkml.kernel.org/20250107074724.1756696-2-yosryahmed@google.com/\n[3]https://lkml.kernel.org/20250107222236.2715883-2-yosryahmed@google.com/\n\n[yosryahmed@google.com: remove comment]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21693",
"url": "https://www.suse.com/security/cve/CVE-2025-21693"
},
{
"category": "external",
"summary": "SUSE Bug 1237029 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "external",
"summary": "SUSE Bug 1237047 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-21693"
},
{
"cve": "CVE-2025-21696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21696"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: clear uffd-wp PTE/PMD state on mremap()\n\nWhen mremap()ing a memory region previously registered with userfaultfd as\nwrite-protected but without UFFD_FEATURE_EVENT_REMAP, an inconsistency in\nflag clearing leads to a mismatch between the vma flags (which have\nuffd-wp cleared) and the pte/pmd flags (which do not have uffd-wp\ncleared). This mismatch causes a subsequent mprotect(PROT_WRITE) to\ntrigger a warning in page_table_check_pte_flags() due to setting the pte\nto writable while uffd-wp is still set.\n\nFix this by always explicitly clearing the uffd-wp pte/pmd flags on any\nsuch mremap() so that the values are consistent with the existing clearing\nof VM_UFFD_WP. Be careful to clear the logical flag regardless of its\nphysical form; a PTE bit, a swap PTE bit, or a PTE marker. Cover PTE,\nhuge PMD and hugetlb paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21696",
"url": "https://www.suse.com/security/cve/CVE-2025-21696"
},
{
"category": "external",
"summary": "SUSE Bug 1237111 for CVE-2025-21696",
"url": "https://bugzilla.suse.com/1237111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21696"
},
{
"cve": "CVE-2025-21701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid race between device unregistration and ethnl ops\n\nThe following trace can be seen if a device is being unregistered while\nits number of channels are being modified.\n\n DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120\n CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771\n RIP: 0010:__mutex_lock+0xc8a/0x1120\n Call Trace:\n \u003cTASK\u003e\n ethtool_check_max_channel+0x1ea/0x880\n ethnl_set_channels+0x3c3/0xb10\n ethnl_default_set_doit+0x306/0x650\n genl_family_rcv_msg_doit+0x1e3/0x2c0\n genl_rcv_msg+0x432/0x6f0\n netlink_rcv_skb+0x13d/0x3b0\n genl_rcv+0x28/0x40\n netlink_unicast+0x42e/0x720\n netlink_sendmsg+0x765/0xc20\n __sys_sendto+0x3ac/0x420\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x95/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThis is because unregister_netdevice_many_notify might run before the\nrtnl lock section of ethnl operations, eg. set_channels in the above\nexample. In this example the rss lock would be destroyed by the device\nunregistration path before being used again, but in general running\nethnl operations while dismantle has started is not a good idea.\n\nFix this by denying any operation on devices being unregistered. A check\nwas already there in ethnl_ops_begin, but not wide enough.\n\nNote that the same issue cannot be seen on the ioctl version\n(__dev_ethtool) because the device reference is retrieved from within\nthe rtnl lock section there. Once dismantle started, the net device is\nunlisted and no reference will be found.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21701",
"url": "https://www.suse.com/security/cve/CVE-2025-21701"
},
{
"category": "external",
"summary": "SUSE Bug 1237164 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "external",
"summary": "SUSE Bug 1245805 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1245805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog()\n\nqdisc_tree_reduce_backlog() notifies parent qdisc only if child\nqdisc becomes empty, therefore we need to reduce the backlog of the\nchild qdisc before calling it. Otherwise it would miss the opportunity\nto call cops-\u003eqlen_notify(), in the case of DRR, it resulted in UAF\nsince DRR uses -\u003eqlen_notify() to maintain its active list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21703",
"url": "https://www.suse.com/security/cve/CVE-2025-21703"
},
{
"category": "external",
"summary": "SUSE Bug 1237313 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "external",
"summary": "SUSE Bug 1245796 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1245796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-21703"
},
{
"cve": "CVE-2025-21706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21706"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only set fullmesh for subflow endp\n\nWith the in-kernel path-manager, it is possible to change the \u0027fullmesh\u0027\nflag. The code in mptcp_pm_nl_fullmesh() expects to change it only on\n\u0027subflow\u0027 endpoints, to recreate more or less subflows using the linked\naddress.\n\nUnfortunately, the set_flags() hook was a bit more permissive, and\nallowed \u0027implicit\u0027 endpoints to get the \u0027fullmesh\u0027 flag while it is not\nallowed before.\n\nThat\u0027s what syzbot found, triggering the following warning:\n\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 __mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Modules linked in:\n CPU: 0 UID: 0 PID: 6499 Comm: syz.1.413 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n RIP: 0010:mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n RIP: 0010:mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Code: 01 00 00 49 89 c5 e8 fb 45 e8 f5 e9 b8 fc ff ff e8 f1 45 e8 f5 4c 89 f7 be 03 00 00 00 e8 44 1d 0b f9 eb a0 e8 dd 45 e8 f5 90 \u003c0f\u003e 0b 90 e9 17 ff ff ff 89 d9 80 e1 07 38 c1 0f 8c c9 fc ff ff 48\n RSP: 0018:ffffc9000d307240 EFLAGS: 00010293\n RAX: ffffffff8bb72e03 RBX: 0000000000000000 RCX: ffff88807da88000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000d307430 R08: ffffffff8bb72cf0 R09: 1ffff1100b842a5e\n R10: dffffc0000000000 R11: ffffed100b842a5f R12: ffff88801e2e5ac0\n R13: ffff88805c214800 R14: ffff88805c2152e8 R15: 1ffff1100b842a5d\n FS: 00005555619f6500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020002840 CR3: 00000000247e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2542\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f5fe8785d29\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007fff571f5558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f5fe8975fa0 RCX: 00007f5fe8785d29\n RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000007\n RBP: 00007f5fe8801b08 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 00007f5fe8975fa0 R14: 00007f5fe8975fa0 R15: 000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21706",
"url": "https://www.suse.com/security/cve/CVE-2025-21706"
},
{
"category": "external",
"summary": "SUSE Bug 1238528 for CVE-2025-21706",
"url": "https://bugzilla.suse.com/1238528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21706"
},
{
"cve": "CVE-2025-21707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21707"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: consolidate suboption status\n\nMPTCP maintains the received sub-options status is the bitmask carrying\nthe received suboptions and in several bitfields carrying per suboption\nadditional info.\n\nZeroing the bitmask before parsing is not enough to ensure a consistent\nstatus, and the MPTCP code has to additionally clear some bitfiled\ndepending on the actually parsed suboption.\n\nThe above schema is fragile, and syzbot managed to trigger a path where\na relevant bitfield is not cleared/initialized:\n\n BUG: KMSAN: uninit-value in __mptcp_expand_seq net/mptcp/options.c:1030 [inline]\n BUG: KMSAN: uninit-value in mptcp_expand_seq net/mptcp/protocol.h:864 [inline]\n BUG: KMSAN: uninit-value in ack_update_msk net/mptcp/options.c:1060 [inline]\n BUG: KMSAN: uninit-value in mptcp_incoming_options+0x2036/0x3d30 net/mptcp/options.c:1209\n __mptcp_expand_seq net/mptcp/options.c:1030 [inline]\n mptcp_expand_seq net/mptcp/protocol.h:864 [inline]\n ack_update_msk net/mptcp/options.c:1060 [inline]\n mptcp_incoming_options+0x2036/0x3d30 net/mptcp/options.c:1209\n tcp_data_queue+0xb4/0x7be0 net/ipv4/tcp_input.c:5233\n tcp_rcv_established+0x1061/0x2510 net/ipv4/tcp_input.c:6264\n tcp_v4_do_rcv+0x7f3/0x11a0 net/ipv4/tcp_ipv4.c:1916\n tcp_v4_rcv+0x51df/0x5750 net/ipv4/tcp_ipv4.c:2351\n ip_protocol_deliver_rcu+0x2a3/0x13d0 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:460 [inline]\n ip_rcv_finish+0x4a2/0x520 net/ipv4/ip_input.c:447\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_rcv+0xcd/0x380 net/ipv4/ip_input.c:567\n __netif_receive_skb_one_core net/core/dev.c:5704 [inline]\n __netif_receive_skb+0x319/0xa00 net/core/dev.c:5817\n process_backlog+0x4ad/0xa50 net/core/dev.c:6149\n __napi_poll+0xe7/0x980 net/core/dev.c:6902\n napi_poll net/core/dev.c:6971 [inline]\n net_rx_action+0xa5a/0x19b0 net/core/dev.c:7093\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4493\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_hh_output include/net/neighbour.h:523 [inline]\n neigh_output include/net/neighbour.h:537 [inline]\n ip_finish_output2+0x187c/0x1b70 net/ipv4/ip_output.c:236\n __ip_finish_output+0x287/0x810\n ip_finish_output+0x4b/0x600 net/ipv4/ip_output.c:324\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip_output+0x15f/0x3f0 net/ipv4/ip_output.c:434\n dst_output include/net/dst.h:450 [inline]\n ip_local_out net/ipv4/ip_output.c:130 [inline]\n __ip_queue_xmit+0x1f2a/0x20d0 net/ipv4/ip_output.c:536\n ip_queue_xmit+0x60/0x80 net/ipv4/ip_output.c:550\n __tcp_transmit_skb+0x3cea/0x4900 net/ipv4/tcp_output.c:1468\n tcp_transmit_skb net/ipv4/tcp_output.c:1486 [inline]\n tcp_write_xmit+0x3b90/0x9070 net/ipv4/tcp_output.c:2829\n __tcp_push_pending_frames+0xc4/0x380 net/ipv4/tcp_output.c:3012\n tcp_send_fin+0x9f6/0xf50 net/ipv4/tcp_output.c:3618\n __tcp_close+0x140c/0x1550 net/ipv4/tcp.c:3130\n __mptcp_close_ssk+0x74e/0x16f0 net/mptcp/protocol.c:2496\n mptcp_close_ssk+0x26b/0x2c0 net/mptcp/protocol.c:2550\n mptcp_pm_nl_rm_addr_or_subflow+0x635/0xd10 net/mptcp/pm_netlink.c:889\n mptcp_pm_nl_rm_subflow_received net/mptcp/pm_netlink.c:924 [inline]\n mptcp_pm_flush_addrs_and_subflows net/mptcp/pm_netlink.c:1688 [inline]\n mptcp_nl_flush_addrs_list net/mptcp/pm_netlink.c:1709 [inline]\n mptcp_pm_nl_flush_addrs_doit+0xe10/0x1630 net/mptcp/pm_netlink.c:1750\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21707",
"url": "https://www.suse.com/security/cve/CVE-2025-21707"
},
{
"category": "external",
"summary": "SUSE Bug 1238862 for CVE-2025-21707",
"url": "https://bugzilla.suse.com/1238862"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21707"
},
{
"cve": "CVE-2025-21717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21717"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: add missing cpu_to_node to kvzalloc_node in mlx5e_open_xdpredirect_sq\n\nkvzalloc_node is not doing a runtime check on the node argument\n(__alloc_pages_node_noprof does have a VM_BUG_ON, but it expands to\nnothing on !CONFIG_DEBUG_VM builds), so doing any ethtool/netlink\noperation that calls mlx5e_open on a CPU that\u0027s larger that MAX_NUMNODES\ntriggers OOB access and panic (see the trace below).\n\nAdd missing cpu_to_node call to convert cpu id to node id.\n\n[ 165.427394] mlx5_core 0000:5c:00.0 beth1: Link up\n[ 166.479327] BUG: unable to handle page fault for address: 0000000800000010\n[ 166.494592] #PF: supervisor read access in kernel mode\n[ 166.505995] #PF: error_code(0x0000) - not-present page\n...\n[ 166.816958] Call Trace:\n[ 166.822380] \u003cTASK\u003e\n[ 166.827034] ? __die_body+0x64/0xb0\n[ 166.834774] ? page_fault_oops+0x2cd/0x3f0\n[ 166.843862] ? exc_page_fault+0x63/0x130\n[ 166.852564] ? asm_exc_page_fault+0x22/0x30\n[ 166.861843] ? __kvmalloc_node_noprof+0x43/0xd0\n[ 166.871897] ? get_partial_node+0x1c/0x320\n[ 166.880983] ? deactivate_slab+0x269/0x2b0\n[ 166.890069] ___slab_alloc+0x521/0xa90\n[ 166.898389] ? __kvmalloc_node_noprof+0x43/0xd0\n[ 166.908442] __kmalloc_node_noprof+0x216/0x3f0\n[ 166.918302] ? __kvmalloc_node_noprof+0x43/0xd0\n[ 166.928354] __kvmalloc_node_noprof+0x43/0xd0\n[ 166.938021] mlx5e_open_channels+0x5e2/0xc00\n[ 166.947496] mlx5e_open_locked+0x3e/0xf0\n[ 166.956201] mlx5e_open+0x23/0x50\n[ 166.963551] __dev_open+0x114/0x1c0\n[ 166.971292] __dev_change_flags+0xa2/0x1b0\n[ 166.980378] dev_change_flags+0x21/0x60\n[ 166.988887] do_setlink+0x38d/0xf20\n[ 166.996628] ? ep_poll_callback+0x1b9/0x240\n[ 167.005910] ? __nla_validate_parse.llvm.10713395753544950386+0x80/0xd70\n[ 167.020782] ? __wake_up_sync_key+0x52/0x80\n[ 167.030066] ? __mutex_lock+0xff/0x550\n[ 167.038382] ? security_capable+0x50/0x90\n[ 167.047279] rtnl_setlink+0x1c9/0x210\n[ 167.055403] ? ep_poll_callback+0x1b9/0x240\n[ 167.064684] ? security_capable+0x50/0x90\n[ 167.073579] rtnetlink_rcv_msg+0x2f9/0x310\n[ 167.082667] ? rtnetlink_bind+0x30/0x30\n[ 167.091173] netlink_rcv_skb+0xb1/0xe0\n[ 167.099492] netlink_unicast+0x20f/0x2e0\n[ 167.108191] netlink_sendmsg+0x389/0x420\n[ 167.116896] __sys_sendto+0x158/0x1c0\n[ 167.125024] __x64_sys_sendto+0x22/0x30\n[ 167.133534] do_syscall_64+0x63/0x130\n[ 167.141657] ? __irq_exit_rcu.llvm.17843942359718260576+0x52/0xd0\n[ 167.155181] entry_SYSCALL_64_after_hwframe+0x4b/0x53",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21717",
"url": "https://www.suse.com/security/cve/CVE-2025-21717"
},
{
"category": "external",
"summary": "SUSE Bug 1238866 for CVE-2025-21717",
"url": "https://bugzilla.suse.com/1238866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21717"
},
{
"cve": "CVE-2025-21729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21729"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: fix race between cancel_hw_scan and hw_scan completion\n\nThe rtwdev-\u003escanning flag isn\u0027t protected by mutex originally, so\ncancel_hw_scan can pass the condition, but suddenly hw_scan completion\nunset the flag and calls ieee80211_scan_completed() that will free\nlocal-\u003ehw_scan_req. Then, cancel_hw_scan raises null-ptr-deref and\nuse-after-free. Fix it by moving the check condition to where\nprotected by mutex.\n\n KASAN: null-ptr-deref in range [0x0000000000000088-0x000000000000008f]\n CPU: 2 PID: 6922 Comm: kworker/2:2 Tainted: G OE\n Hardware name: LENOVO 2356AD1/2356AD1, BIOS G7ETB6WW (2.76 ) 09/10/2019\n Workqueue: events cfg80211_conn_work [cfg80211]\n RIP: 0010:rtw89_fw_h2c_scan_offload_be+0xc33/0x13c3 [rtw89_core]\n Code: 00 45 89 6c 24 1c 0f 85 23 01 00 00 48 8b 85 20 ff ff ff 48 8d\n RSP: 0018:ffff88811fd9f068 EFLAGS: 00010206\n RAX: dffffc0000000000 RBX: ffff88811fd9f258 RCX: 0000000000000001\n RDX: 0000000000000011 RSI: 0000000000000001 RDI: 0000000000000089\n RBP: ffff88811fd9f170 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff88811fd9f108 R11: 0000000000000000 R12: ffff88810e47f960\n R13: 0000000000000000 R14: 000000000000ffff R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8881d6f00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007531dfca55b0 CR3: 00000001be296004 CR4: 00000000001706e0\n Call Trace:\n \u003cTASK\u003e\n ? show_regs+0x61/0x73\n ? __die_body+0x20/0x73\n ? die_addr+0x4f/0x7b\n ? exc_general_protection+0x191/0x1db\n ? asm_exc_general_protection+0x27/0x30\n ? rtw89_fw_h2c_scan_offload_be+0xc33/0x13c3 [rtw89_core]\n ? rtw89_fw_h2c_scan_offload_be+0x458/0x13c3 [rtw89_core]\n ? __pfx_rtw89_fw_h2c_scan_offload_be+0x10/0x10 [rtw89_core]\n ? do_raw_spin_lock+0x75/0xdb\n ? __pfx_do_raw_spin_lock+0x10/0x10\n rtw89_hw_scan_offload+0xb5e/0xbf7 [rtw89_core]\n ? _raw_spin_unlock+0xe/0x24\n ? __mutex_lock.constprop.0+0x40c/0x471\n ? __pfx_rtw89_hw_scan_offload+0x10/0x10 [rtw89_core]\n ? __mutex_lock_slowpath+0x13/0x1f\n ? mutex_lock+0xa2/0xdc\n ? __pfx_mutex_lock+0x10/0x10\n rtw89_hw_scan_abort+0x58/0xb7 [rtw89_core]\n rtw89_ops_cancel_hw_scan+0x120/0x13b [rtw89_core]\n ieee80211_scan_cancel+0x468/0x4d0 [mac80211]\n ieee80211_prep_connection+0x858/0x899 [mac80211]\n ieee80211_mgd_auth+0xbea/0xdde [mac80211]\n ? __pfx_ieee80211_mgd_auth+0x10/0x10 [mac80211]\n ? cfg80211_find_elem+0x15/0x29 [cfg80211]\n ? is_bss+0x1b7/0x1d7 [cfg80211]\n ieee80211_auth+0x18/0x27 [mac80211]\n cfg80211_mlme_auth+0x3bb/0x3e7 [cfg80211]\n cfg80211_conn_do_work+0x410/0xb81 [cfg80211]\n ? __pfx_cfg80211_conn_do_work+0x10/0x10 [cfg80211]\n ? __kasan_check_read+0x11/0x1f\n ? psi_group_change+0x8bc/0x944\n ? __kasan_check_write+0x14/0x22\n ? mutex_lock+0x8e/0xdc\n ? __pfx_mutex_lock+0x10/0x10\n ? __pfx___radix_tree_lookup+0x10/0x10\n cfg80211_conn_work+0x245/0x34d [cfg80211]\n ? __pfx_cfg80211_conn_work+0x10/0x10 [cfg80211]\n ? update_cfs_rq_load_avg+0x3bc/0x3d7\n ? sched_clock_noinstr+0x9/0x1a\n ? sched_clock+0x10/0x24\n ? sched_clock_cpu+0x7e/0x42e\n ? newidle_balance+0x796/0x937\n ? __pfx_sched_clock_cpu+0x10/0x10\n ? __pfx_newidle_balance+0x10/0x10\n ? __kasan_check_read+0x11/0x1f\n ? psi_group_change+0x8bc/0x944\n ? _raw_spin_unlock+0xe/0x24\n ? raw_spin_rq_unlock+0x47/0x54\n ? raw_spin_rq_unlock_irq+0x9/0x1f\n ? finish_task_switch.isra.0+0x347/0x586\n ? __schedule+0x27bf/0x2892\n ? mutex_unlock+0x80/0xd0\n ? do_raw_spin_lock+0x75/0xdb\n ? __pfx___schedule+0x10/0x10\n process_scheduled_works+0x58c/0x821\n worker_thread+0x4c7/0x586\n ? __kasan_check_read+0x11/0x1f\n kthread+0x285/0x294\n ? __pfx_worker_thread+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x6f\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21729",
"url": "https://www.suse.com/security/cve/CVE-2025-21729"
},
{
"category": "external",
"summary": "SUSE Bug 1237874 for CVE-2025-21729",
"url": "https://bugzilla.suse.com/1237874"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21729"
},
{
"cve": "CVE-2025-21739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix use-after free in init error and remove paths\n\ndevm_blk_crypto_profile_init() registers a cleanup handler to run when\nthe associated (platform-) device is being released. For UFS, the\ncrypto private data and pointers are stored as part of the ufs_hba\u0027s\ndata structure \u0027struct ufs_hba::crypto_profile\u0027. This structure is\nallocated as part of the underlying ufshcd and therefore Scsi_host\nallocation.\n\nDuring driver release or during error handling in ufshcd_pltfrm_init(),\nthis structure is released as part of ufshcd_dealloc_host() before the\n(platform-) device associated with the crypto call above is released.\nOnce this device is released, the crypto cleanup code will run, using\nthe just-released \u0027struct ufs_hba::crypto_profile\u0027. This causes a\nuse-after-free situation:\n\n Call trace:\n kfree+0x60/0x2d8 (P)\n kvfree+0x44/0x60\n blk_crypto_profile_destroy_callback+0x28/0x70\n devm_action_release+0x1c/0x30\n release_nodes+0x6c/0x108\n devres_release_all+0x98/0x100\n device_unbind_cleanup+0x20/0x70\n really_probe+0x218/0x2d0\n\nIn other words, the initialisation code flow is:\n\n platform-device probe\n ufshcd_pltfrm_init()\n ufshcd_alloc_host()\n scsi_host_alloc()\n allocation of struct ufs_hba\n creation of scsi-host devices\n devm_blk_crypto_profile_init()\n devm registration of cleanup handler using platform-device\n\nand during error handling of ufshcd_pltfrm_init() or during driver\nremoval:\n\n ufshcd_dealloc_host()\n scsi_host_put()\n put_device(scsi-host)\n release of struct ufs_hba\n put_device(platform-device)\n crypto cleanup handler\n\nTo fix this use-after free, change ufshcd_alloc_host() to register a\ndevres action to automatically cleanup the underlying SCSI device on\nufshcd destruction, without requiring explicit calls to\nufshcd_dealloc_host(). This way:\n\n * the crypto profile and all other ufs_hba-owned resources are\n destroyed before SCSI (as they\u0027ve been registered after)\n * a memleak is plugged in tc-dwc-g210-pci.c remove() as a\n side-effect\n * EXPORT_SYMBOL_GPL(ufshcd_dealloc_host) can be removed fully as\n it\u0027s not needed anymore\n * no future drivers using ufshcd_alloc_host() could ever forget\n adding the cleanup",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21739",
"url": "https://www.suse.com/security/cve/CVE-2025-21739"
},
{
"category": "external",
"summary": "SUSE Bug 1238506 for CVE-2025-21739",
"url": "https://bugzilla.suse.com/1238506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21739"
},
{
"cve": "CVE-2025-21753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21753"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free when attempting to join an aborted transaction\n\nWhen we are trying to join the current transaction and if it\u0027s aborted,\nwe read its \u0027aborted\u0027 field after unlocking fs_info-\u003etrans_lock and\nwithout holding any extra reference count on it. This means that a\nconcurrent task that is aborting the transaction may free the transaction\nbefore we read its \u0027aborted\u0027 field, leading to a use-after-free.\n\nFix this by reading the \u0027aborted\u0027 field while holding fs_info-\u003etrans_lock\nsince any freeing task must first acquire that lock and set\nfs_info-\u003erunning_transaction to NULL before freeing the transaction.\n\nThis was reported by syzbot and Dmitry with the following stack traces\nfrom KASAN:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n Read of size 4 at addr ffff888011839024 by task kworker/u4:9/1128\n\n CPU: 0 UID: 0 PID: 1128 Comm: kworker/u4:9 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Workqueue: events_unbound btrfs_async_reclaim_data_space\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n flush_space+0x448/0xcf0 fs/btrfs/space-info.c:803\n btrfs_async_reclaim_data_space+0x159/0x510 fs/btrfs/space-info.c:1321\n process_one_work kernel/workqueue.c:3236 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3317\n worker_thread+0x870/0xd30 kernel/workqueue.c:3398\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\n Allocated by task 5315:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n join_transaction+0x144/0xda0 fs/btrfs/transaction.c:308\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n btrfs_create_common+0x1b2/0x2e0 fs/btrfs/inode.c:6572\n lookup_open fs/namei.c:3649 [inline]\n open_last_lookups fs/namei.c:3748 [inline]\n path_openat+0x1c03/0x3590 fs/namei.c:3984\n do_filp_open+0x27f/0x4e0 fs/namei.c:4014\n do_sys_openat2+0x13e/0x1d0 fs/open.c:1402\n do_sys_open fs/open.c:1417 [inline]\n __do_sys_creat fs/open.c:1495 [inline]\n __se_sys_creat fs/open.c:1489 [inline]\n __x64_sys_creat+0x123/0x170 fs/open.c:1489\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 5336:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n cleanup_transaction fs/btrfs/transaction.c:2063 [inline]\n btrfs_commit_transaction+0x2c97/0x3720 fs/btrfs/transaction.c:2598\n insert_balance_item+0x1284/0x20b0 fs/btrfs/volumes.c:3757\n btrfs_balance+0x992/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21753",
"url": "https://www.suse.com/security/cve/CVE-2025-21753"
},
{
"category": "external",
"summary": "SUSE Bug 1237875 for CVE-2025-21753",
"url": "https://bugzilla.suse.com/1237875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21753"
},
{
"cve": "CVE-2025-21755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21755"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21755",
"url": "https://www.suse.com/security/cve/CVE-2025-21755"
},
{
"category": "external",
"summary": "SUSE Bug 1237882 for CVE-2025-21755",
"url": "https://bugzilla.suse.com/1237882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21755"
},
{
"cve": "CVE-2025-21758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: add RCU protection to mld_newpack()\n\nmld_newpack() can be called without RTNL or RCU being held.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21758",
"url": "https://www.suse.com/security/cve/CVE-2025-21758"
},
{
"category": "external",
"summary": "SUSE Bug 1238737 for CVE-2025-21758",
"url": "https://bugzilla.suse.com/1238737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21758"
},
{
"cve": "CVE-2025-21759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: extend RCU protection in igmp6_send()\n\nigmp6_send() can be called without RTNL or RCU being held.\n\nExtend RCU protection so that we can safely fetch the net pointer\nand avoid a potential UAF.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21759",
"url": "https://www.suse.com/security/cve/CVE-2025-21759"
},
{
"category": "external",
"summary": "SUSE Bug 1238738 for CVE-2025-21759",
"url": "https://bugzilla.suse.com/1238738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21759"
},
{
"cve": "CVE-2025-21760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21760"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: extend RCU protection in ndisc_send_skb()\n\nndisc_send_skb() can be called without RTNL or RCU held.\n\nAcquire rcu_read_lock() earlier, so that we can use dev_net_rcu()\nand avoid a potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21760",
"url": "https://www.suse.com/security/cve/CVE-2025-21760"
},
{
"category": "external",
"summary": "SUSE Bug 1238763 for CVE-2025-21760",
"url": "https://bugzilla.suse.com/1238763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21760"
},
{
"cve": "CVE-2025-21761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: use RCU protection in ovs_vport_cmd_fill_info()\n\novs_vport_cmd_fill_info() can be called without RTNL or RCU.\n\nUse RCU protection and dev_net_rcu() to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21761",
"url": "https://www.suse.com/security/cve/CVE-2025-21761"
},
{
"category": "external",
"summary": "SUSE Bug 1238775 for CVE-2025-21761",
"url": "https://bugzilla.suse.com/1238775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21761"
},
{
"cve": "CVE-2025-21762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: use RCU protection in arp_xmit()\n\narp_xmit() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21762",
"url": "https://www.suse.com/security/cve/CVE-2025-21762"
},
{
"category": "external",
"summary": "SUSE Bug 1238780 for CVE-2025-21762",
"url": "https://bugzilla.suse.com/1238780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21762"
},
{
"cve": "CVE-2025-21763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nneighbour: use RCU protection in __neigh_notify()\n\n__neigh_notify() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21763",
"url": "https://www.suse.com/security/cve/CVE-2025-21763"
},
{
"category": "external",
"summary": "SUSE Bug 1237897 for CVE-2025-21763",
"url": "https://bugzilla.suse.com/1237897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21763"
},
{
"cve": "CVE-2025-21764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: use RCU protection in ndisc_alloc_skb()\n\nndisc_alloc_skb() can be called without RTNL or RCU being held.\n\nAdd RCU protection to avoid possible UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21764",
"url": "https://www.suse.com/security/cve/CVE-2025-21764"
},
{
"category": "external",
"summary": "SUSE Bug 1237885 for CVE-2025-21764",
"url": "https://bugzilla.suse.com/1237885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU protection in ip6_default_advmss()\n\nip6_default_advmss() needs rcu protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21765",
"url": "https://www.suse.com/security/cve/CVE-2025-21765"
},
{
"category": "external",
"summary": "SUSE Bug 1237906 for CVE-2025-21765",
"url": "https://bugzilla.suse.com/1237906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: use RCU protection in __ip_rt_update_pmtu()\n\n__ip_rt_update_pmtu() must use RCU protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21766",
"url": "https://www.suse.com/security/cve/CVE-2025-21766"
},
{
"category": "external",
"summary": "SUSE Bug 1238754 for CVE-2025-21766",
"url": "https://bugzilla.suse.com/1238754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels\n\nSome lwtunnels have a dst cache for post-transformation dst.\nIf the packet destination did not change we may end up recording\na reference to the lwtunnel in its own cache, and the lwtunnel\nstate will never be freed.\n\nDiscovered by the ioam6.sh test, kmemleak was recently fixed\nto catch per-cpu memory leaks. I\u0027m not sure if rpl and seg6\ncan actually hit this, but in principle I don\u0027t see why not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21768",
"url": "https://www.suse.com/security/cve/CVE-2025-21768"
},
{
"category": "external",
"summary": "SUSE Bug 1238714 for CVE-2025-21768",
"url": "https://bugzilla.suse.com/1238714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21768"
},
{
"cve": "CVE-2025-21772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n (which results in partition table entries straddling sector boundaries),\n bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n termination - use strnlen() and strncmp() instead of strlen() and\n strcmp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21772",
"url": "https://www.suse.com/security/cve/CVE-2025-21772"
},
{
"category": "external",
"summary": "SUSE Bug 1238911 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "external",
"summary": "SUSE Bug 1238912 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: fix a oob in orangefs_debug_write\n\nI got a syzbot report: slab-out-of-bounds Read in\norangefs_debug_write... several people suggested fixes,\nI tested Al Viro\u0027s suggestion and made this patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21782",
"url": "https://www.suse.com/security/cve/CVE-2025-21782"
},
{
"category": "external",
"summary": "SUSE Bug 1239117 for CVE-2025-21782",
"url": "https://bugzilla.suse.com/1239117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21782"
},
{
"cve": "CVE-2025-21787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: better TEAM_OPTION_TYPE_STRING validation\n\nsyzbot reported following splat [1]\n\nMake sure user-provided data contains one nul byte.\n\n[1]\n BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inline]\n BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714\n string_nocheck lib/vsprintf.c:633 [inline]\n string+0x3ec/0x5f0 lib/vsprintf.c:714\n vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843\n __request_module+0x252/0x9f0 kernel/module/kmod.c:149\n team_mode_get drivers/net/team/team_core.c:480 [inline]\n team_change_mode drivers/net/team/team_core.c:607 [inline]\n team_mode_option_set+0x437/0x970 drivers/net/team/team_core.c:1401\n team_option_set drivers/net/team/team_core.c:375 [inline]\n team_nl_options_set_doit+0x1339/0x1f90 drivers/net/team/team_core.c:2662\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x1214/0x12c0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2543\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:733\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2573\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2627\n __sys_sendmsg net/socket.c:2659 [inline]\n __do_sys_sendmsg net/socket.c:2664 [inline]\n __se_sys_sendmsg net/socket.c:2662 [inline]\n __x64_sys_sendmsg+0x212/0x3c0 net/socket.c:2662\n x64_sys_call+0x2ed6/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21787",
"url": "https://www.suse.com/security/cve/CVE-2025-21787"
},
{
"category": "external",
"summary": "SUSE Bug 1238774 for CVE-2025-21787",
"url": "https://bugzilla.suse.com/1238774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21787"
},
{
"cve": "CVE-2025-21791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvrf: use RCU protection in l3mdev_l3_out()\n\nl3mdev_l3_out() can be called without RCU being held:\n\nraw_sendmsg()\n ip_push_pending_frames()\n ip_send_skb()\n ip_local_out()\n __ip_local_out()\n l3mdev_ip_out()\n\nAdd rcu_read_lock() / rcu_read_unlock() pair to avoid\na potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21791",
"url": "https://www.suse.com/security/cve/CVE-2025-21791"
},
{
"category": "external",
"summary": "SUSE Bug 1238512 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "external",
"summary": "SUSE Bug 1240744 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1240744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-21791"
},
{
"cve": "CVE-2025-21792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt\n\nIf an AX25 device is bound to a socket by setting the SO_BINDTODEVICE\nsocket option, a refcount leak will occur in ax25_release().\n\nCommit 9fd75b66b8f6 (\"ax25: Fix refcount leaks caused by ax25_cb_del()\")\nadded decrement of device refcounts in ax25_release(). In order for that\nto work correctly the refcounts must already be incremented when the\ndevice is bound to the socket. An AX25 device can be bound to a socket\nby either calling ax25_bind() or setting SO_BINDTODEVICE socket option.\nIn both cases the refcounts should be incremented, but in fact it is done\nonly in ax25_bind().\n\nThis bug leads to the following issue reported by Syzkaller:\n\n================================================================\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 1 PID: 5932 at lib/refcount.c:31 refcount_warn_saturate+0x1ed/0x210 lib/refcount.c:31\nModules linked in:\nCPU: 1 UID: 0 PID: 5932 Comm: syz-executor424 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:refcount_warn_saturate+0x1ed/0x210 lib/refcount.c:31\nCall Trace:\n \u003cTASK\u003e\n __refcount_dec include/linux/refcount.h:336 [inline]\n refcount_dec include/linux/refcount.h:351 [inline]\n ref_tracker_free+0x710/0x820 lib/ref_tracker.c:236\n netdev_tracker_free include/linux/netdevice.h:4156 [inline]\n netdev_put include/linux/netdevice.h:4173 [inline]\n netdev_put include/linux/netdevice.h:4169 [inline]\n ax25_release+0x33f/0xa10 net/ax25/af_ax25.c:1069\n __sock_release+0xb0/0x270 net/socket.c:640\n sock_close+0x1c/0x30 net/socket.c:1408\n ...\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n ...\n \u003c/TASK\u003e\n================================================================\n\nFix the implementation of ax25_setsockopt() by adding increment of\nrefcounts for the new device bound, and decrement of refcounts for\nthe old unbound device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21792",
"url": "https://www.suse.com/security/cve/CVE-2025-21792"
},
{
"category": "external",
"summary": "SUSE Bug 1238745 for CVE-2025-21792",
"url": "https://bugzilla.suse.com/1238745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21792"
},
{
"cve": "CVE-2025-21796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: clear acl_access/acl_default after releasing them\n\nIf getting acl_default fails, acl_access and acl_default will be released\nsimultaneously. However, acl_access will still retain a pointer pointing\nto the released posix_acl, which will trigger a WARNING in\nnfs3svc_release_getacl like this:\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 26 PID: 3199 at lib/refcount.c:28\nrefcount_warn_saturate+0xb5/0x170\nModules linked in:\nCPU: 26 UID: 0 PID: 3199 Comm: nfsd Not tainted\n6.12.0-rc6-00079-g04ae226af01f-dirty #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb5/0x170\nCode: cc cc 0f b6 1d b3 20 a5 03 80 fb 01 0f 87 65 48 d8 00 83 e3 01 75\ne4 48 c7 c7 c0 3b 9b 85 c6 05 97 20 a5 03 01 e8 fb 3e 30 ff \u003c0f\u003e 0b eb\ncd 0f b6 1d 8a3\nRSP: 0018:ffffc90008637cd8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff83904fde\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88871ed36380\nRBP: ffff888158beeb40 R08: 0000000000000001 R09: fffff520010c6f56\nR10: ffffc90008637ab7 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff888140e77400 R14: ffff888140e77408 R15: ffffffff858b42c0\nFS: 0000000000000000(0000) GS:ffff88871ed00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000562384d32158 CR3: 000000055cc6a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xb5/0x170\n ? __warn+0xa5/0x140\n ? refcount_warn_saturate+0xb5/0x170\n ? report_bug+0x1b1/0x1e0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x17/0x40\n ? asm_exc_invalid_op+0x1a/0x20\n ? tick_nohz_tick_stopped+0x1e/0x40\n ? refcount_warn_saturate+0xb5/0x170\n ? refcount_warn_saturate+0xb5/0x170\n nfs3svc_release_getacl+0xc9/0xe0\n svc_process_common+0x5db/0xb60\n ? __pfx_svc_process_common+0x10/0x10\n ? __rcu_read_unlock+0x69/0xa0\n ? __pfx_nfsd_dispatch+0x10/0x10\n ? svc_xprt_received+0xa1/0x120\n ? xdr_init_decode+0x11d/0x190\n svc_process+0x2a7/0x330\n svc_handle_xprt+0x69d/0x940\n svc_recv+0x180/0x2d0\n nfsd+0x168/0x200\n ? __pfx_nfsd+0x10/0x10\n kthread+0x1a2/0x1e0\n ? kthread+0xf4/0x1e0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nKernel panic - not syncing: kernel: panic_on_warn set ...\n\nClear acl_access/acl_default after posix_acl_release is called to prevent\nUAF from being triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21796",
"url": "https://www.suse.com/security/cve/CVE-2025-21796"
},
{
"category": "external",
"summary": "SUSE Bug 1238716 for CVE-2025-21796",
"url": "https://bugzilla.suse.com/1238716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: HWS, fix definer\u0027s HWS_SET32 macro for negative offset\n\nWhen bit offset for HWS_SET32 macro is negative,\nUBSAN complains about the shift-out-of-bounds:\n\n UBSAN: shift-out-of-bounds in\n drivers/net/ethernet/mellanox/mlx5/core/steering/hws/definer.c:177:2\n shift exponent -8 is negative",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21800",
"url": "https://www.suse.com/security/cve/CVE-2025-21800"
},
{
"category": "external",
"summary": "SUSE Bug 1238743 for CVE-2025-21800",
"url": "https://bugzilla.suse.com/1238743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21800"
},
{
"cve": "CVE-2025-21806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21806"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: let net.core.dev_weight always be non-zero\n\nThe following problem was encountered during stability test:\n\n(NULL net_device): NAPI poll function process_backlog+0x0/0x530 \\\n\treturned 1, exceeding its budget of 0.\n------------[ cut here ]------------\nlist_add double add: new=ffff88905f746f48, prev=ffff88905f746f48, \\\n\tnext=ffff88905f746e40.\nWARNING: CPU: 18 PID: 5462 at lib/list_debug.c:35 \\\n\t__list_add_valid_or_report+0xf3/0x130\nCPU: 18 UID: 0 PID: 5462 Comm: ping Kdump: loaded Not tainted 6.13.0-rc7+\nRIP: 0010:__list_add_valid_or_report+0xf3/0x130\nCall Trace:\n? __warn+0xcd/0x250\n? __list_add_valid_or_report+0xf3/0x130\nenqueue_to_backlog+0x923/0x1070\nnetif_rx_internal+0x92/0x2b0\n__netif_rx+0x15/0x170\nloopback_xmit+0x2ef/0x450\ndev_hard_start_xmit+0x103/0x490\n__dev_queue_xmit+0xeac/0x1950\nip_finish_output2+0x6cc/0x1620\nip_output+0x161/0x270\nip_push_pending_frames+0x155/0x1a0\nraw_sendmsg+0xe13/0x1550\n__sys_sendto+0x3bf/0x4e0\n__x64_sys_sendto+0xdc/0x1b0\ndo_syscall_64+0x5b/0x170\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe reproduction command is as follows:\n sysctl -w net.core.dev_weight=0\n ping 127.0.0.1\n\nThis is because when the napi\u0027s weight is set to 0, process_backlog() may\nreturn 0 and clear the NAPI_STATE_SCHED bit of napi-\u003estate, causing this\nnapi to be re-polled in net_rx_action() until __do_softirq() times out.\nSince the NAPI_STATE_SCHED bit has been cleared, napi_schedule_rps() can\nbe retriggered in enqueue_to_backlog(), causing this issue.\n\nMaking the napi\u0027s weight always non-zero solves this problem.\n\nTriggering this issue requires system-wide admin (setting is\nnot namespaced).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21806",
"url": "https://www.suse.com/security/cve/CVE-2025-21806"
},
{
"category": "external",
"summary": "SUSE Bug 1238746 for CVE-2025-21806",
"url": "https://bugzilla.suse.com/1238746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21806"
},
{
"cve": "CVE-2025-21808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21808"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: xdp: Disallow attaching device-bound programs in generic mode\n\nDevice-bound programs are used to support RX metadata kfuncs. These\nkfuncs are driver-specific and rely on the driver context to read the\nmetadata. This means they can\u0027t work in generic XDP mode. However, there\nis no check to disallow such programs from being attached in generic\nmode, in which case the metadata kfuncs will be called in an invalid\ncontext, leading to crashes.\n\nFix this by adding a check to disallow attaching device-bound programs\nin generic mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21808",
"url": "https://www.suse.com/security/cve/CVE-2025-21808"
},
{
"category": "external",
"summary": "SUSE Bug 1238742 for CVE-2025-21808",
"url": "https://bugzilla.suse.com/1238742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21808"
},
{
"cve": "CVE-2025-21812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: rcu protect dev-\u003eax25_ptr\n\nsyzbot found a lockdep issue [1].\n\nWe should remove ax25 RTNL dependency in ax25_setsockopt()\n\nThis should also fix a variety of possible UAF in ax25.\n\n[1]\n\nWARNING: possible circular locking dependency detected\n6.13.0-rc3-syzkaller-00762-g9268abe611b0 #0 Not tainted\n------------------------------------------------------\nsyz.5.1818/12806 is trying to acquire lock:\n ffffffff8fcb3988 (rtnl_mutex){+.+.}-{4:4}, at: ax25_setsockopt+0xa55/0xe90 net/ax25/af_ax25.c:680\n\nbut task is already holding lock:\n ffff8880617ac258 (sk_lock-AF_AX25){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1618 [inline]\n ffff8880617ac258 (sk_lock-AF_AX25){+.+.}-{0:0}, at: ax25_setsockopt+0x209/0xe90 net/ax25/af_ax25.c:574\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (sk_lock-AF_AX25){+.+.}-{0:0}:\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5849\n lock_sock_nested+0x48/0x100 net/core/sock.c:3642\n lock_sock include/net/sock.h:1618 [inline]\n ax25_kill_by_device net/ax25/af_ax25.c:101 [inline]\n ax25_device_event+0x24d/0x580 net/ax25/af_ax25.c:146\n notifier_call_chain+0x1a5/0x3f0 kernel/notifier.c:85\n __dev_notify_flags+0x207/0x400\n dev_change_flags+0xf0/0x1a0 net/core/dev.c:9026\n dev_ifsioc+0x7c8/0xe70 net/core/dev_ioctl.c:563\n dev_ioctl+0x719/0x1340 net/core/dev_ioctl.c:820\n sock_do_ioctl+0x240/0x460 net/socket.c:1234\n sock_ioctl+0x626/0x8e0 net/socket.c:1339\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n-\u003e #0 (rtnl_mutex){+.+.}-{4:4}:\n check_prev_add kernel/locking/lockdep.c:3161 [inline]\n check_prevs_add kernel/locking/lockdep.c:3280 [inline]\n validate_chain+0x18ef/0x5920 kernel/locking/lockdep.c:3904\n __lock_acquire+0x1397/0x2100 kernel/locking/lockdep.c:5226\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5849\n __mutex_lock_common kernel/locking/mutex.c:585 [inline]\n __mutex_lock+0x1ac/0xee0 kernel/locking/mutex.c:735\n ax25_setsockopt+0xa55/0xe90 net/ax25/af_ax25.c:680\n do_sock_setsockopt+0x3af/0x720 net/socket.c:2324\n __sys_setsockopt net/socket.c:2349 [inline]\n __do_sys_setsockopt net/socket.c:2355 [inline]\n __se_sys_setsockopt net/socket.c:2352 [inline]\n __x64_sys_setsockopt+0x1ee/0x280 net/socket.c:2352\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nother info that might help us debug this:\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(sk_lock-AF_AX25);\n lock(rtnl_mutex);\n lock(sk_lock-AF_AX25);\n lock(rtnl_mutex);\n\n *** DEADLOCK ***\n\n1 lock held by syz.5.1818/12806:\n #0: ffff8880617ac258 (sk_lock-AF_AX25){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1618 [inline]\n #0: ffff8880617ac258 (sk_lock-AF_AX25){+.+.}-{0:0}, at: ax25_setsockopt+0x209/0xe90 net/ax25/af_ax25.c:574\n\nstack backtrace:\nCPU: 1 UID: 0 PID: 12806 Comm: syz.5.1818 Not tainted 6.13.0-rc3-syzkaller-00762-g9268abe611b0 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_circular_bug+0x13a/0x1b0 kernel/locking/lockdep.c:2074\n check_noncircular+0x36a/0x4a0 kernel/locking/lockdep.c:2206\n check_prev_add kernel/locking/lockdep.c:3161 [inline]\n check_prevs_add kernel/lockin\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21812",
"url": "https://www.suse.com/security/cve/CVE-2025-21812"
},
{
"category": "external",
"summary": "SUSE Bug 1238471 for CVE-2025-21812",
"url": "https://bugzilla.suse.com/1238471"
},
{
"category": "external",
"summary": "SUSE Bug 1240736 for CVE-2025-21812",
"url": "https://bugzilla.suse.com/1240736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-21812"
},
{
"cve": "CVE-2025-21814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: Ensure info-\u003eenable callback is always set\n\nThe ioctl and sysfs handlers unconditionally call the -\u003eenable callback.\nNot all drivers implement that callback, leading to NULL dereferences.\nExample of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c.\n\nInstead use a dummy callback if no better was specified by the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21814",
"url": "https://www.suse.com/security/cve/CVE-2025-21814"
},
{
"category": "external",
"summary": "SUSE Bug 1238473 for CVE-2025-21814",
"url": "https://bugzilla.suse.com/1238473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21814"
},
{
"cve": "CVE-2025-21821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omap: use threaded IRQ for LCD DMA\n\nWhen using touchscreen and framebuffer, Nokia 770 crashes easily with:\n\n BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000\n Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd\n CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2\n Hardware name: Nokia 770\n Call trace:\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x54/0x5c\n dump_stack_lvl from __schedule_bug+0x50/0x70\n __schedule_bug from __schedule+0x4d4/0x5bc\n __schedule from schedule+0x34/0xa0\n schedule from schedule_preempt_disabled+0xc/0x10\n schedule_preempt_disabled from __mutex_lock.constprop.0+0x218/0x3b4\n __mutex_lock.constprop.0 from clk_prepare_lock+0x38/0xe4\n clk_prepare_lock from clk_set_rate+0x18/0x154\n clk_set_rate from sossi_read_data+0x4c/0x168\n sossi_read_data from hwa742_read_reg+0x5c/0x8c\n hwa742_read_reg from send_frame_handler+0xfc/0x300\n send_frame_handler from process_pending_requests+0x74/0xd0\n process_pending_requests from lcd_dma_irq_handler+0x50/0x74\n lcd_dma_irq_handler from __handle_irq_event_percpu+0x44/0x130\n __handle_irq_event_percpu from handle_irq_event+0x28/0x68\n handle_irq_event from handle_level_irq+0x9c/0x170\n handle_level_irq from generic_handle_domain_irq+0x2c/0x3c\n generic_handle_domain_irq from omap1_handle_irq+0x40/0x8c\n omap1_handle_irq from generic_handle_arch_irq+0x28/0x3c\n generic_handle_arch_irq from call_with_stack+0x1c/0x24\n call_with_stack from __irq_svc+0x94/0xa8\n Exception stack(0xc5255da0 to 0xc5255de8)\n 5da0: 00000001 c22fc620 00000000 00000000 c08384a8 c106fc00 00000000 c240c248\n 5dc0: c113a600 c3f6ec30 00000001 00000000 c22fc620 c5255df0 c22fc620 c0279a94\n 5de0: 60000013 ffffffff\n __irq_svc from clk_prepare_lock+0x4c/0xe4\n clk_prepare_lock from clk_get_rate+0x10/0x74\n clk_get_rate from uwire_setup_transfer+0x40/0x180\n uwire_setup_transfer from spi_bitbang_transfer_one+0x2c/0x9c\n spi_bitbang_transfer_one from spi_transfer_one_message+0x2d0/0x664\n spi_transfer_one_message from __spi_pump_transfer_message+0x29c/0x498\n __spi_pump_transfer_message from __spi_sync+0x1f8/0x2e8\n __spi_sync from spi_sync+0x24/0x40\n spi_sync from ads7846_halfd_read_state+0x5c/0x1c0\n ads7846_halfd_read_state from ads7846_irq+0x58/0x348\n ads7846_irq from irq_thread_fn+0x1c/0x78\n irq_thread_fn from irq_thread+0x120/0x228\n irq_thread from kthread+0xc8/0xe8\n kthread from ret_from_fork+0x14/0x28\n\nAs a quick fix, switch to a threaded IRQ which provides a stable system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21821",
"url": "https://www.suse.com/security/cve/CVE-2025-21821"
},
{
"category": "external",
"summary": "SUSE Bug 1239174 for CVE-2025-21821",
"url": "https://bugzilla.suse.com/1239174"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21821"
},
{
"cve": "CVE-2025-21832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don\u0027t revert iter for -EIOCBQUEUED\n\nblkdev_read_iter() has a few odd checks, like gating the position and\ncount adjustment on whether or not the result is bigger-than-or-equal to\nzero (where bigger than makes more sense), and not checking the return\nvalue of blkdev_direct_IO() before doing an iov_iter_revert(). The\nlatter can lead to attempting to revert with a negative value, which\nwhen passed to iov_iter_revert() as an unsigned value will lead to\nthrowing a WARN_ON() because unroll is bigger than MAX_RW_COUNT.\n\nBe sane and don\u0027t revert for -EIOCBQUEUED, like what is done in other\nspots.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21832",
"url": "https://www.suse.com/security/cve/CVE-2025-21832"
},
{
"category": "external",
"summary": "SUSE Bug 1239105 for CVE-2025-21832",
"url": "https://bugzilla.suse.com/1239105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21832"
},
{
"cve": "CVE-2025-21833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Avoid use of NULL after WARN_ON_ONCE\n\nThere is a WARN_ON_ONCE to catch an unlikely situation when\ndomain_remove_dev_pasid can\u0027t find the `pasid`. In case it nevertheless\nhappens we must avoid using a NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21833",
"url": "https://www.suse.com/security/cve/CVE-2025-21833"
},
{
"category": "external",
"summary": "SUSE Bug 1239108 for CVE-2025-21833",
"url": "https://bugzilla.suse.com/1239108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21833"
},
{
"cve": "CVE-2025-21836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/kbuf: reallocate buf lists on upgrade\n\nIORING_REGISTER_PBUF_RING can reuse an old struct io_buffer_list if it\nwas created for legacy selected buffer and has been emptied. It violates\nthe requirement that most of the field should stay stable after publish.\nAlways reallocate it instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21836",
"url": "https://www.suse.com/security/cve/CVE-2025-21836"
},
{
"category": "external",
"summary": "SUSE Bug 1239066 for CVE-2025-21836",
"url": "https://bugzilla.suse.com/1239066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21836"
},
{
"cve": "CVE-2025-21837",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21837"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21837",
"url": "https://www.suse.com/security/cve/CVE-2025-21837"
},
{
"category": "external",
"summary": "SUSE Bug 1239064 for CVE-2025-21837",
"url": "https://bugzilla.suse.com/1239064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21837"
},
{
"cve": "CVE-2025-21844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Add check for next_buffer in receive_encrypted_standard()\n\nAdd check for the return value of cifs_buf_get() and cifs_small_buf_get()\nin receive_encrypted_standard() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21844",
"url": "https://www.suse.com/security/cve/CVE-2025-21844"
},
{
"category": "external",
"summary": "SUSE Bug 1239512 for CVE-2025-21844",
"url": "https://bugzilla.suse.com/1239512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21844"
},
{
"cve": "CVE-2025-21846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacct: perform last write from workqueue\n\nIn [1] it was reported that the acct(2) system call can be used to\ntrigger NULL deref in cases where it is set to write to a file that\ntriggers an internal lookup. This can e.g., happen when pointing acc(2)\nto /sys/power/resume. At the point the where the write to this file\nhappens the calling task has already exited and called exit_fs(). A\nlookup will thus trigger a NULL-deref when accessing current-\u003efs.\n\nReorganize the code so that the the final write happens from the\nworkqueue but with the caller\u0027s credentials. This preserves the\n(strange) permission model and has almost no regression risk.\n\nThis api should stop to exist though.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21846",
"url": "https://www.suse.com/security/cve/CVE-2025-21846"
},
{
"category": "external",
"summary": "SUSE Bug 1239508 for CVE-2025-21846",
"url": "https://bugzilla.suse.com/1239508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21846"
},
{
"cve": "CVE-2025-21847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()\n\nThe nullity of sps-\u003ecstream should be checked similarly as it is done in\nsof_set_stream_data_offset() function.\nAssuming that it is not NULL if sps-\u003estream is NULL is incorrect and can\nlead to NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21847",
"url": "https://www.suse.com/security/cve/CVE-2025-21847"
},
{
"category": "external",
"summary": "SUSE Bug 1239471 for CVE-2025-21847",
"url": "https://bugzilla.suse.com/1239471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21847"
},
{
"cve": "CVE-2025-21848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: bpf: Add check for nfp_app_ctrl_msg_alloc()\n\nAdd check for the return value of nfp_app_ctrl_msg_alloc() in\nnfp_bpf_cmsg_alloc() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21848",
"url": "https://www.suse.com/security/cve/CVE-2025-21848"
},
{
"category": "external",
"summary": "SUSE Bug 1239479 for CVE-2025-21848",
"url": "https://bugzilla.suse.com/1239479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: Fix crash when a namespace is disabled\n\nThe namespace percpu counter protects pending I/O, and we can\nonly safely diable the namespace once the counter drop to zero.\nOtherwise we end up with a crash when running blktests/nvme/058\n(eg for loop transport):\n\n[ 2352.930426] [ T53909] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 2352.930431] [ T53909] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n[ 2352.930434] [ T53909] CPU: 3 UID: 0 PID: 53909 Comm: kworker/u16:5 Tainted: G W 6.13.0-rc6 #232\n[ 2352.930438] [ T53909] Tainted: [W]=WARN\n[ 2352.930440] [ T53909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\n[ 2352.930443] [ T53909] Workqueue: nvmet-wq nvme_loop_execute_work [nvme_loop]\n[ 2352.930449] [ T53909] RIP: 0010:blkcg_set_ioprio+0x44/0x180\n\nas the queue is already torn down when calling submit_bio();\n\nSo we need to init the percpu counter in nvmet_ns_enable(), and\nwait for it to drop to zero in nvmet_ns_disable() to avoid having\nI/O pending after the namespace has been disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21850",
"url": "https://www.suse.com/security/cve/CVE-2025-21850"
},
{
"category": "external",
"summary": "SUSE Bug 1239477 for CVE-2025-21850",
"url": "https://bugzilla.suse.com/1239477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21850"
},
{
"cve": "CVE-2025-21852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Add rx_skb of kfree_skb to raw_tp_null_args[].\n\nYan Zhai reported a BPF prog could trigger a null-ptr-deref [0]\nin trace_kfree_skb if the prog does not check if rx_sk is NULL.\n\nCommit c53795d48ee8 (\"net: add rx_sk to trace_kfree_skb\") added\nrx_sk to trace_kfree_skb, but rx_sk is optional and could be NULL.\n\nLet\u0027s add kfree_skb to raw_tp_null_args[] to let the BPF verifier\nvalidate such a prog and prevent the issue.\n\nNow we fail to load such a prog:\n\n libbpf: prog \u0027drop\u0027: -- BEGIN PROG LOAD LOG --\n 0: R1=ctx() R10=fp0\n ; int BPF_PROG(drop, struct sk_buff *skb, void *location, @ kfree_skb_sk_null.bpf.c:21\n 0: (79) r3 = *(u64 *)(r1 +24)\n func \u0027kfree_skb\u0027 arg3 has btf_id 5253 type STRUCT \u0027sock\u0027\n 1: R1=ctx() R3_w=trusted_ptr_or_null_sock(id=1)\n ; bpf_printk(\"sk: %d, %d\\n\", sk, sk-\u003e__sk_common.skc_family); @ kfree_skb_sk_null.bpf.c:24\n 1: (69) r4 = *(u16 *)(r3 +16)\n R3 invalid mem access \u0027trusted_ptr_or_null_\u0027\n processed 2 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0\n -- END PROG LOAD LOG --\n\nNote this fix requires commit 838a10bd2ebf (\"bpf: Augment raw_tp\narguments with PTR_MAYBE_NULL\").\n\n[0]:\nBUG: kernel NULL pointer dereference, address: 0000000000000010\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 0 P4D 0\nPREEMPT SMP\nRIP: 0010:bpf_prog_5e21a6db8fcff1aa_drop+0x10/0x2d\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x1f/0x60\n ? page_fault_oops+0x148/0x420\n ? search_bpf_extables+0x5b/0x70\n ? fixup_exception+0x27/0x2c0\n ? exc_page_fault+0x75/0x170\n ? asm_exc_page_fault+0x22/0x30\n ? bpf_prog_5e21a6db8fcff1aa_drop+0x10/0x2d\n bpf_trace_run4+0x68/0xd0\n ? unix_stream_connect+0x1f4/0x6f0\n sk_skb_reason_drop+0x90/0x120\n unix_stream_connect+0x1f4/0x6f0\n __sys_connect+0x7f/0xb0\n __x64_sys_connect+0x14/0x20\n do_syscall_64+0x47/0xc30\n entry_SYSCALL_64_after_hwframe+0x4b/0x53",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21852",
"url": "https://www.suse.com/security/cve/CVE-2025-21852"
},
{
"category": "external",
"summary": "SUSE Bug 1239487 for CVE-2025-21852",
"url": "https://bugzilla.suse.com/1239487"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21852"
},
{
"cve": "CVE-2025-21853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: avoid holding freeze_mutex during mmap operation\n\nWe use map-\u003efreeze_mutex to prevent races between map_freeze() and\nmemory mapping BPF map contents with writable permissions. The way we\nnaively do this means we\u0027ll hold freeze_mutex for entire duration of all\nthe mm and VMA manipulations, which is completely unnecessary. This can\npotentially also lead to deadlocks, as reported by syzbot in [0].\n\nSo, instead, hold freeze_mutex only during writeability checks, bump\n(proactively) \"write active\" count for the map, unlock the mutex and\nproceed with mmap logic. And only if something went wrong during mmap\nlogic, then undo that \"write active\" counter increment.\n\n [0] https://lore.kernel.org/bpf/678dcbc9.050a0220.303755.0066.GAE@google.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21853",
"url": "https://www.suse.com/security/cve/CVE-2025-21853"
},
{
"category": "external",
"summary": "SUSE Bug 1239476 for CVE-2025-21853",
"url": "https://bugzilla.suse.com/1239476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21853"
},
{
"cve": "CVE-2025-21854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsockmap, vsock: For connectible sockets allow only connected\n\nsockmap expects all vsocks to have a transport assigned, which is expressed\nin vsock_proto::psock_update_sk_prot(). However, there is an edge case\nwhere an unconnected (connectible) socket may lose its previously assigned\ntransport. This is handled with a NULL check in the vsock/BPF recv path.\n\nAnother design detail is that listening vsocks are not supposed to have any\ntransport assigned at all. Which implies they are not supported by the\nsockmap. But this is complicated by the fact that a socket, before\nswitching to TCP_LISTEN, may have had some transport assigned during a\nfailed connect() attempt. Hence, we may end up with a listening vsock in a\nsockmap, which blows up quickly:\n\nKASAN: null-ptr-deref in range [0x0000000000000120-0x0000000000000127]\nCPU: 7 UID: 0 PID: 56 Comm: kworker/7:0 Not tainted 6.14.0-rc1+\nWorkqueue: vsock-loopback vsock_loopback_work\nRIP: 0010:vsock_read_skb+0x4b/0x90\nCall Trace:\n sk_psock_verdict_data_ready+0xa4/0x2e0\n virtio_transport_recv_pkt+0x1ca8/0x2acc\n vsock_loopback_work+0x27d/0x3f0\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x35a/0x700\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n\nFor connectible sockets, instead of relying solely on the state of\nvsk-\u003etransport, tell sockmap to only allow those representing established\nconnections. This aligns with the behaviour for AF_INET and AF_UNIX.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21854",
"url": "https://www.suse.com/security/cve/CVE-2025-21854"
},
{
"category": "external",
"summary": "SUSE Bug 1239470 for CVE-2025-21854",
"url": "https://bugzilla.suse.com/1239470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21854"
},
{
"cve": "CVE-2025-21855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Don\u0027t reference skb after sending to VIOS\n\nPreviously, after successfully flushing the xmit buffer to VIOS,\nthe tx_bytes stat was incremented by the length of the skb.\n\nIt is invalid to access the skb memory after sending the buffer to\nthe VIOS because, at any point after sending, the VIOS can trigger\nan interrupt to free this memory. A race between reading skb-\u003elen\nand freeing the skb is possible (especially during LPM) and will\nresult in use-after-free:\n ==================================================================\n BUG: KASAN: slab-use-after-free in ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n Read of size 4 at addr c00000024eb48a70 by task hxecom/14495\n \u003c...\u003e\n Call Trace:\n [c000000118f66cf0] [c0000000018cba6c] dump_stack_lvl+0x84/0xe8 (unreliable)\n [c000000118f66d20] [c0000000006f0080] print_report+0x1a8/0x7f0\n [c000000118f66df0] [c0000000006f08f0] kasan_report+0x128/0x1f8\n [c000000118f66f00] [c0000000006f2868] __asan_load4+0xac/0xe0\n [c000000118f66f20] [c0080000046eac84] ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n [c000000118f67340] [c0000000014be168] dev_hard_start_xmit+0x150/0x358\n \u003c...\u003e\n Freed by task 0:\n kasan_save_stack+0x34/0x68\n kasan_save_track+0x2c/0x50\n kasan_save_free_info+0x64/0x108\n __kasan_mempool_poison_object+0x148/0x2d4\n napi_skb_cache_put+0x5c/0x194\n net_tx_action+0x154/0x5b8\n handle_softirqs+0x20c/0x60c\n do_softirq_own_stack+0x6c/0x88\n \u003c...\u003e\n The buggy address belongs to the object at c00000024eb48a00 which\n belongs to the cache skbuff_head_cache of size 224\n==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21855",
"url": "https://www.suse.com/security/cve/CVE-2025-21855"
},
{
"category": "external",
"summary": "SUSE Bug 1239484 for CVE-2025-21855",
"url": "https://bugzilla.suse.com/1239484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21855"
},
{
"cve": "CVE-2025-21856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ism: add release function for struct device\n\nAccording to device_release() in /drivers/base/core.c,\na device without a release function is a broken device\nand must be fixed.\n\nThe current code directly frees the device after calling device_add()\nwithout waiting for other kernel parts to release their references.\nThus, a reference could still be held to a struct device,\ne.g., by sysfs, leading to potential use-after-free\nissues if a proper release function is not set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21856",
"url": "https://www.suse.com/security/cve/CVE-2025-21856"
},
{
"category": "external",
"summary": "SUSE Bug 1239486 for CVE-2025-21856",
"url": "https://bugzilla.suse.com/1239486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21856"
},
{
"cve": "CVE-2025-21857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_api: fix error handling causing NULL dereference\n\ntcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can\nreturn 1 if the allocation succeeded after wrapping. This was treated as\nan error, with value 1 returned to caller tcf_exts_init_ex() which sets\nexts-\u003eactions to NULL and returns 1 to caller fl_change().\n\nfl_change() treats err == 1 as success, calling tcf_exts_validate_ex()\nwhich calls tcf_action_init() with exts-\u003eactions as argument, where it\nis dereferenced.\n\nExample trace:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCPU: 114 PID: 16151 Comm: handler114 Kdump: loaded Not tainted 5.14.0-503.16.1.el9_5.x86_64 #1\nRIP: 0010:tcf_action_init+0x1f8/0x2c0\nCall Trace:\n tcf_action_init+0x1f8/0x2c0\n tcf_exts_validate_ex+0x175/0x190\n fl_change+0x537/0x1120 [cls_flower]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21857",
"url": "https://www.suse.com/security/cve/CVE-2025-21857"
},
{
"category": "external",
"summary": "SUSE Bug 1239478 for CVE-2025-21857",
"url": "https://bugzilla.suse.com/1239478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21857"
},
{
"cve": "CVE-2025-21858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: Fix use-after-free in geneve_find_dev().\n\nsyzkaller reported a use-after-free in geneve_find_dev() [0]\nwithout repro.\n\ngeneve_configure() links struct geneve_dev.next to\nnet_generic(net, geneve_net_id)-\u003egeneve_list.\n\nThe net here could differ from dev_net(dev) if IFLA_NET_NS_PID,\nIFLA_NET_NS_FD, or IFLA_TARGET_NETNSID is set.\n\nWhen dev_net(dev) is dismantled, geneve_exit_batch_rtnl() finally\ncalls unregister_netdevice_queue() for each dev in the netns,\nand later the dev is freed.\n\nHowever, its geneve_dev.next is still linked to the backend UDP\nsocket netns.\n\nThen, use-after-free will occur when another geneve dev is created\nin the netns.\n\nLet\u0027s call geneve_dellink() instead in geneve_destroy_tunnels().\n\n[0]:\nBUG: KASAN: slab-use-after-free in geneve_find_dev drivers/net/geneve.c:1295 [inline]\nBUG: KASAN: slab-use-after-free in geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\nRead of size 2 at addr ffff000054d6ee24 by task syz.1.4029/13441\n\nCPU: 1 UID: 0 PID: 13441 Comm: syz.1.4029 Not tainted 6.13.0-g0ad9617c78ac #24 dc35ca22c79fb82e8e7bc5c9c9adafea898b1e3d\nHardware name: linux,dummy-virt (DT)\nCall trace:\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\n __asan_report_load2_noabort+0x20/0x30 mm/kasan/report_generic.c:379\n geneve_find_dev drivers/net/geneve.c:1295 [inline]\n geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\n geneve_newlink+0xb8/0x128 drivers/net/geneve.c:1634\n rtnl_newlink_create+0x23c/0x868 net/core/rtnetlink.c:3795\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:713 [inline]\n __sock_sendmsg net/socket.c:728 [inline]\n ____sys_sendmsg+0x410/0x6f8 net/socket.c:2568\n ___sys_sendmsg+0x178/0x1d8 net/socket.c:2622\n __sys_sendmsg net/socket.c:2654 [inline]\n __do_sys_sendmsg net/socket.c:2659 [inline]\n __se_sys_sendmsg net/socket.c:2657 [inline]\n __arm64_sys_sendmsg+0x12c/0x1c8 net/socket.c:2657\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\n el0_svc+0x4c/0xa8 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x1a0 arch/arm64/kernel/entry.S:600\n\nAllocated by task 13247:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4298 [inline]\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4304\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:645\n alloc_netdev_mqs+0xb8/0x11a0 net/core/dev.c:11470\n rtnl_create_link+0x2b8/0xb50 net/core/rtnetlink.c:3604\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3780\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21858",
"url": "https://www.suse.com/security/cve/CVE-2025-21858"
},
{
"category": "external",
"summary": "SUSE Bug 1239468 for CVE-2025-21858",
"url": "https://bugzilla.suse.com/1239468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21858"
},
{
"cve": "CVE-2025-21859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: f_midi: f_midi_complete to call queue_work\n\nWhen using USB MIDI, a lock is attempted to be acquired twice through a\nre-entrant call to f_midi_transmit, causing a deadlock.\n\nFix it by using queue_work() to schedule the inner f_midi_transmit() via\na high priority work queue from the completion handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21859",
"url": "https://www.suse.com/security/cve/CVE-2025-21859"
},
{
"category": "external",
"summary": "SUSE Bug 1239467 for CVE-2025-21859",
"url": "https://bugzilla.suse.com/1239467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21859"
},
{
"cve": "CVE-2025-21861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate_device: don\u0027t add folio to be freed to LRU in migrate_device_finalize()\n\nIf migration succeeded, we called\nfolio_migrate_flags()-\u003emem_cgroup_migrate() to migrate the memcg from the\nold to the new folio. This will set memcg_data of the old folio to 0.\n\nSimilarly, if migration failed, memcg_data of the dst folio is left unset.\n\nIf we call folio_putback_lru() on such folios (memcg_data == 0), we will\nadd the folio to be freed to the LRU, making memcg code unhappy. Running\nthe hmm selftests:\n\n # ./hmm-tests\n ...\n # RUN hmm.hmm_device_private.migrate ...\n [ 102.078007][T14893] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7ff27d200 pfn:0x13cc00\n [ 102.079974][T14893] anon flags: 0x17ff00000020018(uptodate|dirty|swapbacked|node=0|zone=2|lastcpupid=0x7ff)\n [ 102.082037][T14893] raw: 017ff00000020018 dead000000000100 dead000000000122 ffff8881353896c9\n [ 102.083687][T14893] raw: 00000007ff27d200 0000000000000000 00000001ffffffff 0000000000000000\n [ 102.085331][T14893] page dumped because: VM_WARN_ON_ONCE_FOLIO(!memcg \u0026\u0026 !mem_cgroup_disabled())\n [ 102.087230][T14893] ------------[ cut here ]------------\n [ 102.088279][T14893] WARNING: CPU: 0 PID: 14893 at ./include/linux/memcontrol.h:726 folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.090478][T14893] Modules linked in:\n [ 102.091244][T14893] CPU: 0 UID: 0 PID: 14893 Comm: hmm-tests Not tainted 6.13.0-09623-g6c216bc522fd #151\n [ 102.093089][T14893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n [ 102.094848][T14893] RIP: 0010:folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.096104][T14893] Code: ...\n [ 102.099908][T14893] RSP: 0018:ffffc900236c37b0 EFLAGS: 00010293\n [ 102.101152][T14893] RAX: 0000000000000000 RBX: ffffea0004f30000 RCX: ffffffff8183f426\n [ 102.102684][T14893] RDX: ffff8881063cb880 RSI: ffffffff81b8117f RDI: ffff8881063cb880\n [ 102.104227][T14893] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000\n [ 102.105757][T14893] R10: 0000000000000001 R11: 0000000000000002 R12: ffffc900236c37d8\n [ 102.107296][T14893] R13: ffff888277a2bcb0 R14: 000000000000001f R15: 0000000000000000\n [ 102.108830][T14893] FS: 00007ff27dbdd740(0000) GS:ffff888277a00000(0000) knlGS:0000000000000000\n [ 102.110643][T14893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 102.111924][T14893] CR2: 00007ff27d400000 CR3: 000000010866e000 CR4: 0000000000750ef0\n [ 102.113478][T14893] PKRU: 55555554\n [ 102.114172][T14893] Call Trace:\n [ 102.114805][T14893] \u003cTASK\u003e\n [ 102.115397][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.116547][T14893] ? __warn.cold+0x110/0x210\n [ 102.117461][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.118667][T14893] ? report_bug+0x1b9/0x320\n [ 102.119571][T14893] ? handle_bug+0x54/0x90\n [ 102.120494][T14893] ? exc_invalid_op+0x17/0x50\n [ 102.121433][T14893] ? asm_exc_invalid_op+0x1a/0x20\n [ 102.122435][T14893] ? __wake_up_klogd.part.0+0x76/0xd0\n [ 102.123506][T14893] ? dump_page+0x4f/0x60\n [ 102.124352][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.125500][T14893] folio_batch_move_lru+0xd4/0x200\n [ 102.126577][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.127505][T14893] __folio_batch_add_and_move+0x391/0x720\n [ 102.128633][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.129550][T14893] folio_putback_lru+0x16/0x80\n [ 102.130564][T14893] migrate_device_finalize+0x9b/0x530\n [ 102.131640][T14893] dmirror_migrate_to_device.constprop.0+0x7c5/0xad0\n [ 102.133047][T14893] dmirror_fops_unlocked_ioctl+0x89b/0xc80\n\nLikely, nothing else goes wrong: putting the last folio reference will\nremove the folio from the LRU again. So besides memcg complaining, adding\nthe folio to be freed to the LRU is just an unnecessary step.\n\nThe new flow resembles what we have in migrate_folio_move(): add the dst\nto the lru, rem\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21861",
"url": "https://www.suse.com/security/cve/CVE-2025-21861"
},
{
"category": "external",
"summary": "SUSE Bug 1239483 for CVE-2025-21861",
"url": "https://bugzilla.suse.com/1239483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21861"
},
{
"cve": "CVE-2025-21862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: fix incorrect initialization order\n\nSyzkaller reports the following bug:\n\nBUG: spinlock bad magic on CPU#1, syz-executor.0/7995\n lock: 0xffff88805303f3e0, .magic: 00000000, .owner: \u003cnone\u003e/-1, .owner_cpu: 0\nCPU: 1 PID: 7995 Comm: syz-executor.0 Tainted: G E 5.10.209+ #1\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x119/0x179 lib/dump_stack.c:118\n debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline]\n do_raw_spin_lock+0x1f6/0x270 kernel/locking/spinlock_debug.c:112\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]\n _raw_spin_lock_irqsave+0x50/0x70 kernel/locking/spinlock.c:159\n reset_per_cpu_data+0xe6/0x240 [drop_monitor]\n net_dm_cmd_trace+0x43d/0x17a0 [drop_monitor]\n genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2497\n genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x914/0xe00 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:651 [inline]\n __sock_sendmsg+0x157/0x190 net/socket.c:663\n ____sys_sendmsg+0x712/0x870 net/socket.c:2378\n ___sys_sendmsg+0xf8/0x170 net/socket.c:2432\n __sys_sendmsg+0xea/0x1b0 net/socket.c:2461\n do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\nRIP: 0033:0x7f3f9815aee9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f3f972bf0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f3f9826d050 RCX: 00007f3f9815aee9\nRDX: 0000000020000000 RSI: 0000000020001300 RDI: 0000000000000007\nRBP: 00007f3f981b63bd R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f3f9826d050 R15: 00007ffe01ee6768\n\nIf drop_monitor is built as a kernel module, syzkaller may have time\nto send a netlink NET_DM_CMD_START message during the module loading.\nThis will call the net_dm_monitor_start() function that uses\na spinlock that has not yet been initialized.\n\nTo fix this, let\u0027s place resource initialization above the registration\nof a generic netlink family.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21862",
"url": "https://www.suse.com/security/cve/CVE-2025-21862"
},
{
"category": "external",
"summary": "SUSE Bug 1239474 for CVE-2025-21862",
"url": "https://bugzilla.suse.com/1239474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: prevent opcode speculation\n\nsqe-\u003eopcode is used for different tables, make sure we santitise it\nagainst speculations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21863",
"url": "https://www.suse.com/security/cve/CVE-2025-21863"
},
{
"category": "external",
"summary": "SUSE Bug 1239475 for CVE-2025-21863",
"url": "https://bugzilla.suse.com/1239475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21863"
},
{
"cve": "CVE-2025-21864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: drop secpath at the same time as we currently drop dst\n\nXiumei reported hitting the WARN in xfrm6_tunnel_net_exit while\nrunning tests that boil down to:\n - create a pair of netns\n - run a basic TCP test over ipcomp6\n - delete the pair of netns\n\nThe xfrm_state found on spi_byaddr was not deleted at the time we\ndelete the netns, because we still have a reference on it. This\nlingering reference comes from a secpath (which holds a ref on the\nxfrm_state), which is still attached to an skb. This skb is not\nleaked, it ends up on sk_receive_queue and then gets defer-free\u0027d by\nskb_attempt_defer_free.\n\nThe problem happens when we defer freeing an skb (push it on one CPU\u0027s\ndefer_list), and don\u0027t flush that list before the netns is deleted. In\nthat case, we still have a reference on the xfrm_state that we don\u0027t\nexpect at this point.\n\nWe already drop the skb\u0027s dst in the TCP receive path when it\u0027s no\nlonger needed, so let\u0027s also drop the secpath. At this point,\ntcp_filter has already called into the LSM hooks that may require the\nsecpath, so it should not be needed anymore. However, in some of those\nplaces, the MPTCP extension has just been attached to the skb, so we\ncannot simply drop all extensions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21864",
"url": "https://www.suse.com/security/cve/CVE-2025-21864"
},
{
"category": "external",
"summary": "SUSE Bug 1239482 for CVE-2025-21864",
"url": "https://bugzilla.suse.com/1239482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().\n\nBrad Spengler reported the list_del() corruption splat in\ngtp_net_exit_batch_rtnl(). [0]\n\nCommit eb28fd76c0a0 (\"gtp: Destroy device along with udp socket\u0027s netns\ndismantle.\") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl()\nto destroy devices in each netns as done in geneve and ip tunnels.\n\nHowever, this could trigger -\u003edellink() twice for the same device during\n-\u003eexit_batch_rtnl().\n\nSay we have two netns A \u0026 B and gtp device B that resides in netns B but\nwhose UDP socket is in netns A.\n\n 1. cleanup_net() processes netns A and then B.\n\n 2. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns A\u0027s gn-\u003egtp_dev_list and calls -\u003edellink().\n\n [ device B is not yet unlinked from netns B\n as unregister_netdevice_many() has not been called. ]\n\n 3. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns B\u0027s for_each_netdev() and calls -\u003edellink().\n\ngtp_dellink() cleans up the device\u0027s hash table, unlinks the dev from\ngn-\u003egtp_dev_list, and calls unregister_netdevice_queue().\n\nBasically, calling gtp_dellink() multiple times is fine unless\nCONFIG_DEBUG_LIST is enabled.\n\nLet\u0027s remove for_each_netdev() in gtp_net_exit_batch_rtnl() and\ndelegate the destruction to default_device_exit_batch() as done\nin bareudp.\n\n[0]:\nlist_del corruption, ffff8880aaa62c00-\u003enext (autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]) is LIST_POISON1 (ffffffffffffff02) (prev is 0xffffffffffffff04)\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN\nCPU: 1 UID: 0 PID: 1804 Comm: kworker/u8:7 Tainted: G T 6.12.13-grsec-full-20250211091339 #1\nTainted: [T]=RANDSTRUCT\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:[\u003cffffffff84947381\u003e] __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nCode: c2 76 91 31 c0 e8 9f b1 f7 fc 0f 0b 4d 89 f0 48 c7 c1 02 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 e0 c2 76 91 31 c0 e8 7f b1 f7 fc \u003c0f\u003e 0b 4d 89 e8 48 c7 c1 04 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 60\nRSP: 0018:fffffe8040b4fbd0 EFLAGS: 00010283\nRAX: 00000000000000cc RBX: dffffc0000000000 RCX: ffffffff818c4054\nRDX: ffffffff84947381 RSI: ffffffff818d1512 RDI: 0000000000000000\nRBP: ffff8880aaa62c00 R08: 0000000000000001 R09: fffffbd008169f32\nR10: fffffe8040b4f997 R11: 0000000000000001 R12: a1988d84f24943e4\nR13: ffffffffffffff02 R14: ffffffffffffff04 R15: ffff8880aaa62c08\nRBX: kasan shadow of 0x0\nRCX: __wake_up_klogd.part.0+0x74/0xe0 kernel/printk/printk.c:4554\nRDX: __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nRSI: vprintk+0x72/0x100 kernel/printk/printk_safe.c:71\nRBP: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]\nRSP: process kstack fffffe8040b4fbd0+0x7bd0/0x8000 [kworker/u8:7+netns 1804 ]\nR09: kasan shadow of process kstack fffffe8040b4f990+0x7990/0x8000 [kworker/u8:7+netns 1804 ]\nR10: process kstack fffffe8040b4f997+0x7997/0x8000 [kworker/u8:7+netns 1804 ]\nR15: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc08/0x1000 [slab object]\nFS: 0000000000000000(0000) GS:ffff888116000000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000748f5372c000 CR3: 0000000015408000 CR4: 00000000003406f0 shadow CR4: 00000000003406f0\nStack:\n 0000000000000000 ffffffff8a0c35e7 ffffffff8a0c3603 ffff8880aaa62c00\n ffff8880aaa62c00 0000000000000004 ffff88811145311c 0000000000000005\n 0000000000000001 ffff8880aaa62000 fffffe8040b4fd40 ffffffff8a0c360d\nCall Trace:\n \u003cTASK\u003e\n [\u003cffffffff8a0c360d\u003e] __list_del_entry_valid include/linux/list.h:131 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] __list_del_entry include/linux/list.h:248 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] list_del include/linux/list.h:262 [inl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21865",
"url": "https://www.suse.com/security/cve/CVE-2025-21865"
},
{
"category": "external",
"summary": "SUSE Bug 1239481 for CVE-2025-21865",
"url": "https://bugzilla.suse.com/1239481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-21866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC\n\nErhard reported the following KASAN hit while booting his PowerMac G4\nwith a KASAN-enabled kernel 6.13-rc6:\n\n BUG: KASAN: vmalloc-out-of-bounds in copy_to_kernel_nofault+0xd8/0x1c8\n Write of size 8 at addr f1000000 by task chronyd/1293\n\n CPU: 0 UID: 123 PID: 1293 Comm: chronyd Tainted: G W 6.13.0-rc6-PMacG4 #2\n Tainted: [W]=WARN\n Hardware name: PowerMac3,6 7455 0x80010303 PowerMac\n Call Trace:\n [c2437590] [c1631a84] dump_stack_lvl+0x70/0x8c (unreliable)\n [c24375b0] [c0504998] print_report+0xdc/0x504\n [c2437610] [c050475c] kasan_report+0xf8/0x108\n [c2437690] [c0505a3c] kasan_check_range+0x24/0x18c\n [c24376a0] [c03fb5e4] copy_to_kernel_nofault+0xd8/0x1c8\n [c24376c0] [c004c014] patch_instructions+0x15c/0x16c\n [c2437710] [c00731a8] bpf_arch_text_copy+0x60/0x7c\n [c2437730] [c0281168] bpf_jit_binary_pack_finalize+0x50/0xac\n [c2437750] [c0073cf4] bpf_int_jit_compile+0xb30/0xdec\n [c2437880] [c0280394] bpf_prog_select_runtime+0x15c/0x478\n [c24378d0] [c1263428] bpf_prepare_filter+0xbf8/0xc14\n [c2437990] [c12677ec] bpf_prog_create_from_user+0x258/0x2b4\n [c24379d0] [c027111c] do_seccomp+0x3dc/0x1890\n [c2437ac0] [c001d8e0] system_call_exception+0x2dc/0x420\n [c2437f30] [c00281ac] ret_from_syscall+0x0/0x2c\n --- interrupt: c00 at 0x5a1274\n NIP: 005a1274 LR: 006a3b3c CTR: 005296c8\n REGS: c2437f40 TRAP: 0c00 Tainted: G W (6.13.0-rc6-PMacG4)\n MSR: 0200f932 \u003cVEC,EE,PR,FP,ME,IR,DR,RI\u003e CR: 24004422 XER: 00000000\n\n GPR00: 00000166 af8f3fa0 a7ee3540 00000001 00000000 013b6500 005a5858 0200f932\n GPR08: 00000000 00001fe9 013d5fc8 005296c8 2822244c 00b2fcd8 00000000 af8f4b57\n GPR16: 00000000 00000001 00000000 00000000 00000000 00000001 00000000 00000002\n GPR24: 00afdbb0 00000000 00000000 00000000 006e0004 013ce060 006e7c1c 00000001\n NIP [005a1274] 0x5a1274\n LR [006a3b3c] 0x6a3b3c\n --- interrupt: c00\n\n The buggy address belongs to the virtual mapping at\n [f1000000, f1002000) created by:\n text_area_cpu_up+0x20/0x190\n\n The buggy address belongs to the physical page:\n page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x76e30\n flags: 0x80000000(zone=2)\n raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001\n raw: 00000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n f0ffff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n f0ffff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003ef1000000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n f1000080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n f1000100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ==================================================================\n\nf8 corresponds to KASAN_VMALLOC_INVALID which means the area is not\ninitialised hence not supposed to be used yet.\n\nPowerpc text patching infrastructure allocates a virtual memory area\nusing get_vm_area() and flags it as VM_ALLOC. But that flag is meant\nto be used for vmalloc() and vmalloc() allocated memory is not\nsupposed to be used before a call to __vmalloc_node_range() which is\nnever called for that area.\n\nThat went undetected until commit e4137f08816b (\"mm, kasan, kmsan:\ninstrument copy_from/to_kernel_nofault\")\n\nThe area allocated by text_area_cpu_up() is not vmalloc memory, it is\nmapped directly on demand when needed by map_kernel_page(). There is\nno VM flag corresponding to such usage, so just pass no flag. That way\nthe area will be unpoisonned and usable immediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21866",
"url": "https://www.suse.com/security/cve/CVE-2025-21866"
},
{
"category": "external",
"summary": "SUSE Bug 1239473 for CVE-2025-21866",
"url": "https://bugzilla.suse.com/1239473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21866"
},
{
"cve": "CVE-2025-21867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, test_run: Fix use-after-free issue in eth_skb_pkt_type()\n\nKMSAN reported a use-after-free issue in eth_skb_pkt_type()[1]. The\ncause of the issue was that eth_skb_pkt_type() accessed skb\u0027s data\nthat didn\u0027t contain an Ethernet header. This occurs when\nbpf_prog_test_run_xdp() passes an invalid value as the user_data\nargument to bpf_test_init().\n\nFix this by returning an error when user_data is less than ETH_HLEN in\nbpf_test_init(). Additionally, remove the check for \"if (user_size \u003e\nsize)\" as it is unnecessary.\n\n[1]\nBUG: KMSAN: use-after-free in eth_skb_pkt_type include/linux/etherdevice.h:627 [inline]\nBUG: KMSAN: use-after-free in eth_type_trans+0x4ee/0x980 net/ethernet/eth.c:165\n eth_skb_pkt_type include/linux/etherdevice.h:627 [inline]\n eth_type_trans+0x4ee/0x980 net/ethernet/eth.c:165\n __xdp_build_skb_from_frame+0x5a8/0xa50 net/core/xdp.c:635\n xdp_recv_frames net/bpf/test_run.c:272 [inline]\n xdp_test_run_batch net/bpf/test_run.c:361 [inline]\n bpf_test_run_xdp_live+0x2954/0x3330 net/bpf/test_run.c:390\n bpf_prog_test_run_xdp+0x148e/0x1b10 net/bpf/test_run.c:1318\n bpf_prog_test_run+0x5b7/0xa30 kernel/bpf/syscall.c:4371\n __sys_bpf+0x6a6/0xe20 kernel/bpf/syscall.c:5777\n __do_sys_bpf kernel/bpf/syscall.c:5866 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5864 [inline]\n __x64_sys_bpf+0xa4/0xf0 kernel/bpf/syscall.c:5864\n x64_sys_call+0x2ea0/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:322\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n free_pages_prepare mm/page_alloc.c:1056 [inline]\n free_unref_page+0x156/0x1320 mm/page_alloc.c:2657\n __free_pages+0xa3/0x1b0 mm/page_alloc.c:4838\n bpf_ringbuf_free kernel/bpf/ringbuf.c:226 [inline]\n ringbuf_map_free+0xff/0x1e0 kernel/bpf/ringbuf.c:235\n bpf_map_free kernel/bpf/syscall.c:838 [inline]\n bpf_map_free_deferred+0x17c/0x310 kernel/bpf/syscall.c:862\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa2b/0x1b60 kernel/workqueue.c:3310\n worker_thread+0xedf/0x1550 kernel/workqueue.c:3391\n kthread+0x535/0x6b0 kernel/kthread.c:389\n ret_from_fork+0x6e/0x90 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nCPU: 1 UID: 0 PID: 17276 Comm: syz.1.16450 Not tainted 6.12.0-05490-g9bb88c659673 #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21867",
"url": "https://www.suse.com/security/cve/CVE-2025-21867"
},
{
"category": "external",
"summary": "SUSE Bug 1240181 for CVE-2025-21867",
"url": "https://bugzilla.suse.com/1240181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21867"
},
{
"cve": "CVE-2025-21869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Disable KASAN report during patching via temporary mm\n\nErhard reports the following KASAN hit on Talos II (power9) with kernel 6.13:\n\n[ 12.028126] ==================================================================\n[ 12.028198] BUG: KASAN: user-memory-access in copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028260] Write of size 8 at addr 0000187e458f2000 by task systemd/1\n\n[ 12.028346] CPU: 87 UID: 0 PID: 1 Comm: systemd Tainted: G T 6.13.0-P9-dirty #3\n[ 12.028408] Tainted: [T]=RANDSTRUCT\n[ 12.028446] Hardware name: T2P9D01 REV 1.01 POWER9 0x4e1202 opal:skiboot-bc106a0 PowerNV\n[ 12.028500] Call Trace:\n[ 12.028536] [c000000008dbf3b0] [c000000001656a48] dump_stack_lvl+0xbc/0x110 (unreliable)\n[ 12.028609] [c000000008dbf3f0] [c0000000006e2fc8] print_report+0x6b0/0x708\n[ 12.028666] [c000000008dbf4e0] [c0000000006e2454] kasan_report+0x164/0x300\n[ 12.028725] [c000000008dbf600] [c0000000006e54d4] kasan_check_range+0x314/0x370\n[ 12.028784] [c000000008dbf640] [c0000000006e6310] __kasan_check_write+0x20/0x40\n[ 12.028842] [c000000008dbf660] [c000000000578e8c] copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028902] [c000000008dbf6a0] [c0000000000acfe4] __patch_instructions+0x194/0x210\n[ 12.028965] [c000000008dbf6e0] [c0000000000ade80] patch_instructions+0x150/0x590\n[ 12.029026] [c000000008dbf7c0] [c0000000001159bc] bpf_arch_text_copy+0x6c/0xe0\n[ 12.029085] [c000000008dbf800] [c000000000424250] bpf_jit_binary_pack_finalize+0x40/0xc0\n[ 12.029147] [c000000008dbf830] [c000000000115dec] bpf_int_jit_compile+0x3bc/0x930\n[ 12.029206] [c000000008dbf990] [c000000000423720] bpf_prog_select_runtime+0x1f0/0x280\n[ 12.029266] [c000000008dbfa00] [c000000000434b18] bpf_prog_load+0xbb8/0x1370\n[ 12.029324] [c000000008dbfb70] [c000000000436ebc] __sys_bpf+0x5ac/0x2e00\n[ 12.029379] [c000000008dbfd00] [c00000000043a228] sys_bpf+0x28/0x40\n[ 12.029435] [c000000008dbfd20] [c000000000038eb4] system_call_exception+0x334/0x610\n[ 12.029497] [c000000008dbfe50] [c00000000000c270] system_call_vectored_common+0xf0/0x280\n[ 12.029561] --- interrupt: 3000 at 0x3fff82f5cfa8\n[ 12.029608] NIP: 00003fff82f5cfa8 LR: 00003fff82f5cfa8 CTR: 0000000000000000\n[ 12.029660] REGS: c000000008dbfe80 TRAP: 3000 Tainted: G T (6.13.0-P9-dirty)\n[ 12.029735] MSR: 900000000280f032 \u003cSF,HV,VEC,VSX,EE,PR,FP,ME,IR,DR,RI\u003e CR: 42004848 XER: 00000000\n[ 12.029855] IRQMASK: 0\n GPR00: 0000000000000169 00003fffdcf789a0 00003fff83067100 0000000000000005\n GPR04: 00003fffdcf78a98 0000000000000090 0000000000000000 0000000000000008\n GPR08: 0000000000000000 0000000000000000 0000000000000000 0000000000000000\n GPR12: 0000000000000000 00003fff836ff7e0 c000000000010678 0000000000000000\n GPR16: 0000000000000000 0000000000000000 00003fffdcf78f28 00003fffdcf78f90\n GPR20: 0000000000000000 0000000000000000 0000000000000000 00003fffdcf78f80\n GPR24: 00003fffdcf78f70 00003fffdcf78d10 00003fff835c7239 00003fffdcf78bd8\n GPR28: 00003fffdcf78a98 0000000000000000 0000000000000000 000000011f547580\n[ 12.030316] NIP [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030361] LR [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030405] --- interrupt: 3000\n[ 12.030444] ==================================================================\n\nCommit c28c15b6d28a (\"powerpc/code-patching: Use temporary mm for\nRadix MMU\") is inspired from x86 but unlike x86 is doesn\u0027t disable\nKASAN reports during patching. This wasn\u0027t a problem at the begining\nbecause __patch_mem() is not instrumented.\n\nCommit 465cabc97b42 (\"powerpc/code-patching: introduce\npatch_instructions()\") use copy_to_kernel_nofault() to copy several\ninstructions at once. But when using temporary mm the destination is\nnot regular kernel memory but a kind of kernel-like memory located\nin user address space. \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21869",
"url": "https://www.suse.com/security/cve/CVE-2025-21869"
},
{
"category": "external",
"summary": "SUSE Bug 1240182 for CVE-2025-21869",
"url": "https://bugzilla.suse.com/1240182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21869"
},
{
"cve": "CVE-2025-21870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers\n\nOther, non DAI copier widgets could have the same stream name (sname) as\nthe ALH copier and in that case the copier-\u003edata is NULL, no alh_data is\nattached, which could lead to NULL pointer dereference.\nWe could check for this NULL pointer in sof_ipc4_prepare_copier_module()\nand avoid the crash, but a similar loop in sof_ipc4_widget_setup_comp_dai()\nwill miscalculate the ALH device count, causing broken audio.\n\nThe correct fix is to harden the matching logic by making sure that the\n1. widget is a DAI widget - so dai = w-\u003eprivate is valid\n2. the dai (and thus the copier) is ALH copier",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21870",
"url": "https://www.suse.com/security/cve/CVE-2025-21870"
},
{
"category": "external",
"summary": "SUSE Bug 1240191 for CVE-2025-21870",
"url": "https://bugzilla.suse.com/1240191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21870"
},
{
"cve": "CVE-2025-21871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: optee: Fix supplicant wait loop\n\nOP-TEE supplicant is a user-space daemon and it\u0027s possible for it\nbe hung or crashed or killed in the middle of processing an OP-TEE\nRPC call. It becomes more complicated when there is incorrect shutdown\nordering of the supplicant process vs the OP-TEE client application which\ncan eventually lead to system hang-up waiting for the closure of the\nclient application.\n\nAllow the client process waiting in kernel for supplicant response to\nbe killed rather than indefinitely waiting in an unkillable state. Also,\na normal uninterruptible wait should not have resulted in the hung-task\nwatchdog getting triggered, but the endless loop would.\n\nThis fixes issues observed during system reboot/shutdown when supplicant\ngot hung for some reason or gets crashed/killed which lead to client\ngetting hung in an unkillable state. It in turn lead to system being in\nhung up state requiring hard power off/on to recover.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21871",
"url": "https://www.suse.com/security/cve/CVE-2025-21871"
},
{
"category": "external",
"summary": "SUSE Bug 1240183 for CVE-2025-21871",
"url": "https://bugzilla.suse.com/1240183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21871"
},
{
"cve": "CVE-2025-21873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: bsg: Fix crash when arpmb command fails\n\nIf the device doesn\u0027t support arpmb we\u0027ll crash due to copying user data in\nbsg_transport_sg_io_fn().\n\nIn the case where ufs_bsg_exec_advanced_rpmb_req() returns an error, do not\nset the job\u0027s reply_len.\n\nMemory crash backtrace:\n3,1290,531166405,-;ufshcd 0000:00:12.5: ARPMB OP failed: error code -22\n\n4,1308,531166555,-;Call Trace:\n\n4,1309,531166559,-; \u003cTASK\u003e\n\n4,1310,531166565,-; ? show_regs+0x6d/0x80\n\n4,1311,531166575,-; ? die+0x37/0xa0\n\n4,1312,531166583,-; ? do_trap+0xd4/0xf0\n\n4,1313,531166593,-; ? do_error_trap+0x71/0xb0\n\n4,1314,531166601,-; ? usercopy_abort+0x6c/0x80\n\n4,1315,531166610,-; ? exc_invalid_op+0x52/0x80\n\n4,1316,531166622,-; ? usercopy_abort+0x6c/0x80\n\n4,1317,531166630,-; ? asm_exc_invalid_op+0x1b/0x20\n\n4,1318,531166643,-; ? usercopy_abort+0x6c/0x80\n\n4,1319,531166652,-; __check_heap_object+0xe3/0x120\n\n4,1320,531166661,-; check_heap_object+0x185/0x1d0\n\n4,1321,531166670,-; __check_object_size.part.0+0x72/0x150\n\n4,1322,531166679,-; __check_object_size+0x23/0x30\n\n4,1323,531166688,-; bsg_transport_sg_io_fn+0x314/0x3b0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21873",
"url": "https://www.suse.com/security/cve/CVE-2025-21873"
},
{
"category": "external",
"summary": "SUSE Bug 1240184 for CVE-2025-21873",
"url": "https://bugzilla.suse.com/1240184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21873"
},
{
"cve": "CVE-2025-21875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: always handle address removal under msk socket lock\n\nSyzkaller reported a lockdep splat in the PM control path:\n\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sock_owned_by_me include/net/sock.h:1711 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Modules linked in:\n CPU: 0 UID: 0 PID: 6693 Comm: syz.0.205 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\n RIP: 0010:sock_owned_by_me include/net/sock.h:1711 [inline]\n RIP: 0010:msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n RIP: 0010:mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ca 7b d3 f5 eb b9 e8 c3 7b d3 f5 90 0f 0b 90 e9 dd fb ff ff e8 b5 7b d3 f5 90 \u003c0f\u003e 0b 90 e9 3e fb ff ff 44 89 f1 80 e1 07 38 c1 0f 8c eb fb ff ff\n RSP: 0000:ffffc900034f6f60 EFLAGS: 00010283\n RAX: ffffffff8bee3c2b RBX: 0000000000000001 RCX: 0000000000080000\n RDX: ffffc90004d42000 RSI: 000000000000a407 RDI: 000000000000a408\n RBP: ffffc900034f7030 R08: ffffffff8bee37f6 R09: 0100000000000000\n R10: dffffc0000000000 R11: ffffed100bcc62e4 R12: ffff88805e6316e0\n R13: ffff88805e630c00 R14: dffffc0000000000 R15: ffff88805e630c00\n FS: 00007f7e9a7e96c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000001b2fd18ff8 CR3: 0000000032c24000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n mptcp_pm_remove_addr+0x103/0x1d0 net/mptcp/pm.c:59\n mptcp_pm_remove_anno_addr+0x1f4/0x2f0 net/mptcp/pm_netlink.c:1486\n mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_netlink.c:1518 [inline]\n mptcp_pm_nl_del_addr_doit+0x118d/0x1af0 net/mptcp/pm_netlink.c:1629\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb1f/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x206/0x480 net/netlink/af_netlink.c:2543\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:733\n ____sys_sendmsg+0x53a/0x860 net/socket.c:2573\n ___sys_sendmsg net/socket.c:2627 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f7e9998cde9\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f7e9a7e9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f7e99ba5fa0 RCX: 00007f7e9998cde9\n RDX: 000000002000c094 RSI: 0000400000000000 RDI: 0000000000000007\n RBP: 00007f7e99a0e2a0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 0000000000000000 R14: 00007f7e99ba5fa0 R15: 00007fff49231088\n\nIndeed the PM can try to send a RM_ADDR over a msk without acquiring\nfirst the msk socket lock.\n\nThe bugged code-path comes from an early optimization: when there\nare no subflows, the PM should (usually) not send RM_ADDR\nnotifications.\n\nThe above statement is incorrect, as without locks another process\ncould concur\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21875",
"url": "https://www.suse.com/security/cve/CVE-2025-21875"
},
{
"category": "external",
"summary": "SUSE Bug 1240168 for CVE-2025-21875",
"url": "https://bugzilla.suse.com/1240168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21875"
},
{
"cve": "CVE-2025-21876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix suspicious RCU usage\n\nCommit \u003cd74169ceb0d2\u003e (\"iommu/vt-d: Allocate DMAR fault interrupts\nlocally\") moved the call to enable_drhd_fault_handling() to a code\npath that does not hold any lock while traversing the drhd list. Fix\nit by ensuring the dmar_global_lock lock is held when traversing the\ndrhd list.\n\nWithout this fix, the following warning is triggered:\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3 #55 Not tainted\n -----------------------------\n drivers/iommu/intel/dmar.c:2046 RCU-list traversed in non-reader section!!\n other info that might help us debug this:\n rcu_scheduler_active = 1, debug_locks = 1\n 2 locks held by cpuhp/1/23:\n #0: ffffffff84a67c50 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n #1: ffffffff84a6a380 (cpuhp_state-up){+.+.}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n stack backtrace:\n CPU: 1 UID: 0 PID: 23 Comm: cpuhp/1 Not tainted 6.14.0-rc3 #55\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xb7/0xd0\n lockdep_rcu_suspicious+0x159/0x1f0\n ? __pfx_enable_drhd_fault_handling+0x10/0x10\n enable_drhd_fault_handling+0x151/0x180\n cpuhp_invoke_callback+0x1df/0x990\n cpuhp_thread_fun+0x1ea/0x2c0\n smpboot_thread_fn+0x1f5/0x2e0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n kthread+0x12a/0x2d0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4a/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nHolding the lock in enable_drhd_fault_handling() triggers a lockdep splat\nabout a possible deadlock between dmar_global_lock and cpu_hotplug_lock.\nThis is avoided by not holding dmar_global_lock when calling\niommu_device_register(), which initiates the device probe process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21876",
"url": "https://www.suse.com/security/cve/CVE-2025-21876"
},
{
"category": "external",
"summary": "SUSE Bug 1240179 for CVE-2025-21876",
"url": "https://bugzilla.suse.com/1240179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21876"
},
{
"cve": "CVE-2025-21877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: gl620a: fix endpoint checking in genelink_bind()\n\nSyzbot reports [1] a warning in usb_submit_urb() triggered by\ninconsistencies between expected and actually present endpoints\nin gl620a driver. Since genelink_bind() does not properly\nverify whether specified eps are in fact provided by the device,\nin this case, an artificially manufactured one, one may get a\nmismatch.\n\nFix the issue by resorting to a usbnet utility function\nusbnet_get_endpoints(), usually reserved for this very problem.\nCheck for endpoints and return early before proceeding further if\nany are missing.\n\n[1] Syzbot report:\nusb 5-1: Manufacturer: syz\nusb 5-1: SerialNumber: syz\nusb 5-1: config 0 descriptor??\ngl620a 5-1:0.23 usb0: register \u0027gl620a\u0027 at usb-dummy_hcd.0-1, ...\n------------[ cut here ]------------\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 2 PID: 1841 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nModules linked in:\nCPU: 2 UID: 0 PID: 1841 Comm: kworker/2:2 Not tainted 6.12.0-syzkaller-07834-g06afb0f36106 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: mld mld_ifc_work\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n usbnet_start_xmit+0x6be/0x2780 drivers/net/usb/usbnet.c:1467\n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n xmit_one net/core/dev.c:3590 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3606\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:3827 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4400\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_resolve_output net/core/neighbour.c:1514 [inline]\n neigh_resolve_output+0x5bc/0x950 net/core/neighbour.c:1494\n neigh_output include/net/neighbour.h:539 [inline]\n ip6_finish_output2+0xb1b/0x2070 net/ipv6/ip6_output.c:141\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\n ip6_finish_output+0x3f9/0x1360 net/ipv6/ip6_output.c:226\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip6_output+0x1f8/0x540 net/ipv6/ip6_output.c:247\n dst_output include/net/dst.h:450 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n mld_sendpack+0x9f0/0x11d0 net/ipv6/mcast.c:1819\n mld_send_cr net/ipv6/mcast.c:2120 [inline]\n mld_ifc_work+0x740/0xca0 net/ipv6/mcast.c:2651\n process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21877",
"url": "https://www.suse.com/security/cve/CVE-2025-21877"
},
{
"category": "external",
"summary": "SUSE Bug 1240172 for CVE-2025-21877",
"url": "https://bugzilla.suse.com/1240172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21877"
},
{
"cve": "CVE-2025-21878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: npcm: disable interrupt enable bit before devm_request_irq\n\nThe customer reports that there is a soft lockup issue related to\nthe i2c driver. After checking, the i2c module was doing a tx transfer\nand the bmc machine reboots in the middle of the i2c transaction, the i2c\nmodule keeps the status without being reset.\n\nDue to such an i2c module status, the i2c irq handler keeps getting\ntriggered since the i2c irq handler is registered in the kernel booting\nprocess after the bmc machine is doing a warm rebooting.\nThe continuous triggering is stopped by the soft lockup watchdog timer.\n\nDisable the interrupt enable bit in the i2c module before calling\ndevm_request_irq to fix this issue since the i2c relative status bit\nis read-only.\n\nHere is the soft lockup log.\n[ 28.176395] watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [swapper/0:1]\n[ 28.183351] Modules linked in:\n[ 28.186407] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.15.120-yocto-s-dirty-bbebc78 #1\n[ 28.201174] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 28.208128] pc : __do_softirq+0xb0/0x368\n[ 28.212055] lr : __do_softirq+0x70/0x368\n[ 28.215972] sp : ffffff8035ebca00\n[ 28.219278] x29: ffffff8035ebca00 x28: 0000000000000002 x27: ffffff80071a3780\n[ 28.226412] x26: ffffffc008bdc000 x25: ffffffc008bcc640 x24: ffffffc008be50c0\n[ 28.233546] x23: ffffffc00800200c x22: 0000000000000000 x21: 000000000000001b\n[ 28.240679] x20: 0000000000000000 x19: ffffff80001c3200 x18: ffffffffffffffff\n[ 28.247812] x17: ffffffc02d2e0000 x16: ffffff8035eb8b40 x15: 00001e8480000000\n[ 28.254945] x14: 02c3647e37dbfcb6 x13: 02c364f2ab14200c x12: 0000000002c364f2\n[ 28.262078] x11: 00000000fa83b2da x10: 000000000000b67e x9 : ffffffc008010250\n[ 28.269211] x8 : 000000009d983d00 x7 : 7fffffffffffffff x6 : 0000036d74732434\n[ 28.276344] x5 : 00ffffffffffffff x4 : 0000000000000015 x3 : 0000000000000198\n[ 28.283476] x2 : ffffffc02d2e0000 x1 : 00000000000000e0 x0 : ffffffc008bdcb40\n[ 28.290611] Call trace:\n[ 28.293052] __do_softirq+0xb0/0x368\n[ 28.296625] __irq_exit_rcu+0xe0/0x100\n[ 28.300374] irq_exit+0x14/0x20\n[ 28.303513] handle_domain_irq+0x68/0x90\n[ 28.307440] gic_handle_irq+0x78/0xb0\n[ 28.311098] call_on_irq_stack+0x20/0x38\n[ 28.315019] do_interrupt_handler+0x54/0x5c\n[ 28.319199] el1_interrupt+0x2c/0x4c\n[ 28.322777] el1h_64_irq_handler+0x14/0x20\n[ 28.326872] el1h_64_irq+0x74/0x78\n[ 28.330269] __setup_irq+0x454/0x780\n[ 28.333841] request_threaded_irq+0xd0/0x1b4\n[ 28.338107] devm_request_threaded_irq+0x84/0x100\n[ 28.342809] npcm_i2c_probe_bus+0x188/0x3d0\n[ 28.346990] platform_probe+0x6c/0xc4\n[ 28.350653] really_probe+0xcc/0x45c\n[ 28.354227] __driver_probe_device+0x8c/0x160\n[ 28.358578] driver_probe_device+0x44/0xe0\n[ 28.362670] __driver_attach+0x124/0x1d0\n[ 28.366589] bus_for_each_dev+0x7c/0xe0\n[ 28.370426] driver_attach+0x28/0x30\n[ 28.373997] bus_add_driver+0x124/0x240\n[ 28.377830] driver_register+0x7c/0x124\n[ 28.381662] __platform_driver_register+0x2c/0x34\n[ 28.386362] npcm_i2c_init+0x3c/0x5c\n[ 28.389937] do_one_initcall+0x74/0x230\n[ 28.393768] kernel_init_freeable+0x24c/0x2b4\n[ 28.398126] kernel_init+0x28/0x130\n[ 28.401614] ret_from_fork+0x10/0x20\n[ 28.405189] Kernel panic - not syncing: softlockup: hung tasks\n[ 28.411011] SMP: stopping secondary CPUs\n[ 28.414933] Kernel Offset: disabled\n[ 28.418412] CPU features: 0x00000000,00000802\n[ 28.427644] Rebooting in 20 seconds..",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21878",
"url": "https://www.suse.com/security/cve/CVE-2025-21878"
},
{
"category": "external",
"summary": "SUSE Bug 1240192 for CVE-2025-21878",
"url": "https://bugzilla.suse.com/1240192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21878"
},
{
"cve": "CVE-2025-21881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuprobes: Reject the shared zeropage in uprobe_write_opcode()\n\nWe triggered the following crash in syzkaller tests:\n\n BUG: Bad page state in process syz.7.38 pfn:1eff3\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1eff3\n flags: 0x3fffff00004004(referenced|reserved|node=0|zone=1|lastcpupid=0x1fffff)\n raw: 003fffff00004004 ffffe6c6c07bfcc8 ffffe6c6c07bfcc8 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000fffffffe 0000000000000000\n page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x32/0x50\n bad_page+0x69/0xf0\n free_unref_page_prepare+0x401/0x500\n free_unref_page+0x6d/0x1b0\n uprobe_write_opcode+0x460/0x8e0\n install_breakpoint.part.0+0x51/0x80\n register_for_each_vma+0x1d9/0x2b0\n __uprobe_register+0x245/0x300\n bpf_uprobe_multi_link_attach+0x29b/0x4f0\n link_create+0x1e2/0x280\n __sys_bpf+0x75f/0xac0\n __x64_sys_bpf+0x1a/0x30\n do_syscall_64+0x56/0x100\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\n BUG: Bad rss-counter state mm:00000000452453e0 type:MM_FILEPAGES val:-1\n\nThe following syzkaller test case can be used to reproduce:\n\n r2 = creat(\u0026(0x7f0000000000)=\u0027./file0\\x00\u0027, 0x8)\n write$nbd(r2, \u0026(0x7f0000000580)=ANY=[], 0x10)\n r4 = openat(0xffffffffffffff9c, \u0026(0x7f0000000040)=\u0027./file0\\x00\u0027, 0x42, 0x0)\n mmap$IORING_OFF_SQ_RING(\u0026(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0)\n r5 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r5, 0xc018aa3f, \u0026(0x7f0000000040)={0xaa, 0x20})\n r6 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r6, 0xc018aa3f, \u0026(0x7f0000000140))\n ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, \u0026(0x7f0000000100)={{\u0026(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x2})\n ioctl$UFFDIO_ZEROPAGE(r5, 0xc020aa04, \u0026(0x7f0000000000)={{\u0026(0x7f0000ffd000/0x1000)=nil, 0x1000}})\n r7 = bpf$PROG_LOAD(0x5, \u0026(0x7f0000000140)={0x2, 0x3, \u0026(0x7f0000000200)=ANY=[@ANYBLOB=\"1800000000120000000000000000000095\"], \u0026(0x7f0000000000)=\u0027GPL\\x00\u0027, 0x7, 0x0, 0x0, 0x0, 0x0, \u0027\\x00\u0027, 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)\n bpf$BPF_LINK_CREATE_XDP(0x1c, \u0026(0x7f0000000040)={r7, 0x0, 0x30, 0x1e, @val=@uprobe_multi={\u0026(0x7f0000000080)=\u0027./file0\\x00\u0027, \u0026(0x7f0000000100)=[0x2], 0x0, 0x0, 0x1}}, 0x40)\n\nThe cause is that zero pfn is set to the PTE without increasing the RSS\ncount in mfill_atomic_pte_zeropage() and the refcount of zero folio does\nnot increase accordingly. Then, the operation on the same pfn is performed\nin uprobe_write_opcode()-\u003e__replace_page() to unconditional decrease the\nRSS count and old_folio\u0027s refcount.\n\nTherefore, two bugs are introduced:\n\n 1. The RSS count is incorrect, when process exit, the check_mm() report\n error \"Bad rss-count\".\n\n 2. The reserved folio (zero folio) is freed when folio-\u003erefcount is zero,\n then free_pages_prepare-\u003efree_page_is_bad() report error\n \"Bad page state\".\n\nThere is more, the following warning could also theoretically be triggered:\n\n __replace_page()\n -\u003e ...\n -\u003e folio_remove_rmap_pte()\n -\u003e VM_WARN_ON_FOLIO(is_zero_folio(folio), folio)\n\nConsidering that uprobe hit on the zero folio is a very rare case, just\nreject zero old folio immediately after get_user_page_vma_remote().\n\n[ mingo: Cleaned up the changelog ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21881",
"url": "https://www.suse.com/security/cve/CVE-2025-21881"
},
{
"category": "external",
"summary": "SUSE Bug 1240185 for CVE-2025-21881",
"url": "https://bugzilla.suse.com/1240185"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21881"
},
{
"cve": "CVE-2025-21882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21882"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix vport QoS cleanup on error\n\nWhen enabling vport QoS fails, the scheduling node was never freed,\ncausing a leak.\n\nAdd the missing free and reset the vport scheduling node pointer to\nNULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21882",
"url": "https://www.suse.com/security/cve/CVE-2025-21882"
},
{
"category": "external",
"summary": "SUSE Bug 1240187 for CVE-2025-21882",
"url": "https://bugzilla.suse.com/1240187"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21882"
},
{
"cve": "CVE-2025-21883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix deinitializing VF in error path\n\nIf ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees\nall VFs without removing them from snapshot PF-VF mailbox list, leading\nto list corruption.\n\nReproducer:\n devlink dev eswitch set $PF1_PCI mode switchdev\n ip l s $PF1 up\n ip l s $PF1 promisc on\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n\nTrace (minimized):\n list_add corruption. next-\u003eprev should be prev (ffff8882e241c6f0), but was 0000000000000000. (next=ffff888455da1330).\n kernel BUG at lib/list_debug.c:29!\n RIP: 0010:__list_add_valid_or_report+0xa6/0x100\n ice_mbx_init_vf_info+0xa7/0x180 [ice]\n ice_initialize_vf_entry+0x1fa/0x250 [ice]\n ice_sriov_configure+0x8d7/0x1520 [ice]\n ? __percpu_ref_switch_mode+0x1b1/0x5d0\n ? __pfx_ice_sriov_configure+0x10/0x10 [ice]\n\nSometimes a KASAN report can be seen instead with a similar stack trace:\n BUG: KASAN: use-after-free in __list_add_valid_or_report+0xf1/0x100\n\nVFs are added to this list in ice_mbx_init_vf_info(), but only removed\nin ice_free_vfs(). Move the removing to ice_free_vf_entries(), which is\nalso being called in other places where VFs are being removed (including\nice_free_vfs() itself).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21883",
"url": "https://www.suse.com/security/cve/CVE-2025-21883"
},
{
"category": "external",
"summary": "SUSE Bug 1240189 for CVE-2025-21883",
"url": "https://bugzilla.suse.com/1240189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21883"
},
{
"cve": "CVE-2025-21884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: better track kernel sockets lifetime\n\nWhile kernel sockets are dismantled during pernet_operations-\u003eexit(),\ntheir freeing can be delayed by any tx packets still held in qdisc\nor device queues, due to skb_set_owner_w() prior calls.\n\nThis then trigger the following warning from ref_tracker_dir_exit() [1]\n\nTo fix this, make sure that kernel sockets own a reference on net-\u003epassive.\n\nAdd sk_net_refcnt_upgrade() helper, used whenever a kernel socket\nis converted to a refcounted one.\n\n[1]\n\n[ 136.263918][ T35] ref_tracker: net notrefcnt@ffff8880638f01e0 has 1/2 users at\n[ 136.263918][ T35] sk_alloc+0x2b3/0x370\n[ 136.263918][ T35] inet6_create+0x6ce/0x10f0\n[ 136.263918][ T35] __sock_create+0x4c0/0xa30\n[ 136.263918][ T35] inet_ctl_sock_create+0xc2/0x250\n[ 136.263918][ T35] igmp6_net_init+0x39/0x390\n[ 136.263918][ T35] ops_init+0x31e/0x590\n[ 136.263918][ T35] setup_net+0x287/0x9e0\n[ 136.263918][ T35] copy_net_ns+0x33f/0x570\n[ 136.263918][ T35] create_new_namespaces+0x425/0x7b0\n[ 136.263918][ T35] unshare_nsproxy_namespaces+0x124/0x180\n[ 136.263918][ T35] ksys_unshare+0x57d/0xa70\n[ 136.263918][ T35] __x64_sys_unshare+0x38/0x40\n[ 136.263918][ T35] do_syscall_64+0xf3/0x230\n[ 136.263918][ T35] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 136.263918][ T35]\n[ 136.343488][ T35] ref_tracker: net notrefcnt@ffff8880638f01e0 has 1/2 users at\n[ 136.343488][ T35] sk_alloc+0x2b3/0x370\n[ 136.343488][ T35] inet6_create+0x6ce/0x10f0\n[ 136.343488][ T35] __sock_create+0x4c0/0xa30\n[ 136.343488][ T35] inet_ctl_sock_create+0xc2/0x250\n[ 136.343488][ T35] ndisc_net_init+0xa7/0x2b0\n[ 136.343488][ T35] ops_init+0x31e/0x590\n[ 136.343488][ T35] setup_net+0x287/0x9e0\n[ 136.343488][ T35] copy_net_ns+0x33f/0x570\n[ 136.343488][ T35] create_new_namespaces+0x425/0x7b0\n[ 136.343488][ T35] unshare_nsproxy_namespaces+0x124/0x180\n[ 136.343488][ T35] ksys_unshare+0x57d/0xa70\n[ 136.343488][ T35] __x64_sys_unshare+0x38/0x40\n[ 136.343488][ T35] do_syscall_64+0xf3/0x230\n[ 136.343488][ T35] entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21884",
"url": "https://www.suse.com/security/cve/CVE-2025-21884"
},
{
"category": "external",
"summary": "SUSE Bug 1240171 for CVE-2025-21884",
"url": "https://bugzilla.suse.com/1240171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21884"
},
{
"cve": "CVE-2025-21885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix the page details for the srq created by kernel consumers\n\nWhile using nvme target with use_srq on, below kernel panic is noticed.\n\n[ 549.698111] bnxt_en 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91 RS(544,514)\n[ 566.393619] Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n..\n[ 566.393799] \u003cTASK\u003e\n[ 566.393807] ? __die_body+0x1a/0x60\n[ 566.393823] ? die+0x38/0x60\n[ 566.393835] ? do_trap+0xe4/0x110\n[ 566.393847] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393867] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393881] ? do_error_trap+0x7c/0x120\n[ 566.393890] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393911] ? exc_divide_error+0x34/0x50\n[ 566.393923] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393939] ? asm_exc_divide_error+0x16/0x20\n[ 566.393966] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393997] bnxt_qplib_create_srq+0xc9/0x340 [bnxt_re]\n[ 566.394040] bnxt_re_create_srq+0x335/0x3b0 [bnxt_re]\n[ 566.394057] ? srso_return_thunk+0x5/0x5f\n[ 566.394068] ? __init_swait_queue_head+0x4a/0x60\n[ 566.394090] ib_create_srq_user+0xa7/0x150 [ib_core]\n[ 566.394147] nvmet_rdma_queue_connect+0x7d0/0xbe0 [nvmet_rdma]\n[ 566.394174] ? lock_release+0x22c/0x3f0\n[ 566.394187] ? srso_return_thunk+0x5/0x5f\n\nPage size and shift info is set only for the user space SRQs.\nSet page size and page shift for kernel space SRQs also.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21885",
"url": "https://www.suse.com/security/cve/CVE-2025-21885"
},
{
"category": "external",
"summary": "SUSE Bug 1240169 for CVE-2025-21885",
"url": "https://bugzilla.suse.com/1240169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21885"
},
{
"cve": "CVE-2025-21886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP hang on parent deregistration\n\nFix the destroy_unused_implicit_child_mr() to prevent hanging during\nparent deregistration as of below [1].\n\nUpon entering destroy_unused_implicit_child_mr(), the reference count\nfor the implicit MR parent is incremented using:\nrefcount_inc_not_zero().\n\nA corresponding decrement must be performed if\nfree_implicit_child_mr_work() is not called.\n\nThe code has been updated to properly manage the reference count that\nwas incremented.\n\n[1]\nINFO: task python3:2157 blocked for more than 120 seconds.\nNot tainted 6.12.0-rc7+ #1633\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:python3 state:D stack:0 pid:2157 tgid:2157 ppid:1685 flags:0x00000000\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\n__mlx5_ib_dereg_mr+0x379/0x5d0 [mlx5_ib]\n? __pfx_autoremove_wake_function+0x10/0x10\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n __x64_sys_ioctl+0x1b0/0xa70\n? kmem_cache_free+0x221/0x400\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f20f21f017b\nRSP: 002b:00007ffcfc4a77c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffcfc4a78d8 RCX: 00007f20f21f017b\nRDX: 00007ffcfc4a78c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffcfc4a78a0 R08: 000056147d125190 R09: 00007f20f1f14c60\nR10: 0000000000000001 R11: 0000000000000246 R12: 00007ffcfc4a7890\nR13: 000000000000001c R14: 000056147d100fc0 R15: 00007f20e365c9d0\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21886",
"url": "https://www.suse.com/security/cve/CVE-2025-21886"
},
{
"category": "external",
"summary": "SUSE Bug 1240188 for CVE-2025-21886",
"url": "https://bugzilla.suse.com/1240188"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21886"
},
{
"cve": "CVE-2025-21887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up\n\nThe issue was caused by dput(upper) being called before\novl_dentry_update_reval(), while upper-\u003ed_flags was still\naccessed in ovl_dentry_remote().\n\nMove dput(upper) after its last use to prevent use-after-free.\n\nBUG: KASAN: slab-use-after-free in ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\nBUG: KASAN: slab-use-after-free in ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\n ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n ovl_link_up fs/overlayfs/copy_up.c:610 [inline]\n ovl_copy_up_one+0x2105/0x3490 fs/overlayfs/copy_up.c:1170\n ovl_copy_up_flags+0x18d/0x200 fs/overlayfs/copy_up.c:1223\n ovl_rename+0x39e/0x18c0 fs/overlayfs/dir.c:1136\n vfs_rename+0xf84/0x20a0 fs/namei.c:4893\n...\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21887",
"url": "https://www.suse.com/security/cve/CVE-2025-21887"
},
{
"category": "external",
"summary": "SUSE Bug 1240176 for CVE-2025-21887",
"url": "https://bugzilla.suse.com/1240176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21887"
},
{
"cve": "CVE-2025-21888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a WARN during dereg_mr for DM type\n\nMemory regions (MR) of type DM (device memory) do not have an associated\numem.\n\nIn the __mlx5_ib_dereg_mr() -\u003e mlx5_free_priv_descs() flow, the code\nincorrectly takes the wrong branch, attempting to call\ndma_unmap_single() on a DMA address that is not mapped.\n\nThis results in a WARN [1], as shown below.\n\nThe issue is resolved by properly accounting for the DM type and\nensuring the correct branch is selected in mlx5_free_priv_descs().\n\n[1]\nWARNING: CPU: 12 PID: 1346 at drivers/iommu/dma-iommu.c:1230 iommu_dma_unmap_page+0x79/0x90\nModules linked in: ip6table_mangle ip6table_nat ip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry ovelay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\nCPU: 12 UID: 0 PID: 1346 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1631\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:iommu_dma_unmap_page+0x79/0x90\nCode: 2b 49 3b 29 72 26 49 3b 69 08 73 20 4d 89 f0 44 89 e9 4c 89 e2 48 89 ee 48 89 df 5b 5d 41 5c 41 5d 41 5e 41 5f e9 07 b8 88 ff \u003c0f\u003e 0b 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 66 0f 1f 44 00\nRSP: 0018:ffffc90001913a10 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88810194b0a8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001\nRBP: ffff88810194b0a8 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f537abdd740(0000) GS:ffff88885fb00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f537aeb8000 CR3: 000000010c248001 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n? __warn+0x84/0x190\n? iommu_dma_unmap_page+0x79/0x90\n? report_bug+0xf8/0x1c0\n? handle_bug+0x55/0x90\n? exc_invalid_op+0x13/0x60\n? asm_exc_invalid_op+0x16/0x20\n? iommu_dma_unmap_page+0x79/0x90\ndma_unmap_page_attrs+0xe6/0x290\nmlx5_free_priv_descs+0xb0/0xe0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x37e/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f537adaf17b\nCode: 0f 1e fa 48 8b 05 1d ad 0c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ed ac 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffff218f0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffff218f1d8 RCX: 00007f537adaf17b\nRDX: 00007ffff218f1c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffff218f1a0 R08: 00007f537aa8d010 R09: 0000561ee2e4f270\nR10: 00007f537aace3a8 R11: 0000000000000246 R12: 00007ffff218f190\nR13: 000000000000001c R14: 0000561ee2e4d7c0 R15: 00007ffff218f450\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21888",
"url": "https://www.suse.com/security/cve/CVE-2025-21888"
},
{
"category": "external",
"summary": "SUSE Bug 1240177 for CVE-2025-21888",
"url": "https://bugzilla.suse.com/1240177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21888"
},
{
"cve": "CVE-2025-21889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Add RCU read lock protection to perf_iterate_ctx()\n\nThe perf_iterate_ctx() function performs RCU list traversal but\ncurrently lacks RCU read lock protection. This causes lockdep warnings\nwhen running perf probe with unshare(1) under CONFIG_PROVE_RCU_LIST=y:\n\n\tWARNING: suspicious RCU usage\n\tkernel/events/core.c:8168 RCU-list traversed in non-reader section!!\n\n\t Call Trace:\n\t lockdep_rcu_suspicious\n\t ? perf_event_addr_filters_apply\n\t perf_iterate_ctx\n\t perf_event_exec\n\t begin_new_exec\n\t ? load_elf_phdrs\n\t load_elf_binary\n\t ? lock_acquire\n\t ? find_held_lock\n\t ? bprm_execve\n\t bprm_execve\n\t do_execveat_common.isra.0\n\t __x64_sys_execve\n\t do_syscall_64\n\t entry_SYSCALL_64_after_hwframe\n\nThis protection was previously present but was removed in commit\nbd2756811766 (\"perf: Rewrite core context handling\"). Add back the\nnecessary rcu_read_lock()/rcu_read_unlock() pair around\nperf_iterate_ctx() call in perf_event_exec().\n\n[ mingo: Use scoped_guard() as suggested by Peter ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21889",
"url": "https://www.suse.com/security/cve/CVE-2025-21889"
},
{
"category": "external",
"summary": "SUSE Bug 1240167 for CVE-2025-21889",
"url": "https://bugzilla.suse.com/1240167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21889"
},
{
"cve": "CVE-2025-21890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix checksums set in idpf_rx_rsc()\n\nidpf_rx_rsc() uses skb_transport_offset(skb) while the transport header\nis not set yet.\n\nThis triggers the following warning for CONFIG_DEBUG_NET=y builds.\n\nDEBUG_NET_WARN_ON_ONCE(!skb_transport_header_was_set(skb))\n\n[ 69.261620] WARNING: CPU: 7 PID: 0 at ./include/linux/skbuff.h:3020 idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261629] Modules linked in: vfat fat dummy bridge intel_uncore_frequency_tpmi intel_uncore_frequency_common intel_vsec_tpmi idpf intel_vsec cdc_ncm cdc_eem cdc_ether usbnet mii xhci_pci xhci_hcd ehci_pci ehci_hcd libeth\n[ 69.261644] CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Tainted: G S W 6.14.0-smp-DEV #1697\n[ 69.261648] Tainted: [S]=CPU_OUT_OF_SPEC, [W]=WARN\n[ 69.261650] RIP: 0010:idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261677] ? __warn (kernel/panic.c:242 kernel/panic.c:748)\n[ 69.261682] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261687] ? report_bug (lib/bug.c:?)\n[ 69.261690] ? handle_bug (arch/x86/kernel/traps.c:285)\n[ 69.261694] ? exc_invalid_op (arch/x86/kernel/traps.c:309)\n[ 69.261697] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)\n[ 69.261700] ? __pfx_idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:4011) idpf\n[ 69.261704] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261708] ? idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:3072) idpf\n[ 69.261712] __napi_poll (net/core/dev.c:7194)\n[ 69.261716] net_rx_action (net/core/dev.c:7265)\n[ 69.261718] ? __qdisc_run (net/sched/sch_generic.c:293)\n[ 69.261721] ? sched_clock (arch/x86/include/asm/preempt.h:84 arch/x86/kernel/tsc.c:288)\n[ 69.261726] handle_softirqs (kernel/softirq.c:561)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21890",
"url": "https://www.suse.com/security/cve/CVE-2025-21890"
},
{
"category": "external",
"summary": "SUSE Bug 1240173 for CVE-2025-21890",
"url": "https://bugzilla.suse.com/1240173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21890"
},
{
"cve": "CVE-2025-21891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: ensure network headers are in skb linear part\n\nsyzbot found that ipvlan_process_v6_outbound() was assuming\nthe IPv6 network header isis present in skb-\u003ehead [1]\n\nAdd the needed pskb_network_may_pull() calls for both\nIPv4 and IPv6 handlers.\n\n[1]\nBUG: KMSAN: uninit-value in __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n ipv6_addr_type include/net/ipv6.h:555 [inline]\n ip6_route_output_flags_noref net/ipv6/route.c:2616 [inline]\n ip6_route_output_flags+0x51/0x720 net/ipv6/route.c:2651\n ip6_route_output include/net/ip6_route.h:93 [inline]\n ipvlan_route_v6_outbound+0x24e/0x520 drivers/net/ipvlan/ipvlan_core.c:476\n ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:491 [inline]\n ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:541 [inline]\n ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:605 [inline]\n ipvlan_queue_xmit+0xd72/0x1780 drivers/net/ipvlan/ipvlan_core.c:671\n ipvlan_start_xmit+0x5b/0x210 drivers/net/ipvlan/ipvlan_main.c:223\n __netdev_start_xmit include/linux/netdevice.h:5150 [inline]\n netdev_start_xmit include/linux/netdevice.h:5159 [inline]\n xmit_one net/core/dev.c:3735 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3751\n sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343\n qdisc_restart net/sched/sch_generic.c:408 [inline]\n __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416\n qdisc_run+0x141/0x4d0 include/net/pkt_sched.h:127\n net_tx_action+0x78b/0x940 net/core/dev.c:5484\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4611\n dev_queue_xmit include/linux/netdevice.h:3311 [inline]\n packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3132 [inline]\n packet_sendmsg+0x93e0/0xa7e0 net/packet/af_packet.c:3164\n sock_sendmsg_nosec net/socket.c:718 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21891",
"url": "https://www.suse.com/security/cve/CVE-2025-21891"
},
{
"category": "external",
"summary": "SUSE Bug 1240186 for CVE-2025-21891",
"url": "https://bugzilla.suse.com/1240186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21891"
},
{
"cve": "CVE-2025-21892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix the recovery flow of the UMR QP\n\nThis patch addresses an issue in the recovery flow of the UMR QP,\nensuring tasks do not get stuck, as highlighted by the call trace [1].\n\nDuring recovery, before transitioning the QP to the RESET state, the\nsoftware must wait for all outstanding WRs to complete.\n\nFailing to do so can cause the firmware to skip sending some flushed\nCQEs with errors and simply discard them upon the RESET, as per the IB\nspecification.\n\nThis race condition can result in lost CQEs and tasks becoming stuck.\n\nTo resolve this, the patch sends a final WR which serves only as a\nbarrier before moving the QP state to RESET.\n\nOnce a CQE is received for that final WR, it guarantees that no\noutstanding WRs remain, making it safe to transition the QP to RESET and\nsubsequently back to RTS, restoring proper functionality.\n\nNote:\nFor the barrier WR, we simply reuse the failed and ready WR.\nSince the QP is in an error state, it will only receive\nIB_WC_WR_FLUSH_ERR. However, as it serves only as a barrier we don\u0027t\ncare about its status.\n\n[1]\nINFO: task rdma_resource_l:1922 blocked for more than 120 seconds.\nTainted: G W 6.12.0-rc7+ #1626\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:rdma_resource_l state:D stack:0 pid:1922 tgid:1922 ppid:1369\n flags:0x00004004\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\nschedule_timeout+0x280/0x300\n? mark_held_locks+0x48/0x80\n? lockdep_hardirqs_on_prepare+0xe5/0x1a0\nwait_for_completion+0x75/0x130\nmlx5r_umr_post_send_wait+0x3c2/0x5b0 [mlx5_ib]\n? __pfx_mlx5r_umr_done+0x10/0x10 [mlx5_ib]\nmlx5r_umr_revoke_mr+0x93/0xc0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x299/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? __lock_acquire+0x64e/0x2080\n? mark_held_locks+0x48/0x80\n? find_held_lock+0x2d/0xa0\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? __fget_files+0xc3/0x1b0\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f99c918b17b\nRSP: 002b:00007ffc766d0468 EFLAGS: 00000246 ORIG_RAX:\n 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffc766d0578 RCX:\n 00007f99c918b17b\nRDX: 00007ffc766d0560 RSI: 00000000c0181b01 RDI:\n 0000000000000003\nRBP: 00007ffc766d0540 R08: 00007f99c8f99010 R09:\n 000000000000bd7e\nR10: 00007f99c94c1c70 R11: 0000000000000246 R12:\n 00007ffc766d0530\nR13: 000000000000001c R14: 0000000040246a80 R15:\n 0000000000000000\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21892",
"url": "https://www.suse.com/security/cve/CVE-2025-21892"
},
{
"category": "external",
"summary": "SUSE Bug 1240175 for CVE-2025-21892",
"url": "https://bugzilla.suse.com/1240175"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21892"
},
{
"cve": "CVE-2025-21893",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21893"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkeys: Fix UAF in key_put()\n\nOnce a key\u0027s reference count has been reduced to 0, the garbage collector\nthread may destroy it at any time and so key_put() is not allowed to touch\nthe key after that point. The most key_put() is normally allowed to do is\nto touch key_gc_work as that\u0027s a static global variable.\n\nHowever, in an effort to speed up the reclamation of quota, this is now\ndone in key_put() once the key\u0027s usage is reduced to 0 - but now the code\nis looking at the key after the deadline, which is forbidden.\n\nFix this by using a flag to indicate that a key can be gc\u0027d now rather than\nlooking at the key\u0027s refcount in the garbage collector.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21893",
"url": "https://www.suse.com/security/cve/CVE-2025-21893"
},
{
"category": "external",
"summary": "SUSE Bug 1240427 for CVE-2025-21893",
"url": "https://bugzilla.suse.com/1240427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21893"
},
{
"cve": "CVE-2025-21894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC\n\nActually ENETC VFs do not support HWTSTAMP_TX_ONESTEP_SYNC because only\nENETC PF can access PMa_SINGLE_STEP registers. And there will be a crash\nif VFs are used to test one-step timestamp, the crash log as follows.\n\n[ 129.110909] Unable to handle kernel paging request at virtual address 00000000000080c0\n[ 129.287769] Call trace:\n[ 129.290219] enetc_port_mac_wr+0x30/0xec (P)\n[ 129.294504] enetc_start_xmit+0xda4/0xe74\n[ 129.298525] enetc_xmit+0x70/0xec\n[ 129.301848] dev_hard_start_xmit+0x98/0x118",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21894",
"url": "https://www.suse.com/security/cve/CVE-2025-21894"
},
{
"category": "external",
"summary": "SUSE Bug 1240581 for CVE-2025-21894",
"url": "https://bugzilla.suse.com/1240581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21894"
},
{
"cve": "CVE-2025-21895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21895"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Order the PMU list to fix warning about unordered pmu_ctx_list\n\nSyskaller triggers a warning due to prev_epc-\u003epmu != next_epc-\u003epmu in\nperf_event_swap_task_ctx_data(). vmcore shows that two lists have the same\nperf_event_pmu_context, but not in the same order.\n\nThe problem is that the order of pmu_ctx_list for the parent is impacted by\nthe time when an event/PMU is added. While the order for a child is\nimpacted by the event order in the pinned_groups and flexible_groups. So\nthe order of pmu_ctx_list in the parent and child may be different.\n\nTo fix this problem, insert the perf_event_pmu_context to its proper place\nafter iteration of the pmu_ctx_list.\n\nThe follow testcase can trigger above warning:\n\n # perf record -e cycles --call-graph lbr -- taskset -c 3 ./a.out \u0026\n # perf stat -e cpu-clock,cs -p xxx // xxx is the pid of a.out\n\n test.c\n\n void main() {\n int count = 0;\n pid_t pid;\n\n printf(\"%d running\\n\", getpid());\n sleep(30);\n printf(\"running\\n\");\n\n pid = fork();\n if (pid == -1) {\n printf(\"fork error\\n\");\n return;\n }\n if (pid == 0) {\n while (1) {\n count++;\n }\n } else {\n while (1) {\n count++;\n }\n }\n }\n\nThe testcase first opens an LBR event, so it will allocate task_ctx_data,\nand then open tracepoint and software events, so the parent context will\nhave 3 different perf_event_pmu_contexts. On inheritance, child ctx will\ninsert the perf_event_pmu_context in another order and the warning will\ntrigger.\n\n[ mingo: Tidied up the changelog. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21895",
"url": "https://www.suse.com/security/cve/CVE-2025-21895"
},
{
"category": "external",
"summary": "SUSE Bug 1240585 for CVE-2025-21895",
"url": "https://bugzilla.suse.com/1240585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21895"
},
{
"cve": "CVE-2025-21904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncaif_virtio: fix wrong pointer check in cfv_probe()\n\ndel_vqs() frees virtqueues, therefore cfv-\u003evq_tx pointer should be checked\nfor NULL before calling it, not cfv-\u003evdev. Also the current implementation\nis redundant because the pointer cfv-\u003evdev is dereferenced before it is\nchecked for NULL.\n\nFix this by checking cfv-\u003evq_tx for NULL instead of cfv-\u003evdev before\ncalling del_vqs().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21904",
"url": "https://www.suse.com/security/cve/CVE-2025-21904"
},
{
"category": "external",
"summary": "SUSE Bug 1240576 for CVE-2025-21904",
"url": "https://bugzilla.suse.com/1240576"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21904"
},
{
"cve": "CVE-2025-21905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: limit printed string from FW file\n\nThere\u0027s no guarantee here that the file is always with a\nNUL-termination, so reading the string may read beyond the\nend of the TLV. If that\u0027s the last TLV in the file, it can\nperhaps even read beyond the end of the file buffer.\n\nFix that by limiting the print format to the size of the\nbuffer we have.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21905",
"url": "https://www.suse.com/security/cve/CVE-2025-21905"
},
{
"category": "external",
"summary": "SUSE Bug 1240575 for CVE-2025-21905",
"url": "https://bugzilla.suse.com/1240575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21905"
},
{
"cve": "CVE-2025-21906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21906"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: clean up ROC on failure\n\nIf the firmware fails to start the session protection, then we\ndo call iwl_mvm_roc_finished() here, but that won\u0027t do anything\nat all because IWL_MVM_STATUS_ROC_P2P_RUNNING was never set.\nSet IWL_MVM_STATUS_ROC_P2P_RUNNING in the failure/stop path.\nIf it started successfully before, it\u0027s already set, so that\ndoesn\u0027t matter, and if it didn\u0027t start it needs to be set to\nclean up.\n\nNot doing so will lead to a WARN_ON() later on a fresh remain-\non-channel, since the link is already active when activated as\nit was never deactivated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21906",
"url": "https://www.suse.com/security/cve/CVE-2025-21906"
},
{
"category": "external",
"summary": "SUSE Bug 1240587 for CVE-2025-21906",
"url": "https://bugzilla.suse.com/1240587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21906"
},
{
"cve": "CVE-2025-21908",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21908"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: fix nfs_release_folio() to not deadlock via kcompactd writeback\n\nAdd PF_KCOMPACTD flag and current_is_kcompactd() helper to check for it so\nnfs_release_folio() can skip calling nfs_wb_folio() from kcompactd.\n\nOtherwise NFS can deadlock waiting for kcompactd enduced writeback which\nrecurses back to NFS (which triggers writeback to NFSD via NFS loopback\nmount on the same host, NFSD blocks waiting for XFS\u0027s call to\n__filemap_get_folio):\n\n6070.550357] INFO: task kcompactd0:58 blocked for more than 4435 seconds.\n\n{---\n[58] \"kcompactd0\"\n[\u003c0\u003e] folio_wait_bit+0xe8/0x200\n[\u003c0\u003e] folio_wait_writeback+0x2b/0x80\n[\u003c0\u003e] nfs_wb_folio+0x80/0x1b0 [nfs]\n[\u003c0\u003e] nfs_release_folio+0x68/0x130 [nfs]\n[\u003c0\u003e] split_huge_page_to_list_to_order+0x362/0x840\n[\u003c0\u003e] migrate_pages_batch+0x43d/0xb90\n[\u003c0\u003e] migrate_pages_sync+0x9a/0x240\n[\u003c0\u003e] migrate_pages+0x93c/0x9f0\n[\u003c0\u003e] compact_zone+0x8e2/0x1030\n[\u003c0\u003e] compact_node+0xdb/0x120\n[\u003c0\u003e] kcompactd+0x121/0x2e0\n[\u003c0\u003e] kthread+0xcf/0x100\n[\u003c0\u003e] ret_from_fork+0x31/0x40\n[\u003c0\u003e] ret_from_fork_asm+0x1a/0x30\n---}\n\n[akpm@linux-foundation.org: fix build]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21908",
"url": "https://www.suse.com/security/cve/CVE-2025-21908"
},
{
"category": "external",
"summary": "SUSE Bug 1240600 for CVE-2025-21908",
"url": "https://bugzilla.suse.com/1240600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21908"
},
{
"cve": "CVE-2025-21909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: reject cooked mode if it is set along with other flags\n\nIt is possible to set both MONITOR_FLAG_COOK_FRAMES and MONITOR_FLAG_ACTIVE\nflags simultaneously on the same monitor interface from the userspace. This\ncauses a sub-interface to be created with no IEEE80211_SDATA_IN_DRIVER bit\nset because the monitor interface is in the cooked state and it takes\nprecedence over all other states. When the interface is then being deleted\nthe kernel calls WARN_ONCE() from check_sdata_in_driver() because of missing\nthat bit.\n\nFix this by rejecting MONITOR_FLAG_COOK_FRAMES if it is set along with\nother flags.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21909",
"url": "https://www.suse.com/security/cve/CVE-2025-21909"
},
{
"category": "external",
"summary": "SUSE Bug 1240590 for CVE-2025-21909",
"url": "https://bugzilla.suse.com/1240590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21909"
},
{
"cve": "CVE-2025-21910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: regulatory: improve invalid hints checking\n\nSyzbot keeps reporting an issue [1] that occurs when erroneous symbols\nsent from userspace get through into user_alpha2[] via\nregulatory_hint_user() call. Such invalid regulatory hints should be\nrejected.\n\nWhile a sanity check from commit 47caf685a685 (\"cfg80211: regulatory:\nreject invalid hints\") looks to be enough to deter these very cases,\nthere is a way to get around it due to 2 reasons.\n\n1) The way isalpha() works, symbols other than latin lower and\nupper letters may be used to determine a country/domain.\nFor instance, greek letters will also be considered upper/lower\nletters and for such characters isalpha() will return true as well.\nHowever, ISO-3166-1 alpha2 codes should only hold latin\ncharacters.\n\n2) While processing a user regulatory request, between\nreg_process_hint_user() and regulatory_hint_user() there happens to\nbe a call to queue_regulatory_request() which modifies letters in\nrequest-\u003ealpha2[] with toupper(). This works fine for latin symbols,\nless so for weird letter characters from the second part of _ctype[].\n\nSyzbot triggers a warning in is_user_regdom_saved() by first sending\nover an unexpected non-latin letter that gets malformed by toupper()\ninto a character that ends up failing isalpha() check.\n\nPrevent this by enhancing is_an_alpha2() to ensure that incoming\nsymbols are latin letters and nothing else.\n\n[1] Syzbot report:\n------------[ cut here ]------------\nUnexpected user alpha2: A\ufffd\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 is_user_regdom_saved net/wireless/reg.c:440 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_alpha2 net/wireless/reg.c:3424 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\nModules linked in:\nCPU: 1 UID: 0 PID: 964 Comm: kworker/1:2 Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: events_power_efficient crda_timeout_work\nRIP: 0010:is_user_regdom_saved net/wireless/reg.c:440 [inline]\nRIP: 0010:restore_alpha2 net/wireless/reg.c:3424 [inline]\nRIP: 0010:restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\n...\nCall Trace:\n \u003cTASK\u003e\n crda_timeout_work+0x27/0x50 net/wireless/reg.c:542\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f2/0x390 kernel/kthread.c:389\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21910",
"url": "https://www.suse.com/security/cve/CVE-2025-21910"
},
{
"category": "external",
"summary": "SUSE Bug 1240583 for CVE-2025-21910",
"url": "https://bugzilla.suse.com/1240583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21910"
},
{
"cve": "CVE-2025-21912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: rcar: Use raw_spinlock to protect register access\n\nUse raw_spinlock in order to fix spurious messages about invalid context\nwhen spinlock debugging is enabled. The lock is only used to serialize\nregister access.\n\n [ 4.239592] =============================\n [ 4.239595] [ BUG: Invalid wait context ]\n [ 4.239599] 6.13.0-rc7-arm64-renesas-05496-gd088502a519f #35 Not tainted\n [ 4.239603] -----------------------------\n [ 4.239606] kworker/u8:5/76 is trying to lock:\n [ 4.239609] ffff0000091898a0 (\u0026p-\u003elock){....}-{3:3}, at: gpio_rcar_config_interrupt_input_mode+0x34/0x164\n [ 4.239641] other info that might help us debug this:\n [ 4.239643] context-{5:5}\n [ 4.239646] 5 locks held by kworker/u8:5/76:\n [ 4.239651] #0: ffff0000080fb148 ((wq_completion)async){+.+.}-{0:0}, at: process_one_work+0x190/0x62c\n [ 4.250180] OF: /soc/sound@ec500000/ports/port@0/endpoint: Read of boolean property \u0027frame-master\u0027 with a value.\n [ 4.254094] #1: ffff80008299bd80 ((work_completion)(\u0026entry-\u003ework)){+.+.}-{0:0}, at: process_one_work+0x1b8/0x62c\n [ 4.254109] #2: ffff00000920c8f8\n [ 4.258345] OF: /soc/sound@ec500000/ports/port@1/endpoint: Read of boolean property \u0027bitclock-master\u0027 with a value.\n [ 4.264803] (\u0026dev-\u003emutex){....}-{4:4}, at: __device_attach_async_helper+0x3c/0xdc\n [ 4.264820] #3: ffff00000a50ca40 (request_class#2){+.+.}-{4:4}, at: __setup_irq+0xa0/0x690\n [ 4.264840] #4:\n [ 4.268872] OF: /soc/sound@ec500000/ports/port@1/endpoint: Read of boolean property \u0027frame-master\u0027 with a value.\n [ 4.273275] ffff00000a50c8c8 (lock_class){....}-{2:2}, at: __setup_irq+0xc4/0x690\n [ 4.296130] renesas_sdhi_internal_dmac ee100000.mmc: mmc1 base at 0x00000000ee100000, max clock rate 200 MHz\n [ 4.304082] stack backtrace:\n [ 4.304086] CPU: 1 UID: 0 PID: 76 Comm: kworker/u8:5 Not tainted 6.13.0-rc7-arm64-renesas-05496-gd088502a519f #35\n [ 4.304092] Hardware name: Renesas Salvator-X 2nd version board based on r8a77965 (DT)\n [ 4.304097] Workqueue: async async_run_entry_fn\n [ 4.304106] Call trace:\n [ 4.304110] show_stack+0x14/0x20 (C)\n [ 4.304122] dump_stack_lvl+0x6c/0x90\n [ 4.304131] dump_stack+0x14/0x1c\n [ 4.304138] __lock_acquire+0xdfc/0x1584\n [ 4.426274] lock_acquire+0x1c4/0x33c\n [ 4.429942] _raw_spin_lock_irqsave+0x5c/0x80\n [ 4.434307] gpio_rcar_config_interrupt_input_mode+0x34/0x164\n [ 4.440061] gpio_rcar_irq_set_type+0xd4/0xd8\n [ 4.444422] __irq_set_trigger+0x5c/0x178\n [ 4.448435] __setup_irq+0x2e4/0x690\n [ 4.452012] request_threaded_irq+0xc4/0x190\n [ 4.456285] devm_request_threaded_irq+0x7c/0xf4\n [ 4.459398] ata1: link resume succeeded after 1 retries\n [ 4.460902] mmc_gpiod_request_cd_irq+0x68/0xe0\n [ 4.470660] mmc_start_host+0x50/0xac\n [ 4.474327] mmc_add_host+0x80/0xe4\n [ 4.477817] tmio_mmc_host_probe+0x2b0/0x440\n [ 4.482094] renesas_sdhi_probe+0x488/0x6f4\n [ 4.486281] renesas_sdhi_internal_dmac_probe+0x60/0x78\n [ 4.491509] platform_probe+0x64/0xd8\n [ 4.495178] really_probe+0xb8/0x2a8\n [ 4.498756] __driver_probe_device+0x74/0x118\n [ 4.503116] driver_probe_device+0x3c/0x154\n [ 4.507303] __device_attach_driver+0xd4/0x160\n [ 4.511750] bus_for_each_drv+0x84/0xe0\n [ 4.515588] __device_attach_async_helper+0xb0/0xdc\n [ 4.520470] async_run_entry_fn+0x30/0xd8\n [ 4.524481] process_one_work+0x210/0x62c\n [ 4.528494] worker_thread+0x1ac/0x340\n [ 4.532245] kthread+0x10c/0x110\n [ 4.535476] ret_from_fork+0x10/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21912",
"url": "https://www.suse.com/security/cve/CVE-2025-21912"
},
{
"category": "external",
"summary": "SUSE Bug 1240584 for CVE-2025-21912",
"url": "https://bugzilla.suse.com/1240584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21912"
},
{
"cve": "CVE-2025-21913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range()\n\nXen doesn\u0027t offer MSR_FAM10H_MMIO_CONF_BASE to all guests. This results\nin the following warning:\n\n unchecked MSR access error: RDMSR from 0xc0010058 at rIP: 0xffffffff8101d19f (xen_do_read_msr+0x7f/0xa0)\n Call Trace:\n xen_read_msr+0x1e/0x30\n amd_get_mmconfig_range+0x2b/0x80\n quirk_amd_mmconfig_area+0x28/0x100\n pnp_fixup_device+0x39/0x50\n __pnp_add_device+0xf/0x150\n pnp_add_device+0x3d/0x100\n pnpacpi_add_device_handler+0x1f9/0x280\n acpi_ns_get_device_callback+0x104/0x1c0\n acpi_ns_walk_namespace+0x1d0/0x260\n acpi_get_devices+0x8a/0xb0\n pnpacpi_init+0x50/0x80\n do_one_initcall+0x46/0x2e0\n kernel_init_freeable+0x1da/0x2f0\n kernel_init+0x16/0x1b0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\n\nbased on quirks for a \"PNP0c01\" device. Treating MMCFG as disabled is the\nright course of action, so no change is needed there.\n\nThis was most likely exposed by fixing the Xen MSR accessors to not be\nsilently-safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21913",
"url": "https://www.suse.com/security/cve/CVE-2025-21913"
},
{
"category": "external",
"summary": "SUSE Bug 1240591 for CVE-2025-21913",
"url": "https://bugzilla.suse.com/1240591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21913"
},
{
"cve": "CVE-2025-21914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nslimbus: messaging: Free transaction ID in delayed interrupt scenario\n\nIn case of interrupt delay for any reason, slim_do_transfer()\nreturns timeout error but the transaction ID (TID) is not freed.\nThis results into invalid memory access inside\nqcom_slim_ngd_rx_msgq_cb() due to invalid TID.\n\nFix the issue by freeing the TID in slim_do_transfer() before\nreturning timeout error to avoid invalid memory access.\n\nCall trace:\n__memcpy_fromio+0x20/0x190\nqcom_slim_ngd_rx_msgq_cb+0x130/0x290 [slim_qcom_ngd_ctrl]\nvchan_complete+0x2a0/0x4a0\ntasklet_action_common+0x274/0x700\ntasklet_action+0x28/0x3c\n_stext+0x188/0x620\nrun_ksoftirqd+0x34/0x74\nsmpboot_thread_fn+0x1d8/0x464\nkthread+0x178/0x238\nret_from_fork+0x10/0x20\nCode: aa0003e8 91000429 f100044a 3940002b (3800150b)\n---[ end trace 0fe00bec2b975c99 ]---\nKernel panic - not syncing: Oops: Fatal exception in interrupt.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21914",
"url": "https://www.suse.com/security/cve/CVE-2025-21914"
},
{
"category": "external",
"summary": "SUSE Bug 1240595 for CVE-2025-21914",
"url": "https://bugzilla.suse.com/1240595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21914"
},
{
"cve": "CVE-2025-21915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncdx: Fix possible UAF error in driver_override_show()\n\nFixed a possible UAF problem in driver_override_show() in drivers/cdx/cdx.c\n\nThis function driver_override_show() is part of DEVICE_ATTR_RW, which\nincludes both driver_override_show() and driver_override_store().\nThese functions can be executed concurrently in sysfs.\n\nThe driver_override_store() function uses driver_set_override() to\nupdate the driver_override value, and driver_set_override() internally\nlocks the device (device_lock(dev)). If driver_override_show() reads\ncdx_dev-\u003edriver_override without locking, it could potentially access\na freed pointer if driver_override_store() frees the string\nconcurrently. This could lead to printing a kernel address, which is a\nsecurity risk since DEVICE_ATTR can be read by all users.\n\nAdditionally, a similar pattern is used in drivers/amba/bus.c, as well\nas many other bus drivers, where device_lock() is taken in the show\nfunction, and it has been working without issues.\n\nThis potential bug was detected by our experimental static analysis\ntool, which analyzes locking APIs and paired functions to identify\ndata races and atomicity violations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21915",
"url": "https://www.suse.com/security/cve/CVE-2025-21915"
},
{
"category": "external",
"summary": "SUSE Bug 1240594 for CVE-2025-21915",
"url": "https://bugzilla.suse.com/1240594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21915"
},
{
"cve": "CVE-2025-21916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21916"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: atm: cxacru: fix a flaw in existing endpoint checks\n\nSyzbot once again identified a flaw in usb endpoint checking, see [1].\nThis time the issue stems from a commit authored by me (2eabb655a968\n(\"usb: atm: cxacru: fix endpoint checking in cxacru_bind()\")).\n\nWhile using usb_find_common_endpoints() may usually be enough to\ndiscard devices with wrong endpoints, in this case one needs more\nthan just finding and identifying the sufficient number of endpoints\nof correct types - one needs to check the endpoint\u0027s address as well.\n\nSince cxacru_bind() fills URBs with CXACRU_EP_CMD address in mind,\nswitch the endpoint verification approach to usb_check_XXX_endpoints()\ninstead to fix incomplete ep testing.\n\n[1] Syzbot report:\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 0 PID: 1378 at drivers/usb/core/urb.c:504 usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503\n...\nRIP: 0010:usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n cxacru_cm+0x3c8/0xe50 drivers/usb/atm/cxacru.c:649\n cxacru_card_status drivers/usb/atm/cxacru.c:760 [inline]\n cxacru_bind+0xcf9/0x1150 drivers/usb/atm/cxacru.c:1223\n usbatm_usb_probe+0x314/0x1d30 drivers/usb/atm/usbatm.c:1058\n cxacru_usb_probe+0x184/0x220 drivers/usb/atm/cxacru.c:1377\n usb_probe_interface+0x641/0xbb0 drivers/usb/core/driver.c:396\n really_probe+0x2b9/0xad0 drivers/base/dd.c:658\n __driver_probe_device+0x1a2/0x390 drivers/base/dd.c:800\n driver_probe_device+0x50/0x430 drivers/base/dd.c:830\n...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21916",
"url": "https://www.suse.com/security/cve/CVE-2025-21916"
},
{
"category": "external",
"summary": "SUSE Bug 1240582 for CVE-2025-21916",
"url": "https://bugzilla.suse.com/1240582"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21916"
},
{
"cve": "CVE-2025-21917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: renesas_usbhs: Flush the notify_hotplug_work\n\nWhen performing continuous unbind/bind operations on the USB drivers\navailable on the Renesas RZ/G2L SoC, a kernel crash with the message\n\"Unable to handle kernel NULL pointer dereference at virtual address\"\nmay occur. This issue points to the usbhsc_notify_hotplug() function.\n\nFlush the delayed work to avoid its execution when driver resources are\nunavailable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21917",
"url": "https://www.suse.com/security/cve/CVE-2025-21917"
},
{
"category": "external",
"summary": "SUSE Bug 1240596 for CVE-2025-21917",
"url": "https://bugzilla.suse.com/1240596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21917"
},
{
"cve": "CVE-2025-21918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Fix NULL pointer access\n\nResources should be released only after all threads that utilize them\nhave been destroyed.\nThis commit ensures that resources are not released prematurely by waiting\nfor the associated workqueue to complete before deallocating them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21918",
"url": "https://www.suse.com/security/cve/CVE-2025-21918"
},
{
"category": "external",
"summary": "SUSE Bug 1240592 for CVE-2025-21918",
"url": "https://bugzilla.suse.com/1240592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21918"
},
{
"cve": "CVE-2025-21919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Fix potential memory corruption in child_cfs_rq_on_list\n\nchild_cfs_rq_on_list attempts to convert a \u0027prev\u0027 pointer to a cfs_rq.\nThis \u0027prev\u0027 pointer can originate from struct rq\u0027s leaf_cfs_rq_list,\nmaking the conversion invalid and potentially leading to memory\ncorruption. Depending on the relative positions of leaf_cfs_rq_list and\nthe task group (tg) pointer within the struct, this can cause a memory\nfault or access garbage data.\n\nThe issue arises in list_add_leaf_cfs_rq, where both\ncfs_rq-\u003eleaf_cfs_rq_list and rq-\u003eleaf_cfs_rq_list are added to the same\nleaf list. Also, rq-\u003etmp_alone_branch can be set to rq-\u003eleaf_cfs_rq_list.\n\nThis adds a check `if (prev == \u0026rq-\u003eleaf_cfs_rq_list)` after the main\nconditional in child_cfs_rq_on_list. This ensures that the container_of\noperation will convert a correct cfs_rq struct.\n\nThis check is sufficient because only cfs_rqs on the same CPU are added\nto the list, so verifying the \u0027prev\u0027 pointer against the current rq\u0027s list\nhead is enough.\n\nFixes a potential memory corruption issue that due to current struct\nlayout might not be manifesting as a crash but could lead to unpredictable\nbehavior when the layout changes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21919",
"url": "https://www.suse.com/security/cve/CVE-2025-21919"
},
{
"category": "external",
"summary": "SUSE Bug 1240593 for CVE-2025-21919",
"url": "https://bugzilla.suse.com/1240593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21919"
},
{
"cve": "CVE-2025-21922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppp: Fix KMSAN uninit-value warning with bpf\n\nSyzbot caught an \"KMSAN: uninit-value\" warning [1], which is caused by the\nppp driver not initializing a 2-byte header when using socket filter.\n\nThe following code can generate a PPP filter BPF program:\n\u0027\u0027\u0027\nstruct bpf_program fp;\npcap_t *handle;\nhandle = pcap_open_dead(DLT_PPP_PPPD, 65535);\npcap_compile(handle, \u0026fp, \"ip and outbound\", 0, 0);\nbpf_dump(\u0026fp, 1);\n\u0027\u0027\u0027\nIts output is:\n\u0027\u0027\u0027\n(000) ldh [2]\n(001) jeq #0x21 jt 2 jf 5\n(002) ldb [0]\n(003) jeq #0x1 jt 4 jf 5\n(004) ret #65535\n(005) ret #0\n\u0027\u0027\u0027\nWen can find similar code at the following link:\nhttps://github.com/ppp-project/ppp/blob/master/pppd/options.c#L1680\nThe maintainer of this code repository is also the original maintainer\nof the ppp driver.\n\nAs you can see the BPF program skips 2 bytes of data and then reads the\n\u0027Protocol\u0027 field to determine if it\u0027s an IP packet. Then it read the first\nbyte of the first 2 bytes to determine the direction.\n\nThe issue is that only the first byte indicating direction is initialized\nin current ppp driver code while the second byte is not initialized.\n\nFor normal BPF programs generated by libpcap, uninitialized data won\u0027t be\nused, so it\u0027s not a problem. However, for carefully crafted BPF programs,\nsuch as those generated by syzkaller [2], which start reading from offset\n0, the uninitialized data will be used and caught by KMSAN.\n\n[1] https://syzkaller.appspot.com/bug?extid=853242d9c9917165d791\n[2] https://syzkaller.appspot.com/text?tag=ReproC\u0026x=11994913980000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21922",
"url": "https://www.suse.com/security/cve/CVE-2025-21922"
},
{
"category": "external",
"summary": "SUSE Bug 1240639 for CVE-2025-21922",
"url": "https://bugzilla.suse.com/1240639"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21922"
},
{
"cve": "CVE-2025-21923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-steam: Fix use-after-free when detaching device\n\nWhen a hid-steam device is removed it must clean up the client_hdev used for\nintercepting hidraw access. This can lead to scheduling deferred work to\nreattach the input device. Though the cleanup cancels the deferred work, this\nwas done before the client_hdev itself is cleaned up, so it gets rescheduled.\nThis patch fixes the ordering to make sure the deferred work is properly\ncanceled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21923",
"url": "https://www.suse.com/security/cve/CVE-2025-21923"
},
{
"category": "external",
"summary": "SUSE Bug 1240691 for CVE-2025-21923",
"url": "https://bugzilla.suse.com/1240691"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21923"
},
{
"cve": "CVE-2025-21924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error\n\nDuring the initialization of ptp, hclge_ptp_get_cycle might return an error\nand returned directly without unregister clock and free it. To avoid that,\ncall hclge_ptp_destroy_clock to unregist and free clock if\nhclge_ptp_get_cycle failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21924",
"url": "https://www.suse.com/security/cve/CVE-2025-21924"
},
{
"category": "external",
"summary": "SUSE Bug 1240720 for CVE-2025-21924",
"url": "https://bugzilla.suse.com/1240720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21924"
},
{
"cve": "CVE-2025-21925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: do not use skb_get() before dev_queue_xmit()\n\nsyzbot is able to crash hosts [1], using llc and devices\nnot supporting IFF_TX_SKB_SHARING.\n\nIn this case, e1000 driver calls eth_skb_pad(), while\nthe skb is shared.\n\nSimply replace skb_get() by skb_clone() in net/llc/llc_s_ac.c\n\nNote that e1000 driver might have an issue with pktgen,\nbecause it does not clear IFF_TX_SKB_SHARING, this is an\northogonal change.\n\nWe need to audit other skb_get() uses in net/llc.\n\n[1]\n\nkernel BUG at net/core/skbuff.c:2178 !\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 16371 Comm: syz.2.2764 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:pskb_expand_head+0x6ce/0x1240 net/core/skbuff.c:2178\nCall Trace:\n \u003cTASK\u003e\n __skb_pad+0x18a/0x610 net/core/skbuff.c:2466\n __skb_put_padto include/linux/skbuff.h:3843 [inline]\n skb_put_padto include/linux/skbuff.h:3862 [inline]\n eth_skb_pad include/linux/etherdevice.h:656 [inline]\n e1000_xmit_frame+0x2d99/0x5800 drivers/net/ethernet/intel/e1000/e1000_main.c:3128\n __netdev_start_xmit include/linux/netdevice.h:5151 [inline]\n netdev_start_xmit include/linux/netdevice.h:5160 [inline]\n xmit_one net/core/dev.c:3806 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3822\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:4045 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4621\n dev_queue_xmit include/linux/netdevice.h:3313 [inline]\n llc_sap_action_send_test_c+0x268/0x320 net/llc/llc_s_ac.c:144\n llc_exec_sap_trans_actions net/llc/llc_sap.c:153 [inline]\n llc_sap_next_state net/llc/llc_sap.c:182 [inline]\n llc_sap_state_process+0x239/0x510 net/llc/llc_sap.c:209\n llc_ui_sendmsg+0xd0d/0x14e0 net/llc/af_llc.c:993\n sock_sendmsg_nosec net/socket.c:718 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21925",
"url": "https://www.suse.com/security/cve/CVE-2025-21925"
},
{
"category": "external",
"summary": "SUSE Bug 1240713 for CVE-2025-21925",
"url": "https://bugzilla.suse.com/1240713"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21925"
},
{
"cve": "CVE-2025-21926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21926"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gso: fix ownership in __udp_gso_segment\n\nIn __udp_gso_segment the skb destructor is removed before segmenting the\nskb but the socket reference is kept as-is. This is an issue if the\noriginal skb is later orphaned as we can hit the following bug:\n\n kernel BUG at ./include/linux/skbuff.h:3312! (skb_orphan)\n RIP: 0010:ip_rcv_core+0x8b2/0xca0\n Call Trace:\n ip_rcv+0xab/0x6e0\n __netif_receive_skb_one_core+0x168/0x1b0\n process_backlog+0x384/0x1100\n __napi_poll.constprop.0+0xa1/0x370\n net_rx_action+0x925/0xe50\n\nThe above can happen following a sequence of events when using\nOpenVSwitch, when an OVS_ACTION_ATTR_USERSPACE action precedes an\nOVS_ACTION_ATTR_OUTPUT action:\n\n1. OVS_ACTION_ATTR_USERSPACE is handled (in do_execute_actions): the skb\n goes through queue_gso_packets and then __udp_gso_segment, where its\n destructor is removed.\n2. The segments\u0027 data are copied and sent to userspace.\n3. OVS_ACTION_ATTR_OUTPUT is handled (in do_execute_actions) and the\n same original skb is sent to its path.\n4. If it later hits skb_orphan, we hit the bug.\n\nFix this by also removing the reference to the socket in\n__udp_gso_segment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21926",
"url": "https://www.suse.com/security/cve/CVE-2025-21926"
},
{
"category": "external",
"summary": "SUSE Bug 1240712 for CVE-2025-21926",
"url": "https://bugzilla.suse.com/1240712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21926"
},
{
"cve": "CVE-2025-21927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()\n\nnvme_tcp_recv_pdu() doesn\u0027t check the validity of the header length.\nWhen header digests are enabled, a target might send a packet with an\ninvalid header length (e.g. 255), causing nvme_tcp_verify_hdgst()\nto access memory outside the allocated area and cause memory corruptions\nby overwriting it with the calculated digest.\n\nFix this by rejecting packets with an unexpected header length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21927",
"url": "https://www.suse.com/security/cve/CVE-2025-21927"
},
{
"category": "external",
"summary": "SUSE Bug 1240714 for CVE-2025-21927",
"url": "https://bugzilla.suse.com/1240714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21927"
},
{
"cve": "CVE-2025-21928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()\n\nThe system can experience a random crash a few minutes after the driver is\nremoved. This issue occurs due to improper handling of memory freeing in\nthe ishtp_hid_remove() function.\n\nThe function currently frees the `driver_data` directly within the loop\nthat destroys the HID devices, which can lead to accessing freed memory.\nSpecifically, `hid_destroy_device()` uses `driver_data` when it calls\n`hid_ishtp_set_feature()` to power off the sensor, so freeing\n`driver_data` beforehand can result in accessing invalid memory.\n\nThis patch resolves the issue by storing the `driver_data` in a temporary\nvariable before calling `hid_destroy_device()`, and then freeing the\n`driver_data` after the device is destroyed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21928",
"url": "https://www.suse.com/security/cve/CVE-2025-21928"
},
{
"category": "external",
"summary": "SUSE Bug 1240722 for CVE-2025-21928",
"url": "https://bugzilla.suse.com/1240722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21928"
},
{
"cve": "CVE-2025-21929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove()\n\nDuring the `rmmod` operation for the `intel_ishtp_hid` driver, a\nuse-after-free issue can occur in the hid_ishtp_cl_remove() function.\nThe function hid_ishtp_cl_deinit() is called before ishtp_hid_remove(),\nwhich can lead to accessing freed memory or resources during the\nremoval process.\n\nCall Trace:\n ? ishtp_cl_send+0x168/0x220 [intel_ishtp]\n ? hid_output_report+0xe3/0x150 [hid]\n hid_ishtp_set_feature+0xb5/0x120 [intel_ishtp_hid]\n ishtp_hid_request+0x7b/0xb0 [intel_ishtp_hid]\n hid_hw_request+0x1f/0x40 [hid]\n sensor_hub_set_feature+0x11f/0x190 [hid_sensor_hub]\n _hid_sensor_power_state+0x147/0x1e0 [hid_sensor_trigger]\n hid_sensor_runtime_resume+0x22/0x30 [hid_sensor_trigger]\n sensor_hub_remove+0xa8/0xe0 [hid_sensor_hub]\n hid_device_remove+0x49/0xb0 [hid]\n hid_destroy_device+0x6f/0x90 [hid]\n ishtp_hid_remove+0x42/0x70 [intel_ishtp_hid]\n hid_ishtp_cl_remove+0x6b/0xb0 [intel_ishtp_hid]\n ishtp_cl_device_remove+0x4a/0x60 [intel_ishtp]\n ...\n\nAdditionally, ishtp_hid_remove() is a HID level power off, which should\noccur before the ISHTP level disconnect.\n\nThis patch resolves the issue by reordering the calls in\nhid_ishtp_cl_remove(). The function ishtp_hid_remove() is now\ncalled before hid_ishtp_cl_deinit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21929",
"url": "https://www.suse.com/security/cve/CVE-2025-21929"
},
{
"category": "external",
"summary": "SUSE Bug 1240711 for CVE-2025-21929",
"url": "https://bugzilla.suse.com/1240711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21929"
},
{
"cve": "CVE-2025-21930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don\u0027t try to talk to a dead firmware\n\nThis fixes:\n\n bad state = 0\n WARNING: CPU: 10 PID: 702 at drivers/net/wireless/inel/iwlwifi/iwl-trans.c:178 iwl_trans_send_cmd+0xba/0xe0 [iwlwifi]\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0xca/0x1c0\n ? iwl_trans_send_cmd+0xba/0xe0 [iwlwifi 64fa9ad799a0e0d2ba53d4af93a53ad9a531f8d4]\n iwl_fw_dbg_clear_monitor_buf+0xd7/0x110 [iwlwifi 64fa9ad799a0e0d2ba53d4af93a53ad9a531f8d4]\n _iwl_dbgfs_fw_dbg_clear_write+0xe2/0x120 [iwlmvm 0e8adb18cea92d2c341766bcc10b18699290068a]\n\nAsk whether the firmware is alive before sending a command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21930",
"url": "https://www.suse.com/security/cve/CVE-2025-21930"
},
{
"category": "external",
"summary": "SUSE Bug 1240715 for CVE-2025-21930",
"url": "https://bugzilla.suse.com/1240715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21930"
},
{
"cve": "CVE-2025-21931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio\n\nCommit b15c87263a69 (\"hwpoison, memory_hotplug: allow hwpoisoned pages to\nbe offlined) add page poison checks in do_migrate_range in order to make\noffline hwpoisoned page possible by introducing isolate_lru_page and\ntry_to_unmap for hwpoisoned page. However folio lock must be held before\ncalling try_to_unmap. Add it to fix this problem.\n\nWarning will be produced if folio is not locked during unmap:\n\n ------------[ cut here ]------------\n kernel BUG at ./include/linux/swapops.h:400!\n Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n Modules linked in:\n CPU: 4 UID: 0 PID: 411 Comm: bash Tainted: G W 6.13.0-rc1-00016-g3c434c7ee82a-dirty #41\n Tainted: [W]=WARN\n Hardware name: QEMU QEMU Virtual Machine, BIOS 0.0.0 02/06/2015\n pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : try_to_unmap_one+0xb08/0xd3c\n lr : try_to_unmap_one+0x3dc/0xd3c\n Call trace:\n try_to_unmap_one+0xb08/0xd3c (P)\n try_to_unmap_one+0x3dc/0xd3c (L)\n rmap_walk_anon+0xdc/0x1f8\n rmap_walk+0x3c/0x58\n try_to_unmap+0x88/0x90\n unmap_poisoned_folio+0x30/0xa8\n do_migrate_range+0x4a0/0x568\n offline_pages+0x5a4/0x670\n memory_block_action+0x17c/0x374\n memory_subsys_offline+0x3c/0x78\n device_offline+0xa4/0xd0\n state_store+0x8c/0xf0\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x44/0x54\n kernfs_fop_write_iter+0x118/0x1a8\n vfs_write+0x3a8/0x4bc\n ksys_write+0x6c/0xf8\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x44/0x100\n el0_svc_common.constprop.0+0x40/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xd0\n el0t_64_sync_handler+0xc8/0xcc\n el0t_64_sync+0x198/0x19c\n Code: f9407be0 b5fff320 d4210000 17ffff97 (d4210000)\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21931",
"url": "https://www.suse.com/security/cve/CVE-2025-21931"
},
{
"category": "external",
"summary": "SUSE Bug 1240709 for CVE-2025-21931",
"url": "https://bugzilla.suse.com/1240709"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21931"
},
{
"cve": "CVE-2025-21934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrapidio: fix an API misues when rio_add_net() fails\n\nrio_add_net() calls device_register() and fails when device_register()\nfails. Thus, put_device() should be used rather than kfree(). Add\n\"mport-\u003enet = NULL;\" to avoid a use after free issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21934",
"url": "https://www.suse.com/security/cve/CVE-2025-21934"
},
{
"category": "external",
"summary": "SUSE Bug 1240708 for CVE-2025-21934",
"url": "https://bugzilla.suse.com/1240708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21934"
},
{
"cve": "CVE-2025-21935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrapidio: add check for rio_add_net() in rio_scan_alloc_net()\n\nThe return value of rio_add_net() should be checked. If it fails,\nput_device() should be called to free the memory and give up the reference\ninitialized in rio_add_net().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21935",
"url": "https://www.suse.com/security/cve/CVE-2025-21935"
},
{
"category": "external",
"summary": "SUSE Bug 1240700 for CVE-2025-21935",
"url": "https://bugzilla.suse.com/1240700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21935"
},
{
"cve": "CVE-2025-21936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()\n\nAdd check for the return value of mgmt_alloc_skb() in\nmgmt_device_connected() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21936",
"url": "https://www.suse.com/security/cve/CVE-2025-21936"
},
{
"category": "external",
"summary": "SUSE Bug 1240716 for CVE-2025-21936",
"url": "https://bugzilla.suse.com/1240716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21936"
},
{
"cve": "CVE-2025-21937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()\n\nAdd check for the return value of mgmt_alloc_skb() in\nmgmt_remote_name() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21937",
"url": "https://www.suse.com/security/cve/CVE-2025-21937"
},
{
"category": "external",
"summary": "SUSE Bug 1240643 for CVE-2025-21937",
"url": "https://bugzilla.suse.com/1240643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21937"
},
{
"cve": "CVE-2025-21941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21941"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null check for pipe_ctx-\u003eplane_state in resource_build_scaling_params\n\nNull pointer dereference issue could occur when pipe_ctx-\u003eplane_state\nis null. The fix adds a check to ensure \u0027pipe_ctx-\u003eplane_state\u0027 is not\nnull before accessing. This prevents a null pointer dereference.\n\nFound by code review.\n\n(cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21941",
"url": "https://www.suse.com/security/cve/CVE-2025-21941"
},
{
"category": "external",
"summary": "SUSE Bug 1240701 for CVE-2025-21941",
"url": "https://bugzilla.suse.com/1240701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21941"
},
{
"cve": "CVE-2025-21943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: aggregator: protect driver attr handlers against module unload\n\nBoth new_device_store and delete_device_store touch module global\nresources (e.g. gpio_aggregator_lock). To prevent race conditions with\nmodule unload, a reference needs to be held.\n\nAdd try_module_get() in these handlers.\n\nFor new_device_store, this eliminates what appears to be the most dangerous\nscenario: if an id is allocated from gpio_aggregator_idr but\nplatform_device_register has not yet been called or completed, a concurrent\nmodule unload could fail to unregister/delete the device, leaving behind a\ndangling platform device/GPIO forwarder. This can result in various issues.\nThe following simple reproducer demonstrates these problems:\n\n #!/bin/bash\n while :; do\n # note: whether \u0027gpiochip0 0\u0027 exists or not does not matter.\n echo \u0027gpiochip0 0\u0027 \u003e /sys/bus/platform/drivers/gpio-aggregator/new_device\n done \u0026\n while :; do\n modprobe gpio-aggregator\n modprobe -r gpio-aggregator\n done \u0026\n wait\n\n Starting with the following warning, several kinds of warnings will appear\n and the system may become unstable:\n\n ------------[ cut here ]------------\n list_del corruption, ffff888103e2e980-\u003enext is LIST_POISON1 (dead000000000100)\n WARNING: CPU: 1 PID: 1327 at lib/list_debug.c:56 __list_del_entry_valid_or_report+0xa3/0x120\n [...]\n RIP: 0010:__list_del_entry_valid_or_report+0xa3/0x120\n [...]\n Call Trace:\n \u003cTASK\u003e\n ? __list_del_entry_valid_or_report+0xa3/0x120\n ? __warn.cold+0x93/0xf2\n ? __list_del_entry_valid_or_report+0xa3/0x120\n ? report_bug+0xe6/0x170\n ? __irq_work_queue_local+0x39/0xe0\n ? handle_bug+0x58/0x90\n ? exc_invalid_op+0x13/0x60\n ? asm_exc_invalid_op+0x16/0x20\n ? __list_del_entry_valid_or_report+0xa3/0x120\n gpiod_remove_lookup_table+0x22/0x60\n new_device_store+0x315/0x350 [gpio_aggregator]\n kernfs_fop_write_iter+0x137/0x1f0\n vfs_write+0x262/0x430\n ksys_write+0x60/0xd0\n do_syscall_64+0x6c/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21943",
"url": "https://www.suse.com/security/cve/CVE-2025-21943"
},
{
"category": "external",
"summary": "SUSE Bug 1240647 for CVE-2025-21943",
"url": "https://bugzilla.suse.com/1240647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21943"
},
{
"cve": "CVE-2025-21948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: appleir: Fix potential NULL dereference at raw event handle\n\nSyzkaller reports a NULL pointer dereference issue in input_event().\n\nBUG: KASAN: null-ptr-deref in instrument_atomic_read include/linux/instrumented.h:68 [inline]\nBUG: KASAN: null-ptr-deref in _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\nBUG: KASAN: null-ptr-deref in is_event_supported drivers/input/input.c:67 [inline]\nBUG: KASAN: null-ptr-deref in input_event+0x42/0xa0 drivers/input/input.c:395\nRead of size 8 at addr 0000000000000028 by task syz-executor199/2949\n\nCPU: 0 UID: 0 PID: 2949 Comm: syz-executor199 Not tainted 6.13.0-rc4-syzkaller-00076-gf097a36ef88d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n instrument_atomic_read include/linux/instrumented.h:68 [inline]\n _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n is_event_supported drivers/input/input.c:67 [inline]\n input_event+0x42/0xa0 drivers/input/input.c:395\n input_report_key include/linux/input.h:439 [inline]\n key_down drivers/hid/hid-appleir.c:159 [inline]\n appleir_raw_event+0x3e5/0x5e0 drivers/hid/hid-appleir.c:232\n __hid_input_report.constprop.0+0x312/0x440 drivers/hid/hid-core.c:2111\n hid_ctrl+0x49f/0x550 drivers/hid/usbhid/hid-core.c:484\n __usb_hcd_giveback_urb+0x389/0x6e0 drivers/usb/core/hcd.c:1650\n usb_hcd_giveback_urb+0x396/0x450 drivers/usb/core/hcd.c:1734\n dummy_timer+0x17f7/0x3960 drivers/usb/gadget/udc/dummy_hcd.c:1993\n __run_hrtimer kernel/time/hrtimer.c:1739 [inline]\n __hrtimer_run_queues+0x20a/0xae0 kernel/time/hrtimer.c:1803\n hrtimer_run_softirq+0x17d/0x350 kernel/time/hrtimer.c:1820\n handle_softirqs+0x206/0x8d0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xfa/0x160 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0x90/0xb0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702\n __mod_timer+0x8f6/0xdc0 kernel/time/timer.c:1185\n add_timer+0x62/0x90 kernel/time/timer.c:1295\n schedule_timeout+0x11f/0x280 kernel/time/sleep_timeout.c:98\n usbhid_wait_io+0x1c7/0x380 drivers/hid/usbhid/hid-core.c:645\n usbhid_init_reports+0x19f/0x390 drivers/hid/usbhid/hid-core.c:784\n hiddev_ioctl+0x1133/0x15b0 drivers/hid/usbhid/hiddev.c:794\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl fs/ioctl.c:892 [inline]\n __x64_sys_ioctl+0x190/0x200 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThis happens due to the malformed report items sent by the emulated device\nwhich results in a report, that has no fields, being added to the report list.\nDue to this appleir_input_configured() is never called, hidinput_connect()\nfails which results in the HID_CLAIMED_INPUT flag is not being set. However,\nit does not make appleir_probe() fail and lets the event callback to be\ncalled without the associated input device.\n\nThus, add a check for the HID_CLAIMED_INPUT flag and leave the event hook\nearly if the driver didn\u0027t claim any input_dev for some reason. Moreover,\nsome other hid drivers accessing input_dev in their event callbacks do have\nsimilar checks, too.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21948",
"url": "https://www.suse.com/security/cve/CVE-2025-21948"
},
{
"category": "external",
"summary": "SUSE Bug 1240703 for CVE-2025-21948",
"url": "https://bugzilla.suse.com/1240703"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21948"
},
{
"cve": "CVE-2025-21950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl\n\nIn the \"pmcmd_ioctl\" function, three memory objects allocated by\nkmalloc are initialized by \"hcall_get_cpu_state\", which are then\ncopied to user space. The initializer is indeed implemented in\n\"acrn_hypercall2\" (arch/x86/include/asm/acrn.h). There is a risk of\ninformation leakage due to uninitialized bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21950",
"url": "https://www.suse.com/security/cve/CVE-2025-21950"
},
{
"category": "external",
"summary": "SUSE Bug 1240719 for CVE-2025-21950",
"url": "https://bugzilla.suse.com/1240719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21950"
},
{
"cve": "CVE-2025-21951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock\n\nThere are multiple places from where the recovery work gets scheduled\nasynchronously. Also, there are multiple places where the caller waits\nsynchronously for the recovery to be completed. One such place is during\nthe PM shutdown() callback.\n\nIf the device is not alive during recovery_work, it will try to reset the\ndevice using pci_reset_function(). This function internally will take the\ndevice_lock() first before resetting the device. By this time, if the lock\nhas already been acquired, then recovery_work will get stalled while\nwaiting for the lock. And if the lock was already acquired by the caller\nwhich waits for the recovery_work to be completed, it will lead to\ndeadlock.\n\nThis is what happened on the X1E80100 CRD device when the device died\nbefore shutdown() callback. Driver core calls the driver\u0027s shutdown()\ncallback while holding the device_lock() leading to deadlock.\n\nAnd this deadlock scenario can occur on other paths as well, like during\nthe PM suspend() callback, where the driver core would hold the\ndevice_lock() before calling driver\u0027s suspend() callback. And if the\nrecovery_work was already started, it could lead to deadlock. This is also\nobserved on the X1E80100 CRD.\n\nSo to fix both issues, use pci_try_reset_function() in recovery_work. This\nfunction first checks for the availability of the device_lock() before\ntrying to reset the device. If the lock is available, it will acquire it\nand reset the device. Otherwise, it will return -EAGAIN. If that happens,\nrecovery_work will fail with the error message \"Recovery failed\" as not\nmuch could be done.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21951",
"url": "https://www.suse.com/security/cve/CVE-2025-21951"
},
{
"category": "external",
"summary": "SUSE Bug 1240718 for CVE-2025-21951",
"url": "https://bugzilla.suse.com/1240718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21951"
},
{
"cve": "CVE-2025-21953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: cleanup mana struct after debugfs_remove()\n\nWhen on a MANA VM hibernation is triggered, as part of hibernate_snapshot(),\nmana_gd_suspend() and mana_gd_resume() are called. If during this\nmana_gd_resume(), a failure occurs with HWC creation, mana_port_debugfs\npointer does not get reinitialized and ends up pointing to older,\ncleaned-up dentry.\nFurther in the hibernation path, as part of power_down(), mana_gd_shutdown()\nis triggered. This call, unaware of the failures in resume, tries to cleanup\nthe already cleaned up mana_port_debugfs value and hits the following bug:\n\n[ 191.359296] mana 7870:00:00.0: Shutdown was called\n[ 191.359918] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 191.360584] #PF: supervisor write access in kernel mode\n[ 191.361125] #PF: error_code(0x0002) - not-present page\n[ 191.361727] PGD 1080ea067 P4D 0\n[ 191.362172] Oops: Oops: 0002 [#1] SMP NOPTI\n[ 191.362606] CPU: 11 UID: 0 PID: 1674 Comm: bash Not tainted 6.14.0-rc5+ #2\n[ 191.363292] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/21/2024\n[ 191.364124] RIP: 0010:down_write+0x19/0x50\n[ 191.364537] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 53 48 89 fb e8 de cd ff ff 31 c0 ba 01 00 00 00 \u003cf0\u003e 48 0f b1 13 75 16 65 48 8b 05 88 24 4c 6a 48 89 43 08 48 8b 5d\n[ 191.365867] RSP: 0000:ff45fbe0c1c037b8 EFLAGS: 00010246\n[ 191.366350] RAX: 0000000000000000 RBX: 0000000000000098 RCX: ffffff8100000000\n[ 191.366951] RDX: 0000000000000001 RSI: 0000000000000064 RDI: 0000000000000098\n[ 191.367600] RBP: ff45fbe0c1c037c0 R08: 0000000000000000 R09: 0000000000000001\n[ 191.368225] R10: ff45fbe0d2b01000 R11: 0000000000000008 R12: 0000000000000000\n[ 191.368874] R13: 000000000000000b R14: ff43dc27509d67c0 R15: 0000000000000020\n[ 191.369549] FS: 00007dbc5001e740(0000) GS:ff43dc663f380000(0000) knlGS:0000000000000000\n[ 191.370213] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 191.370830] CR2: 0000000000000098 CR3: 0000000168e8e002 CR4: 0000000000b73ef0\n[ 191.371557] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 191.372192] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\n[ 191.372906] Call Trace:\n[ 191.373262] \u003cTASK\u003e\n[ 191.373621] ? show_regs+0x64/0x70\n[ 191.374040] ? __die+0x24/0x70\n[ 191.374468] ? page_fault_oops+0x290/0x5b0\n[ 191.374875] ? do_user_addr_fault+0x448/0x800\n[ 191.375357] ? exc_page_fault+0x7a/0x160\n[ 191.375971] ? asm_exc_page_fault+0x27/0x30\n[ 191.376416] ? down_write+0x19/0x50\n[ 191.376832] ? down_write+0x12/0x50\n[ 191.377232] simple_recursive_removal+0x4a/0x2a0\n[ 191.377679] ? __pfx_remove_one+0x10/0x10\n[ 191.378088] debugfs_remove+0x44/0x70\n[ 191.378530] mana_detach+0x17c/0x4f0\n[ 191.378950] ? __flush_work+0x1e2/0x3b0\n[ 191.379362] ? __cond_resched+0x1a/0x50\n[ 191.379787] mana_remove+0xf2/0x1a0\n[ 191.380193] mana_gd_shutdown+0x3b/0x70\n[ 191.380642] pci_device_shutdown+0x3a/0x80\n[ 191.381063] device_shutdown+0x13e/0x230\n[ 191.381480] kernel_power_off+0x35/0x80\n[ 191.381890] hibernate+0x3c6/0x470\n[ 191.382312] state_store+0xcb/0xd0\n[ 191.382734] kobj_attr_store+0x12/0x30\n[ 191.383211] sysfs_kf_write+0x3e/0x50\n[ 191.383640] kernfs_fop_write_iter+0x140/0x1d0\n[ 191.384106] vfs_write+0x271/0x440\n[ 191.384521] ksys_write+0x72/0xf0\n[ 191.384924] __x64_sys_write+0x19/0x20\n[ 191.385313] x64_sys_call+0x2b0/0x20b0\n[ 191.385736] do_syscall_64+0x79/0x150\n[ 191.386146] ? __mod_memcg_lruvec_state+0xe7/0x240\n[ 191.386676] ? __lruvec_stat_mod_folio+0x79/0xb0\n[ 191.387124] ? __pfx_lru_add+0x10/0x10\n[ 191.387515] ? queued_spin_unlock+0x9/0x10\n[ 191.387937] ? do_anonymous_page+0x33c/0xa00\n[ 191.388374] ? __handle_mm_fault+0xcf3/0x1210\n[ 191.388805] ? __count_memcg_events+0xbe/0x180\n[ 191.389235] ? handle_mm_fault+0xae/0x300\n[ 19\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21953",
"url": "https://www.suse.com/security/cve/CVE-2025-21953"
},
{
"category": "external",
"summary": "SUSE Bug 1240727 for CVE-2025-21953",
"url": "https://bugzilla.suse.com/1240727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21953"
},
{
"cve": "CVE-2025-21956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Assign normalized_pix_clk when color depth = 14\n\n[WHY \u0026 HOW]\nA warning message \"WARNING: CPU: 4 PID: 459 at ... /dc_resource.c:3397\ncalculate_phy_pix_clks+0xef/0x100 [amdgpu]\" occurs because the\ndisplay_color_depth == COLOR_DEPTH_141414 is not handled. This is\nobserved in Radeon RX 6600 XT.\n\nIt is fixed by assigning pix_clk * (14 * 3) / 24 - same as the rests.\n\nAlso fixes the indentation in get_norm_pix_clk.\n\n(cherry picked from commit 274a87eb389f58eddcbc5659ab0b180b37e92775)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21956",
"url": "https://www.suse.com/security/cve/CVE-2025-21956"
},
{
"category": "external",
"summary": "SUSE Bug 1240739 for CVE-2025-21956",
"url": "https://bugzilla.suse.com/1240739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21956"
},
{
"cve": "CVE-2025-21957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla1280: Fix kernel oops when debug level \u003e 2\n\nA null dereference or oops exception will eventually occur when qla1280.c\ndriver is compiled with DEBUG_QLA1280 enabled and ql_debug_level \u003e 2. I\nthink its clear from the code that the intention here is sg_dma_len(s) not\nlength of sg_next(s) when printing the debug info.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21957",
"url": "https://www.suse.com/security/cve/CVE-2025-21957"
},
{
"category": "external",
"summary": "SUSE Bug 1240742 for CVE-2025-21957",
"url": "https://bugzilla.suse.com/1240742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21957"
},
{
"cve": "CVE-2025-21960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: do not update checksum in bnxt_xdp_build_skb()\n\nThe bnxt_rx_pkt() updates ip_summed value at the end if checksum offload\nis enabled.\nWhen the XDP-MB program is attached and it returns XDP_PASS, the\nbnxt_xdp_build_skb() is called to update skb_shared_info.\nThe main purpose of bnxt_xdp_build_skb() is to update skb_shared_info,\nbut it updates ip_summed value too if checksum offload is enabled.\nThis is actually duplicate work.\n\nWhen the bnxt_rx_pkt() updates ip_summed value, it checks if ip_summed\nis CHECKSUM_NONE or not.\nIt means that ip_summed should be CHECKSUM_NONE at this moment.\nBut ip_summed may already be updated to CHECKSUM_UNNECESSARY in the\nXDP-MB-PASS path.\nSo the by skb_checksum_none_assert() WARNS about it.\n\nThis is duplicate work and updating ip_summed in the\nbnxt_xdp_build_skb() is not needed.\n\nSplat looks like:\nWARNING: CPU: 3 PID: 5782 at ./include/linux/skbuff.h:5155 bnxt_rx_pkt+0x479b/0x7610 [bnxt_en]\nModules linked in: bnxt_re bnxt_en rdma_ucm rdma_cm iw_cm ib_cm ib_uverbs veth xt_nat xt_tcpudp xt_conntrack nft_chain_nat xt_MASQUERADE nf_]\nCPU: 3 UID: 0 PID: 5782 Comm: socat Tainted: G W 6.14.0-rc4+ #27\nTainted: [W]=WARN\nHardware name: ASUS System Product Name/PRIME Z690-P D4, BIOS 0603 11/01/2021\nRIP: 0010:bnxt_rx_pkt+0x479b/0x7610 [bnxt_en]\nCode: 54 24 0c 4c 89 f1 4c 89 ff c1 ea 1f ff d3 0f 1f 00 49 89 c6 48 85 c0 0f 84 4c e5 ff ff 48 89 c7 e8 ca 3d a0 c8 e9 8f f4 ff ff \u003c0f\u003e 0b f\nRSP: 0018:ffff88881ba09928 EFLAGS: 00010202\nRAX: 0000000000000000 RBX: 00000000c7590303 RCX: 0000000000000000\nRDX: 1ffff1104e7d1610 RSI: 0000000000000001 RDI: ffff8881c91300b8\nRBP: ffff88881ba09b28 R08: ffff888273e8b0d0 R09: ffff888273e8b070\nR10: ffff888273e8b010 R11: ffff888278b0f000 R12: ffff888273e8b080\nR13: ffff8881c9130e00 R14: ffff8881505d3800 R15: ffff888273e8b000\nFS: 00007f5a2e7be080(0000) GS:ffff88881ba00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fff2e708ff8 CR3: 000000013e3b0000 CR4: 00000000007506f0\nPKRU: 55555554\nCall Trace:\n \u003cIRQ\u003e\n ? __warn+0xcd/0x2f0\n ? bnxt_rx_pkt+0x479b/0x7610\n ? report_bug+0x326/0x3c0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x14/0x50\n ? asm_exc_invalid_op+0x16/0x20\n ? bnxt_rx_pkt+0x479b/0x7610\n ? bnxt_rx_pkt+0x3e41/0x7610\n ? __pfx_bnxt_rx_pkt+0x10/0x10\n ? napi_complete_done+0x2cf/0x7d0\n __bnxt_poll_work+0x4e8/0x1220\n ? __pfx___bnxt_poll_work+0x10/0x10\n ? __pfx_mark_lock.part.0+0x10/0x10\n bnxt_poll_p5+0x36a/0xfa0\n ? __pfx_bnxt_poll_p5+0x10/0x10\n __napi_poll.constprop.0+0xa0/0x440\n net_rx_action+0x899/0xd00\n...\n\nFollowing ping.py patch adds xdp-mb-pass case. so ping.py is going\nto be able to reproduce this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21960",
"url": "https://www.suse.com/security/cve/CVE-2025-21960"
},
{
"category": "external",
"summary": "SUSE Bug 1240815 for CVE-2025-21960",
"url": "https://bugzilla.suse.com/1240815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21960"
},
{
"cve": "CVE-2025-21961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix truesize for mb-xdp-pass case\n\nWhen mb-xdp is set and return is XDP_PASS, packet is converted from\nxdp_buff to sk_buff with xdp_update_skb_shared_info() in\nbnxt_xdp_build_skb().\nbnxt_xdp_build_skb() passes incorrect truesize argument to\nxdp_update_skb_shared_info().\nThe truesize is calculated as BNXT_RX_PAGE_SIZE * sinfo-\u003enr_frags but\nthe skb_shared_info was wiped by napi_build_skb() before.\nSo it stores sinfo-\u003enr_frags before bnxt_xdp_build_skb() and use it\ninstead of getting skb_shared_info from xdp_get_shared_info_from_buff().\n\nSplat looks like:\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 0 at net/core/skbuff.c:6072 skb_try_coalesce+0x504/0x590\n Modules linked in: xt_nat xt_tcpudp veth af_packet xt_conntrack nft_chain_nat xt_MASQUERADE nf_conntrack_netlink xfrm_user xt_addrtype nft_coms\n CPU: 2 UID: 0 PID: 0 Comm: swapper/2 Not tainted 6.14.0-rc2+ #3\n RIP: 0010:skb_try_coalesce+0x504/0x590\n Code: 4b fd ff ff 49 8b 34 24 40 80 e6 40 0f 84 3d fd ff ff 49 8b 74 24 48 40 f6 c6 01 0f 84 2e fd ff ff 48 8d 4e ff e9 25 fd ff ff \u003c0f\u003e 0b e99\n RSP: 0018:ffffb62c4120caa8 EFLAGS: 00010287\n RAX: 0000000000000003 RBX: ffffb62c4120cb14 RCX: 0000000000000ec0\n RDX: 0000000000001000 RSI: ffffa06e5d7dc000 RDI: 0000000000000003\n RBP: ffffa06e5d7ddec0 R08: ffffa06e6120a800 R09: ffffa06e7a119900\n R10: 0000000000002310 R11: ffffa06e5d7dcec0 R12: ffffe4360575f740\n R13: ffffe43600000000 R14: 0000000000000002 R15: 0000000000000002\n FS: 0000000000000000(0000) GS:ffffa0755f700000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f147b76b0f8 CR3: 00000001615d4000 CR4: 00000000007506f0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? __warn+0x84/0x130\n ? skb_try_coalesce+0x504/0x590\n ? report_bug+0x18a/0x1a0\n ? handle_bug+0x53/0x90\n ? exc_invalid_op+0x14/0x70\n ? asm_exc_invalid_op+0x16/0x20\n ? skb_try_coalesce+0x504/0x590\n inet_frag_reasm_finish+0x11f/0x2e0\n ip_defrag+0x37a/0x900\n ip_local_deliver+0x51/0x120\n ip_sublist_rcv_finish+0x64/0x70\n ip_sublist_rcv+0x179/0x210\n ip_list_rcv+0xf9/0x130\n\nHow to reproduce:\n\u003cNode A\u003e\nip link set $interface1 xdp obj xdp_pass.o\nip link set $interface1 mtu 9000 up\nip a a 10.0.0.1/24 dev $interface1\n\u003cNode B\u003e\nip link set $interfac2 mtu 9000 up\nip a a 10.0.0.2/24 dev $interface2\nping 10.0.0.1 -s 65000\n\nFollowing ping.py patch adds xdp-mb-pass case. so ping.py is going to be\nable to reproduce this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21961",
"url": "https://www.suse.com/security/cve/CVE-2025-21961"
},
{
"category": "external",
"summary": "SUSE Bug 1240816 for CVE-2025-21961",
"url": "https://bugzilla.suse.com/1240816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21961"
},
{
"cve": "CVE-2025-21962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21962"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing closetimeo mount option\n\nUser-provided mount parameter closetimeo of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21962",
"url": "https://www.suse.com/security/cve/CVE-2025-21962"
},
{
"category": "external",
"summary": "SUSE Bug 1240655 for CVE-2025-21962",
"url": "https://bugzilla.suse.com/1240655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21962"
},
{
"cve": "CVE-2025-21963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing acdirmax mount option\n\nUser-provided mount parameter acdirmax of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21963",
"url": "https://www.suse.com/security/cve/CVE-2025-21963"
},
{
"category": "external",
"summary": "SUSE Bug 1240717 for CVE-2025-21963",
"url": "https://bugzilla.suse.com/1240717"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21963"
},
{
"cve": "CVE-2025-21964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing acregmax mount option\n\nUser-provided mount parameter acregmax of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21964",
"url": "https://www.suse.com/security/cve/CVE-2025-21964"
},
{
"category": "external",
"summary": "SUSE Bug 1240740 for CVE-2025-21964",
"url": "https://bugzilla.suse.com/1240740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21964"
},
{
"cve": "CVE-2025-21966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21966"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-flakey: Fix memory corruption in optional corrupt_bio_byte feature\n\nFix memory corruption due to incorrect parameter being passed to bio_init",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21966",
"url": "https://www.suse.com/security/cve/CVE-2025-21966"
},
{
"category": "external",
"summary": "SUSE Bug 1240779 for CVE-2025-21966",
"url": "https://bugzilla.suse.com/1240779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21966"
},
{
"cve": "CVE-2025-21968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free on hdcp_work\n\n[Why]\nA slab-use-after-free is reported when HDCP is destroyed but the\nproperty_validate_dwork queue is still running.\n\n[How]\nCancel the delayed work when destroying workqueue.\n\n(cherry picked from commit 725a04ba5a95e89c89633d4322430cfbca7ce128)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21968",
"url": "https://www.suse.com/security/cve/CVE-2025-21968"
},
{
"category": "external",
"summary": "SUSE Bug 1240783 for CVE-2025-21968",
"url": "https://bugzilla.suse.com/1240783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21968"
},
{
"cve": "CVE-2025-21969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd\n\nAfter the hci sync command releases l2cap_conn, the hci receive data work\nqueue references the released l2cap_conn when sending to the upper layer.\nAdd hci dev lock to the hci receive data work queue to synchronize the two.\n\n[1]\nBUG: KASAN: slab-use-after-free in l2cap_send_cmd+0x187/0x8d0 net/bluetooth/l2cap_core.c:954\nRead of size 8 at addr ffff8880271a4000 by task kworker/u9:2/5837\n\nCPU: 0 UID: 0 PID: 5837 Comm: kworker/u9:2 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci1 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n l2cap_build_cmd net/bluetooth/l2cap_core.c:2964 [inline]\n l2cap_send_cmd+0x187/0x8d0 net/bluetooth/l2cap_core.c:954\n l2cap_sig_send_rej net/bluetooth/l2cap_core.c:5502 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5538 [inline]\n l2cap_recv_frame+0x221f/0x10db0 net/bluetooth/l2cap_core.c:6817\n hci_acldata_packet net/bluetooth/hci_core.c:3797 [inline]\n hci_rx_work+0x508/0xdb0 net/bluetooth/hci_core.c:4040\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nAllocated by task 5837:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n l2cap_conn_add+0xa9/0x8e0 net/bluetooth/l2cap_core.c:6860\n l2cap_connect_cfm+0x115/0x1090 net/bluetooth/l2cap_core.c:7239\n hci_connect_cfm include/net/bluetooth/hci_core.h:2057 [inline]\n hci_remote_features_evt+0x68e/0xac0 net/bluetooth/hci_event.c:3726\n hci_event_func net/bluetooth/hci_event.c:7473 [inline]\n hci_event_packet+0xac2/0x1540 net/bluetooth/hci_event.c:7525\n hci_rx_work+0x3f3/0xdb0 net/bluetooth/hci_core.c:4035\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nFreed by task 54:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n l2cap_connect_cfm+0xcc/0x1090 net/bluetooth/l2cap_core.c:7235\n hci_connect_cfm include/net/bluetooth/hci_core.h:2057 [inline]\n hci_conn_failed+0x287/0x400 net/bluetooth/hci_conn.c:1266\n hci_abort_conn_sync+0x56c/0x11f0 net/bluetooth/hci_sync.c:5603\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21969",
"url": "https://www.suse.com/security/cve/CVE-2025-21969"
},
{
"category": "external",
"summary": "SUSE Bug 1240784 for CVE-2025-21969",
"url": "https://bugzilla.suse.com/1240784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21969"
},
{
"cve": "CVE-2025-21970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Bridge, fix the crash caused by LAG state check\n\nWhen removing LAG device from bridge, NETDEV_CHANGEUPPER event is\ntriggered. Driver finds the lower devices (PFs) to flush all the\noffloaded entries. And mlx5_lag_is_shared_fdb is checked, it returns\nfalse if one of PF is unloaded. In such case,\nmlx5_esw_bridge_lag_rep_get() and its caller return NULL, instead of\nthe alive PF, and the flush is skipped.\n\nBesides, the bridge fdb entry\u0027s lastuse is updated in mlx5 bridge\nevent handler. But this SWITCHDEV_FDB_ADD_TO_BRIDGE event can be\nignored in this case because the upper interface for bond is deleted,\nand the entry will never be aged because lastuse is never updated.\n\nTo make things worse, as the entry is alive, mlx5 bridge workqueue\nkeeps sending that event, which is then handled by kernel bridge\nnotifier. It causes the following crash when accessing the passed bond\nnetdev which is already destroyed.\n\nTo fix this issue, remove such checks. LAG state is already checked in\ncommit 15f8f168952f (\"net/mlx5: Bridge, verify LAG state when adding\nbond to bridge\"), driver still need to skip offload if LAG becomes\ninvalid state after initialization.\n\n Oops: stack segment: 0000 [#1] SMP\n CPU: 3 UID: 0 PID: 23695 Comm: kworker/u40:3 Tainted: G OE 6.11.0_mlnx #1\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: mlx5_bridge_wq mlx5_esw_bridge_update_work [mlx5_core]\n RIP: 0010:br_switchdev_event+0x2c/0x110 [bridge]\n Code: 44 00 00 48 8b 02 48 f7 00 00 02 00 00 74 69 41 54 55 53 48 83 ec 08 48 8b a8 08 01 00 00 48 85 ed 74 4a 48 83 fe 02 48 89 d3 \u003c4c\u003e 8b 65 00 74 23 76 49 48 83 fe 05 74 7e 48 83 fe 06 75 2f 0f b7\n RSP: 0018:ffffc900092cfda0 EFLAGS: 00010297\n RAX: ffff888123bfe000 RBX: ffffc900092cfe08 RCX: 00000000ffffffff\n RDX: ffffc900092cfe08 RSI: 0000000000000001 RDI: ffffffffa0c585f0\n RBP: 6669746f6e690a30 R08: 0000000000000000 R09: ffff888123ae92c8\n R10: 0000000000000000 R11: fefefefefefefeff R12: ffff888123ae9c60\n R13: 0000000000000001 R14: ffffc900092cfe08 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff88852c980000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f15914c8734 CR3: 0000000002830005 CR4: 0000000000770ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die_body+0x1a/0x60\n ? die+0x38/0x60\n ? do_trap+0x10b/0x120\n ? do_error_trap+0x64/0xa0\n ? exc_stack_segment+0x33/0x50\n ? asm_exc_stack_segment+0x22/0x30\n ? br_switchdev_event+0x2c/0x110 [bridge]\n ? sched_balance_newidle.isra.149+0x248/0x390\n notifier_call_chain+0x4b/0xa0\n atomic_notifier_call_chain+0x16/0x20\n mlx5_esw_bridge_update+0xec/0x170 [mlx5_core]\n mlx5_esw_bridge_update_work+0x19/0x40 [mlx5_core]\n process_scheduled_works+0x81/0x390\n worker_thread+0x106/0x250\n ? bh_worker+0x110/0x110\n kthread+0xb7/0xe0\n ? kthread_park+0x80/0x80\n ret_from_fork+0x2d/0x50\n ? kthread_park+0x80/0x80\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21970",
"url": "https://www.suse.com/security/cve/CVE-2025-21970"
},
{
"category": "external",
"summary": "SUSE Bug 1240819 for CVE-2025-21970",
"url": "https://bugzilla.suse.com/1240819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21970"
},
{
"cve": "CVE-2025-21971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: Prevent creation of classes with TC_H_ROOT\n\nThe function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination\ncondition when traversing up the qdisc tree to update parent backlog\ncounters. However, if a class is created with classid TC_H_ROOT, the\ntraversal terminates prematurely at this class instead of reaching the\nactual root qdisc, causing parent statistics to be incorrectly maintained.\nIn case of DRR, this could lead to a crash as reported by Mingi Cho.\n\nPrevent the creation of any Qdisc class with classid TC_H_ROOT\n(0xFFFFFFFF) across all qdisc types, as suggested by Jamal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21971",
"url": "https://www.suse.com/security/cve/CVE-2025-21971"
},
{
"category": "external",
"summary": "SUSE Bug 1240799 for CVE-2025-21971",
"url": "https://bugzilla.suse.com/1240799"
},
{
"category": "external",
"summary": "SUSE Bug 1245794 for CVE-2025-21971",
"url": "https://bugzilla.suse.com/1245794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-21971"
},
{
"cve": "CVE-2025-21972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: unshare packets when reassembling\n\nEnsure that the frag_list used for reassembly isn\u0027t shared with other\npackets. This avoids incorrect reassembly when packets are cloned, and\nprevents a memory leak due to circular references between fragments and\ntheir skb_shared_info.\n\nThe upcoming MCTP-over-USB driver uses skb_clone which can trigger the\nproblem - other MCTP drivers don\u0027t share SKBs.\n\nA kunit test is added to reproduce the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21972",
"url": "https://www.suse.com/security/cve/CVE-2025-21972"
},
{
"category": "external",
"summary": "SUSE Bug 1240813 for CVE-2025-21972",
"url": "https://bugzilla.suse.com/1240813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21972"
},
{
"cve": "CVE-2025-21973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx}\n\nWhen qstats-get operation is executed, callbacks of netdev_stats_ops\nare called. The bnxt_get_queue_stats{rx | tx} collect per-queue stats\nfrom sw_stats in the rings.\nBut {rx | tx | cp}_ring are allocated when the interface is up.\nSo, these rings are not allocated when the interface is down.\n\nThe qstats-get is allowed even if the interface is down. However,\nthe bnxt_get_queue_stats{rx | tx}() accesses cp_ring and tx_ring\nwithout null check.\nSo, it needs to avoid accessing rings if the interface is down.\n\nReproducer:\n ip link set $interface down\n ./cli.py --spec netdev.yaml --dump qstats-get\nOR\n ip link set $interface down\n python ./stats.py\n\nSplat looks like:\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 1680fa067 P4D 1680fa067 PUD 16be3b067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 0 UID: 0 PID: 1495 Comm: python3 Not tainted 6.14.0-rc4+ #32 5cd0f999d5a15c574ac72b3e4b907341\n Hardware name: ASUS System Product Name/PRIME Z690-P D4, BIOS 0603 11/01/2021\n RIP: 0010:bnxt_get_queue_stats_rx+0xf/0x70 [bnxt_en]\n Code: c6 87 b5 18 00 00 02 eb a2 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 01\n RSP: 0018:ffffabef43cdb7e0 EFLAGS: 00010282\n RAX: 0000000000000000 RBX: ffffffffc04c8710 RCX: 0000000000000000\n RDX: ffffabef43cdb858 RSI: 0000000000000000 RDI: ffff8d504e850000\n RBP: ffff8d506c9f9c00 R08: 0000000000000004 R09: ffff8d506bcd901c\n R10: 0000000000000015 R11: ffff8d506bcd9000 R12: 0000000000000000\n R13: ffffabef43cdb8c0 R14: ffff8d504e850000 R15: 0000000000000000\n FS: 00007f2c5462b080(0000) GS:ffff8d575f600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000000167fd0000 CR4: 00000000007506f0\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x70\n ? page_fault_oops+0x15a/0x460\n ? sched_balance_find_src_group+0x58d/0xd10\n ? exc_page_fault+0x6e/0x180\n ? asm_exc_page_fault+0x22/0x30\n ? bnxt_get_queue_stats_rx+0xf/0x70 [bnxt_en cdd546fd48563c280cfd30e9647efa420db07bf1]\n netdev_nl_stats_by_netdev+0x2b1/0x4e0\n ? xas_load+0x9/0xb0\n ? xas_find+0x183/0x1d0\n ? xa_find+0x8b/0xe0\n netdev_nl_qstats_get_dumpit+0xbf/0x1e0\n genl_dumpit+0x31/0x90\n netlink_dump+0x1a8/0x360",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21973",
"url": "https://www.suse.com/security/cve/CVE-2025-21973"
},
{
"category": "external",
"summary": "SUSE Bug 1240803 for CVE-2025-21973",
"url": "https://bugzilla.suse.com/1240803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21973"
},
{
"cve": "CVE-2025-21974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: return fail if interface is down in bnxt_queue_mem_alloc()\n\nThe bnxt_queue_mem_alloc() is called to allocate new queue memory when\na queue is restarted.\nIt internally accesses rx buffer descriptor corresponding to the index.\nThe rx buffer descriptor is allocated and set when the interface is up\nand it\u0027s freed when the interface is down.\nSo, if queue is restarted if interface is down, kernel panic occurs.\n\nSplat looks like:\n BUG: unable to handle page fault for address: 000000000000b240\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 3 UID: 0 PID: 1563 Comm: ncdevmem2 Not tainted 6.14.0-rc2+ #9 844ddba6e7c459cafd0bf4db9a3198e\n Hardware name: ASUS System Product Name/PRIME Z690-P D4, BIOS 0603 11/01/2021\n RIP: 0010:bnxt_queue_mem_alloc+0x3f/0x4e0 [bnxt_en]\n Code: 41 54 4d 89 c4 4d 69 c0 c0 05 00 00 55 48 89 f5 53 48 89 fb 4c 8d b5 40 05 00 00 48 83 ec 15\n RSP: 0018:ffff9dcc83fef9e8 EFLAGS: 00010202\n RAX: ffffffffc0457720 RBX: ffff934ed8d40000 RCX: 0000000000000000\n RDX: 000000000000001f RSI: ffff934ea508f800 RDI: ffff934ea508f808\n RBP: ffff934ea508f800 R08: 000000000000b240 R09: ffff934e84f4b000\n R10: ffff9dcc83fefa30 R11: ffff934e84f4b000 R12: 000000000000001f\n R13: ffff934ed8d40ac0 R14: ffff934ea508fd40 R15: ffff934e84f4b000\n FS: 00007fa73888c740(0000) GS:ffff93559f780000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000000000b240 CR3: 0000000145a2e000 CR4: 00000000007506f0\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x70\n ? page_fault_oops+0x15a/0x460\n ? exc_page_fault+0x6e/0x180\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_bnxt_queue_mem_alloc+0x10/0x10 [bnxt_en 7f85e76f4d724ba07471d7e39d9e773aea6597b7]\n ? bnxt_queue_mem_alloc+0x3f/0x4e0 [bnxt_en 7f85e76f4d724ba07471d7e39d9e773aea6597b7]\n netdev_rx_queue_restart+0xc5/0x240\n net_devmem_bind_dmabuf_to_queue+0xf8/0x200\n netdev_nl_bind_rx_doit+0x3a7/0x450\n genl_family_rcv_msg_doit+0xd9/0x130\n genl_rcv_msg+0x184/0x2b0\n ? __pfx_netdev_nl_bind_rx_doit+0x10/0x10\n ? __pfx_genl_rcv_msg+0x10/0x10\n netlink_rcv_skb+0x54/0x100\n genl_rcv+0x24/0x40\n...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21974",
"url": "https://www.suse.com/security/cve/CVE-2025-21974"
},
{
"category": "external",
"summary": "SUSE Bug 1240800 for CVE-2025-21974",
"url": "https://bugzilla.suse.com/1240800"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21974"
},
{
"cve": "CVE-2025-21975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21975"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: handle errors in mlx5_chains_create_table()\n\nIn mlx5_chains_create_table(), the return value of mlx5_get_fdb_sub_ns()\nand mlx5_get_flow_namespace() must be checked to prevent NULL pointer\ndereferences. If either function fails, the function should log error\nmessage with mlx5_core_warn() and return error pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21975",
"url": "https://www.suse.com/security/cve/CVE-2025-21975"
},
{
"category": "external",
"summary": "SUSE Bug 1240812 for CVE-2025-21975",
"url": "https://bugzilla.suse.com/1240812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21975"
},
{
"cve": "CVE-2025-21978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/hyperv: Fix address space leak when Hyper-V DRM device is removed\n\nWhen a Hyper-V DRM device is probed, the driver allocates MMIO space for\nthe vram, and maps it cacheable. If the device removed, or in the error\npath for device probing, the MMIO space is released but no unmap is done.\nConsequently the kernel address space for the mapping is leaked.\n\nFix this by adding iounmap() calls in the device removal path, and in the\nerror path during device probing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21978",
"url": "https://www.suse.com/security/cve/CVE-2025-21978"
},
{
"category": "external",
"summary": "SUSE Bug 1240806 for CVE-2025-21978",
"url": "https://bugzilla.suse.com/1240806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21978"
},
{
"cve": "CVE-2025-21979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: cancel wiphy_work before freeing wiphy\n\nA wiphy_work can be queued from the moment the wiphy is allocated and\ninitialized (i.e. wiphy_new_nm). When a wiphy_work is queued, the\nrdev::wiphy_work is getting queued.\n\nIf wiphy_free is called before the rdev::wiphy_work had a chance to run,\nthe wiphy memory will be freed, and then when it eventally gets to run\nit\u0027ll use invalid memory.\n\nFix this by canceling the work before freeing the wiphy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21979",
"url": "https://www.suse.com/security/cve/CVE-2025-21979"
},
{
"category": "external",
"summary": "SUSE Bug 1240808 for CVE-2025-21979",
"url": "https://bugzilla.suse.com/1240808"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21979"
},
{
"cve": "CVE-2025-21980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: address a potential NULL pointer dereference in the GRED scheduler.\n\nIf kzalloc in gred_init returns a NULL pointer, the code follows the\nerror handling path, invoking gred_destroy. This, in turn, calls\ngred_offload, where memset could receive a NULL pointer as input,\npotentially leading to a kernel crash.\n\nWhen table-\u003eopt is NULL in gred_init(), gred_change_table_def()\nis not called yet, so it is not necessary to call -\u003endo_setup_tc()\nin gred_offload().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21980",
"url": "https://www.suse.com/security/cve/CVE-2025-21980"
},
{
"category": "external",
"summary": "SUSE Bug 1240809 for CVE-2025-21980",
"url": "https://bugzilla.suse.com/1240809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21980"
},
{
"cve": "CVE-2025-21981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix memory leak in aRFS after reset\n\nFix aRFS (accelerated Receive Flow Steering) structures memory leak by\nadding a checker to verify if aRFS memory is already allocated while\nconfiguring VSI. aRFS objects are allocated in two cases:\n- as part of VSI initialization (at probe), and\n- as part of reset handling\n\nHowever, VSI reconfiguration executed during reset involves memory\nallocation one more time, without prior releasing already allocated\nresources. This led to the memory leak with the following signature:\n\n[root@os-delivery ~]# cat /sys/kernel/debug/kmemleak\nunreferenced object 0xff3c1ca7252e6000 (size 8192):\n comm \"kworker/0:0\", pid 8, jiffies 4296833052\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 0):\n [\u003cffffffff991ec485\u003e] __kmalloc_cache_noprof+0x275/0x340\n [\u003cffffffffc0a6e06a\u003e] ice_init_arfs+0x3a/0xe0 [ice]\n [\u003cffffffffc09f1027\u003e] ice_vsi_cfg_def+0x607/0x850 [ice]\n [\u003cffffffffc09f244b\u003e] ice_vsi_setup+0x5b/0x130 [ice]\n [\u003cffffffffc09c2131\u003e] ice_init+0x1c1/0x460 [ice]\n [\u003cffffffffc09c64af\u003e] ice_probe+0x2af/0x520 [ice]\n [\u003cffffffff994fbcd3\u003e] local_pci_probe+0x43/0xa0\n [\u003cffffffff98f07103\u003e] work_for_cpu_fn+0x13/0x20\n [\u003cffffffff98f0b6d9\u003e] process_one_work+0x179/0x390\n [\u003cffffffff98f0c1e9\u003e] worker_thread+0x239/0x340\n [\u003cffffffff98f14abc\u003e] kthread+0xcc/0x100\n [\u003cffffffff98e45a6d\u003e] ret_from_fork+0x2d/0x50\n [\u003cffffffff98e083ba\u003e] ret_from_fork_asm+0x1a/0x30\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21981",
"url": "https://www.suse.com/security/cve/CVE-2025-21981"
},
{
"category": "external",
"summary": "SUSE Bug 1240612 for CVE-2025-21981",
"url": "https://bugzilla.suse.com/1240612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21981"
},
{
"cve": "CVE-2025-21985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix out-of-bound accesses\n\n[WHAT \u0026 HOW]\nhpo_stream_to_link_encoder_mapping has size MAX_HPO_DP2_ENCODERS(=4),\nbut location can have size up to 6. As a result, it is necessary to\ncheck location against MAX_HPO_DP2_ENCODERS.\n\nSimiliarly, disp_cfg_stream_location can be used as an array index which\nshould be 0..5, so the ASSERT\u0027s conditions should be less without equal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21985",
"url": "https://www.suse.com/security/cve/CVE-2025-21985"
},
{
"category": "external",
"summary": "SUSE Bug 1240811 for CVE-2025-21985",
"url": "https://bugzilla.suse.com/1240811"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21985"
},
{
"cve": "CVE-2025-21989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix missing .is_two_pixels_per_container\n\nStarting from 6.11, AMDGPU driver, while being loaded with amdgpu.dc=1,\ndue to lack of .is_two_pixels_per_container function in dce60_tg_funcs,\ncauses a NULL pointer dereference on PCs with old GPUs, such as R9 280X.\n\nSo this fix adds missing .is_two_pixels_per_container to dce60_tg_funcs.\n\n(cherry picked from commit bd4b125eb949785c6f8a53b0494e32795421209d)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21989",
"url": "https://www.suse.com/security/cve/CVE-2025-21989"
},
{
"category": "external",
"summary": "SUSE Bug 1240805 for CVE-2025-21989",
"url": "https://bugzilla.suse.com/1240805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21989"
},
{
"cve": "CVE-2025-21990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: NULL-check BO\u0027s backing store when determining GFX12 PTE flags\n\nPRT BOs may not have any backing store, so bo-\u003etbo.resource will be\nNULL. Check for that before dereferencing.\n\n(cherry picked from commit 3e3fcd29b505cebed659311337ea03b7698767fc)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21990",
"url": "https://www.suse.com/security/cve/CVE-2025-21990"
},
{
"category": "external",
"summary": "SUSE Bug 1240804 for CVE-2025-21990",
"url": "https://bugzilla.suse.com/1240804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21990"
},
{
"cve": "CVE-2025-21991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21991"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes\n\nCurrently, load_microcode_amd() iterates over all NUMA nodes, retrieves their\nCPU masks and unconditionally accesses per-CPU data for the first CPU of each\nmask.\n\nAccording to Documentation/admin-guide/mm/numaperf.rst:\n\n \"Some memory may share the same node as a CPU, and others are provided as\n memory only nodes.\"\n\nTherefore, some node CPU masks may be empty and wouldn\u0027t have a \"first CPU\".\n\nOn a machine with far memory (and therefore CPU-less NUMA nodes):\n- cpumask_of_node(nid) is 0\n- cpumask_first(0) is CONFIG_NR_CPUS\n- cpu_data(CONFIG_NR_CPUS) accesses the cpu_info per-CPU array at an\n index that is 1 out of bounds\n\nThis does not have any security implications since flashing microcode is\na privileged operation but I believe this has reliability implications by\npotentially corrupting memory while flashing a microcode update.\n\nWhen booting with CONFIG_UBSAN_BOUNDS=y on an AMD machine that flashes\na microcode update. I get the following splat:\n\n UBSAN: array-index-out-of-bounds in arch/x86/kernel/cpu/microcode/amd.c:X:Y\n index 512 is out of range for type \u0027unsigned long[512]\u0027\n [...]\n Call Trace:\n dump_stack\n __ubsan_handle_out_of_bounds\n load_microcode_amd\n request_microcode_amd\n reload_store\n kernfs_fop_write_iter\n vfs_write\n ksys_write\n do_syscall_64\n entry_SYSCALL_64_after_hwframe\n\nChange the loop to go over only NUMA nodes which have CPUs before determining\nwhether the first CPU on the respective node needs microcode update.\n\n [ bp: Massage commit message, fix typo. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21991",
"url": "https://www.suse.com/security/cve/CVE-2025-21991"
},
{
"category": "external",
"summary": "SUSE Bug 1240795 for CVE-2025-21991",
"url": "https://bugzilla.suse.com/1240795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21991"
},
{
"cve": "CVE-2025-21992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: ignore non-functional sensor in HP 5MP Camera\n\nThe HP 5MP Camera (USB ID 0408:5473) reports a HID sensor interface that\nis not actually implemented. Attempting to access this non-functional\nsensor via iio_info causes system hangs as runtime PM tries to wake up\nan unresponsive sensor.\n\n [453] hid-sensor-hub 0003:0408:5473.0003: Report latency attributes: ffffffff:ffffffff\n [453] hid-sensor-hub 0003:0408:5473.0003: common attributes: 5:1, 2:1, 3:1 ffffffff:ffffffff\n\nAdd this device to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21992",
"url": "https://www.suse.com/security/cve/CVE-2025-21992"
},
{
"category": "external",
"summary": "SUSE Bug 1240796 for CVE-2025-21992",
"url": "https://bugzilla.suse.com/1240796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21992"
},
{
"cve": "CVE-2025-21993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()\n\nWhen performing an iSCSI boot using IPv6, iscsistart still reads the\n/sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix\nlength is 64, this causes the shift exponent to become negative,\ntriggering a UBSAN warning. As the concept of a subnet mask does not\napply to IPv6, the value is set to ~0 to suppress the warning message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21993",
"url": "https://www.suse.com/security/cve/CVE-2025-21993"
},
{
"category": "external",
"summary": "SUSE Bug 1240797 for CVE-2025-21993",
"url": "https://bugzilla.suse.com/1240797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21993"
},
{
"cve": "CVE-2025-21995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Fix fence reference count leak\n\nThe last_scheduled fence leaks when an entity is being killed and adding\nthe cleanup callback fails.\n\nDecrement the reference count of prev when dma_fence_add_callback()\nfails, ensuring proper balance.\n\n[phasta: add git tag info for stable kernel]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21995",
"url": "https://www.suse.com/security/cve/CVE-2025-21995"
},
{
"category": "external",
"summary": "SUSE Bug 1240821 for CVE-2025-21995",
"url": "https://bugzilla.suse.com/1240821"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21995"
},
{
"cve": "CVE-2025-21996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix uninitialized size issue in radeon_vce_cs_parse()\n\nOn the off chance that command stream passed from userspace via\nioctl() call to radeon_vce_cs_parse() is weirdly crafted and\nfirst command to execute is to encode (case 0x03000001), the function\nin question will attempt to call radeon_vce_cs_reloc() with size\nargument that has not been properly initialized. Specifically, \u0027size\u0027\nwill point to \u0027tmp\u0027 variable before the latter had a chance to be\nassigned any value.\n\nPlay it safe and init \u0027tmp\u0027 with 0, thus ensuring that\nradeon_vce_cs_reloc() will catch an early error in cases like these.\n\nFound by Linux Verification Center (linuxtesting.org) with static\nanalysis tool SVACE.\n\n(cherry picked from commit 2d52de55f9ee7aaee0e09ac443f77855989c6b68)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21996",
"url": "https://www.suse.com/security/cve/CVE-2025-21996"
},
{
"category": "external",
"summary": "SUSE Bug 1240801 for CVE-2025-21996",
"url": "https://bugzilla.suse.com/1240801"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-21996"
},
{
"cve": "CVE-2025-21999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nproc: fix UAF in proc_get_inode()\n\nFix race between rmmod and /proc/XXX\u0027s inode instantiation.\n\nThe bug is that pde-\u003eproc_ops don\u0027t belong to /proc, it belongs to a\nmodule, therefore dereferencing it after /proc entry has been registered\nis a bug unless use_pde/unuse_pde() pair has been used.\n\nuse_pde/unuse_pde can be avoided (2 atomic ops!) because pde-\u003eproc_ops\nnever changes so information necessary for inode instantiation can be\nsaved _before_ proc_register() in PDE itself and used later, avoiding\npde-\u003eproc_ops-\u003e... dereference.\n\n rmmod lookup\nsys_delete_module\n proc_lookup_de\n\t\t\t pde_get(de);\n\t\t\t proc_get_inode(dir-\u003ei_sb, de);\n mod-\u003eexit()\n proc_remove\n remove_proc_subtree\n proc_entry_rundown(de);\n free_module(mod);\n\n if (S_ISREG(inode-\u003ei_mode))\n\t if (de-\u003eproc_ops-\u003eproc_read_iter)\n --\u003e As module is already freed, will trigger UAF\n\nBUG: unable to handle page fault for address: fffffbfff80a702b\nPGD 817fc4067 P4D 817fc4067 PUD 817fc0067 PMD 102ef4067 PTE 0\nOops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 26 UID: 0 PID: 2667 Comm: ls Tainted: G\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nRIP: 0010:proc_get_inode+0x302/0x6e0\nRSP: 0018:ffff88811c837998 EFLAGS: 00010a06\nRAX: dffffc0000000000 RBX: ffffffffc0538140 RCX: 0000000000000007\nRDX: 1ffffffff80a702b RSI: 0000000000000001 RDI: ffffffffc0538158\nRBP: ffff8881299a6000 R08: 0000000067bbe1e5 R09: 1ffff11023906f20\nR10: ffffffffb560ca07 R11: ffffffffb2b43a58 R12: ffff888105bb78f0\nR13: ffff888100518048 R14: ffff8881299a6004 R15: 0000000000000001\nFS: 00007f95b9686840(0000) GS:ffff8883af100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: fffffbfff80a702b CR3: 0000000117dd2000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n proc_lookup_de+0x11f/0x2e0\n __lookup_slow+0x188/0x350\n walk_component+0x2ab/0x4f0\n path_lookupat+0x120/0x660\n filename_lookup+0x1ce/0x560\n vfs_statx+0xac/0x150\n __do_sys_newstat+0x96/0x110\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n[adobriyan@gmail.com: don\u0027t do 2 atomic ops on the common path]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21999",
"url": "https://www.suse.com/security/cve/CVE-2025-21999"
},
{
"category": "external",
"summary": "SUSE Bug 1240802 for CVE-2025-21999",
"url": "https://bugzilla.suse.com/1240802"
},
{
"category": "external",
"summary": "SUSE Bug 1242579 for CVE-2025-21999",
"url": "https://bugzilla.suse.com/1242579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-21999"
},
{
"cve": "CVE-2025-22001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/qaic: Fix integer overflow in qaic_validate_req()\n\nThese are u64 variables that come from the user via\nqaic_attach_slice_bo_ioctl(). Use check_add_overflow() to ensure that\nthe math doesn\u0027t have an integer wrapping bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22001",
"url": "https://www.suse.com/security/cve/CVE-2025-22001"
},
{
"category": "external",
"summary": "SUSE Bug 1240873 for CVE-2025-22001",
"url": "https://bugzilla.suse.com/1240873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22001"
},
{
"cve": "CVE-2025-22003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22003"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ucan: fix out of bound read in strscpy() source\n\nCommit 7fdaf8966aae (\"can: ucan: use strscpy() to instead of strncpy()\")\nunintentionally introduced a one byte out of bound read on strscpy()\u0027s\nsource argument (which is kind of ironic knowing that strscpy() is meant\nto be a more secure alternative :)).\n\nLet\u0027s consider below buffers:\n\n dest[len + 1]; /* will be NUL terminated */\n src[len]; /* may not be NUL terminated */\n\nWhen doing:\n\n strncpy(dest, src, len);\n dest[len] = \u0027\\0\u0027;\n\nstrncpy() will read up to len bytes from src.\n\nOn the other hand:\n\n strscpy(dest, src, len + 1);\n\nwill read up to len + 1 bytes from src, that is to say, an out of bound\nread of one byte will occur on src if it is not NUL terminated. Note\nthat the src[len] byte is never copied, but strscpy() still needs to\nread it to check whether a truncation occurred or not.\n\nThis exact pattern happened in ucan.\n\nThe root cause is that the source is not NUL terminated. Instead of\ndoing a copy in a local buffer, directly NUL terminate it as soon as\nusb_control_msg() returns. With this, the local firmware_str[] variable\ncan be removed.\n\nOn top of this do a couple refactors:\n\n - ucan_ctl_payload-\u003eraw is only used for the firmware string, so\n rename it to ucan_ctl_payload-\u003efw_str and change its type from u8 to\n char.\n\n - ucan_device_request_in() is only used to retrieve the firmware\n string, so rename it to ucan_get_fw_str() and refactor it to make it\n directly handle all the string termination logic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22003",
"url": "https://www.suse.com/security/cve/CVE-2025-22003"
},
{
"category": "external",
"summary": "SUSE Bug 1240825 for CVE-2025-22003",
"url": "https://bugzilla.suse.com/1240825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22003"
},
{
"cve": "CVE-2025-22004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atm: fix use after free in lec_send()\n\nThe -\u003esend() operation frees skb so save the length before calling\n-\u003esend() to avoid a use after free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22004",
"url": "https://www.suse.com/security/cve/CVE-2025-22004"
},
{
"category": "external",
"summary": "SUSE Bug 1240835 for CVE-2025-22004",
"url": "https://bugzilla.suse.com/1240835"
},
{
"category": "external",
"summary": "SUSE Bug 1241090 for CVE-2025-22004",
"url": "https://bugzilla.suse.com/1241090"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-22004"
},
{
"cve": "CVE-2025-22007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix error code in chan_alloc_skb_cb()\n\nThe chan_alloc_skb_cb() function is supposed to return error pointers on\nerror. Returning NULL will lead to a NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22007",
"url": "https://www.suse.com/security/cve/CVE-2025-22007"
},
{
"category": "external",
"summary": "SUSE Bug 1240829 for CVE-2025-22007",
"url": "https://bugzilla.suse.com/1240829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22007"
},
{
"cve": "CVE-2025-22008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: check that dummy regulator has been probed before using it\n\nDue to asynchronous driver probing there is a chance that the dummy\nregulator hasn\u0027t already been probed when first accessing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22008",
"url": "https://www.suse.com/security/cve/CVE-2025-22008"
},
{
"category": "external",
"summary": "SUSE Bug 1240942 for CVE-2025-22008",
"url": "https://bugzilla.suse.com/1240942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22008"
},
{
"cve": "CVE-2025-22009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: dummy: force synchronous probing\n\nSometimes I get a NULL pointer dereference at boot time in kobject_get()\nwith the following call stack:\n\nanatop_regulator_probe()\n devm_regulator_register()\n regulator_register()\n regulator_resolve_supply()\n kobject_get()\n\nBy placing some extra BUG_ON() statements I could verify that this is\nraised because probing of the \u0027dummy\u0027 regulator driver is not completed\n(\u0027dummy_regulator_rdev\u0027 is still NULL).\n\nIn the JTAG debugger I can see that dummy_regulator_probe() and\nanatop_regulator_probe() can be run by different kernel threads\n(kworker/u4:*). I haven\u0027t further investigated whether this can be\nchanged or if there are other possibilities to force synchronization\nbetween these two probe routines. On the other hand I don\u0027t expect much\nboot time penalty by probing the \u0027dummy\u0027 regulator synchronously.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22009",
"url": "https://www.suse.com/security/cve/CVE-2025-22009"
},
{
"category": "external",
"summary": "SUSE Bug 1240940 for CVE-2025-22009",
"url": "https://bugzilla.suse.com/1240940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22009"
},
{
"cve": "CVE-2025-22010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix soft lockup during bt pages loop\n\nDriver runs a for-loop when allocating bt pages and mapping them with\nbuffer pages. When a large buffer (e.g. MR over 100GB) is being allocated,\nit may require a considerable loop count. This will lead to soft lockup:\n\n watchdog: BUG: soft lockup - CPU#27 stuck for 22s!\n ...\n Call trace:\n hem_list_alloc_mid_bt+0x124/0x394 [hns_roce_hw_v2]\n hns_roce_hem_list_request+0xf8/0x160 [hns_roce_hw_v2]\n hns_roce_mtr_create+0x2e4/0x360 [hns_roce_hw_v2]\n alloc_mr_pbl+0xd4/0x17c [hns_roce_hw_v2]\n hns_roce_reg_user_mr+0xf8/0x190 [hns_roce_hw_v2]\n ib_uverbs_reg_mr+0x118/0x290\n\n watchdog: BUG: soft lockup - CPU#35 stuck for 23s!\n ...\n Call trace:\n hns_roce_hem_list_find_mtt+0x7c/0xb0 [hns_roce_hw_v2]\n mtr_map_bufs+0xc4/0x204 [hns_roce_hw_v2]\n hns_roce_mtr_create+0x31c/0x3c4 [hns_roce_hw_v2]\n alloc_mr_pbl+0xb0/0x160 [hns_roce_hw_v2]\n hns_roce_reg_user_mr+0x108/0x1c0 [hns_roce_hw_v2]\n ib_uverbs_reg_mr+0x120/0x2bc\n\nAdd a cond_resched() to fix soft lockup during these loops. In order not\nto affect the allocation performance of normal-size buffer, set the loop\ncount of a 100GB MR as the threshold to call cond_resched().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22010",
"url": "https://www.suse.com/security/cve/CVE-2025-22010"
},
{
"category": "external",
"summary": "SUSE Bug 1240943 for CVE-2025-22010",
"url": "https://bugzilla.suse.com/1240943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22010"
},
{
"cve": "CVE-2025-22013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state\n\nThere are several problems with the way hyp code lazily saves the host\u0027s\nFPSIMD/SVE state, including:\n\n* Host SVE being discarded unexpectedly due to inconsistent\n configuration of TIF_SVE and CPACR_ELx.ZEN. This has been seen to\n result in QEMU crashes where SVE is used by memmove(), as reported by\n Eric Auger:\n\n https://issues.redhat.com/browse/RHEL-68997\n\n* Host SVE state is discarded *after* modification by ptrace, which was an\n unintentional ptrace ABI change introduced with lazy discarding of SVE state.\n\n* The host FPMR value can be discarded when running a non-protected VM,\n where FPMR support is not exposed to a VM, and that VM uses\n FPSIMD/SVE. In these cases the hyp code does not save the host\u0027s FPMR\n before unbinding the host\u0027s FPSIMD/SVE/SME state, leaving a stale\n value in memory.\n\nAvoid these by eagerly saving and \"flushing\" the host\u0027s FPSIMD/SVE/SME\nstate when loading a vCPU such that KVM does not need to save any of the\nhost\u0027s FPSIMD/SVE/SME state. For clarity, fpsimd_kvm_prepare() is\nremoved and the necessary call to fpsimd_save_and_flush_cpu_state() is\nplaced in kvm_arch_vcpu_load_fp(). As \u0027fpsimd_state\u0027 and \u0027fpmr_ptr\u0027\nshould not be used, they are set to NULL; all uses of these will be\nremoved in subsequent patches.\n\nHistorical problems go back at least as far as v5.17, e.g. erroneous\nassumptions about TIF_SVE being clear in commit:\n\n 8383741ab2e773a9 (\"KVM: arm64: Get rid of host SVE tracking/saving\")\n\n... and so this eager save+flush probably needs to be backported to ALL\nstable trees.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22013",
"url": "https://www.suse.com/security/cve/CVE-2025-22013"
},
{
"category": "external",
"summary": "SUSE Bug 1240938 for CVE-2025-22013",
"url": "https://bugzilla.suse.com/1240938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22013"
},
{
"cve": "CVE-2025-22014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: pdr: Fix the potential deadlock\n\nWhen some client process A call pdr_add_lookup() to add the look up for\nthe service and does schedule locator work, later a process B got a new\nserver packet indicating locator is up and call pdr_locator_new_server()\nwhich eventually sets pdr-\u003elocator_init_complete to true which process A\nsees and takes list lock and queries domain list but it will timeout due\nto deadlock as the response will queued to the same qmi-\u003ewq and it is\nordered workqueue and process B is not able to complete new server\nrequest work due to deadlock on list lock.\n\nFix it by removing the unnecessary list iteration as the list iteration\nis already being done inside locator work, so avoid it here and just\ncall schedule_work() here.\n\n Process A Process B\n\n process_scheduled_works()\npdr_add_lookup() qmi_data_ready_work()\n process_scheduled_works() pdr_locator_new_server()\n pdr-\u003elocator_init_complete=true;\n pdr_locator_work()\n mutex_lock(\u0026pdr-\u003elist_lock);\n\n pdr_locate_service() mutex_lock(\u0026pdr-\u003elist_lock);\n\n pdr_get_domain_list()\n pr_err(\"PDR: %s get domain list\n txn wait failed: %d\\n\",\n req-\u003eservice_name,\n ret);\n\nTimeout error log due to deadlock:\n\n\"\n PDR: tms/servreg get domain list txn wait failed: -110\n PDR: service lookup for msm/adsp/sensor_pd:tms/servreg failed: -110\n\"\n\nThanks to Bjorn and Johan for letting me know that this commit also fixes\nan audio regression when using the in-kernel pd-mapper as that makes it\neasier to hit this race. [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22014",
"url": "https://www.suse.com/security/cve/CVE-2025-22014"
},
{
"category": "external",
"summary": "SUSE Bug 1240937 for CVE-2025-22014",
"url": "https://bugzilla.suse.com/1240937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22014"
},
{
"cve": "CVE-2025-22015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate: fix shmem xarray update during migration\n\nA shmem folio can be either in page cache or in swap cache, but not at the\nsame time. Namely, once it is in swap cache, folio-\u003emapping should be\nNULL, and the folio is no longer in a shmem mapping.\n\nIn __folio_migrate_mapping(), to determine the number of xarray entries to\nupdate, folio_test_swapbacked() is used, but that conflates shmem in page\ncache case and shmem in swap cache case. It leads to xarray multi-index\nentry corruption, since it turns a sibling entry to a normal entry during\nxas_store() (see [1] for a userspace reproduction). Fix it by only using\nfolio_test_swapcache() to determine whether xarray is storing swap cache\nentries or not to choose the right number of xarray entries to update.\n\n[1] https://lore.kernel.org/linux-mm/Z8idPCkaJW1IChjT@casper.infradead.org/\n\nNote:\nIn __split_huge_page(), folio_test_anon() \u0026\u0026 folio_test_swapcache() is\nused to get swap_cache address space, but that ignores the shmem folio in\nswap cache case. It could lead to NULL pointer dereferencing when a\nin-swap-cache shmem folio is split at __xa_store(), since\n!folio_test_anon() is true and folio-\u003emapping is NULL. But fortunately,\nits caller split_huge_page_to_list_to_order() bails out early with EBUSY\nwhen folio-\u003emapping is NULL. So no need to take care of it here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22015",
"url": "https://www.suse.com/security/cve/CVE-2025-22015"
},
{
"category": "external",
"summary": "SUSE Bug 1240944 for CVE-2025-22015",
"url": "https://bugzilla.suse.com/1240944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22015"
},
{
"cve": "CVE-2025-22016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndpll: fix xa_alloc_cyclic() error handling\n\nIn case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will\nbe returned, which will cause IS_ERR() to be false. Which can lead to\ndereference not allocated pointer (pin).\n\nFix it by checking if err is lower than zero.\n\nThis wasn\u0027t found in real usecase, only noticed. Credit to Pierre.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22016",
"url": "https://www.suse.com/security/cve/CVE-2025-22016"
},
{
"category": "external",
"summary": "SUSE Bug 1240934 for CVE-2025-22016",
"url": "https://bugzilla.suse.com/1240934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22016"
},
{
"cve": "CVE-2025-22017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndevlink: fix xa_alloc_cyclic() error handling\n\nIn case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will\nbe returned, which will cause IS_ERR() to be false. Which can lead to\ndereference not allocated pointer (rel).\n\nFix it by checking if err is lower than zero.\n\nThis wasn\u0027t found in real usecase, only noticed. Credit to Pierre.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22017",
"url": "https://www.suse.com/security/cve/CVE-2025-22017"
},
{
"category": "external",
"summary": "SUSE Bug 1240936 for CVE-2025-22017",
"url": "https://bugzilla.suse.com/1240936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22017"
},
{
"cve": "CVE-2025-22018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Fix NULL pointer dereference\n\nWhen MPOA_cache_impos_rcvd() receives the msg, it can trigger\nNull Pointer Dereference Vulnerability if both entry and\nholding_time are NULL. Because there is only for the situation\nwhere entry is NULL and holding_time exists, it can be passed\nwhen both entry and holding_time are NULL. If these are NULL,\nthe entry will be passd to eg_cache_put() as parameter and\nit is referenced by entry-\u003euse code in it.\n\nkasan log:\n\n[ 3.316691] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006:I\n[ 3.317568] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\n[ 3.318188] CPU: 3 UID: 0 PID: 79 Comm: ex Not tainted 6.14.0-rc2 #102\n[ 3.318601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n[ 3.319298] RIP: 0010:eg_cache_remove_entry+0xa5/0x470\n[ 3.319677] Code: c1 f7 6e fd 48 c7 c7 00 7e 38 b2 e8 95 64 54 fd 48 c7 c7 40 7e 38 b2 48 89 ee e80\n[ 3.321220] RSP: 0018:ffff88800583f8a8 EFLAGS: 00010006\n[ 3.321596] RAX: 0000000000000006 RBX: ffff888005989000 RCX: ffffffffaecc2d8e\n[ 3.322112] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000030\n[ 3.322643] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff6558b88\n[ 3.323181] R10: 0000000000000003 R11: 203a207972746e65 R12: 1ffff11000b07f15\n[ 3.323707] R13: dffffc0000000000 R14: ffff888005989000 R15: ffff888005989068\n[ 3.324185] FS: 000000001b6313c0(0000) GS:ffff88806d380000(0000) knlGS:0000000000000000\n[ 3.325042] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 3.325545] CR2: 00000000004b4b40 CR3: 000000000248e000 CR4: 00000000000006f0\n[ 3.326430] Call Trace:\n[ 3.326725] \u003cTASK\u003e\n[ 3.326927] ? die_addr+0x3c/0xa0\n[ 3.327330] ? exc_general_protection+0x161/0x2a0\n[ 3.327662] ? asm_exc_general_protection+0x26/0x30\n[ 3.328214] ? vprintk_emit+0x15e/0x420\n[ 3.328543] ? eg_cache_remove_entry+0xa5/0x470\n[ 3.328910] ? eg_cache_remove_entry+0x9a/0x470\n[ 3.329294] ? __pfx_eg_cache_remove_entry+0x10/0x10\n[ 3.329664] ? console_unlock+0x107/0x1d0\n[ 3.329946] ? __pfx_console_unlock+0x10/0x10\n[ 3.330283] ? do_syscall_64+0xa6/0x1a0\n[ 3.330584] ? entry_SYSCALL_64_after_hwframe+0x47/0x7f\n[ 3.331090] ? __pfx_prb_read_valid+0x10/0x10\n[ 3.331395] ? down_trylock+0x52/0x80\n[ 3.331703] ? vprintk_emit+0x15e/0x420\n[ 3.331986] ? __pfx_vprintk_emit+0x10/0x10\n[ 3.332279] ? down_trylock+0x52/0x80\n[ 3.332527] ? _printk+0xbf/0x100\n[ 3.332762] ? __pfx__printk+0x10/0x10\n[ 3.333007] ? _raw_write_lock_irq+0x81/0xe0\n[ 3.333284] ? __pfx__raw_write_lock_irq+0x10/0x10\n[ 3.333614] msg_from_mpoad+0x1185/0x2750\n[ 3.333893] ? __build_skb_around+0x27b/0x3a0\n[ 3.334183] ? __pfx_msg_from_mpoad+0x10/0x10\n[ 3.334501] ? __alloc_skb+0x1c0/0x310\n[ 3.334809] ? __pfx___alloc_skb+0x10/0x10\n[ 3.335283] ? _raw_spin_lock+0xe0/0xe0\n[ 3.335632] ? finish_wait+0x8d/0x1e0\n[ 3.335975] vcc_sendmsg+0x684/0xba0\n[ 3.336250] ? __pfx_vcc_sendmsg+0x10/0x10\n[ 3.336587] ? __pfx_autoremove_wake_function+0x10/0x10\n[ 3.337056] ? fdget+0x176/0x3e0\n[ 3.337348] __sys_sendto+0x4a2/0x510\n[ 3.337663] ? __pfx___sys_sendto+0x10/0x10\n[ 3.337969] ? ioctl_has_perm.constprop.0.isra.0+0x284/0x400\n[ 3.338364] ? sock_ioctl+0x1bb/0x5a0\n[ 3.338653] ? __rseq_handle_notify_resume+0x825/0xd20\n[ 3.339017] ? __pfx_sock_ioctl+0x10/0x10\n[ 3.339316] ? __pfx___rseq_handle_notify_resume+0x10/0x10\n[ 3.339727] ? selinux_file_ioctl+0xa4/0x260\n[ 3.340166] __x64_sys_sendto+0xe0/0x1c0\n[ 3.340526] ? syscall_exit_to_user_mode+0x123/0x140\n[ 3.340898] do_syscall_64+0xa6/0x1a0\n[ 3.341170] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 3.341533] RIP: 0033:0x44a380\n[ 3.341757] Code: 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c00\n[ \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22018",
"url": "https://www.suse.com/security/cve/CVE-2025-22018"
},
{
"category": "external",
"summary": "SUSE Bug 1241266 for CVE-2025-22018",
"url": "https://bugzilla.suse.com/1241266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22018"
},
{
"cve": "CVE-2025-22020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove\n\nThis fixes the following crash:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in rtsx_usb_ms_poll_card+0x159/0x200 [rtsx_usb_ms]\nRead of size 8 at addr ffff888136335380 by task kworker/6:0/140241\n\nCPU: 6 UID: 0 PID: 140241 Comm: kworker/6:0 Kdump: loaded Tainted: G E 6.14.0-rc6+ #1\nTainted: [E]=UNSIGNED_MODULE\nHardware name: LENOVO 30FNA1V7CW/1057, BIOS S0EKT54A 07/01/2024\nWorkqueue: events rtsx_usb_ms_poll_card [rtsx_usb_ms]\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x51/0x70\n print_address_description.constprop.0+0x27/0x320\n ? rtsx_usb_ms_poll_card+0x159/0x200 [rtsx_usb_ms]\n print_report+0x3e/0x70\n kasan_report+0xab/0xe0\n ? rtsx_usb_ms_poll_card+0x159/0x200 [rtsx_usb_ms]\n rtsx_usb_ms_poll_card+0x159/0x200 [rtsx_usb_ms]\n ? __pfx_rtsx_usb_ms_poll_card+0x10/0x10 [rtsx_usb_ms]\n ? __pfx___schedule+0x10/0x10\n ? kick_pool+0x3b/0x270\n process_one_work+0x357/0x660\n worker_thread+0x390/0x4c0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x190/0x1d0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2d/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 161446:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x10/0x30\n __kasan_kmalloc+0x7b/0x90\n __kmalloc_noprof+0x1a7/0x470\n memstick_alloc_host+0x1f/0xe0 [memstick]\n rtsx_usb_ms_drv_probe+0x47/0x320 [rtsx_usb_ms]\n platform_probe+0x60/0xe0\n call_driver_probe+0x35/0x120\n really_probe+0x123/0x410\n __driver_probe_device+0xc7/0x1e0\n driver_probe_device+0x49/0xf0\n __device_attach_driver+0xc6/0x160\n bus_for_each_drv+0xe4/0x160\n __device_attach+0x13a/0x2b0\n bus_probe_device+0xbd/0xd0\n device_add+0x4a5/0x760\n platform_device_add+0x189/0x370\n mfd_add_device+0x587/0x5e0\n mfd_add_devices+0xb1/0x130\n rtsx_usb_probe+0x28e/0x2e0 [rtsx_usb]\n usb_probe_interface+0x15c/0x460\n call_driver_probe+0x35/0x120\n really_probe+0x123/0x410\n __driver_probe_device+0xc7/0x1e0\n driver_probe_device+0x49/0xf0\n __device_attach_driver+0xc6/0x160\n bus_for_each_drv+0xe4/0x160\n __device_attach+0x13a/0x2b0\n rebind_marked_interfaces.isra.0+0xcc/0x110\n usb_reset_device+0x352/0x410\n usbdev_do_ioctl+0xe5c/0x1860\n usbdev_ioctl+0xa/0x20\n __x64_sys_ioctl+0xc5/0xf0\n do_syscall_64+0x59/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 161506:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x36/0x60\n __kasan_slab_free+0x34/0x50\n kfree+0x1fd/0x3b0\n device_release+0x56/0xf0\n kobject_cleanup+0x73/0x1c0\n rtsx_usb_ms_drv_remove+0x13d/0x220 [rtsx_usb_ms]\n platform_remove+0x2f/0x50\n device_release_driver_internal+0x24b/0x2e0\n bus_remove_device+0x124/0x1d0\n device_del+0x239/0x530\n platform_device_del.part.0+0x19/0xe0\n platform_device_unregister+0x1c/0x40\n mfd_remove_devices_fn+0x167/0x170\n device_for_each_child_reverse+0xc9/0x130\n mfd_remove_devices+0x6e/0xa0\n rtsx_usb_disconnect+0x2e/0xd0 [rtsx_usb]\n usb_unbind_interface+0xf3/0x3f0\n device_release_driver_internal+0x24b/0x2e0\n proc_disconnect_claim+0x13d/0x220\n usbdev_do_ioctl+0xb5e/0x1860\n usbdev_ioctl+0xa/0x20\n __x64_sys_ioctl+0xc5/0xf0\n do_syscall_64+0x59/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nLast potentially related work creation:\n kasan_save_stack+0x20/0x40\n kasan_record_aux_stack+0x85/0x90\n insert_work+0x29/0x100\n __queue_work+0x34a/0x540\n call_timer_fn+0x2a/0x160\n expire_timers+0x5f/0x1f0\n __run_timer_base.part.0+0x1b6/0x1e0\n run_timer_softirq+0x8b/0xe0\n handle_softirqs+0xf9/0x360\n __irq_exit_rcu+0x114/0x130\n sysvec_apic_timer_interrupt+0x72/0x90\n asm_sysvec_apic_timer_interrupt+0x16/0x20\n\nSecond to last potentially related work creation:\n kasan_save_stack+0x20/0x40\n kasan_record_aux_stack+0x85/0x90\n insert_work+0x29/0x100\n __queue_work+0x34a/0x540\n call_timer_fn+0x2a/0x160\n expire_timers+0x5f/0x1f0\n __run_timer_base.part.0+0x1b6/0x1e0\n run_timer_softirq+0x8b/0xe0\n handle_softirqs+0xf9/0x\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22020",
"url": "https://www.suse.com/security/cve/CVE-2025-22020"
},
{
"category": "external",
"summary": "SUSE Bug 1241280 for CVE-2025-22020",
"url": "https://bugzilla.suse.com/1241280"
},
{
"category": "external",
"summary": "SUSE Bug 1241281 for CVE-2025-22020",
"url": "https://bugzilla.suse.com/1241281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-22020"
},
{
"cve": "CVE-2025-22021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: socket: Lookup orig tuple for IPv6 SNAT\n\nnf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to\nrestore the original 5-tuple in case of SNAT, to be able to find the\nright socket (if any). Then socket_match() can correctly check whether\nthe socket was transparent.\n\nHowever, the IPv6 counterpart (nf_sk_lookup_slow_v6) lacks this\nconntrack lookup, making xt_socket fail to match on the socket when the\npacket was SNATed. Add the same logic to nf_sk_lookup_slow_v6.\n\nIPv6 SNAT is used in Kubernetes clusters for pod-to-world packets, as\npods\u0027 addresses are in the fd00::/8 ULA subnet and need to be replaced\nwith the node\u0027s external address. Cilium leverages Envoy to enforce L7\npolicies, and Envoy uses transparent sockets. Cilium inserts an iptables\nprerouting rule that matches on `-m socket --transparent` and redirects\nthe packets to localhost, but it fails to match SNATed IPv6 packets due\nto that missing conntrack lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22021",
"url": "https://www.suse.com/security/cve/CVE-2025-22021"
},
{
"category": "external",
"summary": "SUSE Bug 1241282 for CVE-2025-22021",
"url": "https://bugzilla.suse.com/1241282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "low"
}
],
"title": "CVE-2025-22021"
},
{
"cve": "CVE-2025-22025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22025"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: put dl_stid if fail to queue dl_recall\n\nBefore calling nfsd4_run_cb to queue dl_recall to the callback_wq, we\nincrement the reference count of dl_stid.\nWe expect that after the corresponding work_struct is processed, the\nreference count of dl_stid will be decremented through the callback\nfunction nfsd4_cb_recall_release.\nHowever, if the call to nfsd4_run_cb fails, the incremented reference\ncount of dl_stid will not be decremented correspondingly, leading to the\nfollowing nfs4_stid leak:\nunreferenced object 0xffff88812067b578 (size 344):\n comm \"nfsd\", pid 2761, jiffies 4295044002 (age 5541.241s)\n hex dump (first 32 bytes):\n 01 00 00 00 6b 6b 6b 6b b8 02 c0 e2 81 88 ff ff ....kkkk........\n 00 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 ad 4e ad de .kkkkkkk.....N..\n backtrace:\n kmem_cache_alloc+0x4b9/0x700\n nfsd4_process_open1+0x34/0x300\n nfsd4_open+0x2d1/0x9d0\n nfsd4_proc_compound+0x7a2/0xe30\n nfsd_dispatch+0x241/0x3e0\n svc_process_common+0x5d3/0xcc0\n svc_process+0x2a3/0x320\n nfsd+0x180/0x2e0\n kthread+0x199/0x1d0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\nunreferenced object 0xffff8881499f4d28 (size 368):\n comm \"nfsd\", pid 2761, jiffies 4295044005 (age 5541.239s)\n hex dump (first 32 bytes):\n 01 00 00 00 00 00 00 00 30 4d 9f 49 81 88 ff ff ........0M.I....\n 30 4d 9f 49 81 88 ff ff 20 00 00 00 01 00 00 00 0M.I.... .......\n backtrace:\n kmem_cache_alloc+0x4b9/0x700\n nfs4_alloc_stid+0x29/0x210\n alloc_init_deleg+0x92/0x2e0\n nfs4_set_delegation+0x284/0xc00\n nfs4_open_delegation+0x216/0x3f0\n nfsd4_process_open2+0x2b3/0xee0\n nfsd4_open+0x770/0x9d0\n nfsd4_proc_compound+0x7a2/0xe30\n nfsd_dispatch+0x241/0x3e0\n svc_process_common+0x5d3/0xcc0\n svc_process+0x2a3/0x320\n nfsd+0x180/0x2e0\n kthread+0x199/0x1d0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\nFix it by checking the result of nfsd4_run_cb and call nfs4_put_stid if\nfail to queue dl_recall.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22025",
"url": "https://www.suse.com/security/cve/CVE-2025-22025"
},
{
"category": "external",
"summary": "SUSE Bug 1241361 for CVE-2025-22025",
"url": "https://bugzilla.suse.com/1241361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22025"
},
{
"cve": "CVE-2025-22027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22027"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: streamzap: fix race between device disconnection and urb callback\n\nSyzkaller has reported a general protection fault at function\nir_raw_event_store_with_filter(). This crash is caused by a NULL pointer\ndereference of dev-\u003eraw pointer, even though it is checked for NULL in\nthe same function, which means there is a race condition. It occurs due\nto the incorrect order of actions in the streamzap_disconnect() function:\nrc_unregister_device() is called before usb_kill_urb(). The dev-\u003eraw\npointer is freed and set to NULL in rc_unregister_device(), and only\nafter that usb_kill_urb() waits for in-progress requests to finish.\n\nIf rc_unregister_device() is called while streamzap_callback() handler is\nnot finished, this can lead to accessing freed resources. Thus\nrc_unregister_device() should be called after usb_kill_urb().\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22027",
"url": "https://www.suse.com/security/cve/CVE-2025-22027"
},
{
"category": "external",
"summary": "SUSE Bug 1241369 for CVE-2025-22027",
"url": "https://bugzilla.suse.com/1241369"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22027"
},
{
"cve": "CVE-2025-22029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22029"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22029",
"url": "https://www.suse.com/security/cve/CVE-2025-22029"
},
{
"category": "external",
"summary": "SUSE Bug 1241378 for CVE-2025-22029",
"url": "https://bugzilla.suse.com/1241378"
},
{
"category": "external",
"summary": "SUSE Bug 1241379 for CVE-2025-22029",
"url": "https://bugzilla.suse.com/1241379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-22029"
},
{
"cve": "CVE-2025-22030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()\n\nCurrently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding\nthe per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_lock\n(through crypto_exit_scomp_ops_async()).\n\nOn the other hand, crypto_alloc_acomp_node() holds the scomp_lock (through\ncrypto_scomp_init_tfm()), and then allocates memory. If the allocation\nresults in reclaim, we may attempt to hold the per-CPU acomp_ctx mutex.\n\nThe above dependencies can cause an ABBA deadlock. For example in the\nfollowing scenario:\n\n(1) Task A running on CPU #1:\n crypto_alloc_acomp_node()\n Holds scomp_lock\n Enters reclaim\n Reads per_cpu_ptr(pool-\u003eacomp_ctx, 1)\n\n(2) Task A is descheduled\n\n(3) CPU #1 goes offline\n zswap_cpu_comp_dead(CPU #1)\n Holds per_cpu_ptr(pool-\u003eacomp_ctx, 1))\n Calls crypto_free_acomp()\n Waits for scomp_lock\n\n(4) Task A running on CPU #2:\n Waits for per_cpu_ptr(pool-\u003eacomp_ctx, 1) // Read on CPU #1\n DEADLOCK\n\nSince there is no requirement to call crypto_free_acomp() with the per-CPU\nacomp_ctx mutex held in zswap_cpu_comp_dead(), move it after the mutex is\nunlocked. Also move the acomp_request_free() and kfree() calls for\nconsistency and to avoid any potential sublte locking dependencies in the\nfuture.\n\nWith this, only setting acomp_ctx fields to NULL occurs with the mutex\nheld. This is similar to how zswap_cpu_comp_prepare() only initializes\nacomp_ctx fields with the mutex held, after performing all allocations\nbefore holding the mutex.\n\nOpportunistically, move the NULL check on acomp_ctx so that it takes place\nbefore the mutex dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22030",
"url": "https://www.suse.com/security/cve/CVE-2025-22030"
},
{
"category": "external",
"summary": "SUSE Bug 1241376 for CVE-2025-22030",
"url": "https://bugzilla.suse.com/1241376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22030"
},
{
"cve": "CVE-2025-22033",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22033"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: Don\u0027t call NULL in do_compat_alignment_fixup()\n\ndo_alignment_t32_to_handler() only fixes up alignment faults for\nspecific instructions; it returns NULL otherwise (e.g. LDREX). When\nthat\u0027s the case, signal to the caller that it needs to proceed with the\nregular alignment fault handling (i.e. SIGBUS). Without this patch, the\nkernel panics:\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n Mem abort info:\n ESR = 0x0000000086000006\n EC = 0x21: IABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x06: level 2 translation fault\n user pgtable: 4k pages, 48-bit VAs, pgdp=00000800164aa000\n [0000000000000000] pgd=0800081fdbd22003, p4d=0800081fdbd22003, pud=08000815d51c6003, pmd=0000000000000000\n Internal error: Oops: 0000000086000006 [#1] SMP\n Modules linked in: cfg80211 rfkill xt_nat xt_tcpudp xt_conntrack nft_chain_nat xt_MASQUERADE nf_nat nf_conntrack_netlink nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xfrm_user xfrm_algo xt_addrtype nft_compat br_netfilter veth nvme_fa\u003e\n libcrc32c crc32c_generic raid0 multipath linear dm_mod dax raid1 md_mod xhci_pci nvme xhci_hcd nvme_core t10_pi usbcore igb crc64_rocksoft crc64 crc_t10dif crct10dif_generic crct10dif_ce crct10dif_common usb_common i2c_algo_bit i2c\u003e\n CPU: 2 PID: 3932954 Comm: WPEWebProcess Not tainted 6.1.0-31-arm64 #1 Debian 6.1.128-1\n Hardware name: GIGABYTE MP32-AR1-00/MP32-AR1-00, BIOS F18v (SCP: 1.08.20211002) 12/01/2021\n pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : 0x0\n lr : do_compat_alignment_fixup+0xd8/0x3dc\n sp : ffff80000f973dd0\n x29: ffff80000f973dd0 x28: ffff081b42526180 x27: 0000000000000000\n x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\n x23: 0000000000000004 x22: 0000000000000000 x21: 0000000000000001\n x20: 00000000e8551f00 x19: ffff80000f973eb0 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000 x9 : ffffaebc949bc488\n x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n x5 : 0000000000400000 x4 : 0000fffffffffffe x3 : 0000000000000000\n x2 : ffff80000f973eb0 x1 : 00000000e8551f00 x0 : 0000000000000001\n Call trace:\n 0x0\n do_alignment_fault+0x40/0x50\n do_mem_abort+0x4c/0xa0\n el0_da+0x48/0xf0\n el0t_32_sync_handler+0x110/0x140\n el0t_32_sync+0x190/0x194\n Code: bad PC value\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22033",
"url": "https://www.suse.com/security/cve/CVE-2025-22033"
},
{
"category": "external",
"summary": "SUSE Bug 1241436 for CVE-2025-22033",
"url": "https://bugzilla.suse.com/1241436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22033"
},
{
"cve": "CVE-2025-22036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix random stack corruption after get_block\n\nWhen get_block is called with a buffer_head allocated on the stack, such\nas do_mpage_readpage, stack corruption due to buffer_head UAF may occur in\nthe following race condition situation.\n\n \u003cCPU 0\u003e \u003cCPU 1\u003e\nmpage_read_folio\n \u003c\u003cbh on stack\u003e\u003e\n do_mpage_readpage\n exfat_get_block\n bh_read\n __bh_read\n\t get_bh(bh)\n submit_bh\n wait_on_buffer\n ...\n end_buffer_read_sync\n __end_buffer_read_notouch\n unlock_buffer\n \u003c\u003ckeep going\u003e\u003e\n ...\n ...\n ...\n ...\n\u003c\u003cbh is not valid out of mpage_read_folio\u003e\u003e\n .\n .\nanother_function\n \u003c\u003cvariable A on stack\u003e\u003e\n put_bh(bh)\n atomic_dec(bh-\u003eb_count)\n * stack corruption here *\n\nThis patch returns -EAGAIN if a folio does not have buffers when bh_read\nneeds to be called. By doing this, the caller can fallback to functions\nlike block_read_full_folio(), create a buffer_head in the folio, and then\ncall get_block again.\n\nLet\u0027s do not call bh_read() with on-stack buffer_head.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22036",
"url": "https://www.suse.com/security/cve/CVE-2025-22036"
},
{
"category": "external",
"summary": "SUSE Bug 1241426 for CVE-2025-22036",
"url": "https://bugzilla.suse.com/1241426"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22036"
},
{
"cve": "CVE-2025-22044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacpi: nfit: fix narrowing conversion in acpi_nfit_ctl\n\nSyzkaller has reported a warning in to_nfit_bus_uuid(): \"only secondary\nbus families can be translated\". This warning is emited if the argument\nis equal to NVDIMM_BUS_FAMILY_NFIT == 0. Function acpi_nfit_ctl() first\nverifies that a user-provided value call_pkg-\u003end_family of type u64 is\nnot equal to 0. Then the value is converted to int, and only after that\nis compared to NVDIMM_BUS_FAMILY_MAX. This can lead to passing an invalid\nargument to acpi_nfit_ctl(), if call_pkg-\u003end_family is non-zero, while\nthe lower 32 bits are zero.\n\nFurthermore, it is best to return EINVAL immediately upon seeing the\ninvalid user input. The WARNING is insufficient to prevent further\nundefined behavior based on other invalid user input.\n\nAll checks of the input value should be applied to the original variable\ncall_pkg-\u003end_family.\n\n[iweiny: update commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22044",
"url": "https://www.suse.com/security/cve/CVE-2025-22044"
},
{
"category": "external",
"summary": "SUSE Bug 1241424 for CVE-2025-22044",
"url": "https://bugzilla.suse.com/1241424"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22044"
},
{
"cve": "CVE-2025-22045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm: Fix flush_tlb_range() when used for zapping normal PMDs\n\nOn the following path, flush_tlb_range() can be used for zapping normal\nPMD entries (PMD entries that point to page tables) together with the PTE\nentries in the pointed-to page table:\n\n collapse_pte_mapped_thp\n pmdp_collapse_flush\n flush_tlb_range\n\nThe arm64 version of flush_tlb_range() has a comment describing that it can\nbe used for page table removal, and does not use any last-level\ninvalidation optimizations. Fix the X86 version by making it behave the\nsame way.\n\nCurrently, X86 only uses this information for the following two purposes,\nwhich I think means the issue doesn\u0027t have much impact:\n\n - In native_flush_tlb_multi() for checking if lazy TLB CPUs need to be\n IPI\u0027d to avoid issues with speculative page table walks.\n - In Hyper-V TLB paravirtualization, again for lazy TLB stuff.\n\nThe patch \"x86/mm: only invalidate final translations with INVLPGB\" which\nis currently under review (see\n\u003chttps://lore.kernel.org/all/20241230175550.4046587-13-riel@surriel.com/\u003e)\nwould probably be making the impact of this a lot worse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22045",
"url": "https://www.suse.com/security/cve/CVE-2025-22045"
},
{
"category": "external",
"summary": "SUSE Bug 1241433 for CVE-2025-22045",
"url": "https://bugzilla.suse.com/1241433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22045"
},
{
"cve": "CVE-2025-22050",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22050"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet:fix NPE during rx_complete\n\nMissing usbnet_going_away Check in Critical Path.\nThe usb_submit_urb function lacks a usbnet_going_away\nvalidation, whereas __usbnet_queue_skb includes this check.\n\nThis inconsistency creates a race condition where:\nA URB request may succeed, but the corresponding SKB data\nfails to be queued.\n\nSubsequent processes:\n(e.g., rx_complete \u2192 defer_bh \u2192 __skb_unlink(skb, list))\nattempt to access skb-\u003enext, triggering a NULL pointer\ndereference (Kernel Panic).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22050",
"url": "https://www.suse.com/security/cve/CVE-2025-22050"
},
{
"category": "external",
"summary": "SUSE Bug 1241441 for CVE-2025-22050",
"url": "https://bugzilla.suse.com/1241441"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22050"
},
{
"cve": "CVE-2025-22053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ibmveth: make veth_pool_store stop hanging\n\nv2:\n- Created a single error handling unlock and exit in veth_pool_store\n- Greatly expanded commit message with previous explanatory-only text\n\nSummary: Use rtnl_mutex to synchronize veth_pool_store with itself,\nibmveth_close and ibmveth_open, preventing multiple calls in a row to\nnapi_disable.\n\nBackground: Two (or more) threads could call veth_pool_store through\nwriting to /sys/devices/vio/30000002/pool*/*. You can do this easily\nwith a little shell script. This causes a hang.\n\nI configured LOCKDEP, compiled ibmveth.c with DEBUG, and built a new\nkernel. I ran this test again and saw:\n\n Setting pool0/active to 0\n Setting pool1/active to 1\n [ 73.911067][ T4365] ibmveth 30000002 eth0: close starting\n Setting pool1/active to 1\n Setting pool1/active to 0\n [ 73.911367][ T4366] ibmveth 30000002 eth0: close starting\n [ 73.916056][ T4365] ibmveth 30000002 eth0: close complete\n [ 73.916064][ T4365] ibmveth 30000002 eth0: open starting\n [ 110.808564][ T712] systemd-journald[712]: Sent WATCHDOG=1 notification.\n [ 230.808495][ T712] systemd-journald[712]: Sent WATCHDOG=1 notification.\n [ 243.683786][ T123] INFO: task stress.sh:4365 blocked for more than 122 seconds.\n [ 243.683827][ T123] Not tainted 6.14.0-01103-g2df0c02dab82-dirty #8\n [ 243.683833][ T123] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n [ 243.683838][ T123] task:stress.sh state:D stack:28096 pid:4365 tgid:4365 ppid:4364 task_flags:0x400040 flags:0x00042000\n [ 243.683852][ T123] Call Trace:\n [ 243.683857][ T123] [c00000000c38f690] [0000000000000001] 0x1 (unreliable)\n [ 243.683868][ T123] [c00000000c38f840] [c00000000001f908] __switch_to+0x318/0x4e0\n [ 243.683878][ T123] [c00000000c38f8a0] [c000000001549a70] __schedule+0x500/0x12a0\n [ 243.683888][ T123] [c00000000c38f9a0] [c00000000154a878] schedule+0x68/0x210\n [ 243.683896][ T123] [c00000000c38f9d0] [c00000000154ac80] schedule_preempt_disabled+0x30/0x50\n [ 243.683904][ T123] [c00000000c38fa00] [c00000000154dbb0] __mutex_lock+0x730/0x10f0\n [ 243.683913][ T123] [c00000000c38fb10] [c000000001154d40] napi_enable+0x30/0x60\n [ 243.683921][ T123] [c00000000c38fb40] [c000000000f4ae94] ibmveth_open+0x68/0x5dc\n [ 243.683928][ T123] [c00000000c38fbe0] [c000000000f4aa20] veth_pool_store+0x220/0x270\n [ 243.683936][ T123] [c00000000c38fc70] [c000000000826278] sysfs_kf_write+0x68/0xb0\n [ 243.683944][ T123] [c00000000c38fcb0] [c0000000008240b8] kernfs_fop_write_iter+0x198/0x2d0\n [ 243.683951][ T123] [c00000000c38fd00] [c00000000071b9ac] vfs_write+0x34c/0x650\n [ 243.683958][ T123] [c00000000c38fdc0] [c00000000071bea8] ksys_write+0x88/0x150\n [ 243.683966][ T123] [c00000000c38fe10] [c0000000000317f4] system_call_exception+0x124/0x340\n [ 243.683973][ T123] [c00000000c38fe50] [c00000000000d05c] system_call_vectored_common+0x15c/0x2ec\n ...\n [ 243.684087][ T123] Showing all locks held in the system:\n [ 243.684095][ T123] 1 lock held by khungtaskd/123:\n [ 243.684099][ T123] #0: c00000000278e370 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x50/0x248\n [ 243.684114][ T123] 4 locks held by stress.sh/4365:\n [ 243.684119][ T123] #0: c00000003a4cd3f8 (sb_writers#3){.+.+}-{0:0}, at: ksys_write+0x88/0x150\n [ 243.684132][ T123] #1: c000000041aea888 (\u0026of-\u003emutex#2){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x154/0x2d0\n [ 243.684143][ T123] #2: c0000000366fb9a8 (kn-\u003eactive#64){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x160/0x2d0\n [ 243.684155][ T123] #3: c000000035ff4cb8 (\u0026dev-\u003elock){+.+.}-{3:3}, at: napi_enable+0x30/0x60\n [ 243.684166][ T123] 5 locks held by stress.sh/4366:\n [ 243.684170][ T123] #0: c00000003a4cd3f8 (sb_writers#3){.+.+}-{0:0}, at: ksys_write+0x88/0x150\n [ 243.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22053",
"url": "https://www.suse.com/security/cve/CVE-2025-22053"
},
{
"category": "external",
"summary": "SUSE Bug 1241373 for CVE-2025-22053",
"url": "https://bugzilla.suse.com/1241373"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22053"
},
{
"cve": "CVE-2025-22055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix geneve_opt length integer overflow\n\nstruct geneve_opt uses 5 bit length for each single option, which\nmeans every vary size option should be smaller than 128 bytes.\n\nHowever, all current related Netlink policies cannot promise this\nlength condition and the attacker can exploit a exact 128-byte size\noption to *fake* a zero length option and confuse the parsing logic,\nfurther achieve heap out-of-bounds read.\n\nOne example crash log is like below:\n\n[ 3.905425] ==================================================================\n[ 3.905925] BUG: KASAN: slab-out-of-bounds in nla_put+0xa9/0xe0\n[ 3.906255] Read of size 124 at addr ffff888005f291cc by task poc/177\n[ 3.906646]\n[ 3.906775] CPU: 0 PID: 177 Comm: poc-oob-read Not tainted 6.1.132 #1\n[ 3.907131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 3.907784] Call Trace:\n[ 3.907925] \u003cTASK\u003e\n[ 3.908048] dump_stack_lvl+0x44/0x5c\n[ 3.908258] print_report+0x184/0x4be\n[ 3.909151] kasan_report+0xc5/0x100\n[ 3.909539] kasan_check_range+0xf3/0x1a0\n[ 3.909794] memcpy+0x1f/0x60\n[ 3.909968] nla_put+0xa9/0xe0\n[ 3.910147] tunnel_key_dump+0x945/0xba0\n[ 3.911536] tcf_action_dump_1+0x1c1/0x340\n[ 3.912436] tcf_action_dump+0x101/0x180\n[ 3.912689] tcf_exts_dump+0x164/0x1e0\n[ 3.912905] fw_dump+0x18b/0x2d0\n[ 3.913483] tcf_fill_node+0x2ee/0x460\n[ 3.914778] tfilter_notify+0xf4/0x180\n[ 3.915208] tc_new_tfilter+0xd51/0x10d0\n[ 3.918615] rtnetlink_rcv_msg+0x4a2/0x560\n[ 3.919118] netlink_rcv_skb+0xcd/0x200\n[ 3.919787] netlink_unicast+0x395/0x530\n[ 3.921032] netlink_sendmsg+0x3d0/0x6d0\n[ 3.921987] __sock_sendmsg+0x99/0xa0\n[ 3.922220] __sys_sendto+0x1b7/0x240\n[ 3.922682] __x64_sys_sendto+0x72/0x90\n[ 3.922906] do_syscall_64+0x5e/0x90\n[ 3.923814] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 3.924122] RIP: 0033:0x7e83eab84407\n[ 3.924331] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 3.925330] RSP: 002b:00007ffff505e370 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\n[ 3.925752] RAX: ffffffffffffffda RBX: 00007e83eaafa740 RCX: 00007e83eab84407\n[ 3.926173] RDX: 00000000000001a8 RSI: 00007ffff505e3c0 RDI: 0000000000000003\n[ 3.926587] RBP: 00007ffff505f460 R08: 00007e83eace1000 R09: 000000000000000c\n[ 3.926977] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffff505f3c0\n[ 3.927367] R13: 00007ffff505f5c8 R14: 00007e83ead1b000 R15: 00005d4fbbe6dcb8\n\nFix these issues by enforing correct length condition in related\npolicies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22055",
"url": "https://www.suse.com/security/cve/CVE-2025-22055"
},
{
"category": "external",
"summary": "SUSE Bug 1241371 for CVE-2025-22055",
"url": "https://bugzilla.suse.com/1241371"
},
{
"category": "external",
"summary": "SUSE Bug 1241372 for CVE-2025-22055",
"url": "https://bugzilla.suse.com/1241372"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-22055"
},
{
"cve": "CVE-2025-22056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_tunnel: fix geneve_opt type confusion addition\n\nWhen handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the\nparsing logic should place every geneve_opt structure one by one\ncompactly. Hence, when deciding the next geneve_opt position, the\npointer addition should be in units of char *.\n\nHowever, the current implementation erroneously does type conversion\nbefore the addition, which will lead to heap out-of-bounds write.\n\n[ 6.989857] ==================================================================\n[ 6.990293] BUG: KASAN: slab-out-of-bounds in nft_tunnel_obj_init+0x977/0xa70\n[ 6.990725] Write of size 124 at addr ffff888005f18974 by task poc/178\n[ 6.991162]\n[ 6.991259] CPU: 0 PID: 178 Comm: poc-oob-write Not tainted 6.1.132 #1\n[ 6.991655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 6.992281] Call Trace:\n[ 6.992423] \u003cTASK\u003e\n[ 6.992586] dump_stack_lvl+0x44/0x5c\n[ 6.992801] print_report+0x184/0x4be\n[ 6.993790] kasan_report+0xc5/0x100\n[ 6.994252] kasan_check_range+0xf3/0x1a0\n[ 6.994486] memcpy+0x38/0x60\n[ 6.994692] nft_tunnel_obj_init+0x977/0xa70\n[ 6.995677] nft_obj_init+0x10c/0x1b0\n[ 6.995891] nf_tables_newobj+0x585/0x950\n[ 6.996922] nfnetlink_rcv_batch+0xdf9/0x1020\n[ 6.998997] nfnetlink_rcv+0x1df/0x220\n[ 6.999537] netlink_unicast+0x395/0x530\n[ 7.000771] netlink_sendmsg+0x3d0/0x6d0\n[ 7.001462] __sock_sendmsg+0x99/0xa0\n[ 7.001707] ____sys_sendmsg+0x409/0x450\n[ 7.002391] ___sys_sendmsg+0xfd/0x170\n[ 7.003145] __sys_sendmsg+0xea/0x170\n[ 7.004359] do_syscall_64+0x5e/0x90\n[ 7.005817] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 7.006127] RIP: 0033:0x7ec756d4e407\n[ 7.006339] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 7.007364] RSP: 002b:00007ffed5d46760 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n[ 7.007827] RAX: ffffffffffffffda RBX: 00007ec756cc4740 RCX: 00007ec756d4e407\n[ 7.008223] RDX: 0000000000000000 RSI: 00007ffed5d467f0 RDI: 0000000000000003\n[ 7.008620] RBP: 00007ffed5d468a0 R08: 0000000000000000 R09: 0000000000000000\n[ 7.009039] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n[ 7.009429] R13: 00007ffed5d478b0 R14: 00007ec756ee5000 R15: 00005cbd4e655cb8\n\nFix this bug with correct pointer addition and conversion in parse\nand dump code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22056",
"url": "https://www.suse.com/security/cve/CVE-2025-22056"
},
{
"category": "external",
"summary": "SUSE Bug 1241525 for CVE-2025-22056",
"url": "https://bugzilla.suse.com/1241525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22056"
},
{
"cve": "CVE-2025-22057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: decrease cached dst counters in dst_release\n\nUpstream fix ac888d58869b (\"net: do not delay dst_entries_add() in\ndst_release()\") moved decrementing the dst count from dst_destroy to\ndst_release to avoid accessing already freed data in case of netns\ndismantle. However in case CONFIG_DST_CACHE is enabled and OvS+tunnels\nare used, this fix is incomplete as the same issue will be seen for\ncached dsts:\n\n Unable to handle kernel paging request at virtual address ffff5aabf6b5c000\n Call trace:\n percpu_counter_add_batch+0x3c/0x160 (P)\n dst_release+0xec/0x108\n dst_cache_destroy+0x68/0xd8\n dst_destroy+0x13c/0x168\n dst_destroy_rcu+0x1c/0xb0\n rcu_do_batch+0x18c/0x7d0\n rcu_core+0x174/0x378\n rcu_core_si+0x18/0x30\n\nFix this by invalidating the cache, and thus decrementing cached dst\ncounters, in dst_release too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22057",
"url": "https://www.suse.com/security/cve/CVE-2025-22057"
},
{
"category": "external",
"summary": "SUSE Bug 1241533 for CVE-2025-22057",
"url": "https://bugzilla.suse.com/1241533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22057"
},
{
"cve": "CVE-2025-22058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Fix memory accounting leak.\n\nMatt Dowling reported a weird UDP memory usage issue.\n\nUnder normal operation, the UDP memory usage reported in /proc/net/sockstat\nremains close to zero. However, it occasionally spiked to 524,288 pages\nand never dropped. Moreover, the value doubled when the application was\nterminated. Finally, it caused intermittent packet drops.\n\nWe can reproduce the issue with the script below [0]:\n\n 1. /proc/net/sockstat reports 0 pages\n\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 1 mem 0\n\n 2. Run the script till the report reaches 524,288\n\n # python3 test.py \u0026 sleep 5\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 3 mem 524288 \u003c-- (INT_MAX + 1) \u003e\u003e PAGE_SHIFT\n\n 3. Kill the socket and confirm the number never drops\n\n # pkill python3 \u0026\u0026 sleep 5\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 1 mem 524288\n\n 4. (necessary since v6.0) Trigger proto_memory_pcpu_drain()\n\n # python3 test.py \u0026 sleep 1 \u0026\u0026 pkill python3\n\n 5. The number doubles\n\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 1 mem 1048577\n\nThe application set INT_MAX to SO_RCVBUF, which triggered an integer\noverflow in udp_rmem_release().\n\nWhen a socket is close()d, udp_destruct_common() purges its receive\nqueue and sums up skb-\u003etruesize in the queue. This total is calculated\nand stored in a local unsigned integer variable.\n\nThe total size is then passed to udp_rmem_release() to adjust memory\naccounting. However, because the function takes a signed integer\nargument, the total size can wrap around, causing an overflow.\n\nThen, the released amount is calculated as follows:\n\n 1) Add size to sk-\u003esk_forward_alloc.\n 2) Round down sk-\u003esk_forward_alloc to the nearest lower multiple of\n PAGE_SIZE and assign it to amount.\n 3) Subtract amount from sk-\u003esk_forward_alloc.\n 4) Pass amount \u003e\u003e PAGE_SHIFT to __sk_mem_reduce_allocated().\n\nWhen the issue occurred, the total in udp_destruct_common() was 2147484480\n(INT_MAX + 833), which was cast to -2147482816 in udp_rmem_release().\n\nAt 1) sk-\u003esk_forward_alloc is changed from 3264 to -2147479552, and\n2) sets -2147479552 to amount. 3) reverts the wraparound, so we don\u0027t\nsee a warning in inet_sock_destruct(). However, udp_memory_allocated\nends up doubling at 4).\n\nSince commit 3cd3399dd7a8 (\"net: implement per-cpu reserves for\nmemory_allocated\"), memory usage no longer doubles immediately after\na socket is close()d because __sk_mem_reduce_allocated() caches the\namount in udp_memory_per_cpu_fw_alloc. However, the next time a UDP\nsocket receives a packet, the subtraction takes effect, causing UDP\nmemory usage to double.\n\nThis issue makes further memory allocation fail once the socket\u0027s\nsk-\u003esk_rmem_alloc exceeds net.ipv4.udp_rmem_min, resulting in packet\ndrops.\n\nTo prevent this issue, let\u0027s use unsigned int for the calculation and\ncall sk_forward_alloc_add() only once for the small delta.\n\nNote that first_packet_length() also potentially has the same problem.\n\n[0]:\nfrom socket import *\n\nSO_RCVBUFFORCE = 33\nINT_MAX = (2 ** 31) - 1\n\ns = socket(AF_INET, SOCK_DGRAM)\ns.bind((\u0027\u0027, 0))\ns.setsockopt(SOL_SOCKET, SO_RCVBUFFORCE, INT_MAX)\n\nc = socket(AF_INET, SOCK_DGRAM)\nc.connect(s.getsockname())\n\ndata = b\u0027a\u0027 * 100\n\nwhile True:\n c.send(data)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22058",
"url": "https://www.suse.com/security/cve/CVE-2025-22058"
},
{
"category": "external",
"summary": "SUSE Bug 1241332 for CVE-2025-22058",
"url": "https://bugzilla.suse.com/1241332"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22058"
},
{
"cve": "CVE-2025-22060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvpp2: Prevent parser TCAM memory corruption\n\nProtect the parser TCAM/SRAM memory, and the cached (shadow) SRAM\ninformation, from concurrent modifications.\n\nBoth the TCAM and SRAM tables are indirectly accessed by configuring\nan index register that selects the row to read or write to. This means\nthat operations must be atomic in order to, e.g., avoid spreading\nwrites across multiple rows. Since the shadow SRAM array is used to\nfind free rows in the hardware table, it must also be protected in\norder to avoid TOCTOU errors where multiple cores allocate the same\nrow.\n\nThis issue was detected in a situation where `mvpp2_set_rx_mode()` ran\nconcurrently on two CPUs. In this particular case the\nMVPP2_PE_MAC_UC_PROMISCUOUS entry was corrupted, causing the\nclassifier unit to drop all incoming unicast - indicated by the\n`rx_classifier_drops` counter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22060",
"url": "https://www.suse.com/security/cve/CVE-2025-22060"
},
{
"category": "external",
"summary": "SUSE Bug 1241526 for CVE-2025-22060",
"url": "https://bugzilla.suse.com/1241526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22060"
},
{
"cve": "CVE-2025-22062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: add mutual exclusion in proc_sctp_do_udp_port()\n\nWe must serialize calls to sctp_udp_sock_stop() and sctp_udp_sock_start()\nor risk a crash as syzbot reported:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000000d: 0000 [#1] SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f]\nCPU: 1 UID: 0 PID: 6551 Comm: syz.1.44 Not tainted 6.14.0-syzkaller-g7f2ff7b62617 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\n RIP: 0010:kernel_sock_shutdown+0x47/0x70 net/socket.c:3653\nCall Trace:\n \u003cTASK\u003e\n udp_tunnel_sock_release+0x68/0x80 net/ipv4/udp_tunnel_core.c:181\n sctp_udp_sock_stop+0x71/0x160 net/sctp/protocol.c:930\n proc_sctp_do_udp_port+0x264/0x450 net/sctp/sysctl.c:553\n proc_sys_call_handler+0x3d0/0x5b0 fs/proc/proc_sysctl.c:601\n iter_file_splice_write+0x91c/0x1150 fs/splice.c:738\n do_splice_from fs/splice.c:935 [inline]\n direct_splice_actor+0x18f/0x6c0 fs/splice.c:1158\n splice_direct_to_actor+0x342/0xa30 fs/splice.c:1102\n do_splice_direct_actor fs/splice.c:1201 [inline]\n do_splice_direct+0x174/0x240 fs/splice.c:1227\n do_sendfile+0xafd/0xe50 fs/read_write.c:1368\n __do_sys_sendfile64 fs/read_write.c:1429 [inline]\n __se_sys_sendfile64 fs/read_write.c:1415 [inline]\n __x64_sys_sendfile64+0x1d8/0x220 fs/read_write.c:1415\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22062",
"url": "https://www.suse.com/security/cve/CVE-2025-22062"
},
{
"category": "external",
"summary": "SUSE Bug 1241412 for CVE-2025-22062",
"url": "https://bugzilla.suse.com/1241412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22062"
},
{
"cve": "CVE-2025-22063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets\n\nWhen calling netlbl_conn_setattr(), addr-\u003esa_family is used\nto determine the function behavior. If sk is an IPv4 socket,\nbut the connect function is called with an IPv6 address,\nthe function calipso_sock_setattr() is triggered.\nInside this function, the following code is executed:\n\nsk_fullsock(__sk) ? inet_sk(__sk)-\u003epinet6 : NULL;\n\nSince sk is an IPv4 socket, pinet6 is NULL, leading to a\nnull pointer dereference.\n\nThis patch fixes the issue by checking if inet6_sk(sk)\nreturns a NULL pointer before accessing pinet6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22063",
"url": "https://www.suse.com/security/cve/CVE-2025-22063"
},
{
"category": "external",
"summary": "SUSE Bug 1241351 for CVE-2025-22063",
"url": "https://bugzilla.suse.com/1241351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22063"
},
{
"cve": "CVE-2025-22064",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22064"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t unregister hook when table is dormant\n\nWhen nf_tables_updchain encounters an error, hook registration needs to\nbe rolled back.\n\nThis should only be done if the hook has been registered, which won\u0027t\nhappen when the table is flagged as dormant (inactive).\n\nJust move the assignment into the registration block.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22064",
"url": "https://www.suse.com/security/cve/CVE-2025-22064"
},
{
"category": "external",
"summary": "SUSE Bug 1241413 for CVE-2025-22064",
"url": "https://bugzilla.suse.com/1241413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22064"
},
{
"cve": "CVE-2025-22065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix adapter NULL pointer dereference on reboot\n\nWith SRIOV enabled, idpf ends up calling into idpf_remove() twice.\nFirst via idpf_shutdown() and then again when idpf_remove() calls into\nsriov_disable(), because the VF devices use the idpf driver, hence the\nsame remove routine. When that happens, it is possible for the adapter\nto be NULL from the first call to idpf_remove(), leading to a NULL\npointer dereference.\n\necho 1 \u003e /sys/class/net/\u003cnetif\u003e/device/sriov_numvfs\nreboot\n\nBUG: kernel NULL pointer dereference, address: 0000000000000020\n...\nRIP: 0010:idpf_remove+0x22/0x1f0 [idpf]\n...\n? idpf_remove+0x22/0x1f0 [idpf]\n? idpf_remove+0x1e4/0x1f0 [idpf]\npci_device_remove+0x3f/0xb0\ndevice_release_driver_internal+0x19f/0x200\npci_stop_bus_device+0x6d/0x90\npci_stop_and_remove_bus_device+0x12/0x20\npci_iov_remove_virtfn+0xbe/0x120\nsriov_disable+0x34/0xe0\nidpf_sriov_configure+0x58/0x140 [idpf]\nidpf_remove+0x1b9/0x1f0 [idpf]\nidpf_shutdown+0x12/0x30 [idpf]\npci_device_shutdown+0x35/0x60\ndevice_shutdown+0x156/0x200\n...\n\nReplace the direct idpf_remove() call in idpf_shutdown() with\nidpf_vc_core_deinit() and idpf_deinit_dflt_mbx(), which perform\nthe bulk of the cleanup, such as stopping the init task, freeing IRQs,\ndestroying the vports and freeing the mailbox. This avoids the calls to\nsriov_disable() in addition to a small netdev cleanup, and destroying\nworkqueues, which don\u0027t seem to be required on shutdown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22065",
"url": "https://www.suse.com/security/cve/CVE-2025-22065"
},
{
"category": "external",
"summary": "SUSE Bug 1241333 for CVE-2025-22065",
"url": "https://bugzilla.suse.com/1241333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22065"
},
{
"cve": "CVE-2025-22070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: fix NULL pointer dereference on mkdir\n\nWhen a 9p tree was mounted with option \u0027posixacl\u0027, parent directory had a\ndefault ACL set for its subdirectories, e.g.:\n\n setfacl -m default:group:simpsons:rwx parentdir\n\nthen creating a subdirectory crashed 9p client, as v9fs_fid_add() call in\nfunction v9fs_vfs_mkdir_dotl() sets the passed \u0027fid\u0027 pointer to NULL\n(since dafbe689736) even though the subsequent v9fs_set_create_acl() call\nexpects a valid non-NULL \u0027fid\u0027 pointer:\n\n [ 37.273191] BUG: kernel NULL pointer dereference, address: 0000000000000000\n ...\n [ 37.322338] Call Trace:\n [ 37.323043] \u003cTASK\u003e\n [ 37.323621] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434)\n [ 37.324448] ? page_fault_oops (arch/x86/mm/fault.c:714)\n [ 37.325532] ? search_module_extables (kernel/module/main.c:3733)\n [ 37.326742] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.328006] ? search_bpf_extables (kernel/bpf/core.c:804)\n [ 37.329142] ? exc_page_fault (./arch/x86/include/asm/paravirt.h:686 arch/x86/mm/fault.c:1488 arch/x86/mm/fault.c:1538)\n [ 37.330196] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:574)\n [ 37.331330] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.332562] ? v9fs_fid_xattr_get (fs/9p/xattr.c:30) 9p\n [ 37.333824] v9fs_fid_xattr_set (fs/9p/fid.h:23 fs/9p/xattr.c:121) 9p\n [ 37.335077] v9fs_set_acl (fs/9p/acl.c:276) 9p\n [ 37.336112] v9fs_set_create_acl (fs/9p/acl.c:307) 9p\n [ 37.337326] v9fs_vfs_mkdir_dotl (fs/9p/vfs_inode_dotl.c:411) 9p\n [ 37.338590] vfs_mkdir (fs/namei.c:4313)\n [ 37.339535] do_mkdirat (fs/namei.c:4336)\n [ 37.340465] __x64_sys_mkdir (fs/namei.c:4354)\n [ 37.341455] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n [ 37.342447] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by simply swapping the sequence of these two calls in\nv9fs_vfs_mkdir_dotl(), i.e. calling v9fs_set_create_acl() before\nv9fs_fid_add().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22070",
"url": "https://www.suse.com/security/cve/CVE-2025-22070"
},
{
"category": "external",
"summary": "SUSE Bug 1241305 for CVE-2025-22070",
"url": "https://bugzilla.suse.com/1241305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22070"
},
{
"cve": "CVE-2025-22075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: Allocate vfinfo size for VF GUIDs when supported\n\nCommit 30aad41721e0 (\"net/core: Add support for getting VF GUIDs\")\nadded support for getting VF port and node GUIDs in netlink ifinfo\nmessages, but their size was not taken into consideration in the\nfunction that allocates the netlink message, causing the following\nwarning when a netlink message is filled with many VF port and node\nGUIDs:\n # echo 64 \u003e /sys/bus/pci/devices/0000\\:08\\:00.0/sriov_numvfs\n # ip link show dev ib0\n RTNETLINK answers: Message too long\n Cannot send link get request: Message too long\n\nKernel warning:\n\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 1930 at net/core/rtnetlink.c:4151 rtnl_getlink+0x586/0x5a0\n Modules linked in: xt_conntrack xt_MASQUERADE nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter overlay mlx5_ib macsec mlx5_core tls rpcrdma rdma_ucm ib_uverbs ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm iw_cm ib_ipoib fuse ib_cm ib_core\n CPU: 2 UID: 0 PID: 1930 Comm: ip Not tainted 6.14.0-rc2+ #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:rtnl_getlink+0x586/0x5a0\n Code: cb 82 e8 3d af 0a 00 4d 85 ff 0f 84 08 ff ff ff 4c 89 ff 41 be ea ff ff ff e8 66 63 5b ff 49 c7 07 80 4f cb 82 e9 36 fc ff ff \u003c0f\u003e 0b e9 16 fe ff ff e8 de a0 56 00 66 66 2e 0f 1f 84 00 00 00 00\n RSP: 0018:ffff888113557348 EFLAGS: 00010246\n RAX: 00000000ffffffa6 RBX: ffff88817e87aa34 RCX: dffffc0000000000\n RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffff88817e87afb8\n RBP: 0000000000000009 R08: ffffffff821f44aa R09: 0000000000000000\n R10: ffff8881260f79a8 R11: ffff88817e87af00 R12: ffff88817e87aa00\n R13: ffffffff8563d300 R14: 00000000ffffffa6 R15: 00000000ffffffff\n FS: 00007f63a5dbf280(0000) GS:ffff88881ee00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f63a5ba4493 CR3: 00000001700fe002 CR4: 0000000000772eb0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0xa5/0x230\n ? rtnl_getlink+0x586/0x5a0\n ? report_bug+0x22d/0x240\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x14/0x50\n ? asm_exc_invalid_op+0x16/0x20\n ? skb_trim+0x6a/0x80\n ? rtnl_getlink+0x586/0x5a0\n ? __pfx_rtnl_getlink+0x10/0x10\n ? rtnetlink_rcv_msg+0x1e5/0x860\n ? __pfx___mutex_lock+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? __pfx_lock_acquire+0x10/0x10\n ? stack_trace_save+0x90/0xd0\n ? filter_irq_stacks+0x1d/0x70\n ? kasan_save_stack+0x30/0x40\n ? kasan_save_stack+0x20/0x40\n ? kasan_save_track+0x10/0x30\n rtnetlink_rcv_msg+0x21c/0x860\n ? entry_SYSCALL_64_after_hwframe+0x76/0x7e\n ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n ? arch_stack_walk+0x9e/0xf0\n ? rcu_is_watching+0x34/0x60\n ? lock_acquire+0xd5/0x410\n ? rcu_is_watching+0x34/0x60\n netlink_rcv_skb+0xe0/0x210\n ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n ? __pfx_netlink_rcv_skb+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? __pfx___netlink_lookup+0x10/0x10\n ? lock_release+0x62/0x200\n ? netlink_deliver_tap+0xfd/0x290\n ? rcu_is_watching+0x34/0x60\n ? lock_release+0x62/0x200\n ? netlink_deliver_tap+0x95/0x290\n netlink_unicast+0x31f/0x480\n ? __pfx_netlink_unicast+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? lock_acquire+0xd5/0x410\n netlink_sendmsg+0x369/0x660\n ? lock_release+0x62/0x200\n ? __pfx_netlink_sendmsg+0x10/0x10\n ? import_ubuf+0xb9/0xf0\n ? __import_iovec+0x254/0x2b0\n ? lock_release+0x62/0x200\n ? __pfx_netlink_sendmsg+0x10/0x10\n ____sys_sendmsg+0x559/0x5a0\n ? __pfx_____sys_sendmsg+0x10/0x10\n ? __pfx_copy_msghdr_from_user+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? do_read_fault+0x213/0x4a0\n ? rcu_is_watching+0x34/0x60\n ___sys_sendmsg+0xe4/0x150\n ? __pfx____sys_sendmsg+0x10/0x10\n ? do_fault+0x2cc/0x6f0\n ? handle_pte_fault+0x2e3/0x3d0\n ? __pfx_handle_pte_fault+0x10/0x10\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22075",
"url": "https://www.suse.com/security/cve/CVE-2025-22075"
},
{
"category": "external",
"summary": "SUSE Bug 1241402 for CVE-2025-22075",
"url": "https://bugzilla.suse.com/1241402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22075"
},
{
"cve": "CVE-2025-22080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Prevent integer overflow in hdr_first_de()\n\nThe \"de_off\" and \"used\" variables come from the disk so they both need to\ncheck. The problem is that on 32bit systems if they\u0027re both greater than\nUINT_MAX - 16 then the check does work as intended because of an integer\noverflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22080",
"url": "https://www.suse.com/security/cve/CVE-2025-22080"
},
{
"category": "external",
"summary": "SUSE Bug 1241416 for CVE-2025-22080",
"url": "https://bugzilla.suse.com/1241416"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22080"
},
{
"cve": "CVE-2025-22085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Fix use-after-free when rename device name\n\nSyzbot reported a slab-use-after-free with the following call trace:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in nla_put+0xd3/0x150 lib/nlattr.c:1099\nRead of size 5 at addr ffff888140ea1c60 by task syz.0.988/10025\n\nCPU: 0 UID: 0 PID: 10025 Comm: syz.0.988\nNot tainted 6.14.0-rc4-syzkaller-00859-gf77f12010f67 #0\nHardware name: Google Compute Engine, BIOS Google 02/12/2025\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0x16e/0x5b0 mm/kasan/report.c:521\n kasan_report+0x143/0x180 mm/kasan/report.c:634\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105\n nla_put+0xd3/0x150 lib/nlattr.c:1099\n nla_put_string include/net/netlink.h:1621 [inline]\n fill_nldev_handle+0x16e/0x200 drivers/infiniband/core/nldev.c:265\n rdma_nl_notify_event+0x561/0xef0 drivers/infiniband/core/nldev.c:2857\n ib_device_notify_register+0x22/0x230 drivers/infiniband/core/device.c:1344\n ib_register_device+0x1292/0x1460 drivers/infiniband/core/device.c:1460\n rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540\n rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550\n rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212\n nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795\n rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline]\n rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259\n netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339\n netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1883\n sock_sendmsg_nosec net/socket.c:709 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:724\n ____sys_sendmsg+0x53a/0x860 net/socket.c:2564\n ___sys_sendmsg net/socket.c:2618 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2650\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f42d1b8d169\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 ...\nRSP: 002b:00007f42d2960038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f42d1da6320 RCX: 00007f42d1b8d169\nRDX: 0000000000000000 RSI: 00004000000002c0 RDI: 000000000000000c\nRBP: 00007f42d1c0e2a0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007f42d1da6320 R15: 00007ffe399344a8\n \u003c/TASK\u003e\n\nAllocated by task 10025:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4294 [inline]\n __kmalloc_node_track_caller_noprof+0x28b/0x4c0 mm/slub.c:4313\n __kmemdup_nul mm/util.c:61 [inline]\n kstrdup+0x42/0x100 mm/util.c:81\n kobject_set_name_vargs+0x61/0x120 lib/kobject.c:274\n dev_set_name+0xd5/0x120 drivers/base/core.c:3468\n assign_name drivers/infiniband/core/device.c:1202 [inline]\n ib_register_device+0x178/0x1460 drivers/infiniband/core/device.c:1384\n rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540\n rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550\n rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212\n nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795\n rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline]\n rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259\n netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339\n netlink_sendmsg+0x8de/0xcb0 net\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22085",
"url": "https://www.suse.com/security/cve/CVE-2025-22085"
},
{
"category": "external",
"summary": "SUSE Bug 1241419 for CVE-2025-22085",
"url": "https://bugzilla.suse.com/1241419"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22085"
},
{
"cve": "CVE-2025-22086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow\n\nWhen cur_qp isn\u0027t NULL, in order to avoid fetching the QP from\nthe radix tree again we check if the next cqe QP is identical to\nthe one we already have.\n\nThe bug however is that we are checking if the QP is identical by\nchecking the QP number inside the CQE against the QP number inside the\nmlx5_ib_qp, but that\u0027s wrong since the QP number from the CQE is from\nFW so it should be matched against mlx5_core_qp which is our FW QP\nnumber.\n\nOtherwise we could use the wrong QP when handling a CQE which could\ncause the kernel trace below.\n\nThis issue is mainly noticeable over QPs 0 \u0026 1, since for now they are\nthe only QPs in our driver whereas the QP number inside mlx5_ib_qp\ndoesn\u0027t match the QP number inside mlx5_core_qp.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000012\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP\n CPU: 0 UID: 0 PID: 7927 Comm: kworker/u62:1 Not tainted 6.14.0-rc3+ #189\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n Workqueue: ib-comp-unb-wq ib_cq_poll_work [ib_core]\n RIP: 0010:mlx5_ib_poll_cq+0x4c7/0xd90 [mlx5_ib]\n Code: 03 00 00 8d 58 ff 21 cb 66 39 d3 74 39 48 c7 c7 3c 89 6e a0 0f b7 db e8 b7 d2 b3 e0 49 8b 86 60 03 00 00 48 c7 c7 4a 89 6e a0 \u003c0f\u003e b7 5c 98 02 e8 9f d2 b3 e0 41 0f b7 86 78 03 00 00 83 e8 01 21\n RSP: 0018:ffff88810511bd60 EFLAGS: 00010046\n RAX: 0000000000000010 RBX: 0000000000000000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff88885fa1b3c0 RDI: ffffffffa06e894a\n RBP: 00000000000000b0 R08: 0000000000000000 R09: ffff88810511bc10\n R10: 0000000000000001 R11: 0000000000000001 R12: ffff88810d593000\n R13: ffff88810e579108 R14: ffff888105146000 R15: 00000000000000b0\n FS: 0000000000000000(0000) GS:ffff88885fa00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000012 CR3: 00000001077e6001 CR4: 0000000000370eb0\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x150/0x3e0\n ? exc_page_fault+0x74/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? mlx5_ib_poll_cq+0x4c7/0xd90 [mlx5_ib]\n __ib_process_cq+0x5a/0x150 [ib_core]\n ib_cq_poll_work+0x31/0x90 [ib_core]\n process_one_work+0x169/0x320\n worker_thread+0x288/0x3a0\n ? work_busy+0xb0/0xb0\n kthread+0xd7/0x1f0\n ? kthreads_online_cpu+0x130/0x130\n ? kthreads_online_cpu+0x130/0x130\n ret_from_fork+0x2d/0x50\n ? kthreads_online_cpu+0x130/0x130\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22086",
"url": "https://www.suse.com/security/cve/CVE-2025-22086"
},
{
"category": "external",
"summary": "SUSE Bug 1241458 for CVE-2025-22086",
"url": "https://bugzilla.suse.com/1241458"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22086"
},
{
"cve": "CVE-2025-22088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/erdma: Prevent use-after-free in erdma_accept_newconn()\n\nAfter the erdma_cep_put(new_cep) being called, new_cep will be freed,\nand the following dereference will cause a UAF problem. Fix this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22088",
"url": "https://www.suse.com/security/cve/CVE-2025-22088"
},
{
"category": "external",
"summary": "SUSE Bug 1241528 for CVE-2025-22088",
"url": "https://bugzilla.suse.com/1241528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22088"
},
{
"cve": "CVE-2025-22090",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22090"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range()\n\nIf track_pfn_copy() fails, we already added the dst VMA to the maple\ntree. As fork() fails, we\u0027ll cleanup the maple tree, and stumble over\nthe dst VMA for which we neither performed any reservation nor copied\nany page tables.\n\nConsequently untrack_pfn() will see VM_PAT and try obtaining the\nPAT information from the page table -- which fails because the page\ntable was not copied.\n\nThe easiest fix would be to simply clear the VM_PAT flag of the dst VMA\nif track_pfn_copy() fails. However, the whole thing is about \"simply\"\nclearing the VM_PAT flag is shaky as well: if we passed track_pfn_copy()\nand performed a reservation, but copying the page tables fails, we\u0027ll\nsimply clear the VM_PAT flag, not properly undoing the reservation ...\nwhich is also wrong.\n\nSo let\u0027s fix it properly: set the VM_PAT flag only if the reservation\nsucceeded (leaving it clear initially), and undo the reservation if\nanything goes wrong while copying the page tables: clearing the VM_PAT\nflag after undoing the reservation.\n\nNote that any copied page table entries will get zapped when the VMA will\nget removed later, after copy_page_range() succeeded; as VM_PAT is not set\nthen, we won\u0027t try cleaning VM_PAT up once more and untrack_pfn() will be\nhappy. Note that leaving these page tables in place without a reservation\nis not a problem, as we are aborting fork(); this process will never run.\n\nA reproducer can trigger this usually at the first try:\n\n https://gitlab.com/davidhildenbrand/scratchspace/-/raw/main/reproducers/pat_fork.c\n\n WARNING: CPU: 26 PID: 11650 at arch/x86/mm/pat/memtype.c:983 get_pat_info+0xf6/0x110\n Modules linked in: ...\n CPU: 26 UID: 0 PID: 11650 Comm: repro3 Not tainted 6.12.0-rc5+ #92\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n RIP: 0010:get_pat_info+0xf6/0x110\n ...\n Call Trace:\n \u003cTASK\u003e\n ...\n untrack_pfn+0x52/0x110\n unmap_single_vma+0xa6/0xe0\n unmap_vmas+0x105/0x1f0\n exit_mmap+0xf6/0x460\n __mmput+0x4b/0x120\n copy_process+0x1bf6/0x2aa0\n kernel_clone+0xab/0x440\n __do_sys_clone+0x66/0x90\n do_syscall_64+0x95/0x180\n\nLikely this case was missed in:\n\n d155df53f310 (\"x86/mm/pat: clear VM_PAT if copy_p4d_range failed\")\n\n... and instead of undoing the reservation we simply cleared the VM_PAT flag.\n\nKeep the documentation of these functions in include/linux/pgtable.h,\none place is more than sufficient -- we should clean that up for the other\nfunctions like track_pfn_remap/untrack_pfn separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22090",
"url": "https://www.suse.com/security/cve/CVE-2025-22090"
},
{
"category": "external",
"summary": "SUSE Bug 1241537 for CVE-2025-22090",
"url": "https://bugzilla.suse.com/1241537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22090"
},
{
"cve": "CVE-2025-22091",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22091"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix page_size variable overflow\n\nChange all variables storing mlx5_umem_mkc_find_best_pgsz() result to\nunsigned long to support values larger than 31 and avoid overflow.\n\nFor example: If we try to register 4GB of memory that is contiguous in\nphysical memory, the driver will optimize the page_size and try to use\nan mkey with 4GB entity size. The \u0027unsigned int\u0027 page_size variable will\noverflow to \u00270\u0027 and we\u0027ll hit the WARN_ON() in alloc_cacheable_mr().\n\nWARNING: CPU: 2 PID: 1203 at drivers/infiniband/hw/mlx5/mr.c:1124 alloc_cacheable_mr+0x22/0x580 [mlx5_ib]\nModules linked in: mlx5_ib mlx5_core bonding ip6_gre ip6_tunnel tunnel6 ip_gre gre rdma_rxe rdma_ucm ib_uverbs ib_ipoib ib_umad rpcrdma ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm fuse ib_core [last unloaded: mlx5_core]\nCPU: 2 UID: 70878 PID: 1203 Comm: rdma_resource_l Tainted: G W 6.14.0-rc4-dirty #43\nTainted: [W]=WARN\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:alloc_cacheable_mr+0x22/0x580 [mlx5_ib]\nCode: 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 41 52 53 48 83 ec 30 f6 46 28 04 4c 8b 77 08 75 21 \u003c0f\u003e 0b 49 c7 c2 ea ff ff ff 48 8d 65 d0 4c 89 d0 5b 41 5a 41 5c 41\nRSP: 0018:ffffc900006ffac8 EFLAGS: 00010246\nRAX: 0000000004c0d0d0 RBX: ffff888217a22000 RCX: 0000000000100001\nRDX: 00007fb7ac480000 RSI: ffff8882037b1240 RDI: ffff8882046f0600\nRBP: ffffc900006ffb28 R08: 0000000000000001 R09: 0000000000000000\nR10: 00000000000007e0 R11: ffffea0008011d40 R12: ffff8882037b1240\nR13: ffff8882046f0600 R14: ffff888217a22000 R15: ffffc900006ffe00\nFS: 00007fb7ed013340(0000) GS:ffff88885fd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fb7ed1d8000 CR3: 00000001fd8f6006 CR4: 0000000000772eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __warn+0x81/0x130\n ? alloc_cacheable_mr+0x22/0x580 [mlx5_ib]\n ? report_bug+0xfc/0x1e0\n ? handle_bug+0x55/0x90\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? alloc_cacheable_mr+0x22/0x580 [mlx5_ib]\n create_real_mr+0x54/0x150 [mlx5_ib]\n ib_uverbs_reg_mr+0x17f/0x2a0 [ib_uverbs]\n ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0xca/0x140 [ib_uverbs]\n ib_uverbs_run_method+0x6d0/0x780 [ib_uverbs]\n ? __pfx_ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0x10/0x10 [ib_uverbs]\n ib_uverbs_cmd_verbs+0x19b/0x360 [ib_uverbs]\n ? walk_system_ram_range+0x79/0xd0\n ? ___pte_offset_map+0x1b/0x110\n ? __pte_offset_map_lock+0x80/0x100\n ib_uverbs_ioctl+0xac/0x110 [ib_uverbs]\n __x64_sys_ioctl+0x94/0xb0\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7fb7ecf0737b\nCode: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 7d 2a 0f 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffdbe03ecc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffdbe03edb8 RCX: 00007fb7ecf0737b\nRDX: 00007ffdbe03eda0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffdbe03ed80 R08: 00007fb7ecc84010 R09: 00007ffdbe03eed4\nR10: 0000000000000009 R11: 0000000000000246 R12: 00007ffdbe03eed4\nR13: 000000000000000c R14: 000000000000000c R15: 00007fb7ecc84150\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22091",
"url": "https://www.suse.com/security/cve/CVE-2025-22091"
},
{
"category": "external",
"summary": "SUSE Bug 1241535 for CVE-2025-22091",
"url": "https://bugzilla.suse.com/1241535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22091"
},
{
"cve": "CVE-2025-22093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: avoid NPD when ASIC does not support DMUB\n\nctx-\u003edmub_srv will de NULL if the ASIC does not support DMUB, which is\ntested in dm_dmub_sw_init.\n\nHowever, it will be dereferenced in dmub_hw_lock_mgr_cmd if\nshould_use_dmub_lock returns true.\n\nThis has been the case since dmub support has been added for PSR1.\n\nFix this by checking for dmub_srv in should_use_dmub_lock.\n\n[ 37.440832] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 37.447808] #PF: supervisor read access in kernel mode\n[ 37.452959] #PF: error_code(0x0000) - not-present page\n[ 37.458112] PGD 0 P4D 0\n[ 37.460662] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 37.465553] CPU: 2 UID: 1000 PID: 1745 Comm: DrmThread Not tainted 6.14.0-rc1-00003-gd62e938120f0 #23 99720e1cb1e0fc4773b8513150932a07de3c6e88\n[ 37.478324] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[ 37.487103] RIP: 0010:dmub_hw_lock_mgr_cmd+0x77/0xb0\n[ 37.492074] Code: 44 24 0e 00 00 00 00 48 c7 04 24 45 00 00 0c 40 88 74 24 0d 0f b6 02 88 44 24 0c 8b 01 89 44 24 08 85 f6 75 05 c6 44 24 0e 01 \u003c48\u003e 8b 7f 58 48 89 e6 ba 01 00 00 00 e8 08 3c 2a 00 65 48 8b 04 5\n[ 37.510822] RSP: 0018:ffff969442853300 EFLAGS: 00010202\n[ 37.516052] RAX: 0000000000000000 RBX: ffff92db03000000 RCX: ffff969442853358\n[ 37.523185] RDX: ffff969442853368 RSI: 0000000000000001 RDI: 0000000000000000\n[ 37.530322] RBP: 0000000000000001 R08: 00000000000004a7 R09: 00000000000004a5\n[ 37.537453] R10: 0000000000000476 R11: 0000000000000062 R12: ffff92db0ade8000\n[ 37.544589] R13: ffff92da01180ae0 R14: ffff92da011802a8 R15: ffff92db03000000\n[ 37.551725] FS: 0000784a9cdfc6c0(0000) GS:ffff92db2af00000(0000) knlGS:0000000000000000\n[ 37.559814] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 37.565562] CR2: 0000000000000058 CR3: 0000000112b1c000 CR4: 00000000003506f0\n[ 37.572697] Call Trace:\n[ 37.575152] \u003cTASK\u003e\n[ 37.577258] ? __die_body+0x66/0xb0\n[ 37.580756] ? page_fault_oops+0x3e7/0x4a0\n[ 37.584861] ? exc_page_fault+0x3e/0xe0\n[ 37.588706] ? exc_page_fault+0x5c/0xe0\n[ 37.592550] ? asm_exc_page_fault+0x22/0x30\n[ 37.596742] ? dmub_hw_lock_mgr_cmd+0x77/0xb0\n[ 37.601107] dcn10_cursor_lock+0x1e1/0x240\n[ 37.605211] program_cursor_attributes+0x81/0x190\n[ 37.609923] commit_planes_for_stream+0x998/0x1ef0\n[ 37.614722] update_planes_and_stream_v2+0x41e/0x5c0\n[ 37.619703] dc_update_planes_and_stream+0x78/0x140\n[ 37.624588] amdgpu_dm_atomic_commit_tail+0x4362/0x49f0\n[ 37.629832] ? srso_return_thunk+0x5/0x5f\n[ 37.633847] ? mark_held_locks+0x6d/0xd0\n[ 37.637774] ? _raw_spin_unlock_irq+0x24/0x50\n[ 37.642135] ? srso_return_thunk+0x5/0x5f\n[ 37.646148] ? lockdep_hardirqs_on+0x95/0x150\n[ 37.650510] ? srso_return_thunk+0x5/0x5f\n[ 37.654522] ? _raw_spin_unlock_irq+0x2f/0x50\n[ 37.658883] ? srso_return_thunk+0x5/0x5f\n[ 37.662897] ? wait_for_common+0x186/0x1c0\n[ 37.666998] ? srso_return_thunk+0x5/0x5f\n[ 37.671009] ? drm_crtc_next_vblank_start+0xc3/0x170\n[ 37.675983] commit_tail+0xf5/0x1c0\n[ 37.679478] drm_atomic_helper_commit+0x2a2/0x2b0\n[ 37.684186] drm_atomic_commit+0xd6/0x100\n[ 37.688199] ? __cfi___drm_printfn_info+0x10/0x10\n[ 37.692911] drm_atomic_helper_update_plane+0xe5/0x130\n[ 37.698054] drm_mode_cursor_common+0x501/0x670\n[ 37.702600] ? __cfi_drm_mode_cursor_ioctl+0x10/0x10\n[ 37.707572] drm_mode_cursor_ioctl+0x48/0x70\n[ 37.711851] drm_ioctl_kernel+0xf2/0x150\n[ 37.715781] drm_ioctl+0x363/0x590\n[ 37.719189] ? __cfi_drm_mode_cursor_ioctl+0x10/0x10\n[ 37.724165] amdgpu_drm_ioctl+0x41/0x80\n[ 37.728013] __se_sys_ioctl+0x7f/0xd0\n[ 37.731685] do_syscall_64+0x87/0x100\n[ 37.735355] ? vma_end_read+0x12/0xe0\n[ 37.739024] ? srso_return_thunk+0x5/0x5f\n[ 37.743041] ? find_held_lock+0x47/0xf0\n[ 37.746884] ? vma_end_read+0x12/0xe0\n[ 37.750552] ? srso_return_thunk+0x5/0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22093",
"url": "https://www.suse.com/security/cve/CVE-2025-22093"
},
{
"category": "external",
"summary": "SUSE Bug 1241545 for CVE-2025-22093",
"url": "https://bugzilla.suse.com/1241545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22093"
},
{
"cve": "CVE-2025-22094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/perf: Fix ref-counting on the PMU \u0027vpa_pmu\u0027\n\nCommit 176cda0619b6 (\"powerpc/perf: Add perf interface to expose vpa\ncounters\") introduced \u0027vpa_pmu\u0027 to expose Book3s-HV nested APIv2 provided\nL1\u003c-\u003eL2 context switch latency counters to L1 user-space via\nperf-events. However the newly introduced PMU named \u0027vpa_pmu\u0027 doesn\u0027t\nassign ownership of the PMU to the module \u0027vpa_pmu\u0027. Consequently the\nmodule \u0027vpa_pmu\u0027 can be unloaded while one of the perf-events are still\nactive, which can lead to kernel oops and panic of the form below on a\nPseries-LPAR:\n\nBUG: Kernel NULL pointer dereference on read at 0x00000058\n\u003csnip\u003e\n NIP [c000000000506cb8] event_sched_out+0x40/0x258\n LR [c00000000050e8a4] __perf_remove_from_context+0x7c/0x2b0\n Call Trace:\n [c00000025fc3fc30] [c00000025f8457a8] 0xc00000025f8457a8 (unreliable)\n [c00000025fc3fc80] [fffffffffffffee0] 0xfffffffffffffee0\n [c00000025fc3fcd0] [c000000000501e70] event_function+0xa8/0x120\n\u003csnip\u003e\n Kernel panic - not syncing: Aiee, killing interrupt handler!\n\nFix this by adding the module ownership to \u0027vpa_pmu\u0027 so that the module\n\u0027vpa_pmu\u0027 is ref-counted and prevented from being unloaded when perf-events\nare initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22094",
"url": "https://www.suse.com/security/cve/CVE-2025-22094"
},
{
"category": "external",
"summary": "SUSE Bug 1241512 for CVE-2025-22094",
"url": "https://bugzilla.suse.com/1241512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22094"
},
{
"cve": "CVE-2025-22097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vkms: Fix use after free and double free on init error\n\nIf the driver initialization fails, the vkms_exit() function might\naccess an uninitialized or freed default_config pointer and it might\ndouble free it.\n\nFix both possible errors by initializing default_config only when the\ndriver initialization succeeded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22097",
"url": "https://www.suse.com/security/cve/CVE-2025-22097"
},
{
"category": "external",
"summary": "SUSE Bug 1241541 for CVE-2025-22097",
"url": "https://bugzilla.suse.com/1241541"
},
{
"category": "external",
"summary": "SUSE Bug 1241542 for CVE-2025-22097",
"url": "https://bugzilla.suse.com/1241542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-22097"
},
{
"cve": "CVE-2025-22102",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22102"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Fix kernel panic during FW release\n\nThis fixes a kernel panic seen during release FW in a stress test\nscenario where WLAN and BT FW download occurs simultaneously, and due to\na HW bug, chip sends out only 1 bootloader signatures.\n\nWhen driver receives the bootloader signature, it enters FW download\nmode, but since no consequtive bootloader signatures seen, FW file is\nnot requested.\n\nAfter 60 seconds, when FW download times out, release_firmware causes a\nkernel panic.\n\n[ 2601.949184] Unable to handle kernel paging request at virtual address 0000312e6f006573\n[ 2601.992076] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000111802000\n[ 2601.992080] [0000312e6f006573] pgd=0000000000000000, p4d=0000000000000000\n[ 2601.992087] Internal error: Oops: 0000000096000021 [#1] PREEMPT SMP\n[ 2601.992091] Modules linked in: algif_hash algif_skcipher af_alg btnxpuart(O) pciexxx(O) mlan(O) overlay fsl_jr_uio caam_jr caamkeyblob_desc caamhash_desc caamalg_desc crypto_engine authenc libdes crct10dif_ce polyval_ce snd_soc_fsl_easrc snd_soc_fsl_asoc_card imx8_media_dev(C) snd_soc_fsl_micfil polyval_generic snd_soc_fsl_xcvr snd_soc_fsl_sai snd_soc_imx_audmux snd_soc_fsl_asrc snd_soc_imx_card snd_soc_imx_hdmi snd_soc_fsl_aud2htx snd_soc_fsl_utils imx_pcm_dma dw_hdmi_cec flexcan can_dev\n[ 2602.001825] CPU: 2 PID: 20060 Comm: hciconfig Tainted: G C O 6.6.23-lts-next-06236-gb586a521770e #1\n[ 2602.010182] Hardware name: NXP i.MX8MPlus EVK board (DT)\n[ 2602.010185] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 2602.010191] pc : _raw_spin_lock+0x34/0x68\n[ 2602.010201] lr : free_fw_priv+0x20/0xfc\n[ 2602.020561] sp : ffff800089363b30\n[ 2602.020563] x29: ffff800089363b30 x28: ffff0000d0eb5880 x27: 0000000000000000\n[ 2602.020570] x26: 0000000000000000 x25: ffff0000d728b330 x24: 0000000000000000\n[ 2602.020577] x23: ffff0000dc856f38\n[ 2602.033797] x22: ffff800089363b70 x21: ffff0000dc856000\n[ 2602.033802] x20: ff00312e6f006573 x19: ffff0000d0d9ea80 x18: 0000000000000000\n[ 2602.033809] x17: 0000000000000000 x16: 0000000000000000 x15: 0000aaaad80dd480\n[ 2602.083320] x14: 0000000000000000 x13: 00000000000001b9 x12: 0000000000000002\n[ 2602.083326] x11: 0000000000000000 x10: 0000000000000a60 x9 : ffff800089363a30\n[ 2602.083333] x8 : ffff0001793d75c0 x7 : ffff0000d6dbc400 x6 : 0000000000000000\n[ 2602.083339] x5 : 00000000410fd030 x4 : 0000000000000000 x3 : 0000000000000001\n[ 2602.083346] x2 : 0000000000000000 x1 : 0000000000000001 x0 : ff00312e6f006573\n[ 2602.083354] Call trace:\n[ 2602.083356] _raw_spin_lock+0x34/0x68\n[ 2602.083364] release_firmware+0x48/0x6c\n[ 2602.083370] nxp_setup+0x3c4/0x540 [btnxpuart]\n[ 2602.083383] hci_dev_open_sync+0xf0/0xa34\n[ 2602.083391] hci_dev_open+0xd8/0x178\n[ 2602.083399] hci_sock_ioctl+0x3b0/0x590\n[ 2602.083405] sock_do_ioctl+0x60/0x118\n[ 2602.083413] sock_ioctl+0x2f4/0x374\n[ 2602.091430] __arm64_sys_ioctl+0xac/0xf0\n[ 2602.091437] invoke_syscall+0x48/0x110\n[ 2602.091445] el0_svc_common.constprop.0+0xc0/0xe0\n[ 2602.091452] do_el0_svc+0x1c/0x28\n[ 2602.091457] el0_svc+0x40/0xe4\n[ 2602.091465] el0t_64_sync_handler+0x120/0x12c\n[ 2602.091470] el0t_64_sync+0x190/0x194",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22102",
"url": "https://www.suse.com/security/cve/CVE-2025-22102"
},
{
"category": "external",
"summary": "SUSE Bug 1241456 for CVE-2025-22102",
"url": "https://bugzilla.suse.com/1241456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22102"
},
{
"cve": "CVE-2025-22103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix NULL pointer dereference in l3mdev_l3_rcv\n\nWhen delete l3s ipvlan:\n\n ip link del link eth0 ipvlan1 type ipvlan mode l3s\n\nThis may cause a null pointer dereference:\n\n Call trace:\n ip_rcv_finish+0x48/0xd0\n ip_rcv+0x5c/0x100\n __netif_receive_skb_one_core+0x64/0xb0\n __netif_receive_skb+0x20/0x80\n process_backlog+0xb4/0x204\n napi_poll+0xe8/0x294\n net_rx_action+0xd8/0x22c\n __do_softirq+0x12c/0x354\n\nThis is because l3mdev_l3_rcv() visit dev-\u003el3mdev_ops after\nipvlan_l3s_unregister() assign the dev-\u003el3mdev_ops to NULL. The process\nlike this:\n\n (CPU1) | (CPU2)\n l3mdev_l3_rcv() |\n check dev-\u003epriv_flags: |\n master = skb-\u003edev; |\n |\n | ipvlan_l3s_unregister()\n | set dev-\u003epriv_flags\n | dev-\u003el3mdev_ops = NULL;\n |\n visit master-\u003el3mdev_ops |\n\nTo avoid this by do not set dev-\u003el3mdev_ops when unregister l3s ipvlan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22103",
"url": "https://www.suse.com/security/cve/CVE-2025-22103"
},
{
"category": "external",
"summary": "SUSE Bug 1241448 for CVE-2025-22103",
"url": "https://bugzilla.suse.com/1241448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22103"
},
{
"cve": "CVE-2025-22104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Use kernel helpers for hex dumps\n\nPreviously, when the driver was printing hex dumps, the buffer was cast\nto an 8 byte long and printed using string formatters. If the buffer\nsize was not a multiple of 8 then a read buffer overflow was possible.\n\nTherefore, create a new ibmvnic function that loops over a buffer and\ncalls hex_dump_to_buffer instead.\n\nThis patch address KASAN reports like the one below:\n ibmvnic 30000003 env3: Login Buffer:\n ibmvnic 30000003 env3: 01000000af000000\n \u003c...\u003e\n ibmvnic 30000003 env3: 2e6d62692e736261\n ibmvnic 30000003 env3: 65050003006d6f63\n ==================================================================\n BUG: KASAN: slab-out-of-bounds in ibmvnic_login+0xacc/0xffc [ibmvnic]\n Read of size 8 at addr c0000001331a9aa8 by task ip/17681\n \u003c...\u003e\n Allocated by task 17681:\n \u003c...\u003e\n ibmvnic_login+0x2f0/0xffc [ibmvnic]\n ibmvnic_open+0x148/0x308 [ibmvnic]\n __dev_open+0x1ac/0x304\n \u003c...\u003e\n The buggy address is located 168 bytes inside of\n allocated 175-byte region [c0000001331a9a00, c0000001331a9aaf)\n \u003c...\u003e\n =================================================================\n ibmvnic 30000003 env3: 000000000033766e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22104",
"url": "https://www.suse.com/security/cve/CVE-2025-22104"
},
{
"category": "external",
"summary": "SUSE Bug 1241550 for CVE-2025-22104",
"url": "https://bugzilla.suse.com/1241550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22104"
},
{
"cve": "CVE-2025-22105",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22105"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: check xdp prog when set bond mode\n\nFollowing operations can trigger a warning[1]:\n\n ip netns add ns1\n ip netns exec ns1 ip link add bond0 type bond mode balance-rr\n ip netns exec ns1 ip link set dev bond0 xdp obj af_xdp_kern.o sec xdp\n ip netns exec ns1 ip link set bond0 type bond mode broadcast\n ip netns del ns1\n\nWhen delete the namespace, dev_xdp_uninstall() is called to remove xdp\nprogram on bond dev, and bond_xdp_set() will check the bond mode. If bond\nmode is changed after attaching xdp program, the warning may occur.\n\nSome bond modes (broadcast, etc.) do not support native xdp. Set bond mode\nwith xdp program attached is not good. Add check for xdp program when set\nbond mode.\n\n [1]\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 11 at net/core/dev.c:9912 unregister_netdevice_many_notify+0x8d9/0x930\n Modules linked in:\n CPU: 0 UID: 0 PID: 11 Comm: kworker/u4:0 Not tainted 6.14.0-rc4 #107\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.15.0-0-g2dd4b9b3f840-prebuilt.qemu.org 04/01/2014\n Workqueue: netns cleanup_net\n RIP: 0010:unregister_netdevice_many_notify+0x8d9/0x930\n Code: 00 00 48 c7 c6 6f e3 a2 82 48 c7 c7 d0 b3 96 82 e8 9c 10 3e ...\n RSP: 0018:ffffc90000063d80 EFLAGS: 00000282\n RAX: 00000000ffffffa1 RBX: ffff888004959000 RCX: 00000000ffffdfff\n RDX: 0000000000000000 RSI: 00000000ffffffea RDI: ffffc90000063b48\n RBP: ffffc90000063e28 R08: ffffffff82d39b28 R09: 0000000000009ffb\n R10: 0000000000000175 R11: ffffffff82d09b40 R12: ffff8880049598e8\n R13: 0000000000000001 R14: dead000000000100 R15: ffffc90000045000\n FS: 0000000000000000(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000000d406b60 CR3: 000000000483e000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x83/0x130\n ? unregister_netdevice_many_notify+0x8d9/0x930\n ? report_bug+0x18e/0x1a0\n ? handle_bug+0x54/0x90\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? unregister_netdevice_many_notify+0x8d9/0x930\n ? bond_net_exit_batch_rtnl+0x5c/0x90\n cleanup_net+0x237/0x3d0\n process_one_work+0x163/0x390\n worker_thread+0x293/0x3b0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xec/0x1e0\n ? __pfx_kthread+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2f/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22105",
"url": "https://www.suse.com/security/cve/CVE-2025-22105"
},
{
"category": "external",
"summary": "SUSE Bug 1241548 for CVE-2025-22105",
"url": "https://bugzilla.suse.com/1241548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22105"
},
{
"cve": "CVE-2025-22106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: unregister xdp rxq info in the reset path\n\nvmxnet3 does not unregister xdp rxq info in the\nvmxnet3_reset_work() code path as vmxnet3_rq_destroy()\nis not invoked in this code path. So, we get below message with a\nbacktrace.\n\nMissing unregister, handled but fix driver\nWARNING: CPU:48 PID: 500 at net/core/xdp.c:182\n__xdp_rxq_info_reg+0x93/0xf0\n\nThis patch fixes the problem by moving the unregister\ncode of XDP from vmxnet3_rq_destroy() to vmxnet3_rq_cleanup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22106",
"url": "https://www.suse.com/security/cve/CVE-2025-22106"
},
{
"category": "external",
"summary": "SUSE Bug 1241547 for CVE-2025-22106",
"url": "https://bugzilla.suse.com/1241547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22106"
},
{
"cve": "CVE-2025-22107",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22107"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry()\n\nThere are actually 2 problems:\n- deleting the last element doesn\u0027t require the memmove of elements\n [i + 1, end) over it. Actually, element i+1 is out of bounds.\n- The memmove itself should move size - i - 1 elements, because the last\n element is out of bounds.\n\nThe out-of-bounds element still remains out of bounds after being\naccessed, so the problem is only that we touch it, not that it becomes\nin active use. But I suppose it can lead to issues if the out-of-bounds\nelement is part of an unmapped page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22107",
"url": "https://www.suse.com/security/cve/CVE-2025-22107"
},
{
"category": "external",
"summary": "SUSE Bug 1241575 for CVE-2025-22107",
"url": "https://bugzilla.suse.com/1241575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22107"
},
{
"cve": "CVE-2025-22108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22108"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Mask the bd_cnt field in the TX BD properly\n\nThe bd_cnt field in the TX BD specifies the total number of BDs for\nthe TX packet. The bd_cnt field has 5 bits and the maximum number\nsupported is 32 with the value 0.\n\nCONFIG_MAX_SKB_FRAGS can be modified and the total number of SKB\nfragments can approach or exceed the maximum supported by the chip.\nAdd a macro to properly mask the bd_cnt field so that the value 32\nwill be properly masked and set to 0 in the bd_cnd field.\n\nWithout this patch, the out-of-range bd_cnt value will corrupt the\nTX BD and may cause TX timeout.\n\nThe next patch will check for values exceeding 32.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22108",
"url": "https://www.suse.com/security/cve/CVE-2025-22108"
},
{
"category": "external",
"summary": "SUSE Bug 1241574 for CVE-2025-22108",
"url": "https://bugzilla.suse.com/1241574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22108"
},
{
"cve": "CVE-2025-22109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22109"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Remove broken autobind\n\nBinding AX25 socket by using the autobind feature leads to memory leaks\nin ax25_connect() and also refcount leaks in ax25_release(). Memory\nleak was detected with kmemleak:\n\n================================================================\nunreferenced object 0xffff8880253cd680 (size 96):\nbacktrace:\n__kmalloc_node_track_caller_noprof (./include/linux/kmemleak.h:43)\nkmemdup_noprof (mm/util.c:136)\nax25_rt_autobind (net/ax25/ax25_route.c:428)\nax25_connect (net/ax25/af_ax25.c:1282)\n__sys_connect_file (net/socket.c:2045)\n__sys_connect (net/socket.c:2064)\n__x64_sys_connect (net/socket.c:2067)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n================================================================\n\nWhen socket is bound, refcounts must be incremented the way it is done\nin ax25_bind() and ax25_setsockopt() (SO_BINDTODEVICE). In case of\nautobind, the refcounts are not incremented.\n\nThis bug leads to the following issue reported by Syzkaller:\n\n================================================================\nax25_connect(): syz-executor318 uses autobind, please contact jreuter@yaina.de\n------------[ cut here ]------------\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 0 PID: 5317 at lib/refcount.c:31 refcount_warn_saturate+0xfa/0x1d0 lib/refcount.c:31\nModules linked in:\nCPU: 0 UID: 0 PID: 5317 Comm: syz-executor318 Not tainted 6.14.0-rc4-syzkaller-00278-gece144f151ac #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xfa/0x1d0 lib/refcount.c:31\n...\nCall Trace:\n \u003cTASK\u003e\n __refcount_dec include/linux/refcount.h:336 [inline]\n refcount_dec include/linux/refcount.h:351 [inline]\n ref_tracker_free+0x6af/0x7e0 lib/ref_tracker.c:236\n netdev_tracker_free include/linux/netdevice.h:4302 [inline]\n netdev_put include/linux/netdevice.h:4319 [inline]\n ax25_release+0x368/0x960 net/ax25/af_ax25.c:1080\n __sock_release net/socket.c:647 [inline]\n sock_close+0xbc/0x240 net/socket.c:1398\n __fput+0x3e9/0x9f0 fs/file_table.c:464\n __do_sys_close fs/open.c:1580 [inline]\n __se_sys_close fs/open.c:1565 [inline]\n __x64_sys_close+0x7f/0x110 fs/open.c:1565\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n ...\n \u003c/TASK\u003e\n================================================================\n\nConsidering the issues above and the comments left in the code that say:\n\"check if we can remove this feature. It is broken.\"; \"autobinding in this\nmay or may not work\"; - it is better to completely remove this feature than\nto fix it because it is broken and leads to various kinds of memory bugs.\n\nNow calling connect() without first binding socket will result in an\nerror (-EINVAL). Userspace software that relies on the autobind feature\nmight get broken. However, this feature does not seem widely used with\nthis specific driver as it was not reliable at any point of time, and it\nis already broken anyway. E.g. ax25-tools and ax25-apps packages for\npopular distributions do not use the autobind feature for AF_AX25.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22109",
"url": "https://www.suse.com/security/cve/CVE-2025-22109"
},
{
"category": "external",
"summary": "SUSE Bug 1241573 for CVE-2025-22109",
"url": "https://bugzilla.suse.com/1241573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22109"
},
{
"cve": "CVE-2025-22112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix out-of-range access of vnic_info array\n\nThe bnxt_queue_{start | stop}() access vnic_info as much as allocated,\nwhich indicates bp-\u003enr_vnics.\nSo, it should not reach bp-\u003evnic_info[bp-\u003enr_vnics].",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22112",
"url": "https://www.suse.com/security/cve/CVE-2025-22112"
},
{
"category": "external",
"summary": "SUSE Bug 1241581 for CVE-2025-22112",
"url": "https://bugzilla.suse.com/1241581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22112"
},
{
"cve": "CVE-2025-22115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22115"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix block group refcount race in btrfs_create_pending_block_groups()\n\nBlock group creation is done in two phases, which results in a slightly\nunintuitive property: a block group can be allocated/deallocated from\nafter btrfs_make_block_group() adds it to the space_info with\nbtrfs_add_bg_to_space_info(), but before creation is completely completed\nin btrfs_create_pending_block_groups(). As a result, it is possible for a\nblock group to go unused and have \u0027btrfs_mark_bg_unused\u0027 called on it\nconcurrently with \u0027btrfs_create_pending_block_groups\u0027. This causes a\nnumber of issues, which were fixed with the block group flag\n\u0027BLOCK_GROUP_FLAG_NEW\u0027.\n\nHowever, this fix is not quite complete. Since it does not use the\nunused_bg_lock, it is possible for the following race to occur:\n\nbtrfs_create_pending_block_groups btrfs_mark_bg_unused\n if list_empty // false\n list_del_init\n clear_bit\n else if (test_bit) // true\n list_move_tail\n\nAnd we get into the exact same broken ref count and invalid new_bgs\nstate for transaction cleanup that BLOCK_GROUP_FLAG_NEW was designed to\nprevent.\n\nThe broken refcount aspect will result in a warning like:\n\n [1272.943527] refcount_t: underflow; use-after-free.\n [1272.943967] WARNING: CPU: 1 PID: 61 at lib/refcount.c:28 refcount_warn_saturate+0xba/0x110\n [1272.944731] Modules linked in: btrfs virtio_net xor zstd_compress raid6_pq null_blk [last unloaded: btrfs]\n [1272.945550] CPU: 1 UID: 0 PID: 61 Comm: kworker/u32:1 Kdump: loaded Tainted: G W 6.14.0-rc5+ #108\n [1272.946368] Tainted: [W]=WARN\n [1272.946585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n [1272.947273] Workqueue: btrfs_discard btrfs_discard_workfn [btrfs]\n [1272.947788] RIP: 0010:refcount_warn_saturate+0xba/0x110\n [1272.949532] RSP: 0018:ffffbf1200247df0 EFLAGS: 00010282\n [1272.949901] RAX: 0000000000000000 RBX: ffffa14b00e3f800 RCX: 0000000000000000\n [1272.950437] RDX: 0000000000000000 RSI: ffffbf1200247c78 RDI: 00000000ffffdfff\n [1272.950986] RBP: ffffa14b00dc2860 R08: 00000000ffffdfff R09: ffffffff90526268\n [1272.951512] R10: ffffffff904762c0 R11: 0000000063666572 R12: ffffa14b00dc28c0\n [1272.952024] R13: 0000000000000000 R14: ffffa14b00dc2868 R15: 000001285dcd12c0\n [1272.952850] FS: 0000000000000000(0000) GS:ffffa14d33c40000(0000) knlGS:0000000000000000\n [1272.953458] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [1272.953931] CR2: 00007f838cbda000 CR3: 000000010104e000 CR4: 00000000000006f0\n [1272.954474] Call Trace:\n [1272.954655] \u003cTASK\u003e\n [1272.954812] ? refcount_warn_saturate+0xba/0x110\n [1272.955173] ? __warn.cold+0x93/0xd7\n [1272.955487] ? refcount_warn_saturate+0xba/0x110\n [1272.955816] ? report_bug+0xe7/0x120\n [1272.956103] ? handle_bug+0x53/0x90\n [1272.956424] ? exc_invalid_op+0x13/0x60\n [1272.956700] ? asm_exc_invalid_op+0x16/0x20\n [1272.957011] ? refcount_warn_saturate+0xba/0x110\n [1272.957399] btrfs_discard_cancel_work.cold+0x26/0x2b [btrfs]\n [1272.957853] btrfs_put_block_group.cold+0x5d/0x8e [btrfs]\n [1272.958289] btrfs_discard_workfn+0x194/0x380 [btrfs]\n [1272.958729] process_one_work+0x130/0x290\n [1272.959026] worker_thread+0x2ea/0x420\n [1272.959335] ? __pfx_worker_thread+0x10/0x10\n [1272.959644] kthread+0xd7/0x1c0\n [1272.959872] ? __pfx_kthread+0x10/0x10\n [1272.960172] ret_from_fork+0x30/0x50\n [1272.960474] ? __pfx_kthread+0x10/0x10\n [1272.960745] ret_from_fork_asm+0x1a/0x30\n [1272.961035] \u003c/TASK\u003e\n [1272.961238] ---[ end trace 0000000000000000 ]---\n\nThough we have seen them in the async discard workfn as well. It is\nmost likely to happen after a relocation finishes which cancels discard,\ntears down the block group, etc.\n\nFix this fully by taking the lock arou\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22115",
"url": "https://www.suse.com/security/cve/CVE-2025-22115"
},
{
"category": "external",
"summary": "SUSE Bug 1241578 for CVE-2025-22115",
"url": "https://bugzilla.suse.com/1241578"
},
{
"category": "external",
"summary": "SUSE Bug 1241579 for CVE-2025-22115",
"url": "https://bugzilla.suse.com/1241579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-22115"
},
{
"cve": "CVE-2025-22116",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22116"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: check error for register_netdev() on init\n\nCurrent init logic ignores the error code from register_netdev(),\nwhich will cause WARN_ON() on attempt to unregister it, if there was one,\nand there is no info for the user that the creation of the netdev failed.\n\nWARNING: CPU: 89 PID: 6902 at net/core/dev.c:11512 unregister_netdevice_many_notify+0x211/0x1a10\n...\n[ 3707.563641] unregister_netdev+0x1c/0x30\n[ 3707.563656] idpf_vport_dealloc+0x5cf/0xce0 [idpf]\n[ 3707.563684] idpf_deinit_task+0xef/0x160 [idpf]\n[ 3707.563712] idpf_vc_core_deinit+0x84/0x320 [idpf]\n[ 3707.563739] idpf_remove+0xbf/0x780 [idpf]\n[ 3707.563769] pci_device_remove+0xab/0x1e0\n[ 3707.563786] device_release_driver_internal+0x371/0x530\n[ 3707.563803] driver_detach+0xbf/0x180\n[ 3707.563816] bus_remove_driver+0x11b/0x2a0\n[ 3707.563829] pci_unregister_driver+0x2a/0x250\n\nIntroduce an error check and log the vport number and error code.\nOn removal make sure to check VPORT_REG_NETDEV flag prior to calling\nunregister and free on the netdev.\n\nAdd local variables for idx, vport_config and netdev for readability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22116",
"url": "https://www.suse.com/security/cve/CVE-2025-22116"
},
{
"category": "external",
"summary": "SUSE Bug 1241459 for CVE-2025-22116",
"url": "https://bugzilla.suse.com/1241459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22116"
},
{
"cve": "CVE-2025-22117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22117"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix using untrusted value of pkt_len in ice_vc_fdir_parse_raw()\n\nFix using the untrusted value of proto-\u003eraw.pkt_len in function\nice_vc_fdir_parse_raw() by verifying if it does not exceed the\nVIRTCHNL_MAX_SIZE_RAW_PACKET value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22117",
"url": "https://www.suse.com/security/cve/CVE-2025-22117"
},
{
"category": "external",
"summary": "SUSE Bug 1241633 for CVE-2025-22117",
"url": "https://bugzilla.suse.com/1241633"
},
{
"category": "external",
"summary": "SUSE Bug 1241634 for CVE-2025-22117",
"url": "https://bugzilla.suse.com/1241634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-22117"
},
{
"cve": "CVE-2025-22118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22118"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: validate queue quanta parameters to prevent OOB access\n\nAdd queue wraparound prevention in quanta configuration.\nEnsure end_qid does not overflow by validating start_qid and num_queues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22118",
"url": "https://www.suse.com/security/cve/CVE-2025-22118"
},
{
"category": "external",
"summary": "SUSE Bug 1241562 for CVE-2025-22118",
"url": "https://bugzilla.suse.com/1241562"
},
{
"category": "external",
"summary": "SUSE Bug 1241563 for CVE-2025-22118",
"url": "https://bugzilla.suse.com/1241563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-22118"
},
{
"cve": "CVE-2025-22121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22121"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()\n\nThere\u0027s issue as follows:\nBUG: KASAN: use-after-free in ext4_xattr_inode_dec_ref_all+0x6ff/0x790\nRead of size 4 at addr ffff88807b003000 by task syz-executor.0/15172\n\nCPU: 3 PID: 15172 Comm: syz-executor.0\nCall Trace:\n __dump_stack lib/dump_stack.c:82 [inline]\n dump_stack+0xbe/0xfd lib/dump_stack.c:123\n print_address_description.constprop.0+0x1e/0x280 mm/kasan/report.c:400\n __kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560\n kasan_report+0x3a/0x50 mm/kasan/report.c:585\n ext4_xattr_inode_dec_ref_all+0x6ff/0x790 fs/ext4/xattr.c:1137\n ext4_xattr_delete_inode+0x4c7/0xda0 fs/ext4/xattr.c:2896\n ext4_evict_inode+0xb3b/0x1670 fs/ext4/inode.c:323\n evict+0x39f/0x880 fs/inode.c:622\n iput_final fs/inode.c:1746 [inline]\n iput fs/inode.c:1772 [inline]\n iput+0x525/0x6c0 fs/inode.c:1758\n ext4_orphan_cleanup fs/ext4/super.c:3298 [inline]\n ext4_fill_super+0x8c57/0xba40 fs/ext4/super.c:5300\n mount_bdev+0x355/0x410 fs/super.c:1446\n legacy_get_tree+0xfe/0x220 fs/fs_context.c:611\n vfs_get_tree+0x8d/0x2f0 fs/super.c:1576\n do_new_mount fs/namespace.c:2983 [inline]\n path_mount+0x119a/0x1ad0 fs/namespace.c:3316\n do_mount+0xfc/0x110 fs/namespace.c:3329\n __do_sys_mount fs/namespace.c:3540 [inline]\n __se_sys_mount+0x219/0x2e0 fs/namespace.c:3514\n do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nMemory state around the buggy address:\n ffff88807b002f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff88807b002f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n\u003effff88807b003000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ^\n ffff88807b003080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ffff88807b003100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n\nAbove issue happens as ext4_xattr_delete_inode() isn\u0027t check xattr\nis valid if xattr is in inode.\nTo solve above issue call xattr_check_inode() check if xattr if valid\nin inode. In fact, we can directly verify in ext4_iget_extra_inode(),\nso that there is no divergent verification.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22121",
"url": "https://www.suse.com/security/cve/CVE-2025-22121"
},
{
"category": "external",
"summary": "SUSE Bug 1241593 for CVE-2025-22121",
"url": "https://bugzilla.suse.com/1241593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22121"
},
{
"cve": "CVE-2025-22125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1,raid10: don\u0027t ignore IO flags\n\nIf blk-wbt is enabled by default, it\u0027s found that raid write performance\nis quite bad because all IO are throttled by wbt of underlying disks,\ndue to flag REQ_IDLE is ignored. And turns out this behaviour exist since\nblk-wbt is introduced.\n\nOther than REQ_IDLE, other flags should not be ignored as well, for\nexample REQ_META can be set for filesystems, clearing it can cause priority\nreverse problems; And REQ_NOWAIT should not be cleared as well, because\nio will wait instead of failing directly in underlying disks.\n\nFix those problems by keep IO flags from master bio.\n\nFises: f51d46d0e7cb (\"md: add support for REQ_NOWAIT\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22125",
"url": "https://www.suse.com/security/cve/CVE-2025-22125"
},
{
"category": "external",
"summary": "SUSE Bug 1241596 for CVE-2025-22125",
"url": "https://bugzilla.suse.com/1241596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22125"
},
{
"cve": "CVE-2025-22126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix mddev uaf while iterating all_mddevs list\n\nWhile iterating all_mddevs list from md_notify_reboot() and md_exit(),\nlist_for_each_entry_safe is used, and this can race with deletint the\nnext mddev, causing UAF:\n\nt1:\nspin_lock\n//list_for_each_entry_safe(mddev, n, ...)\n mddev_get(mddev1)\n // assume mddev2 is the next entry\n spin_unlock\n t2:\n //remove mddev2\n ...\n mddev_free\n spin_lock\n list_del\n spin_unlock\n kfree(mddev2)\n mddev_put(mddev1)\n spin_lock\n //continue dereference mddev2-\u003eall_mddevs\n\nThe old helper for_each_mddev() actually grab the reference of mddev2\nwhile holding the lock, to prevent from being freed. This problem can be\nfixed the same way, however, the code will be complex.\n\nHence switch to use list_for_each_entry, in this case mddev_put() can free\nthe mddev1 and it\u0027s not safe as well. Refer to md_seq_show(), also factor\nout a helper mddev_put_locked() to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22126",
"url": "https://www.suse.com/security/cve/CVE-2025-22126"
},
{
"category": "external",
"summary": "SUSE Bug 1241597 for CVE-2025-22126",
"url": "https://bugzilla.suse.com/1241597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22126"
},
{
"cve": "CVE-2025-22128",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22128"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path\n\nIf a shared IRQ is used by the driver due to platform limitation, then the\nIRQ affinity hint is set right after the allocation of IRQ vectors in\nath12k_pci_msi_alloc(). This does no harm unless one of the functions\nrequesting the IRQ fails and attempt to free the IRQ.\n\nThis may end up with a warning from the IRQ core that is expecting the\naffinity hint to be cleared before freeing the IRQ:\n\nkernel/irq/manage.c:\n\n\t/* make sure affinity_hint is cleaned up */\n\tif (WARN_ON_ONCE(desc-\u003eaffinity_hint))\n\t\tdesc-\u003eaffinity_hint = NULL;\n\nSo to fix this issue, clear the IRQ affinity hint before calling\nath12k_pci_free_irq() in the error path. The affinity will be cleared once\nagain further down the error path due to code organization, but that does\nno harm.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22128",
"url": "https://www.suse.com/security/cve/CVE-2025-22128"
},
{
"category": "external",
"summary": "SUSE Bug 1241598 for CVE-2025-22128",
"url": "https://bugzilla.suse.com/1241598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22128"
},
{
"cve": "CVE-2025-2312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-2312"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host\u0027s Kerberos credentials cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-2312",
"url": "https://www.suse.com/security/cve/CVE-2025-2312"
},
{
"category": "external",
"summary": "SUSE Bug 1239680 for CVE-2025-2312",
"url": "https://bugzilla.suse.com/1239680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-2312"
},
{
"cve": "CVE-2025-23129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23129"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path\n\nIf a shared IRQ is used by the driver due to platform limitation, then the\nIRQ affinity hint is set right after the allocation of IRQ vectors in\nath11k_pci_alloc_msi(). This does no harm unless one of the functions\nrequesting the IRQ fails and attempt to free the IRQ. This results in the\nbelow warning:\n\nWARNING: CPU: 7 PID: 349 at kernel/irq/manage.c:1929 free_irq+0x278/0x29c\nCall trace:\n free_irq+0x278/0x29c\n ath11k_pcic_free_irq+0x70/0x10c [ath11k]\n ath11k_pci_probe+0x800/0x820 [ath11k_pci]\n local_pci_probe+0x40/0xbc\n\nThe warning is due to not clearing the affinity hint before freeing the\nIRQs.\n\nSo to fix this issue, clear the IRQ affinity hint before calling\nath11k_pcic_free_irq() in the error path. The affinity will be cleared once\nagain further down the error path due to code organization, but that does\nno harm.\n\nTested-on: QCA6390 hw2.0 PCI WLAN.HST.1.0.1-05266-QCAHSTSWPLZ_V2_TO_X86-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23129",
"url": "https://www.suse.com/security/cve/CVE-2025-23129"
},
{
"category": "external",
"summary": "SUSE Bug 1241599 for CVE-2025-23129",
"url": "https://bugzilla.suse.com/1241599"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-23129"
},
{
"cve": "CVE-2025-23131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndlm: prevent NPD when writing a positive value to event_done\n\ndo_uevent returns the value written to event_done. In case it is a\npositive value, new_lockspace would undo all the work, and lockspace\nwould not be set. __dlm_new_lockspace, however, would treat that\npositive value as a success due to commit 8511a2728ab8 (\"dlm: fix use\ncount with multiple joins\").\n\nDown the line, device_create_lockspace would pass that NULL lockspace to\ndlm_find_lockspace_local, leading to a NULL pointer dereference.\n\nTreating such positive values as successes prevents the problem. Given\nthis has been broken for so long, this is unlikely to break userspace\nexpectations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23131",
"url": "https://www.suse.com/security/cve/CVE-2025-23131"
},
{
"category": "external",
"summary": "SUSE Bug 1241601 for CVE-2025-23131",
"url": "https://bugzilla.suse.com/1241601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-23131"
},
{
"cve": "CVE-2025-23133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23133"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: update channel list in reg notifier instead reg worker\n\nCurrently when ath11k gets a new channel list, it will be processed\naccording to the following steps:\n1. update new channel list to cfg80211 and queue reg_work.\n2. cfg80211 handles new channel list during reg_work.\n3. update cfg80211\u0027s handled channel list to firmware by\nath11k_reg_update_chan_list().\n\nBut ath11k will immediately execute step 3 after reg_work is just\nqueued. Since step 2 is asynchronous, cfg80211 may not have completed\nhandling the new channel list, which may leading to an out-of-bounds\nwrite error:\nBUG: KASAN: slab-out-of-bounds in ath11k_reg_update_chan_list\nCall Trace:\n ath11k_reg_update_chan_list+0xbfe/0xfe0 [ath11k]\n kfree+0x109/0x3a0\n ath11k_regd_update+0x1cf/0x350 [ath11k]\n ath11k_regd_update_work+0x14/0x20 [ath11k]\n process_one_work+0xe35/0x14c0\n\nShould ensure step 2 is completely done before executing step 3. Thus\nWen raised patch[1]. When flag NL80211_REGDOM_SET_BY_DRIVER is set,\ncfg80211 will notify ath11k after step 2 is done.\n\nSo enable the flag NL80211_REGDOM_SET_BY_DRIVER then cfg80211 will\nnotify ath11k after step 2 is done. At this time, there will be no\nKASAN bug during the execution of the step 3.\n\n[1] https://patchwork.kernel.org/project/linux-wireless/patch/20230201065313.27203-1-quic_wgong@quicinc.com/\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23133",
"url": "https://www.suse.com/security/cve/CVE-2025-23133"
},
{
"category": "external",
"summary": "SUSE Bug 1241451 for CVE-2025-23133",
"url": "https://bugzilla.suse.com/1241451"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-23133"
},
{
"cve": "CVE-2025-23134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23134"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: timer: Don\u0027t take register_mutex with copy_from/to_user()\n\nThe infamous mmap_lock taken in copy_from/to_user() can be often\nproblematic when it\u0027s called inside another mutex, as they might lead\nto deadlocks.\n\nIn the case of ALSA timer code, the bad pattern is with\nguard(mutex)(\u0026register_mutex) that covers copy_from/to_user() -- which\nwas mistakenly introduced at converting to guard(), and it had been\ncarefully worked around in the past.\n\nThis patch fixes those pieces simply by moving copy_from/to_user() out\nof the register mutex lock again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23134",
"url": "https://www.suse.com/security/cve/CVE-2025-23134"
},
{
"category": "external",
"summary": "SUSE Bug 1241628 for CVE-2025-23134",
"url": "https://bugzilla.suse.com/1241628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-23134"
},
{
"cve": "CVE-2025-23136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23136"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: int340x: Add NULL check for adev\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL.\nThis is similar to the commit cd2fd6eab480\n(\"platform/x86: int3472: Check for adev == NULL\").\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in int3402_thermal_probe().\n\nNote, under the same directory, int3400_thermal_probe() has such a\ncheck.\n\n[ rjw: Subject edit, added Fixes: ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23136",
"url": "https://www.suse.com/security/cve/CVE-2025-23136"
},
{
"category": "external",
"summary": "SUSE Bug 1241357 for CVE-2025-23136",
"url": "https://bugzilla.suse.com/1241357"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-23136"
},
{
"cve": "CVE-2025-23138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatch_queue: fix pipe accounting mismatch\n\nCurrently, watch_queue_set_size() modifies the pipe buffers charged to\nuser-\u003epipe_bufs without updating the pipe-\u003enr_accounted on the pipe\nitself, due to the if (!pipe_has_watch_queue()) test in\npipe_resize_ring(). This means that when the pipe is ultimately freed,\nwe decrement user-\u003epipe_bufs by something other than what than we had\ncharged to it, potentially leading to an underflow. This in turn can\ncause subsequent too_many_pipe_buffers_soft() tests to fail with -EPERM.\n\nTo remedy this, explicitly account for the pipe usage in\nwatch_queue_set_size() to match the number set via account_pipe_buffers()\n\n(It\u0027s unclear why watch_queue_set_size() does not update nr_accounted;\nit may be due to intentional overprovisioning in watch_queue_set_size()?)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23138",
"url": "https://www.suse.com/security/cve/CVE-2025-23138"
},
{
"category": "external",
"summary": "SUSE Bug 1241648 for CVE-2025-23138",
"url": "https://bugzilla.suse.com/1241648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-23138"
},
{
"cve": "CVE-2025-23140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error\n\nAfter devm_request_irq() fails with error in pci_endpoint_test_request_irq(),\nthe pci_endpoint_test_free_irq_vectors() is called assuming that all IRQs\nhave been released.\n\nHowever, some requested IRQs remain unreleased, so there are still\n/proc/irq/* entries remaining, and this results in WARN() with the\nfollowing message:\n\n remove_proc_entry: removing non-empty directory \u0027irq/30\u0027, leaking at least \u0027pci-endpoint-test.0\u0027\n WARNING: CPU: 0 PID: 202 at fs/proc/generic.c:719 remove_proc_entry +0x190/0x19c\n\nTo solve this issue, set the number of remaining IRQs to test-\u003enum_irqs,\nand release IRQs in advance by calling pci_endpoint_test_release_irq().\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23140",
"url": "https://www.suse.com/security/cve/CVE-2025-23140"
},
{
"category": "external",
"summary": "SUSE Bug 1242763 for CVE-2025-23140",
"url": "https://bugzilla.suse.com/1242763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-23140"
},
{
"cve": "CVE-2025-23145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix NULL pointer in can_accept_new_subflow\n\nWhen testing valkey benchmark tool with MPTCP, the kernel panics in\n\u0027mptcp_can_accept_new_subflow\u0027 because subflow_req-\u003emsk is NULL.\n\nCall trace:\n\n mptcp_can_accept_new_subflow (./net/mptcp/subflow.c:63 (discriminator 4)) (P)\n subflow_syn_recv_sock (./net/mptcp/subflow.c:854)\n tcp_check_req (./net/ipv4/tcp_minisocks.c:863)\n tcp_v4_rcv (./net/ipv4/tcp_ipv4.c:2268)\n ip_protocol_deliver_rcu (./net/ipv4/ip_input.c:207)\n ip_local_deliver_finish (./net/ipv4/ip_input.c:234)\n ip_local_deliver (./net/ipv4/ip_input.c:254)\n ip_rcv_finish (./net/ipv4/ip_input.c:449)\n ...\n\nAccording to the debug log, the same req received two SYN-ACK in a very\nshort time, very likely because the client retransmits the syn ack due\nto multiple reasons.\n\nEven if the packets are transmitted with a relevant time interval, they\ncan be processed by the server on different CPUs concurrently). The\n\u0027subflow_req-\u003emsk\u0027 ownership is transferred to the subflow the first,\nand there will be a risk of a null pointer dereference here.\n\nThis patch fixes this issue by moving the \u0027subflow_req-\u003emsk\u0027 under the\n`own_req == true` conditional.\n\nNote that the !msk check in subflow_hmac_valid() can be dropped, because\nthe same check already exists under the own_req mpj branch where the\ncode has been moved to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23145",
"url": "https://www.suse.com/security/cve/CVE-2025-23145"
},
{
"category": "external",
"summary": "SUSE Bug 1242596 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "external",
"summary": "SUSE Bug 1242882 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-23145"
},
{
"cve": "CVE-2025-23150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off-by-one error in do_split\n\nSyzkaller detected a use-after-free issue in ext4_insert_dentry that was\ncaused by out-of-bounds access due to incorrect splitting in do_split.\n\nBUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nWrite of size 251 at addr ffff888074572f14 by task syz-executor335/5847\n\nCPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\n ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\n add_dirent_to_buf+0x3d9/0x750 fs/ext4/namei.c:2154\n make_indexed_dir+0xf98/0x1600 fs/ext4/namei.c:2351\n ext4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2455\n ext4_add_nondir+0x8d/0x290 fs/ext4/namei.c:2796\n ext4_symlink+0x920/0xb50 fs/ext4/namei.c:3431\n vfs_symlink+0x137/0x2e0 fs/namei.c:4615\n do_symlinkat+0x222/0x3a0 fs/namei.c:4641\n __do_sys_symlink fs/namei.c:4662 [inline]\n __se_sys_symlink fs/namei.c:4660 [inline]\n __x64_sys_symlink+0x7a/0x90 fs/namei.c:4660\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThe following loop is located right above \u0027if\u0027 statement.\n\nfor (i = count-1; i \u003e= 0; i--) {\n\t/* is more than half of this entry in 2nd half of the block? */\n\tif (size + map[i].size/2 \u003e blocksize/2)\n\t\tbreak;\n\tsize += map[i].size;\n\tmove++;\n}\n\n\u0027i\u0027 in this case could go down to -1, in which case sum of active entries\nwouldn\u0027t exceed half the block size, but previous behaviour would also do\nsplit in half if sum would exceed at the very last block, which in case of\nhaving too many long name files in a single block could lead to\nout-of-bounds access and following use-after-free.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23150",
"url": "https://www.suse.com/security/cve/CVE-2025-23150"
},
{
"category": "external",
"summary": "SUSE Bug 1242513 for CVE-2025-23150",
"url": "https://bugzilla.suse.com/1242513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-23150"
},
{
"cve": "CVE-2025-23154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23154"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/net: fix io_req_post_cqe abuse by send bundle\n\n[ 114.987980][ T5313] WARNING: CPU: 6 PID: 5313 at io_uring/io_uring.c:872 io_req_post_cqe+0x12e/0x4f0\n[ 114.991597][ T5313] RIP: 0010:io_req_post_cqe+0x12e/0x4f0\n[ 115.001880][ T5313] Call Trace:\n[ 115.002222][ T5313] \u003cTASK\u003e\n[ 115.007813][ T5313] io_send+0x4fe/0x10f0\n[ 115.009317][ T5313] io_issue_sqe+0x1a6/0x1740\n[ 115.012094][ T5313] io_wq_submit_work+0x38b/0xed0\n[ 115.013223][ T5313] io_worker_handle_work+0x62a/0x1600\n[ 115.013876][ T5313] io_wq_worker+0x34f/0xdf0\n\nAs the comment states, io_req_post_cqe() should only be used by\nmultishot requests, i.e. REQ_F_APOLL_MULTISHOT, which bundled sends are\nnot. Add a flag signifying whether a request wants to post multiple\nCQEs. Eventually REQ_F_APOLL_MULTISHOT should imply the new flag, but\nthat\u0027s left out for simplicity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23154",
"url": "https://www.suse.com/security/cve/CVE-2025-23154"
},
{
"category": "external",
"summary": "SUSE Bug 1242533 for CVE-2025-23154",
"url": "https://bugzilla.suse.com/1242533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-23154"
},
{
"cve": "CVE-2025-23160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization\n\nOn Mediatek devices with a system companion processor (SCP) the mtk_scp\nstructure has to be removed explicitly to avoid a resource leak.\nFree the structure in case the allocation of the firmware structure fails\nduring the firmware initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23160",
"url": "https://www.suse.com/security/cve/CVE-2025-23160"
},
{
"category": "external",
"summary": "SUSE Bug 1242507 for CVE-2025-23160",
"url": "https://bugzilla.suse.com/1242507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-23160"
},
{
"cve": "CVE-2025-37747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37747",
"url": "https://www.suse.com/security/cve/CVE-2025-37747"
},
{
"category": "external",
"summary": "SUSE Bug 1242520 for CVE-2025-37747",
"url": "https://bugzilla.suse.com/1242520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37747"
},
{
"cve": "CVE-2025-37748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37748"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group\n\nCurrently, mtk_iommu calls during probe iommu_device_register before\nthe hw_list from driver data is initialized. Since iommu probing issue\nfix, it leads to NULL pointer dereference in mtk_iommu_device_group when\nhw_list is accessed with list_first_entry (not null safe).\n\nSo, change the call order to ensure iommu_device_register is called\nafter the driver data are initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37748",
"url": "https://www.suse.com/security/cve/CVE-2025-37748"
},
{
"category": "external",
"summary": "SUSE Bug 1242523 for CVE-2025-37748",
"url": "https://bugzilla.suse.com/1242523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37748"
},
{
"cve": "CVE-2025-37749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ppp: Add bound checking for skb data on ppp_sync_txmung\n\nEnsure we have enough data in linear buffer from skb before accessing\ninitial bytes. This prevents potential out-of-bounds accesses\nwhen processing short packets.\n\nWhen ppp_sync_txmung receives an incoming package with an empty\npayload:\n(remote) gef\u27a4 p *(struct pppoe_hdr *) (skb-\u003ehead + skb-\u003enetwork_header)\n$18 = {\n\ttype = 0x1,\n\tver = 0x1,\n\tcode = 0x0,\n\tsid = 0x2,\n length = 0x0,\n\ttag = 0xffff8880371cdb96\n}\n\nfrom the skb struct (trimmed)\n tail = 0x16,\n end = 0x140,\n head = 0xffff88803346f400 \"4\",\n data = 0xffff88803346f416 \":\\377\",\n truesize = 0x380,\n len = 0x0,\n data_len = 0x0,\n mac_len = 0xe,\n hdr_len = 0x0,\n\nit is not safe to access data[2].\n\n[pabeni@redhat.com: fixed subj typo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37749",
"url": "https://www.suse.com/security/cve/CVE-2025-37749"
},
{
"category": "external",
"summary": "SUSE Bug 1242859 for CVE-2025-37749",
"url": "https://bugzilla.suse.com/1242859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37749"
},
{
"cve": "CVE-2025-37750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in decryption with multichannel\n\nAfter commit f7025d861694 (\"smb: client: allocate crypto only for\nprimary server\") and commit b0abcd65ec54 (\"smb: client: fix UAF in\nasync decryption\"), the channels started reusing AEAD TFM from primary\nchannel to perform synchronous decryption, but that can\u0027t done as\nthere could be multiple cifsd threads (one per channel) simultaneously\naccessing it to perform decryption.\n\nThis fixes the following KASAN splat when running fstest generic/249\nwith \u0027vers=3.1.1,multichannel,max_channels=4,seal\u0027 against Windows\nServer 2022:\n\nBUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xba/0x110\nRead of size 8 at addr ffff8881046c18a0 by task cifsd/986\nCPU: 3 UID: 0 PID: 986 Comm: cifsd Not tainted 6.15.0-rc1 #1\nPREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n print_report+0x156/0x528\n ? gf128mul_4k_lle+0xba/0x110\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? gf128mul_4k_lle+0xba/0x110\n kasan_report+0xdf/0x1a0\n ? gf128mul_4k_lle+0xba/0x110\n gf128mul_4k_lle+0xba/0x110\n ghash_update+0x189/0x210\n shash_ahash_update+0x295/0x370\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_extract_iter_to_sg+0x10/0x10\n ? ___kmalloc_large_node+0x10e/0x180\n ? __asan_memset+0x23/0x50\n crypto_ahash_update+0x3c/0xc0\n gcm_hash_assoc_remain_continue+0x93/0xc0\n crypt_message+0xe09/0xec0 [cifs]\n ? __pfx_crypt_message+0x10/0x10 [cifs]\n ? _raw_spin_unlock+0x23/0x40\n ? __pfx_cifs_readv_from_socket+0x10/0x10 [cifs]\n decrypt_raw_data+0x229/0x380 [cifs]\n ? __pfx_decrypt_raw_data+0x10/0x10 [cifs]\n ? __pfx_cifs_read_iter_from_socket+0x10/0x10 [cifs]\n smb3_receive_transform+0x837/0xc80 [cifs]\n ? __pfx_smb3_receive_transform+0x10/0x10 [cifs]\n ? __pfx___might_resched+0x10/0x10\n ? __pfx_smb3_is_transform_hdr+0x10/0x10 [cifs]\n cifs_demultiplex_thread+0x692/0x1570 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n ? rcu_is_watching+0x20/0x50\n ? rcu_lockdep_current_cpu_online+0x62/0xb0\n ? find_held_lock+0x32/0x90\n ? kvm_sched_clock_read+0x11/0x20\n ? local_clock_noinstr+0xd/0xd0\n ? trace_irq_enable.constprop.0+0xa8/0xe0\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0x1fe/0x380\n ? kthread+0x10f/0x380\n ? __pfx_kthread+0x10/0x10\n ? local_clock_noinstr+0xd/0xd0\n ? ret_from_fork+0x1b/0x60\n ? local_clock+0x15/0x30\n ? lock_release+0x29b/0x390\n ? rcu_is_watching+0x20/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37750",
"url": "https://www.suse.com/security/cve/CVE-2025-37750"
},
{
"category": "external",
"summary": "SUSE Bug 1242510 for CVE-2025-37750",
"url": "https://bugzilla.suse.com/1242510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37750"
},
{
"cve": "CVE-2025-37755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37755"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: handle page_pool_dev_alloc_pages error\n\npage_pool_dev_alloc_pages could return NULL. There was a WARN_ON(!page)\nbut it would still proceed to use the NULL pointer and then crash.\n\nThis is similar to commit 001ba0902046\n(\"net: fec: handle page_pool_dev_alloc_pages error\").\n\nThis is found by our static analysis tool KNighter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37755",
"url": "https://www.suse.com/security/cve/CVE-2025-37755"
},
{
"category": "external",
"summary": "SUSE Bug 1242506 for CVE-2025-37755",
"url": "https://bugzilla.suse.com/1242506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37755"
},
{
"cve": "CVE-2025-37773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtiofs: add filesystem context source name check\n\nIn certain scenarios, for example, during fuzz testing, the source\nname may be NULL, which could lead to a kernel panic. Therefore, an\nextra check for the source name should be added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37773",
"url": "https://www.suse.com/security/cve/CVE-2025-37773"
},
{
"category": "external",
"summary": "SUSE Bug 1242502 for CVE-2025-37773",
"url": "https://bugzilla.suse.com/1242502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37773"
},
{
"cve": "CVE-2025-37780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Prevent the use of too small fid\n\nsyzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1]\n\nThe handle_bytes value passed in by the reproducing program is equal to 12.\nIn handle_to_path(), only 12 bytes of memory are allocated for the structure\nfile_handle-\u003ef_handle member, which causes an out-of-bounds access when\naccessing the member parent_block of the structure isofs_fid in isofs,\nbecause accessing parent_block requires at least 16 bytes of f_handle.\nHere, fh_len is used to indirectly confirm that the value of handle_bytes\nis greater than 3 before accessing parent_block.\n\n[1]\nBUG: KASAN: slab-out-of-bounds in isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\nRead of size 4 at addr ffff0000cc030d94 by task syz-executor215/6466\nCPU: 1 UID: 0 PID: 6466 Comm: syz-executor215 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0x198/0x550 mm/kasan/report.c:521\n kasan_report+0xd8/0x138 mm/kasan/report.c:634\n __asan_report_load4_noabort+0x20/0x2c mm/kasan/report_generic.c:380\n isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\n exportfs_decode_fh_raw+0x2dc/0x608 fs/exportfs/expfs.c:523\n do_handle_to_path+0xa0/0x198 fs/fhandle.c:257\n handle_to_path fs/fhandle.c:385 [inline]\n do_handle_open+0x8cc/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nAllocated by task 6466:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x40/0x50 mm/kasan/generic.c:562\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xac/0xc4 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4294 [inline]\n __kmalloc_noprof+0x32c/0x54c mm/slub.c:4306\n kmalloc_noprof include/linux/slab.h:905 [inline]\n handle_to_path fs/fhandle.c:357 [inline]\n do_handle_open+0x5a4/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37780",
"url": "https://www.suse.com/security/cve/CVE-2025-37780"
},
{
"category": "external",
"summary": "SUSE Bug 1242786 for CVE-2025-37780",
"url": "https://bugzilla.suse.com/1242786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37780"
},
{
"cve": "CVE-2025-37785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37785"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix OOB read when checking dotdot dir\n\nMounting a corrupted filesystem with directory which contains \u0027.\u0027 dir\nentry with rec_len == block size results in out-of-bounds read (later\non, when the corrupted directory is removed).\n\next4_empty_dir() assumes every ext4 directory contains at least \u0027.\u0027\nand \u0027..\u0027 as directory entries in the first data block. It first loads\nthe \u0027.\u0027 dir entry, performs sanity checks by calling ext4_check_dir_entry()\nand then uses its rec_len member to compute the location of \u0027..\u0027 dir\nentry (in ext4_next_entry). It assumes the \u0027..\u0027 dir entry fits into the\nsame data block.\n\nIf the rec_len of \u0027.\u0027 is precisely one block (4KB), it slips through the\nsanity checks (it is considered the last directory entry in the data\nblock) and leaves \"struct ext4_dir_entry_2 *de\" point exactly past the\nmemory slot allocated to the data block. The following call to\next4_check_dir_entry() on new value of de then dereferences this pointer\nwhich results in out-of-bounds mem access.\n\nFix this by extending __ext4_check_dir_entry() to check for \u0027.\u0027 dir\nentries that reach the end of data block. Make sure to ignore the phony\ndir entries for checksum (by checking name_len for non-zero).\n\nNote: This is reported by KASAN as use-after-free in case another\nstructure was recently freed from the slot past the bound, but it is\nreally an OOB read.\n\nThis issue was found by syzkaller tool.\n\nCall Trace:\n[ 38.594108] BUG: KASAN: slab-use-after-free in __ext4_check_dir_entry+0x67e/0x710\n[ 38.594649] Read of size 2 at addr ffff88802b41a004 by task syz-executor/5375\n[ 38.595158]\n[ 38.595288] CPU: 0 UID: 0 PID: 5375 Comm: syz-executor Not tainted 6.14.0-rc7 #1\n[ 38.595298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 38.595304] Call Trace:\n[ 38.595308] \u003cTASK\u003e\n[ 38.595311] dump_stack_lvl+0xa7/0xd0\n[ 38.595325] print_address_description.constprop.0+0x2c/0x3f0\n[ 38.595339] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595349] print_report+0xaa/0x250\n[ 38.595359] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595368] ? kasan_addr_to_slab+0x9/0x90\n[ 38.595378] kasan_report+0xab/0xe0\n[ 38.595389] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595400] __ext4_check_dir_entry+0x67e/0x710\n[ 38.595410] ext4_empty_dir+0x465/0x990\n[ 38.595421] ? __pfx_ext4_empty_dir+0x10/0x10\n[ 38.595432] ext4_rmdir.part.0+0x29a/0xd10\n[ 38.595441] ? __dquot_initialize+0x2a7/0xbf0\n[ 38.595455] ? __pfx_ext4_rmdir.part.0+0x10/0x10\n[ 38.595464] ? __pfx___dquot_initialize+0x10/0x10\n[ 38.595478] ? down_write+0xdb/0x140\n[ 38.595487] ? __pfx_down_write+0x10/0x10\n[ 38.595497] ext4_rmdir+0xee/0x140\n[ 38.595506] vfs_rmdir+0x209/0x670\n[ 38.595517] ? lookup_one_qstr_excl+0x3b/0x190\n[ 38.595529] do_rmdir+0x363/0x3c0\n[ 38.595537] ? __pfx_do_rmdir+0x10/0x10\n[ 38.595544] ? strncpy_from_user+0x1ff/0x2e0\n[ 38.595561] __x64_sys_unlinkat+0xf0/0x130\n[ 38.595570] do_syscall_64+0x5b/0x180\n[ 38.595583] entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37785",
"url": "https://www.suse.com/security/cve/CVE-2025-37785"
},
{
"category": "external",
"summary": "SUSE Bug 1241640 for CVE-2025-37785",
"url": "https://bugzilla.suse.com/1241640"
},
{
"category": "external",
"summary": "SUSE Bug 1241698 for CVE-2025-37785",
"url": "https://bugzilla.suse.com/1241698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37785"
},
{
"cve": "CVE-2025-37787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered\n\nRussell King reports that a system with mv88e6xxx dereferences a NULL\npointer when unbinding this driver:\nhttps://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/\n\nThe crash seems to be in devlink_region_destroy(), which is not NULL\ntolerant but is given a NULL devlink global region pointer.\n\nAt least on some chips, some devlink regions are conditionally registered\nsince the blamed commit, see mv88e6xxx_setup_devlink_regions_global():\n\n\t\tif (cond \u0026\u0026 !cond(chip))\n\t\t\tcontinue;\n\nThese are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip\ndoes not have an STU or PVT, it should crash like this.\n\nTo fix the issue, avoid unregistering those regions which are NULL, i.e.\nwere skipped at mv88e6xxx_setup_devlink_regions_global() time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37787",
"url": "https://www.suse.com/security/cve/CVE-2025-37787"
},
{
"category": "external",
"summary": "SUSE Bug 1242585 for CVE-2025-37787",
"url": "https://bugzilla.suse.com/1242585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37787"
},
{
"cve": "CVE-2025-37789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix nested key length validation in the set() action\n\nIt\u0027s not safe to access nla_len(ovs_key) if the data is smaller than\nthe netlink header. Check that the attribute is OK first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37789",
"url": "https://www.suse.com/security/cve/CVE-2025-37789"
},
{
"category": "external",
"summary": "SUSE Bug 1242762 for CVE-2025-37789",
"url": "https://bugzilla.suse.com/1242762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37789"
},
{
"cve": "CVE-2025-37790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Set SOCK_RCU_FREE\n\nBind lookup runs under RCU, so ensure that a socket doesn\u0027t go away in\nthe middle of a lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37790",
"url": "https://www.suse.com/security/cve/CVE-2025-37790"
},
{
"category": "external",
"summary": "SUSE Bug 1242509 for CVE-2025-37790",
"url": "https://bugzilla.suse.com/1242509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37790"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37799"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp\n\nvmxnet3 driver\u0027s XDP handling is buggy for packet sizes using ring0 (that\nis, packet sizes between 128 - 3k bytes).\n\nWe noticed MTU-related connectivity issues with Cilium\u0027s service load-\nbalancing in case of vmxnet3 as NIC underneath. A simple curl to a HTTP\nbackend service where the XDP LB was doing IPIP encap led to overly large\npacket sizes but only for *some* of the packets (e.g. HTTP GET request)\nwhile others (e.g. the prior TCP 3WHS) looked completely fine on the wire.\n\nIn fact, the pcap recording on the backend node actually revealed that the\nnode with the XDP LB was leaking uninitialized kernel data onto the wire\nfor the affected packets, for example, while the packets should have been\n152 bytes their actual size was 1482 bytes, so the remainder after 152 bytes\nwas padded with whatever other data was in that page at the time (e.g. we\nsaw user/payload data from prior processed packets).\n\nWe only noticed this through an MTU issue, e.g. when the XDP LB node and\nthe backend node both had the same MTU (e.g. 1500) then the curl request\ngot dropped on the backend node\u0027s NIC given the packet was too large even\nthough the IPIP-encapped packet normally would never even come close to\nthe MTU limit. Lowering the MTU on the XDP LB (e.g. 1480) allowed to let\nthe curl request succeed (which also indicates that the kernel ignored the\npadding, and thus the issue wasn\u0027t very user-visible).\n\nCommit e127ce7699c1 (\"vmxnet3: Fix missing reserved tailroom\") was too eager\nto also switch xdp_prepare_buff() from rcd-\u003elen to rbi-\u003elen. It really needs\nto stick to rcd-\u003elen which is the actual packet length from the descriptor.\nThe latter we also feed into vmxnet3_process_xdp_small(), by the way, and\nit indicates the correct length needed to initialize the xdp-\u003e{data,data_end}\nparts. For e127ce7699c1 (\"vmxnet3: Fix missing reserved tailroom\") the\nrelevant part was adapting xdp_init_buff() to address the warning given the\nxdp_data_hard_end() depends on xdp-\u003eframe_sz. With that fixed, traffic on\nthe wire looks good again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37799",
"url": "https://www.suse.com/security/cve/CVE-2025-37799"
},
{
"category": "external",
"summary": "SUSE Bug 1242283 for CVE-2025-37799",
"url": "https://bugzilla.suse.com/1242283"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37799"
},
{
"cve": "CVE-2025-37803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudmabuf: fix a buf size overflow issue during udmabuf creation\n\nby casting size_limit_mb to u64 when calculate pglimit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37803",
"url": "https://www.suse.com/security/cve/CVE-2025-37803"
},
{
"category": "external",
"summary": "SUSE Bug 1242852 for CVE-2025-37803",
"url": "https://bugzilla.suse.com/1242852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37803"
},
{
"cve": "CVE-2025-37804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37804"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37804",
"url": "https://www.suse.com/security/cve/CVE-2025-37804"
},
{
"category": "external",
"summary": "SUSE Bug 1242854 for CVE-2025-37804",
"url": "https://bugzilla.suse.com/1242854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37804"
},
{
"cve": "CVE-2025-37809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Fix NULL pointer access\n\nConcurrent calls to typec_partner_unlink_device can lead to a NULL pointer\ndereference. This patch adds a mutex to protect USB device pointers and\nprevent this issue. The same mutex protects both the device pointers and\nthe partner device registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37809",
"url": "https://www.suse.com/security/cve/CVE-2025-37809"
},
{
"category": "external",
"summary": "SUSE Bug 1242856 for CVE-2025-37809",
"url": "https://bugzilla.suse.com/1242856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37809"
},
{
"cve": "CVE-2025-37820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen-netfront: handle NULL returned by xdp_convert_buff_to_frame()\n\nThe function xdp_convert_buff_to_frame() may return NULL if it fails\nto correctly convert the XDP buffer into an XDP frame due to memory\nconstraints, internal errors, or invalid data. Failing to check for NULL\nmay lead to a NULL pointer dereference if the result is used later in\nprocessing, potentially causing crashes, data corruption, or undefined\nbehavior.\n\nOn XDP redirect failure, the associated page must be released explicitly\nif it was previously retained via get_page(). Failing to do so may result\nin a memory leak, as the pages reference count is not decremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37820",
"url": "https://www.suse.com/security/cve/CVE-2025-37820"
},
{
"category": "external",
"summary": "SUSE Bug 1242866 for CVE-2025-37820",
"url": "https://bugzilla.suse.com/1242866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37820"
},
{
"cve": "CVE-2025-37823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don\u0027t have a reliable reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37823",
"url": "https://www.suse.com/security/cve/CVE-2025-37823"
},
{
"category": "external",
"summary": "SUSE Bug 1242924 for CVE-2025-37823",
"url": "https://bugzilla.suse.com/1242924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37823"
},
{
"cve": "CVE-2025-37824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix NULL pointer dereference in tipc_mon_reinit_self()\n\nsyzbot reported:\n\ntipc: Node number set to 1055423674\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 3 UID: 0 PID: 6017 Comm: kworker/3:5 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: events tipc_net_finalize_work\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tipc_net_finalize+0x10b/0x180 net/tipc/net.c:140\n process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238\n process_scheduled_works kernel/workqueue.c:3319 [inline]\n worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400\n kthread+0x3c2/0x780 kernel/kthread.c:464\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n...\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\nThere is a racing condition between workqueue created when enabling\nbearer and another thread created when disabling bearer right after\nthat as follow:\n\nenabling_bearer | disabling_bearer\n--------------- | ----------------\ntipc_disc_timeout() |\n{ | bearer_disable()\n ... | {\n schedule_work(\u0026tn-\u003ework); | tipc_mon_delete()\n ... | {\n} | ...\n | write_lock_bh(\u0026mon-\u003elock);\n | mon-\u003eself = NULL;\n | write_unlock_bh(\u0026mon-\u003elock);\n | ...\n | }\ntipc_net_finalize_work() | }\n{ |\n ... |\n tipc_net_finalize() |\n { |\n ... |\n tipc_mon_reinit_self() |\n { |\n ... |\n write_lock_bh(\u0026mon-\u003elock); |\n mon-\u003eself-\u003eaddr = tipc_own_addr(net); |\n write_unlock_bh(\u0026mon-\u003elock); |\n ... \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37824",
"url": "https://www.suse.com/security/cve/CVE-2025-37824"
},
{
"category": "external",
"summary": "SUSE Bug 1242867 for CVE-2025-37824",
"url": "https://bugzilla.suse.com/1242867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37824"
},
{
"cve": "CVE-2025-37829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scpi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37829",
"url": "https://www.suse.com/security/cve/CVE-2025-37829"
},
{
"category": "external",
"summary": "SUSE Bug 1242875 for CVE-2025-37829",
"url": "https://bugzilla.suse.com/1242875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37829"
},
{
"cve": "CVE-2025-37830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scmi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.\n\nAdd NULL check after cpufreq_cpu_get_raw() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37830",
"url": "https://www.suse.com/security/cve/CVE-2025-37830"
},
{
"category": "external",
"summary": "SUSE Bug 1242860 for CVE-2025-37830",
"url": "https://bugzilla.suse.com/1242860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37830"
},
{
"cve": "CVE-2025-37831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. apple_soc_cpufreq_get_rate() does not check\nfor this case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37831",
"url": "https://www.suse.com/security/cve/CVE-2025-37831"
},
{
"category": "external",
"summary": "SUSE Bug 1242861 for CVE-2025-37831",
"url": "https://bugzilla.suse.com/1242861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37831"
},
{
"cve": "CVE-2025-37833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads\n\nFix niu_try_msix() to not cause a fatal trap on sparc systems.\n\nSet PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to\nwork around a bug in the hardware or firmware.\n\nFor each vector entry in the msix table, niu chips will cause a fatal\ntrap if any registers in that entry are read before that entries\u0027\nENTRY_DATA register is written to. Testing indicates writes to other\nregisters are not sufficient to prevent the fatal trap, however the value\ndoes not appear to matter. This only needs to happen once after power up,\nso simply rebooting into a kernel lacking this fix will NOT cause the\ntrap.\n\nNON-RESUMABLE ERROR: Reporting on cpu 64\nNON-RESUMABLE ERROR: TPC [0x00000000005f6900] \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\nNON-RESUMABLE ERROR: RAW [4010000000000016:00000e37f93e32ff:0000000202000080:ffffffffffffffff\nNON-RESUMABLE ERROR: 0000000800000000:0000000000000000:0000000000000000:0000000000000000]\nNON-RESUMABLE ERROR: handle [0x4010000000000016] stick [0x00000e37f93e32ff]\nNON-RESUMABLE ERROR: type [precise nonresumable]\nNON-RESUMABLE ERROR: attrs [0x02000080] \u003c ASI sp-faulted priv \u003e\nNON-RESUMABLE ERROR: raddr [0xffffffffffffffff]\nNON-RESUMABLE ERROR: insn effective address [0x000000c50020000c]\nNON-RESUMABLE ERROR: size [0x8]\nNON-RESUMABLE ERROR: asi [0x00]\nCPU: 64 UID: 0 PID: 745 Comm: kworker/64:1 Not tainted 6.11.5 #63\nWorkqueue: events work_for_cpu_fn\nTSTATE: 0000000011001602 TPC: 00000000005f6900 TNPC: 00000000005f6904 Y: 00000000 Not tainted\nTPC: \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\ng0: 00000000000002e9 g1: 000000000000000c g2: 000000c50020000c g3: 0000000000000100\ng4: ffff8000470307c0 g5: ffff800fec5be000 g6: ffff800047a08000 g7: 0000000000000000\no0: ffff800014feb000 o1: ffff800047a0b620 o2: 0000000000000011 o3: ffff800047a0b620\no4: 0000000000000080 o5: 0000000000000011 sp: ffff800047a0ad51 ret_pc: 00000000005f7128\nRPC: \u003c__pci_enable_msix_range+0x3cc/0x460\u003e\nl0: 000000000000000d l1: 000000000000c01f l2: ffff800014feb0a8 l3: 0000000000000020\nl4: 000000000000c000 l5: 0000000000000001 l6: 0000000020000000 l7: ffff800047a0b734\ni0: ffff800014feb000 i1: ffff800047a0b730 i2: 0000000000000001 i3: 000000000000000d\ni4: 0000000000000000 i5: 0000000000000000 i6: ffff800047a0ae81 i7: 00000000101888b0\nI7: \u003cniu_try_msix.constprop.0+0xc0/0x130 [niu]\u003e\nCall Trace:\n[\u003c00000000101888b0\u003e] niu_try_msix.constprop.0+0xc0/0x130 [niu]\n[\u003c000000001018f840\u003e] niu_get_invariants+0x183c/0x207c [niu]\n[\u003c00000000101902fc\u003e] niu_pci_init_one+0x27c/0x2fc [niu]\n[\u003c00000000005ef3e4\u003e] local_pci_probe+0x28/0x74\n[\u003c0000000000469240\u003e] work_for_cpu_fn+0x8/0x1c\n[\u003c000000000046b008\u003e] process_scheduled_works+0x144/0x210\n[\u003c000000000046b518\u003e] worker_thread+0x13c/0x1c0\n[\u003c00000000004710e0\u003e] kthread+0xb8/0xc8\n[\u003c00000000004060c8\u003e] ret_from_fork+0x1c/0x2c\n[\u003c0000000000000000\u003e] 0x0\nKernel panic - not syncing: Non-resumable error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37833",
"url": "https://www.suse.com/security/cve/CVE-2025-37833"
},
{
"category": "external",
"summary": "SUSE Bug 1242868 for CVE-2025-37833",
"url": "https://bugzilla.suse.com/1242868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37833"
},
{
"cve": "CVE-2025-37842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fsl-qspi: use devm function instead of driver remove\n\nDriver use devm APIs to manage clk/irq/resources and register the spi\ncontroller, but the legacy remove function will be called first during\ndevice detach and trigger kernel panic. Drop the remove function and use\ndevm_add_action_or_reset() for driver cleanup to ensure the release\nsequence.\n\nTrigger kernel panic on i.MX8MQ by\necho 30bb0000.spi \u003e/sys/bus/platform/drivers/fsl-quadspi/unbind",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37842",
"url": "https://www.suse.com/security/cve/CVE-2025-37842"
},
{
"category": "external",
"summary": "SUSE Bug 1242951 for CVE-2025-37842",
"url": "https://bugzilla.suse.com/1242951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37842"
},
{
"cve": "CVE-2025-37860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37860"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsfc: fix NULL dereferences in ef100_process_design_param()\n\nSince cited commit, ef100_probe_main() and hence also\n ef100_check_design_params() run before efx-\u003enet_dev is created;\n consequently, we cannot netif_set_tso_max_size() or _segs() at this\n point.\nMove those netif calls to ef100_probe_netdev(), and also replace\n netif_err within the design params code with pci_err.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37860",
"url": "https://www.suse.com/security/cve/CVE-2025-37860"
},
{
"category": "external",
"summary": "SUSE Bug 1241452 for CVE-2025-37860",
"url": "https://bugzilla.suse.com/1241452"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37860"
},
{
"cve": "CVE-2025-37870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: prevent hang on link training fail\n\n[Why]\nWhen link training fails, the phy clock will be disabled. However, in\nenable_streams, it is assumed that link training succeeded and the\nmux selects the phy clock, causing a hang when a register write is made.\n\n[How]\nWhen enable_stream is hit, check if link training failed. If it did, fall\nback to the ref clock to avoid a hang and keep the system in a recoverable\nstate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37870",
"url": "https://www.suse.com/security/cve/CVE-2025-37870"
},
{
"category": "external",
"summary": "SUSE Bug 1243056 for CVE-2025-37870",
"url": "https://bugzilla.suse.com/1243056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37870"
},
{
"cve": "CVE-2025-37879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37879"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/net: fix improper handling of bogus negative read/write replies\n\nIn p9_client_write() and p9_client_read_once(), if the server\nincorrectly replies with success but a negative write/read count then we\nwould consider written (negative) \u003c= rsize (positive) because both\nvariables were signed.\n\nMake variables unsigned to avoid this problem.\n\nThe reproducer linked below now fails with the following error instead\nof a null pointer deref:\n9pnet: bogus RWRITE count (4294967295 \u003e 3)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37879",
"url": "https://www.suse.com/security/cve/CVE-2025-37879"
},
{
"category": "external",
"summary": "SUSE Bug 1243077 for CVE-2025-37879",
"url": "https://bugzilla.suse.com/1243077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37879"
},
{
"cve": "CVE-2025-37886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: make wait_context part of q_info\n\nMake the wait_context a full part of the q_info struct rather\nthan a stack variable that goes away after pdsc_adminq_post()\nis done so that the context is still available after the wait\nloop has given up.\n\nThere was a case where a slow development firmware caused\nthe adminq request to time out, but then later the FW finally\nfinished the request and sent the interrupt. The handler tried\nto complete_all() the completion context that had been created\non the stack in pdsc_adminq_post() but no longer existed.\nThis caused bad pointer usage, kernel crashes, and much wailing\nand gnashing of teeth.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37886",
"url": "https://www.suse.com/security/cve/CVE-2025-37886"
},
{
"category": "external",
"summary": "SUSE Bug 1242944 for CVE-2025-37886",
"url": "https://bugzilla.suse.com/1242944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37886"
},
{
"cve": "CVE-2025-37887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result\n\nIf the FW doesn\u0027t support the PDS_CORE_CMD_FW_CONTROL command\nthe driver might at the least print garbage and at the worst\ncrash when the user runs the \"devlink dev info\" devlink command.\n\nThis happens because the stack variable fw_list is not 0\ninitialized which results in fw_list.num_fw_slots being a\ngarbage value from the stack. Then the driver tries to access\nfw_list.fw_names[i] with i \u003e= ARRAY_SIZE and runs off the end\nof the array.\n\nFix this by initializing the fw_list and by not failing\ncompletely if the devcmd fails because other useful information\nis printed via devlink dev info even if the devcmd fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37887",
"url": "https://www.suse.com/security/cve/CVE-2025-37887"
},
{
"category": "external",
"summary": "SUSE Bug 1242962 for CVE-2025-37887",
"url": "https://bugzilla.suse.com/1242962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37887"
},
{
"cve": "CVE-2025-37949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxenbus: Use kref to track req lifetime\n\nMarek reported seeing a NULL pointer fault in the xenbus_thread\ncallstack:\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: e030:__wake_up_common+0x4c/0x180\nCall Trace:\n \u003cTASK\u003e\n __wake_up_common_lock+0x82/0xd0\n process_msg+0x18e/0x2f0\n xenbus_thread+0x165/0x1c0\n\nprocess_msg+0x18e is req-\u003ecb(req). req-\u003ecb is set to xs_wake_up(), a\nthin wrapper around wake_up(), or xenbus_dev_queue_reply(). It seems\nlike it was xs_wake_up() in this case.\n\nIt seems like req may have woken up the xs_wait_for_reply(), which\nkfree()ed the req. When xenbus_thread resumes, it faults on the zero-ed\ndata.\n\nLinux Device Drivers 2nd edition states:\n\"Normally, a wake_up call can cause an immediate reschedule to happen,\nmeaning that other processes might run before wake_up returns.\"\n... which would match the behaviour observed.\n\nChange to keeping two krefs on each request. One for the caller, and\none for xenbus_thread. Each will kref_put() when finished, and the last\nwill free it.\n\nThis use of kref matches the description in\nDocumentation/core-api/kref.rst",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37949",
"url": "https://www.suse.com/security/cve/CVE-2025-37949"
},
{
"category": "external",
"summary": "SUSE Bug 1243541 for CVE-2025-37949",
"url": "https://bugzilla.suse.com/1243541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37949"
},
{
"cve": "CVE-2025-37957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception\n\nPreviously, commit ed129ec9057f (\"KVM: x86: forcibly leave nested mode\non vCPU reset\") addressed an issue where a triple fault occurring in\nnested mode could lead to use-after-free scenarios. However, the commit\ndid not handle the analogous situation for System Management Mode (SMM).\n\nThis omission results in triggering a WARN when KVM forces a vCPU INIT\nafter SHUTDOWN interception while the vCPU is in SMM. This situation was\nreprodused using Syzkaller by:\n\n 1) Creating a KVM VM and vCPU\n 2) Sending a KVM_SMI ioctl to explicitly enter SMM\n 3) Executing invalid instructions causing consecutive exceptions and\n eventually a triple fault\n\nThe issue manifests as follows:\n\n WARNING: CPU: 0 PID: 25506 at arch/x86/kvm/x86.c:12112\n kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Modules linked in:\n CPU: 0 PID: 25506 Comm: syz-executor.0 Not tainted\n 6.1.130-syzkaller-00157-g164fe5dde9b6 #0\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),\n BIOS 1.12.0-1 04/01/2014\n RIP: 0010:kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Call Trace:\n \u003cTASK\u003e\n shutdown_interception+0x66/0xb0 arch/x86/kvm/svm/svm.c:2136\n svm_invoke_exit_handler+0x110/0x530 arch/x86/kvm/svm/svm.c:3395\n svm_handle_exit+0x424/0x920 arch/x86/kvm/svm/svm.c:3457\n vcpu_enter_guest arch/x86/kvm/x86.c:10959 [inline]\n vcpu_run+0x2c43/0x5a90 arch/x86/kvm/x86.c:11062\n kvm_arch_vcpu_ioctl_run+0x50f/0x1cf0 arch/x86/kvm/x86.c:11283\n kvm_vcpu_ioctl+0x570/0xf00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4122\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nArchitecturally, INIT is blocked when the CPU is in SMM, hence KVM\u0027s WARN()\nin kvm_vcpu_reset() to guard against KVM bugs, e.g. to detect improper\nemulation of INIT. SHUTDOWN on SVM is a weird edge case where KVM needs to\ndo _something_ sane with the VMCB, since it\u0027s technically undefined, and\nINIT is the least awful choice given KVM\u0027s ABI.\n\nSo, double down on stuffing INIT on SHUTDOWN, and force the vCPU out of\nSMM to avoid any weirdness (and the WARN).\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.\n\n[sean: massage changelog, make it clear this isn\u0027t architectural behavior]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37957",
"url": "https://www.suse.com/security/cve/CVE-2025-37957"
},
{
"category": "external",
"summary": "SUSE Bug 1243513 for CVE-2025-37957",
"url": "https://bugzilla.suse.com/1243513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37957"
},
{
"cve": "CVE-2025-37958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: fix dereferencing invalid pmd migration entry\n\nWhen migrating a THP, concurrent access to the PMD migration entry during\na deferred split scan can lead to an invalid address access, as\nillustrated below. To prevent this invalid access, it is necessary to\ncheck the PMD migration entry and return early. In this context, there is\nno need to use pmd_to_swp_entry and pfn_swap_entry_to_page to verify the\nequality of the target folio. Since the PMD migration entry is locked, it\ncannot be served as the target.\n\nMailing list discussion and explanation from Hugh Dickins: \"An anon_vma\nlookup points to a location which may contain the folio of interest, but\nmight instead contain another folio: and weeding out those other folios is\nprecisely what the \"folio != pmd_folio((*pmd)\" check (and the \"risk of\nreplacing the wrong folio\" comment a few lines above it) is for.\"\n\nBUG: unable to handle page fault for address: ffffea60001db008\nCPU: 0 UID: 0 PID: 2199114 Comm: tee Not tainted 6.14.0+ #4 NONE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:split_huge_pmd_locked+0x3b5/0x2b60\nCall Trace:\n\u003cTASK\u003e\ntry_to_migrate_one+0x28c/0x3730\nrmap_walk_anon+0x4f6/0x770\nunmap_folio+0x196/0x1f0\nsplit_huge_page_to_list_to_order+0x9f6/0x1560\ndeferred_split_scan+0xac5/0x12a0\nshrinker_debugfs_scan_write+0x376/0x470\nfull_proxy_write+0x15c/0x220\nvfs_write+0x2fc/0xcb0\nksys_write+0x146/0x250\ndo_syscall_64+0x6a/0x120\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe bug is found by syzkaller on an internal kernel, then confirmed on\nupstream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37958",
"url": "https://www.suse.com/security/cve/CVE-2025-37958"
},
{
"category": "external",
"summary": "SUSE Bug 1243539 for CVE-2025-37958",
"url": "https://bugzilla.suse.com/1243539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37958"
},
{
"cve": "CVE-2025-37960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemblock: Accept allocated memory before use in memblock_double_array()\n\nWhen increasing the array size in memblock_double_array() and the slab\nis not yet available, a call to memblock_find_in_range() is used to\nreserve/allocate memory. However, the range returned may not have been\naccepted, which can result in a crash when booting an SNP guest:\n\n RIP: 0010:memcpy_orig+0x68/0x130\n Code: ...\n RSP: 0000:ffffffff9cc03ce8 EFLAGS: 00010006\n RAX: ff11001ff83e5000 RBX: 0000000000000000 RCX: fffffffffffff000\n RDX: 0000000000000bc0 RSI: ffffffff9dba8860 RDI: ff11001ff83e5c00\n RBP: 0000000000002000 R08: 0000000000000000 R09: 0000000000002000\n R10: 000000207fffe000 R11: 0000040000000000 R12: ffffffff9d06ef78\n R13: ff11001ff83e5000 R14: ffffffff9dba7c60 R15: 0000000000000c00\n memblock_double_array+0xff/0x310\n memblock_add_range+0x1fb/0x2f0\n memblock_reserve+0x4f/0xa0\n memblock_alloc_range_nid+0xac/0x130\n memblock_alloc_internal+0x53/0xc0\n memblock_alloc_try_nid+0x3d/0xa0\n swiotlb_init_remap+0x149/0x2f0\n mem_init+0xb/0xb0\n mm_core_init+0x8f/0x350\n start_kernel+0x17e/0x5d0\n x86_64_start_reservations+0x14/0x30\n x86_64_start_kernel+0x92/0xa0\n secondary_startup_64_no_verify+0x194/0x19b\n\nMitigate this by calling accept_memory() on the memory range returned\nbefore the slab is available.\n\nPrior to v6.12, the accept_memory() interface used a \u0027start\u0027 and \u0027end\u0027\nparameter instead of \u0027start\u0027 and \u0027size\u0027, therefore the accept_memory()\ncall must be adjusted to specify \u0027start + size\u0027 for \u0027end\u0027 when applying\nto kernels prior to v6.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37960",
"url": "https://www.suse.com/security/cve/CVE-2025-37960"
},
{
"category": "external",
"summary": "SUSE Bug 1243519 for CVE-2025-37960",
"url": "https://bugzilla.suse.com/1243519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37960"
},
{
"cve": "CVE-2025-37974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix missing check for zpci_create_device() error return\n\nThe zpci_create_device() function returns an error pointer that needs to\nbe checked before dereferencing it as a struct zpci_dev pointer. Add the\nmissing check in __clp_add() where it was missed when adding the\nscan_list in the fixed commit. Simply not adding the device to the scan\nlist results in the previous behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37974",
"url": "https://www.suse.com/security/cve/CVE-2025-37974"
},
{
"category": "external",
"summary": "SUSE Bug 1243547 for CVE-2025-37974",
"url": "https://bugzilla.suse.com/1243547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-37974"
},
{
"cve": "CVE-2025-38152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Clear table_sz when rproc_shutdown\n\nThere is case as below could trigger kernel dump:\nUse U-Boot to start remote processor(rproc) with resource table\npublished to a fixed address by rproc. After Kernel boots up,\nstop the rproc, load a new firmware which doesn\u0027t have resource table\n,and start rproc.\n\nWhen starting rproc with a firmware not have resource table,\n`memcpy(loaded_table, rproc-\u003ecached_table, rproc-\u003etable_sz)` will\ntrigger dump, because rproc-\u003ecache_table is set to NULL during the last\nstop operation, but rproc-\u003etable_sz is still valid.\n\nThis issue is found on i.MX8MP and i.MX9.\n\nDump as below:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af63000\n[0000000000000000] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in:\nCPU: 2 UID: 0 PID: 1060 Comm: sh Not tainted 6.14.0-rc7-next-20250317-dirty #38\nHardware name: NXP i.MX8MPlus EVK board (DT)\npstate: a0000005 (NzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __pi_memcpy_generic+0x110/0x22c\nlr : rproc_start+0x88/0x1e0\nCall trace:\n __pi_memcpy_generic+0x110/0x22c (P)\n rproc_boot+0x198/0x57c\n state_store+0x40/0x104\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x7c/0x94\n kernfs_fop_write_iter+0x120/0x1cc\n vfs_write+0x240/0x378\n ksys_write+0x70/0x108\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xcc\n el0t_64_sync_handler+0x10c/0x138\n el0t_64_sync+0x198/0x19c\n\nClear rproc-\u003etable_sz to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38152",
"url": "https://www.suse.com/security/cve/CVE-2025-38152"
},
{
"category": "external",
"summary": "SUSE Bug 1241627 for CVE-2025-38152",
"url": "https://bugzilla.suse.com/1241627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-38152"
},
{
"cve": "CVE-2025-38637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: skbprio: Remove overly strict queue assertions\n\nIn the current implementation, skbprio enqueue/dequeue contains an assertion\nthat fails under certain conditions when SKBPRIO is used as a child qdisc under\nTBF with specific parameters. The failure occurs because TBF sometimes peeks at\npackets in the child qdisc without actually dequeuing them when tokens are\nunavailable.\n\nThis peek operation creates a discrepancy between the parent and child qdisc\nqueue length counters. When TBF later receives a high-priority packet,\nSKBPRIO\u0027s queue length may show a different value than what\u0027s reflected in its\ninternal priority queue tracking, triggering the assertion.\n\nThe fix removes this overly strict assertions in SKBPRIO, they are not\nnecessary at all.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38637",
"url": "https://www.suse.com/security/cve/CVE-2025-38637"
},
{
"category": "external",
"summary": "SUSE Bug 1241657 for CVE-2025-38637",
"url": "https://bugzilla.suse.com/1241657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-38637"
},
{
"cve": "CVE-2025-39728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39728"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: samsung: Fix UBSAN panic in samsung_clk_init()\n\nWith UBSAN_ARRAY_BOUNDS=y, I\u0027m hitting the below panic due to\ndereferencing `ctx-\u003eclk_data.hws` before setting\n`ctx-\u003eclk_data.num = nr_clks`. Move that up to fix the crash.\n\n UBSAN: array index out of bounds: 00000000f2005512 [#1] PREEMPT SMP\n \u003csnip\u003e\n Call trace:\n samsung_clk_init+0x110/0x124 (P)\n samsung_clk_init+0x48/0x124 (L)\n samsung_cmu_register_one+0x3c/0xa0\n exynos_arm64_register_cmu+0x54/0x64\n __gs101_cmu_top_of_clk_init_declare+0x28/0x60\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39728",
"url": "https://www.suse.com/security/cve/CVE-2025-39728"
},
{
"category": "external",
"summary": "SUSE Bug 1241626 for CVE-2025-39728",
"url": "https://bugzilla.suse.com/1241626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-39728"
},
{
"cve": "CVE-2025-40325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: wait barrier before returning discard request with REQ_NOWAIT\n\nraid10_handle_discard should wait barrier before returning a discard bio\nwhich has REQ_NOWAIT. And there is no need to print warning calltrace\nif a discard bio has REQ_NOWAIT flag. Quality engineer usually checks\ndmesg and reports error if dmesg has warning/error calltrace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40325",
"url": "https://www.suse.com/security/cve/CVE-2025-40325"
},
{
"category": "external",
"summary": "SUSE Bug 1241638 for CVE-2025-40325",
"url": "https://bugzilla.suse.com/1241638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.3.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:56:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-40325"
}
]
}
suse-su-2025:20408-1
Vulnerability from csaf_suse
Published
2025-06-15 13:06
Modified
2025-06-15 13:06
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).
The following non-security bugs were fixed:
- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).
- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).
- ACPICA: Utilities: Fix spelling mistake "Incremement" -> "Increment" (git-fixes).
- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).
- ACPI: HED: Always initialize before evged (stable-fixes).
- ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions" (git-fixes).
- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
- afs: Make it possible to find the volumes that are using a server (git-fixes).
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).
- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).
- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
- ALSA: seq: Improve data consistency at polling (stable-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- arm64: insn: Add support for encoding DSB (git-fixes)
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).
- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).
- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).
- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).
- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).
- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).
- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).
- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).
- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).
- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).
- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).
- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).
- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).
- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).
- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).
- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).
- ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation type (git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).
- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).
- ASoC: tas2764: Enable main IRQs (git-fixes).
- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).
- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).
- ASoC: tas2764: Reinit cache on part reset (git-fixes).
- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).
- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).
- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).
- bus: fsl-mc: fix double-free on mc_dev (git-fixes).
- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).
- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- can: bcm: add missing rcu read protection for procfs content (git-fixes).
- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).
- can: slcan: allow reception of short error messages (git-fixes).
- check-for-config-changes: Fix flag name typo
- cifs: change tcon status when need_reconnect is set on it (git-fixes).
- cifs: reduce warning log level for server not advertising interfaces (git-fixes).
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- crypto: lrw - Only add ecb if it is not already there (git-fixes).
- crypto: lzo - Fix compression buffer overrun (stable-fixes).
- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).
- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).
- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).
- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).
- crypto: qat - add shutdown handler to qat_420xx (git-fixes).
- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).
- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).
- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).
- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).
- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).
- crypto: xts - Only add ecb if it is not already there (git-fixes).
- devlink: fix port new reply cmd type (git-fixes).
- dlm: mask sk_shutdown value (bsc#1228854).
- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).
- dma-buf: insert memory barrier before updating num_fences (git-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).
- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" (git-fixes).
- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).
- dm-integrity: fix a warning on invalid table line (git-fixes).
- Documentation: fix typo in root= kernel parameter description (git-fixes).
- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).
- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).
- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).
- drm: Add valid clones check (stable-fixes).
- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).
- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).
- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).
- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).
- drm/amd/display: Increase block_sequence array size (stable-fixes).
- drm/amd/display: Initial psr_version with correct setting (stable-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).
- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).
- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).
- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).
- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: reset psp->cmd to NULL after releasing the buffer (stable-fixes).
- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).
- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).
- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).
- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).
- drm/ast: Find VBIOS mode from regular display size (stable-fixes).
- drm/ast: Fix comment on modeset lock (git-fixes).
- drm/atomic: clarify the rules around drm_atomic_state->allow_modeset (stable-fixes).
- drm: bridge: adv7511: fill stream capabilities (stable-fixes).
- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).
- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).
- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).
- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).
- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).
- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).
- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).
- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).
- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).
- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).
- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).
- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).
- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).
- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).
- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).
- drm/tegra: Assign plane type before registration (git-fixes).
- drm/tegra: Fix a possible null pointer dereference (git-fixes).
- drm/tegra: rgb: Fix the unbound reference count (git-fixes).
- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).
- drm/v3d: Add clock handling (stable-fixes).
- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
- drm/vc4: tests: Use return instead of assert (git-fixes).
- drm/vkms: Adjust vkms_state->active_planes allocation type (git-fixes).
- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).
- Drop AMDGPU patch that may cause regressions (bsc#1243782)
- exfat: fix potential wrong error return from get_block (git-fixes).
- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).
- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).
- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).
- fbdev/efifb: Remove PM for parent device (bsc#1244261).
- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).
- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).
- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).
- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).
- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).
- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- fpga: altera-cvp: Increase credit timeout (stable-fixes).
- gpiolib: Revert "Do not WARN on gpiod_put() for optional GPIO" (stable-fixes).
- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).
- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).
- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).
- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).
- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).
- hwmon: (dell-smm) Increment the number of fans (stable-fixes).
- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).
- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).
- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).
- i2c: pxa: fix call balance of i2c->clk handling routines (stable-fixes).
- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).
- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).
- i3c: master: svc: Fix missing STOP for master request (stable-fixes).
- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).
- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).
- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).
- iio: filter: admv8818: fix band 4, state 15 (git-fixes).
- iio: filter: admv8818: fix integer overflow (git-fixes).
- iio: filter: admv8818: fix range calculation (git-fixes).
- iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes).
- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).
- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).
- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).
- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).
- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).
- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
- Input: xpad - add more controllers (stable-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
- intel_th: avoid using deprecated page->mapping, index fields (stable-fixes).
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- ipv4: Fix incorrect source address in Record Route option (git-fixes).
- ipv4: fix source address selection with route leak (git-fixes).
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes). Both spellings are actually used
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- ipv6: Align behavior across nexthops during path selection (git-fixes).
- ipv6: Do not consider link down nexthops in path selection (git-fixes).
- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).
- ipv6: Start path selection from the first nexthop (git-fixes).
- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).
- jffs2: check that raw node were preallocated before writing summary (git-fixes).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).
- kernel-obs-qa: Use srchash for dependency as well
- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
- KVM: arm64: Mark some header functions as inline (git-fixes).
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).
- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).
- KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
- KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: aio inherit the ioprio of original request (git-fixes).
- loop: do not require ->write_iter for writable files in loop_configure (git-fixes).
- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).
- md: add a new callback pers->bitmap_sector() (git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md: preserve KABI in struct md_personality v2 (git-fixes).
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
- md/raid1,raid10: do not ignore IO flags (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).
- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).
- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).
- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).
- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).
- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).
- media: cx231xx: set device_caps for 417 (stable-fixes).
- media: cxusb: no longer judge rbuf when the write fails (git-fixes).
- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).
- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).
- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).
- media: imx-jpeg: Cleanup after an allocation error (git-fixes).
- media: imx-jpeg: Drop the first error frames (git-fixes).
- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).
- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).
- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).
- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).
- media: ov5675: suppress probe deferral errors (git-fixes).
- media: ov8856: suppress probe deferral errors (git-fixes).
- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).
- media: rkvdec: Fix frame size enumeration (git-fixes).
- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).
- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).
- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).
- media: uvcvideo: Fix deferred probing error (git-fixes).
- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).
- media: uvcvideo: Return the number of processed controls (git-fixes).
- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).
- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).
- media: venus: Fix probe error handling (git-fixes).
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).
- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).
- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).
- media: vivid: Change the siize of the composing (git-fixes).
- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).
- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).
- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).
- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).
- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).
- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).
- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).
- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).
- neighbour: delete redundant judgment statements (git-fixes).
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- net: do not dump stack on queue timeout (git-fixes).
- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
- net: Handle napi_schedule() calls from non-interrupt (git-fixes).
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).
- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
- net: phy: clear phydev->devlink when the link is deleted (git-fixes).
- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).
- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).
- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).
- netpoll: Ensure clean state on setup failures (git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).
- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).
- net: usb: aqc111: debug info before sanitation (git-fixes).
- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).
- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).
- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (git-fixes).
- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).
- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).
- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
- nvme: multipath: fix return value of nvme_available_path (git-fixes).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).
- nvme: unblock ctrl state transition for firmware update (git-fixes).
- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
- padata: do not leak refcount in reorder_work (git-fixes).
- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).
- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).
- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).
- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: cadence: Fix runtime atomic count underflow (git-fixes).
- PCI/DPC: Initialize aer_err_info before using it (git-fixes).
- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).
- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).
- PCI: Explicitly put devices into D0 when initializing (git-fixes).
- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).
- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).
- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).
- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).
- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).
- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (git-fixes).
- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).
- pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned" (stable-fixes).
- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).
- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).
- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).
- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).
- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).
- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).
- PM: sleep: Print PM debug messages during hibernation (git-fixes).
- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- power: reset: at91-reset: Optimize at91_reset() (git-fixes).
- qibfs: fix _another_ leak (git-fixes)
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- rcu: Introduce rcu_cpu_online() (git-fixes)
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem (git-fixes)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- RDMA/rxe: Fix "trying to register non-static key in rxe_qp_do_cleanup" bug (git-fixes)
- Refresh fixes for cBPF issue (bsc#1242778)
- regulator: ad5398: Add device tree support (stable-fixes).
- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).
- regulator: max20086: Change enable gpio to optional (git-fixes).
- regulator: max20086: fix invalid memory access (git-fixes).
- regulator: max20086: Fix MAX200086 chip id (git-fixes).
- Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first" (stable-fixes).
- Revert "drm/amdgpu: do not allow userspace to create a doorbell BO" (stable-fixes).
- Revert "drm/amd: Keep display off while going into S4" (git-fixes).
- Revert "drm/amd: Stop evicting resources on APUs in suspend" (stable-fixes).
- Revert "rndis_host: Flag RNDIS modems as WWAN devices" (git-fixes).
- Revert "wifi: mt76: mt7996: fill txd by host driver" (stable-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rtc: at91rm9200: drop unused module alias (git-fixes).
- rtc: cpcap: drop unused module alias (git-fixes).
- rtc: da9063: drop unused module alias (git-fixes).
- rtc: ds1307: stop disabling alarms on probe (stable-fixes).
- rtc: Fix offset calculation for .start_secs < 0 (git-fixes).
- rtc: jz4740: drop unused module alias (git-fixes).
- rtc: pm8xxx: drop unused module alias (git-fixes).
- rtc: rv3032: fix EERD location (stable-fixes).
- rtc: s3c: drop unused module alias (git-fixes).
- rtc: sh: assign correct interrupts with DT (git-fixes).
- rtc: stm32: drop unused module alias (git-fixes).
- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).
- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).
- s390/pci: introduce lock to synchronize state of zpci_dev's (jsc#PED-10253 bsc#1244145).
- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).
- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).
- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).
- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).
- s390/pci: Serialize device addition and removal (bsc#1244145).
- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: Improve CDL control (git-fixes).
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).
- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).
- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).
- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).
- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).
- serial: sh-sci: Save and restore more registers (git-fixes).
- serial: sh-sci: Update the suspend/resume support (stable-fixes).
- smb3: fix Open files on server counter going negative (git-fixes).
- smb: client: allow more DFS referrals to be cached (git-fixes).
- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).
- smb: client: do not retry DFS targets on server shutdown (git-fixes).
- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).
- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).
- smb: client: fix DFS interlink failover (git-fixes).
- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- smb: client: fix return value of parse_dfs_referrals() (git-fixes).
- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).
- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).
- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).
- smb: client: improve purging of cached referrals (git-fixes).
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- smb: client: optimize referral walk on failed link targets (git-fixes).
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
- smb: client: parse DNS domain name from domain= option (git-fixes).
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- smb: client: refresh referral without acquiring refpath_lock (git-fixes).
- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).
- smb: client: Use str_yes_no() helper function (git-fixes).
- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).
- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).
- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).
- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).
- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).
- spi: bcm63xx-hsspi: fix shared reset (git-fixes).
- spi: bcm63xx-spi: fix shared reset (git-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- spi-rockchip: Fix register out of bounds access (stable-fixes).
- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
- spi: spi-sun4i: fix early activation (stable-fixes).
- spi: tegra114: Use value to check for invalid delays (git-fixes).
- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).
- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).
- spi: tegra210-quad: remove redundant error handling code (git-fixes).
- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).
- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).
- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).
- thunderbolt: Fix a logic error in wake on connect (git-fixes).
- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).
- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).
- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).
- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).
- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).
- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).
- usb: usbtmc: Fix timeout value in get_stb (git-fixes).
- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).
- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).
- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).
- virtio_console: fix missing byte order handling for cols and rows (git-fixes).
- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).
- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).
- watchdog: exar: Shorten identity name to fit correctly (git-fixes).
- wifi: ath11k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath11k: fix ring-buffer corruption (git-fixes).
- wifi: ath11k: fix rx completion meta data corruption (git-fixes).
- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).
- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).
- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).
- wifi: ath12k: fix cleanup path after mhi init (git-fixes).
- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).
- wifi: ath12k: fix invalid access to memory (git-fixes).
- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).
- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).
- wifi: ath12k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath12k: fix ring-buffer corruption (git-fixes).
- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).
- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).
- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).
- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).
- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).
- wifi: ath9k: return by of_get_mac_address (stable-fixes).
- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).
- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).
- wifi: iwlwifi: fix debug actions order (stable-fixes).
- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).
- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).
- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).
- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).
- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).
- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).
- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).
- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).
- wifi: mt76: mt7996: revise TXS size (stable-fixes).
- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).
- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).
- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).
- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).
- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).
- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).
- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (git-fixes).
- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).
- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).
- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).
- wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet (stable-fixes).
- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).
- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).
- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).
- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).
- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).
- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- xenfs/xensyms: respect hypervisor's "next" indication (git-fixes).
- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
- xhci: split free interrupter into separate remove and free parts (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- xsk: Do not assume metadata is always requested in TX completion (git-fixes).
Patchnames
SUSE-SLE-Micro-6.0-kernel-40
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).\n- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).\n- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).\n- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).\n- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).\n- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1237312).\n- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).\n- CVE-2025-21814: ptp: Ensure info-\u003eenable callback is always set (bsc#1238473).\n- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).\n- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).\n- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).\n- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).\n- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).\n- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).\n- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).\n- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).\n- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).\n- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).\n- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).\n- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).\n- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).\n- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).\n- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).\n- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).\n- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).\n- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).\n- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).\n- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).\n- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).\n- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).\n- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).\n- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).\n- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).\n- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).\n- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).\n- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).\n- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).\n- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).\n- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).\n- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).\n- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).\n- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).\n- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).\n- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).\n- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).\n- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).\n- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).\n- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).\n- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).\n- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).\n- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).\n- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).\n- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).\n- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).\n\nThe following non-security bugs were fixed:\n\n- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).\n- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).\n- ACPICA: Utilities: Fix spelling mistake \"Incremement\" -\u003e \"Increment\" (git-fixes).\n- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).\n- ACPI: HED: Always initialize before evged (stable-fixes).\n- ACPI: OSI: Stop advertising support for \"3.0 _SCP Extensions\" (git-fixes).\n- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).\n- ACPI: PPTT: Fix processor subtable walk (git-fixes).\n- add bug reference for an existing hv_netvsc change (bsc#1243737).\n- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).\n- afs: Make it possible to find the volumes that are using a server (git-fixes).\n- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).\n- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).\n- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).\n- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).\n- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).\n- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).\n- ALSA: seq: Improve data consistency at polling (stable-fixes).\n- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).\n- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).\n- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)\n- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)\n- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)\n- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)\n- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)\n- arm64: insn: Add support for encoding DSB (git-fixes)\n- arm64: proton-pack: Add new CPUs \u0027k\u0027 values for branch mitigation (git-fixes)\n- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)\n- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)\n- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).\n- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).\n- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).\n- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).\n- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).\n- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).\n- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).\n- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).\n- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).\n- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).\n- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).\n- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).\n- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).\n- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).\n- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).\n- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).\n- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).\n- ASoC: SOF: ipc4-pcm: Adjust pipeline_list-\u003epipelines allocation type (git-fixes).\n- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).\n- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).\n- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).\n- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).\n- ASoC: tas2764: Enable main IRQs (git-fixes).\n- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).\n- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).\n- ASoC: tas2764: Reinit cache on part reset (git-fixes).\n- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).\n- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).\n- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).\n- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).\n- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).\n- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).\n- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).\n- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).\n- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).\n- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).\n- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).\n- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).\n- bpf: Scrub packet on bpf_redirect_peer (git-fixes).\n- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).\n- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).\n- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).\n- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).\n- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).\n- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).\n- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).\n- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).\n- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).\n- bus: fsl-mc: fix double-free on mc_dev (git-fixes).\n- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).\n- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).\n- can: bcm: add locking for bcm_op runtime updates (git-fixes).\n- can: bcm: add missing rcu read protection for procfs content (git-fixes).\n- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).\n- can: slcan: allow reception of short error messages (git-fixes).\n- check-for-config-changes: Fix flag name typo\n- cifs: change tcon status when need_reconnect is set on it (git-fixes).\n- cifs: reduce warning log level for server not advertising interfaces (git-fixes).\n- crypto: algif_hash - fix double free in hash_accept (git-fixes).\n- crypto: lrw - Only add ecb if it is not already there (git-fixes).\n- crypto: lzo - Fix compression buffer overrun (stable-fixes).\n- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).\n- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).\n- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).\n- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).\n- crypto: qat - add shutdown handler to qat_420xx (git-fixes).\n- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).\n- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).\n- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).\n- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).\n- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).\n- crypto: xts - Only add ecb if it is not already there (git-fixes).\n- devlink: fix port new reply cmd type (git-fixes).\n- dlm: mask sk_shutdown value (bsc#1228854).\n- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).\n- dma-buf: insert memory barrier before updating num_fences (git-fixes).\n- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).\n- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).\n- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).\n- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).\n- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).\n- dmaengine: idxd: Fix -\u003epoll() return value (git-fixes).\n- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).\n- dmaengine: mediatek: drop unused variable (git-fixes).\n- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).\n- dmaengine: Revert \"dmaengine: dmatest: Fix dmatest waiting less when interrupted\" (git-fixes).\n- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).\n- dmaengine: ti: k3-udma: Add missing locking (git-fixes).\n- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).\n- dm-integrity: fix a warning on invalid table line (git-fixes).\n- Documentation: fix typo in root= kernel parameter description (git-fixes).\n- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).\n- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).\n- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).\n- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).\n- drm: Add valid clones check (stable-fixes).\n- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).\n- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).\n- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).\n- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).\n- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).\n- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).\n- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).\n- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).\n- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).\n- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).\n- drm/amd/display: Increase block_sequence array size (stable-fixes).\n- drm/amd/display: Initial psr_version with correct setting (stable-fixes).\n- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).\n- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).\n- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).\n- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).\n- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).\n- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).\n- drm/amdgpu: fix pm notifier handling (git-fixes).\n- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).\n- drm/amdgpu: reset psp-\u003ecmd to NULL after releasing the buffer (stable-fixes).\n- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).\n- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).\n- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).\n- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).\n- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).\n- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).\n- drm/ast: Find VBIOS mode from regular display size (stable-fixes).\n- drm/ast: Fix comment on modeset lock (git-fixes).\n- drm/atomic: clarify the rules around drm_atomic_state-\u003eallow_modeset (stable-fixes).\n- drm: bridge: adv7511: fill stream capabilities (stable-fixes).\n- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).\n- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).\n- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).\n- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).\n- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).\n- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).\n- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).\n- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).\n- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).\n- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).\n- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).\n- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).\n- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).\n- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).\n- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).\n- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).\n- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).\n- drm/tegra: Assign plane type before registration (git-fixes).\n- drm/tegra: Fix a possible null pointer dereference (git-fixes).\n- drm/tegra: rgb: Fix the unbound reference count (git-fixes).\n- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).\n- drm/v3d: Add clock handling (stable-fixes).\n- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).\n- drm/vc4: tests: Use return instead of assert (git-fixes).\n- drm/vkms: Adjust vkms_state-\u003eactive_planes allocation type (git-fixes).\n- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).\n- Drop AMDGPU patch that may cause regressions (bsc#1243782)\n- exfat: fix potential wrong error return from get_block (git-fixes).\n- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).\n- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).\n- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).\n- fbdev/efifb: Remove PM for parent device (bsc#1244261).\n- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).\n- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).\n- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).\n- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).\n- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).\n- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).\n- fpga: altera-cvp: Increase credit timeout (stable-fixes).\n- gpiolib: Revert \"Do not WARN on gpiod_put() for optional GPIO\" (stable-fixes).\n- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).\n- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).\n- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).\n- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).\n- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).\n- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).\n- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).\n- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).\n- hv_netvsc: Remove rmsg_pgcnt (git-fixes).\n- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).\n- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).\n- hwmon: (dell-smm) Increment the number of fans (stable-fixes).\n- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).\n- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).\n- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).\n- i2c: pxa: fix call balance of i2c-\u003eclk handling routines (stable-fixes).\n- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).\n- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).\n- i3c: master: svc: Fix missing STOP for master request (stable-fixes).\n- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).\n- IB/cm: use rwlock for MAD agent lock (git-fixes)\n- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).\n- idpf: fix offloads support for encapsulated packets (git-fixes).\n- idpf: fix potential memory leak on kcalloc() failure (git-fixes).\n- idpf: protect shutdown from reset (git-fixes).\n- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).\n- igc: fix lock order in igc_ptp_reset (git-fixes).\n- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).\n- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).\n- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).\n- iio: filter: admv8818: fix band 4, state 15 (git-fixes).\n- iio: filter: admv8818: fix integer overflow (git-fixes).\n- iio: filter: admv8818: fix range calculation (git-fixes).\n- iio: filter: admv8818: Support frequencies \u003e= 2^32 (git-fixes).\n- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).\n- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).\n- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).\n- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).\n- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).\n- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).\n- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).\n- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).\n- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).\n- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).\n- Input: xpad - add more controllers (stable-fixes).\n- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).\n- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).\n- intel_th: avoid using deprecated page-\u003emapping, index fields (stable-fixes).\n- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).\n- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).\n- ipv4: Fix incorrect source address in Record Route option (git-fixes).\n- ipv4: fix source address selection with route leak (git-fixes).\n- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).\n- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).\n- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes). Both spellings are actually used\n- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).\n- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).\n- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).\n- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).\n- ipv4/route: avoid unused-but-set-variable warning (git-fixes).\n- ipv6: Align behavior across nexthops during path selection (git-fixes).\n- ipv6: Do not consider link down nexthops in path selection (git-fixes).\n- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).\n- ipv6: Start path selection from the first nexthop (git-fixes).\n- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).\n- jffs2: check that raw node were preallocated before writing summary (git-fixes).\n- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).\n- jiffies: Define secs_to_jiffies() (bsc#1242993).\n- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).\n- kernel-obs-qa: Use srchash for dependency as well\n- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).\n- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).\n- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).\n- KVM: arm64: Mark some header functions as inline (git-fixes).\n- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).\n- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).\n- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).\n- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).\n- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).\n- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).\n- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).\n- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).\n- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).\n- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).\n- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).\n- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).\n- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).\n- KVM: SVM: Drop DEBUGCTL[5:2] from guest\u0027s effective value (git-fixes).\n- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).\n- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).\n- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).\n- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).\n- KVM: x86: Do not take kvm-\u003elock when iterating over vCPUs in suspend notifier (git-fixes).\n- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).\n- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn\u0027t supported by KVM (git-fixes).\n- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).\n- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).\n- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).\n- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).\n- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).\n- KVM: x86/xen: Use guest\u0027s copy of pvclock when starting timer (git-fixes).\n- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).\n- loop: Add sanity check for read/write_iter (git-fixes).\n- loop: aio inherit the ioprio of original request (git-fixes).\n- loop: do not require -\u003ewrite_iter for writable files in loop_configure (git-fixes).\n- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).\n- md: add a new callback pers-\u003ebitmap_sector() (git-fixes).\n- md: ensure resync is prioritized over recovery (git-fixes).\n- md: fix mddev uaf while iterating all_mddevs list (git-fixes).\n- md: preserve KABI in struct md_personality v2 (git-fixes).\n- md/raid10: fix missing discard IO accounting (git-fixes).\n- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).\n- md/raid1: Add check for missing source disk in process_checks() (git-fixes).\n- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).\n- md/raid1,raid10: do not ignore IO flags (git-fixes).\n- md/raid5: implement pers-\u003ebitmap_sector() (git-fixes).\n- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).\n- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).\n- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).\n- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).\n- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).\n- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).\n- media: cx231xx: set device_caps for 417 (stable-fixes).\n- media: cxusb: no longer judge rbuf when the write fails (git-fixes).\n- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).\n- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).\n- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).\n- media: imx-jpeg: Cleanup after an allocation error (git-fixes).\n- media: imx-jpeg: Drop the first error frames (git-fixes).\n- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).\n- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).\n- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).\n- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).\n- media: ov5675: suppress probe deferral errors (git-fixes).\n- media: ov8856: suppress probe deferral errors (git-fixes).\n- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).\n- media: rkvdec: Fix frame size enumeration (git-fixes).\n- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).\n- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).\n- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).\n- media: uvcvideo: Fix deferred probing error (git-fixes).\n- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).\n- media: uvcvideo: Return the number of processed controls (git-fixes).\n- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).\n- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).\n- media: venus: Fix probe error handling (git-fixes).\n- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).\n- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).\n- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).\n- media: vivid: Change the siize of the composing (git-fixes).\n- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).\n- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).\n- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).\n- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).\n- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).\n- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).\n- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).\n- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).\n- mtd: phram: Add the kernel lock down check (bsc#1232649).\n- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).\n- neighbour: delete redundant judgment statements (git-fixes).\n- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).\n- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).\n- netdev: fix repeated netlink messages in queue dump (git-fixes).\n- netdev-genl: avoid empty messages in queue dump (git-fixes).\n- net: do not dump stack on queue timeout (git-fixes).\n- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).\n- net: Handle napi_schedule() calls from non-interrupt (git-fixes).\n- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).\n- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).\n- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).\n- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).\n- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).\n- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).\n- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).\n- netlink: annotate data-races around sk-\u003esk_err (git-fixes).\n- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).\n- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).\n- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).\n- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).\n- net: phy: clear phydev-\u003edevlink when the link is deleted (git-fixes).\n- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).\n- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).\n- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).\n- netpoll: Ensure clean state on setup failures (git-fixes).\n- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).\n- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).\n- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).\n- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).\n- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).\n- net: usb: aqc111: debug info before sanitation (git-fixes).\n- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).\n- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).\n- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).\n- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).\n- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).\n- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn\u0027t up (git-fixes).\n- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).\n- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).\n- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).\n- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).\n- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).\n- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).\n- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).\n- nvme: Add \u0027partial_nid\u0027 quirk (bsc#1241148).\n- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).\n- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).\n- nvme: multipath: fix return value of nvme_available_path (git-fixes).\n- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).\n- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).\n- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).\n- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).\n- nvme: requeue namespace scan on missed AENs (git-fixes).\n- nvme: re-read ANA log page after ns scan completes (git-fixes).\n- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).\n- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).\n- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).\n- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).\n- nvmet-fcloop: add ref counting to lport (git-fixes).\n- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).\n- nvmet-fcloop: replace kref with refcount (git-fixes).\n- nvmet-fc: put ref when assoc-\u003edel_work is already scheduled (git-fixes).\n- nvmet-fc: take tgtport reference only once (git-fixes).\n- nvmet-fc: update tgtport ref per assoc (git-fixes).\n- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).\n- nvme: unblock ctrl state transition for firmware update (git-fixes).\n- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).\n- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).\n- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).\n- padata: do not leak refcount in reorder_work (git-fixes).\n- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).\n- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).\n- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).\n- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).\n- PCI: cadence: Fix runtime atomic count underflow (git-fixes).\n- PCI/DPC: Initialize aer_err_info before using it (git-fixes).\n- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).\n- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).\n- PCI: Explicitly put devices into D0 when initializing (git-fixes).\n- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).\n- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).\n- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).\n- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).\n- phy: Fix error handling in tegra_xusb_port_init (git-fixes).\n- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).\n- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).\n- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).\n- phy: tegra: xusb: remove a stray unlock (git-fixes).\n- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).\n- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).\n- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs \u003e 31 (git-fixes).\n- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).\n- pinctrl: bcm281xx: Use \"unsigned int\" instead of bare \"unsigned\" (stable-fixes).\n- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).\n- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).\n- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).\n- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).\n- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).\n- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).\n- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).\n- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).\n- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).\n- PM: sleep: Print PM debug messages during hibernation (git-fixes).\n- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).\n- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).\n- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).\n- power: reset: at91-reset: Optimize at91_reset() (git-fixes).\n- qibfs: fix _another_ leak (git-fixes)\n- rcu: Break rcu_node_0 --\u003e \u0026rq-\u003e__lock order (git-fixes)\n- rcu: Introduce rcu_cpu_online() (git-fixes)\n- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)\n- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)\n- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)\n- RDMA/core: Fix \"KASAN: slab-use-after-free Read in ib_register_device\" problem (git-fixes)\n- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)\n- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)\n- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)\n- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)\n- RDMA/rxe: Fix \"trying to register non-static key in rxe_qp_do_cleanup\" bug (git-fixes)\n- Refresh fixes for cBPF issue (bsc#1242778)\n- regulator: ad5398: Add device tree support (stable-fixes).\n- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).\n- regulator: max20086: Change enable gpio to optional (git-fixes).\n- regulator: max20086: fix invalid memory access (git-fixes).\n- regulator: max20086: Fix MAX200086 chip id (git-fixes).\n- Revert \"bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first\" (stable-fixes).\n- Revert \"drm/amdgpu: do not allow userspace to create a doorbell BO\" (stable-fixes).\n- Revert \"drm/amd: Keep display off while going into S4\" (git-fixes).\n- Revert \"drm/amd: Stop evicting resources on APUs in suspend\" (stable-fixes).\n- Revert \"rndis_host: Flag RNDIS modems as WWAN devices\" (git-fixes).\n- Revert \"wifi: mt76: mt7996: fill txd by host driver\" (stable-fixes).\n- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN\n- rtc: at91rm9200: drop unused module alias (git-fixes).\n- rtc: cpcap: drop unused module alias (git-fixes).\n- rtc: da9063: drop unused module alias (git-fixes).\n- rtc: ds1307: stop disabling alarms on probe (stable-fixes).\n- rtc: Fix offset calculation for .start_secs \u0026lt; 0 (git-fixes).\n- rtc: jz4740: drop unused module alias (git-fixes).\n- rtc: pm8xxx: drop unused module alias (git-fixes).\n- rtc: rv3032: fix EERD location (stable-fixes).\n- rtc: s3c: drop unused module alias (git-fixes).\n- rtc: sh: assign correct interrupts with DT (git-fixes).\n- rtc: stm32: drop unused module alias (git-fixes).\n- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).\n- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).\n- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).\n- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).\n- s390/pci: introduce lock to synchronize state of zpci_dev\u0027s (jsc#PED-10253 bsc#1244145).\n- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).\n- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).\n- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).\n- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).\n- s390/pci: Serialize device addition and removal (bsc#1244145).\n- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).\n- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).\n- scsi: Improve CDL control (git-fixes).\n- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).\n- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).\n- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).\n- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).\n- scsi: lpfc: Fix spelling mistake \u0027Toplogy\u0027 -\u003e \u0027Topology\u0027 (bsc#1242993).\n- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).\n- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).\n- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).\n- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).\n- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).\n- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).\n- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).\n- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).\n- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).\n- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).\n- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).\n- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).\n- selftests/mm: fix incorrect buffer-\u003emirror size in hmm2 double_map test (bsc#1242203).\n- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).\n- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).\n- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).\n- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).\n- serial: sh-sci: Save and restore more registers (git-fixes).\n- serial: sh-sci: Update the suspend/resume support (stable-fixes).\n- smb3: fix Open files on server counter going negative (git-fixes).\n- smb: client: allow more DFS referrals to be cached (git-fixes).\n- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).\n- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).\n- smb: client: do not retry DFS targets on server shutdown (git-fixes).\n- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).\n- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).\n- smb: client: fix DFS interlink failover (git-fixes).\n- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).\n- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).\n- smb: client: fix potential race in cifs_put_tcon() (git-fixes).\n- smb: client: fix return value of parse_dfs_referrals() (git-fixes).\n- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).\n- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).\n- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).\n- smb: client: improve purging of cached referrals (git-fixes).\n- smb: client: introduce av_for_each_entry() helper (git-fixes).\n- smb: client: optimize referral walk on failed link targets (git-fixes).\n- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).\n- smb: client: parse DNS domain name from domain= option (git-fixes).\n- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).\n- smb: client: refresh referral without acquiring refpath_lock (git-fixes).\n- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).\n- smb: client: Use str_yes_no() helper function (git-fixes).\n- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).\n- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).\n- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).\n- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).\n- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).\n- spi: bcm63xx-hsspi: fix shared reset (git-fixes).\n- spi: bcm63xx-spi: fix shared reset (git-fixes).\n- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).\n- spi-rockchip: Fix register out of bounds access (stable-fixes).\n- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).\n- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).\n- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).\n- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).\n- spi: spi-sun4i: fix early activation (stable-fixes).\n- spi: tegra114: Use value to check for invalid delays (git-fixes).\n- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).\n- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).\n- spi: tegra210-quad: remove redundant error handling code (git-fixes).\n- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).\n- Squashfs: check return result of sb_min_blocksize (git-fixes).\n- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).\n- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).\n- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).\n- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).\n- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).\n- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).\n- thunderbolt: Fix a logic error in wake on connect (git-fixes).\n- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).\n- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).\n- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).\n- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).\n- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).\n- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).\n- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).\n- usb: usbtmc: Fix timeout value in get_stb (git-fixes).\n- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).\n- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).\n- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).\n- virtio_console: fix missing byte order handling for cols and rows (git-fixes).\n- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).\n- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).\n- watchdog: exar: Shorten identity name to fit correctly (git-fixes).\n- wifi: ath11k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath11k: fix ring-buffer corruption (git-fixes).\n- wifi: ath11k: fix rx completion meta data corruption (git-fixes).\n- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).\n- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).\n- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).\n- wifi: ath12k: fix cleanup path after mhi init (git-fixes).\n- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).\n- wifi: ath12k: fix invalid access to memory (git-fixes).\n- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).\n- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).\n- wifi: ath12k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath12k: fix ring-buffer corruption (git-fixes).\n- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).\n- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).\n- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).\n- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).\n- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).\n- wifi: ath9k: return by of_get_mac_address (stable-fixes).\n- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).\n- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).\n- wifi: iwlwifi: fix debug actions order (stable-fixes).\n- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).\n- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).\n- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).\n- wifi: mt76: disable napi on driver removal (git-fixes).\n- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).\n- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).\n- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).\n- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).\n- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).\n- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).\n- wifi: mt76: mt7996: revise TXS size (stable-fixes).\n- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).\n- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).\n- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).\n- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).\n- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).\n- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).\n- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).\n- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: fix the \u0027para\u0027 buffer size to avoid reading out of bounds (git-fixes).\n- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).\n- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).\n- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).\n- wifi: rtw89: add wiphy_lock() to work that isn\u0027t held wiphy_lock() yet (stable-fixes).\n- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).\n- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).\n- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).\n- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).\n- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).\n- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).\n- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).\n- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).\n- x86/xen: move xen_reserve_extra_memory() (git-fixes).\n- xen: Change xen-acpi-processor dom0 dependency (git-fixes).\n- xenfs/xensyms: respect hypervisor\u0027s \"next\" indication (git-fixes).\n- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).\n- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).\n- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).\n- xhci: split free interrupter into separate remove and free parts (git-fixes).\n- xsk: Add truesize to skb_add_rx_frag() (git-fixes).\n- xsk: Do not assume metadata is always requested in TX completion (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-kernel-40",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20408-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20408-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520408-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20408-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040339.html"
},
{
"category": "self",
"summary": "SUSE Bug 1220112",
"url": "https://bugzilla.suse.com/1220112"
},
{
"category": "self",
"summary": "SUSE Bug 1223096",
"url": "https://bugzilla.suse.com/1223096"
},
{
"category": "self",
"summary": "SUSE Bug 1226498",
"url": "https://bugzilla.suse.com/1226498"
},
{
"category": "self",
"summary": "SUSE Bug 1228557",
"url": "https://bugzilla.suse.com/1228557"
},
{
"category": "self",
"summary": "SUSE Bug 1228854",
"url": "https://bugzilla.suse.com/1228854"
},
{
"category": "self",
"summary": "SUSE Bug 1229491",
"url": "https://bugzilla.suse.com/1229491"
},
{
"category": "self",
"summary": "SUSE Bug 1230581",
"url": "https://bugzilla.suse.com/1230581"
},
{
"category": "self",
"summary": "SUSE Bug 1231016",
"url": "https://bugzilla.suse.com/1231016"
},
{
"category": "self",
"summary": "SUSE Bug 1232649",
"url": "https://bugzilla.suse.com/1232649"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1233192",
"url": "https://bugzilla.suse.com/1233192"
},
{
"category": "self",
"summary": "SUSE Bug 1234154",
"url": "https://bugzilla.suse.com/1234154"
},
{
"category": "self",
"summary": "SUSE Bug 1235149",
"url": "https://bugzilla.suse.com/1235149"
},
{
"category": "self",
"summary": "SUSE Bug 1235968",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "self",
"summary": "SUSE Bug 1236142",
"url": "https://bugzilla.suse.com/1236142"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238473",
"url": "https://bugzilla.suse.com/1238473"
},
{
"category": "self",
"summary": "SUSE Bug 1238774",
"url": "https://bugzilla.suse.com/1238774"
},
{
"category": "self",
"summary": "SUSE Bug 1238992",
"url": "https://bugzilla.suse.com/1238992"
},
{
"category": "self",
"summary": "SUSE Bug 1239691",
"url": "https://bugzilla.suse.com/1239691"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1240593",
"url": "https://bugzilla.suse.com/1240593"
},
{
"category": "self",
"summary": "SUSE Bug 1240823",
"url": "https://bugzilla.suse.com/1240823"
},
{
"category": "self",
"summary": "SUSE Bug 1240866",
"url": "https://bugzilla.suse.com/1240866"
},
{
"category": "self",
"summary": "SUSE Bug 1240966",
"url": "https://bugzilla.suse.com/1240966"
},
{
"category": "self",
"summary": "SUSE Bug 1241148",
"url": "https://bugzilla.suse.com/1241148"
},
{
"category": "self",
"summary": "SUSE Bug 1241282",
"url": "https://bugzilla.suse.com/1241282"
},
{
"category": "self",
"summary": "SUSE Bug 1241305",
"url": "https://bugzilla.suse.com/1241305"
},
{
"category": "self",
"summary": "SUSE Bug 1241340",
"url": "https://bugzilla.suse.com/1241340"
},
{
"category": "self",
"summary": "SUSE Bug 1241351",
"url": "https://bugzilla.suse.com/1241351"
},
{
"category": "self",
"summary": "SUSE Bug 1241376",
"url": "https://bugzilla.suse.com/1241376"
},
{
"category": "self",
"summary": "SUSE Bug 1241448",
"url": "https://bugzilla.suse.com/1241448"
},
{
"category": "self",
"summary": "SUSE Bug 1241457",
"url": "https://bugzilla.suse.com/1241457"
},
{
"category": "self",
"summary": "SUSE Bug 1241492",
"url": "https://bugzilla.suse.com/1241492"
},
{
"category": "self",
"summary": "SUSE Bug 1241519",
"url": "https://bugzilla.suse.com/1241519"
},
{
"category": "self",
"summary": "SUSE Bug 1241525",
"url": "https://bugzilla.suse.com/1241525"
},
{
"category": "self",
"summary": "SUSE Bug 1241533",
"url": "https://bugzilla.suse.com/1241533"
},
{
"category": "self",
"summary": "SUSE Bug 1241538",
"url": "https://bugzilla.suse.com/1241538"
},
{
"category": "self",
"summary": "SUSE Bug 1241576",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "self",
"summary": "SUSE Bug 1241590",
"url": "https://bugzilla.suse.com/1241590"
},
{
"category": "self",
"summary": "SUSE Bug 1241595",
"url": "https://bugzilla.suse.com/1241595"
},
{
"category": "self",
"summary": "SUSE Bug 1241596",
"url": "https://bugzilla.suse.com/1241596"
},
{
"category": "self",
"summary": "SUSE Bug 1241597",
"url": "https://bugzilla.suse.com/1241597"
},
{
"category": "self",
"summary": "SUSE Bug 1241625",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "self",
"summary": "SUSE Bug 1241627",
"url": "https://bugzilla.suse.com/1241627"
},
{
"category": "self",
"summary": "SUSE Bug 1241635",
"url": "https://bugzilla.suse.com/1241635"
},
{
"category": "self",
"summary": "SUSE Bug 1241638",
"url": "https://bugzilla.suse.com/1241638"
},
{
"category": "self",
"summary": "SUSE Bug 1241644",
"url": "https://bugzilla.suse.com/1241644"
},
{
"category": "self",
"summary": "SUSE Bug 1241654",
"url": "https://bugzilla.suse.com/1241654"
},
{
"category": "self",
"summary": "SUSE Bug 1241657",
"url": "https://bugzilla.suse.com/1241657"
},
{
"category": "self",
"summary": "SUSE Bug 1242012",
"url": "https://bugzilla.suse.com/1242012"
},
{
"category": "self",
"summary": "SUSE Bug 1242035",
"url": "https://bugzilla.suse.com/1242035"
},
{
"category": "self",
"summary": "SUSE Bug 1242044",
"url": "https://bugzilla.suse.com/1242044"
},
{
"category": "self",
"summary": "SUSE Bug 1242163",
"url": "https://bugzilla.suse.com/1242163"
},
{
"category": "self",
"summary": "SUSE Bug 1242203",
"url": "https://bugzilla.suse.com/1242203"
},
{
"category": "self",
"summary": "SUSE Bug 1242343",
"url": "https://bugzilla.suse.com/1242343"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242417",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "self",
"summary": "SUSE Bug 1242501",
"url": "https://bugzilla.suse.com/1242501"
},
{
"category": "self",
"summary": "SUSE Bug 1242502",
"url": "https://bugzilla.suse.com/1242502"
},
{
"category": "self",
"summary": "SUSE Bug 1242506",
"url": "https://bugzilla.suse.com/1242506"
},
{
"category": "self",
"summary": "SUSE Bug 1242507",
"url": "https://bugzilla.suse.com/1242507"
},
{
"category": "self",
"summary": "SUSE Bug 1242509",
"url": "https://bugzilla.suse.com/1242509"
},
{
"category": "self",
"summary": "SUSE Bug 1242510",
"url": "https://bugzilla.suse.com/1242510"
},
{
"category": "self",
"summary": "SUSE Bug 1242512",
"url": "https://bugzilla.suse.com/1242512"
},
{
"category": "self",
"summary": "SUSE Bug 1242513",
"url": "https://bugzilla.suse.com/1242513"
},
{
"category": "self",
"summary": "SUSE Bug 1242514",
"url": "https://bugzilla.suse.com/1242514"
},
{
"category": "self",
"summary": "SUSE Bug 1242520",
"url": "https://bugzilla.suse.com/1242520"
},
{
"category": "self",
"summary": "SUSE Bug 1242523",
"url": "https://bugzilla.suse.com/1242523"
},
{
"category": "self",
"summary": "SUSE Bug 1242524",
"url": "https://bugzilla.suse.com/1242524"
},
{
"category": "self",
"summary": "SUSE Bug 1242529",
"url": "https://bugzilla.suse.com/1242529"
},
{
"category": "self",
"summary": "SUSE Bug 1242530",
"url": "https://bugzilla.suse.com/1242530"
},
{
"category": "self",
"summary": "SUSE Bug 1242531",
"url": "https://bugzilla.suse.com/1242531"
},
{
"category": "self",
"summary": "SUSE Bug 1242532",
"url": "https://bugzilla.suse.com/1242532"
},
{
"category": "self",
"summary": "SUSE Bug 1242559",
"url": "https://bugzilla.suse.com/1242559"
},
{
"category": "self",
"summary": "SUSE Bug 1242563",
"url": "https://bugzilla.suse.com/1242563"
},
{
"category": "self",
"summary": "SUSE Bug 1242564",
"url": "https://bugzilla.suse.com/1242564"
},
{
"category": "self",
"summary": "SUSE Bug 1242565",
"url": "https://bugzilla.suse.com/1242565"
},
{
"category": "self",
"summary": "SUSE Bug 1242566",
"url": "https://bugzilla.suse.com/1242566"
},
{
"category": "self",
"summary": "SUSE Bug 1242567",
"url": "https://bugzilla.suse.com/1242567"
},
{
"category": "self",
"summary": "SUSE Bug 1242568",
"url": "https://bugzilla.suse.com/1242568"
},
{
"category": "self",
"summary": "SUSE Bug 1242569",
"url": "https://bugzilla.suse.com/1242569"
},
{
"category": "self",
"summary": "SUSE Bug 1242574",
"url": "https://bugzilla.suse.com/1242574"
},
{
"category": "self",
"summary": "SUSE Bug 1242575",
"url": "https://bugzilla.suse.com/1242575"
},
{
"category": "self",
"summary": "SUSE Bug 1242578",
"url": "https://bugzilla.suse.com/1242578"
},
{
"category": "self",
"summary": "SUSE Bug 1242584",
"url": "https://bugzilla.suse.com/1242584"
},
{
"category": "self",
"summary": "SUSE Bug 1242585",
"url": "https://bugzilla.suse.com/1242585"
},
{
"category": "self",
"summary": "SUSE Bug 1242587",
"url": "https://bugzilla.suse.com/1242587"
},
{
"category": "self",
"summary": "SUSE Bug 1242591",
"url": "https://bugzilla.suse.com/1242591"
},
{
"category": "self",
"summary": "SUSE Bug 1242709",
"url": "https://bugzilla.suse.com/1242709"
},
{
"category": "self",
"summary": "SUSE Bug 1242727",
"url": "https://bugzilla.suse.com/1242727"
},
{
"category": "self",
"summary": "SUSE Bug 1242758",
"url": "https://bugzilla.suse.com/1242758"
},
{
"category": "self",
"summary": "SUSE Bug 1242760",
"url": "https://bugzilla.suse.com/1242760"
},
{
"category": "self",
"summary": "SUSE Bug 1242761",
"url": "https://bugzilla.suse.com/1242761"
},
{
"category": "self",
"summary": "SUSE Bug 1242762",
"url": "https://bugzilla.suse.com/1242762"
},
{
"category": "self",
"summary": "SUSE Bug 1242763",
"url": "https://bugzilla.suse.com/1242763"
},
{
"category": "self",
"summary": "SUSE Bug 1242764",
"url": "https://bugzilla.suse.com/1242764"
},
{
"category": "self",
"summary": "SUSE Bug 1242766",
"url": "https://bugzilla.suse.com/1242766"
},
{
"category": "self",
"summary": "SUSE Bug 1242770",
"url": "https://bugzilla.suse.com/1242770"
},
{
"category": "self",
"summary": "SUSE Bug 1242778",
"url": "https://bugzilla.suse.com/1242778"
},
{
"category": "self",
"summary": "SUSE Bug 1242781",
"url": "https://bugzilla.suse.com/1242781"
},
{
"category": "self",
"summary": "SUSE Bug 1242782",
"url": "https://bugzilla.suse.com/1242782"
},
{
"category": "self",
"summary": "SUSE Bug 1242785",
"url": "https://bugzilla.suse.com/1242785"
},
{
"category": "self",
"summary": "SUSE Bug 1242786",
"url": "https://bugzilla.suse.com/1242786"
},
{
"category": "self",
"summary": "SUSE Bug 1242792",
"url": "https://bugzilla.suse.com/1242792"
},
{
"category": "self",
"summary": "SUSE Bug 1242849",
"url": "https://bugzilla.suse.com/1242849"
},
{
"category": "self",
"summary": "SUSE Bug 1242852",
"url": "https://bugzilla.suse.com/1242852"
},
{
"category": "self",
"summary": "SUSE Bug 1242854",
"url": "https://bugzilla.suse.com/1242854"
},
{
"category": "self",
"summary": "SUSE Bug 1242856",
"url": "https://bugzilla.suse.com/1242856"
},
{
"category": "self",
"summary": "SUSE Bug 1242859",
"url": "https://bugzilla.suse.com/1242859"
},
{
"category": "self",
"summary": "SUSE Bug 1242860",
"url": "https://bugzilla.suse.com/1242860"
},
{
"category": "self",
"summary": "SUSE Bug 1242861",
"url": "https://bugzilla.suse.com/1242861"
},
{
"category": "self",
"summary": "SUSE Bug 1242866",
"url": "https://bugzilla.suse.com/1242866"
},
{
"category": "self",
"summary": "SUSE Bug 1242867",
"url": "https://bugzilla.suse.com/1242867"
},
{
"category": "self",
"summary": "SUSE Bug 1242868",
"url": "https://bugzilla.suse.com/1242868"
},
{
"category": "self",
"summary": "SUSE Bug 1242871",
"url": "https://bugzilla.suse.com/1242871"
},
{
"category": "self",
"summary": "SUSE Bug 1242873",
"url": "https://bugzilla.suse.com/1242873"
},
{
"category": "self",
"summary": "SUSE Bug 1242875",
"url": "https://bugzilla.suse.com/1242875"
},
{
"category": "self",
"summary": "SUSE Bug 1242906",
"url": "https://bugzilla.suse.com/1242906"
},
{
"category": "self",
"summary": "SUSE Bug 1242908",
"url": "https://bugzilla.suse.com/1242908"
},
{
"category": "self",
"summary": "SUSE Bug 1242924",
"url": "https://bugzilla.suse.com/1242924"
},
{
"category": "self",
"summary": "SUSE Bug 1242930",
"url": "https://bugzilla.suse.com/1242930"
},
{
"category": "self",
"summary": "SUSE Bug 1242944",
"url": "https://bugzilla.suse.com/1242944"
},
{
"category": "self",
"summary": "SUSE Bug 1242945",
"url": "https://bugzilla.suse.com/1242945"
},
{
"category": "self",
"summary": "SUSE Bug 1242948",
"url": "https://bugzilla.suse.com/1242948"
},
{
"category": "self",
"summary": "SUSE Bug 1242949",
"url": "https://bugzilla.suse.com/1242949"
},
{
"category": "self",
"summary": "SUSE Bug 1242951",
"url": "https://bugzilla.suse.com/1242951"
},
{
"category": "self",
"summary": "SUSE Bug 1242953",
"url": "https://bugzilla.suse.com/1242953"
},
{
"category": "self",
"summary": "SUSE Bug 1242955",
"url": "https://bugzilla.suse.com/1242955"
},
{
"category": "self",
"summary": "SUSE Bug 1242957",
"url": "https://bugzilla.suse.com/1242957"
},
{
"category": "self",
"summary": "SUSE Bug 1242959",
"url": "https://bugzilla.suse.com/1242959"
},
{
"category": "self",
"summary": "SUSE Bug 1242961",
"url": "https://bugzilla.suse.com/1242961"
},
{
"category": "self",
"summary": "SUSE Bug 1242962",
"url": "https://bugzilla.suse.com/1242962"
},
{
"category": "self",
"summary": "SUSE Bug 1242973",
"url": "https://bugzilla.suse.com/1242973"
},
{
"category": "self",
"summary": "SUSE Bug 1242974",
"url": "https://bugzilla.suse.com/1242974"
},
{
"category": "self",
"summary": "SUSE Bug 1242977",
"url": "https://bugzilla.suse.com/1242977"
},
{
"category": "self",
"summary": "SUSE Bug 1242990",
"url": "https://bugzilla.suse.com/1242990"
},
{
"category": "self",
"summary": "SUSE Bug 1242993",
"url": "https://bugzilla.suse.com/1242993"
},
{
"category": "self",
"summary": "SUSE Bug 1243000",
"url": "https://bugzilla.suse.com/1243000"
},
{
"category": "self",
"summary": "SUSE Bug 1243006",
"url": "https://bugzilla.suse.com/1243006"
},
{
"category": "self",
"summary": "SUSE Bug 1243011",
"url": "https://bugzilla.suse.com/1243011"
},
{
"category": "self",
"summary": "SUSE Bug 1243015",
"url": "https://bugzilla.suse.com/1243015"
},
{
"category": "self",
"summary": "SUSE Bug 1243044",
"url": "https://bugzilla.suse.com/1243044"
},
{
"category": "self",
"summary": "SUSE Bug 1243049",
"url": "https://bugzilla.suse.com/1243049"
},
{
"category": "self",
"summary": "SUSE Bug 1243056",
"url": "https://bugzilla.suse.com/1243056"
},
{
"category": "self",
"summary": "SUSE Bug 1243074",
"url": "https://bugzilla.suse.com/1243074"
},
{
"category": "self",
"summary": "SUSE Bug 1243076",
"url": "https://bugzilla.suse.com/1243076"
},
{
"category": "self",
"summary": "SUSE Bug 1243077",
"url": "https://bugzilla.suse.com/1243077"
},
{
"category": "self",
"summary": "SUSE Bug 1243082",
"url": "https://bugzilla.suse.com/1243082"
},
{
"category": "self",
"summary": "SUSE Bug 1243090",
"url": "https://bugzilla.suse.com/1243090"
},
{
"category": "self",
"summary": "SUSE Bug 1243330",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243456",
"url": "https://bugzilla.suse.com/1243456"
},
{
"category": "self",
"summary": "SUSE Bug 1243469",
"url": "https://bugzilla.suse.com/1243469"
},
{
"category": "self",
"summary": "SUSE Bug 1243470",
"url": "https://bugzilla.suse.com/1243470"
},
{
"category": "self",
"summary": "SUSE Bug 1243471",
"url": "https://bugzilla.suse.com/1243471"
},
{
"category": "self",
"summary": "SUSE Bug 1243472",
"url": "https://bugzilla.suse.com/1243472"
},
{
"category": "self",
"summary": "SUSE Bug 1243473",
"url": "https://bugzilla.suse.com/1243473"
},
{
"category": "self",
"summary": "SUSE Bug 1243476",
"url": "https://bugzilla.suse.com/1243476"
},
{
"category": "self",
"summary": "SUSE Bug 1243509",
"url": "https://bugzilla.suse.com/1243509"
},
{
"category": "self",
"summary": "SUSE Bug 1243511",
"url": "https://bugzilla.suse.com/1243511"
},
{
"category": "self",
"summary": "SUSE Bug 1243513",
"url": "https://bugzilla.suse.com/1243513"
},
{
"category": "self",
"summary": "SUSE Bug 1243515",
"url": "https://bugzilla.suse.com/1243515"
},
{
"category": "self",
"summary": "SUSE Bug 1243516",
"url": "https://bugzilla.suse.com/1243516"
},
{
"category": "self",
"summary": "SUSE Bug 1243517",
"url": "https://bugzilla.suse.com/1243517"
},
{
"category": "self",
"summary": "SUSE Bug 1243519",
"url": "https://bugzilla.suse.com/1243519"
},
{
"category": "self",
"summary": "SUSE Bug 1243522",
"url": "https://bugzilla.suse.com/1243522"
},
{
"category": "self",
"summary": "SUSE Bug 1243524",
"url": "https://bugzilla.suse.com/1243524"
},
{
"category": "self",
"summary": "SUSE Bug 1243528",
"url": "https://bugzilla.suse.com/1243528"
},
{
"category": "self",
"summary": "SUSE Bug 1243529",
"url": "https://bugzilla.suse.com/1243529"
},
{
"category": "self",
"summary": "SUSE Bug 1243530",
"url": "https://bugzilla.suse.com/1243530"
},
{
"category": "self",
"summary": "SUSE Bug 1243534",
"url": "https://bugzilla.suse.com/1243534"
},
{
"category": "self",
"summary": "SUSE Bug 1243536",
"url": "https://bugzilla.suse.com/1243536"
},
{
"category": "self",
"summary": "SUSE Bug 1243539",
"url": "https://bugzilla.suse.com/1243539"
},
{
"category": "self",
"summary": "SUSE Bug 1243540",
"url": "https://bugzilla.suse.com/1243540"
},
{
"category": "self",
"summary": "SUSE Bug 1243541",
"url": "https://bugzilla.suse.com/1243541"
},
{
"category": "self",
"summary": "SUSE Bug 1243543",
"url": "https://bugzilla.suse.com/1243543"
},
{
"category": "self",
"summary": "SUSE Bug 1243545",
"url": "https://bugzilla.suse.com/1243545"
},
{
"category": "self",
"summary": "SUSE Bug 1243547",
"url": "https://bugzilla.suse.com/1243547"
},
{
"category": "self",
"summary": "SUSE Bug 1243559",
"url": "https://bugzilla.suse.com/1243559"
},
{
"category": "self",
"summary": "SUSE Bug 1243560",
"url": "https://bugzilla.suse.com/1243560"
},
{
"category": "self",
"summary": "SUSE Bug 1243562",
"url": "https://bugzilla.suse.com/1243562"
},
{
"category": "self",
"summary": "SUSE Bug 1243567",
"url": "https://bugzilla.suse.com/1243567"
},
{
"category": "self",
"summary": "SUSE Bug 1243573",
"url": "https://bugzilla.suse.com/1243573"
},
{
"category": "self",
"summary": "SUSE Bug 1243574",
"url": "https://bugzilla.suse.com/1243574"
},
{
"category": "self",
"summary": "SUSE Bug 1243575",
"url": "https://bugzilla.suse.com/1243575"
},
{
"category": "self",
"summary": "SUSE Bug 1243589",
"url": "https://bugzilla.suse.com/1243589"
},
{
"category": "self",
"summary": "SUSE Bug 1243621",
"url": "https://bugzilla.suse.com/1243621"
},
{
"category": "self",
"summary": "SUSE Bug 1243624",
"url": "https://bugzilla.suse.com/1243624"
},
{
"category": "self",
"summary": "SUSE Bug 1243625",
"url": "https://bugzilla.suse.com/1243625"
},
{
"category": "self",
"summary": "SUSE Bug 1243626",
"url": "https://bugzilla.suse.com/1243626"
},
{
"category": "self",
"summary": "SUSE Bug 1243627",
"url": "https://bugzilla.suse.com/1243627"
},
{
"category": "self",
"summary": "SUSE Bug 1243649",
"url": "https://bugzilla.suse.com/1243649"
},
{
"category": "self",
"summary": "SUSE Bug 1243657",
"url": "https://bugzilla.suse.com/1243657"
},
{
"category": "self",
"summary": "SUSE Bug 1243658",
"url": "https://bugzilla.suse.com/1243658"
},
{
"category": "self",
"summary": "SUSE Bug 1243659",
"url": "https://bugzilla.suse.com/1243659"
},
{
"category": "self",
"summary": "SUSE Bug 1243660",
"url": "https://bugzilla.suse.com/1243660"
},
{
"category": "self",
"summary": "SUSE Bug 1243664",
"url": "https://bugzilla.suse.com/1243664"
},
{
"category": "self",
"summary": "SUSE Bug 1243737",
"url": "https://bugzilla.suse.com/1243737"
},
{
"category": "self",
"summary": "SUSE Bug 1243782",
"url": "https://bugzilla.suse.com/1243782"
},
{
"category": "self",
"summary": "SUSE Bug 1243805",
"url": "https://bugzilla.suse.com/1243805"
},
{
"category": "self",
"summary": "SUSE Bug 1243963",
"url": "https://bugzilla.suse.com/1243963"
},
{
"category": "self",
"summary": "SUSE Bug 1244145",
"url": "https://bugzilla.suse.com/1244145"
},
{
"category": "self",
"summary": "SUSE Bug 1244261",
"url": "https://bugzilla.suse.com/1244261"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52888 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53146 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46713 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50223 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53135 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54458 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58098 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58100 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21629 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21648 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21919 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22030 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22056 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22063 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22070 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22089 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22095 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22124 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22126 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23147 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23148 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23150 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23151 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23157 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23158 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23159 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23161 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37740 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37748 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37769 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37771 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37788 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37789 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37800 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37803 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37805 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37809 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37841 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37849 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37851 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37867 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37879 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37897 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37900 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37901 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37903 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37929 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37944 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37949 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37954 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37958 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37974 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37980 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37982 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37983 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37986 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37989 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37990 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38152 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38240 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40325 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40325/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-06-15T13:06:50Z",
"generator": {
"date": "2025-06-15T13:06:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20408-1",
"initial_release_date": "2025-06-15T13:06:50Z",
"revision_history": [
{
"date": "2025-06-15T13:06:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-30.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-30.1.aarch64",
"product_id": "kernel-default-6.4.0-30.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-30.1.21.8.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-30.1.21.8.aarch64",
"product_id": "kernel-default-base-6.4.0-30.1.21.8.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-30.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-30.1.noarch",
"product_id": "kernel-devel-6.4.0-30.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-30.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-30.1.noarch",
"product_id": "kernel-macros-6.4.0-30.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-30.1.noarch",
"product": {
"name": "kernel-source-6.4.0-30.1.noarch",
"product_id": "kernel-source-6.4.0-30.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-30.1.s390x",
"product": {
"name": "kernel-default-6.4.0-30.1.s390x",
"product_id": "kernel-default-6.4.0-30.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-30.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-30.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-30.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-30.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-30.1.x86_64",
"product_id": "kernel-default-6.4.0-30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-30.1.21.8.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-30.1.21.8.x86_64",
"product_id": "kernel-default-base-6.4.0-30.1.21.8.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-30.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-30.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-30.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-30.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-30.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-30.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-30.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x"
},
"product_reference": "kernel-default-6.4.0-30.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-30.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-30.1.21.8.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-30.1.21.8.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-30.1.21.8.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-30.1.21.8.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-30.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-30.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-30.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-30.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-30.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-30.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64"
},
"product_reference": "kernel-kvmsmall-6.4.0-30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-30.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-30.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-30.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
},
"product_reference": "kernel-source-6.4.0-30.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Only free buffer VA that is not NULL\n\nIn the MediaTek vcodec driver, while mtk_vcodec_mem_free() is mostly\ncalled only when the buffer to free exists, there are some instances\nthat didn\u0027t do the check and triggered warnings in practice.\n\nWe believe those checks were forgotten unintentionally. Add the checks\nback to fix the warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52888",
"url": "https://www.suse.com/security/cve/CVE-2023-52888"
},
{
"category": "external",
"summary": "SUSE Bug 1228557 for CVE-2023-52888",
"url": "https://bugzilla.suse.com/1228557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2023-52888"
},
{
"cve": "CVE-2023-53146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()\n\nIn dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach dw2102_i2c_transfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 950e252cb469\n(\"[media] dw2102: limit messages to buffer size\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53146",
"url": "https://www.suse.com/security/cve/CVE-2023-53146"
},
{
"category": "external",
"summary": "SUSE Bug 1220112 for CVE-2023-53146",
"url": "https://bugzilla.suse.com/1220112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2023-53146"
},
{
"cve": "CVE-2024-43869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix event leak upon exec and file release\n\nThe perf pending task work is never waited upon the matching event\nrelease. In the case of a child event, released via free_event()\ndirectly, this can potentially result in a leaked event, such as in the\nfollowing scenario that doesn\u0027t even require a weak IRQ work\nimplementation to trigger:\n\nschedule()\n prepare_task_switch()\n=======\u003e \u003cNMI\u003e\n perf_event_overflow()\n event-\u003epending_sigtrap = ...\n irq_work_queue(\u0026event-\u003epending_irq)\n\u003c======= \u003c/NMI\u003e\n perf_event_task_sched_out()\n event_sched_out()\n event-\u003epending_sigtrap = 0;\n atomic_long_inc_not_zero(\u0026event-\u003erefcount)\n task_work_add(\u0026event-\u003epending_task)\n finish_lock_switch()\n=======\u003e \u003cIRQ\u003e\n perf_pending_irq()\n //do nothing, rely on pending task work\n\u003c======= \u003c/IRQ\u003e\n\nbegin_new_exec()\n perf_event_exit_task()\n perf_event_exit_event()\n // If is child event\n free_event()\n WARN(atomic_long_cmpxchg(\u0026event-\u003erefcount, 1, 0) != 1)\n // event is leaked\n\nSimilar scenarios can also happen with perf_event_remove_on_exec() or\nsimply against concurrent perf_event_release().\n\nFix this with synchonizing against the possibly remaining pending task\nwork while freeing the event, just like is done with remaining pending\nIRQ work. This means that the pending task callback neither need nor\nshould hold a reference to the event, preventing it from ever beeing\nfreed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43869",
"url": "https://www.suse.com/security/cve/CVE-2024-43869"
},
{
"category": "external",
"summary": "SUSE Bug 1229491 for CVE-2024-43869",
"url": "https://bugzilla.suse.com/1229491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-43869"
},
{
"cve": "CVE-2024-46713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/aux: Fix AUX buffer serialization\n\nOle reported that event-\u003emmap_mutex is strictly insufficient to\nserialize the AUX buffer, add a per RB mutex to fully serialize it.\n\nNote that in the lock order comment the perf_event::mmap_mutex order\nwas already wrong, that is, it nesting under mmap_lock is not new with\nthis patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46713",
"url": "https://www.suse.com/security/cve/CVE-2024-46713"
},
{
"category": "external",
"summary": "SUSE Bug 1230581 for CVE-2024-46713",
"url": "https://bugzilla.suse.com/1230581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-46713"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.com/1232882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-50106"
},
{
"cve": "CVE-2024-50223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50223"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: Fix the potential null pointer dereference in task_numa_work()\n\nWhen running stress-ng-vm-segv test, we found a null pointer dereference\nerror in task_numa_work(). Here is the backtrace:\n\n [323676.066985] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ......\n [323676.067108] CPU: 35 PID: 2694524 Comm: stress-ng-vm-se\n ......\n [323676.067113] pstate: 23401009 (nzCv daif +PAN -UAO +TCO +DIT +SSBS BTYPE=--)\n [323676.067115] pc : vma_migratable+0x1c/0xd0\n [323676.067122] lr : task_numa_work+0x1ec/0x4e0\n [323676.067127] sp : ffff8000ada73d20\n [323676.067128] x29: ffff8000ada73d20 x28: 0000000000000000 x27: 000000003e89f010\n [323676.067130] x26: 0000000000080000 x25: ffff800081b5c0d8 x24: ffff800081b27000\n [323676.067133] x23: 0000000000010000 x22: 0000000104d18cc0 x21: ffff0009f7158000\n [323676.067135] x20: 0000000000000000 x19: 0000000000000000 x18: ffff8000ada73db8\n [323676.067138] x17: 0001400000000000 x16: ffff800080df40b0 x15: 0000000000000035\n [323676.067140] x14: ffff8000ada73cc8 x13: 1fffe0017cc72001 x12: ffff8000ada73cc8\n [323676.067142] x11: ffff80008001160c x10: ffff000be639000c x9 : ffff8000800f4ba4\n [323676.067145] x8 : ffff000810375000 x7 : ffff8000ada73974 x6 : 0000000000000001\n [323676.067147] x5 : 0068000b33e26707 x4 : 0000000000000001 x3 : ffff0009f7158000\n [323676.067149] x2 : 0000000000000041 x1 : 0000000000004400 x0 : 0000000000000000\n [323676.067152] Call trace:\n [323676.067153] vma_migratable+0x1c/0xd0\n [323676.067155] task_numa_work+0x1ec/0x4e0\n [323676.067157] task_work_run+0x78/0xd8\n [323676.067161] do_notify_resume+0x1ec/0x290\n [323676.067163] el0_svc+0x150/0x160\n [323676.067167] el0t_64_sync_handler+0xf8/0x128\n [323676.067170] el0t_64_sync+0x17c/0x180\n [323676.067173] Code: d2888001 910003fd f9000bf3 aa0003f3 (f9401000)\n [323676.067177] SMP: stopping secondary CPUs\n [323676.070184] Starting crashdump kernel...\n\nstress-ng-vm-segv in stress-ng is used to stress test the SIGSEGV error\nhandling function of the system, which tries to cause a SIGSEGV error on\nreturn from unmapping the whole address space of the child process.\n\nNormally this program will not cause kernel crashes. But before the\nmunmap system call returns to user mode, a potential task_numa_work()\nfor numa balancing could be added and executed. In this scenario, since the\nchild process has no vma after munmap, the vma_next() in task_numa_work()\nwill return a null pointer even if the vma iterator restarts from 0.\n\nRecheck the vma pointer before dereferencing it in task_numa_work().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50223",
"url": "https://www.suse.com/security/cve/CVE-2024-50223"
},
{
"category": "external",
"summary": "SUSE Bug 1233192 for CVE-2024-50223",
"url": "https://bugzilla.suse.com/1233192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-50223"
},
{
"cve": "CVE-2024-53135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN\n\nHide KVM\u0027s pt_mode module param behind CONFIG_BROKEN, i.e. disable support\nfor virtualizing Intel PT via guest/host mode unless BROKEN=y. There are\nmyriad bugs in the implementation, some of which are fatal to the guest,\nand others which put the stability and health of the host at risk.\n\nFor guest fatalities, the most glaring issue is that KVM fails to ensure\ntracing is disabled, and *stays* disabled prior to VM-Enter, which is\nnecessary as hardware disallows loading (the guest\u0027s) RTIT_CTL if tracing\nis enabled (enforced via a VMX consistency check). Per the SDM:\n\n If the logical processor is operating with Intel PT enabled (if\n IA32_RTIT_CTL.TraceEn = 1) at the time of VM entry, the \"load\n IA32_RTIT_CTL\" VM-entry control must be 0.\n\nOn the host side, KVM doesn\u0027t validate the guest CPUID configuration\nprovided by userspace, and even worse, uses the guest configuration to\ndecide what MSRs to save/load at VM-Enter and VM-Exit. E.g. configuring\nguest CPUID to enumerate more address ranges than are supported in hardware\nwill result in KVM trying to passthrough, save, and load non-existent MSRs,\nwhich generates a variety of WARNs, ToPA ERRORs in the host, a potential\ndeadlock, etc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53135",
"url": "https://www.suse.com/security/cve/CVE-2024-53135"
},
{
"category": "external",
"summary": "SUSE Bug 1234154 for CVE-2024-53135",
"url": "https://bugzilla.suse.com/1234154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-53135"
},
{
"cve": "CVE-2024-54458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: bsg: Set bsg_queue to NULL after removal\n\nCurrently, this does not cause any issues, but I believe it is necessary to\nset bsg_queue to NULL after removing it to prevent potential use-after-free\n(UAF) access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54458",
"url": "https://www.suse.com/security/cve/CVE-2024-54458"
},
{
"category": "external",
"summary": "SUSE Bug 1238992 for CVE-2024-54458",
"url": "https://bugzilla.suse.com/1238992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-54458"
},
{
"cve": "CVE-2024-58098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: track changes_pkt_data property for global functions\n\nWhen processing calls to certain helpers, verifier invalidates all\npacket pointers in a current state. For example, consider the\nfollowing program:\n\n __attribute__((__noinline__))\n long skb_pull_data(struct __sk_buff *sk, __u32 len)\n {\n return bpf_skb_pull_data(sk, len);\n }\n\n SEC(\"tc\")\n int test_invalidate_checks(struct __sk_buff *sk)\n {\n int *p = (void *)(long)sk-\u003edata;\n if ((void *)(p + 1) \u003e (void *)(long)sk-\u003edata_end) return TCX_DROP;\n skb_pull_data(sk, 0);\n *p = 42;\n return TCX_PASS;\n }\n\nAfter a call to bpf_skb_pull_data() the pointer \u0027p\u0027 can\u0027t be used\nsafely. See function filter.c:bpf_helper_changes_pkt_data() for a list\nof such helpers.\n\nAt the moment verifier invalidates packet pointers when processing\nhelper function calls, and does not traverse global sub-programs when\nprocessing calls to global sub-programs. This means that calls to\nhelpers done from global sub-programs do not invalidate pointers in\nthe caller state. E.g. the program above is unsafe, but is not\nrejected by verifier.\n\nThis commit fixes the omission by computing field\nbpf_subprog_info-\u003echanges_pkt_data for each sub-program before main\nverification pass.\nchanges_pkt_data should be set if:\n- subprogram calls helper for which bpf_helper_changes_pkt_data\n returns true;\n- subprogram calls a global function,\n for which bpf_subprog_info-\u003echanges_pkt_data should be set.\n\nThe verifier.c:check_cfg() pass is modified to compute this\ninformation. The commit relies on depth first instruction traversal\ndone by check_cfg() and absence of recursive function calls:\n- check_cfg() would eventually visit every call to subprogram S in a\n state when S is fully explored;\n- when S is fully explored:\n - every direct helper call within S is explored\n (and thus changes_pkt_data is set if needed);\n - every call to subprogram S1 called by S was visited with S1 fully\n explored (and thus S inherits changes_pkt_data from S1).\n\nThe downside of such approach is that dead code elimination is not\ntaken into account: if a helper call inside global function is dead\nbecause of current configuration, verifier would conservatively assume\nthat the call occurs for the purpose of the changes_pkt_data\ncomputation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58098",
"url": "https://www.suse.com/security/cve/CVE-2024-58098"
},
{
"category": "external",
"summary": "SUSE Bug 1242565 for CVE-2024-58098",
"url": "https://bugzilla.suse.com/1242565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-58098"
},
{
"cve": "CVE-2024-58099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame\n\nAndrew and Nikolay reported connectivity issues with Cilium\u0027s service\nload-balancing in case of vmxnet3.\n\nIf a BPF program for native XDP adds an encapsulation header such as\nIPIP and transmits the packet out the same interface, then in case\nof vmxnet3 a corrupted packet is being sent and subsequently dropped\non the path.\n\nvmxnet3_xdp_xmit_frame() which is called e.g. via vmxnet3_run_xdp()\nthrough vmxnet3_xdp_xmit_back() calculates an incorrect DMA address:\n\n page = virt_to_page(xdpf-\u003edata);\n tbi-\u003edma_addr = page_pool_get_dma_addr(page) +\n VMXNET3_XDP_HEADROOM;\n dma_sync_single_for_device(\u0026adapter-\u003epdev-\u003edev,\n tbi-\u003edma_addr, buf_size,\n DMA_TO_DEVICE);\n\nThe above assumes a fixed offset (VMXNET3_XDP_HEADROOM), but the XDP\nBPF program could have moved xdp-\u003edata. While the passed buf_size is\ncorrect (xdpf-\u003elen), the dma_addr needs to have a dynamic offset which\ncan be calculated as xdpf-\u003edata - (void *)xdpf, that is, xdp-\u003edata -\nxdp-\u003edata_hard_start.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58099",
"url": "https://www.suse.com/security/cve/CVE-2024-58099"
},
{
"category": "external",
"summary": "SUSE Bug 1242035 for CVE-2024-58099",
"url": "https://bugzilla.suse.com/1242035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-58099"
},
{
"cve": "CVE-2024-58100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: check changes_pkt_data property for extension programs\n\nWhen processing calls to global sub-programs, verifier decides whether\nto invalidate all packet pointers in current state depending on the\nchanges_pkt_data property of the global sub-program.\n\nBecause of this, an extension program replacing a global sub-program\nmust be compatible with changes_pkt_data property of the sub-program\nbeing replaced.\n\nThis commit:\n- adds changes_pkt_data flag to struct bpf_prog_aux:\n - this flag is set in check_cfg() for main sub-program;\n - in jit_subprogs() for other sub-programs;\n- modifies bpf_check_attach_btf_id() to check changes_pkt_data flag;\n- moves call to check_attach_btf_id() after the call to check_cfg(),\n because it needs changes_pkt_data flag to be set:\n\n bpf_check:\n ... ...\n - check_attach_btf_id resolve_pseudo_ldimm64\n resolve_pseudo_ldimm64 --\u003e bpf_prog_is_offloaded\n bpf_prog_is_offloaded check_cfg\n check_cfg + check_attach_btf_id\n ... ...\n\nThe following fields are set by check_attach_btf_id():\n- env-\u003eops\n- prog-\u003eaux-\u003eattach_btf_trace\n- prog-\u003eaux-\u003eattach_func_name\n- prog-\u003eaux-\u003eattach_func_proto\n- prog-\u003eaux-\u003edst_trampoline\n- prog-\u003eaux-\u003emod\n- prog-\u003eaux-\u003esaved_dst_attach_type\n- prog-\u003eaux-\u003esaved_dst_prog_type\n- prog-\u003eexpected_attach_type\n\nNeither of these fields are used by resolve_pseudo_ldimm64() or\nbpf_prog_offload_verifier_prep() (for netronome and netdevsim\ndrivers), so the reordering is safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58100",
"url": "https://www.suse.com/security/cve/CVE-2024-58100"
},
{
"category": "external",
"summary": "SUSE Bug 1242564 for CVE-2024-58100",
"url": "https://bugzilla.suse.com/1242564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-58100"
},
{
"cve": "CVE-2024-58237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: consider that tail calls invalidate packet pointers\n\nTail-called programs could execute any of the helpers that invalidate\npacket pointers. Hence, conservatively assume that each tail call\ninvalidates packet pointers.\n\nMaking the change in bpf_helper_changes_pkt_data() automatically makes\nuse of check_cfg() logic that computes \u0027changes_pkt_data\u0027 effect for\nglobal sub-programs, such that the following program could be\nrejected:\n\n int tail_call(struct __sk_buff *sk)\n {\n \tbpf_tail_call_static(sk, \u0026jmp_table, 0);\n \treturn 0;\n }\n\n SEC(\"tc\")\n int not_safe(struct __sk_buff *sk)\n {\n \tint *p = (void *)(long)sk-\u003edata;\n \t... make p valid ...\n \ttail_call(sk);\n \t*p = 42; /* this is unsafe */\n \t...\n }\n\nThe tc_bpf2bpf.c:subprog_tc() needs change: mark it as a function that\ncan invalidate packet pointers. Otherwise, it can\u0027t be freplaced with\ntailcall_freplace.c:entry_freplace() that does a tail call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58237",
"url": "https://www.suse.com/security/cve/CVE-2024-58237"
},
{
"category": "external",
"summary": "SUSE Bug 1242574 for CVE-2024-58237",
"url": "https://bugzilla.suse.com/1242574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-58237"
},
{
"cve": "CVE-2025-21629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\n\nThe blamed commit disabled hardware offoad of IPv6 packets with\nextension headers on devices that advertise NETIF_F_IPV6_CSUM,\nbased on the definition of that feature in skbuff.h:\n\n * * - %NETIF_F_IPV6_CSUM\n * - Driver (device) is only able to checksum plain\n * TCP or UDP packets over IPv6. These are specifically\n * unencapsulated packets of the form IPv6|TCP or\n * IPv6|UDP where the Next Header field in the IPv6\n * header is either TCP or UDP. IPv6 extension headers\n * are not supported with this feature. This feature\n * cannot be set in features for a device with\n * NETIF_F_HW_CSUM also set. This feature is being\n * DEPRECATED (see below).\n\nThe change causes skb_warn_bad_offload to fire for BIG TCP\npackets.\n\n[ 496.310233] WARNING: CPU: 13 PID: 23472 at net/core/dev.c:3129 skb_warn_bad_offload+0xc4/0xe0\n\n[ 496.310297] ? skb_warn_bad_offload+0xc4/0xe0\n[ 496.310300] skb_checksum_help+0x129/0x1f0\n[ 496.310303] skb_csum_hwoffload_help+0x150/0x1b0\n[ 496.310306] validate_xmit_skb+0x159/0x270\n[ 496.310309] validate_xmit_skb_list+0x41/0x70\n[ 496.310312] sch_direct_xmit+0x5c/0x250\n[ 496.310317] __qdisc_run+0x388/0x620\n\nBIG TCP introduced an IPV6_TLV_JUMBO IPv6 extension header to\ncommunicate packet length, as this is an IPv6 jumbogram. But, the\nfeature is only enabled on devices that support BIG TCP TSO. The\nheader is only present for PF_PACKET taps like tcpdump, and not\ntransmitted by physical devices.\n\nFor this specific case of extension headers that are not\ntransmitted, return to the situation before the blamed commit\nand support hardware offload.\n\nipv6_has_hopopt_jumbo() tests not only whether this header is present,\nbut also that it is the only extension header before a terminal (L4)\nheader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21629",
"url": "https://www.suse.com/security/cve/CVE-2025-21629"
},
{
"category": "external",
"summary": "SUSE Bug 1235968 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "external",
"summary": "SUSE Bug 1244722 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1244722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "important"
}
],
"title": "CVE-2025-21629"
},
{
"cve": "CVE-2025-21648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\n\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\nresizing hashtable because __GFP_NOWARN is unset. See:\n\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\n\nNote: hashtable resize is only possible from init_netns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21648",
"url": "https://www.suse.com/security/cve/CVE-2025-21648"
},
{
"category": "external",
"summary": "SUSE Bug 1236142 for CVE-2025-21648",
"url": "https://bugzilla.suse.com/1236142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-21648"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: better TEAM_OPTION_TYPE_STRING validation\n\nsyzbot reported following splat [1]\n\nMake sure user-provided data contains one nul byte.\n\n[1]\n BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inline]\n BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714\n string_nocheck lib/vsprintf.c:633 [inline]\n string+0x3ec/0x5f0 lib/vsprintf.c:714\n vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843\n __request_module+0x252/0x9f0 kernel/module/kmod.c:149\n team_mode_get drivers/net/team/team_core.c:480 [inline]\n team_change_mode drivers/net/team/team_core.c:607 [inline]\n team_mode_option_set+0x437/0x970 drivers/net/team/team_core.c:1401\n team_option_set drivers/net/team/team_core.c:375 [inline]\n team_nl_options_set_doit+0x1339/0x1f90 drivers/net/team/team_core.c:2662\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x1214/0x12c0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2543\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:733\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2573\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2627\n __sys_sendmsg net/socket.c:2659 [inline]\n __do_sys_sendmsg net/socket.c:2664 [inline]\n __se_sys_sendmsg net/socket.c:2662 [inline]\n __x64_sys_sendmsg+0x212/0x3c0 net/socket.c:2662\n x64_sys_call+0x2ed6/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21787",
"url": "https://www.suse.com/security/cve/CVE-2025-21787"
},
{
"category": "external",
"summary": "SUSE Bug 1238774 for CVE-2025-21787",
"url": "https://bugzilla.suse.com/1238774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-21787"
},
{
"cve": "CVE-2025-21814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: Ensure info-\u003eenable callback is always set\n\nThe ioctl and sysfs handlers unconditionally call the -\u003eenable callback.\nNot all drivers implement that callback, leading to NULL dereferences.\nExample of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c.\n\nInstead use a dummy callback if no better was specified by the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21814",
"url": "https://www.suse.com/security/cve/CVE-2025-21814"
},
{
"category": "external",
"summary": "SUSE Bug 1238473 for CVE-2025-21814",
"url": "https://bugzilla.suse.com/1238473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-21814"
},
{
"cve": "CVE-2025-21919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Fix potential memory corruption in child_cfs_rq_on_list\n\nchild_cfs_rq_on_list attempts to convert a \u0027prev\u0027 pointer to a cfs_rq.\nThis \u0027prev\u0027 pointer can originate from struct rq\u0027s leaf_cfs_rq_list,\nmaking the conversion invalid and potentially leading to memory\ncorruption. Depending on the relative positions of leaf_cfs_rq_list and\nthe task group (tg) pointer within the struct, this can cause a memory\nfault or access garbage data.\n\nThe issue arises in list_add_leaf_cfs_rq, where both\ncfs_rq-\u003eleaf_cfs_rq_list and rq-\u003eleaf_cfs_rq_list are added to the same\nleaf list. Also, rq-\u003etmp_alone_branch can be set to rq-\u003eleaf_cfs_rq_list.\n\nThis adds a check `if (prev == \u0026rq-\u003eleaf_cfs_rq_list)` after the main\nconditional in child_cfs_rq_on_list. This ensures that the container_of\noperation will convert a correct cfs_rq struct.\n\nThis check is sufficient because only cfs_rqs on the same CPU are added\nto the list, so verifying the \u0027prev\u0027 pointer against the current rq\u0027s list\nhead is enough.\n\nFixes a potential memory corruption issue that due to current struct\nlayout might not be manifesting as a crash but could lead to unpredictable\nbehavior when the layout changes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21919",
"url": "https://www.suse.com/security/cve/CVE-2025-21919"
},
{
"category": "external",
"summary": "SUSE Bug 1240593 for CVE-2025-21919",
"url": "https://bugzilla.suse.com/1240593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-21919"
},
{
"cve": "CVE-2025-21997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix an integer overflow in xp_create_and_assign_umem()\n\nSince the i and pool-\u003echunk_size variables are of type \u0027u32\u0027,\ntheir product can wrap around and then be cast to \u0027u64\u0027.\nThis can lead to two different XDP buffers pointing to the same\nmemory area.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21997",
"url": "https://www.suse.com/security/cve/CVE-2025-21997"
},
{
"category": "external",
"summary": "SUSE Bug 1240823 for CVE-2025-21997",
"url": "https://bugzilla.suse.com/1240823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-21997"
},
{
"cve": "CVE-2025-22005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().\n\nfib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything\nwhen it fails.\n\nCommit 7dd73168e273 (\"ipv6: Always allocate pcpu memory in a fib6_nh\")\nmoved fib_nh_common_init() before alloc_percpu_gfp() within fib6_nh_init()\nbut forgot to add cleanup for fib6_nh-\u003enh_common.nhc_pcpu_rth_output in\ncase it fails to allocate fib6_nh-\u003ert6i_pcpu, resulting in memleak.\n\nLet\u0027s call fib_nh_common_release() and clear nhc_pcpu_rth_output in the\nerror path.\n\nNote that we can remove the fib6_nh_release() call in nh_create_ipv6()\nlater in net-next.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22005",
"url": "https://www.suse.com/security/cve/CVE-2025-22005"
},
{
"category": "external",
"summary": "SUSE Bug 1240866 for CVE-2025-22005",
"url": "https://bugzilla.suse.com/1240866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22005"
},
{
"cve": "CVE-2025-22021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: socket: Lookup orig tuple for IPv6 SNAT\n\nnf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to\nrestore the original 5-tuple in case of SNAT, to be able to find the\nright socket (if any). Then socket_match() can correctly check whether\nthe socket was transparent.\n\nHowever, the IPv6 counterpart (nf_sk_lookup_slow_v6) lacks this\nconntrack lookup, making xt_socket fail to match on the socket when the\npacket was SNATed. Add the same logic to nf_sk_lookup_slow_v6.\n\nIPv6 SNAT is used in Kubernetes clusters for pod-to-world packets, as\npods\u0027 addresses are in the fd00::/8 ULA subnet and need to be replaced\nwith the node\u0027s external address. Cilium leverages Envoy to enforce L7\npolicies, and Envoy uses transparent sockets. Cilium inserts an iptables\nprerouting rule that matches on `-m socket --transparent` and redirects\nthe packets to localhost, but it fails to match SNATed IPv6 packets due\nto that missing conntrack lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22021",
"url": "https://www.suse.com/security/cve/CVE-2025-22021"
},
{
"category": "external",
"summary": "SUSE Bug 1241282 for CVE-2025-22021",
"url": "https://bugzilla.suse.com/1241282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "low"
}
],
"title": "CVE-2025-22021"
},
{
"cve": "CVE-2025-22030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()\n\nCurrently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding\nthe per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_lock\n(through crypto_exit_scomp_ops_async()).\n\nOn the other hand, crypto_alloc_acomp_node() holds the scomp_lock (through\ncrypto_scomp_init_tfm()), and then allocates memory. If the allocation\nresults in reclaim, we may attempt to hold the per-CPU acomp_ctx mutex.\n\nThe above dependencies can cause an ABBA deadlock. For example in the\nfollowing scenario:\n\n(1) Task A running on CPU #1:\n crypto_alloc_acomp_node()\n Holds scomp_lock\n Enters reclaim\n Reads per_cpu_ptr(pool-\u003eacomp_ctx, 1)\n\n(2) Task A is descheduled\n\n(3) CPU #1 goes offline\n zswap_cpu_comp_dead(CPU #1)\n Holds per_cpu_ptr(pool-\u003eacomp_ctx, 1))\n Calls crypto_free_acomp()\n Waits for scomp_lock\n\n(4) Task A running on CPU #2:\n Waits for per_cpu_ptr(pool-\u003eacomp_ctx, 1) // Read on CPU #1\n DEADLOCK\n\nSince there is no requirement to call crypto_free_acomp() with the per-CPU\nacomp_ctx mutex held in zswap_cpu_comp_dead(), move it after the mutex is\nunlocked. Also move the acomp_request_free() and kfree() calls for\nconsistency and to avoid any potential sublte locking dependencies in the\nfuture.\n\nWith this, only setting acomp_ctx fields to NULL occurs with the mutex\nheld. This is similar to how zswap_cpu_comp_prepare() only initializes\nacomp_ctx fields with the mutex held, after performing all allocations\nbefore holding the mutex.\n\nOpportunistically, move the NULL check on acomp_ctx so that it takes place\nbefore the mutex dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22030",
"url": "https://www.suse.com/security/cve/CVE-2025-22030"
},
{
"category": "external",
"summary": "SUSE Bug 1241376 for CVE-2025-22030",
"url": "https://bugzilla.suse.com/1241376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22030"
},
{
"cve": "CVE-2025-22056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_tunnel: fix geneve_opt type confusion addition\n\nWhen handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the\nparsing logic should place every geneve_opt structure one by one\ncompactly. Hence, when deciding the next geneve_opt position, the\npointer addition should be in units of char *.\n\nHowever, the current implementation erroneously does type conversion\nbefore the addition, which will lead to heap out-of-bounds write.\n\n[ 6.989857] ==================================================================\n[ 6.990293] BUG: KASAN: slab-out-of-bounds in nft_tunnel_obj_init+0x977/0xa70\n[ 6.990725] Write of size 124 at addr ffff888005f18974 by task poc/178\n[ 6.991162]\n[ 6.991259] CPU: 0 PID: 178 Comm: poc-oob-write Not tainted 6.1.132 #1\n[ 6.991655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 6.992281] Call Trace:\n[ 6.992423] \u003cTASK\u003e\n[ 6.992586] dump_stack_lvl+0x44/0x5c\n[ 6.992801] print_report+0x184/0x4be\n[ 6.993790] kasan_report+0xc5/0x100\n[ 6.994252] kasan_check_range+0xf3/0x1a0\n[ 6.994486] memcpy+0x38/0x60\n[ 6.994692] nft_tunnel_obj_init+0x977/0xa70\n[ 6.995677] nft_obj_init+0x10c/0x1b0\n[ 6.995891] nf_tables_newobj+0x585/0x950\n[ 6.996922] nfnetlink_rcv_batch+0xdf9/0x1020\n[ 6.998997] nfnetlink_rcv+0x1df/0x220\n[ 6.999537] netlink_unicast+0x395/0x530\n[ 7.000771] netlink_sendmsg+0x3d0/0x6d0\n[ 7.001462] __sock_sendmsg+0x99/0xa0\n[ 7.001707] ____sys_sendmsg+0x409/0x450\n[ 7.002391] ___sys_sendmsg+0xfd/0x170\n[ 7.003145] __sys_sendmsg+0xea/0x170\n[ 7.004359] do_syscall_64+0x5e/0x90\n[ 7.005817] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 7.006127] RIP: 0033:0x7ec756d4e407\n[ 7.006339] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 7.007364] RSP: 002b:00007ffed5d46760 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n[ 7.007827] RAX: ffffffffffffffda RBX: 00007ec756cc4740 RCX: 00007ec756d4e407\n[ 7.008223] RDX: 0000000000000000 RSI: 00007ffed5d467f0 RDI: 0000000000000003\n[ 7.008620] RBP: 00007ffed5d468a0 R08: 0000000000000000 R09: 0000000000000000\n[ 7.009039] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n[ 7.009429] R13: 00007ffed5d478b0 R14: 00007ec756ee5000 R15: 00005cbd4e655cb8\n\nFix this bug with correct pointer addition and conversion in parse\nand dump code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22056",
"url": "https://www.suse.com/security/cve/CVE-2025-22056"
},
{
"category": "external",
"summary": "SUSE Bug 1241525 for CVE-2025-22056",
"url": "https://bugzilla.suse.com/1241525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22056"
},
{
"cve": "CVE-2025-22057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: decrease cached dst counters in dst_release\n\nUpstream fix ac888d58869b (\"net: do not delay dst_entries_add() in\ndst_release()\") moved decrementing the dst count from dst_destroy to\ndst_release to avoid accessing already freed data in case of netns\ndismantle. However in case CONFIG_DST_CACHE is enabled and OvS+tunnels\nare used, this fix is incomplete as the same issue will be seen for\ncached dsts:\n\n Unable to handle kernel paging request at virtual address ffff5aabf6b5c000\n Call trace:\n percpu_counter_add_batch+0x3c/0x160 (P)\n dst_release+0xec/0x108\n dst_cache_destroy+0x68/0xd8\n dst_destroy+0x13c/0x168\n dst_destroy_rcu+0x1c/0xb0\n rcu_do_batch+0x18c/0x7d0\n rcu_core+0x174/0x378\n rcu_core_si+0x18/0x30\n\nFix this by invalidating the cache, and thus decrementing cached dst\ncounters, in dst_release too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22057",
"url": "https://www.suse.com/security/cve/CVE-2025-22057"
},
{
"category": "external",
"summary": "SUSE Bug 1241533 for CVE-2025-22057",
"url": "https://bugzilla.suse.com/1241533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22057"
},
{
"cve": "CVE-2025-22063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets\n\nWhen calling netlbl_conn_setattr(), addr-\u003esa_family is used\nto determine the function behavior. If sk is an IPv4 socket,\nbut the connect function is called with an IPv6 address,\nthe function calipso_sock_setattr() is triggered.\nInside this function, the following code is executed:\n\nsk_fullsock(__sk) ? inet_sk(__sk)-\u003epinet6 : NULL;\n\nSince sk is an IPv4 socket, pinet6 is NULL, leading to a\nnull pointer dereference.\n\nThis patch fixes the issue by checking if inet6_sk(sk)\nreturns a NULL pointer before accessing pinet6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22063",
"url": "https://www.suse.com/security/cve/CVE-2025-22063"
},
{
"category": "external",
"summary": "SUSE Bug 1241351 for CVE-2025-22063",
"url": "https://bugzilla.suse.com/1241351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22063"
},
{
"cve": "CVE-2025-22066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: imx-card: Add NULL check in imx_card_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nimx_card_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22066",
"url": "https://www.suse.com/security/cve/CVE-2025-22066"
},
{
"category": "external",
"summary": "SUSE Bug 1241340 for CVE-2025-22066",
"url": "https://bugzilla.suse.com/1241340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22066"
},
{
"cve": "CVE-2025-22070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: fix NULL pointer dereference on mkdir\n\nWhen a 9p tree was mounted with option \u0027posixacl\u0027, parent directory had a\ndefault ACL set for its subdirectories, e.g.:\n\n setfacl -m default:group:simpsons:rwx parentdir\n\nthen creating a subdirectory crashed 9p client, as v9fs_fid_add() call in\nfunction v9fs_vfs_mkdir_dotl() sets the passed \u0027fid\u0027 pointer to NULL\n(since dafbe689736) even though the subsequent v9fs_set_create_acl() call\nexpects a valid non-NULL \u0027fid\u0027 pointer:\n\n [ 37.273191] BUG: kernel NULL pointer dereference, address: 0000000000000000\n ...\n [ 37.322338] Call Trace:\n [ 37.323043] \u003cTASK\u003e\n [ 37.323621] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434)\n [ 37.324448] ? page_fault_oops (arch/x86/mm/fault.c:714)\n [ 37.325532] ? search_module_extables (kernel/module/main.c:3733)\n [ 37.326742] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.328006] ? search_bpf_extables (kernel/bpf/core.c:804)\n [ 37.329142] ? exc_page_fault (./arch/x86/include/asm/paravirt.h:686 arch/x86/mm/fault.c:1488 arch/x86/mm/fault.c:1538)\n [ 37.330196] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:574)\n [ 37.331330] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.332562] ? v9fs_fid_xattr_get (fs/9p/xattr.c:30) 9p\n [ 37.333824] v9fs_fid_xattr_set (fs/9p/fid.h:23 fs/9p/xattr.c:121) 9p\n [ 37.335077] v9fs_set_acl (fs/9p/acl.c:276) 9p\n [ 37.336112] v9fs_set_create_acl (fs/9p/acl.c:307) 9p\n [ 37.337326] v9fs_vfs_mkdir_dotl (fs/9p/vfs_inode_dotl.c:411) 9p\n [ 37.338590] vfs_mkdir (fs/namei.c:4313)\n [ 37.339535] do_mkdirat (fs/namei.c:4336)\n [ 37.340465] __x64_sys_mkdir (fs/namei.c:4354)\n [ 37.341455] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n [ 37.342447] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by simply swapping the sequence of these two calls in\nv9fs_vfs_mkdir_dotl(), i.e. calling v9fs_set_create_acl() before\nv9fs_fid_add().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22070",
"url": "https://www.suse.com/security/cve/CVE-2025-22070"
},
{
"category": "external",
"summary": "SUSE Bug 1241305 for CVE-2025-22070",
"url": "https://bugzilla.suse.com/1241305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22070"
},
{
"cve": "CVE-2025-22089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Don\u0027t expose hw_counters outside of init net namespace\n\nCommit 467f432a521a (\"RDMA/core: Split port and device counter sysfs\nattributes\") accidentally almost exposed hw counters to non-init net\nnamespaces. It didn\u0027t expose them fully, as an attempt to read any of\nthose counters leads to a crash like this one:\n\n[42021.807566] BUG: kernel NULL pointer dereference, address: 0000000000000028\n[42021.814463] #PF: supervisor read access in kernel mode\n[42021.819549] #PF: error_code(0x0000) - not-present page\n[42021.824636] PGD 0 P4D 0\n[42021.827145] Oops: 0000 [#1] SMP PTI\n[42021.830598] CPU: 82 PID: 2843922 Comm: switchto-defaul Kdump: loaded Tainted: G S W I XXX\n[42021.841697] Hardware name: XXX\n[42021.849619] RIP: 0010:hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.855362] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 49 89 d0 4c 8b 5e 20 48 8b 8f b8 04 00 00 48 81 c7 f0 fa ff ff \u003c48\u003e 8b 41 28 48 29 ce 48 83 c6 d0 48 c1 ee 04 69 d6 ab aa aa aa 48\n[42021.873931] RSP: 0018:ffff97fe90f03da0 EFLAGS: 00010287\n[42021.879108] RAX: ffff9406988a8c60 RBX: ffff940e1072d438 RCX: 0000000000000000\n[42021.886169] RDX: ffff94085f1aa000 RSI: ffff93c6cbbdbcb0 RDI: ffff940c7517aef0\n[42021.893230] RBP: ffff97fe90f03e70 R08: ffff94085f1aa000 R09: 0000000000000000\n[42021.900294] R10: ffff94085f1aa000 R11: ffffffffc0775680 R12: ffffffff87ca2530\n[42021.907355] R13: ffff940651602840 R14: ffff93c6cbbdbcb0 R15: ffff94085f1aa000\n[42021.914418] FS: 00007fda1a3b9700(0000) GS:ffff94453fb80000(0000) knlGS:0000000000000000\n[42021.922423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[42021.928130] CR2: 0000000000000028 CR3: 00000042dcfb8003 CR4: 00000000003726f0\n[42021.935194] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[42021.942257] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[42021.949324] Call Trace:\n[42021.951756] \u003cTASK\u003e\n[42021.953842] [\u003cffffffff86c58674\u003e] ? show_regs+0x64/0x70\n[42021.959030] [\u003cffffffff86c58468\u003e] ? __die+0x78/0xc0\n[42021.963874] [\u003cffffffff86c9ef75\u003e] ? page_fault_oops+0x2b5/0x3b0\n[42021.969749] [\u003cffffffff87674b92\u003e] ? exc_page_fault+0x1a2/0x3c0\n[42021.975549] [\u003cffffffff87801326\u003e] ? asm_exc_page_fault+0x26/0x30\n[42021.981517] [\u003cffffffffc0775680\u003e] ? __pfx_show_hw_stats+0x10/0x10 [ib_core]\n[42021.988482] [\u003cffffffffc077564e\u003e] ? hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.995438] [\u003cffffffff86ac7f8e\u003e] dev_attr_show+0x1e/0x50\n[42022.000803] [\u003cffffffff86a3eeb1\u003e] sysfs_kf_seq_show+0x81/0xe0\n[42022.006508] [\u003cffffffff86a11134\u003e] seq_read_iter+0xf4/0x410\n[42022.011954] [\u003cffffffff869f4b2e\u003e] vfs_read+0x16e/0x2f0\n[42022.017058] [\u003cffffffff869f50ee\u003e] ksys_read+0x6e/0xe0\n[42022.022073] [\u003cffffffff8766f1ca\u003e] do_syscall_64+0x6a/0xa0\n[42022.027441] [\u003cffffffff8780013b\u003e] entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nThe problem can be reproduced using the following steps:\n ip netns add foo\n ip netns exec foo bash\n cat /sys/class/infiniband/mlx4_0/hw_counters/*\n\nThe panic occurs because of casting the device pointer into an\nib_device pointer using container_of() in hw_stat_device_show() is\nwrong and leads to a memory corruption.\n\nHowever the real problem is that hw counters should never been exposed\noutside of the non-init net namespace.\n\nFix this by saving the index of the corresponding attribute group\n(it might be 1 or 2 depending on the presence of driver-specific\nattributes) and zeroing the pointer to hw_counters group for compat\ndevices during the initialization.\n\nWith this fix applied hw_counters are not available in a non-init\nnet namespace:\n find /sys/class/infiniband/mlx4_0/ -name hw_counters\n /sys/class/infiniband/mlx4_0/ports/1/hw_counters\n /sys/class/infiniband/mlx4_0/ports/2/hw_counters\n /sys/class/infiniband/mlx4_0/hw_counters\n\n ip netns add foo\n ip netns exec foo bash\n find /sys/class/infiniband/mlx4_0/ -name hw_counters",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22089",
"url": "https://www.suse.com/security/cve/CVE-2025-22089"
},
{
"category": "external",
"summary": "SUSE Bug 1241538 for CVE-2025-22089",
"url": "https://bugzilla.suse.com/1241538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22089"
},
{
"cve": "CVE-2025-22095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: brcmstb: Fix error path after a call to regulator_bulk_get()\n\nIf the regulator_bulk_get() returns an error and no regulators\nare created, we need to set their number to zero.\n\nIf we don\u0027t do this and the PCIe link up fails, a call to the\nregulator_bulk_free() will result in a kernel panic.\n\nWhile at it, print the error value, as we cannot return an error\nupwards as the kernel will WARN() on an error from add_bus().\n\n[kwilczynski: commit log, use comma in the message to match style with\nother similar messages]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22095",
"url": "https://www.suse.com/security/cve/CVE-2025-22095"
},
{
"category": "external",
"summary": "SUSE Bug 1241519 for CVE-2025-22095",
"url": "https://bugzilla.suse.com/1241519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22095"
},
{
"cve": "CVE-2025-22103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix NULL pointer dereference in l3mdev_l3_rcv\n\nWhen delete l3s ipvlan:\n\n ip link del link eth0 ipvlan1 type ipvlan mode l3s\n\nThis may cause a null pointer dereference:\n\n Call trace:\n ip_rcv_finish+0x48/0xd0\n ip_rcv+0x5c/0x100\n __netif_receive_skb_one_core+0x64/0xb0\n __netif_receive_skb+0x20/0x80\n process_backlog+0xb4/0x204\n napi_poll+0xe8/0x294\n net_rx_action+0xd8/0x22c\n __do_softirq+0x12c/0x354\n\nThis is because l3mdev_l3_rcv() visit dev-\u003el3mdev_ops after\nipvlan_l3s_unregister() assign the dev-\u003el3mdev_ops to NULL. The process\nlike this:\n\n (CPU1) | (CPU2)\n l3mdev_l3_rcv() |\n check dev-\u003epriv_flags: |\n master = skb-\u003edev; |\n |\n | ipvlan_l3s_unregister()\n | set dev-\u003epriv_flags\n | dev-\u003el3mdev_ops = NULL;\n |\n visit master-\u003el3mdev_ops |\n\nTo avoid this by do not set dev-\u003el3mdev_ops when unregister l3s ipvlan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22103",
"url": "https://www.suse.com/security/cve/CVE-2025-22103"
},
{
"category": "external",
"summary": "SUSE Bug 1241448 for CVE-2025-22103",
"url": "https://bugzilla.suse.com/1241448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22103"
},
{
"cve": "CVE-2025-22119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: init wiphy_work before allocating rfkill fails\n\nsyzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1]\n\nAfter rfkill allocation fails, the wiphy release process will be performed,\nwhich will cause cfg80211_dev_free to access the uninitialized wiphy_work\nrelated data.\n\nMove the initialization of wiphy_work to before rfkill initialization to\navoid this issue.\n\n[1]\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn\u0027t initialize this object before use?\nturning off the locking correctness validator.\nCPU: 0 UID: 0 PID: 5935 Comm: syz-executor550 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n assign_lock_key kernel/locking/lockdep.c:983 [inline]\n register_lock_class+0xc39/0x1240 kernel/locking/lockdep.c:1297\n __lock_acquire+0x135/0x3c40 kernel/locking/lockdep.c:5103\n lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162\n cfg80211_dev_free+0x30/0x3d0 net/wireless/core.c:1196\n device_release+0xa1/0x240 drivers/base/core.c:2568\n kobject_cleanup lib/kobject.c:689 [inline]\n kobject_release lib/kobject.c:720 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1e4/0x5a0 lib/kobject.c:737\n put_device+0x1f/0x30 drivers/base/core.c:3774\n wiphy_free net/wireless/core.c:1224 [inline]\n wiphy_new_nm+0x1c1f/0x2160 net/wireless/core.c:562\n ieee80211_alloc_hw_nm+0x1b7a/0x2260 net/mac80211/main.c:835\n mac80211_hwsim_new_radio+0x1d6/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5185\n hwsim_new_radio_nl+0xb42/0x12b0 drivers/net/wireless/virtual/mac80211_hwsim.c:6242\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2533\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1338\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1882\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg net/socket.c:733 [inline]\n ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2573\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2627\n __sys_sendmsg+0x16e/0x220 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n\nClose: https://syzkaller.appspot.com/bug?extid=aaf0488c83d1d5f4f029",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22119",
"url": "https://www.suse.com/security/cve/CVE-2025-22119"
},
{
"category": "external",
"summary": "SUSE Bug 1241576 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "external",
"summary": "SUSE Bug 1241577 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "important"
}
],
"title": "CVE-2025-22119"
},
{
"cve": "CVE-2025-22124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: fix wrong bitmap_limit for clustermd when write sb\n\nIn clustermd, separate write-intent-bitmaps are used for each cluster\nnode:\n\n0 4k 8k 12k\n-------------------------------------------------------------------\n| idle | md super | bm super [0] + bits |\n| bm bits[0, contd] | bm super[1] + bits | bm bits[1, contd] |\n| bm super[2] + bits | bm bits [2, contd] | bm super[3] + bits |\n| bm bits [3, contd] | | |\n\nSo in node 1, pg_index in __write_sb_page() could equal to\nbitmap-\u003estorage.file_pages. Then bitmap_limit will be calculated to\n0. md_super_write() will be called with 0 size.\nThat means the first 4k sb area of node 1 will never be updated\nthrough filemap_write_page().\nThis bug causes hang of mdadm/clustermd_tests/01r1_Grow_resize.\n\nHere use (pg_index % bitmap-\u003estorage.file_pages) to make calculation\nof bitmap_limit correct.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22124",
"url": "https://www.suse.com/security/cve/CVE-2025-22124"
},
{
"category": "external",
"summary": "SUSE Bug 1241595 for CVE-2025-22124",
"url": "https://bugzilla.suse.com/1241595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22124"
},
{
"cve": "CVE-2025-22125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1,raid10: don\u0027t ignore IO flags\n\nIf blk-wbt is enabled by default, it\u0027s found that raid write performance\nis quite bad because all IO are throttled by wbt of underlying disks,\ndue to flag REQ_IDLE is ignored. And turns out this behaviour exist since\nblk-wbt is introduced.\n\nOther than REQ_IDLE, other flags should not be ignored as well, for\nexample REQ_META can be set for filesystems, clearing it can cause priority\nreverse problems; And REQ_NOWAIT should not be cleared as well, because\nio will wait instead of failing directly in underlying disks.\n\nFix those problems by keep IO flags from master bio.\n\nFises: f51d46d0e7cb (\"md: add support for REQ_NOWAIT\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22125",
"url": "https://www.suse.com/security/cve/CVE-2025-22125"
},
{
"category": "external",
"summary": "SUSE Bug 1241596 for CVE-2025-22125",
"url": "https://bugzilla.suse.com/1241596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22125"
},
{
"cve": "CVE-2025-22126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix mddev uaf while iterating all_mddevs list\n\nWhile iterating all_mddevs list from md_notify_reboot() and md_exit(),\nlist_for_each_entry_safe is used, and this can race with deletint the\nnext mddev, causing UAF:\n\nt1:\nspin_lock\n//list_for_each_entry_safe(mddev, n, ...)\n mddev_get(mddev1)\n // assume mddev2 is the next entry\n spin_unlock\n t2:\n //remove mddev2\n ...\n mddev_free\n spin_lock\n list_del\n spin_unlock\n kfree(mddev2)\n mddev_put(mddev1)\n spin_lock\n //continue dereference mddev2-\u003eall_mddevs\n\nThe old helper for_each_mddev() actually grab the reference of mddev2\nwhile holding the lock, to prevent from being freed. This problem can be\nfixed the same way, however, the code will be complex.\n\nHence switch to use list_for_each_entry, in this case mddev_put() can free\nthe mddev1 and it\u0027s not safe as well. Refer to md_seq_show(), also factor\nout a helper mddev_put_locked() to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22126",
"url": "https://www.suse.com/security/cve/CVE-2025-22126"
},
{
"category": "external",
"summary": "SUSE Bug 1241597 for CVE-2025-22126",
"url": "https://bugzilla.suse.com/1241597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22126"
},
{
"cve": "CVE-2025-23140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error\n\nAfter devm_request_irq() fails with error in pci_endpoint_test_request_irq(),\nthe pci_endpoint_test_free_irq_vectors() is called assuming that all IRQs\nhave been released.\n\nHowever, some requested IRQs remain unreleased, so there are still\n/proc/irq/* entries remaining, and this results in WARN() with the\nfollowing message:\n\n remove_proc_entry: removing non-empty directory \u0027irq/30\u0027, leaking at least \u0027pci-endpoint-test.0\u0027\n WARNING: CPU: 0 PID: 202 at fs/proc/generic.c:719 remove_proc_entry +0x190/0x19c\n\nTo solve this issue, set the number of remaining IRQs to test-\u003enum_irqs,\nand release IRQs in advance by calling pci_endpoint_test_release_irq().\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23140",
"url": "https://www.suse.com/security/cve/CVE-2025-23140"
},
{
"category": "external",
"summary": "SUSE Bug 1242763 for CVE-2025-23140",
"url": "https://bugzilla.suse.com/1242763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23140"
},
{
"cve": "CVE-2025-23141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses\n\nAcquire a lock on kvm-\u003esrcu when userspace is getting MP state to handle a\nrather extreme edge case where \"accepting\" APIC events, i.e. processing\npending INIT or SIPI, can trigger accesses to guest memory. If the vCPU\nis in L2 with INIT *and* a TRIPLE_FAULT request pending, then getting MP\nstate will trigger a nested VM-Exit by way of -\u003echeck_nested_events(), and\nemuating the nested VM-Exit can access guest memory.\n\nThe splat was originally hit by syzkaller on a Google-internal kernel, and\nreproduced on an upstream kernel by hacking the triple_fault_event_test\nselftest to stuff a pending INIT, store an MSR on VM-Exit (to generate a\nmemory access on VMX), and do vcpu_mp_state_get() to trigger the scenario.\n\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3-b112d356288b-vmx/pi_lockdep_false_pos-lock #3 Not tainted\n -----------------------------\n include/linux/kvm_host.h:1058 suspicious rcu_dereference_check() usage!\n\n other info that might help us debug this:\n\n rcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by triple_fault_ev/1256:\n #0: ffff88810df5a330 (\u0026vcpu-\u003emutex){+.+.}-{4:4}, at: kvm_vcpu_ioctl+0x8b/0x9a0 [kvm]\n\n stack backtrace:\n CPU: 11 UID: 1000 PID: 1256 Comm: triple_fault_ev Not tainted 6.14.0-rc3-b112d356288b-vmx #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7f/0x90\n lockdep_rcu_suspicious+0x144/0x190\n kvm_vcpu_gfn_to_memslot+0x156/0x180 [kvm]\n kvm_vcpu_read_guest+0x3e/0x90 [kvm]\n read_and_check_msr_entry+0x2e/0x180 [kvm_intel]\n __nested_vmx_vmexit+0x550/0xde0 [kvm_intel]\n kvm_check_nested_events+0x1b/0x30 [kvm]\n kvm_apic_accept_events+0x33/0x100 [kvm]\n kvm_arch_vcpu_ioctl_get_mpstate+0x30/0x1d0 [kvm]\n kvm_vcpu_ioctl+0x33e/0x9a0 [kvm]\n __x64_sys_ioctl+0x8b/0xb0\n do_syscall_64+0x6c/0x170\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23141",
"url": "https://www.suse.com/security/cve/CVE-2025-23141"
},
{
"category": "external",
"summary": "SUSE Bug 1242782 for CVE-2025-23141",
"url": "https://bugzilla.suse.com/1242782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23141"
},
{
"cve": "CVE-2025-23142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: detect and prevent references to a freed transport in sendmsg\n\nsctp_sendmsg() re-uses associations and transports when possible by\ndoing a lookup based on the socket endpoint and the message destination\naddress, and then sctp_sendmsg_to_asoc() sets the selected transport in\nall the message chunks to be sent.\n\nThere\u0027s a possible race condition if another thread triggers the removal\nof that selected transport, for instance, by explicitly unbinding an\naddress with setsockopt(SCTP_SOCKOPT_BINDX_REM), after the chunks have\nbeen set up and before the message is sent. This can happen if the send\nbuffer is full, during the period when the sender thread temporarily\nreleases the socket lock in sctp_wait_for_sndbuf().\n\nThis causes the access to the transport data in\nsctp_outq_select_transport(), when the association outqueue is flushed,\nto result in a use-after-free read.\n\nThis change avoids this scenario by having sctp_transport_free() signal\nthe freeing of the transport, tagging it as \"dead\". In order to do this,\nthe patch restores the \"dead\" bit in struct sctp_transport, which was\nremoved in\ncommit 47faa1e4c50e (\"sctp: remove the dead field of sctp_transport\").\n\nThen, in the scenario where the sender thread has released the socket\nlock in sctp_wait_for_sndbuf(), the bit is checked again after\nre-acquiring the socket lock to detect the deletion. This is done while\nholding a reference to the transport to prevent it from being freed in\nthe process.\n\nIf the transport was deleted while the socket lock was relinquished,\nsctp_sendmsg_to_asoc() will return -EAGAIN to let userspace retry the\nsend.\n\nThe bug was found by a private syzbot instance (see the error report [1]\nand the C reproducer that triggers it [2]).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23142",
"url": "https://www.suse.com/security/cve/CVE-2025-23142"
},
{
"category": "external",
"summary": "SUSE Bug 1242760 for CVE-2025-23142",
"url": "https://bugzilla.suse.com/1242760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23142"
},
{
"cve": "CVE-2025-23144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23144"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbacklight: led_bl: Hold led_access lock when calling led_sysfs_disable()\n\nLockdep detects the following issue on led-backlight removal:\n [ 142.315935] ------------[ cut here ]------------\n [ 142.315954] WARNING: CPU: 2 PID: 292 at drivers/leds/led-core.c:455 led_sysfs_enable+0x54/0x80\n ...\n [ 142.500725] Call trace:\n [ 142.503176] led_sysfs_enable+0x54/0x80 (P)\n [ 142.507370] led_bl_remove+0x80/0xa8 [led_bl]\n [ 142.511742] platform_remove+0x30/0x58\n [ 142.515501] device_remove+0x54/0x90\n ...\n\nIndeed, led_sysfs_enable() has to be called with the led_access\nlock held.\n\nHold the lock when calling led_sysfs_disable().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23144",
"url": "https://www.suse.com/security/cve/CVE-2025-23144"
},
{
"category": "external",
"summary": "SUSE Bug 1242568 for CVE-2025-23144",
"url": "https://bugzilla.suse.com/1242568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23144"
},
{
"cve": "CVE-2025-23146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: ene-kb3930: Fix a potential NULL pointer dereference\n\nThe off_gpios could be NULL. Add missing check in the kb3930_probe().\nThis is similar to the issue fixed in commit b1ba8bcb2d1f\n(\"backlight: hx8357: Fix potential NULL pointer dereference\").\n\nThis was detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23146",
"url": "https://www.suse.com/security/cve/CVE-2025-23146"
},
{
"category": "external",
"summary": "SUSE Bug 1242559 for CVE-2025-23146",
"url": "https://bugzilla.suse.com/1242559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23146"
},
{
"cve": "CVE-2025-23147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: Add NULL pointer check in i3c_master_queue_ibi()\n\nThe I3C master driver may receive an IBI from a target device that has not\nbeen probed yet. In such cases, the master calls `i3c_master_queue_ibi()`\nto queue an IBI work task, leading to \"Unable to handle kernel read from\nunreadable memory\" and resulting in a kernel panic.\n\nTypical IBI handling flow:\n1. The I3C master scans target devices and probes their respective drivers.\n2. The target device driver calls `i3c_device_request_ibi()` to enable IBI\n and assigns `dev-\u003eibi = ibi`.\n3. The I3C master receives an IBI from the target device and calls\n `i3c_master_queue_ibi()` to queue the target device driver\u0027s IBI\n handler task.\n\nHowever, since target device events are asynchronous to the I3C probe\nsequence, step 3 may occur before step 2, causing `dev-\u003eibi` to be `NULL`,\nleading to a kernel panic.\n\nAdd a NULL pointer check in `i3c_master_queue_ibi()` to prevent accessing\nan uninitialized `dev-\u003eibi`, ensuring stability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23147",
"url": "https://www.suse.com/security/cve/CVE-2025-23147"
},
{
"category": "external",
"summary": "SUSE Bug 1242530 for CVE-2025-23147",
"url": "https://bugzilla.suse.com/1242530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23147"
},
{
"cve": "CVE-2025-23148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()\n\nsoc_dev_attr-\u003erevision could be NULL, thus,\na pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23148",
"url": "https://www.suse.com/security/cve/CVE-2025-23148"
},
{
"category": "external",
"summary": "SUSE Bug 1242578 for CVE-2025-23148",
"url": "https://bugzilla.suse.com/1242578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23148"
},
{
"cve": "CVE-2025-23149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: do not start chip while suspended\n\nChecking TPM_CHIP_FLAG_SUSPENDED after the call to tpm_find_get_ops() can\nlead to a spurious tpm_chip_start() call:\n\n[35985.503771] i2c i2c-1: Transfer while suspended\n[35985.503796] WARNING: CPU: 0 PID: 74 at drivers/i2c/i2c-core.h:56 __i2c_transfer+0xbe/0x810\n[35985.503802] Modules linked in:\n[35985.503808] CPU: 0 UID: 0 PID: 74 Comm: hwrng Tainted: G W 6.13.0-next-20250203-00005-gfa0cb5642941 #19 9c3d7f78192f2d38e32010ac9c90fdc71109ef6f\n[35985.503814] Tainted: [W]=WARN\n[35985.503817] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[35985.503819] RIP: 0010:__i2c_transfer+0xbe/0x810\n[35985.503825] Code: 30 01 00 00 4c 89 f7 e8 40 fe d8 ff 48 8b 93 80 01 00 00 48 85 d2 75 03 49 8b 16 48 c7 c7 0a fb 7c a7 48 89 c6 e8 32 ad b0 fe \u003c0f\u003e 0b b8 94 ff ff ff e9 33 04 00 00 be 02 00 00 00 83 fd 02 0f 5\n[35985.503828] RSP: 0018:ffffa106c0333d30 EFLAGS: 00010246\n[35985.503833] RAX: 074ba64aa20f7000 RBX: ffff8aa4c1167120 RCX: 0000000000000000\n[35985.503836] RDX: 0000000000000000 RSI: ffffffffa77ab0e4 RDI: 0000000000000001\n[35985.503838] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\n[35985.503841] R10: 0000000000000004 R11: 00000001000313d5 R12: ffff8aa4c10f1820\n[35985.503843] R13: ffff8aa4c0e243c0 R14: ffff8aa4c1167250 R15: ffff8aa4c1167120\n[35985.503846] FS: 0000000000000000(0000) GS:ffff8aa4eae00000(0000) knlGS:0000000000000000\n[35985.503849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[35985.503852] CR2: 00007fab0aaf1000 CR3: 0000000105328000 CR4: 00000000003506f0\n[35985.503855] Call Trace:\n[35985.503859] \u003cTASK\u003e\n[35985.503863] ? __warn+0xd4/0x260\n[35985.503868] ? __i2c_transfer+0xbe/0x810\n[35985.503874] ? report_bug+0xf3/0x210\n[35985.503882] ? handle_bug+0x63/0xb0\n[35985.503887] ? exc_invalid_op+0x16/0x50\n[35985.503892] ? asm_exc_invalid_op+0x16/0x20\n[35985.503904] ? __i2c_transfer+0xbe/0x810\n[35985.503913] tpm_cr50_i2c_transfer_message+0x24/0xf0\n[35985.503920] tpm_cr50_i2c_read+0x8e/0x120\n[35985.503928] tpm_cr50_request_locality+0x75/0x170\n[35985.503935] tpm_chip_start+0x116/0x160\n[35985.503942] tpm_try_get_ops+0x57/0x90\n[35985.503948] tpm_find_get_ops+0x26/0xd0\n[35985.503955] tpm_get_random+0x2d/0x80\n\nDon\u0027t move forward with tpm_chip_start() inside tpm_try_get_ops(), unless\nTPM_CHIP_FLAG_SUSPENDED is not set. tpm_find_get_ops() will return NULL in\nsuch a failure case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23149",
"url": "https://www.suse.com/security/cve/CVE-2025-23149"
},
{
"category": "external",
"summary": "SUSE Bug 1242758 for CVE-2025-23149",
"url": "https://bugzilla.suse.com/1242758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23149"
},
{
"cve": "CVE-2025-23150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off-by-one error in do_split\n\nSyzkaller detected a use-after-free issue in ext4_insert_dentry that was\ncaused by out-of-bounds access due to incorrect splitting in do_split.\n\nBUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nWrite of size 251 at addr ffff888074572f14 by task syz-executor335/5847\n\nCPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\n ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\n add_dirent_to_buf+0x3d9/0x750 fs/ext4/namei.c:2154\n make_indexed_dir+0xf98/0x1600 fs/ext4/namei.c:2351\n ext4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2455\n ext4_add_nondir+0x8d/0x290 fs/ext4/namei.c:2796\n ext4_symlink+0x920/0xb50 fs/ext4/namei.c:3431\n vfs_symlink+0x137/0x2e0 fs/namei.c:4615\n do_symlinkat+0x222/0x3a0 fs/namei.c:4641\n __do_sys_symlink fs/namei.c:4662 [inline]\n __se_sys_symlink fs/namei.c:4660 [inline]\n __x64_sys_symlink+0x7a/0x90 fs/namei.c:4660\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThe following loop is located right above \u0027if\u0027 statement.\n\nfor (i = count-1; i \u003e= 0; i--) {\n\t/* is more than half of this entry in 2nd half of the block? */\n\tif (size + map[i].size/2 \u003e blocksize/2)\n\t\tbreak;\n\tsize += map[i].size;\n\tmove++;\n}\n\n\u0027i\u0027 in this case could go down to -1, in which case sum of active entries\nwouldn\u0027t exceed half the block size, but previous behaviour would also do\nsplit in half if sum would exceed at the very last block, which in case of\nhaving too many long name files in a single block could lead to\nout-of-bounds access and following use-after-free.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23150",
"url": "https://www.suse.com/security/cve/CVE-2025-23150"
},
{
"category": "external",
"summary": "SUSE Bug 1242513 for CVE-2025-23150",
"url": "https://bugzilla.suse.com/1242513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23150"
},
{
"cve": "CVE-2025-23151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Fix race between unprepare and queue_buf\n\nA client driver may use mhi_unprepare_from_transfer() to quiesce\nincoming data during the client driver\u0027s tear down. The client driver\nmight also be processing data at the same time, resulting in a call to\nmhi_queue_buf() which will invoke mhi_gen_tre(). If mhi_gen_tre() runs\nafter mhi_unprepare_from_transfer() has torn down the channel, a panic\nwill occur due to an invalid dereference leading to a page fault.\n\nThis occurs because mhi_gen_tre() does not verify the channel state\nafter locking it. Fix this by having mhi_gen_tre() confirm the channel\nstate is valid, or return error to avoid accessing deinitialized data.\n\n[mani: added stable tag]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23151",
"url": "https://www.suse.com/security/cve/CVE-2025-23151"
},
{
"category": "external",
"summary": "SUSE Bug 1242512 for CVE-2025-23151",
"url": "https://bugzilla.suse.com/1242512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23151"
},
{
"cve": "CVE-2025-23156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: refactor hfi packet parsing logic\n\nwords_count denotes the number of words in total payload, while data\npoints to payload of various property within it. When words_count\nreaches last word, data can access memory beyond the total payload. This\ncan lead to OOB access. With this patch, the utility api for handling\nindividual properties now returns the size of data consumed. Accordingly\nremaining bytes are calculated before parsing the payload, thereby\neliminates the OOB access possibilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23156",
"url": "https://www.suse.com/security/cve/CVE-2025-23156"
},
{
"category": "external",
"summary": "SUSE Bug 1242569 for CVE-2025-23156",
"url": "https://bugzilla.suse.com/1242569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23156"
},
{
"cve": "CVE-2025-23157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: add check to avoid out of bound access\n\nThere is a possibility that init_codecs is invoked multiple times during\nmanipulated payload from video firmware. In such case, if codecs_count\ncan get incremented to value more than MAX_CODEC_NUM, there can be OOB\naccess. Reset the count so that it always starts from beginning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23157",
"url": "https://www.suse.com/security/cve/CVE-2025-23157"
},
{
"category": "external",
"summary": "SUSE Bug 1242532 for CVE-2025-23157",
"url": "https://bugzilla.suse.com/1242532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23157"
},
{
"cve": "CVE-2025-23158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add check to handle incorrect queue size\n\nqsize represents size of shared queued between driver and video\nfirmware. Firmware can modify this value to an invalid large value. In\nsuch situation, empty_space will be bigger than the space actually\navailable. Since new_wr_idx is not checked, so the following code will\nresult in an OOB write.\n...\nqsize = qhdr-\u003eq_size\n\nif (wr_idx \u003e= rd_idx)\n empty_space = qsize - (wr_idx - rd_idx)\n....\nif (new_wr_idx \u003c qsize) {\n memcpy(wr_ptr, packet, dwords \u003c\u003c 2) --\u003e OOB write\n\nAdd check to ensure qsize is within the allocated size while\nreading and writing packets into the queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23158",
"url": "https://www.suse.com/security/cve/CVE-2025-23158"
},
{
"category": "external",
"summary": "SUSE Bug 1242531 for CVE-2025-23158",
"url": "https://bugzilla.suse.com/1242531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23158"
},
{
"cve": "CVE-2025-23159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add a check to handle OOB in sfr region\n\nsfr-\u003ebuf_size is in shared memory and can be modified by malicious user.\nOOB write is possible when the size is made higher than actual sfr data\nbuffer. Cap the size to allocated size for such cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23159",
"url": "https://www.suse.com/security/cve/CVE-2025-23159"
},
{
"category": "external",
"summary": "SUSE Bug 1242529 for CVE-2025-23159",
"url": "https://bugzilla.suse.com/1242529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23159"
},
{
"cve": "CVE-2025-23160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization\n\nOn Mediatek devices with a system companion processor (SCP) the mtk_scp\nstructure has to be removed explicitly to avoid a resource leak.\nFree the structure in case the allocation of the firmware structure fails\nduring the firmware initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23160",
"url": "https://www.suse.com/security/cve/CVE-2025-23160"
},
{
"category": "external",
"summary": "SUSE Bug 1242507 for CVE-2025-23160",
"url": "https://bugzilla.suse.com/1242507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23160"
},
{
"cve": "CVE-2025-23161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type\n\nThe access to the PCI config space via pci_ops::read and pci_ops::write is\na low-level hardware access. The functions can be accessed with disabled\ninterrupts even on PREEMPT_RT. The pci_lock is a raw_spinlock_t for this\npurpose.\n\nA spinlock_t becomes a sleeping lock on PREEMPT_RT, so it cannot be\nacquired with disabled interrupts. The vmd_dev::cfg_lock is accessed in\nthe same context as the pci_lock.\n\nMake vmd_dev::cfg_lock a raw_spinlock_t type so it can be used with\ninterrupts disabled.\n\nThis was reported as:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n Call Trace:\n rt_spin_lock+0x4e/0x130\n vmd_pci_read+0x8d/0x100 [vmd]\n pci_user_read_config_byte+0x6f/0xe0\n pci_read_config+0xfe/0x290\n sysfs_kf_bin_read+0x68/0x90\n\n[bigeasy: reword commit message]\nTested-off-by: Luis Claudio R. Goncalves \u003clgoncalv@redhat.com\u003e\n[kwilczynski: commit log]\n[bhelgaas: add back report info from\nhttps://lore.kernel.org/lkml/20241218115951.83062-1-ryotkkr98@gmail.com/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23161",
"url": "https://www.suse.com/security/cve/CVE-2025-23161"
},
{
"category": "external",
"summary": "SUSE Bug 1242792 for CVE-2025-23161",
"url": "https://bugzilla.suse.com/1242792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23161"
},
{
"cve": "CVE-2025-37740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add sanity check for agwidth in dbMount\n\nThe width in dmapctl of the AG is zero, it trigger a divide error when\ncalculating the control page level in dbAllocAG.\n\nTo avoid this issue, add a check for agwidth in dbAllocAG.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37740",
"url": "https://www.suse.com/security/cve/CVE-2025-37740"
},
{
"category": "external",
"summary": "SUSE Bug 1243006 for CVE-2025-37740",
"url": "https://bugzilla.suse.com/1243006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37740"
},
{
"cve": "CVE-2025-37741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Prevent copying of nlink with value 0 from disk inode\n\nsyzbot report a deadlock in diFree. [1]\n\nWhen calling \"ioctl$LOOP_SET_STATUS64\", the offset value passed in is 4,\nwhich does not match the mounted loop device, causing the mapping of the\nmounted loop device to be invalidated.\n\nWhen creating the directory and creating the inode of iag in diReadSpecial(),\nread the page of fixed disk inode (AIT) in raw mode in read_metapage(), the\nmetapage data it returns is corrupted, which causes the nlink value of 0 to be\nassigned to the iag inode when executing copy_from_dinode(), which ultimately\ncauses a deadlock when entering diFree().\n\nTo avoid this, first check the nlink value of dinode before setting iag inode.\n\n[1]\nWARNING: possible recursive locking detected\n6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0 Not tainted\n--------------------------------------------\nsyz-executor301/5309 is trying to acquire lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n\nbut task is already holding lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026(imap-\u003eim_aglock[index]));\n lock(\u0026(imap-\u003eim_aglock[index]));\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n5 locks held by syz-executor301/5309:\n #0: ffff8880422a4420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:515\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:850 [inline]\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: filename_create+0x260/0x540 fs/namei.c:4026\n #2: ffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2460 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocAG+0x4b7/0x1e50 fs/jfs/jfs_imap.c:1669\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2477 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocAG+0x869/0x1e50 fs/jfs/jfs_imap.c:1669\n\nstack backtrace:\nCPU: 0 UID: 0 PID: 5309 Comm: syz-executor301 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_deadlock_bug+0x483/0x620 kernel/locking/lockdep.c:3037\n check_deadlock kernel/locking/lockdep.c:3089 [inline]\n validate_chain+0x15e2/0x5920 kernel/locking/lockdep.c:3891\n __lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5202\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825\n __mutex_lock_common kernel/locking/mutex.c:608 [inline]\n __mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752\n diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n jfs_evict_inode+0x32d/0x440 fs/jfs/inode.c:156\n evict+0x4e8/0x9b0 fs/inode.c:725\n diFreeSpecial fs/jfs/jfs_imap.c:552 [inline]\n duplicateIXtree+0x3c6/0x550 fs/jfs/jfs_imap.c:3022\n diNewIAG fs/jfs/jfs_imap.c:2597 [inline]\n diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n diAllocAG+0x17dc/0x1e50 fs/jfs/jfs_imap.c:1669\n diAlloc+0x1d2/0x1630 fs/jfs/jfs_imap.c:1590\n ialloc+0x8f/0x900 fs/jfs/jfs_inode.c:56\n jfs_mkdir+0x1c5/0xba0 fs/jfs/namei.c:225\n vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257\n do_mkdirat+0x264/0x3a0 fs/namei.c:4280\n __do_sys_mkdirat fs/namei.c:4295 [inline]\n __se_sys_mkdirat fs/namei.c:4293 [inline]\n __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293\n do_syscall_x64 arch/x86/en\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37741",
"url": "https://www.suse.com/security/cve/CVE-2025-37741"
},
{
"category": "external",
"summary": "SUSE Bug 1243015 for CVE-2025-37741",
"url": "https://bugzilla.suse.com/1243015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37741"
},
{
"cve": "CVE-2025-37742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix uninit-value access of imap allocated in the diMount() function\n\nsyzbot reports that hex_dump_to_buffer is using uninit-value:\n\n=====================================================\nBUG: KMSAN: uninit-value in hex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nhex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nprint_hex_dump+0x13d/0x3e0 lib/hexdump.c:276\ndiFree+0x5ba/0x4350 fs/jfs/jfs_imap.c:876\njfs_evict_inode+0x510/0x550 fs/jfs/inode.c:156\nevict+0x723/0xd10 fs/inode.c:796\niput_final fs/inode.c:1946 [inline]\niput+0x97b/0xdb0 fs/inode.c:1972\ntxUpdateMap+0xf3e/0x1150 fs/jfs/jfs_txnmgr.c:2367\ntxLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline]\njfs_lazycommit+0x627/0x11d0 fs/jfs/jfs_txnmgr.c:2733\nkthread+0x6b9/0xef0 kernel/kthread.c:464\nret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:148\nret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nUninit was created at:\nslab_post_alloc_hook mm/slub.c:4121 [inline]\nslab_alloc_node mm/slub.c:4164 [inline]\n__kmalloc_cache_noprof+0x8e3/0xdf0 mm/slub.c:4320\nkmalloc_noprof include/linux/slab.h:901 [inline]\ndiMount+0x61/0x7f0 fs/jfs/jfs_imap.c:105\njfs_mount+0xa8e/0x11d0 fs/jfs/jfs_mount.c:176\njfs_fill_super+0xa47/0x17c0 fs/jfs/super.c:523\nget_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636\nget_tree_bdev+0x37/0x50 fs/super.c:1659\njfs_get_tree+0x34/0x40 fs/jfs/super.c:635\nvfs_get_tree+0xb1/0x5a0 fs/super.c:1814\ndo_new_mount+0x71f/0x15e0 fs/namespace.c:3560\npath_mount+0x742/0x1f10 fs/namespace.c:3887\ndo_mount fs/namespace.c:3900 [inline]\n__do_sys_mount fs/namespace.c:4111 [inline]\n__se_sys_mount+0x71f/0x800 fs/namespace.c:4088\n__x64_sys_mount+0xe4/0x150 fs/namespace.c:4088\nx64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\n=====================================================\n\nThe reason is that imap is not properly initialized after memory\nallocation. It will cause the snprintf() function to write uninitialized\ndata into linebuf within hex_dump_to_buffer().\n\nFix this by using kzalloc instead of kmalloc to clear its content at the\nbeginning in diMount().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37742",
"url": "https://www.suse.com/security/cve/CVE-2025-37742"
},
{
"category": "external",
"summary": "SUSE Bug 1243011 for CVE-2025-37742",
"url": "https://bugzilla.suse.com/1243011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37742"
},
{
"cve": "CVE-2025-37743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Avoid memory leak while enabling statistics\n\nDriver uses monitor destination rings for extended statistics mode and\nstandalone monitor mode. In extended statistics mode, TLVs are parsed from\nthe buffer received from the monitor destination ring and assigned to the\nppdu_info structure to update per-packet statistics. In standalone monitor\nmode, along with per-packet statistics, the packet data (payload) is\ncaptured, and the driver updates per MSDU to mac80211.\n\nWhen the AP interface is enabled, only extended statistics mode is\nactivated. As part of enabling monitor rings for collecting statistics,\nthe driver subscribes to HAL_RX_MPDU_START TLV in the filter\nconfiguration. This TLV is received from the monitor destination ring, and\nkzalloc for the mon_mpdu object occurs, which is not freed, leading to a\nmemory leak. The kzalloc for the mon_mpdu object is only required while\nenabling the standalone monitor interface. This causes a memory leak while\nenabling extended statistics mode in the driver.\n\nFix this memory leak by removing the kzalloc for the mon_mpdu object in\nthe HAL_RX_MPDU_START TLV handling. Additionally, remove the standalone\nmonitor mode handlings in the HAL_MON_BUF_ADDR and HAL_RX_MSDU_END TLVs.\nThese TLV tags will be handled properly when enabling standalone monitor\nmode in the future.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37743",
"url": "https://www.suse.com/security/cve/CVE-2025-37743"
},
{
"category": "external",
"summary": "SUSE Bug 1242163 for CVE-2025-37743",
"url": "https://bugzilla.suse.com/1242163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37743"
},
{
"cve": "CVE-2025-37747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37747",
"url": "https://www.suse.com/security/cve/CVE-2025-37747"
},
{
"category": "external",
"summary": "SUSE Bug 1242520 for CVE-2025-37747",
"url": "https://bugzilla.suse.com/1242520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37747"
},
{
"cve": "CVE-2025-37748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37748"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group\n\nCurrently, mtk_iommu calls during probe iommu_device_register before\nthe hw_list from driver data is initialized. Since iommu probing issue\nfix, it leads to NULL pointer dereference in mtk_iommu_device_group when\nhw_list is accessed with list_first_entry (not null safe).\n\nSo, change the call order to ensure iommu_device_register is called\nafter the driver data are initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37748",
"url": "https://www.suse.com/security/cve/CVE-2025-37748"
},
{
"category": "external",
"summary": "SUSE Bug 1242523 for CVE-2025-37748",
"url": "https://bugzilla.suse.com/1242523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37748"
},
{
"cve": "CVE-2025-37749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ppp: Add bound checking for skb data on ppp_sync_txmung\n\nEnsure we have enough data in linear buffer from skb before accessing\ninitial bytes. This prevents potential out-of-bounds accesses\nwhen processing short packets.\n\nWhen ppp_sync_txmung receives an incoming package with an empty\npayload:\n(remote) gef\u27a4 p *(struct pppoe_hdr *) (skb-\u003ehead + skb-\u003enetwork_header)\n$18 = {\n\ttype = 0x1,\n\tver = 0x1,\n\tcode = 0x0,\n\tsid = 0x2,\n length = 0x0,\n\ttag = 0xffff8880371cdb96\n}\n\nfrom the skb struct (trimmed)\n tail = 0x16,\n end = 0x140,\n head = 0xffff88803346f400 \"4\",\n data = 0xffff88803346f416 \":\\377\",\n truesize = 0x380,\n len = 0x0,\n data_len = 0x0,\n mac_len = 0xe,\n hdr_len = 0x0,\n\nit is not safe to access data[2].\n\n[pabeni@redhat.com: fixed subj typo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37749",
"url": "https://www.suse.com/security/cve/CVE-2025-37749"
},
{
"category": "external",
"summary": "SUSE Bug 1242859 for CVE-2025-37749",
"url": "https://bugzilla.suse.com/1242859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37749"
},
{
"cve": "CVE-2025-37750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in decryption with multichannel\n\nAfter commit f7025d861694 (\"smb: client: allocate crypto only for\nprimary server\") and commit b0abcd65ec54 (\"smb: client: fix UAF in\nasync decryption\"), the channels started reusing AEAD TFM from primary\nchannel to perform synchronous decryption, but that can\u0027t done as\nthere could be multiple cifsd threads (one per channel) simultaneously\naccessing it to perform decryption.\n\nThis fixes the following KASAN splat when running fstest generic/249\nwith \u0027vers=3.1.1,multichannel,max_channels=4,seal\u0027 against Windows\nServer 2022:\n\nBUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xba/0x110\nRead of size 8 at addr ffff8881046c18a0 by task cifsd/986\nCPU: 3 UID: 0 PID: 986 Comm: cifsd Not tainted 6.15.0-rc1 #1\nPREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n print_report+0x156/0x528\n ? gf128mul_4k_lle+0xba/0x110\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? gf128mul_4k_lle+0xba/0x110\n kasan_report+0xdf/0x1a0\n ? gf128mul_4k_lle+0xba/0x110\n gf128mul_4k_lle+0xba/0x110\n ghash_update+0x189/0x210\n shash_ahash_update+0x295/0x370\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_extract_iter_to_sg+0x10/0x10\n ? ___kmalloc_large_node+0x10e/0x180\n ? __asan_memset+0x23/0x50\n crypto_ahash_update+0x3c/0xc0\n gcm_hash_assoc_remain_continue+0x93/0xc0\n crypt_message+0xe09/0xec0 [cifs]\n ? __pfx_crypt_message+0x10/0x10 [cifs]\n ? _raw_spin_unlock+0x23/0x40\n ? __pfx_cifs_readv_from_socket+0x10/0x10 [cifs]\n decrypt_raw_data+0x229/0x380 [cifs]\n ? __pfx_decrypt_raw_data+0x10/0x10 [cifs]\n ? __pfx_cifs_read_iter_from_socket+0x10/0x10 [cifs]\n smb3_receive_transform+0x837/0xc80 [cifs]\n ? __pfx_smb3_receive_transform+0x10/0x10 [cifs]\n ? __pfx___might_resched+0x10/0x10\n ? __pfx_smb3_is_transform_hdr+0x10/0x10 [cifs]\n cifs_demultiplex_thread+0x692/0x1570 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n ? rcu_is_watching+0x20/0x50\n ? rcu_lockdep_current_cpu_online+0x62/0xb0\n ? find_held_lock+0x32/0x90\n ? kvm_sched_clock_read+0x11/0x20\n ? local_clock_noinstr+0xd/0xd0\n ? trace_irq_enable.constprop.0+0xa8/0xe0\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0x1fe/0x380\n ? kthread+0x10f/0x380\n ? __pfx_kthread+0x10/0x10\n ? local_clock_noinstr+0xd/0xd0\n ? ret_from_fork+0x1b/0x60\n ? local_clock+0x15/0x30\n ? lock_release+0x29b/0x390\n ? rcu_is_watching+0x20/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37750",
"url": "https://www.suse.com/security/cve/CVE-2025-37750"
},
{
"category": "external",
"summary": "SUSE Bug 1242510 for CVE-2025-37750",
"url": "https://bugzilla.suse.com/1242510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37750"
},
{
"cve": "CVE-2025-37754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/huc: Fix fence not released on early probe errors\n\nHuC delayed loading fence, introduced with commit 27536e03271da\n(\"drm/i915/huc: track delayed HuC load with a fence\"), is registered with\nobject tracker early on driver probe but unregistered only from driver\nremove, which is not called on early probe errors. Since its memory is\nallocated under devres, then released anyway, it may happen to be\nallocated again to the fence and reused on future driver probes, resulting\nin kernel warnings that taint the kernel:\n\n\u003c4\u003e [309.731371] ------------[ cut here ]------------\n\u003c3\u003e [309.731373] ODEBUG: init destroyed (active state 0) object: ffff88813d7dd2e0 object type: i915_sw_fence hint: sw_fence_dummy_notify+0x0/0x20 [i915]\n\u003c4\u003e [309.731575] WARNING: CPU: 2 PID: 3161 at lib/debugobjects.c:612 debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731693] CPU: 2 UID: 0 PID: 3161 Comm: i915_module_loa Tainted: G U 6.14.0-CI_DRM_16362-gf0fd77956987+ #1\n...\n\u003c4\u003e [309.731700] RIP: 0010:debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731728] Call Trace:\n\u003c4\u003e [309.731730] \u003cTASK\u003e\n...\n\u003c4\u003e [309.731949] __debug_object_init+0x17b/0x1c0\n\u003c4\u003e [309.731957] debug_object_init+0x34/0x50\n\u003c4\u003e [309.732126] __i915_sw_fence_init+0x34/0x60 [i915]\n\u003c4\u003e [309.732256] intel_huc_init_early+0x4b/0x1d0 [i915]\n\u003c4\u003e [309.732468] intel_uc_init_early+0x61/0x680 [i915]\n\u003c4\u003e [309.732667] intel_gt_common_init_early+0x105/0x130 [i915]\n\u003c4\u003e [309.732804] intel_root_gt_init_early+0x63/0x80 [i915]\n\u003c4\u003e [309.732938] i915_driver_probe+0x1fa/0xeb0 [i915]\n\u003c4\u003e [309.733075] i915_pci_probe+0xe6/0x220 [i915]\n\u003c4\u003e [309.733198] local_pci_probe+0x44/0xb0\n\u003c4\u003e [309.733203] pci_device_probe+0xf4/0x270\n\u003c4\u003e [309.733209] really_probe+0xee/0x3c0\n\u003c4\u003e [309.733215] __driver_probe_device+0x8c/0x180\n\u003c4\u003e [309.733219] driver_probe_device+0x24/0xd0\n\u003c4\u003e [309.733223] __driver_attach+0x10f/0x220\n\u003c4\u003e [309.733230] bus_for_each_dev+0x7d/0xe0\n\u003c4\u003e [309.733236] driver_attach+0x1e/0x30\n\u003c4\u003e [309.733239] bus_add_driver+0x151/0x290\n\u003c4\u003e [309.733244] driver_register+0x5e/0x130\n\u003c4\u003e [309.733247] __pci_register_driver+0x7d/0x90\n\u003c4\u003e [309.733251] i915_pci_register_driver+0x23/0x30 [i915]\n\u003c4\u003e [309.733413] i915_init+0x34/0x120 [i915]\n\u003c4\u003e [309.733655] do_one_initcall+0x62/0x3f0\n\u003c4\u003e [309.733667] do_init_module+0x97/0x2a0\n\u003c4\u003e [309.733671] load_module+0x25ff/0x2890\n\u003c4\u003e [309.733688] init_module_from_file+0x97/0xe0\n\u003c4\u003e [309.733701] idempotent_init_module+0x118/0x330\n\u003c4\u003e [309.733711] __x64_sys_finit_module+0x77/0x100\n\u003c4\u003e [309.733715] x64_sys_call+0x1f37/0x2650\n\u003c4\u003e [309.733719] do_syscall_64+0x91/0x180\n\u003c4\u003e [309.733763] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\u003c4\u003e [309.733792] \u003c/TASK\u003e\n...\n\u003c4\u003e [309.733806] ---[ end trace 0000000000000000 ]---\n\nThat scenario is most easily reproducible with\nigt@i915_module_load@reload-with-fault-injection.\n\nFix the issue by moving the cleanup step to driver release path.\n\n(cherry picked from commit 795dbde92fe5c6996a02a5b579481de73035e7bf)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37754",
"url": "https://www.suse.com/security/cve/CVE-2025-37754"
},
{
"category": "external",
"summary": "SUSE Bug 1242524 for CVE-2025-37754",
"url": "https://bugzilla.suse.com/1242524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37754"
},
{
"cve": "CVE-2025-37755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37755"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: handle page_pool_dev_alloc_pages error\n\npage_pool_dev_alloc_pages could return NULL. There was a WARN_ON(!page)\nbut it would still proceed to use the NULL pointer and then crash.\n\nThis is similar to commit 001ba0902046\n(\"net: fec: handle page_pool_dev_alloc_pages error\").\n\nThis is found by our static analysis tool KNighter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37755",
"url": "https://www.suse.com/security/cve/CVE-2025-37755"
},
{
"category": "external",
"summary": "SUSE Bug 1242506 for CVE-2025-37755",
"url": "https://bugzilla.suse.com/1242506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37755"
},
{
"cve": "CVE-2025-37758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()\n\ndevm_ioremap() returns NULL on error. Currently, pxa_ata_probe() does\nnot check for this case, which can result in a NULL pointer dereference.\n\nAdd NULL check after devm_ioremap() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37758",
"url": "https://www.suse.com/security/cve/CVE-2025-37758"
},
{
"category": "external",
"summary": "SUSE Bug 1242514 for CVE-2025-37758",
"url": "https://bugzilla.suse.com/1242514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37758"
},
{
"cve": "CVE-2025-37765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: prime: fix ttm_bo_delayed_delete oops\n\nFix an oops in ttm_bo_delayed_delete which results from dererencing a\ndangling pointer:\n\nOops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [#1] PREEMPT SMP\nCPU: 4 UID: 0 PID: 1082 Comm: kworker/u65:2 Not tainted 6.14.0-rc4-00267-g505460b44513-dirty #216\nHardware name: LENOVO 82N6/LNVNB161216, BIOS GKCN65WW 01/16/2024\nWorkqueue: ttm ttm_bo_delayed_delete [ttm]\nRIP: 0010:dma_resv_iter_first_unlocked+0x55/0x290\nCode: 31 f6 48 c7 c7 00 2b fa aa e8 97 bd 52 ff e8 a2 c1 53 00 5a 85 c0 74 48 e9 88 01 00 00 4c 89 63 20 4d 85 e4 0f 84 30 01 00 00 \u003c41\u003e 8b 44 24 10 c6 43 2c 01 48 89 df 89 43 28 e8 97 fd ff ff 4c 8b\nRSP: 0018:ffffbf9383473d60 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: ffffbf9383473d88 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffbf9383473d78 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 6b6b6b6b6b6b6b6b\nR13: ffffa003bbf78580 R14: ffffa003a6728040 R15: 00000000000383cc\nFS: 0000000000000000(0000) GS:ffffa00991c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000758348024dd0 CR3: 000000012c259000 CR4: 0000000000f50ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x26\n ? die_addr+0x3d/0x70\n ? exc_general_protection+0x159/0x460\n ? asm_exc_general_protection+0x27/0x30\n ? dma_resv_iter_first_unlocked+0x55/0x290\n dma_resv_wait_timeout+0x56/0x100\n ttm_bo_delayed_delete+0x69/0xb0 [ttm]\n process_one_work+0x217/0x5c0\n worker_thread+0x1c8/0x3d0\n ? apply_wqattrs_cleanup.part.0+0xc0/0xc0\n kthread+0x10b/0x240\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork+0x40/0x70\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThe cause of this is:\n\n- drm_prime_gem_destroy calls dma_buf_put(dma_buf) which releases the\n reference to the shared dma_buf. The reference count is 0, so the\n dma_buf is destroyed, which in turn decrements the corresponding\n amdgpu_bo reference count to 0, and the amdgpu_bo is destroyed -\n calling drm_gem_object_release then dma_resv_fini (which destroys the\n reservation object), then finally freeing the amdgpu_bo.\n\n- nouveau_bo obj-\u003ebo.base.resv is now a dangling pointer to the memory\n formerly allocated to the amdgpu_bo.\n\n- nouveau_gem_object_del calls ttm_bo_put(\u0026nvbo-\u003ebo) which calls\n ttm_bo_release, which schedules ttm_bo_delayed_delete.\n\n- ttm_bo_delayed_delete runs and dereferences the dangling resv pointer,\n resulting in a general protection fault.\n\nFix this by moving the drm_prime_gem_destroy call from\nnouveau_gem_object_del to nouveau_bo_del_ttm. This ensures that it will\nbe run after ttm_bo_delayed_delete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37765",
"url": "https://www.suse.com/security/cve/CVE-2025-37765"
},
{
"category": "external",
"summary": "SUSE Bug 1242761 for CVE-2025-37765",
"url": "https://bugzilla.suse.com/1242761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37765"
},
{
"cve": "CVE-2025-37766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37766",
"url": "https://www.suse.com/security/cve/CVE-2025-37766"
},
{
"category": "external",
"summary": "SUSE Bug 1242785 for CVE-2025-37766",
"url": "https://bugzilla.suse.com/1242785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37766"
},
{
"cve": "CVE-2025-37767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37767",
"url": "https://www.suse.com/security/cve/CVE-2025-37767"
},
{
"category": "external",
"summary": "SUSE Bug 1242501 for CVE-2025-37767",
"url": "https://bugzilla.suse.com/1242501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37767"
},
{
"cve": "CVE-2025-37768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37768",
"url": "https://www.suse.com/security/cve/CVE-2025-37768"
},
{
"category": "external",
"summary": "SUSE Bug 1242567 for CVE-2025-37768",
"url": "https://bugzilla.suse.com/1242567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37768"
},
{
"cve": "CVE-2025-37769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm/smu11: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n(cherry picked from commit da7dc714a8f8e1c9fc33c57cd63583779a3bef71)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37769",
"url": "https://www.suse.com/security/cve/CVE-2025-37769"
},
{
"category": "external",
"summary": "SUSE Bug 1242587 for CVE-2025-37769",
"url": "https://bugzilla.suse.com/1242587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37769"
},
{
"cve": "CVE-2025-37770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37770",
"url": "https://www.suse.com/security/cve/CVE-2025-37770"
},
{
"category": "external",
"summary": "SUSE Bug 1242764 for CVE-2025-37770",
"url": "https://bugzilla.suse.com/1242764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37770"
},
{
"cve": "CVE-2025-37771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37771",
"url": "https://www.suse.com/security/cve/CVE-2025-37771"
},
{
"category": "external",
"summary": "SUSE Bug 1242781 for CVE-2025-37771",
"url": "https://bugzilla.suse.com/1242781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37771"
},
{
"cve": "CVE-2025-37772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix workqueue crash in cma_netevent_work_handler\n\nstruct rdma_cm_id has member \"struct work_struct net_work\"\nthat is reused for enqueuing cma_netevent_work_handler()s\nonto cma_wq.\n\nBelow crash[1] can occur if more than one call to\ncma_netevent_callback() occurs in quick succession,\nwhich further enqueues cma_netevent_work_handler()s for the\nsame rdma_cm_id, overwriting any previously queued work-item(s)\nthat was just scheduled to run i.e. there is no guarantee\nthe queued work item may run between two successive calls\nto cma_netevent_callback() and the 2nd INIT_WORK would overwrite\nthe 1st work item (for the same rdma_cm_id), despite grabbing\nid_table_lock during enqueue.\n\nAlso drgn analysis [2] indicates the work item was likely overwritten.\n\nFix this by moving the INIT_WORK() to __rdma_create_id(),\nso that it doesn\u0027t race with any existing queue_work() or\nits worker thread.\n\n[1] Trimmed crash stack:\n=============================================\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nkworker/u256:6 ... 6.12.0-0...\nWorkqueue: cma_netevent_work_handler [rdma_cm] (rdma_cm)\nRIP: 0010:process_one_work+0xba/0x31a\nCall Trace:\n worker_thread+0x266/0x3a0\n kthread+0xcf/0x100\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x1a/0x30\n=============================================\n\n[2] drgn crash analysis:\n\n\u003e\u003e\u003e trace = prog.crashed_thread().stack_trace()\n\u003e\u003e\u003e trace\n(0) crash_setup_regs (./arch/x86/include/asm/kexec.h:111:15)\n(1) __crash_kexec (kernel/crash_core.c:122:4)\n(2) panic (kernel/panic.c:399:3)\n(3) oops_end (arch/x86/kernel/dumpstack.c:382:3)\n...\n(8) process_one_work (kernel/workqueue.c:3168:2)\n(9) process_scheduled_works (kernel/workqueue.c:3310:3)\n(10) worker_thread (kernel/workqueue.c:3391:4)\n(11) kthread (kernel/kthread.c:389:9)\n\nLine workqueue.c:3168 for this kernel version is in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n\n\u003e\u003e\u003e trace[8][\"work\"]\n*(struct work_struct *)0xffff92577d0a21d8 = {\n\t.data = (atomic_long_t){\n\t\t.counter = (s64)536870912, \u003c=== Note\n\t},\n\t.entry = (struct list_head){\n\t\t.next = (struct list_head *)0xffff924d075924c0,\n\t\t.prev = (struct list_head *)0xffff924d075924c0,\n\t},\n\t.func = (work_func_t)cma_netevent_work_handler+0x0 = 0xffffffffc2cec280,\n}\n\nSuspicion is that pwq is NULL:\n\u003e\u003e\u003e trace[8][\"pwq\"]\n(struct pool_workqueue *)\u003cabsent\u003e\n\nIn process_one_work(), pwq is assigned from:\nstruct pool_workqueue *pwq = get_work_pwq(work);\n\nand get_work_pwq() is:\nstatic struct pool_workqueue *get_work_pwq(struct work_struct *work)\n{\n \tunsigned long data = atomic_long_read(\u0026work-\u003edata);\n\n \tif (data \u0026 WORK_STRUCT_PWQ)\n \t\treturn work_struct_pwq(data);\n \telse\n \t\treturn NULL;\n}\n\nWORK_STRUCT_PWQ is 0x4:\n\u003e\u003e\u003e print(repr(prog[\u0027WORK_STRUCT_PWQ\u0027]))\nObject(prog, \u0027enum work_flags\u0027, value=4)\n\nBut work-\u003edata is 536870912 which is 0x20000000.\nSo, get_work_pwq() returns NULL and we crash in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n=============================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37772",
"url": "https://www.suse.com/security/cve/CVE-2025-37772"
},
{
"category": "external",
"summary": "SUSE Bug 1242563 for CVE-2025-37772",
"url": "https://bugzilla.suse.com/1242563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37772"
},
{
"cve": "CVE-2025-37773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtiofs: add filesystem context source name check\n\nIn certain scenarios, for example, during fuzz testing, the source\nname may be NULL, which could lead to a kernel panic. Therefore, an\nextra check for the source name should be added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37773",
"url": "https://www.suse.com/security/cve/CVE-2025-37773"
},
{
"category": "external",
"summary": "SUSE Bug 1242502 for CVE-2025-37773",
"url": "https://bugzilla.suse.com/1242502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37773"
},
{
"cve": "CVE-2025-37780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Prevent the use of too small fid\n\nsyzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1]\n\nThe handle_bytes value passed in by the reproducing program is equal to 12.\nIn handle_to_path(), only 12 bytes of memory are allocated for the structure\nfile_handle-\u003ef_handle member, which causes an out-of-bounds access when\naccessing the member parent_block of the structure isofs_fid in isofs,\nbecause accessing parent_block requires at least 16 bytes of f_handle.\nHere, fh_len is used to indirectly confirm that the value of handle_bytes\nis greater than 3 before accessing parent_block.\n\n[1]\nBUG: KASAN: slab-out-of-bounds in isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\nRead of size 4 at addr ffff0000cc030d94 by task syz-executor215/6466\nCPU: 1 UID: 0 PID: 6466 Comm: syz-executor215 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0x198/0x550 mm/kasan/report.c:521\n kasan_report+0xd8/0x138 mm/kasan/report.c:634\n __asan_report_load4_noabort+0x20/0x2c mm/kasan/report_generic.c:380\n isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\n exportfs_decode_fh_raw+0x2dc/0x608 fs/exportfs/expfs.c:523\n do_handle_to_path+0xa0/0x198 fs/fhandle.c:257\n handle_to_path fs/fhandle.c:385 [inline]\n do_handle_open+0x8cc/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nAllocated by task 6466:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x40/0x50 mm/kasan/generic.c:562\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xac/0xc4 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4294 [inline]\n __kmalloc_noprof+0x32c/0x54c mm/slub.c:4306\n kmalloc_noprof include/linux/slab.h:905 [inline]\n handle_to_path fs/fhandle.c:357 [inline]\n do_handle_open+0x5a4/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37780",
"url": "https://www.suse.com/security/cve/CVE-2025-37780"
},
{
"category": "external",
"summary": "SUSE Bug 1242786 for CVE-2025-37780",
"url": "https://bugzilla.suse.com/1242786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37780"
},
{
"cve": "CVE-2025-37781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: cros-ec-tunnel: defer probe if parent EC is not present\n\nWhen i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent\ndevice will not be found, leading to NULL pointer dereference.\n\nThat can also be reproduced by unbinding the controller driver and then\nloading i2c-cros-ec-tunnel module (or binding the device).\n\n[ 271.991245] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 271.998215] #PF: supervisor read access in kernel mode\n[ 272.003351] #PF: error_code(0x0000) - not-present page\n[ 272.008485] PGD 0 P4D 0\n[ 272.011022] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 272.015207] CPU: 0 UID: 0 PID: 3859 Comm: insmod Tainted: G S 6.15.0-rc1-00004-g44722359ed83 #30 PREEMPT(full) 3c7fb39a552e7d949de2ad921a7d6588d3a4fdc5\n[ 272.030312] Tainted: [S]=CPU_OUT_OF_SPEC\n[ 272.034233] Hardware name: HP Berknip/Berknip, BIOS Google_Berknip.13434.356.0 05/17/2021\n[ 272.042400] RIP: 0010:ec_i2c_probe+0x2b/0x1c0 [i2c_cros_ec_tunnel]\n[ 272.048577] Code: 1f 44 00 00 41 57 41 56 41 55 41 54 53 48 83 ec 10 65 48 8b 05 06 a0 6c e7 48 89 44 24 08 4c 8d 7f 10 48 8b 47 50 4c 8b 60 78 \u003c49\u003e 83 7c 24 58 00 0f 84 2f 01 00 00 48 89 fb be 30 06 00 00 4c 9\n[ 272.067317] RSP: 0018:ffffa32082a03940 EFLAGS: 00010282\n[ 272.072541] RAX: ffff969580b6a810 RBX: ffff969580b68c10 RCX: 0000000000000000\n[ 272.079672] RDX: 0000000000000000 RSI: 0000000000000282 RDI: ffff969580b68c00\n[ 272.086804] RBP: 00000000fffffdfb R08: 0000000000000000 R09: 0000000000000000\n[ 272.093936] R10: 0000000000000000 R11: ffffffffc0600000 R12: 0000000000000000\n[ 272.101067] R13: ffffffffa666fbb8 R14: ffffffffc05b5528 R15: ffff969580b68c10\n[ 272.108198] FS: 00007b930906fc40(0000) GS:ffff969603149000(0000) knlGS:0000000000000000\n[ 272.116282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 272.122024] CR2: 0000000000000058 CR3: 000000012631c000 CR4: 00000000003506f0\n[ 272.129155] Call Trace:\n[ 272.131606] \u003cTASK\u003e\n[ 272.133709] ? acpi_dev_pm_attach+0xdd/0x110\n[ 272.137985] platform_probe+0x69/0xa0\n[ 272.141652] really_probe+0x152/0x310\n[ 272.145318] __driver_probe_device+0x77/0x110\n[ 272.149678] driver_probe_device+0x1e/0x190\n[ 272.153864] __driver_attach+0x10b/0x1e0\n[ 272.157790] ? driver_attach+0x20/0x20\n[ 272.161542] bus_for_each_dev+0x107/0x150\n[ 272.165553] bus_add_driver+0x15d/0x270\n[ 272.169392] driver_register+0x65/0x110\n[ 272.173232] ? cleanup_module+0xa80/0xa80 [i2c_cros_ec_tunnel 3a00532f3f4af4a9eade753f86b0f8dd4e4e5698]\n[ 272.182617] do_one_initcall+0x110/0x350\n[ 272.186543] ? security_kernfs_init_security+0x49/0xd0\n[ 272.191682] ? __kernfs_new_node+0x1b9/0x240\n[ 272.195954] ? security_kernfs_init_security+0x49/0xd0\n[ 272.201093] ? __kernfs_new_node+0x1b9/0x240\n[ 272.205365] ? kernfs_link_sibling+0x105/0x130\n[ 272.209810] ? kernfs_next_descendant_post+0x1c/0xa0\n[ 272.214773] ? kernfs_activate+0x57/0x70\n[ 272.218699] ? kernfs_add_one+0x118/0x160\n[ 272.222710] ? __kernfs_create_file+0x71/0xa0\n[ 272.227069] ? sysfs_add_bin_file_mode_ns+0xd6/0x110\n[ 272.232033] ? internal_create_group+0x453/0x4a0\n[ 272.236651] ? __vunmap_range_noflush+0x214/0x2d0\n[ 272.241355] ? __free_frozen_pages+0x1dc/0x420\n[ 272.245799] ? free_vmap_area_noflush+0x10a/0x1c0\n[ 272.250505] ? load_module+0x1509/0x16f0\n[ 272.254431] do_init_module+0x60/0x230\n[ 272.258181] __se_sys_finit_module+0x27a/0x370\n[ 272.262627] do_syscall_64+0x6a/0xf0\n[ 272.266206] ? do_syscall_64+0x76/0xf0\n[ 272.269956] ? irqentry_exit_to_user_mode+0x79/0x90\n[ 272.274836] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n[ 272.279887] RIP: 0033:0x7b9309168d39\n[ 272.283466] Code: 5b 41 5c 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d af 40 0c 00 f7 d8 64 89 01 8\n[ 272.302210] RSP: 002b:00007fff50f1a288 EFLAGS: 00000246 ORIG_RAX: 000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37781",
"url": "https://www.suse.com/security/cve/CVE-2025-37781"
},
{
"category": "external",
"summary": "SUSE Bug 1242575 for CVE-2025-37781",
"url": "https://bugzilla.suse.com/1242575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37781"
},
{
"cve": "CVE-2025-37782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37782"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37782",
"url": "https://www.suse.com/security/cve/CVE-2025-37782"
},
{
"category": "external",
"summary": "SUSE Bug 1242770 for CVE-2025-37782",
"url": "https://bugzilla.suse.com/1242770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37782"
},
{
"cve": "CVE-2025-37787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered\n\nRussell King reports that a system with mv88e6xxx dereferences a NULL\npointer when unbinding this driver:\nhttps://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/\n\nThe crash seems to be in devlink_region_destroy(), which is not NULL\ntolerant but is given a NULL devlink global region pointer.\n\nAt least on some chips, some devlink regions are conditionally registered\nsince the blamed commit, see mv88e6xxx_setup_devlink_regions_global():\n\n\t\tif (cond \u0026\u0026 !cond(chip))\n\t\t\tcontinue;\n\nThese are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip\ndoes not have an STU or PVT, it should crash like this.\n\nTo fix the issue, avoid unregistering those regions which are NULL, i.e.\nwere skipped at mv88e6xxx_setup_devlink_regions_global() time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37787",
"url": "https://www.suse.com/security/cve/CVE-2025-37787"
},
{
"category": "external",
"summary": "SUSE Bug 1242585 for CVE-2025-37787",
"url": "https://bugzilla.suse.com/1242585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37787"
},
{
"cve": "CVE-2025-37788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path\n\nIn the for loop used to allocate the loc_array and bmap for each port, a\nmemory leak is possible when the allocation for loc_array succeeds,\nbut the allocation for bmap fails. This is because when the control flow\ngoes to the label free_eth_finfo, only the allocations starting from\n(i-1)th iteration are freed.\n\nFix that by freeing the loc_array in the bmap allocation error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37788",
"url": "https://www.suse.com/security/cve/CVE-2025-37788"
},
{
"category": "external",
"summary": "SUSE Bug 1242766 for CVE-2025-37788",
"url": "https://bugzilla.suse.com/1242766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37788"
},
{
"cve": "CVE-2025-37789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix nested key length validation in the set() action\n\nIt\u0027s not safe to access nla_len(ovs_key) if the data is smaller than\nthe netlink header. Check that the attribute is OK first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37789",
"url": "https://www.suse.com/security/cve/CVE-2025-37789"
},
{
"category": "external",
"summary": "SUSE Bug 1242762 for CVE-2025-37789",
"url": "https://bugzilla.suse.com/1242762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37789"
},
{
"cve": "CVE-2025-37790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Set SOCK_RCU_FREE\n\nBind lookup runs under RCU, so ensure that a socket doesn\u0027t go away in\nthe middle of a lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37790",
"url": "https://www.suse.com/security/cve/CVE-2025-37790"
},
{
"category": "external",
"summary": "SUSE Bug 1242509 for CVE-2025-37790",
"url": "https://bugzilla.suse.com/1242509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37790"
},
{
"cve": "CVE-2025-37792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: Prevent potential NULL dereference\n\nThe btrtl_initialize() function checks that rtl_load_file() either\nhad an error or it loaded a zero length file. However, if it loaded\na zero length file then the error code is not set correctly. It\nresults in an error pointer vs NULL bug, followed by a NULL pointer\ndereference. This was detected by Smatch:\n\ndrivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to \u0027ERR_PTR\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37792",
"url": "https://www.suse.com/security/cve/CVE-2025-37792"
},
{
"category": "external",
"summary": "SUSE Bug 1242591 for CVE-2025-37792",
"url": "https://bugzilla.suse.com/1242591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37792"
},
{
"cve": "CVE-2025-37793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\navs_component_probe() does not check for this case, which results in a\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37793",
"url": "https://www.suse.com/security/cve/CVE-2025-37793"
},
{
"category": "external",
"summary": "SUSE Bug 1242584 for CVE-2025-37793",
"url": "https://bugzilla.suse.com/1242584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37793"
},
{
"cve": "CVE-2025-37794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Purge vif txq in ieee80211_do_stop()\n\nAfter ieee80211_do_stop() SKB from vif\u0027s txq could still be processed.\nIndeed another concurrent vif schedule_and_wake_txq call could cause\nthose packets to be dequeued (see ieee80211_handle_wake_tx_queue())\nwithout checking the sdata current state.\n\nBecause vif.drv_priv is now cleared in this function, this could lead to\ndriver crash.\n\nFor example in ath12k, ahvif is store in vif.drv_priv. Thus if\nath12k_mac_op_tx() is called after ieee80211_do_stop(), ahvif-\u003eah can be\nNULL, leading the ath12k_warn(ahvif-\u003eah,...) call in this function to\ntrigger the NULL deref below.\n\n Unable to handle kernel paging request at virtual address dfffffc000000001\n KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n batman_adv: bat0: Interface deactivated: brbh1337\n Mem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n [dfffffc000000001] address between user and kernel address ranges\n Internal error: Oops: 0000000096000004 [#1] SMP\n CPU: 1 UID: 0 PID: 978 Comm: lbd Not tainted 6.13.0-g633f875b8f1e #114\n Hardware name: HW (DT)\n pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k]\n lr : ath12k_mac_op_tx+0x174/0x29b8 [ath12k]\n sp : ffffffc086ace450\n x29: ffffffc086ace450 x28: 0000000000000000 x27: 1ffffff810d59ca4\n x26: ffffff801d05f7c0 x25: 0000000000000000 x24: 000000004000001e\n x23: ffffff8009ce4926 x22: ffffff801f9c0800 x21: ffffff801d05f7f0\n x20: ffffff8034a19f40 x19: 0000000000000000 x18: ffffff801f9c0958\n x17: ffffff800bc0a504 x16: dfffffc000000000 x15: ffffffc086ace4f8\n x14: ffffff801d05f83c x13: 0000000000000000 x12: ffffffb003a0bf03\n x11: 0000000000000000 x10: ffffffb003a0bf02 x9 : ffffff8034a19f40\n x8 : ffffff801d05f818 x7 : 1ffffff0069433dc x6 : ffffff8034a19ee0\n x5 : ffffff801d05f7f0 x4 : 0000000000000000 x3 : 0000000000000001\n x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000008\n Call trace:\n ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k] (P)\n ieee80211_handle_wake_tx_queue+0x16c/0x260\n ieee80211_queue_skb+0xeec/0x1d20\n ieee80211_tx+0x200/0x2c8\n ieee80211_xmit+0x22c/0x338\n __ieee80211_subif_start_xmit+0x7e8/0xc60\n ieee80211_subif_start_xmit+0xc4/0xee0\n __ieee80211_subif_start_xmit_8023.isra.0+0x854/0x17a0\n ieee80211_subif_start_xmit_8023+0x124/0x488\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n br_dev_queue_push_xmit+0x120/0x4a8\n __br_forward+0xe4/0x2b0\n deliver_clone+0x5c/0xd0\n br_flood+0x398/0x580\n br_dev_xmit+0x454/0x9f8\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n ip6_finish_output2+0xc28/0x1b60\n __ip6_finish_output+0x38c/0x638\n ip6_output+0x1b4/0x338\n ip6_local_out+0x7c/0xa8\n ip6_send_skb+0x7c/0x1b0\n ip6_push_pending_frames+0x94/0xd0\n rawv6_sendmsg+0x1a98/0x2898\n inet_sendmsg+0x94/0xe0\n __sys_sendto+0x1e4/0x308\n __arm64_sys_sendto+0xc4/0x140\n do_el0_svc+0x110/0x280\n el0_svc+0x20/0x60\n el0t_64_sync_handler+0x104/0x138\n el0t_64_sync+0x154/0x158\n\nTo avoid that, empty vif\u0027s txq at ieee80211_do_stop() so no packet could\nbe dequeued after ieee80211_do_stop() (new packets cannot be queued\nbecause SDATA_STATE_RUNNING is cleared at this point).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37794",
"url": "https://www.suse.com/security/cve/CVE-2025-37794"
},
{
"category": "external",
"summary": "SUSE Bug 1242566 for CVE-2025-37794",
"url": "https://bugzilla.suse.com/1242566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37794"
},
{
"cve": "CVE-2025-37796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: at76c50x: fix use after free access in at76_disconnect\n\nThe memory pointed to by priv is freed at the end of at76_delete_device\nfunction (using ieee80211_free_hw). But the code then accesses the udev\nfield of the freed object to put the USB device. This may also lead to a\nmemory leak of the usb device. Fix this by using udev from interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37796",
"url": "https://www.suse.com/security/cve/CVE-2025-37796"
},
{
"category": "external",
"summary": "SUSE Bug 1242727 for CVE-2025-37796",
"url": "https://bugzilla.suse.com/1242727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37796"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix potential NULL pointer dereference in dev_uevent()\n\nIf userspace reads \"uevent\" device attribute at the same time as another\nthreads unbinds the device from its driver, change to dev-\u003edriver from a\nvalid pointer to NULL may result in crash. Fix this by using READ_ONCE()\nwhen fetching the pointer, and take bus\u0027 drivers klist lock to make sure\ndriver instance will not disappear while we access it.\n\nUse WRITE_ONCE() when setting the driver pointer to ensure there is no\ntearing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37800",
"url": "https://www.suse.com/security/cve/CVE-2025-37800"
},
{
"category": "external",
"summary": "SUSE Bug 1242849 for CVE-2025-37800",
"url": "https://bugzilla.suse.com/1242849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37800"
},
{
"cve": "CVE-2025-37803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudmabuf: fix a buf size overflow issue during udmabuf creation\n\nby casting size_limit_mb to u64 when calculate pglimit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37803",
"url": "https://www.suse.com/security/cve/CVE-2025-37803"
},
{
"category": "external",
"summary": "SUSE Bug 1242852 for CVE-2025-37803",
"url": "https://bugzilla.suse.com/1242852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37803"
},
{
"cve": "CVE-2025-37804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37804"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37804",
"url": "https://www.suse.com/security/cve/CVE-2025-37804"
},
{
"category": "external",
"summary": "SUSE Bug 1242854 for CVE-2025-37804",
"url": "https://bugzilla.suse.com/1242854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37804"
},
{
"cve": "CVE-2025-37805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsound/virtio: Fix cancel_sync warnings on uninitialized work_structs\n\nBetty reported hitting the following warning:\n\n[ 8.709131][ T221] WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182\n...\n[ 8.713282][ T221] Call trace:\n[ 8.713365][ T221] __flush_work+0x8d0/0x914\n[ 8.713468][ T221] __cancel_work_sync+0xac/0xfc\n[ 8.713570][ T221] cancel_work_sync+0x24/0x34\n[ 8.713667][ T221] virtsnd_remove+0xa8/0xf8 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.713868][ T221] virtsnd_probe+0x48c/0x664 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.714035][ T221] virtio_dev_probe+0x28c/0x390\n[ 8.714139][ T221] really_probe+0x1bc/0x4c8\n...\n\nIt seems we\u0027re hitting the error path in virtsnd_probe(), which\ntriggers a virtsnd_remove() which iterates over the substreams\ncalling cancel_work_sync() on the elapsed_period work_struct.\n\nLooking at the code, from earlier in:\nvirtsnd_probe()-\u003evirtsnd_build_devs()-\u003evirtsnd_pcm_parse_cfg()\n\nWe set snd-\u003ensubstreams, allocate the snd-\u003esubstreams, and if\nwe then hit an error on the info allocation or something in\nvirtsnd_ctl_query_info() fails, we will exit without having\ninitialized the elapsed_period work_struct.\n\nWhen that error path unwinds we then call virtsnd_remove()\nwhich as long as the substreams array is allocated, will iterate\nthrough calling cancel_work_sync() on the uninitialized work\nstruct hitting this warning.\n\nTakashi Iwai suggested this fix, which initializes the substreams\nstructure right after allocation, so that if we hit the error\npaths we avoid trying to cleanup uninitialized data.\n\nNote: I have not yet managed to reproduce the issue myself, so\nthis patch has had limited testing.\n\nFeedback or thoughts would be appreciated!",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37805",
"url": "https://www.suse.com/security/cve/CVE-2025-37805"
},
{
"category": "external",
"summary": "SUSE Bug 1242930 for CVE-2025-37805",
"url": "https://bugzilla.suse.com/1242930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37805"
},
{
"cve": "CVE-2025-37809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Fix NULL pointer access\n\nConcurrent calls to typec_partner_unlink_device can lead to a NULL pointer\ndereference. This patch adds a mutex to protect USB device pointers and\nprevent this issue. The same mutex protects both the device pointers and\nthe partner device registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37809",
"url": "https://www.suse.com/security/cve/CVE-2025-37809"
},
{
"category": "external",
"summary": "SUSE Bug 1242856 for CVE-2025-37809",
"url": "https://bugzilla.suse.com/1242856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37809"
},
{
"cve": "CVE-2025-37810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: check that event count does not exceed event buffer length\n\nThe event count is read from register DWC3_GEVNTCOUNT.\nThere is a check for the count being zero, but not for exceeding the\nevent buffer length.\nCheck that event count does not exceed event buffer length,\navoiding an out-of-bounds access when memcpy\u0027ing the event.\nCrash log:\nUnable to handle kernel paging request at virtual address ffffffc0129be000\npc : __memcpy+0x114/0x180\nlr : dwc3_check_event_buf+0xec/0x348\nx3 : 0000000000000030 x2 : 000000000000dfc4\nx1 : ffffffc0129be000 x0 : ffffff87aad60080\nCall trace:\n__memcpy+0x114/0x180\ndwc3_interrupt+0x24/0x34",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37810",
"url": "https://www.suse.com/security/cve/CVE-2025-37810"
},
{
"category": "external",
"summary": "SUSE Bug 1242906 for CVE-2025-37810",
"url": "https://bugzilla.suse.com/1242906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37810"
},
{
"cve": "CVE-2025-37812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: Fix deadlock when using NCM gadget\n\nThe cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit\n58f2fcb3a845 (\"usb: cdnsp: Fix deadlock issue during using NCM gadget\").\n\nUnder PREEMPT_RT the deadlock can be readily triggered by heavy network\ntraffic, for example using \"iperf --bidir\" over NCM ethernet link.\n\nThe deadlock occurs because the threaded interrupt handler gets\npreempted by a softirq, but both are protected by the same spinlock.\nPrevent deadlock by disabling softirq during threaded irq handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37812",
"url": "https://www.suse.com/security/cve/CVE-2025-37812"
},
{
"category": "external",
"summary": "SUSE Bug 1242908 for CVE-2025-37812",
"url": "https://bugzilla.suse.com/1242908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37812"
},
{
"cve": "CVE-2025-37815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration\n\nResolve kernel panic while accessing IRQ handler associated with the\ngenerated IRQ. This is done by acquiring the spinlock and storing the\ncurrent interrupt state before handling the interrupt request using\ngeneric_handle_irq.\n\nA previous fix patch was submitted where \u0027generic_handle_irq\u0027 was\nreplaced with \u0027handle_nested_irq\u0027. However, this change also causes\nthe kernel panic where after determining which GPIO triggered the\ninterrupt and attempting to call handle_nested_irq with the mapped\nIRQ number, leads to a failure in locating the registered handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37815",
"url": "https://www.suse.com/security/cve/CVE-2025-37815"
},
{
"category": "external",
"summary": "SUSE Bug 1242871 for CVE-2025-37815",
"url": "https://bugzilla.suse.com/1242871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37815"
},
{
"cve": "CVE-2025-37819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()\n\nWith ACPI in place, gicv2m_get_fwnode() is registered with the pci\nsubsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime\nduring a PCI host bridge probe. But, the call back is wrongly marked as\n__init, causing it to be freed, while being registered with the PCI\nsubsystem and could trigger:\n\n Unable to handle kernel paging request at virtual address ffff8000816c0400\n gicv2m_get_fwnode+0x0/0x58 (P)\n pci_set_bus_msi_domain+0x74/0x88\n pci_register_host_bridge+0x194/0x548\n\nThis is easily reproducible on a Juno board with ACPI boot.\n\nRetain the function for later use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37819",
"url": "https://www.suse.com/security/cve/CVE-2025-37819"
},
{
"category": "external",
"summary": "SUSE Bug 1242873 for CVE-2025-37819",
"url": "https://bugzilla.suse.com/1242873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37819"
},
{
"cve": "CVE-2025-37820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen-netfront: handle NULL returned by xdp_convert_buff_to_frame()\n\nThe function xdp_convert_buff_to_frame() may return NULL if it fails\nto correctly convert the XDP buffer into an XDP frame due to memory\nconstraints, internal errors, or invalid data. Failing to check for NULL\nmay lead to a NULL pointer dereference if the result is used later in\nprocessing, potentially causing crashes, data corruption, or undefined\nbehavior.\n\nOn XDP redirect failure, the associated page must be released explicitly\nif it was previously retained via get_page(). Failing to do so may result\nin a memory leak, as the pages reference count is not decremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37820",
"url": "https://www.suse.com/security/cve/CVE-2025-37820"
},
{
"category": "external",
"summary": "SUSE Bug 1242866 for CVE-2025-37820",
"url": "https://bugzilla.suse.com/1242866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37820"
},
{
"cve": "CVE-2025-37823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don\u0027t have a reliable reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37823",
"url": "https://www.suse.com/security/cve/CVE-2025-37823"
},
{
"category": "external",
"summary": "SUSE Bug 1242924 for CVE-2025-37823",
"url": "https://bugzilla.suse.com/1242924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37823"
},
{
"cve": "CVE-2025-37824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix NULL pointer dereference in tipc_mon_reinit_self()\n\nsyzbot reported:\n\ntipc: Node number set to 1055423674\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 3 UID: 0 PID: 6017 Comm: kworker/3:5 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: events tipc_net_finalize_work\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tipc_net_finalize+0x10b/0x180 net/tipc/net.c:140\n process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238\n process_scheduled_works kernel/workqueue.c:3319 [inline]\n worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400\n kthread+0x3c2/0x780 kernel/kthread.c:464\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n...\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\nThere is a racing condition between workqueue created when enabling\nbearer and another thread created when disabling bearer right after\nthat as follow:\n\nenabling_bearer | disabling_bearer\n--------------- | ----------------\ntipc_disc_timeout() |\n{ | bearer_disable()\n ... | {\n schedule_work(\u0026tn-\u003ework); | tipc_mon_delete()\n ... | {\n} | ...\n | write_lock_bh(\u0026mon-\u003elock);\n | mon-\u003eself = NULL;\n | write_unlock_bh(\u0026mon-\u003elock);\n | ...\n | }\ntipc_net_finalize_work() | }\n{ |\n ... |\n tipc_net_finalize() |\n { |\n ... |\n tipc_mon_reinit_self() |\n { |\n ... |\n write_lock_bh(\u0026mon-\u003elock); |\n mon-\u003eself-\u003eaddr = tipc_own_addr(net); |\n write_unlock_bh(\u0026mon-\u003elock); |\n ... \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37824",
"url": "https://www.suse.com/security/cve/CVE-2025-37824"
},
{
"category": "external",
"summary": "SUSE Bug 1242867 for CVE-2025-37824",
"url": "https://bugzilla.suse.com/1242867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37824"
},
{
"cve": "CVE-2025-37829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scpi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37829",
"url": "https://www.suse.com/security/cve/CVE-2025-37829"
},
{
"category": "external",
"summary": "SUSE Bug 1242875 for CVE-2025-37829",
"url": "https://bugzilla.suse.com/1242875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37829"
},
{
"cve": "CVE-2025-37830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scmi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.\n\nAdd NULL check after cpufreq_cpu_get_raw() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37830",
"url": "https://www.suse.com/security/cve/CVE-2025-37830"
},
{
"category": "external",
"summary": "SUSE Bug 1242860 for CVE-2025-37830",
"url": "https://bugzilla.suse.com/1242860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37830"
},
{
"cve": "CVE-2025-37831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. apple_soc_cpufreq_get_rate() does not check\nfor this case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37831",
"url": "https://www.suse.com/security/cve/CVE-2025-37831"
},
{
"category": "external",
"summary": "SUSE Bug 1242861 for CVE-2025-37831",
"url": "https://bugzilla.suse.com/1242861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37831"
},
{
"cve": "CVE-2025-37833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads\n\nFix niu_try_msix() to not cause a fatal trap on sparc systems.\n\nSet PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to\nwork around a bug in the hardware or firmware.\n\nFor each vector entry in the msix table, niu chips will cause a fatal\ntrap if any registers in that entry are read before that entries\u0027\nENTRY_DATA register is written to. Testing indicates writes to other\nregisters are not sufficient to prevent the fatal trap, however the value\ndoes not appear to matter. This only needs to happen once after power up,\nso simply rebooting into a kernel lacking this fix will NOT cause the\ntrap.\n\nNON-RESUMABLE ERROR: Reporting on cpu 64\nNON-RESUMABLE ERROR: TPC [0x00000000005f6900] \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\nNON-RESUMABLE ERROR: RAW [4010000000000016:00000e37f93e32ff:0000000202000080:ffffffffffffffff\nNON-RESUMABLE ERROR: 0000000800000000:0000000000000000:0000000000000000:0000000000000000]\nNON-RESUMABLE ERROR: handle [0x4010000000000016] stick [0x00000e37f93e32ff]\nNON-RESUMABLE ERROR: type [precise nonresumable]\nNON-RESUMABLE ERROR: attrs [0x02000080] \u003c ASI sp-faulted priv \u003e\nNON-RESUMABLE ERROR: raddr [0xffffffffffffffff]\nNON-RESUMABLE ERROR: insn effective address [0x000000c50020000c]\nNON-RESUMABLE ERROR: size [0x8]\nNON-RESUMABLE ERROR: asi [0x00]\nCPU: 64 UID: 0 PID: 745 Comm: kworker/64:1 Not tainted 6.11.5 #63\nWorkqueue: events work_for_cpu_fn\nTSTATE: 0000000011001602 TPC: 00000000005f6900 TNPC: 00000000005f6904 Y: 00000000 Not tainted\nTPC: \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\ng0: 00000000000002e9 g1: 000000000000000c g2: 000000c50020000c g3: 0000000000000100\ng4: ffff8000470307c0 g5: ffff800fec5be000 g6: ffff800047a08000 g7: 0000000000000000\no0: ffff800014feb000 o1: ffff800047a0b620 o2: 0000000000000011 o3: ffff800047a0b620\no4: 0000000000000080 o5: 0000000000000011 sp: ffff800047a0ad51 ret_pc: 00000000005f7128\nRPC: \u003c__pci_enable_msix_range+0x3cc/0x460\u003e\nl0: 000000000000000d l1: 000000000000c01f l2: ffff800014feb0a8 l3: 0000000000000020\nl4: 000000000000c000 l5: 0000000000000001 l6: 0000000020000000 l7: ffff800047a0b734\ni0: ffff800014feb000 i1: ffff800047a0b730 i2: 0000000000000001 i3: 000000000000000d\ni4: 0000000000000000 i5: 0000000000000000 i6: ffff800047a0ae81 i7: 00000000101888b0\nI7: \u003cniu_try_msix.constprop.0+0xc0/0x130 [niu]\u003e\nCall Trace:\n[\u003c00000000101888b0\u003e] niu_try_msix.constprop.0+0xc0/0x130 [niu]\n[\u003c000000001018f840\u003e] niu_get_invariants+0x183c/0x207c [niu]\n[\u003c00000000101902fc\u003e] niu_pci_init_one+0x27c/0x2fc [niu]\n[\u003c00000000005ef3e4\u003e] local_pci_probe+0x28/0x74\n[\u003c0000000000469240\u003e] work_for_cpu_fn+0x8/0x1c\n[\u003c000000000046b008\u003e] process_scheduled_works+0x144/0x210\n[\u003c000000000046b518\u003e] worker_thread+0x13c/0x1c0\n[\u003c00000000004710e0\u003e] kthread+0xb8/0xc8\n[\u003c00000000004060c8\u003e] ret_from_fork+0x1c/0x2c\n[\u003c0000000000000000\u003e] 0x0\nKernel panic - not syncing: Non-resumable error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37833",
"url": "https://www.suse.com/security/cve/CVE-2025-37833"
},
{
"category": "external",
"summary": "SUSE Bug 1242868 for CVE-2025-37833",
"url": "https://bugzilla.suse.com/1242868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37833"
},
{
"cve": "CVE-2025-37836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix reference leak in pci_register_host_bridge()\n\nIf device_register() fails, call put_device() to give up the reference to\navoid a memory leak, per the comment at device_register().\n\nFound by code review.\n\n[bhelgaas: squash Dan Carpenter\u0027s double free fix from\nhttps://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37836",
"url": "https://www.suse.com/security/cve/CVE-2025-37836"
},
{
"category": "external",
"summary": "SUSE Bug 1242957 for CVE-2025-37836",
"url": "https://bugzilla.suse.com/1242957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37836"
},
{
"cve": "CVE-2025-37839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb-\u003es_sequence check\n\nJournal emptiness is not determined by sb-\u003es_sequence == 0 but rather by\nsb-\u003es_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37839",
"url": "https://www.suse.com/security/cve/CVE-2025-37839"
},
{
"category": "external",
"summary": "SUSE Bug 1242990 for CVE-2025-37839",
"url": "https://bugzilla.suse.com/1242990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37839"
},
{
"cve": "CVE-2025-37840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: fix PM resume warning\n\nFixed warning on PM resume as shown below caused due to uninitialized\nstruct nand_operation that checks chip select field :\nWARN_ON(op-\u003ecs \u003e= nanddev_ntargets(\u0026chip-\u003ebase)\n\n[ 14.588522] ------------[ cut here ]------------\n[ 14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8\n[ 14.588553] Modules linked in: bdc udc_core\n[ 14.588579] CPU: 0 UID: 0 PID: 1392 Comm: rtcwake Tainted: G W 6.14.0-rc4-g5394eea10651 #16\n[ 14.588590] Tainted: [W]=WARN\n[ 14.588593] Hardware name: Broadcom STB (Flattened Device Tree)\n[ 14.588598] Call trace:\n[ 14.588604] dump_backtrace from show_stack+0x18/0x1c\n[ 14.588622] r7:00000009 r6:0000008b r5:60000153 r4:c0fa558c\n[ 14.588625] show_stack from dump_stack_lvl+0x70/0x7c\n[ 14.588639] dump_stack_lvl from dump_stack+0x18/0x1c\n[ 14.588653] r5:c08d40b0 r4:c1003cb0\n[ 14.588656] dump_stack from __warn+0x84/0xe4\n[ 14.588668] __warn from warn_slowpath_fmt+0x18c/0x194\n[ 14.588678] r7:c08d40b0 r6:c1003cb0 r5:00000000 r4:00000000\n[ 14.588681] warn_slowpath_fmt from nand_reset_op+0x1e0/0x1f8\n[ 14.588695] r8:70c40dff r7:89705f41 r6:36b4a597 r5:c26c9444 r4:c26b0048\n[ 14.588697] nand_reset_op from brcmnand_resume+0x13c/0x150\n[ 14.588714] r9:00000000 r8:00000000 r7:c24f8010 r6:c228a3f8 r5:c26c94bc r4:c26b0040\n[ 14.588717] brcmnand_resume from platform_pm_resume+0x34/0x54\n[ 14.588735] r5:00000010 r4:c0840a50\n[ 14.588738] platform_pm_resume from dpm_run_callback+0x5c/0x14c\n[ 14.588757] dpm_run_callback from device_resume+0xc0/0x324\n[ 14.588776] r9:c24f8054 r8:c24f80a0 r7:00000000 r6:00000000 r5:00000010 r4:c24f8010\n[ 14.588779] device_resume from dpm_resume+0x130/0x160\n[ 14.588799] r9:c22539e4 r8:00000010 r7:c22bebb0 r6:c24f8010 r5:c22539dc r4:c22539b0\n[ 14.588802] dpm_resume from dpm_resume_end+0x14/0x20\n[ 14.588822] r10:c2204e40 r9:00000000 r8:c228a3fc r7:00000000 r6:00000003 r5:c228a414\n[ 14.588826] r4:00000010\n[ 14.588828] dpm_resume_end from suspend_devices_and_enter+0x274/0x6f8\n[ 14.588848] r5:c228a414 r4:00000000\n[ 14.588851] suspend_devices_and_enter from pm_suspend+0x228/0x2bc\n[ 14.588868] r10:c3502910 r9:c3501f40 r8:00000004 r7:c228a438 r6:c0f95e18 r5:00000000\n[ 14.588871] r4:00000003\n[ 14.588874] pm_suspend from state_store+0x74/0xd0\n[ 14.588889] r7:c228a438 r6:c0f934c8 r5:00000003 r4:00000003\n[ 14.588892] state_store from kobj_attr_store+0x1c/0x28\n[ 14.588913] r9:00000000 r8:00000000 r7:f09f9f08 r6:00000004 r5:c3502900 r4:c0283250\n[ 14.588916] kobj_attr_store from sysfs_kf_write+0x40/0x4c\n[ 14.588936] r5:c3502900 r4:c0d92a48\n[ 14.588939] sysfs_kf_write from kernfs_fop_write_iter+0x104/0x1f0\n[ 14.588956] r5:c3502900 r4:c3501f40\n[ 14.588960] kernfs_fop_write_iter from vfs_write+0x250/0x420\n[ 14.588980] r10:c0e14b48 r9:00000000 r8:c25f5780 r7:00443398 r6:f09f9f68 r5:c34f7f00\n[ 14.588983] r4:c042a88c\n[ 14.588987] vfs_write from ksys_write+0x74/0xe4\n[ 14.589005] r10:00000004 r9:c25f5780 r8:c02002fA0 r7:00000000 r6:00000000 r5:c34f7f00\n[ 14.589008] r4:c34f7f00\n[ 14.589011] ksys_write from sys_write+0x10/0x14\n[ 14.589029] r7:00000004 r6:004421c0 r5:00443398 r4:00000004\n[ 14.589032] sys_write from ret_fast_syscall+0x0/0x5c\n[ 14.589044] Exception stack(0xf09f9fa8 to 0xf09f9ff0)\n[ 14.589050] 9fa0: 00000004 00443398 00000004 00443398 00000004 00000001\n[ 14.589056] 9fc0: 00000004 00443398 004421c0 00000004 b6ecbd58 00000008 bebfbc38 0043eb78\n[ 14.589062] 9fe0: 00440eb0 bebfbaf8 b6de18a0 b6e579e8\n[ 14.589065] ---[ end trace 0000000000000000 ]---\n\nThe fix uses the higher level nand_reset(chip, chipnr); where chipnr = 0, when\ndoing PM resume operation in compliance with the controller support for single\ndie nand chip. Switching from nand_reset_op() to nan\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37840",
"url": "https://www.suse.com/security/cve/CVE-2025-37840"
},
{
"category": "external",
"summary": "SUSE Bug 1242953 for CVE-2025-37840",
"url": "https://bugzilla.suse.com/1242953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37840"
},
{
"cve": "CVE-2025-37841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npm: cpupower: bench: Prevent NULL dereference on malloc failure\n\nIf malloc returns NULL due to low memory, \u0027config\u0027 pointer can be NULL.\nAdd a check to prevent NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37841",
"url": "https://www.suse.com/security/cve/CVE-2025-37841"
},
{
"category": "external",
"summary": "SUSE Bug 1242974 for CVE-2025-37841",
"url": "https://bugzilla.suse.com/1242974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37841"
},
{
"cve": "CVE-2025-37842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fsl-qspi: use devm function instead of driver remove\n\nDriver use devm APIs to manage clk/irq/resources and register the spi\ncontroller, but the legacy remove function will be called first during\ndevice detach and trigger kernel panic. Drop the remove function and use\ndevm_add_action_or_reset() for driver cleanup to ensure the release\nsequence.\n\nTrigger kernel panic on i.MX8MQ by\necho 30bb0000.spi \u003e/sys/bus/platform/drivers/fsl-quadspi/unbind",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37842",
"url": "https://www.suse.com/security/cve/CVE-2025-37842"
},
{
"category": "external",
"summary": "SUSE Bug 1242951 for CVE-2025-37842",
"url": "https://bugzilla.suse.com/1242951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37842"
},
{
"cve": "CVE-2025-37849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Tear down vGIC on failed vCPU creation\n\nIf kvm_arch_vcpu_create() fails to share the vCPU page with the\nhypervisor, we propagate the error back to the ioctl but leave the\nvGIC vCPU data initialised. Note only does this leak the corresponding\nmemory when the vCPU is destroyed but it can also lead to use-after-free\nif the redistributor device handling tries to walk into the vCPU.\n\nAdd the missing cleanup to kvm_arch_vcpu_create(), ensuring that the\nvGIC vCPU structures are destroyed on error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37849",
"url": "https://www.suse.com/security/cve/CVE-2025-37849"
},
{
"category": "external",
"summary": "SUSE Bug 1243000 for CVE-2025-37849",
"url": "https://bugzilla.suse.com/1243000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37849"
},
{
"cve": "CVE-2025-37850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()\n\nWith CONFIG_COMPILE_TEST \u0026\u0026 !CONFIG_HAVE_CLK, pwm_mediatek_config() has a\ndivide-by-zero in the following line:\n\n\tdo_div(resolution, clk_get_rate(pc-\u003eclk_pwms[pwm-\u003ehwpwm]));\n\ndue to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate()\nreturns zero.\n\nThis is presumably just a theoretical problem: COMPILE_TEST overrides\nthe dependency on RALINK which would select COMMON_CLK. Regardless it\u0027s\na good idea to check for the error explicitly to avoid divide-by-zero.\n\nFixes the following warning:\n\n drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section\n\n[ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37850",
"url": "https://www.suse.com/security/cve/CVE-2025-37850"
},
{
"category": "external",
"summary": "SUSE Bug 1242955 for CVE-2025-37850",
"url": "https://bugzilla.suse.com/1242955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37850"
},
{
"cve": "CVE-2025-37851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: Add \u0027plane\u0027 value check\n\nFunction dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB\nof the enum parameter plane.\n\nThe value of this parameter is initialized in dss_init_overlays and in the\ncurrent state of the code it cannot take this value so it\u0027s not a real\nproblem.\n\nFor the purposes of defensive coding it wouldn\u0027t be superfluous to check\nthe parameter value, because some functions down the call stack process\nthis value correctly and some not.\n\nFor example, in dispc_ovl_setup_global_alpha it may lead to buffer\noverflow.\n\nAdd check for this value.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37851",
"url": "https://www.suse.com/security/cve/CVE-2025-37851"
},
{
"category": "external",
"summary": "SUSE Bug 1242977 for CVE-2025-37851",
"url": "https://bugzilla.suse.com/1242977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37851"
},
{
"cve": "CVE-2025-37852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create()\n\nAdd error handling to propagate amdgpu_cgs_create_device() failures\nto the caller. When amdgpu_cgs_create_device() fails, release hwmgr\nand return -ENOMEM to prevent null pointer dereference.\n\n[v1]-\u003e[v2]: Change error code from -EINVAL to -ENOMEM. Free hwmgr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37852",
"url": "https://www.suse.com/security/cve/CVE-2025-37852"
},
{
"category": "external",
"summary": "SUSE Bug 1243074 for CVE-2025-37852",
"url": "https://bugzilla.suse.com/1243074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37852"
},
{
"cve": "CVE-2025-37853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: debugfs hang_hws skip GPU with MES\n\ndebugfs hang_hws is used by GPU reset test with HWS, for MES this crash\nthe kernel with NULL pointer access because dqm-\u003epacket_mgr is not setup\nfor MES path.\n\nSkip GPU with MES for now, MES hang_hws debugfs interface will be\nsupported later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37853",
"url": "https://www.suse.com/security/cve/CVE-2025-37853"
},
{
"category": "external",
"summary": "SUSE Bug 1243076 for CVE-2025-37853",
"url": "https://bugzilla.suse.com/1243076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37853"
},
{
"cve": "CVE-2025-37854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix mode1 reset crash issue\n\nIf HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal\nuser space to abort the processes. After process abort exit, user queues\nstill use the GPU to access system memory before h/w is reset while KFD\ncleanup worker free system memory and free VRAM.\n\nThere is use-after-free race bug that KFD allocate and reuse the freed\nsystem memory, and user queue write to the same system memory to corrupt\nthe data structure and cause driver crash.\n\nTo fix this race, KFD cleanup worker terminate user queues, then flush\nreset_domain wq to wait for any GPU ongoing reset complete, and then\nfree outstanding BOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37854",
"url": "https://www.suse.com/security/cve/CVE-2025-37854"
},
{
"category": "external",
"summary": "SUSE Bug 1243082 for CVE-2025-37854",
"url": "https://bugzilla.suse.com/1243082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37854"
},
{
"cve": "CVE-2025-37858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Prevent integer overflow in AG size calculation\n\nThe JFS filesystem calculates allocation group (AG) size using 1 \u003c\u003c\nl2agsize in dbExtendFS(). When l2agsize exceeds 31 (possible with \u003e2TB\naggregates on 32-bit systems), this 32-bit shift operation causes undefined\nbehavior and improper AG sizing.\n\nOn 32-bit architectures:\n- Left-shifting 1 by 32+ bits results in 0 due to integer overflow\n- This creates invalid AG sizes (0 or garbage values) in\nsbi-\u003ebmap-\u003edb_agsize\n- Subsequent block allocations would reference invalid AG structures\n- Could lead to:\n - Filesystem corruption during extend operations\n - Kernel crashes due to invalid memory accesses\n - Security vulnerabilities via malformed on-disk structures\n\nFix by casting to s64 before shifting:\nbmp-\u003edb_agsize = (s64)1 \u003c\u003c l2agsize;\n\nThis ensures 64-bit arithmetic even on 32-bit architectures. The cast\nmatches the data type of db_agsize (s64) and follows similar patterns in\nJFS block calculation code.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37858",
"url": "https://www.suse.com/security/cve/CVE-2025-37858"
},
{
"category": "external",
"summary": "SUSE Bug 1243049 for CVE-2025-37858",
"url": "https://bugzilla.suse.com/1243049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37858"
},
{
"cve": "CVE-2025-37867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Silence oversized kvmalloc() warning\n\nsyzkaller triggered an oversized kvmalloc() warning.\nSilence it by adding __GFP_NOWARN.\n\nsyzkaller log:\n WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node_noprof+0x175/0x180\n CPU: 7 UID: 0 PID: 518 Comm: c_repro Not tainted 6.11.0-rc6+ #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__kvmalloc_node_noprof+0x175/0x180\n RSP: 0018:ffffc90001e67c10 EFLAGS: 00010246\n RAX: 0000000000000100 RBX: 0000000000000400 RCX: ffffffff8149d46b\n RDX: 0000000000000000 RSI: ffff8881030fae80 RDI: 0000000000000002\n RBP: 000000712c800000 R08: 0000000000000100 R09: 0000000000000000\n R10: ffffc90001e67c10 R11: 0030ae0601000000 R12: 0000000000000000\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000\n FS: 00007fde79159740(0000) GS:ffff88813bdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000180 CR3: 0000000105eb4005 CR4: 00000000003706b0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ib_umem_odp_get+0x1f6/0x390\n mlx5_ib_reg_user_mr+0x1e8/0x450\n ib_uverbs_reg_mr+0x28b/0x440\n ib_uverbs_write+0x7d3/0xa30\n vfs_write+0x1ac/0x6c0\n ksys_write+0x134/0x170\n ? __sanitizer_cov_trace_pc+0x1c/0x50\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37867",
"url": "https://www.suse.com/security/cve/CVE-2025-37867"
},
{
"category": "external",
"summary": "SUSE Bug 1242948 for CVE-2025-37867",
"url": "https://bugzilla.suse.com/1242948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37867"
},
{
"cve": "CVE-2025-37870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: prevent hang on link training fail\n\n[Why]\nWhen link training fails, the phy clock will be disabled. However, in\nenable_streams, it is assumed that link training succeeded and the\nmux selects the phy clock, causing a hang when a register write is made.\n\n[How]\nWhen enable_stream is hit, check if link training failed. If it did, fall\nback to the ref clock to avoid a hang and keep the system in a recoverable\nstate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37870",
"url": "https://www.suse.com/security/cve/CVE-2025-37870"
},
{
"category": "external",
"summary": "SUSE Bug 1243056 for CVE-2025-37870",
"url": "https://bugzilla.suse.com/1243056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37870"
},
{
"cve": "CVE-2025-37871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: decrease sc_count directly if fail to queue dl_recall\n\nA deadlock warning occurred when invoking nfs4_put_stid following a failed\ndl_recall queue operation:\n T1 T2\n nfs4_laundromat\n nfs4_get_client_reaplist\n nfs4_anylock_blockers\n__break_lease\n spin_lock // ctx-\u003eflc_lock\n spin_lock // clp-\u003ecl_lock\n nfs4_lockowner_has_blockers\n locks_owner_has_blockers\n spin_lock // flctx-\u003eflc_lock\n nfsd_break_deleg_cb\n nfsd_break_one_deleg\n nfs4_put_stid\n refcount_dec_and_lock\n spin_lock // clp-\u003ecl_lock\n\nWhen a file is opened, an nfs4_delegation is allocated with sc_count\ninitialized to 1, and the file_lease holds a reference to the delegation.\nThe file_lease is then associated with the file through kernel_setlease.\n\nThe disassociation is performed in nfsd4_delegreturn via the following\ncall chain:\nnfsd4_delegreturn --\u003e destroy_delegation --\u003e destroy_unhashed_deleg --\u003e\nnfs4_unlock_deleg_lease --\u003e kernel_setlease --\u003e generic_delete_lease\nThe corresponding sc_count reference will be released after this\ndisassociation.\n\nSince nfsd_break_one_deleg executes while holding the flc_lock, the\ndisassociation process becomes blocked when attempting to acquire flc_lock\nin generic_delete_lease. This means:\n1) sc_count in nfsd_break_one_deleg will not be decremented to 0;\n2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to\nacquire cl_lock;\n3) Consequently, no deadlock condition is created.\n\nGiven that sc_count in nfsd_break_one_deleg remains non-zero, we can\nsafely perform refcount_dec on sc_count directly. This approach\neffectively avoids triggering deadlock warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37871",
"url": "https://www.suse.com/security/cve/CVE-2025-37871"
},
{
"category": "external",
"summary": "SUSE Bug 1242949 for CVE-2025-37871",
"url": "https://bugzilla.suse.com/1242949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37871"
},
{
"cve": "CVE-2025-37873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix missing ring index trim on error path\n\nCommit under Fixes converted tx_prod to be free running but missed\nmasking it on the Tx error path. This crashes on error conditions,\nfor example when DMA mapping fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37873",
"url": "https://www.suse.com/security/cve/CVE-2025-37873"
},
{
"category": "external",
"summary": "SUSE Bug 1242961 for CVE-2025-37873",
"url": "https://bugzilla.suse.com/1242961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37873"
},
{
"cve": "CVE-2025-37875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix PTM cycle trigger logic\n\nWriting to clear the PTM status \u0027valid\u0027 bit while the PTM cycle is\ntriggered results in unreliable PTM operation. To fix this, clear the\nPTM \u0027trigger\u0027 and status after each PTM transaction.\n\nThe issue can be reproduced with the following:\n\n$ sudo phc2sys -R 1000 -O 0 -i tsn0 -m\n\nNote: 1000 Hz (-R 1000) is unrealistically large, but provides a way to\nquickly reproduce the issue.\n\nPHC2SYS exits with:\n\n\"ioctl PTP_OFFSET_PRECISE: Connection timed out\" when the PTM transaction\n fails\n\nThis patch also fixes a hang in igc_probe() when loading the igc\ndriver in the kdump kernel on systems supporting PTM.\n\nThe igc driver running in the base kernel enables PTM trigger in\nigc_probe(). Therefore the driver is always in PTM trigger mode,\nexcept in brief periods when manually triggering a PTM cycle.\n\nWhen a crash occurs, the NIC is reset while PTM trigger is enabled.\nDue to a hardware problem, the NIC is subsequently in a bad busmaster\nstate and doesn\u0027t handle register reads/writes. When running\nigc_probe() in the kdump kernel, the first register access to a NIC\nregister hangs driver probing and ultimately breaks kdump.\n\nWith this patch, igc has PTM trigger disabled most of the time,\nand the trigger is only enabled for very brief (10 - 100 us) periods\nwhen manually triggering a PTM cycle. Chances that a crash occurs\nduring a PTM trigger are not 0, but extremely reduced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37875",
"url": "https://www.suse.com/security/cve/CVE-2025-37875"
},
{
"category": "external",
"summary": "SUSE Bug 1242959 for CVE-2025-37875",
"url": "https://bugzilla.suse.com/1242959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37875"
},
{
"cve": "CVE-2025-37879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37879"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/net: fix improper handling of bogus negative read/write replies\n\nIn p9_client_write() and p9_client_read_once(), if the server\nincorrectly replies with success but a negative write/read count then we\nwould consider written (negative) \u003c= rsize (positive) because both\nvariables were signed.\n\nMake variables unsigned to avoid this problem.\n\nThe reproducer linked below now fails with the following error instead\nof a null pointer deref:\n9pnet: bogus RWRITE count (4294967295 \u003e 3)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37879",
"url": "https://www.suse.com/security/cve/CVE-2025-37879"
},
{
"category": "external",
"summary": "SUSE Bug 1243077 for CVE-2025-37879",
"url": "https://bugzilla.suse.com/1243077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37879"
},
{
"cve": "CVE-2025-37881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()\n\nThe variable d-\u003ename, returned by devm_kasprintf(), could be NULL.\nA pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37881",
"url": "https://www.suse.com/security/cve/CVE-2025-37881"
},
{
"category": "external",
"summary": "SUSE Bug 1242973 for CVE-2025-37881",
"url": "https://bugzilla.suse.com/1242973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37881"
},
{
"cve": "CVE-2025-37886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: make wait_context part of q_info\n\nMake the wait_context a full part of the q_info struct rather\nthan a stack variable that goes away after pdsc_adminq_post()\nis done so that the context is still available after the wait\nloop has given up.\n\nThere was a case where a slow development firmware caused\nthe adminq request to time out, but then later the FW finally\nfinished the request and sent the interrupt. The handler tried\nto complete_all() the completion context that had been created\non the stack in pdsc_adminq_post() but no longer existed.\nThis caused bad pointer usage, kernel crashes, and much wailing\nand gnashing of teeth.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37886",
"url": "https://www.suse.com/security/cve/CVE-2025-37886"
},
{
"category": "external",
"summary": "SUSE Bug 1242944 for CVE-2025-37886",
"url": "https://bugzilla.suse.com/1242944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37886"
},
{
"cve": "CVE-2025-37887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result\n\nIf the FW doesn\u0027t support the PDS_CORE_CMD_FW_CONTROL command\nthe driver might at the least print garbage and at the worst\ncrash when the user runs the \"devlink dev info\" devlink command.\n\nThis happens because the stack variable fw_list is not 0\ninitialized which results in fw_list.num_fw_slots being a\ngarbage value from the stack. Then the driver tries to access\nfw_list.fw_names[i] with i \u003e= ARRAY_SIZE and runs off the end\nof the array.\n\nFix this by initializing the fw_list and by not failing\ncompletely if the devcmd fails because other useful information\nis printed via devlink dev info even if the devcmd fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37887",
"url": "https://www.suse.com/security/cve/CVE-2025-37887"
},
{
"category": "external",
"summary": "SUSE Bug 1242962 for CVE-2025-37887",
"url": "https://bugzilla.suse.com/1242962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37887"
},
{
"cve": "CVE-2025-37889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Consistently treat platform_max as control value\n\nThis reverts commit 9bdd10d57a88 (\"ASoC: ops: Shift tested values in\nsnd_soc_put_volsw() by +min\"), and makes some additional related\nupdates.\n\nThere are two ways the platform_max could be interpreted; the maximum\nregister value, or the maximum value the control can be set to. The\npatch moved from treating the value as a control value to a register\none. When the patch was applied it was technically correct as\nsnd_soc_limit_volume() also used the register interpretation. However,\neven then most of the other usages treated platform_max as a\ncontrol value, and snd_soc_limit_volume() has since been updated to\nalso do so in commit fb9ad24485087 (\"ASoC: ops: add correct range\ncheck for limiting volume\"). That patch however, missed updating\nsnd_soc_put_volsw() back to the control interpretation, and fixing\nsnd_soc_info_volsw_range(). The control interpretation makes more\nsense as limiting is typically done from the machine driver, so it is\nappropriate to use the customer facing representation rather than the\ninternal codec representation. Update all the code to consistently use\nthis interpretation of platform_max.\n\nFinally, also add some comments to the soc_mixer_control struct to\nhopefully avoid further patches switching between the two approaches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37889",
"url": "https://www.suse.com/security/cve/CVE-2025-37889"
},
{
"category": "external",
"summary": "SUSE Bug 1242945 for CVE-2025-37889",
"url": "https://bugzilla.suse.com/1242945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37889"
},
{
"cve": "CVE-2025-37890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], we have a UAF case when an hfsc class\nhas a netem child qdisc. The crux of the issue is that hfsc is assuming\nthat checking for cl-\u003eqdisc-\u003eq.qlen == 0 guarantees that it hasn\u0027t inserted\nthe class in the vttree or eltree (which is not true for the netem\nduplicate case).\n\nThis patch checks the n_active class variable to make sure that the code\nwon\u0027t insert the class in the vttree or eltree twice, catering for the\nreentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37890",
"url": "https://www.suse.com/security/cve/CVE-2025-37890"
},
{
"category": "external",
"summary": "SUSE Bug 1243330 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "external",
"summary": "SUSE Bug 1245791 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1245791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "important"
}
],
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-37891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ump: Fix buffer overflow at UMP SysEx message conversion\n\nThe conversion function from MIDI 1.0 to UMP packet contains an\ninternal buffer to keep the incoming MIDI bytes, and its size is 4, as\nit was supposed to be the max size for a MIDI1 UMP packet data.\nHowever, the implementation overlooked that SysEx is handled in a\ndifferent format, and it can be up to 6 bytes, as found in\ndo_convert_to_ump(). It leads eventually to a buffer overflow, and\nmay corrupt the memory when a longer SysEx message is received.\n\nThe fix is simply to extend the buffer size to 6 to fit with the SysEx\nUMP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37891",
"url": "https://www.suse.com/security/cve/CVE-2025-37891"
},
{
"category": "external",
"summary": "SUSE Bug 1243589 for CVE-2025-37891",
"url": "https://bugzilla.suse.com/1243589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37891"
},
{
"cve": "CVE-2025-37892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: inftlcore: Add error check for inftl_read_oob()\n\nIn INFTL_findwriteunit(), the return value of inftl_read_oob()\nneed to be checked. A proper implementation can be\nfound in INFTL_deleteblock(). The status will be set as\nSECTOR_IGNORE to break from the while-loop correctly\nif the inftl_read_oob() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37892",
"url": "https://www.suse.com/security/cve/CVE-2025-37892"
},
{
"category": "external",
"summary": "SUSE Bug 1243536 for CVE-2025-37892",
"url": "https://bugzilla.suse.com/1243536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37892"
},
{
"cve": "CVE-2025-37897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37897"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: plfxlc: Remove erroneous assert in plfxlc_mac_release\n\nplfxlc_mac_release() asserts that mac-\u003elock is held. This assertion is\nincorrect, because even if it was possible, it would not be the valid\nbehaviour. The function is used when probe fails or after the device is\ndisconnected. In both cases mac-\u003elock can not be held as the driver is\nnot working with the device at the moment. All functions that use mac-\u003elock\nunlock it just after it was held. There is also no need to hold mac-\u003elock\nfor plfxlc_mac_release() itself, as mac data is not affected, except for\nmac-\u003eflags, which is modified atomically.\n\nThis bug leads to the following warning:\n================================================================\nWARNING: CPU: 0 PID: 127 at drivers/net/wireless/purelifi/plfxlc/mac.c:106 plfxlc_mac_release+0x7d/0xa0\nModules linked in:\nCPU: 0 PID: 127 Comm: kworker/0:2 Not tainted 6.1.124-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:plfxlc_mac_release+0x7d/0xa0 drivers/net/wireless/purelifi/plfxlc/mac.c:106\nCall Trace:\n \u003cTASK\u003e\n probe+0x941/0xbd0 drivers/net/wireless/purelifi/plfxlc/usb.c:694\n usb_probe_interface+0x5c0/0xaf0 drivers/usb/core/driver.c:396\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_set_configuration+0x19dd/0x2020 drivers/usb/core/message.c:2165\n usb_generic_driver_probe+0x84/0x140 drivers/usb/core/generic.c:238\n usb_probe_device+0x130/0x260 drivers/usb/core/driver.c:293\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_new_device+0xbdd/0x18f0 drivers/usb/core/hub.c:2620\n hub_port_connect drivers/usb/core/hub.c:5477 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5617 [inline]\n port_event drivers/usb/core/hub.c:5773 [inline]\n hub_event+0x2efe/0x5730 drivers/usb/core/hub.c:5855\n process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292\n worker_thread+0xa47/0x1200 kernel/workqueue.c:2439\n kthread+0x28d/0x320 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n \u003c/TASK\u003e\n================================================================\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37897",
"url": "https://www.suse.com/security/cve/CVE-2025-37897"
},
{
"category": "external",
"summary": "SUSE Bug 1243534 for CVE-2025-37897",
"url": "https://bugzilla.suse.com/1243534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "low"
}
],
"title": "CVE-2025-37897"
},
{
"cve": "CVE-2025-37900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix two issues in iommu_copy_struct_from_user()\n\nIn the review for iommu_copy_struct_to_user() helper, Matt pointed out that\na NULL pointer should be rejected prior to dereferencing it:\nhttps://lore.kernel.org/all/86881827-8E2D-461C-BDA3-FA8FD14C343C@nvidia.com\n\nAnd Alok pointed out a typo at the same time:\nhttps://lore.kernel.org/all/480536af-6830-43ce-a327-adbd13dc3f1d@oracle.com\n\nSince both issues were copied from iommu_copy_struct_from_user(), fix them\nfirst in the current header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37900",
"url": "https://www.suse.com/security/cve/CVE-2025-37900"
},
{
"category": "external",
"summary": "SUSE Bug 1243560 for CVE-2025-37900",
"url": "https://bugzilla.suse.com/1243560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37900"
},
{
"cve": "CVE-2025-37901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs\n\nOn Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not\nhave a corresponding MPM pin and should not be handled inside the MPM\ndriver. The IRQ domain hierarchy is always applied, so it\u0027s required to\nexplicitly disconnect the hierarchy for those. The pinctrl-msm driver marks\nthese with GPIO_NO_WAKE_IRQ. qcom-pdc has a check for this, but\nirq-qcom-mpm is currently missing the check. This is causing crashes when\nsetting up interrupts for non-wake GPIOs:\n\n root@rb1:~# gpiomon -c gpiochip1 10\n irq: IRQ159: trimming hierarchy from :soc@0:interrupt-controller@f200000-1\n Unable to handle kernel paging request at virtual address ffff8000a1dc3820\n Hardware name: Qualcomm Technologies, Inc. Robotics RB1 (DT)\n pc : mpm_set_type+0x80/0xcc\n lr : mpm_set_type+0x5c/0xcc\n Call trace:\n mpm_set_type+0x80/0xcc (P)\n qcom_mpm_set_type+0x64/0x158\n irq_chip_set_type_parent+0x20/0x38\n msm_gpio_irq_set_type+0x50/0x530\n __irq_set_trigger+0x60/0x184\n __setup_irq+0x304/0x6bc\n request_threaded_irq+0xc8/0x19c\n edge_detector_setup+0x260/0x364\n linereq_create+0x420/0x5a8\n gpio_ioctl+0x2d4/0x6c0\n\nFix this by copying the check for GPIO_NO_WAKE_IRQ from qcom-pdc.c, so that\nMPM is removed entirely from the hierarchy for non-wake GPIOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37901",
"url": "https://www.suse.com/security/cve/CVE-2025-37901"
},
{
"category": "external",
"summary": "SUSE Bug 1243559 for CVE-2025-37901",
"url": "https://bugzilla.suse.com/1243559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37901"
},
{
"cve": "CVE-2025-37903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free in hdcp\n\nThe HDCP code in amdgpu_dm_hdcp.c copies pointers to amdgpu_dm_connector\nobjects without incrementing the kref reference counts. When using a\nUSB-C dock, and the dock is unplugged, the corresponding\namdgpu_dm_connector objects are freed, creating dangling pointers in the\nHDCP code. When the dock is plugged back, the dangling pointers are\ndereferenced, resulting in a slab-use-after-free:\n\n[ 66.775837] BUG: KASAN: slab-use-after-free in event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776171] Read of size 4 at addr ffff888127804120 by task kworker/0:1/10\n\n[ 66.776179] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.14.0-rc7-00180-g54505f727a38-dirty #233\n[ 66.776183] Hardware name: HP HP Pavilion Aero Laptop 13-be0xxx/8916, BIOS F.17 12/18/2024\n[ 66.776186] Workqueue: events event_property_validate [amdgpu]\n[ 66.776494] Call Trace:\n[ 66.776496] \u003cTASK\u003e\n[ 66.776497] dump_stack_lvl+0x70/0xa0\n[ 66.776504] print_report+0x175/0x555\n[ 66.776507] ? __virt_addr_valid+0x243/0x450\n[ 66.776510] ? kasan_complete_mode_report_info+0x66/0x1c0\n[ 66.776515] kasan_report+0xeb/0x1c0\n[ 66.776518] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776819] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777121] __asan_report_load4_noabort+0x14/0x20\n[ 66.777124] event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777342] ? __lock_acquire+0x6b40/0x6b40\n[ 66.777347] ? enable_assr+0x250/0x250 [amdgpu]\n[ 66.777571] process_one_work+0x86b/0x1510\n[ 66.777575] ? pwq_dec_nr_in_flight+0xcf0/0xcf0\n[ 66.777578] ? assign_work+0x16b/0x280\n[ 66.777580] ? lock_is_held_type+0xa3/0x130\n[ 66.777583] worker_thread+0x5c0/0xfa0\n[ 66.777587] ? process_one_work+0x1510/0x1510\n[ 66.777588] kthread+0x3a2/0x840\n[ 66.777591] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777594] ? trace_hardirqs_on+0x4f/0x60\n[ 66.777597] ? _raw_spin_unlock_irq+0x27/0x60\n[ 66.777599] ? calculate_sigpending+0x77/0xa0\n[ 66.777602] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777605] ret_from_fork+0x40/0x90\n[ 66.777607] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777609] ret_from_fork_asm+0x11/0x20\n[ 66.777614] \u003c/TASK\u003e\n\n[ 66.777643] Allocated by task 10:\n[ 66.777646] kasan_save_stack+0x39/0x60\n[ 66.777649] kasan_save_track+0x14/0x40\n[ 66.777652] kasan_save_alloc_info+0x37/0x50\n[ 66.777655] __kasan_kmalloc+0xbb/0xc0\n[ 66.777658] __kmalloc_cache_noprof+0x1c8/0x4b0\n[ 66.777661] dm_dp_add_mst_connector+0xdd/0x5c0 [amdgpu]\n[ 66.777880] drm_dp_mst_port_add_connector+0x47e/0x770 [drm_display_helper]\n[ 66.777892] drm_dp_send_link_address+0x1554/0x2bf0 [drm_display_helper]\n[ 66.777901] drm_dp_check_and_send_link_address+0x187/0x1f0 [drm_display_helper]\n[ 66.777909] drm_dp_mst_link_probe_work+0x2b8/0x410 [drm_display_helper]\n[ 66.777917] process_one_work+0x86b/0x1510\n[ 66.777919] worker_thread+0x5c0/0xfa0\n[ 66.777922] kthread+0x3a2/0x840\n[ 66.777925] ret_from_fork+0x40/0x90\n[ 66.777927] ret_from_fork_asm+0x11/0x20\n\n[ 66.777932] Freed by task 1713:\n[ 66.777935] kasan_save_stack+0x39/0x60\n[ 66.777938] kasan_save_track+0x14/0x40\n[ 66.777940] kasan_save_free_info+0x3b/0x60\n[ 66.777944] __kasan_slab_free+0x52/0x70\n[ 66.777946] kfree+0x13f/0x4b0\n[ 66.777949] dm_dp_mst_connector_destroy+0xfa/0x150 [amdgpu]\n[ 66.778179] drm_connector_free+0x7d/0xb0\n[ 66.778184] drm_mode_object_put.part.0+0xee/0x160\n[ 66.778188] drm_mode_object_put+0x37/0x50\n[ 66.778191] drm_atomic_state_default_clear+0x220/0xd60\n[ 66.778194] __drm_atomic_state_free+0x16e/0x2a0\n[ 66.778197] drm_mode_atomic_ioctl+0x15ed/0x2ba0\n[ 66.778200] drm_ioctl_kernel+0x17a/0x310\n[ 66.778203] drm_ioctl+0x584/0xd10\n[ 66.778206] amdgpu_drm_ioctl+0xd2/0x1c0 [amdgpu]\n[ 66.778375] __x64_sys_ioctl+0x139/0x1a0\n[ 66.778378] x64_sys_call+0xee7/0xfb0\n[ 66.778381] \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37903",
"url": "https://www.suse.com/security/cve/CVE-2025-37903"
},
{
"category": "external",
"summary": "SUSE Bug 1243562 for CVE-2025-37903",
"url": "https://bugzilla.suse.com/1243562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37903"
},
{
"cve": "CVE-2025-37905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Balance device refcount when destroying devices\n\nUsing device_find_child() to lookup the proper SCMI device to destroy\ncauses an unbalance in device refcount, since device_find_child() calls an\nimplicit get_device(): this, in turns, inhibits the call of the provided\nrelease methods upon devices destruction.\n\nAs a consequence, one of the structures that is not freed properly upon\ndestruction is the internal struct device_private dev-\u003ep populated by the\ndrivers subsystem core.\n\nKMemleak detects this situation since loading/unloding some SCMI driver\ncauses related devices to be created/destroyed without calling any\ndevice_release method.\n\nunreferenced object 0xffff00000f583800 (size 512):\n comm \"insmod\", pid 227, jiffies 4294912190\n hex dump (first 32 bytes):\n 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........\n ff ff ff ff ff ff ff ff 60 36 1d 8a 00 80 ff ff ........`6......\n backtrace (crc 114e2eed):\n kmemleak_alloc+0xbc/0xd8\n __kmalloc_cache_noprof+0x2dc/0x398\n device_add+0x954/0x12d0\n device_register+0x28/0x40\n __scmi_device_create.part.0+0x1bc/0x380\n scmi_device_create+0x2d0/0x390\n scmi_create_protocol_devices+0x74/0xf8\n scmi_device_request_notifier+0x1f8/0x2a8\n notifier_call_chain+0x110/0x3b0\n blocking_notifier_call_chain+0x70/0xb0\n scmi_driver_register+0x350/0x7f0\n 0xffff80000a3b3038\n do_one_initcall+0x12c/0x730\n do_init_module+0x1dc/0x640\n load_module+0x4b20/0x5b70\n init_module_from_file+0xec/0x158\n\n$ ./scripts/faddr2line ./vmlinux device_add+0x954/0x12d0\ndevice_add+0x954/0x12d0:\nkmalloc_noprof at include/linux/slab.h:901\n(inlined by) kzalloc_noprof at include/linux/slab.h:1037\n(inlined by) device_private_init at drivers/base/core.c:3510\n(inlined by) device_add at drivers/base/core.c:3561\n\nBalance device refcount by issuing a put_device() on devices found via\ndevice_find_child().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37905",
"url": "https://www.suse.com/security/cve/CVE-2025-37905"
},
{
"category": "external",
"summary": "SUSE Bug 1243456 for CVE-2025-37905",
"url": "https://bugzilla.suse.com/1243456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37905"
},
{
"cve": "CVE-2025-37911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix out-of-bound memcpy() during ethtool -w\n\nWhen retrieving the FW coredump using ethtool, it can sometimes cause\nmemory corruption:\n\nBUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nCorrupted memory at 0x000000008f0f30e8 [ ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ] (in kfence-#45):\n__bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nethtool_get_dump_data+0xdc/0x1a0\n__dev_ethtool+0xa1e/0x1af0\ndev_ethtool+0xa8/0x170\ndev_ioctl+0x1b5/0x580\nsock_do_ioctl+0xab/0xf0\nsock_ioctl+0x1ce/0x2e0\n__x64_sys_ioctl+0x87/0xc0\ndo_syscall_64+0x5c/0xf0\nentry_SYSCALL_64_after_hwframe+0x78/0x80\n\n...\n\nThis happens when copying the coredump segment list in\nbnxt_hwrm_dbg_dma_data() with the HWRM_DBG_COREDUMP_LIST FW command.\nThe info-\u003edest_buf buffer is allocated based on the number of coredump\nsegments returned by the FW. The segment list is then DMA\u0027ed by\nthe FW and the length of the DMA is returned by FW. The driver then\ncopies this DMA\u0027ed segment list to info-\u003edest_buf.\n\nIn some cases, this DMA length may exceed the info-\u003edest_buf length\nand cause the above BUG condition. Fix it by capping the copy\nlength to not exceed the length of info-\u003edest_buf. The extra\nDMA data contains no useful information.\n\nThis code path is shared for the HWRM_DBG_COREDUMP_LIST and the\nHWRM_DBG_COREDUMP_RETRIEVE FW commands. The buffering is different\nfor these 2 FW commands. To simplify the logic, we need to move\nthe line to adjust the buffer length for HWRM_DBG_COREDUMP_RETRIEVE\nup, so that the new check to cap the copy length will work for both\ncommands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37911",
"url": "https://www.suse.com/security/cve/CVE-2025-37911"
},
{
"category": "external",
"summary": "SUSE Bug 1243469 for CVE-2025-37911",
"url": "https://bugzilla.suse.com/1243469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37911"
},
{
"cve": "CVE-2025-37912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()\n\nAs mentioned in the commit baeb705fd6a7 (\"ice: always check VF VSI\npointer values\"), we need to perform a null pointer check on the return\nvalue of ice_get_vf_vsi() before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37912",
"url": "https://www.suse.com/security/cve/CVE-2025-37912"
},
{
"category": "external",
"summary": "SUSE Bug 1243470 for CVE-2025-37912",
"url": "https://bugzilla.suse.com/1243470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37912"
},
{
"cve": "CVE-2025-37913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: qfq: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of qfq, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nThis patch checks whether the class was already added to the agg-\u003eactive\nlist (cl_is_active) before doing the addition to cater for the reentrant\ncase.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37913",
"url": "https://www.suse.com/security/cve/CVE-2025-37913"
},
{
"category": "external",
"summary": "SUSE Bug 1243471 for CVE-2025-37913",
"url": "https://bugzilla.suse.com/1243471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37913"
},
{
"cve": "CVE-2025-37914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: ets: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of ets, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether\nthe class was already added to the active_list (cl_is_active) before\ndoing the addition to cater for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37914",
"url": "https://www.suse.com/security/cve/CVE-2025-37914"
},
{
"category": "external",
"summary": "SUSE Bug 1243472 for CVE-2025-37914",
"url": "https://bugzilla.suse.com/1243472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37914"
},
{
"cve": "CVE-2025-37915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: drr: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of drr, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether the\nclass was already added to the active_list (cl_is_active) before adding\nto the list to cover for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37915",
"url": "https://www.suse.com/security/cve/CVE-2025-37915"
},
{
"category": "external",
"summary": "SUSE Bug 1243473 for CVE-2025-37915",
"url": "https://bugzilla.suse.com/1243473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37915"
},
{
"cve": "CVE-2025-37918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: avoid NULL pointer dereference in skb_dequeue()\n\nA NULL pointer dereference can occur in skb_dequeue() when processing a\nQCA firmware crash dump on WCN7851 (0489:e0f3).\n\n[ 93.672166] Bluetooth: hci0: ACL memdump size(589824)\n\n[ 93.672475] BUG: kernel NULL pointer dereference, address: 0000000000000008\n[ 93.672517] Workqueue: hci0 hci_devcd_rx [bluetooth]\n[ 93.672598] RIP: 0010:skb_dequeue+0x50/0x80\n\nThe issue stems from handle_dump_pkt_qca() returning 0 even when a dump\npacket is successfully processed. This is because it incorrectly\nforwards the return value of hci_devcd_init() (which returns 0 on\nsuccess). As a result, the caller (btusb_recv_acl_qca() or\nbtusb_recv_evt_qca()) assumes the packet was not handled and passes it\nto hci_recv_frame(), leading to premature kfree() of the skb.\n\nLater, hci_devcd_rx() attempts to dequeue the same skb from the dump\nqueue, resulting in a NULL pointer dereference.\n\nFix this by:\n1. Making handle_dump_pkt_qca() return 0 on success and negative errno\n on failure, consistent with kernel conventions.\n2. Splitting dump packet detection into separate functions for ACL\n and event packets for better structure and readability.\n\nThis ensures dump packets are properly identified and consumed, avoiding\ndouble handling and preventing NULL pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37918",
"url": "https://www.suse.com/security/cve/CVE-2025-37918"
},
{
"category": "external",
"summary": "SUSE Bug 1243476 for CVE-2025-37918",
"url": "https://bugzilla.suse.com/1243476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37918"
},
{
"cve": "CVE-2025-37925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: reject on-disk inodes of an unsupported type\n\nSyzbot has reported the following BUG:\n\nkernel BUG at fs/inode.c:668!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted 6.12.0-rc4-syzkaller-00085-g4e46774408d9 #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\nRIP: 0010:clear_inode+0x168/0x190\nCode: 4c 89 f7 e8 ba fe e5 ff e9 61 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 7c c1 4c 89 f7 e8 90 ff e5 ff eb b7\n 0b e8 01 5d 7f ff 90 0f 0b e8 f9 5c 7f ff 90 0f 0b e8 f1 5c 7f\nRSP: 0018:ffffc900027dfae8 EFLAGS: 00010093\nRAX: ffffffff82157a87 RBX: 0000000000000001 RCX: ffff888104d4b980\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\nRBP: ffffc900027dfc90 R08: ffffffff82157977 R09: fffff520004fbf38\nR10: dffffc0000000000 R11: fffff520004fbf38 R12: dffffc0000000000\nR13: ffff88811315bc00 R14: ffff88811315bda8 R15: ffff88811315bb80\nFS: 0000000000000000(0000) GS:ffff888135f00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005565222e0578 CR3: 0000000026ef0000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n ? __die_body+0x5f/0xb0\n ? die+0x9e/0xc0\n ? do_trap+0x15a/0x3a0\n ? clear_inode+0x168/0x190\n ? do_error_trap+0x1dc/0x2c0\n ? clear_inode+0x168/0x190\n ? __pfx_do_error_trap+0x10/0x10\n ? report_bug+0x3cd/0x500\n ? handle_invalid_op+0x34/0x40\n ? clear_inode+0x168/0x190\n ? exc_invalid_op+0x38/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? clear_inode+0x57/0x190\n ? clear_inode+0x167/0x190\n ? clear_inode+0x168/0x190\n ? clear_inode+0x167/0x190\n jfs_evict_inode+0xb5/0x440\n ? __pfx_jfs_evict_inode+0x10/0x10\n evict+0x4ea/0x9b0\n ? __pfx_evict+0x10/0x10\n ? iput+0x713/0xa50\n txUpdateMap+0x931/0xb10\n ? __pfx_txUpdateMap+0x10/0x10\n jfs_lazycommit+0x49a/0xb80\n ? _raw_spin_unlock_irqrestore+0x8f/0x140\n ? lockdep_hardirqs_on+0x99/0x150\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_default_wake_function+0x10/0x10\n ? __kthread_parkme+0x169/0x1d0\n ? __pfx_jfs_lazycommit+0x10/0x10\n kthread+0x2f2/0x390\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4d/0x80\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nThis happens when \u0027clear_inode()\u0027 makes an attempt to finalize an underlying\nJFS inode of unknown type. According to JFS layout description from\nhttps://jfs.sourceforge.net/project/pub/jfslayout.pdf, inode types from 5 to\n15 are reserved for future extensions and should not be encountered on a valid\nfilesystem. So add an extra check for valid inode type in \u0027copy_from_dinode()\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37925",
"url": "https://www.suse.com/security/cve/CVE-2025-37925"
},
{
"category": "external",
"summary": "SUSE Bug 1241654 for CVE-2025-37925",
"url": "https://bugzilla.suse.com/1241654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37925"
},
{
"cve": "CVE-2025-37928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-bufio: don\u0027t schedule in atomic context\n\nA BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and\ntry_verify_in_tasklet are enabled.\n[ 129.444685][ T934] BUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2421\n[ 129.444723][ T934] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 934, name: kworker/1:4\n[ 129.444740][ T934] preempt_count: 201, expected: 0\n[ 129.444756][ T934] RCU nest depth: 0, expected: 0\n[ 129.444781][ T934] Preemption disabled at:\n[ 129.444789][ T934] [\u003cffffffd816231900\u003e] shrink_work+0x21c/0x248\n[ 129.445167][ T934] kernel BUG at kernel/sched/walt/walt_debug.c:16!\n[ 129.445183][ T934] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ 129.445204][ T934] Skip md ftrace buffer dump for: 0x1609e0\n[ 129.447348][ T934] CPU: 1 PID: 934 Comm: kworker/1:4 Tainted: G W OE 6.6.56-android15-8-o-g6f82312b30b9-debug #1 1400000003000000474e5500b3187743670464e8\n[ 129.447362][ T934] Hardware name: Qualcomm Technologies, Inc. Parrot QRD, Alpha-M (DT)\n[ 129.447373][ T934] Workqueue: dm_bufio_cache shrink_work\n[ 129.447394][ T934] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 129.447406][ T934] pc : android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug]\n[ 129.447435][ T934] lr : __traceiter_android_rvh_schedule_bug+0x44/0x6c\n[ 129.447451][ T934] sp : ffffffc0843dbc90\n[ 129.447459][ T934] x29: ffffffc0843dbc90 x28: ffffffffffffffff x27: 0000000000000c8b\n[ 129.447479][ T934] x26: 0000000000000040 x25: ffffff804b3d6260 x24: ffffffd816232b68\n[ 129.447497][ T934] x23: ffffff805171c5b4 x22: 0000000000000000 x21: ffffffd816231900\n[ 129.447517][ T934] x20: ffffff80306ba898 x19: 0000000000000000 x18: ffffffc084159030\n[ 129.447535][ T934] x17: 00000000d2b5dd1f x16: 00000000d2b5dd1f x15: ffffffd816720358\n[ 129.447554][ T934] x14: 0000000000000004 x13: ffffff89ef978000 x12: 0000000000000003\n[ 129.447572][ T934] x11: ffffffd817a823c4 x10: 0000000000000202 x9 : 7e779c5735de9400\n[ 129.447591][ T934] x8 : ffffffd81560d004 x7 : 205b5d3938373434 x6 : ffffffd8167397c8\n[ 129.447610][ T934] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffffffc0843db9e0\n[ 129.447629][ T934] x2 : 0000000000002f15 x1 : 0000000000000000 x0 : 0000000000000000\n[ 129.447647][ T934] Call trace:\n[ 129.447655][ T934] android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug 1400000003000000474e550080cce8a8a78606b6]\n[ 129.447681][ T934] __might_resched+0x190/0x1a8\n[ 129.447694][ T934] shrink_work+0x180/0x248\n[ 129.447706][ T934] process_one_work+0x260/0x624\n[ 129.447718][ T934] worker_thread+0x28c/0x454\n[ 129.447729][ T934] kthread+0x118/0x158\n[ 129.447742][ T934] ret_from_fork+0x10/0x20\n[ 129.447761][ T934] Code: ???????? ???????? ???????? d2b5dd1f (d4210000)\n[ 129.447772][ T934] ---[ end trace 0000000000000000 ]---\n\ndm_bufio_lock will call spin_lock_bh when try_verify_in_tasklet\nis enabled, and __scan will be called in atomic context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37928",
"url": "https://www.suse.com/security/cve/CVE-2025-37928"
},
{
"category": "external",
"summary": "SUSE Bug 1243621 for CVE-2025-37928",
"url": "https://bugzilla.suse.com/1243621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37928"
},
{
"cve": "CVE-2025-37929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays\n\nCommit a5951389e58d (\"arm64: errata: Add newer ARM cores to the\nspectre_bhb_loop_affected() lists\") added some additional CPUs to the\nSpectre-BHB workaround, including some new arrays for designs that\nrequire new \u0027k\u0027 values for the workaround to be effective.\n\nUnfortunately, the new arrays omitted the sentinel entry and so\nis_midr_in_range_list() will walk off the end when it doesn\u0027t find a\nmatch. With UBSAN enabled, this leads to a crash during boot when\nis_midr_in_range_list() is inlined (which was more common prior to\nc8c2647e69be (\"arm64: Make _midr_in_range_list() an exported\nfunction\")):\n\n | Internal error: aarch64 BRK: 00000000f2000001 [#1] PREEMPT SMP\n | pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n | pc : spectre_bhb_loop_affected+0x28/0x30\n | lr : is_spectre_bhb_affected+0x170/0x190\n | [...]\n | Call trace:\n | spectre_bhb_loop_affected+0x28/0x30\n | update_cpu_capabilities+0xc0/0x184\n | init_cpu_features+0x188/0x1a4\n | cpuinfo_store_boot_cpu+0x4c/0x60\n | smp_prepare_boot_cpu+0x38/0x54\n | start_kernel+0x8c/0x478\n | __primary_switched+0xc8/0xd4\n | Code: 6b09011f 54000061 52801080 d65f03c0 (d4200020)\n | ---[ end trace 0000000000000000 ]---\n | Kernel panic - not syncing: aarch64 BRK: Fatal exception\n\nAdd the missing sentinel entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37929",
"url": "https://www.suse.com/security/cve/CVE-2025-37929"
},
{
"category": "external",
"summary": "SUSE Bug 1243624 for CVE-2025-37929",
"url": "https://bugzilla.suse.com/1243624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37929"
},
{
"cve": "CVE-2025-37930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()\n\nNouveau is mostly designed in a way that it\u0027s expected that fences only\never get signaled through nouveau_fence_signal(). However, in at least\none other place, nouveau_fence_done(), can signal fences, too. If that\nhappens (race) a signaled fence remains in the pending list for a while,\nuntil it gets removed by nouveau_fence_update().\n\nShould nouveau_fence_context_kill() run in the meantime, this would be\na bug because the function would attempt to set an error code on an\nalready signaled fence.\n\nHave nouveau_fence_context_kill() check for a fence being signaled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37930",
"url": "https://www.suse.com/security/cve/CVE-2025-37930"
},
{
"category": "external",
"summary": "SUSE Bug 1243625 for CVE-2025-37930",
"url": "https://bugzilla.suse.com/1243625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37930"
},
{
"cve": "CVE-2025-37931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: adjust subpage bit start based on sectorsize\n\nWhen running machines with 64k page size and a 16k nodesize we started\nseeing tree log corruption in production. This turned out to be because\nwe were not writing out dirty blocks sometimes, so this in fact affects\nall metadata writes.\n\nWhen writing out a subpage EB we scan the subpage bitmap for a dirty\nrange. If the range isn\u0027t dirty we do\n\n\tbit_start++;\n\nto move onto the next bit. The problem is the bitmap is based on the\nnumber of sectors that an EB has. So in this case, we have a 64k\npagesize, 16k nodesize, but a 4k sectorsize. This means our bitmap is 4\nbits for every node. With a 64k page size we end up with 4 nodes per\npage.\n\nTo make this easier this is how everything looks\n\n[0 16k 32k 48k ] logical address\n[0 4 8 12 ] radix tree offset\n[ 64k page ] folio\n[ 16k eb ][ 16k eb ][ 16k eb ][ 16k eb ] extent buffers\n[ | | | | | | | | | | | | | | | | ] bitmap\n\nNow we use all of our addressing based on fs_info-\u003esectorsize_bits, so\nas you can see the above our 16k eb-\u003estart turns into radix entry 4.\n\nWhen we find a dirty range for our eb, we correctly do bit_start +=\nsectors_per_node, because if we start at bit 0, the next bit for the\nnext eb is 4, to correspond to eb-\u003estart 16k.\n\nHowever if our range is clean, we will do bit_start++, which will now\nput us offset from our radix tree entries.\n\nIn our case, assume that the first time we check the bitmap the block is\nnot dirty, we increment bit_start so now it == 1, and then we loop\naround and check again. This time it is dirty, and we go to find that\nstart using the following equation\n\n\tstart = folio_start + bit_start * fs_info-\u003esectorsize;\n\nso in the case above, eb-\u003estart 0 is now dirty, and we calculate start\nas\n\n\t0 + 1 * fs_info-\u003esectorsize = 4096\n\t4096 \u003e\u003e 12 = 1\n\nNow we\u0027re looking up the radix tree for 1, and we won\u0027t find an eb.\nWhat\u0027s worse is now we\u0027re using bit_start == 1, so we do bit_start +=\nsectors_per_node, which is now 5. If that eb is dirty we will run into\nthe same thing, we will look at an offset that is not populated in the\nradix tree, and now we\u0027re skipping the writeout of dirty extent buffers.\n\nThe best fix for this is to not use sectorsize_bits to address nodes,\nbut that\u0027s a larger change. Since this is a fs corruption problem fix\nit simply by always using sectors_per_node to increment the start bit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37931",
"url": "https://www.suse.com/security/cve/CVE-2025-37931"
},
{
"category": "external",
"summary": "SUSE Bug 1243626 for CVE-2025-37931",
"url": "https://bugzilla.suse.com/1243626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37931"
},
{
"cve": "CVE-2025-37932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_qlen_notify() idempotent\n\nhtb_qlen_notify() always deactivates the HTB class and in fact could\ntrigger a warning if it is already deactivated. Therefore, it is not\nidempotent and not friendly to its callers, like fq_codel_dequeue().\n\nLet\u0027s make it idempotent to ease qdisc_tree_reduce_backlog() callers\u0027\nlife.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37932",
"url": "https://www.suse.com/security/cve/CVE-2025-37932"
},
{
"category": "external",
"summary": "SUSE Bug 1243627 for CVE-2025-37932",
"url": "https://bugzilla.suse.com/1243627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37932"
},
{
"cve": "CVE-2025-37937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds()\n\nIf dib8000_set_dds()\u0027s call to dib8000_read32() returns zero, the result\nis a divide-by-zero. Prevent that from happening.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/media/dvb-frontends/dib8000.o: warning: objtool: dib8000_tune() falls through to next function dib8096p_cfg_DibRx()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37937",
"url": "https://www.suse.com/security/cve/CVE-2025-37937"
},
{
"category": "external",
"summary": "SUSE Bug 1243540 for CVE-2025-37937",
"url": "https://bugzilla.suse.com/1243540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37937"
},
{
"cve": "CVE-2025-37943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi\n\nIn certain cases, hardware might provide packets with a\nlength greater than the maximum native Wi-Fi header length.\nThis can lead to accessing and modifying fields in the header\nwithin the ath12k_dp_rx_h_undecap_nwifi function for\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type and\npotentially resulting in invalid data access and memory corruption.\n\nAdd a sanity check before processing the SKB to prevent invalid\ndata access in the undecap native Wi-Fi function for the\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37943",
"url": "https://www.suse.com/security/cve/CVE-2025-37943"
},
{
"category": "external",
"summary": "SUSE Bug 1243509 for CVE-2025-37943",
"url": "https://bugzilla.suse.com/1243509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37943"
},
{
"cve": "CVE-2025-37944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process\n\nCurrently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry\nto fetch the next entry from the destination ring. This is incorrect because\nath12k_hal_srng_src_get_next_entry is intended for source rings, not destination\nrings. This leads to invalid entry fetches, causing potential data corruption or\ncrashes due to accessing incorrect memory locations. This happens because the\nsource ring and destination ring have different handling mechanisms and using\nthe wrong function results in incorrect pointer arithmetic and ring management.\n\nTo fix this issue, replace the call to ath12k_hal_srng_src_get_next_entry with\nath12k_hal_srng_dst_get_next_entry in ath12k_dp_mon_srng_process. This ensures\nthat the correct function is used for fetching entries from the destination\nring, preventing invalid memory accesses.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37944",
"url": "https://www.suse.com/security/cve/CVE-2025-37944"
},
{
"category": "external",
"summary": "SUSE Bug 1243530 for CVE-2025-37944",
"url": "https://bugzilla.suse.com/1243530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37944"
},
{
"cve": "CVE-2025-37948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Add BHB mitigation to the epilogue for cBPF programs\n\nA malicious BPF program may manipulate the branch history to influence\nwhat the hardware speculates will happen next.\n\nOn exit from a BPF program, emit the BHB mititgation sequence.\n\nThis is only applied for \u0027classic\u0027 cBPF programs that are loaded by\nseccomp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37948",
"url": "https://www.suse.com/security/cve/CVE-2025-37948"
},
{
"category": "external",
"summary": "SUSE Bug 1243649 for CVE-2025-37948",
"url": "https://bugzilla.suse.com/1243649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37948"
},
{
"cve": "CVE-2025-37949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxenbus: Use kref to track req lifetime\n\nMarek reported seeing a NULL pointer fault in the xenbus_thread\ncallstack:\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: e030:__wake_up_common+0x4c/0x180\nCall Trace:\n \u003cTASK\u003e\n __wake_up_common_lock+0x82/0xd0\n process_msg+0x18e/0x2f0\n xenbus_thread+0x165/0x1c0\n\nprocess_msg+0x18e is req-\u003ecb(req). req-\u003ecb is set to xs_wake_up(), a\nthin wrapper around wake_up(), or xenbus_dev_queue_reply(). It seems\nlike it was xs_wake_up() in this case.\n\nIt seems like req may have woken up the xs_wait_for_reply(), which\nkfree()ed the req. When xenbus_thread resumes, it faults on the zero-ed\ndata.\n\nLinux Device Drivers 2nd edition states:\n\"Normally, a wake_up call can cause an immediate reschedule to happen,\nmeaning that other processes might run before wake_up returns.\"\n... which would match the behaviour observed.\n\nChange to keeping two krefs on each request. One for the caller, and\none for xenbus_thread. Each will kref_put() when finished, and the last\nwill free it.\n\nThis use of kref matches the description in\nDocumentation/core-api/kref.rst",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37949",
"url": "https://www.suse.com/security/cve/CVE-2025-37949"
},
{
"category": "external",
"summary": "SUSE Bug 1243541 for CVE-2025-37949",
"url": "https://bugzilla.suse.com/1243541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37949"
},
{
"cve": "CVE-2025-37951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Add job to pending list if the reset was skipped\n\nWhen a CL/CSD job times out, we check if the GPU has made any progress\nsince the last timeout. If so, instead of resetting the hardware, we skip\nthe reset and let the timer get rearmed. This gives long-running jobs a\nchance to complete.\n\nHowever, when `timedout_job()` is called, the job in question is removed\nfrom the pending list, which means it won\u0027t be automatically freed through\n`free_job()`. Consequently, when we skip the reset and keep the job\nrunning, the job won\u0027t be freed when it finally completes.\n\nThis situation leads to a memory leak, as exposed in [1] and [2].\n\nSimilarly to commit 704d3d60fec4 (\"drm/etnaviv: don\u0027t block scheduler when\nGPU is still active\"), this patch ensures the job is put back on the\npending list when extending the timeout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37951",
"url": "https://www.suse.com/security/cve/CVE-2025-37951"
},
{
"category": "external",
"summary": "SUSE Bug 1243659 for CVE-2025-37951",
"url": "https://bugzilla.suse.com/1243659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37951"
},
{
"cve": "CVE-2025-37953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_deactivate() idempotent\n\nAlan reported a NULL pointer dereference in htb_next_rb_node()\nafter we made htb_qlen_notify() idempotent.\n\nIt turns out in the following case it introduced some regression:\n\nhtb_dequeue_tree():\n |-\u003e fq_codel_dequeue()\n |-\u003e qdisc_tree_reduce_backlog()\n |-\u003e htb_qlen_notify()\n |-\u003e htb_deactivate()\n |-\u003e htb_next_rb_node()\n |-\u003e htb_deactivate()\n\nFor htb_next_rb_node(), after calling the 1st htb_deactivate(), the\nclprio[prio]-\u003eptr could be already set to NULL, which means\nhtb_next_rb_node() is vulnerable here.\n\nFor htb_deactivate(), although we checked qlen before calling it, in\ncase of qlen==0 after qdisc_tree_reduce_backlog(), we may call it again\nwhich triggers the warning inside.\n\nTo fix the issues here, we need to:\n\n1) Make htb_deactivate() idempotent, that is, simply return if we\n already call it before.\n2) Make htb_next_rb_node() safe against ptr==NULL.\n\nMany thanks to Alan for testing and for the reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37953",
"url": "https://www.suse.com/security/cve/CVE-2025-37953"
},
{
"category": "external",
"summary": "SUSE Bug 1243543 for CVE-2025-37953",
"url": "https://bugzilla.suse.com/1243543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37953"
},
{
"cve": "CVE-2025-37954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Avoid race in open_cached_dir with lease breaks\n\nA pre-existing valid cfid returned from find_or_create_cached_dir might\nrace with a lease break, meaning open_cached_dir doesn\u0027t consider it\nvalid, and thinks it\u0027s newly-constructed. This leaks a dentry reference\nif the allocation occurs before the queued lease break work runs.\n\nAvoid the race by extending holding the cfid_list_lock across\nfind_or_create_cached_dir and when the result is checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37954",
"url": "https://www.suse.com/security/cve/CVE-2025-37954"
},
{
"category": "external",
"summary": "SUSE Bug 1243664 for CVE-2025-37954",
"url": "https://bugzilla.suse.com/1243664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37954"
},
{
"cve": "CVE-2025-37957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception\n\nPreviously, commit ed129ec9057f (\"KVM: x86: forcibly leave nested mode\non vCPU reset\") addressed an issue where a triple fault occurring in\nnested mode could lead to use-after-free scenarios. However, the commit\ndid not handle the analogous situation for System Management Mode (SMM).\n\nThis omission results in triggering a WARN when KVM forces a vCPU INIT\nafter SHUTDOWN interception while the vCPU is in SMM. This situation was\nreprodused using Syzkaller by:\n\n 1) Creating a KVM VM and vCPU\n 2) Sending a KVM_SMI ioctl to explicitly enter SMM\n 3) Executing invalid instructions causing consecutive exceptions and\n eventually a triple fault\n\nThe issue manifests as follows:\n\n WARNING: CPU: 0 PID: 25506 at arch/x86/kvm/x86.c:12112\n kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Modules linked in:\n CPU: 0 PID: 25506 Comm: syz-executor.0 Not tainted\n 6.1.130-syzkaller-00157-g164fe5dde9b6 #0\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),\n BIOS 1.12.0-1 04/01/2014\n RIP: 0010:kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Call Trace:\n \u003cTASK\u003e\n shutdown_interception+0x66/0xb0 arch/x86/kvm/svm/svm.c:2136\n svm_invoke_exit_handler+0x110/0x530 arch/x86/kvm/svm/svm.c:3395\n svm_handle_exit+0x424/0x920 arch/x86/kvm/svm/svm.c:3457\n vcpu_enter_guest arch/x86/kvm/x86.c:10959 [inline]\n vcpu_run+0x2c43/0x5a90 arch/x86/kvm/x86.c:11062\n kvm_arch_vcpu_ioctl_run+0x50f/0x1cf0 arch/x86/kvm/x86.c:11283\n kvm_vcpu_ioctl+0x570/0xf00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4122\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nArchitecturally, INIT is blocked when the CPU is in SMM, hence KVM\u0027s WARN()\nin kvm_vcpu_reset() to guard against KVM bugs, e.g. to detect improper\nemulation of INIT. SHUTDOWN on SVM is a weird edge case where KVM needs to\ndo _something_ sane with the VMCB, since it\u0027s technically undefined, and\nINIT is the least awful choice given KVM\u0027s ABI.\n\nSo, double down on stuffing INIT on SHUTDOWN, and force the vCPU out of\nSMM to avoid any weirdness (and the WARN).\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.\n\n[sean: massage changelog, make it clear this isn\u0027t architectural behavior]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37957",
"url": "https://www.suse.com/security/cve/CVE-2025-37957"
},
{
"category": "external",
"summary": "SUSE Bug 1243513 for CVE-2025-37957",
"url": "https://bugzilla.suse.com/1243513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37957"
},
{
"cve": "CVE-2025-37958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: fix dereferencing invalid pmd migration entry\n\nWhen migrating a THP, concurrent access to the PMD migration entry during\na deferred split scan can lead to an invalid address access, as\nillustrated below. To prevent this invalid access, it is necessary to\ncheck the PMD migration entry and return early. In this context, there is\nno need to use pmd_to_swp_entry and pfn_swap_entry_to_page to verify the\nequality of the target folio. Since the PMD migration entry is locked, it\ncannot be served as the target.\n\nMailing list discussion and explanation from Hugh Dickins: \"An anon_vma\nlookup points to a location which may contain the folio of interest, but\nmight instead contain another folio: and weeding out those other folios is\nprecisely what the \"folio != pmd_folio((*pmd)\" check (and the \"risk of\nreplacing the wrong folio\" comment a few lines above it) is for.\"\n\nBUG: unable to handle page fault for address: ffffea60001db008\nCPU: 0 UID: 0 PID: 2199114 Comm: tee Not tainted 6.14.0+ #4 NONE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:split_huge_pmd_locked+0x3b5/0x2b60\nCall Trace:\n\u003cTASK\u003e\ntry_to_migrate_one+0x28c/0x3730\nrmap_walk_anon+0x4f6/0x770\nunmap_folio+0x196/0x1f0\nsplit_huge_page_to_list_to_order+0x9f6/0x1560\ndeferred_split_scan+0xac5/0x12a0\nshrinker_debugfs_scan_write+0x376/0x470\nfull_proxy_write+0x15c/0x220\nvfs_write+0x2fc/0xcb0\nksys_write+0x146/0x250\ndo_syscall_64+0x6a/0x120\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe bug is found by syzkaller on an internal kernel, then confirmed on\nupstream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37958",
"url": "https://www.suse.com/security/cve/CVE-2025-37958"
},
{
"category": "external",
"summary": "SUSE Bug 1243539 for CVE-2025-37958",
"url": "https://bugzilla.suse.com/1243539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37958"
},
{
"cve": "CVE-2025-37959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Scrub packet on bpf_redirect_peer\n\nWhen bpf_redirect_peer is used to redirect packets to a device in\nanother network namespace, the skb isn\u0027t scrubbed. That can lead skb\ninformation from one namespace to be \"misused\" in another namespace.\n\nAs one example, this is causing Cilium to drop traffic when using\nbpf_redirect_peer to redirect packets that just went through IPsec\ndecryption to a container namespace. The following pwru trace shows (1)\nthe packet path from the host\u0027s XFRM layer to the container\u0027s XFRM\nlayer where it\u0027s dropped and (2) the number of active skb extensions at\neach function.\n\n NETNS MARK IFACE TUPLE FUNC\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm4_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 gro_cells_receive\n .active_extensions = (__u8)2,\n [...]\n 4026533547 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 skb_do_redirect\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv_core\n .active_extensions = (__u8)2,\n [...]\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 udp_queue_rcv_one_skb\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_policy_check\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 security_xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 kfree_skb_reason(SKB_DROP_REASON_XFRM_POLICY)\n .active_extensions = (__u8)2,\n\nIn this case, there are no XFRM policies in the container\u0027s network\nnamespace so the drop is unexpected. When we decrypt the IPsec packet,\nthe XFRM state used for decryption is set in the skb extensions. This\ninformation is preserved across the netns switch. When we reach the\nXFRM policy check in the container\u0027s netns, __xfrm_policy_check drops\nthe packet with LINUX_MIB_XFRMINNOPOLS because a (container-side) XFRM\npolicy can\u0027t be found that matches the (host-side) XFRM state used for\ndecryption.\n\nThis patch fixes this by scrubbing the packet when using\nbpf_redirect_peer, as is done on typical netns switches via veth\ndevices except skb-\u003emark and skb-\u003etstamp are not zeroed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37959",
"url": "https://www.suse.com/security/cve/CVE-2025-37959"
},
{
"category": "external",
"summary": "SUSE Bug 1243517 for CVE-2025-37959",
"url": "https://bugzilla.suse.com/1243517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37959"
},
{
"cve": "CVE-2025-37960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemblock: Accept allocated memory before use in memblock_double_array()\n\nWhen increasing the array size in memblock_double_array() and the slab\nis not yet available, a call to memblock_find_in_range() is used to\nreserve/allocate memory. However, the range returned may not have been\naccepted, which can result in a crash when booting an SNP guest:\n\n RIP: 0010:memcpy_orig+0x68/0x130\n Code: ...\n RSP: 0000:ffffffff9cc03ce8 EFLAGS: 00010006\n RAX: ff11001ff83e5000 RBX: 0000000000000000 RCX: fffffffffffff000\n RDX: 0000000000000bc0 RSI: ffffffff9dba8860 RDI: ff11001ff83e5c00\n RBP: 0000000000002000 R08: 0000000000000000 R09: 0000000000002000\n R10: 000000207fffe000 R11: 0000040000000000 R12: ffffffff9d06ef78\n R13: ff11001ff83e5000 R14: ffffffff9dba7c60 R15: 0000000000000c00\n memblock_double_array+0xff/0x310\n memblock_add_range+0x1fb/0x2f0\n memblock_reserve+0x4f/0xa0\n memblock_alloc_range_nid+0xac/0x130\n memblock_alloc_internal+0x53/0xc0\n memblock_alloc_try_nid+0x3d/0xa0\n swiotlb_init_remap+0x149/0x2f0\n mem_init+0xb/0xb0\n mm_core_init+0x8f/0x350\n start_kernel+0x17e/0x5d0\n x86_64_start_reservations+0x14/0x30\n x86_64_start_kernel+0x92/0xa0\n secondary_startup_64_no_verify+0x194/0x19b\n\nMitigate this by calling accept_memory() on the memory range returned\nbefore the slab is available.\n\nPrior to v6.12, the accept_memory() interface used a \u0027start\u0027 and \u0027end\u0027\nparameter instead of \u0027start\u0027 and \u0027size\u0027, therefore the accept_memory()\ncall must be adjusted to specify \u0027start + size\u0027 for \u0027end\u0027 when applying\nto kernels prior to v6.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37960",
"url": "https://www.suse.com/security/cve/CVE-2025-37960"
},
{
"category": "external",
"summary": "SUSE Bug 1243519 for CVE-2025-37960",
"url": "https://bugzilla.suse.com/1243519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37960"
},
{
"cve": "CVE-2025-37963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Only mitigate cBPF programs loaded by unprivileged users\n\nSupport for eBPF programs loaded by unprivileged users is typically\ndisabled. This means only cBPF programs need to be mitigated for BHB.\n\nIn addition, only mitigate cBPF programs that were loaded by an\nunprivileged user. Privileged users can also load the same program\nvia eBPF, making the mitigation pointless.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37963",
"url": "https://www.suse.com/security/cve/CVE-2025-37963"
},
{
"category": "external",
"summary": "SUSE Bug 1243660 for CVE-2025-37963",
"url": "https://bugzilla.suse.com/1243660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "low"
}
],
"title": "CVE-2025-37963"
},
{
"cve": "CVE-2025-37969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo\n\nPrevent st_lsm6dsx_read_tagged_fifo from falling in an infinite loop in\ncase pattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37969",
"url": "https://www.suse.com/security/cve/CVE-2025-37969"
},
{
"category": "external",
"summary": "SUSE Bug 1243574 for CVE-2025-37969",
"url": "https://bugzilla.suse.com/1243574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37969"
},
{
"cve": "CVE-2025-37970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo\n\nPrevent st_lsm6dsx_read_fifo from falling in an infinite loop in case\npattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37970",
"url": "https://www.suse.com/security/cve/CVE-2025-37970"
},
{
"category": "external",
"summary": "SUSE Bug 1243575 for CVE-2025-37970",
"url": "https://bugzilla.suse.com/1243575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37970"
},
{
"cve": "CVE-2025-37972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: mtk-pmic-keys - fix possible null pointer dereference\n\nIn mtk_pmic_keys_probe, the regs parameter is only set if the button is\nparsed in the device tree. However, on hardware where the button is left\nfloating, that node will most likely be removed not to enable that\ninput. In that case the code will try to dereference a null pointer.\n\nLet\u0027s use the regs struct instead as it is defined for all supported\nplatforms. Note that it is ok setting the key reg even if that latter is\ndisabled as the interrupt won\u0027t be enabled anyway.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37972",
"url": "https://www.suse.com/security/cve/CVE-2025-37972"
},
{
"category": "external",
"summary": "SUSE Bug 1243573 for CVE-2025-37972",
"url": "https://bugzilla.suse.com/1243573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37972"
},
{
"cve": "CVE-2025-37974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix missing check for zpci_create_device() error return\n\nThe zpci_create_device() function returns an error pointer that needs to\nbe checked before dereferencing it as a struct zpci_dev pointer. Add the\nmissing check in __clp_add() where it was missed when adding the\nscan_list in the fixed commit. Simply not adding the device to the scan\nlist results in the previous behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37974",
"url": "https://www.suse.com/security/cve/CVE-2025-37974"
},
{
"category": "external",
"summary": "SUSE Bug 1243547 for CVE-2025-37974",
"url": "https://bugzilla.suse.com/1243547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37974"
},
{
"cve": "CVE-2025-37978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: integrity: Do not call set_page_dirty_lock()\n\nPlacing multiple protection information buffers inside the same page\ncan lead to oopses because set_page_dirty_lock() can\u0027t be called from\ninterrupt context.\n\nSince a protection information buffer is not backed by a file there is\nno point in setting its page dirty, there is nothing to synchronize.\nDrop the call to set_page_dirty_lock() and remove the last argument to\nbio_integrity_unpin_bvec().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37978",
"url": "https://www.suse.com/security/cve/CVE-2025-37978"
},
{
"category": "external",
"summary": "SUSE Bug 1243516 for CVE-2025-37978",
"url": "https://bugzilla.suse.com/1243516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37978"
},
{
"cve": "CVE-2025-37979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: Fix sc7280 lpass potential buffer overflow\n\nCase values introduced in commit\n5f78e1fb7a3e (\"ASoC: qcom: Add driver support for audioreach solution\")\ncause out of bounds access in arrays of sc7280 driver data (e.g. in case\nof RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()).\n\nRedefine LPASS_MAX_PORTS to consider the maximum possible port id for\nq6dsp as sc7280 driver utilizes some of those values.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37979",
"url": "https://www.suse.com/security/cve/CVE-2025-37979"
},
{
"category": "external",
"summary": "SUSE Bug 1243545 for CVE-2025-37979",
"url": "https://bugzilla.suse.com/1243545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37979"
},
{
"cve": "CVE-2025-37980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix resource leak in blk_register_queue() error path\n\nWhen registering a queue fails after blk_mq_sysfs_register() is\nsuccessful but the function later encounters an error, we need\nto clean up the blk_mq_sysfs resources.\n\nAdd the missing blk_mq_sysfs_unregister() call in the error path\nto properly clean up these resources and prevent a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37980",
"url": "https://www.suse.com/security/cve/CVE-2025-37980"
},
{
"category": "external",
"summary": "SUSE Bug 1243522 for CVE-2025-37980",
"url": "https://bugzilla.suse.com/1243522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37980"
},
{
"cve": "CVE-2025-37982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wl1251: fix memory leak in wl1251_tx_work\n\nThe skb dequeued from tx_queue is lost when wl1251_ps_elp_wakeup fails\nwith a -ETIMEDOUT error. Fix that by queueing the skb back to tx_queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37982",
"url": "https://www.suse.com/security/cve/CVE-2025-37982"
},
{
"category": "external",
"summary": "SUSE Bug 1243524 for CVE-2025-37982",
"url": "https://bugzilla.suse.com/1243524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37982"
},
{
"cve": "CVE-2025-37983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqibfs: fix _another_ leak\n\nfailure to allocate inode =\u003e leaked dentry...\n\nthis one had been there since the initial merge; to be fair,\nif we are that far OOM, the odds of failing at that particular\nallocation are low...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37983",
"url": "https://www.suse.com/security/cve/CVE-2025-37983"
},
{
"category": "external",
"summary": "SUSE Bug 1243567 for CVE-2025-37983",
"url": "https://bugzilla.suse.com/1243567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37983"
},
{
"cve": "CVE-2025-37985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: wdm: close race between wdm_open and wdm_wwan_port_stop\n\nClearing WDM_WWAN_IN_USE must be the last action or\nwe can open a chardev whose URBs are still poisoned",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37985",
"url": "https://www.suse.com/security/cve/CVE-2025-37985"
},
{
"category": "external",
"summary": "SUSE Bug 1243529 for CVE-2025-37985",
"url": "https://bugzilla.suse.com/1243529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37985"
},
{
"cve": "CVE-2025-37986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Invalidate USB device pointers on partner unregistration\n\nTo avoid using invalid USB device pointers after a Type-C partner\ndisconnects, this patch clears the pointers upon partner unregistration.\nThis ensures a clean state for future connections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37986",
"url": "https://www.suse.com/security/cve/CVE-2025-37986"
},
{
"category": "external",
"summary": "SUSE Bug 1243515 for CVE-2025-37986",
"url": "https://bugzilla.suse.com/1243515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37986"
},
{
"cve": "CVE-2025-37989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: leds: fix memory leak\n\nA network restart test on a router led to an out-of-memory condition,\nwhich was traced to a memory leak in the PHY LED trigger code.\n\nThe root cause is misuse of the devm API. The registration function\n(phy_led_triggers_register) is called from phy_attach_direct, not\nphy_probe, and the unregister function (phy_led_triggers_unregister)\nis called from phy_detach, not phy_remove. This means the register and\nunregister functions can be called multiple times for the same PHY\ndevice, but devm-allocated memory is not freed until the driver is\nunbound.\n\nThis also prevents kmemleak from detecting the leak, as the devm API\ninternally stores the allocated pointer.\n\nFix this by replacing devm_kzalloc/devm_kcalloc with standard\nkzalloc/kcalloc, and add the corresponding kfree calls in the unregister\npath.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37989",
"url": "https://www.suse.com/security/cve/CVE-2025-37989"
},
{
"category": "external",
"summary": "SUSE Bug 1243511 for CVE-2025-37989",
"url": "https://bugzilla.suse.com/1243511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37989"
},
{
"cve": "CVE-2025-37990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()\n\nThe function brcmf_usb_dl_writeimage() calls the function\nbrcmf_usb_dl_cmd() but dose not check its return value. The\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized if the\nfunction brcmf_usb_dl_cmd() fails. It is dangerous to use\nuninitialized variables in the conditions.\n\nAdd error handling for brcmf_usb_dl_cmd() to jump to error\nhandling path if the brcmf_usb_dl_cmd() fails and the\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized.\n\nImprove the error message to report more detailed error\ninformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37990",
"url": "https://www.suse.com/security/cve/CVE-2025-37990"
},
{
"category": "external",
"summary": "SUSE Bug 1243528 for CVE-2025-37990",
"url": "https://bugzilla.suse.com/1243528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37990"
},
{
"cve": "CVE-2025-38104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV\n\nRLCG Register Access is a way for virtual functions to safely access GPU\nregisters in a virtualized environment., including TLB flushes and\nregister reads. When multiple threads or VFs try to access the same\nregisters simultaneously, it can lead to race conditions. By using the\nRLCG interface, the driver can serialize access to the registers. This\nmeans that only one thread can access the registers at a time,\npreventing conflicts and ensuring that operations are performed\ncorrectly. Additionally, when a low-priority task holds a mutex that a\nhigh-priority task needs, ie., If a thread holding a spinlock tries to\nacquire a mutex, it can lead to priority inversion. register access in\namdgpu_virt_rlcg_reg_rw especially in a fast code path is critical.\n\nThe call stack shows that the function amdgpu_virt_rlcg_reg_rw is being\ncalled, which attempts to acquire the mutex. This function is invoked\nfrom amdgpu_sriov_wreg, which in turn is called from\ngmc_v11_0_flush_gpu_tlb.\n\nThe [ BUG: Invalid wait context ] indicates that a thread is trying to\nacquire a mutex while it is in a context that does not allow it to sleep\n(like holding a spinlock).\n\nFixes the below:\n\n[ 253.013423] =============================\n[ 253.013434] [ BUG: Invalid wait context ]\n[ 253.013446] 6.12.0-amdstaging-drm-next-lol-050225 #14 Tainted: G U OE\n[ 253.013464] -----------------------------\n[ 253.013475] kworker/0:1/10 is trying to lock:\n[ 253.013487] ffff9f30542e3cf8 (\u0026adev-\u003evirt.rlcg_reg_lock){+.+.}-{3:3}, at: amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.013815] other info that might help us debug this:\n[ 253.013827] context-{4:4}\n[ 253.013835] 3 locks held by kworker/0:1/10:\n[ 253.013847] #0: ffff9f3040050f58 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x3f5/0x680\n[ 253.013877] #1: ffffb789c008be40 ((work_completion)(\u0026wfc.work)){+.+.}-{0:0}, at: process_one_work+0x1d6/0x680\n[ 253.013905] #2: ffff9f3054281838 (\u0026adev-\u003egmc.invalidate_lock){+.+.}-{2:2}, at: gmc_v11_0_flush_gpu_tlb+0x198/0x4f0 [amdgpu]\n[ 253.014154] stack backtrace:\n[ 253.014164] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G U OE 6.12.0-amdstaging-drm-next-lol-050225 #14\n[ 253.014189] Tainted: [U]=USER, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n[ 253.014203] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/18/2024\n[ 253.014224] Workqueue: events work_for_cpu_fn\n[ 253.014241] Call Trace:\n[ 253.014250] \u003cTASK\u003e\n[ 253.014260] dump_stack_lvl+0x9b/0xf0\n[ 253.014275] dump_stack+0x10/0x20\n[ 253.014287] __lock_acquire+0xa47/0x2810\n[ 253.014303] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014321] lock_acquire+0xd1/0x300\n[ 253.014333] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014562] ? __lock_acquire+0xa6b/0x2810\n[ 253.014578] __mutex_lock+0x85/0xe20\n[ 253.014591] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014782] ? sched_clock_noinstr+0x9/0x10\n[ 253.014795] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014808] ? local_clock_noinstr+0xe/0xc0\n[ 253.014822] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015012] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.015029] mutex_lock_nested+0x1b/0x30\n[ 253.015044] ? mutex_lock_nested+0x1b/0x30\n[ 253.015057] amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015249] amdgpu_sriov_wreg+0xc5/0xd0 [amdgpu]\n[ 253.015435] gmc_v11_0_flush_gpu_tlb+0x44b/0x4f0 [amdgpu]\n[ 253.015667] gfx_v11_0_hw_init+0x499/0x29c0 [amdgpu]\n[ 253.015901] ? __pfx_smu_v13_0_update_pcie_parameters+0x10/0x10 [amdgpu]\n[ 253.016159] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.016173] ? smu_hw_init+0x18d/0x300 [amdgpu]\n[ 253.016403] amdgpu_device_init+0x29ad/0x36a0 [amdgpu]\n[ 253.016614] amdgpu_driver_load_kms+0x1a/0xc0 [amdgpu]\n[ 253.0170\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38104",
"url": "https://www.suse.com/security/cve/CVE-2025-38104"
},
{
"category": "external",
"summary": "SUSE Bug 1241635 for CVE-2025-38104",
"url": "https://bugzilla.suse.com/1241635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-38104"
},
{
"cve": "CVE-2025-38152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Clear table_sz when rproc_shutdown\n\nThere is case as below could trigger kernel dump:\nUse U-Boot to start remote processor(rproc) with resource table\npublished to a fixed address by rproc. After Kernel boots up,\nstop the rproc, load a new firmware which doesn\u0027t have resource table\n,and start rproc.\n\nWhen starting rproc with a firmware not have resource table,\n`memcpy(loaded_table, rproc-\u003ecached_table, rproc-\u003etable_sz)` will\ntrigger dump, because rproc-\u003ecache_table is set to NULL during the last\nstop operation, but rproc-\u003etable_sz is still valid.\n\nThis issue is found on i.MX8MP and i.MX9.\n\nDump as below:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af63000\n[0000000000000000] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in:\nCPU: 2 UID: 0 PID: 1060 Comm: sh Not tainted 6.14.0-rc7-next-20250317-dirty #38\nHardware name: NXP i.MX8MPlus EVK board (DT)\npstate: a0000005 (NzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __pi_memcpy_generic+0x110/0x22c\nlr : rproc_start+0x88/0x1e0\nCall trace:\n __pi_memcpy_generic+0x110/0x22c (P)\n rproc_boot+0x198/0x57c\n state_store+0x40/0x104\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x7c/0x94\n kernfs_fop_write_iter+0x120/0x1cc\n vfs_write+0x240/0x378\n ksys_write+0x70/0x108\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xcc\n el0t_64_sync_handler+0x10c/0x138\n el0t_64_sync+0x198/0x19c\n\nClear rproc-\u003etable_sz to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38152",
"url": "https://www.suse.com/security/cve/CVE-2025-38152"
},
{
"category": "external",
"summary": "SUSE Bug 1241627 for CVE-2025-38152",
"url": "https://bugzilla.suse.com/1241627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-38152"
},
{
"cve": "CVE-2025-38240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38240"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr\n\nThe function mtk_dp_wait_hpd_asserted() may be called before the\n`mtk_dp-\u003edrm_dev` pointer is assigned in mtk_dp_bridge_attach().\nSpecifically it can be called via this callpath:\n - mtk_edp_wait_hpd_asserted\n - [panel probe]\n - dp_aux_ep_probe\n\nUsing \"drm\" level prints anywhere in this callpath causes a NULL\npointer dereference. Change the error message directly in\nmtk_dp_wait_hpd_asserted() to dev_err() to avoid this. Also change the\nerror messages in mtk_dp_parse_capabilities(), which is called by\nmtk_dp_wait_hpd_asserted().\n\nWhile touching these prints, also add the error code to them to make\nfuture debugging easier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38240",
"url": "https://www.suse.com/security/cve/CVE-2025-38240"
},
{
"category": "external",
"summary": "SUSE Bug 1241457 for CVE-2025-38240",
"url": "https://bugzilla.suse.com/1241457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-38240"
},
{
"cve": "CVE-2025-38637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: skbprio: Remove overly strict queue assertions\n\nIn the current implementation, skbprio enqueue/dequeue contains an assertion\nthat fails under certain conditions when SKBPRIO is used as a child qdisc under\nTBF with specific parameters. The failure occurs because TBF sometimes peeks at\npackets in the child qdisc without actually dequeuing them when tokens are\nunavailable.\n\nThis peek operation creates a discrepancy between the parent and child qdisc\nqueue length counters. When TBF later receives a high-priority packet,\nSKBPRIO\u0027s queue length may show a different value than what\u0027s reflected in its\ninternal priority queue tracking, triggering the assertion.\n\nThe fix removes this overly strict assertions in SKBPRIO, they are not\nnecessary at all.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38637",
"url": "https://www.suse.com/security/cve/CVE-2025-38637"
},
{
"category": "external",
"summary": "SUSE Bug 1241657 for CVE-2025-38637",
"url": "https://bugzilla.suse.com/1241657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-38637"
},
{
"cve": "CVE-2025-39735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix slab-out-of-bounds read in ea_get()\n\nDuring the \"size_check\" label in ea_get(), the code checks if the extended\nattribute list (xattr) size matches ea_size. If not, it logs\n\"ea_get: invalid extended attribute\" and calls print_hex_dump().\n\nHere, EALIST_SIZE(ea_buf-\u003exattr) returns 4110417968, which exceeds\nINT_MAX (2,147,483,647). Then ea_size is clamped:\n\n\tint size = clamp_t(int, ea_size, 0, EALIST_SIZE(ea_buf-\u003exattr));\n\nAlthough clamp_t aims to bound ea_size between 0 and 4110417968, the upper\nlimit is treated as an int, causing an overflow above 2^31 - 1. This leads\n\"size\" to wrap around and become negative (-184549328).\n\nThe \"size\" is then passed to print_hex_dump() (called \"len\" in\nprint_hex_dump()), it is passed as type size_t (an unsigned\ntype), this is then stored inside a variable called\n\"int remaining\", which is then assigned to \"int linelen\" which\nis then passed to hex_dump_to_buffer(). In print_hex_dump()\nthe for loop, iterates through 0 to len-1, where len is\n18446744073525002176, calling hex_dump_to_buffer()\non each iteration:\n\n\tfor (i = 0; i \u003c len; i += rowsize) {\n\t\tlinelen = min(remaining, rowsize);\n\t\tremaining -= rowsize;\n\n\t\thex_dump_to_buffer(ptr + i, linelen, rowsize, groupsize,\n\t\t\t\t linebuf, sizeof(linebuf), ascii);\n\n\t\t...\n\t}\n\nThe expected stopping condition (i \u003c len) is effectively broken\nsince len is corrupted and very large. This eventually leads to\nthe \"ptr+i\" being passed to hex_dump_to_buffer() to get closer\nto the end of the actual bounds of \"ptr\", eventually an out of\nbounds access is done in hex_dump_to_buffer() in the following\nfor loop:\n\n\tfor (j = 0; j \u003c len; j++) {\n\t\t\tif (linebuflen \u003c lx + 2)\n\t\t\t\tgoto overflow2;\n\t\t\tch = ptr[j];\n\t\t...\n\t}\n\nTo fix this we should validate \"EALIST_SIZE(ea_buf-\u003exattr)\"\nbefore it is utilised.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39735",
"url": "https://www.suse.com/security/cve/CVE-2025-39735"
},
{
"category": "external",
"summary": "SUSE Bug 1241625 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "external",
"summary": "SUSE Bug 1241699 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "important"
}
],
"title": "CVE-2025-39735"
},
{
"cve": "CVE-2025-40014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq()\n\nIf speed_hz \u003c AMD_SPI_MIN_HZ, amd_set_spi_freq() iterates over the\nentire amd_spi_freq array without breaking out early, causing \u0027i\u0027 to go\nbeyond the array bounds.\n\nFix that by stopping the loop when it gets to the last entry, so the low\nspeed_hz value gets clamped up to AMD_SPI_MIN_HZ.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/spi/spi-amd.o: error: objtool: amd_set_spi_freq() falls through to next function amd_spi_set_opcode()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40014",
"url": "https://www.suse.com/security/cve/CVE-2025-40014"
},
{
"category": "external",
"summary": "SUSE Bug 1241644 for CVE-2025-40014",
"url": "https://bugzilla.suse.com/1241644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-40014"
},
{
"cve": "CVE-2025-40325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: wait barrier before returning discard request with REQ_NOWAIT\n\nraid10_handle_discard should wait barrier before returning a discard bio\nwhich has REQ_NOWAIT. And there is no need to print warning calltrace\nif a discard bio has REQ_NOWAIT flag. Quality engineer usually checks\ndmesg and reports error if dmesg has warning/error calltrace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40325",
"url": "https://www.suse.com/security/cve/CVE-2025-40325"
},
{
"category": "external",
"summary": "SUSE Bug 1241638 for CVE-2025-40325",
"url": "https://bugzilla.suse.com/1241638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-40325"
}
]
}
suse-su-2025:20413-1
Vulnerability from csaf_suse
Published
2025-06-16 15:33
Modified
2025-06-16 15:33
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21868: kABI workaround for adding an header (bsc#1240180).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-21938: mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr (bsc#1240723).
- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related
to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).
- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).
- CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946).
- CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982).
- CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37874: net: ngbe: fix memory leak in ngbe_probe() error path (bsc#1242940).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475).
- CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628).
- CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value (bsc#1243537).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572).
- CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542).
- CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
The following non-security bugs were fixed:
- ACPI: HED: Always initialize before evged (stable-fixes).
- ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions" (git-fixes).
- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- ACPICA: Utilities: Fix spelling mistake "Incremement" -> "Increment" (git-fixes).
- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).
- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).
- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
- ALSA: seq: Improve data consistency at polling (stable-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).
- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).
- ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation type (git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).
- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).
- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).
- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).
- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).
- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).
- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).
- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).
- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).
- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).
- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).
- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).
- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).
- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).
- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).
- ASoC: tas2764: Enable main IRQs (git-fixes).
- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).
- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).
- ASoC: tas2764: Reinit cache on part reset (git-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).
- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).
- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).
- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).
- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).
- Documentation: fix typo in root= kernel parameter description (git-fixes).
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).
- Drop AMDGPU patch that may cause regressions (bsc#1243782)
- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).
- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).
- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).
- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
- Input: xpad - add more controllers (stable-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
- KVM: arm64: Mark some header functions as inline (git-fixes).
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).
- KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199).
- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
- KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).
- KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
- Move upstreamed patches into sorted section
- Move upstreamed tpm patch into sorted section
- NFS: Do not allow waiting for exiting tasks (git-fixes).
- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (git-fixes).
- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
- NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes).
- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
- NFSv4: Treat ENETUNREACH errors as fatal for state recovery (git-fixes).
- PCI/DPC: Initialize aer_err_info before using it (git-fixes).
- PCI: Explicitly put devices into D0 when initializing (git-fixes).
- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).
- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).
- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).
- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).
- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: cadence: Fix runtime atomic count underflow (git-fixes).
- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).
- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).
- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).
- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).
- PM: sleep: Print PM debug messages during hibernation (git-fixes).
- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem (git-fixes)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- RDMA/rxe: Fix "trying to register non-static key in rxe_qp_do_cleanup" bug (git-fixes)
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- Refresh fixes for cBPF issue (bsc#1242778)
- Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first" (stable-fixes).
- Revert "drm/amd: Keep display off while going into S4" (git-fixes).
- Revert "drm/amd: Stop evicting resources on APUs in suspend" (stable-fixes).
- Revert "drm/amdgpu: do not allow userspace to create a doorbell BO" (stable-fixes).
- Revert "rndis_host: Flag RNDIS modems as WWAN devices" (git-fixes).
- Revert "wifi: mt76: mt7996: fill txd by host driver" (stable-fixes).
- SUNRPC: Do not allow waiting for exiting tasks (git-fixes).
- SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes).
- SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git-fixes).
- SUNRPC: rpcbind should never reset the port to the value '0' (git-fixes).
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).
- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
- afs: Make it possible to find the volumes that are using a server (git-fixes).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- arm64: insn: Add support for encoding DSB (git-fixes)
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).
- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).
- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).
- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).
- bus: fsl-mc: fix double-free on mc_dev (git-fixes).
- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- can: bcm: add missing rcu read protection for procfs content (git-fixes).
- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).
- can: slcan: allow reception of short error messages (git-fixes).
- check-for-config-changes: Fix flag name typo
- cifs: change tcon status when need_reconnect is set on it (git-fixes).
- cifs: reduce warning log level for server not advertising interfaces (git-fixes).
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- crypto: lrw - Only add ecb if it is not already there (git-fixes).
- crypto: lzo - Fix compression buffer overrun (stable-fixes).
- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).
- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).
- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).
- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).
- crypto: qat - add shutdown handler to qat_420xx (git-fixes).
- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).
- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).
- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).
- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).
- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).
- crypto: xts - Only add ecb if it is not already there (git-fixes).
- devlink: fix port new reply cmd type (git-fixes).
- dlm: mask sk_shutdown value (bsc#1228854).
- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).
- dm-integrity: fix a warning on invalid table line (git-fixes).
- dma-buf: insert memory barrier before updating num_fences (git-fixes).
- dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" (git-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).
- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).
- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).
- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).
- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).
- drm/amd/display: Increase block_sequence array size (stable-fixes).
- drm/amd/display: Initial psr_version with correct setting (stable-fixes).
- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).
- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).
- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).
- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).
- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).
- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).
- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- drm/amdgpu: reset psp->cmd to NULL after releasing the buffer (stable-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).
- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).
- drm/ast: Find VBIOS mode from regular display size (stable-fixes).
- drm/ast: Fix comment on modeset lock (git-fixes).
- drm/atomic: clarify the rules around drm_atomic_state->allow_modeset (stable-fixes).
- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).
- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).
- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).
- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).
- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).
- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).
- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).
- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).
- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).
- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).
- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).
- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).
- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).
- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).
- drm/tegra: Assign plane type before registration (git-fixes).
- drm/tegra: Fix a possible null pointer dereference (git-fixes).
- drm/tegra: rgb: Fix the unbound reference count (git-fixes).
- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).
- drm/v3d: Add clock handling (stable-fixes).
- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
- drm/vc4: tests: Use return instead of assert (git-fixes).
- drm/vkms: Adjust vkms_state->active_planes allocation type (git-fixes).
- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).
- drm: Add valid clones check (stable-fixes).
- drm: bridge: adv7511: fill stream capabilities (stable-fixes).
- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).
- exfat: fix potential wrong error return from get_block (git-fixes).
- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).
- fbdev/efifb: Remove PM for parent device (bsc#1244261).
- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).
- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).
- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).
- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).
- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).
- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).
- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).
- fpga: altera-cvp: Increase credit timeout (stable-fixes).
- fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes).
- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).
- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).
- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).
- gpiolib: Revert "Do not WARN on gpiod_put() for optional GPIO" (stable-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).
- hwmon: (dell-smm) Increment the number of fans (stable-fixes).
- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).
- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).
- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).
- i2c: pxa: fix call balance of i2c->clk handling routines (stable-fixes).
- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).
- i2c: tegra: check msg length in SMBUS block read (bsc#1242086)
- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).
- i3c: master: svc: Fix missing STOP for master request (stable-fixes).
- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).
- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).
- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).
- iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes).
- iio: filter: admv8818: fix band 4, state 15 (git-fixes).
- iio: filter: admv8818: fix integer overflow (git-fixes).
- iio: filter: admv8818: fix range calculation (git-fixes).
- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).
- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).
- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).
- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
- intel_th: avoid using deprecated page->mapping, index fields (stable-fixes).
- iommu: Protect against overflow in iommu_pgsize() (git-fixes).
- ip6mr: fix tables suspicious RCU usage (git-fixes).
- ip_tunnel: annotate data-races around t->parms.link (git-fixes).
- ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes).
- ipmr: fix tables suspicious RCU usage (git-fixes).
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- ipv4: Convert ip_route_input() to dscp_t (git-fixes).
- ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes).
- ipv4: Fix incorrect source address in Record Route option (git-fixes).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).
- ipv4: fix source address selection with route leak (git-fixes).
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes). Both spellings are actually used
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
- ipv6: Align behavior across nexthops during path selection (git-fixes).
- ipv6: Do not consider link down nexthops in path selection (git-fixes).
- ipv6: Start path selection from the first nexthop (git-fixes).
- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).
- ipv6: save dontfrag in cork (git-fixes).
- ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes).
- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).
- jffs2: check that raw node were preallocated before writing summary (git-fixes).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).
- kABI: ipv6: save dontfrag in cork (git-fixes).
- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: aio inherit the ioprio of original request (git-fixes).
- loop: do not require ->write_iter for writable files in loop_configure (git-fixes).
- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).
- md/raid1,raid10: do not ignore IO flags (git-fixes).
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- md: add a new callback pers->bitmap_sector() (git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md: preserve KABI in struct md_personality v2 (git-fixes).
- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).
- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).
- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).
- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).
- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).
- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).
- media: cx231xx: set device_caps for 417 (stable-fixes).
- media: cxusb: no longer judge rbuf when the write fails (git-fixes).
- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).
- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).
- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).
- media: imx-jpeg: Cleanup after an allocation error (git-fixes).
- media: imx-jpeg: Drop the first error frames (git-fixes).
- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).
- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).
- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).
- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).
- media: ov5675: suppress probe deferral errors (git-fixes).
- media: ov8856: suppress probe deferral errors (git-fixes).
- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).
- media: rkvdec: Fix frame size enumeration (git-fixes).
- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).
- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).
- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).
- media: uvcvideo: Fix deferred probing error (git-fixes).
- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).
- media: uvcvideo: Return the number of processed controls (git-fixes).
- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).
- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).
- media: venus: Fix probe error handling (git-fixes).
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).
- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).
- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).
- media: vivid: Change the siize of the composing (git-fixes).
- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).
- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).
- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).
- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).
- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).
- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).
- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).
- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).
- neighbour: Do not let neigh_forced_gc() disable preemption for long (git-fixes).
- neighbour: delete redundant judgment statements (git-fixes).
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).
- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
- net/neighbor: clear error in case strict check is not set (git-fixes).
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).
- net: Handle napi_schedule() calls from non-interrupt (git-fixes).
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).
- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes).
- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
- net: add rcu safety to rtnl_prop_list_size() (git-fixes).
- net: do not dump stack on queue timeout (git-fixes).
- net: fix udp gso skb_segment after pull from frag_list (git-fixes).
- net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes).
- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
- net: ipv4: fix a memleak in ip_setup_cork (git-fixes).
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- net: linkwatch: use system_unbound_wq (git-fixes).
- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
- net: page_pool: fix warning code (git-fixes).
- net: phy: clear phydev->devlink when the link is deleted (git-fixes).
- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).
- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).
- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).
- net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes).
- net: sched: consistently use rcu_replace_pointer() in taprio_change() (git-fixes).
- net: sched: em_text: fix possible memory leak in em_text_destroy() (git-fixes).
- net: sched: fix erspan_opt settings in cls_flower (git-fixes).
- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).
- net: usb: aqc111: debug info before sanitation (git-fixes).
- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).
- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).
- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)
- netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- netpoll: Ensure clean state on setup failures (git-fixes).
- netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes).
- netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).
- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).
- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).
- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
- nvme: multipath: fix return value of nvme_available_path (git-fixes).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvme: unblock ctrl state transition for firmware update (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).
- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
- orangefs: Do not truncate file size (git-fixes).
- pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes).
- padata: do not leak refcount in reorder_work (git-fixes).
- page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes).
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).
- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).
- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).
- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).
- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).
- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (git-fixes).
- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).
- pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned" (stable-fixes).
- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).
- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).
- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).
- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).
- power: reset: at91-reset: Optimize at91_reset() (git-fixes).
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199).
- pstore: Change kmsg_bytes storage size to u32 (git-fixes).
- qibfs: fix _another_ leak (git-fixes)
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- rcu: Introduce rcu_cpu_online() (git-fixes)
- regulator: ad5398: Add device tree support (stable-fixes).
- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).
- regulator: max20086: Change enable gpio to optional (git-fixes).
- regulator: max20086: Fix MAX200086 chip id (git-fixes).
- regulator: max20086: fix invalid memory access (git-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rtc: Fix offset calculation for .start_secs < 0 (git-fixes).
- rtc: at91rm9200: drop unused module alias (git-fixes).
- rtc: cpcap: drop unused module alias (git-fixes).
- rtc: da9063: drop unused module alias (git-fixes).
- rtc: ds1307: stop disabling alarms on probe (stable-fixes).
- rtc: jz4740: drop unused module alias (git-fixes).
- rtc: pm8xxx: drop unused module alias (git-fixes).
- rtc: rv3032: fix EERD location (stable-fixes).
- rtc: s3c: drop unused module alias (git-fixes).
- rtc: sh: assign correct interrupts with DT (git-fixes).
- rtc: stm32: drop unused module alias (git-fixes).
- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).
- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).
- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).
- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).
- s390/pci: Serialize device addition and removal (bsc#1244145).
- s390/pci: introduce lock to synchronize state of zpci_dev's (jsc#PED-10253 bsc#1244145).
- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).
- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).
- scsi: Improve CDL control (git-fixes).
- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).
- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).
- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).
- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).
- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).
- serial: sh-sci: Save and restore more registers (git-fixes).
- serial: sh-sci: Update the suspend/resume support (stable-fixes).
- smb3: fix Open files on server counter going negative (git-fixes).
- smb: client: Use str_yes_no() helper function (git-fixes).
- smb: client: allow more DFS referrals to be cached (git-fixes).
- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).
- smb: client: do not retry DFS targets on server shutdown (git-fixes).
- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).
- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).
- smb: client: fix DFS interlink failover (git-fixes).
- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- smb: client: fix return value of parse_dfs_referrals() (git-fixes).
- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).
- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).
- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).
- smb: client: improve purging of cached referrals (git-fixes).
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- smb: client: optimize referral walk on failed link targets (git-fixes).
- smb: client: parse DNS domain name from domain= option (git-fixes).
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- smb: client: refresh referral without acquiring refpath_lock (git-fixes).
- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).
- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).
- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).
- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).
- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).
- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).
- spi-rockchip: Fix register out of bounds access (stable-fixes).
- spi: bcm63xx-hsspi: fix shared reset (git-fixes).
- spi: bcm63xx-spi: fix shared reset (git-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
- spi: spi-sun4i: fix early activation (stable-fixes).
- spi: tegra114: Use value to check for invalid delays (git-fixes).
- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).
- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).
- spi: tegra210-quad: remove redundant error handling code (git-fixes).
- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).
- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (git-fixes).
- tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (git-fixes).
- tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes).
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).
- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
- tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).
- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).
- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).
- thunderbolt: Fix a logic error in wake on connect (git-fixes).
- udp: annotate data-races around up->pending (git-fixes).
- udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (git-fixes).
- udp: fix receiving fraglist GSO packets (git-fixes).
- udp: preserve the connected status if only UDP cmsg (git-fixes).
- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).
- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).
- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).
- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).
- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).
- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).
- usb: usbtmc: Fix timeout value in get_stb (git-fixes).
- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).
- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).
- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).
- virtio_console: fix missing byte order handling for cols and rows (git-fixes).
- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).
- watchdog: exar: Shorten identity name to fit correctly (git-fixes).
- wifi: ath11k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath11k: fix ring-buffer corruption (git-fixes).
- wifi: ath11k: fix rx completion meta data corruption (git-fixes).
- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).
- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).
- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).
- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).
- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).
- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).
- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).
- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).
- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).
- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).
- wifi: ath12k: fix cleanup path after mhi init (git-fixes).
- wifi: ath12k: fix invalid access to memory (git-fixes).
- wifi: ath12k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath12k: fix ring-buffer corruption (git-fixes).
- wifi: ath9k: return by of_get_mac_address (stable-fixes).
- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).
- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).
- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).
- wifi: iwlwifi: fix debug actions order (stable-fixes).
- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).
- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).
- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).
- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).
- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).
- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).
- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).
- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).
- wifi: mt76: mt7996: revise TXS size (stable-fixes).
- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).
- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).
- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).
- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).
- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).
- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (git-fixes).
- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).
- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).
- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).
- wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet (stable-fixes).
- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).
- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).
- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in
mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).
- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).
- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).
- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- xenfs/xensyms: respect hypervisor's "next" indication (git-fixes).
- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
- xhci: split free interrupter into separate remove and free parts (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- xsk: Do not assume metadata is always requested in TX completion (git-fixes).
- xsk: always clear DMA mapping information when unmapping the pool (git-fixes).
Patchnames
SUSE-SLE-Micro-6.0-kernel-42
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).\n- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).\n- CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728).\n- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).\n- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).\n- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).\n- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1237312).\n- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).\n- CVE-2025-21814: ptp: Ensure info-\u003eenable callback is always set (bsc#1238473).\n- CVE-2025-21868: kABI workaround for adding an header (bsc#1240180).\n- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).\n- CVE-2025-21938: mptcp: fix \u0027scheduling while atomic\u0027 in mptcp_pm_nl_append_new_local_addr (bsc#1240723).\n- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).\n- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).\n- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).\n- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).\n- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).\n- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).\n- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).\n- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).\n- CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617).\n- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).\n- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).\n- CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573).\n- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related\n to the scp device in FW initialization (bsc#1242507).\n- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).\n- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).\n- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).\n- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).\n- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).\n- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).\n- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).\n- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).\n- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).\n- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).\n- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).\n- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).\n- CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850).\n- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).\n- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).\n- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).\n- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).\n- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).\n- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).\n- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).\n- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).\n- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).\n- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).\n- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).\n- CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946).\n- CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982).\n- CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954).\n- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).\n- CVE-2025-37874: net: ngbe: fix memory leak in ngbe_probe() error path (bsc#1242940).\n- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).\n- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).\n- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).\n- CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475).\n- CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628).\n- CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU\u0027s value (bsc#1243537).\n- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).\n- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).\n- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).\n- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).\n- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).\n- CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572).\n- CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571).\n- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).\n- CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542).\n- CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836).\n- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).\n- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).\n\nThe following non-security bugs were fixed:\n\n- ACPI: HED: Always initialize before evged (stable-fixes).\n- ACPI: OSI: Stop advertising support for \"3.0 _SCP Extensions\" (git-fixes).\n- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).\n- ACPI: PPTT: Fix processor subtable walk (git-fixes).\n- ACPICA: Utilities: Fix spelling mistake \"Incremement\" -\u003e \"Increment\" (git-fixes).\n- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).\n- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).\n- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).\n- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).\n- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).\n- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).\n- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).\n- ALSA: seq: Improve data consistency at polling (stable-fixes).\n- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).\n- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).\n- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).\n- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).\n- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).\n- ASoC: SOF: ipc4-pcm: Adjust pipeline_list-\u003epipelines allocation type (git-fixes).\n- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).\n- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).\n- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).\n- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).\n- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).\n- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).\n- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).\n- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).\n- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).\n- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).\n- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).\n- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).\n- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).\n- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).\n- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).\n- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).\n- ASoC: tas2764: Enable main IRQs (git-fixes).\n- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).\n- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).\n- ASoC: tas2764: Reinit cache on part reset (git-fixes).\n- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).\n- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).\n- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).\n- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).\n- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).\n- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).\n- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).\n- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).\n- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).\n- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).\n- Documentation: fix typo in root= kernel parameter description (git-fixes).\n- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).\n- Drop AMDGPU patch that may cause regressions (bsc#1243782)\n- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).\n- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).\n- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).\n- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).\n- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).\n- IB/cm: use rwlock for MAD agent lock (git-fixes)\n- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).\n- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).\n- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).\n- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).\n- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).\n- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).\n- Input: xpad - add more controllers (stable-fixes).\n- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).\n- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).\n- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).\n- KVM: SVM: Drop DEBUGCTL[5:2] from guest\u0027s effective value (git-fixes).\n- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).\n- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).\n- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).\n- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).\n- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).\n- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).\n- KVM: arm64: Mark some header functions as inline (git-fixes).\n- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).\n- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).\n- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).\n- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).\n- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).\n- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).\n- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).\n- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).\n- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).\n- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).\n- KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199).\n- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).\n- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).\n- KVM: x86/xen: Use guest\u0027s copy of pvclock when starting timer (git-fixes).\n- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).\n- KVM: x86: Do not take kvm-\u003elock when iterating over vCPUs in suspend notifier (git-fixes).\n- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).\n- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn\u0027t supported by KVM (git-fixes).\n- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).\n- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).\n- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).\n- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).\n- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).\n- Move upstreamed patches into sorted section\n- Move upstreamed tpm patch into sorted section\n- NFS: Do not allow waiting for exiting tasks (git-fixes).\n- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).\n- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).\n- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn\u0027t up (git-fixes).\n- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).\n- NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes).\n- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).\n- NFSv4: Treat ENETUNREACH errors as fatal for state recovery (git-fixes).\n- PCI/DPC: Initialize aer_err_info before using it (git-fixes).\n- PCI: Explicitly put devices into D0 when initializing (git-fixes).\n- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).\n- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).\n- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).\n- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).\n- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).\n- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).\n- PCI: cadence: Fix runtime atomic count underflow (git-fixes).\n- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).\n- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).\n- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).\n- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).\n- PM: sleep: Print PM debug messages during hibernation (git-fixes).\n- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).\n- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)\n- RDMA/core: Fix \"KASAN: slab-use-after-free Read in ib_register_device\" problem (git-fixes)\n- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)\n- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)\n- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)\n- RDMA/rxe: Fix \"trying to register non-static key in rxe_qp_do_cleanup\" bug (git-fixes)\n- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)\n- Refresh fixes for cBPF issue (bsc#1242778)\n- Revert \"bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first\" (stable-fixes).\n- Revert \"drm/amd: Keep display off while going into S4\" (git-fixes).\n- Revert \"drm/amd: Stop evicting resources on APUs in suspend\" (stable-fixes).\n- Revert \"drm/amdgpu: do not allow userspace to create a doorbell BO\" (stable-fixes).\n- Revert \"rndis_host: Flag RNDIS modems as WWAN devices\" (git-fixes).\n- Revert \"wifi: mt76: mt7996: fill txd by host driver\" (stable-fixes).\n- SUNRPC: Do not allow waiting for exiting tasks (git-fixes).\n- SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes).\n- SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git-fixes).\n- SUNRPC: rpcbind should never reset the port to the value \u00270\u0027 (git-fixes).\n- Squashfs: check return result of sb_min_blocksize (git-fixes).\n- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).\n- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).\n- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).\n- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).\n- add bug reference for an existing hv_netvsc change (bsc#1243737).\n- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).\n- afs: Make it possible to find the volumes that are using a server (git-fixes).\n- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)\n- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)\n- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)\n- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)\n- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)\n- arm64: insn: Add support for encoding DSB (git-fixes)\n- arm64: proton-pack: Add new CPUs \u0027k\u0027 values for branch mitigation (git-fixes)\n- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)\n- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)\n- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).\n- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).\n- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).\n- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).\n- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).\n- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).\n- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).\n- bpf: Scrub packet on bpf_redirect_peer (git-fixes).\n- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).\n- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).\n- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).\n- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).\n- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).\n- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).\n- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).\n- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).\n- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).\n- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).\n- bus: fsl-mc: fix double-free on mc_dev (git-fixes).\n- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).\n- can: bcm: add locking for bcm_op runtime updates (git-fixes).\n- can: bcm: add missing rcu read protection for procfs content (git-fixes).\n- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).\n- can: slcan: allow reception of short error messages (git-fixes).\n- check-for-config-changes: Fix flag name typo\n- cifs: change tcon status when need_reconnect is set on it (git-fixes).\n- cifs: reduce warning log level for server not advertising interfaces (git-fixes).\n- crypto: algif_hash - fix double free in hash_accept (git-fixes).\n- crypto: lrw - Only add ecb if it is not already there (git-fixes).\n- crypto: lzo - Fix compression buffer overrun (stable-fixes).\n- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).\n- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).\n- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).\n- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).\n- crypto: qat - add shutdown handler to qat_420xx (git-fixes).\n- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).\n- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).\n- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).\n- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).\n- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).\n- crypto: xts - Only add ecb if it is not already there (git-fixes).\n- devlink: fix port new reply cmd type (git-fixes).\n- dlm: mask sk_shutdown value (bsc#1228854).\n- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).\n- dm-integrity: fix a warning on invalid table line (git-fixes).\n- dma-buf: insert memory barrier before updating num_fences (git-fixes).\n- dmaengine: Revert \"dmaengine: dmatest: Fix dmatest waiting less when interrupted\" (git-fixes).\n- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).\n- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).\n- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).\n- dmaengine: idxd: Fix -\u003epoll() return value (git-fixes).\n- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).\n- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).\n- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).\n- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).\n- dmaengine: mediatek: drop unused variable (git-fixes).\n- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).\n- dmaengine: ti: k3-udma: Add missing locking (git-fixes).\n- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).\n- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).\n- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).\n- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).\n- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).\n- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).\n- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).\n- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).\n- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).\n- drm/amd/display: Increase block_sequence array size (stable-fixes).\n- drm/amd/display: Initial psr_version with correct setting (stable-fixes).\n- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).\n- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).\n- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).\n- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).\n- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).\n- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).\n- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).\n- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).\n- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).\n- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).\n- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).\n- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).\n- drm/amdgpu: fix pm notifier handling (git-fixes).\n- drm/amdgpu: reset psp-\u003ecmd to NULL after releasing the buffer (stable-fixes).\n- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).\n- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).\n- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).\n- drm/ast: Find VBIOS mode from regular display size (stable-fixes).\n- drm/ast: Fix comment on modeset lock (git-fixes).\n- drm/atomic: clarify the rules around drm_atomic_state-\u003eallow_modeset (stable-fixes).\n- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).\n- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).\n- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).\n- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).\n- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).\n- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).\n- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).\n- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).\n- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).\n- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).\n- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).\n- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).\n- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).\n- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).\n- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).\n- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).\n- drm/tegra: Assign plane type before registration (git-fixes).\n- drm/tegra: Fix a possible null pointer dereference (git-fixes).\n- drm/tegra: rgb: Fix the unbound reference count (git-fixes).\n- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).\n- drm/v3d: Add clock handling (stable-fixes).\n- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).\n- drm/vc4: tests: Use return instead of assert (git-fixes).\n- drm/vkms: Adjust vkms_state-\u003eactive_planes allocation type (git-fixes).\n- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).\n- drm: Add valid clones check (stable-fixes).\n- drm: bridge: adv7511: fill stream capabilities (stable-fixes).\n- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).\n- exfat: fix potential wrong error return from get_block (git-fixes).\n- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).\n- fbdev/efifb: Remove PM for parent device (bsc#1244261).\n- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).\n- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).\n- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).\n- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).\n- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).\n- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).\n- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).\n- fpga: altera-cvp: Increase credit timeout (stable-fixes).\n- fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes).\n- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).\n- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).\n- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).\n- gpiolib: Revert \"Do not WARN on gpiod_put() for optional GPIO\" (stable-fixes).\n- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).\n- hv_netvsc: Remove rmsg_pgcnt (git-fixes).\n- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).\n- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).\n- hwmon: (dell-smm) Increment the number of fans (stable-fixes).\n- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).\n- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).\n- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).\n- i2c: pxa: fix call balance of i2c-\u003eclk handling routines (stable-fixes).\n- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).\n- i2c: tegra: check msg length in SMBUS block read (bsc#1242086)\n- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).\n- i3c: master: svc: Fix missing STOP for master request (stable-fixes).\n- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).\n- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).\n- idpf: fix offloads support for encapsulated packets (git-fixes).\n- idpf: fix potential memory leak on kcalloc() failure (git-fixes).\n- idpf: protect shutdown from reset (git-fixes).\n- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).\n- igc: fix lock order in igc_ptp_reset (git-fixes).\n- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).\n- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).\n- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).\n- iio: filter: admv8818: Support frequencies \u003e= 2^32 (git-fixes).\n- iio: filter: admv8818: fix band 4, state 15 (git-fixes).\n- iio: filter: admv8818: fix integer overflow (git-fixes).\n- iio: filter: admv8818: fix range calculation (git-fixes).\n- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).\n- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).\n- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).\n- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).\n- intel_th: avoid using deprecated page-\u003emapping, index fields (stable-fixes).\n- iommu: Protect against overflow in iommu_pgsize() (git-fixes).\n- ip6mr: fix tables suspicious RCU usage (git-fixes).\n- ip_tunnel: annotate data-races around t-\u003eparms.link (git-fixes).\n- ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes).\n- ipmr: fix tables suspicious RCU usage (git-fixes).\n- ipv4/route: avoid unused-but-set-variable warning (git-fixes).\n- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).\n- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).\n- ipv4: Convert ip_route_input() to dscp_t (git-fixes).\n- ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes).\n- ipv4: Fix incorrect source address in Record Route option (git-fixes).\n- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).\n- ipv4: fix source address selection with route leak (git-fixes).\n- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).\n- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).\n- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes). Both spellings are actually used\n- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).\n- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).\n- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).\n- ipv6: Align behavior across nexthops during path selection (git-fixes).\n- ipv6: Do not consider link down nexthops in path selection (git-fixes).\n- ipv6: Start path selection from the first nexthop (git-fixes).\n- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).\n- ipv6: save dontfrag in cork (git-fixes).\n- ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes).\n- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).\n- jffs2: check that raw node were preallocated before writing summary (git-fixes).\n- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).\n- jiffies: Define secs_to_jiffies() (bsc#1242993).\n- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).\n- kABI: ipv6: save dontfrag in cork (git-fixes).\n- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).\n- loop: Add sanity check for read/write_iter (git-fixes).\n- loop: aio inherit the ioprio of original request (git-fixes).\n- loop: do not require -\u003ewrite_iter for writable files in loop_configure (git-fixes).\n- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).\n- md/raid1,raid10: do not ignore IO flags (git-fixes).\n- md/raid10: fix missing discard IO accounting (git-fixes).\n- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).\n- md/raid1: Add check for missing source disk in process_checks() (git-fixes).\n- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).\n- md/raid5: implement pers-\u003ebitmap_sector() (git-fixes).\n- md: add a new callback pers-\u003ebitmap_sector() (git-fixes).\n- md: ensure resync is prioritized over recovery (git-fixes).\n- md: fix mddev uaf while iterating all_mddevs list (git-fixes).\n- md: preserve KABI in struct md_personality v2 (git-fixes).\n- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).\n- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).\n- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).\n- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).\n- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).\n- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).\n- media: cx231xx: set device_caps for 417 (stable-fixes).\n- media: cxusb: no longer judge rbuf when the write fails (git-fixes).\n- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).\n- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).\n- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).\n- media: imx-jpeg: Cleanup after an allocation error (git-fixes).\n- media: imx-jpeg: Drop the first error frames (git-fixes).\n- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).\n- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).\n- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).\n- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).\n- media: ov5675: suppress probe deferral errors (git-fixes).\n- media: ov8856: suppress probe deferral errors (git-fixes).\n- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).\n- media: rkvdec: Fix frame size enumeration (git-fixes).\n- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).\n- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).\n- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).\n- media: uvcvideo: Fix deferred probing error (git-fixes).\n- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).\n- media: uvcvideo: Return the number of processed controls (git-fixes).\n- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).\n- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).\n- media: venus: Fix probe error handling (git-fixes).\n- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).\n- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).\n- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).\n- media: vivid: Change the siize of the composing (git-fixes).\n- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).\n- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).\n- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).\n- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).\n- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).\n- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).\n- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).\n- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).\n- mtd: phram: Add the kernel lock down check (bsc#1232649).\n- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).\n- neighbour: Do not let neigh_forced_gc() disable preemption for long (git-fixes).\n- neighbour: delete redundant judgment statements (git-fixes).\n- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).\n- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).\n- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).\n- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).\n- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).\n- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).\n- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).\n- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).\n- net/neighbor: clear error in case strict check is not set (git-fixes).\n- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).\n- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).\n- net: Handle napi_schedule() calls from non-interrupt (git-fixes).\n- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).\n- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes).\n- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).\n- net: add rcu safety to rtnl_prop_list_size() (git-fixes).\n- net: do not dump stack on queue timeout (git-fixes).\n- net: fix udp gso skb_segment after pull from frag_list (git-fixes).\n- net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes).\n- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).\n- net: ipv4: fix a memleak in ip_setup_cork (git-fixes).\n- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).\n- net: linkwatch: use system_unbound_wq (git-fixes).\n- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).\n- net: page_pool: fix warning code (git-fixes).\n- net: phy: clear phydev-\u003edevlink when the link is deleted (git-fixes).\n- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).\n- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).\n- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).\n- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).\n- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).\n- net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes).\n- net: sched: consistently use rcu_replace_pointer() in taprio_change() (git-fixes).\n- net: sched: em_text: fix possible memory leak in em_text_destroy() (git-fixes).\n- net: sched: fix erspan_opt settings in cls_flower (git-fixes).\n- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).\n- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).\n- net: usb: aqc111: debug info before sanitation (git-fixes).\n- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).\n- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).\n- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)\n- netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).\n- netdev-genl: avoid empty messages in queue dump (git-fixes).\n- netdev: fix repeated netlink messages in queue dump (git-fixes).\n- netlink: annotate data-races around sk-\u003esk_err (git-fixes).\n- netpoll: Ensure clean state on setup failures (git-fixes).\n- netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes).\n- netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).\n- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).\n- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).\n- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).\n- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).\n- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).\n- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).\n- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).\n- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).\n- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).\n- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).\n- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).\n- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).\n- nvme: Add \u0027partial_nid\u0027 quirk (bsc#1241148).\n- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).\n- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).\n- nvme: multipath: fix return value of nvme_available_path (git-fixes).\n- nvme: re-read ANA log page after ns scan completes (git-fixes).\n- nvme: requeue namespace scan on missed AENs (git-fixes).\n- nvme: unblock ctrl state transition for firmware update (git-fixes).\n- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).\n- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).\n- nvmet-fc: put ref when assoc-\u003edel_work is already scheduled (git-fixes).\n- nvmet-fc: take tgtport reference only once (git-fixes).\n- nvmet-fc: update tgtport ref per assoc (git-fixes).\n- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).\n- nvmet-fcloop: add ref counting to lport (git-fixes).\n- nvmet-fcloop: replace kref with refcount (git-fixes).\n- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).\n- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).\n- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).\n- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).\n- orangefs: Do not truncate file size (git-fixes).\n- pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes).\n- padata: do not leak refcount in reorder_work (git-fixes).\n- page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes).\n- phy: Fix error handling in tegra_xusb_port_init (git-fixes).\n- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).\n- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).\n- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).\n- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).\n- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).\n- phy: tegra: xusb: remove a stray unlock (git-fixes).\n- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).\n- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).\n- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs \u003e 31 (git-fixes).\n- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).\n- pinctrl: bcm281xx: Use \"unsigned int\" instead of bare \"unsigned\" (stable-fixes).\n- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).\n- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).\n- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).\n- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).\n- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes).\n- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).\n- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).\n- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes).\n- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).\n- power: reset: at91-reset: Optimize at91_reset() (git-fixes).\n- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).\n- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).\n- powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199).\n- pstore: Change kmsg_bytes storage size to u32 (git-fixes).\n- qibfs: fix _another_ leak (git-fixes)\n- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)\n- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)\n- rcu: Break rcu_node_0 --\u003e \u0026rq-\u003e__lock order (git-fixes)\n- rcu: Introduce rcu_cpu_online() (git-fixes)\n- regulator: ad5398: Add device tree support (stable-fixes).\n- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).\n- regulator: max20086: Change enable gpio to optional (git-fixes).\n- regulator: max20086: Fix MAX200086 chip id (git-fixes).\n- regulator: max20086: fix invalid memory access (git-fixes).\n- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN\n- rtc: Fix offset calculation for .start_secs \u0026lt; 0 (git-fixes).\n- rtc: at91rm9200: drop unused module alias (git-fixes).\n- rtc: cpcap: drop unused module alias (git-fixes).\n- rtc: da9063: drop unused module alias (git-fixes).\n- rtc: ds1307: stop disabling alarms on probe (stable-fixes).\n- rtc: jz4740: drop unused module alias (git-fixes).\n- rtc: pm8xxx: drop unused module alias (git-fixes).\n- rtc: rv3032: fix EERD location (stable-fixes).\n- rtc: s3c: drop unused module alias (git-fixes).\n- rtc: sh: assign correct interrupts with DT (git-fixes).\n- rtc: stm32: drop unused module alias (git-fixes).\n- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).\n- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).\n- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).\n- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).\n- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).\n- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).\n- s390/pci: Serialize device addition and removal (bsc#1244145).\n- s390/pci: introduce lock to synchronize state of zpci_dev\u0027s (jsc#PED-10253 bsc#1244145).\n- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).\n- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).\n- scsi: Improve CDL control (git-fixes).\n- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).\n- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).\n- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).\n- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).\n- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).\n- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).\n- scsi: lpfc: Fix spelling mistake \u0027Toplogy\u0027 -\u003e \u0027Topology\u0027 (bsc#1242993).\n- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).\n- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).\n- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).\n- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).\n- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).\n- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).\n- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).\n- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).\n- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).\n- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).\n- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).\n- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).\n- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).\n- selftests/mm: fix incorrect buffer-\u003emirror size in hmm2 double_map test (bsc#1242203).\n- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).\n- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).\n- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).\n- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).\n- serial: sh-sci: Save and restore more registers (git-fixes).\n- serial: sh-sci: Update the suspend/resume support (stable-fixes).\n- smb3: fix Open files on server counter going negative (git-fixes).\n- smb: client: Use str_yes_no() helper function (git-fixes).\n- smb: client: allow more DFS referrals to be cached (git-fixes).\n- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).\n- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).\n- smb: client: do not retry DFS targets on server shutdown (git-fixes).\n- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).\n- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).\n- smb: client: fix DFS interlink failover (git-fixes).\n- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).\n- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).\n- smb: client: fix potential race in cifs_put_tcon() (git-fixes).\n- smb: client: fix return value of parse_dfs_referrals() (git-fixes).\n- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).\n- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).\n- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).\n- smb: client: improve purging of cached referrals (git-fixes).\n- smb: client: introduce av_for_each_entry() helper (git-fixes).\n- smb: client: optimize referral walk on failed link targets (git-fixes).\n- smb: client: parse DNS domain name from domain= option (git-fixes).\n- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).\n- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).\n- smb: client: refresh referral without acquiring refpath_lock (git-fixes).\n- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).\n- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).\n- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).\n- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).\n- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).\n- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).\n- spi-rockchip: Fix register out of bounds access (stable-fixes).\n- spi: bcm63xx-hsspi: fix shared reset (git-fixes).\n- spi: bcm63xx-spi: fix shared reset (git-fixes).\n- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).\n- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).\n- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).\n- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).\n- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).\n- spi: spi-sun4i: fix early activation (stable-fixes).\n- spi: tegra114: Use value to check for invalid delays (git-fixes).\n- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).\n- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).\n- spi: tegra210-quad: remove redundant error handling code (git-fixes).\n- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).\n- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).\n- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (git-fixes).\n- tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).\n- tcp/dccp: complete lockless accesses to sk-\u003esk_max_ack_backlog (git-fixes).\n- tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes).\n- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).\n- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).\n- tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).\n- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).\n- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).\n- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).\n- thunderbolt: Fix a logic error in wake on connect (git-fixes).\n- udp: annotate data-races around up-\u003epending (git-fixes).\n- udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (git-fixes).\n- udp: fix receiving fraglist GSO packets (git-fixes).\n- udp: preserve the connected status if only UDP cmsg (git-fixes).\n- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).\n- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).\n- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).\n- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).\n- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).\n- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).\n- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).\n- usb: usbtmc: Fix timeout value in get_stb (git-fixes).\n- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).\n- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).\n- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).\n- virtio_console: fix missing byte order handling for cols and rows (git-fixes).\n- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).\n- watchdog: exar: Shorten identity name to fit correctly (git-fixes).\n- wifi: ath11k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath11k: fix ring-buffer corruption (git-fixes).\n- wifi: ath11k: fix rx completion meta data corruption (git-fixes).\n- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).\n- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).\n- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).\n- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).\n- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).\n- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).\n- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).\n- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).\n- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).\n- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).\n- wifi: ath12k: fix cleanup path after mhi init (git-fixes).\n- wifi: ath12k: fix invalid access to memory (git-fixes).\n- wifi: ath12k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath12k: fix ring-buffer corruption (git-fixes).\n- wifi: ath9k: return by of_get_mac_address (stable-fixes).\n- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).\n- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).\n- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).\n- wifi: iwlwifi: fix debug actions order (stable-fixes).\n- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).\n- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).\n- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).\n- wifi: mt76: disable napi on driver removal (git-fixes).\n- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).\n- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).\n- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).\n- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).\n- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).\n- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).\n- wifi: mt76: mt7996: revise TXS size (stable-fixes).\n- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).\n- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).\n- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).\n- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).\n- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).\n- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).\n- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).\n- wifi: rtw88: fix the \u0027para\u0027 buffer size to avoid reading out of bounds (git-fixes).\n- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).\n- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).\n- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).\n- wifi: rtw89: add wiphy_lock() to work that isn\u0027t held wiphy_lock() yet (stable-fixes).\n- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).\n- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).\n- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in\n mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).\n- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).\n- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).\n- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).\n- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).\n- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).\n- x86/xen: move xen_reserve_extra_memory() (git-fixes).\n- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).\n- xen: Change xen-acpi-processor dom0 dependency (git-fixes).\n- xenfs/xensyms: respect hypervisor\u0027s \"next\" indication (git-fixes).\n- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).\n- xhci: split free interrupter into separate remove and free parts (git-fixes).\n- xsk: Add truesize to skb_add_rx_frag() (git-fixes).\n- xsk: Do not assume metadata is always requested in TX completion (git-fixes).\n- xsk: always clear DMA mapping information when unmapping the pool (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-kernel-42",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20413-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20413-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520413-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20413-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040334.html"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1220112",
"url": "https://bugzilla.suse.com/1220112"
},
{
"category": "self",
"summary": "SUSE Bug 1223096",
"url": "https://bugzilla.suse.com/1223096"
},
{
"category": "self",
"summary": "SUSE Bug 1226498",
"url": "https://bugzilla.suse.com/1226498"
},
{
"category": "self",
"summary": "SUSE Bug 1228557",
"url": "https://bugzilla.suse.com/1228557"
},
{
"category": "self",
"summary": "SUSE Bug 1228854",
"url": "https://bugzilla.suse.com/1228854"
},
{
"category": "self",
"summary": "SUSE Bug 1229491",
"url": "https://bugzilla.suse.com/1229491"
},
{
"category": "self",
"summary": "SUSE Bug 1230581",
"url": "https://bugzilla.suse.com/1230581"
},
{
"category": "self",
"summary": "SUSE Bug 1231016",
"url": "https://bugzilla.suse.com/1231016"
},
{
"category": "self",
"summary": "SUSE Bug 1232504",
"url": "https://bugzilla.suse.com/1232504"
},
{
"category": "self",
"summary": "SUSE Bug 1232649",
"url": "https://bugzilla.suse.com/1232649"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1233192",
"url": "https://bugzilla.suse.com/1233192"
},
{
"category": "self",
"summary": "SUSE Bug 1234154",
"url": "https://bugzilla.suse.com/1234154"
},
{
"category": "self",
"summary": "SUSE Bug 1235149",
"url": "https://bugzilla.suse.com/1235149"
},
{
"category": "self",
"summary": "SUSE Bug 1235728",
"url": "https://bugzilla.suse.com/1235728"
},
{
"category": "self",
"summary": "SUSE Bug 1235968",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "self",
"summary": "SUSE Bug 1236142",
"url": "https://bugzilla.suse.com/1236142"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238473",
"url": "https://bugzilla.suse.com/1238473"
},
{
"category": "self",
"summary": "SUSE Bug 1238774",
"url": "https://bugzilla.suse.com/1238774"
},
{
"category": "self",
"summary": "SUSE Bug 1238992",
"url": "https://bugzilla.suse.com/1238992"
},
{
"category": "self",
"summary": "SUSE Bug 1239691",
"url": "https://bugzilla.suse.com/1239691"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1240180",
"url": "https://bugzilla.suse.com/1240180"
},
{
"category": "self",
"summary": "SUSE Bug 1240593",
"url": "https://bugzilla.suse.com/1240593"
},
{
"category": "self",
"summary": "SUSE Bug 1240723",
"url": "https://bugzilla.suse.com/1240723"
},
{
"category": "self",
"summary": "SUSE Bug 1240823",
"url": "https://bugzilla.suse.com/1240823"
},
{
"category": "self",
"summary": "SUSE Bug 1240866",
"url": "https://bugzilla.suse.com/1240866"
},
{
"category": "self",
"summary": "SUSE Bug 1240966",
"url": "https://bugzilla.suse.com/1240966"
},
{
"category": "self",
"summary": "SUSE Bug 1241148",
"url": "https://bugzilla.suse.com/1241148"
},
{
"category": "self",
"summary": "SUSE Bug 1241282",
"url": "https://bugzilla.suse.com/1241282"
},
{
"category": "self",
"summary": "SUSE Bug 1241305",
"url": "https://bugzilla.suse.com/1241305"
},
{
"category": "self",
"summary": "SUSE Bug 1241340",
"url": "https://bugzilla.suse.com/1241340"
},
{
"category": "self",
"summary": "SUSE Bug 1241351",
"url": "https://bugzilla.suse.com/1241351"
},
{
"category": "self",
"summary": "SUSE Bug 1241376",
"url": "https://bugzilla.suse.com/1241376"
},
{
"category": "self",
"summary": "SUSE Bug 1241448",
"url": "https://bugzilla.suse.com/1241448"
},
{
"category": "self",
"summary": "SUSE Bug 1241457",
"url": "https://bugzilla.suse.com/1241457"
},
{
"category": "self",
"summary": "SUSE Bug 1241492",
"url": "https://bugzilla.suse.com/1241492"
},
{
"category": "self",
"summary": "SUSE Bug 1241519",
"url": "https://bugzilla.suse.com/1241519"
},
{
"category": "self",
"summary": "SUSE Bug 1241525",
"url": "https://bugzilla.suse.com/1241525"
},
{
"category": "self",
"summary": "SUSE Bug 1241533",
"url": "https://bugzilla.suse.com/1241533"
},
{
"category": "self",
"summary": "SUSE Bug 1241538",
"url": "https://bugzilla.suse.com/1241538"
},
{
"category": "self",
"summary": "SUSE Bug 1241576",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "self",
"summary": "SUSE Bug 1241590",
"url": "https://bugzilla.suse.com/1241590"
},
{
"category": "self",
"summary": "SUSE Bug 1241595",
"url": "https://bugzilla.suse.com/1241595"
},
{
"category": "self",
"summary": "SUSE Bug 1241596",
"url": "https://bugzilla.suse.com/1241596"
},
{
"category": "self",
"summary": "SUSE Bug 1241597",
"url": "https://bugzilla.suse.com/1241597"
},
{
"category": "self",
"summary": "SUSE Bug 1241617",
"url": "https://bugzilla.suse.com/1241617"
},
{
"category": "self",
"summary": "SUSE Bug 1241625",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "self",
"summary": "SUSE Bug 1241627",
"url": "https://bugzilla.suse.com/1241627"
},
{
"category": "self",
"summary": "SUSE Bug 1241635",
"url": "https://bugzilla.suse.com/1241635"
},
{
"category": "self",
"summary": "SUSE Bug 1241638",
"url": "https://bugzilla.suse.com/1241638"
},
{
"category": "self",
"summary": "SUSE Bug 1241644",
"url": "https://bugzilla.suse.com/1241644"
},
{
"category": "self",
"summary": "SUSE Bug 1241654",
"url": "https://bugzilla.suse.com/1241654"
},
{
"category": "self",
"summary": "SUSE Bug 1241657",
"url": "https://bugzilla.suse.com/1241657"
},
{
"category": "self",
"summary": "SUSE Bug 1242012",
"url": "https://bugzilla.suse.com/1242012"
},
{
"category": "self",
"summary": "SUSE Bug 1242035",
"url": "https://bugzilla.suse.com/1242035"
},
{
"category": "self",
"summary": "SUSE Bug 1242044",
"url": "https://bugzilla.suse.com/1242044"
},
{
"category": "self",
"summary": "SUSE Bug 1242086",
"url": "https://bugzilla.suse.com/1242086"
},
{
"category": "self",
"summary": "SUSE Bug 1242163",
"url": "https://bugzilla.suse.com/1242163"
},
{
"category": "self",
"summary": "SUSE Bug 1242203",
"url": "https://bugzilla.suse.com/1242203"
},
{
"category": "self",
"summary": "SUSE Bug 1242343",
"url": "https://bugzilla.suse.com/1242343"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242417",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "self",
"summary": "SUSE Bug 1242501",
"url": "https://bugzilla.suse.com/1242501"
},
{
"category": "self",
"summary": "SUSE Bug 1242502",
"url": "https://bugzilla.suse.com/1242502"
},
{
"category": "self",
"summary": "SUSE Bug 1242504",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "self",
"summary": "SUSE Bug 1242506",
"url": "https://bugzilla.suse.com/1242506"
},
{
"category": "self",
"summary": "SUSE Bug 1242507",
"url": "https://bugzilla.suse.com/1242507"
},
{
"category": "self",
"summary": "SUSE Bug 1242509",
"url": "https://bugzilla.suse.com/1242509"
},
{
"category": "self",
"summary": "SUSE Bug 1242510",
"url": "https://bugzilla.suse.com/1242510"
},
{
"category": "self",
"summary": "SUSE Bug 1242512",
"url": "https://bugzilla.suse.com/1242512"
},
{
"category": "self",
"summary": "SUSE Bug 1242513",
"url": "https://bugzilla.suse.com/1242513"
},
{
"category": "self",
"summary": "SUSE Bug 1242514",
"url": "https://bugzilla.suse.com/1242514"
},
{
"category": "self",
"summary": "SUSE Bug 1242520",
"url": "https://bugzilla.suse.com/1242520"
},
{
"category": "self",
"summary": "SUSE Bug 1242523",
"url": "https://bugzilla.suse.com/1242523"
},
{
"category": "self",
"summary": "SUSE Bug 1242524",
"url": "https://bugzilla.suse.com/1242524"
},
{
"category": "self",
"summary": "SUSE Bug 1242529",
"url": "https://bugzilla.suse.com/1242529"
},
{
"category": "self",
"summary": "SUSE Bug 1242530",
"url": "https://bugzilla.suse.com/1242530"
},
{
"category": "self",
"summary": "SUSE Bug 1242531",
"url": "https://bugzilla.suse.com/1242531"
},
{
"category": "self",
"summary": "SUSE Bug 1242532",
"url": "https://bugzilla.suse.com/1242532"
},
{
"category": "self",
"summary": "SUSE Bug 1242559",
"url": "https://bugzilla.suse.com/1242559"
},
{
"category": "self",
"summary": "SUSE Bug 1242563",
"url": "https://bugzilla.suse.com/1242563"
},
{
"category": "self",
"summary": "SUSE Bug 1242564",
"url": "https://bugzilla.suse.com/1242564"
},
{
"category": "self",
"summary": "SUSE Bug 1242565",
"url": "https://bugzilla.suse.com/1242565"
},
{
"category": "self",
"summary": "SUSE Bug 1242566",
"url": "https://bugzilla.suse.com/1242566"
},
{
"category": "self",
"summary": "SUSE Bug 1242567",
"url": "https://bugzilla.suse.com/1242567"
},
{
"category": "self",
"summary": "SUSE Bug 1242568",
"url": "https://bugzilla.suse.com/1242568"
},
{
"category": "self",
"summary": "SUSE Bug 1242569",
"url": "https://bugzilla.suse.com/1242569"
},
{
"category": "self",
"summary": "SUSE Bug 1242573",
"url": "https://bugzilla.suse.com/1242573"
},
{
"category": "self",
"summary": "SUSE Bug 1242574",
"url": "https://bugzilla.suse.com/1242574"
},
{
"category": "self",
"summary": "SUSE Bug 1242575",
"url": "https://bugzilla.suse.com/1242575"
},
{
"category": "self",
"summary": "SUSE Bug 1242578",
"url": "https://bugzilla.suse.com/1242578"
},
{
"category": "self",
"summary": "SUSE Bug 1242584",
"url": "https://bugzilla.suse.com/1242584"
},
{
"category": "self",
"summary": "SUSE Bug 1242585",
"url": "https://bugzilla.suse.com/1242585"
},
{
"category": "self",
"summary": "SUSE Bug 1242587",
"url": "https://bugzilla.suse.com/1242587"
},
{
"category": "self",
"summary": "SUSE Bug 1242591",
"url": "https://bugzilla.suse.com/1242591"
},
{
"category": "self",
"summary": "SUSE Bug 1242709",
"url": "https://bugzilla.suse.com/1242709"
},
{
"category": "self",
"summary": "SUSE Bug 1242727",
"url": "https://bugzilla.suse.com/1242727"
},
{
"category": "self",
"summary": "SUSE Bug 1242758",
"url": "https://bugzilla.suse.com/1242758"
},
{
"category": "self",
"summary": "SUSE Bug 1242760",
"url": "https://bugzilla.suse.com/1242760"
},
{
"category": "self",
"summary": "SUSE Bug 1242761",
"url": "https://bugzilla.suse.com/1242761"
},
{
"category": "self",
"summary": "SUSE Bug 1242762",
"url": "https://bugzilla.suse.com/1242762"
},
{
"category": "self",
"summary": "SUSE Bug 1242763",
"url": "https://bugzilla.suse.com/1242763"
},
{
"category": "self",
"summary": "SUSE Bug 1242764",
"url": "https://bugzilla.suse.com/1242764"
},
{
"category": "self",
"summary": "SUSE Bug 1242766",
"url": "https://bugzilla.suse.com/1242766"
},
{
"category": "self",
"summary": "SUSE Bug 1242770",
"url": "https://bugzilla.suse.com/1242770"
},
{
"category": "self",
"summary": "SUSE Bug 1242778",
"url": "https://bugzilla.suse.com/1242778"
},
{
"category": "self",
"summary": "SUSE Bug 1242781",
"url": "https://bugzilla.suse.com/1242781"
},
{
"category": "self",
"summary": "SUSE Bug 1242782",
"url": "https://bugzilla.suse.com/1242782"
},
{
"category": "self",
"summary": "SUSE Bug 1242785",
"url": "https://bugzilla.suse.com/1242785"
},
{
"category": "self",
"summary": "SUSE Bug 1242786",
"url": "https://bugzilla.suse.com/1242786"
},
{
"category": "self",
"summary": "SUSE Bug 1242792",
"url": "https://bugzilla.suse.com/1242792"
},
{
"category": "self",
"summary": "SUSE Bug 1242846",
"url": "https://bugzilla.suse.com/1242846"
},
{
"category": "self",
"summary": "SUSE Bug 1242849",
"url": "https://bugzilla.suse.com/1242849"
},
{
"category": "self",
"summary": "SUSE Bug 1242850",
"url": "https://bugzilla.suse.com/1242850"
},
{
"category": "self",
"summary": "SUSE Bug 1242852",
"url": "https://bugzilla.suse.com/1242852"
},
{
"category": "self",
"summary": "SUSE Bug 1242854",
"url": "https://bugzilla.suse.com/1242854"
},
{
"category": "self",
"summary": "SUSE Bug 1242856",
"url": "https://bugzilla.suse.com/1242856"
},
{
"category": "self",
"summary": "SUSE Bug 1242859",
"url": "https://bugzilla.suse.com/1242859"
},
{
"category": "self",
"summary": "SUSE Bug 1242860",
"url": "https://bugzilla.suse.com/1242860"
},
{
"category": "self",
"summary": "SUSE Bug 1242861",
"url": "https://bugzilla.suse.com/1242861"
},
{
"category": "self",
"summary": "SUSE Bug 1242866",
"url": "https://bugzilla.suse.com/1242866"
},
{
"category": "self",
"summary": "SUSE Bug 1242867",
"url": "https://bugzilla.suse.com/1242867"
},
{
"category": "self",
"summary": "SUSE Bug 1242868",
"url": "https://bugzilla.suse.com/1242868"
},
{
"category": "self",
"summary": "SUSE Bug 1242871",
"url": "https://bugzilla.suse.com/1242871"
},
{
"category": "self",
"summary": "SUSE Bug 1242873",
"url": "https://bugzilla.suse.com/1242873"
},
{
"category": "self",
"summary": "SUSE Bug 1242875",
"url": "https://bugzilla.suse.com/1242875"
},
{
"category": "self",
"summary": "SUSE Bug 1242906",
"url": "https://bugzilla.suse.com/1242906"
},
{
"category": "self",
"summary": "SUSE Bug 1242908",
"url": "https://bugzilla.suse.com/1242908"
},
{
"category": "self",
"summary": "SUSE Bug 1242924",
"url": "https://bugzilla.suse.com/1242924"
},
{
"category": "self",
"summary": "SUSE Bug 1242930",
"url": "https://bugzilla.suse.com/1242930"
},
{
"category": "self",
"summary": "SUSE Bug 1242940",
"url": "https://bugzilla.suse.com/1242940"
},
{
"category": "self",
"summary": "SUSE Bug 1242944",
"url": "https://bugzilla.suse.com/1242944"
},
{
"category": "self",
"summary": "SUSE Bug 1242945",
"url": "https://bugzilla.suse.com/1242945"
},
{
"category": "self",
"summary": "SUSE Bug 1242946",
"url": "https://bugzilla.suse.com/1242946"
},
{
"category": "self",
"summary": "SUSE Bug 1242948",
"url": "https://bugzilla.suse.com/1242948"
},
{
"category": "self",
"summary": "SUSE Bug 1242949",
"url": "https://bugzilla.suse.com/1242949"
},
{
"category": "self",
"summary": "SUSE Bug 1242951",
"url": "https://bugzilla.suse.com/1242951"
},
{
"category": "self",
"summary": "SUSE Bug 1242953",
"url": "https://bugzilla.suse.com/1242953"
},
{
"category": "self",
"summary": "SUSE Bug 1242954",
"url": "https://bugzilla.suse.com/1242954"
},
{
"category": "self",
"summary": "SUSE Bug 1242955",
"url": "https://bugzilla.suse.com/1242955"
},
{
"category": "self",
"summary": "SUSE Bug 1242957",
"url": "https://bugzilla.suse.com/1242957"
},
{
"category": "self",
"summary": "SUSE Bug 1242959",
"url": "https://bugzilla.suse.com/1242959"
},
{
"category": "self",
"summary": "SUSE Bug 1242961",
"url": "https://bugzilla.suse.com/1242961"
},
{
"category": "self",
"summary": "SUSE Bug 1242962",
"url": "https://bugzilla.suse.com/1242962"
},
{
"category": "self",
"summary": "SUSE Bug 1242973",
"url": "https://bugzilla.suse.com/1242973"
},
{
"category": "self",
"summary": "SUSE Bug 1242974",
"url": "https://bugzilla.suse.com/1242974"
},
{
"category": "self",
"summary": "SUSE Bug 1242977",
"url": "https://bugzilla.suse.com/1242977"
},
{
"category": "self",
"summary": "SUSE Bug 1242982",
"url": "https://bugzilla.suse.com/1242982"
},
{
"category": "self",
"summary": "SUSE Bug 1242990",
"url": "https://bugzilla.suse.com/1242990"
},
{
"category": "self",
"summary": "SUSE Bug 1242993",
"url": "https://bugzilla.suse.com/1242993"
},
{
"category": "self",
"summary": "SUSE Bug 1243000",
"url": "https://bugzilla.suse.com/1243000"
},
{
"category": "self",
"summary": "SUSE Bug 1243006",
"url": "https://bugzilla.suse.com/1243006"
},
{
"category": "self",
"summary": "SUSE Bug 1243011",
"url": "https://bugzilla.suse.com/1243011"
},
{
"category": "self",
"summary": "SUSE Bug 1243015",
"url": "https://bugzilla.suse.com/1243015"
},
{
"category": "self",
"summary": "SUSE Bug 1243044",
"url": "https://bugzilla.suse.com/1243044"
},
{
"category": "self",
"summary": "SUSE Bug 1243049",
"url": "https://bugzilla.suse.com/1243049"
},
{
"category": "self",
"summary": "SUSE Bug 1243056",
"url": "https://bugzilla.suse.com/1243056"
},
{
"category": "self",
"summary": "SUSE Bug 1243074",
"url": "https://bugzilla.suse.com/1243074"
},
{
"category": "self",
"summary": "SUSE Bug 1243076",
"url": "https://bugzilla.suse.com/1243076"
},
{
"category": "self",
"summary": "SUSE Bug 1243077",
"url": "https://bugzilla.suse.com/1243077"
},
{
"category": "self",
"summary": "SUSE Bug 1243082",
"url": "https://bugzilla.suse.com/1243082"
},
{
"category": "self",
"summary": "SUSE Bug 1243090",
"url": "https://bugzilla.suse.com/1243090"
},
{
"category": "self",
"summary": "SUSE Bug 1243330",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243456",
"url": "https://bugzilla.suse.com/1243456"
},
{
"category": "self",
"summary": "SUSE Bug 1243469",
"url": "https://bugzilla.suse.com/1243469"
},
{
"category": "self",
"summary": "SUSE Bug 1243470",
"url": "https://bugzilla.suse.com/1243470"
},
{
"category": "self",
"summary": "SUSE Bug 1243471",
"url": "https://bugzilla.suse.com/1243471"
},
{
"category": "self",
"summary": "SUSE Bug 1243472",
"url": "https://bugzilla.suse.com/1243472"
},
{
"category": "self",
"summary": "SUSE Bug 1243473",
"url": "https://bugzilla.suse.com/1243473"
},
{
"category": "self",
"summary": "SUSE Bug 1243475",
"url": "https://bugzilla.suse.com/1243475"
},
{
"category": "self",
"summary": "SUSE Bug 1243476",
"url": "https://bugzilla.suse.com/1243476"
},
{
"category": "self",
"summary": "SUSE Bug 1243509",
"url": "https://bugzilla.suse.com/1243509"
},
{
"category": "self",
"summary": "SUSE Bug 1243511",
"url": "https://bugzilla.suse.com/1243511"
},
{
"category": "self",
"summary": "SUSE Bug 1243513",
"url": "https://bugzilla.suse.com/1243513"
},
{
"category": "self",
"summary": "SUSE Bug 1243515",
"url": "https://bugzilla.suse.com/1243515"
},
{
"category": "self",
"summary": "SUSE Bug 1243516",
"url": "https://bugzilla.suse.com/1243516"
},
{
"category": "self",
"summary": "SUSE Bug 1243517",
"url": "https://bugzilla.suse.com/1243517"
},
{
"category": "self",
"summary": "SUSE Bug 1243519",
"url": "https://bugzilla.suse.com/1243519"
},
{
"category": "self",
"summary": "SUSE Bug 1243522",
"url": "https://bugzilla.suse.com/1243522"
},
{
"category": "self",
"summary": "SUSE Bug 1243524",
"url": "https://bugzilla.suse.com/1243524"
},
{
"category": "self",
"summary": "SUSE Bug 1243528",
"url": "https://bugzilla.suse.com/1243528"
},
{
"category": "self",
"summary": "SUSE Bug 1243529",
"url": "https://bugzilla.suse.com/1243529"
},
{
"category": "self",
"summary": "SUSE Bug 1243530",
"url": "https://bugzilla.suse.com/1243530"
},
{
"category": "self",
"summary": "SUSE Bug 1243534",
"url": "https://bugzilla.suse.com/1243534"
},
{
"category": "self",
"summary": "SUSE Bug 1243536",
"url": "https://bugzilla.suse.com/1243536"
},
{
"category": "self",
"summary": "SUSE Bug 1243537",
"url": "https://bugzilla.suse.com/1243537"
},
{
"category": "self",
"summary": "SUSE Bug 1243539",
"url": "https://bugzilla.suse.com/1243539"
},
{
"category": "self",
"summary": "SUSE Bug 1243540",
"url": "https://bugzilla.suse.com/1243540"
},
{
"category": "self",
"summary": "SUSE Bug 1243541",
"url": "https://bugzilla.suse.com/1243541"
},
{
"category": "self",
"summary": "SUSE Bug 1243542",
"url": "https://bugzilla.suse.com/1243542"
},
{
"category": "self",
"summary": "SUSE Bug 1243543",
"url": "https://bugzilla.suse.com/1243543"
},
{
"category": "self",
"summary": "SUSE Bug 1243545",
"url": "https://bugzilla.suse.com/1243545"
},
{
"category": "self",
"summary": "SUSE Bug 1243547",
"url": "https://bugzilla.suse.com/1243547"
},
{
"category": "self",
"summary": "SUSE Bug 1243559",
"url": "https://bugzilla.suse.com/1243559"
},
{
"category": "self",
"summary": "SUSE Bug 1243560",
"url": "https://bugzilla.suse.com/1243560"
},
{
"category": "self",
"summary": "SUSE Bug 1243562",
"url": "https://bugzilla.suse.com/1243562"
},
{
"category": "self",
"summary": "SUSE Bug 1243567",
"url": "https://bugzilla.suse.com/1243567"
},
{
"category": "self",
"summary": "SUSE Bug 1243571",
"url": "https://bugzilla.suse.com/1243571"
},
{
"category": "self",
"summary": "SUSE Bug 1243572",
"url": "https://bugzilla.suse.com/1243572"
},
{
"category": "self",
"summary": "SUSE Bug 1243573",
"url": "https://bugzilla.suse.com/1243573"
},
{
"category": "self",
"summary": "SUSE Bug 1243574",
"url": "https://bugzilla.suse.com/1243574"
},
{
"category": "self",
"summary": "SUSE Bug 1243575",
"url": "https://bugzilla.suse.com/1243575"
},
{
"category": "self",
"summary": "SUSE Bug 1243589",
"url": "https://bugzilla.suse.com/1243589"
},
{
"category": "self",
"summary": "SUSE Bug 1243621",
"url": "https://bugzilla.suse.com/1243621"
},
{
"category": "self",
"summary": "SUSE Bug 1243624",
"url": "https://bugzilla.suse.com/1243624"
},
{
"category": "self",
"summary": "SUSE Bug 1243625",
"url": "https://bugzilla.suse.com/1243625"
},
{
"category": "self",
"summary": "SUSE Bug 1243626",
"url": "https://bugzilla.suse.com/1243626"
},
{
"category": "self",
"summary": "SUSE Bug 1243627",
"url": "https://bugzilla.suse.com/1243627"
},
{
"category": "self",
"summary": "SUSE Bug 1243628",
"url": "https://bugzilla.suse.com/1243628"
},
{
"category": "self",
"summary": "SUSE Bug 1243649",
"url": "https://bugzilla.suse.com/1243649"
},
{
"category": "self",
"summary": "SUSE Bug 1243657",
"url": "https://bugzilla.suse.com/1243657"
},
{
"category": "self",
"summary": "SUSE Bug 1243658",
"url": "https://bugzilla.suse.com/1243658"
},
{
"category": "self",
"summary": "SUSE Bug 1243659",
"url": "https://bugzilla.suse.com/1243659"
},
{
"category": "self",
"summary": "SUSE Bug 1243660",
"url": "https://bugzilla.suse.com/1243660"
},
{
"category": "self",
"summary": "SUSE Bug 1243664",
"url": "https://bugzilla.suse.com/1243664"
},
{
"category": "self",
"summary": "SUSE Bug 1243737",
"url": "https://bugzilla.suse.com/1243737"
},
{
"category": "self",
"summary": "SUSE Bug 1243782",
"url": "https://bugzilla.suse.com/1243782"
},
{
"category": "self",
"summary": "SUSE Bug 1243805",
"url": "https://bugzilla.suse.com/1243805"
},
{
"category": "self",
"summary": "SUSE Bug 1243836",
"url": "https://bugzilla.suse.com/1243836"
},
{
"category": "self",
"summary": "SUSE Bug 1243963",
"url": "https://bugzilla.suse.com/1243963"
},
{
"category": "self",
"summary": "SUSE Bug 1244145",
"url": "https://bugzilla.suse.com/1244145"
},
{
"category": "self",
"summary": "SUSE Bug 1244261",
"url": "https://bugzilla.suse.com/1244261"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52888 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53146 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46713 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49568 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50223 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53135 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54458 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58098 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58100 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21629 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21648 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21919 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21938 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22030 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22056 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22063 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22070 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22089 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22095 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22113 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22113/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22124 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22126 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23147 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23148 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23150 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23151 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23155 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23157 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23158 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23159 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23161 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37740 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37748 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37769 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37771 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37788 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37789 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37800 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37801 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37803 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37805 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37809 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37841 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37849 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37851 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37867 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37874 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37879 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37897 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37900 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37901 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37903 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37917 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37929 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37933 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37936 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37944 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37949 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37954 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37958 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37967 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37968 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37974 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37980 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37982 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37983 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37986 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37987 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37989 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37990 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37998 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38152 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38240 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40325 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40325/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-06-16T15:33:59Z",
"generator": {
"date": "2025-06-16T15:33:59Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20413-1",
"initial_release_date": "2025-06-16T15:33:59Z",
"revision_history": [
{
"date": "2025-06-16T15:33:59Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-33.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-33.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-33.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-33.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-33.1.noarch",
"product_id": "kernel-source-rt-6.4.0-33.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-6.4.0-33.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-33.1.x86_64",
"product_id": "kernel-rt-6.4.0-33.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-33.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-33.1.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-33.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-33.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-33.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-33.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-6.4.0-33.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-6.4.0-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-33.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-33.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Only free buffer VA that is not NULL\n\nIn the MediaTek vcodec driver, while mtk_vcodec_mem_free() is mostly\ncalled only when the buffer to free exists, there are some instances\nthat didn\u0027t do the check and triggered warnings in practice.\n\nWe believe those checks were forgotten unintentionally. Add the checks\nback to fix the warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52888",
"url": "https://www.suse.com/security/cve/CVE-2023-52888"
},
{
"category": "external",
"summary": "SUSE Bug 1228557 for CVE-2023-52888",
"url": "https://bugzilla.suse.com/1228557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2023-52888"
},
{
"cve": "CVE-2023-53146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()\n\nIn dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach dw2102_i2c_transfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 950e252cb469\n(\"[media] dw2102: limit messages to buffer size\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53146",
"url": "https://www.suse.com/security/cve/CVE-2023-53146"
},
{
"category": "external",
"summary": "SUSE Bug 1220112 for CVE-2023-53146",
"url": "https://bugzilla.suse.com/1220112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2023-53146"
},
{
"cve": "CVE-2024-43869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix event leak upon exec and file release\n\nThe perf pending task work is never waited upon the matching event\nrelease. In the case of a child event, released via free_event()\ndirectly, this can potentially result in a leaked event, such as in the\nfollowing scenario that doesn\u0027t even require a weak IRQ work\nimplementation to trigger:\n\nschedule()\n prepare_task_switch()\n=======\u003e \u003cNMI\u003e\n perf_event_overflow()\n event-\u003epending_sigtrap = ...\n irq_work_queue(\u0026event-\u003epending_irq)\n\u003c======= \u003c/NMI\u003e\n perf_event_task_sched_out()\n event_sched_out()\n event-\u003epending_sigtrap = 0;\n atomic_long_inc_not_zero(\u0026event-\u003erefcount)\n task_work_add(\u0026event-\u003epending_task)\n finish_lock_switch()\n=======\u003e \u003cIRQ\u003e\n perf_pending_irq()\n //do nothing, rely on pending task work\n\u003c======= \u003c/IRQ\u003e\n\nbegin_new_exec()\n perf_event_exit_task()\n perf_event_exit_event()\n // If is child event\n free_event()\n WARN(atomic_long_cmpxchg(\u0026event-\u003erefcount, 1, 0) != 1)\n // event is leaked\n\nSimilar scenarios can also happen with perf_event_remove_on_exec() or\nsimply against concurrent perf_event_release().\n\nFix this with synchonizing against the possibly remaining pending task\nwork while freeing the event, just like is done with remaining pending\nIRQ work. This means that the pending task callback neither need nor\nshould hold a reference to the event, preventing it from ever beeing\nfreed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43869",
"url": "https://www.suse.com/security/cve/CVE-2024-43869"
},
{
"category": "external",
"summary": "SUSE Bug 1229491 for CVE-2024-43869",
"url": "https://bugzilla.suse.com/1229491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-43869"
},
{
"cve": "CVE-2024-46713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/aux: Fix AUX buffer serialization\n\nOle reported that event-\u003emmap_mutex is strictly insufficient to\nserialize the AUX buffer, add a per RB mutex to fully serialize it.\n\nNote that in the lock order comment the perf_event::mmap_mutex order\nwas already wrong, that is, it nesting under mmap_lock is not new with\nthis patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46713",
"url": "https://www.suse.com/security/cve/CVE-2024-46713"
},
{
"category": "external",
"summary": "SUSE Bug 1230581 for CVE-2024-46713",
"url": "https://bugzilla.suse.com/1230581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-46713"
},
{
"cve": "CVE-2024-49568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the fields v2_ext_offset/\neid_cnt/ism_gid_cnt in proposal msg are from the remote client\nand can not be fully trusted. Especially the field v2_ext_offset,\nonce exceed the max value, there has the chance to access wrong\naddress, and crash may happen.\n\nThis patch checks the fields v2_ext_offset/eid_cnt/ism_gid_cnt\nbefore using them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49568",
"url": "https://www.suse.com/security/cve/CVE-2024-49568"
},
{
"category": "external",
"summary": "SUSE Bug 1235728 for CVE-2024-49568",
"url": "https://bugzilla.suse.com/1235728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-49568"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.com/1232882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-50106"
},
{
"cve": "CVE-2024-50223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50223"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: Fix the potential null pointer dereference in task_numa_work()\n\nWhen running stress-ng-vm-segv test, we found a null pointer dereference\nerror in task_numa_work(). Here is the backtrace:\n\n [323676.066985] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ......\n [323676.067108] CPU: 35 PID: 2694524 Comm: stress-ng-vm-se\n ......\n [323676.067113] pstate: 23401009 (nzCv daif +PAN -UAO +TCO +DIT +SSBS BTYPE=--)\n [323676.067115] pc : vma_migratable+0x1c/0xd0\n [323676.067122] lr : task_numa_work+0x1ec/0x4e0\n [323676.067127] sp : ffff8000ada73d20\n [323676.067128] x29: ffff8000ada73d20 x28: 0000000000000000 x27: 000000003e89f010\n [323676.067130] x26: 0000000000080000 x25: ffff800081b5c0d8 x24: ffff800081b27000\n [323676.067133] x23: 0000000000010000 x22: 0000000104d18cc0 x21: ffff0009f7158000\n [323676.067135] x20: 0000000000000000 x19: 0000000000000000 x18: ffff8000ada73db8\n [323676.067138] x17: 0001400000000000 x16: ffff800080df40b0 x15: 0000000000000035\n [323676.067140] x14: ffff8000ada73cc8 x13: 1fffe0017cc72001 x12: ffff8000ada73cc8\n [323676.067142] x11: ffff80008001160c x10: ffff000be639000c x9 : ffff8000800f4ba4\n [323676.067145] x8 : ffff000810375000 x7 : ffff8000ada73974 x6 : 0000000000000001\n [323676.067147] x5 : 0068000b33e26707 x4 : 0000000000000001 x3 : ffff0009f7158000\n [323676.067149] x2 : 0000000000000041 x1 : 0000000000004400 x0 : 0000000000000000\n [323676.067152] Call trace:\n [323676.067153] vma_migratable+0x1c/0xd0\n [323676.067155] task_numa_work+0x1ec/0x4e0\n [323676.067157] task_work_run+0x78/0xd8\n [323676.067161] do_notify_resume+0x1ec/0x290\n [323676.067163] el0_svc+0x150/0x160\n [323676.067167] el0t_64_sync_handler+0xf8/0x128\n [323676.067170] el0t_64_sync+0x17c/0x180\n [323676.067173] Code: d2888001 910003fd f9000bf3 aa0003f3 (f9401000)\n [323676.067177] SMP: stopping secondary CPUs\n [323676.070184] Starting crashdump kernel...\n\nstress-ng-vm-segv in stress-ng is used to stress test the SIGSEGV error\nhandling function of the system, which tries to cause a SIGSEGV error on\nreturn from unmapping the whole address space of the child process.\n\nNormally this program will not cause kernel crashes. But before the\nmunmap system call returns to user mode, a potential task_numa_work()\nfor numa balancing could be added and executed. In this scenario, since the\nchild process has no vma after munmap, the vma_next() in task_numa_work()\nwill return a null pointer even if the vma iterator restarts from 0.\n\nRecheck the vma pointer before dereferencing it in task_numa_work().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50223",
"url": "https://www.suse.com/security/cve/CVE-2024-50223"
},
{
"category": "external",
"summary": "SUSE Bug 1233192 for CVE-2024-50223",
"url": "https://bugzilla.suse.com/1233192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-50223"
},
{
"cve": "CVE-2024-53135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN\n\nHide KVM\u0027s pt_mode module param behind CONFIG_BROKEN, i.e. disable support\nfor virtualizing Intel PT via guest/host mode unless BROKEN=y. There are\nmyriad bugs in the implementation, some of which are fatal to the guest,\nand others which put the stability and health of the host at risk.\n\nFor guest fatalities, the most glaring issue is that KVM fails to ensure\ntracing is disabled, and *stays* disabled prior to VM-Enter, which is\nnecessary as hardware disallows loading (the guest\u0027s) RTIT_CTL if tracing\nis enabled (enforced via a VMX consistency check). Per the SDM:\n\n If the logical processor is operating with Intel PT enabled (if\n IA32_RTIT_CTL.TraceEn = 1) at the time of VM entry, the \"load\n IA32_RTIT_CTL\" VM-entry control must be 0.\n\nOn the host side, KVM doesn\u0027t validate the guest CPUID configuration\nprovided by userspace, and even worse, uses the guest configuration to\ndecide what MSRs to save/load at VM-Enter and VM-Exit. E.g. configuring\nguest CPUID to enumerate more address ranges than are supported in hardware\nwill result in KVM trying to passthrough, save, and load non-existent MSRs,\nwhich generates a variety of WARNs, ToPA ERRORs in the host, a potential\ndeadlock, etc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53135",
"url": "https://www.suse.com/security/cve/CVE-2024-53135"
},
{
"category": "external",
"summary": "SUSE Bug 1234154 for CVE-2024-53135",
"url": "https://bugzilla.suse.com/1234154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-53135"
},
{
"cve": "CVE-2024-54458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: bsg: Set bsg_queue to NULL after removal\n\nCurrently, this does not cause any issues, but I believe it is necessary to\nset bsg_queue to NULL after removing it to prevent potential use-after-free\n(UAF) access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54458",
"url": "https://www.suse.com/security/cve/CVE-2024-54458"
},
{
"category": "external",
"summary": "SUSE Bug 1238992 for CVE-2024-54458",
"url": "https://bugzilla.suse.com/1238992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-54458"
},
{
"cve": "CVE-2024-58098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: track changes_pkt_data property for global functions\n\nWhen processing calls to certain helpers, verifier invalidates all\npacket pointers in a current state. For example, consider the\nfollowing program:\n\n __attribute__((__noinline__))\n long skb_pull_data(struct __sk_buff *sk, __u32 len)\n {\n return bpf_skb_pull_data(sk, len);\n }\n\n SEC(\"tc\")\n int test_invalidate_checks(struct __sk_buff *sk)\n {\n int *p = (void *)(long)sk-\u003edata;\n if ((void *)(p + 1) \u003e (void *)(long)sk-\u003edata_end) return TCX_DROP;\n skb_pull_data(sk, 0);\n *p = 42;\n return TCX_PASS;\n }\n\nAfter a call to bpf_skb_pull_data() the pointer \u0027p\u0027 can\u0027t be used\nsafely. See function filter.c:bpf_helper_changes_pkt_data() for a list\nof such helpers.\n\nAt the moment verifier invalidates packet pointers when processing\nhelper function calls, and does not traverse global sub-programs when\nprocessing calls to global sub-programs. This means that calls to\nhelpers done from global sub-programs do not invalidate pointers in\nthe caller state. E.g. the program above is unsafe, but is not\nrejected by verifier.\n\nThis commit fixes the omission by computing field\nbpf_subprog_info-\u003echanges_pkt_data for each sub-program before main\nverification pass.\nchanges_pkt_data should be set if:\n- subprogram calls helper for which bpf_helper_changes_pkt_data\n returns true;\n- subprogram calls a global function,\n for which bpf_subprog_info-\u003echanges_pkt_data should be set.\n\nThe verifier.c:check_cfg() pass is modified to compute this\ninformation. The commit relies on depth first instruction traversal\ndone by check_cfg() and absence of recursive function calls:\n- check_cfg() would eventually visit every call to subprogram S in a\n state when S is fully explored;\n- when S is fully explored:\n - every direct helper call within S is explored\n (and thus changes_pkt_data is set if needed);\n - every call to subprogram S1 called by S was visited with S1 fully\n explored (and thus S inherits changes_pkt_data from S1).\n\nThe downside of such approach is that dead code elimination is not\ntaken into account: if a helper call inside global function is dead\nbecause of current configuration, verifier would conservatively assume\nthat the call occurs for the purpose of the changes_pkt_data\ncomputation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58098",
"url": "https://www.suse.com/security/cve/CVE-2024-58098"
},
{
"category": "external",
"summary": "SUSE Bug 1242565 for CVE-2024-58098",
"url": "https://bugzilla.suse.com/1242565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-58098"
},
{
"cve": "CVE-2024-58099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame\n\nAndrew and Nikolay reported connectivity issues with Cilium\u0027s service\nload-balancing in case of vmxnet3.\n\nIf a BPF program for native XDP adds an encapsulation header such as\nIPIP and transmits the packet out the same interface, then in case\nof vmxnet3 a corrupted packet is being sent and subsequently dropped\non the path.\n\nvmxnet3_xdp_xmit_frame() which is called e.g. via vmxnet3_run_xdp()\nthrough vmxnet3_xdp_xmit_back() calculates an incorrect DMA address:\n\n page = virt_to_page(xdpf-\u003edata);\n tbi-\u003edma_addr = page_pool_get_dma_addr(page) +\n VMXNET3_XDP_HEADROOM;\n dma_sync_single_for_device(\u0026adapter-\u003epdev-\u003edev,\n tbi-\u003edma_addr, buf_size,\n DMA_TO_DEVICE);\n\nThe above assumes a fixed offset (VMXNET3_XDP_HEADROOM), but the XDP\nBPF program could have moved xdp-\u003edata. While the passed buf_size is\ncorrect (xdpf-\u003elen), the dma_addr needs to have a dynamic offset which\ncan be calculated as xdpf-\u003edata - (void *)xdpf, that is, xdp-\u003edata -\nxdp-\u003edata_hard_start.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58099",
"url": "https://www.suse.com/security/cve/CVE-2024-58099"
},
{
"category": "external",
"summary": "SUSE Bug 1242035 for CVE-2024-58099",
"url": "https://bugzilla.suse.com/1242035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-58099"
},
{
"cve": "CVE-2024-58100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: check changes_pkt_data property for extension programs\n\nWhen processing calls to global sub-programs, verifier decides whether\nto invalidate all packet pointers in current state depending on the\nchanges_pkt_data property of the global sub-program.\n\nBecause of this, an extension program replacing a global sub-program\nmust be compatible with changes_pkt_data property of the sub-program\nbeing replaced.\n\nThis commit:\n- adds changes_pkt_data flag to struct bpf_prog_aux:\n - this flag is set in check_cfg() for main sub-program;\n - in jit_subprogs() for other sub-programs;\n- modifies bpf_check_attach_btf_id() to check changes_pkt_data flag;\n- moves call to check_attach_btf_id() after the call to check_cfg(),\n because it needs changes_pkt_data flag to be set:\n\n bpf_check:\n ... ...\n - check_attach_btf_id resolve_pseudo_ldimm64\n resolve_pseudo_ldimm64 --\u003e bpf_prog_is_offloaded\n bpf_prog_is_offloaded check_cfg\n check_cfg + check_attach_btf_id\n ... ...\n\nThe following fields are set by check_attach_btf_id():\n- env-\u003eops\n- prog-\u003eaux-\u003eattach_btf_trace\n- prog-\u003eaux-\u003eattach_func_name\n- prog-\u003eaux-\u003eattach_func_proto\n- prog-\u003eaux-\u003edst_trampoline\n- prog-\u003eaux-\u003emod\n- prog-\u003eaux-\u003esaved_dst_attach_type\n- prog-\u003eaux-\u003esaved_dst_prog_type\n- prog-\u003eexpected_attach_type\n\nNeither of these fields are used by resolve_pseudo_ldimm64() or\nbpf_prog_offload_verifier_prep() (for netronome and netdevsim\ndrivers), so the reordering is safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58100",
"url": "https://www.suse.com/security/cve/CVE-2024-58100"
},
{
"category": "external",
"summary": "SUSE Bug 1242564 for CVE-2024-58100",
"url": "https://bugzilla.suse.com/1242564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-58100"
},
{
"cve": "CVE-2024-58237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: consider that tail calls invalidate packet pointers\n\nTail-called programs could execute any of the helpers that invalidate\npacket pointers. Hence, conservatively assume that each tail call\ninvalidates packet pointers.\n\nMaking the change in bpf_helper_changes_pkt_data() automatically makes\nuse of check_cfg() logic that computes \u0027changes_pkt_data\u0027 effect for\nglobal sub-programs, such that the following program could be\nrejected:\n\n int tail_call(struct __sk_buff *sk)\n {\n \tbpf_tail_call_static(sk, \u0026jmp_table, 0);\n \treturn 0;\n }\n\n SEC(\"tc\")\n int not_safe(struct __sk_buff *sk)\n {\n \tint *p = (void *)(long)sk-\u003edata;\n \t... make p valid ...\n \ttail_call(sk);\n \t*p = 42; /* this is unsafe */\n \t...\n }\n\nThe tc_bpf2bpf.c:subprog_tc() needs change: mark it as a function that\ncan invalidate packet pointers. Otherwise, it can\u0027t be freplaced with\ntailcall_freplace.c:entry_freplace() that does a tail call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58237",
"url": "https://www.suse.com/security/cve/CVE-2024-58237"
},
{
"category": "external",
"summary": "SUSE Bug 1242574 for CVE-2024-58237",
"url": "https://bugzilla.suse.com/1242574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-58237"
},
{
"cve": "CVE-2025-21629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\n\nThe blamed commit disabled hardware offoad of IPv6 packets with\nextension headers on devices that advertise NETIF_F_IPV6_CSUM,\nbased on the definition of that feature in skbuff.h:\n\n * * - %NETIF_F_IPV6_CSUM\n * - Driver (device) is only able to checksum plain\n * TCP or UDP packets over IPv6. These are specifically\n * unencapsulated packets of the form IPv6|TCP or\n * IPv6|UDP where the Next Header field in the IPv6\n * header is either TCP or UDP. IPv6 extension headers\n * are not supported with this feature. This feature\n * cannot be set in features for a device with\n * NETIF_F_HW_CSUM also set. This feature is being\n * DEPRECATED (see below).\n\nThe change causes skb_warn_bad_offload to fire for BIG TCP\npackets.\n\n[ 496.310233] WARNING: CPU: 13 PID: 23472 at net/core/dev.c:3129 skb_warn_bad_offload+0xc4/0xe0\n\n[ 496.310297] ? skb_warn_bad_offload+0xc4/0xe0\n[ 496.310300] skb_checksum_help+0x129/0x1f0\n[ 496.310303] skb_csum_hwoffload_help+0x150/0x1b0\n[ 496.310306] validate_xmit_skb+0x159/0x270\n[ 496.310309] validate_xmit_skb_list+0x41/0x70\n[ 496.310312] sch_direct_xmit+0x5c/0x250\n[ 496.310317] __qdisc_run+0x388/0x620\n\nBIG TCP introduced an IPV6_TLV_JUMBO IPv6 extension header to\ncommunicate packet length, as this is an IPv6 jumbogram. But, the\nfeature is only enabled on devices that support BIG TCP TSO. The\nheader is only present for PF_PACKET taps like tcpdump, and not\ntransmitted by physical devices.\n\nFor this specific case of extension headers that are not\ntransmitted, return to the situation before the blamed commit\nand support hardware offload.\n\nipv6_has_hopopt_jumbo() tests not only whether this header is present,\nbut also that it is the only extension header before a terminal (L4)\nheader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21629",
"url": "https://www.suse.com/security/cve/CVE-2025-21629"
},
{
"category": "external",
"summary": "SUSE Bug 1235968 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "external",
"summary": "SUSE Bug 1244722 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1244722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "important"
}
],
"title": "CVE-2025-21629"
},
{
"cve": "CVE-2025-21648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\n\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\nresizing hashtable because __GFP_NOWARN is unset. See:\n\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\n\nNote: hashtable resize is only possible from init_netns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21648",
"url": "https://www.suse.com/security/cve/CVE-2025-21648"
},
{
"category": "external",
"summary": "SUSE Bug 1236142 for CVE-2025-21648",
"url": "https://bugzilla.suse.com/1236142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-21648"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: better TEAM_OPTION_TYPE_STRING validation\n\nsyzbot reported following splat [1]\n\nMake sure user-provided data contains one nul byte.\n\n[1]\n BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inline]\n BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714\n string_nocheck lib/vsprintf.c:633 [inline]\n string+0x3ec/0x5f0 lib/vsprintf.c:714\n vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843\n __request_module+0x252/0x9f0 kernel/module/kmod.c:149\n team_mode_get drivers/net/team/team_core.c:480 [inline]\n team_change_mode drivers/net/team/team_core.c:607 [inline]\n team_mode_option_set+0x437/0x970 drivers/net/team/team_core.c:1401\n team_option_set drivers/net/team/team_core.c:375 [inline]\n team_nl_options_set_doit+0x1339/0x1f90 drivers/net/team/team_core.c:2662\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x1214/0x12c0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2543\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:733\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2573\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2627\n __sys_sendmsg net/socket.c:2659 [inline]\n __do_sys_sendmsg net/socket.c:2664 [inline]\n __se_sys_sendmsg net/socket.c:2662 [inline]\n __x64_sys_sendmsg+0x212/0x3c0 net/socket.c:2662\n x64_sys_call+0x2ed6/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21787",
"url": "https://www.suse.com/security/cve/CVE-2025-21787"
},
{
"category": "external",
"summary": "SUSE Bug 1238774 for CVE-2025-21787",
"url": "https://bugzilla.suse.com/1238774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-21787"
},
{
"cve": "CVE-2025-21814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: Ensure info-\u003eenable callback is always set\n\nThe ioctl and sysfs handlers unconditionally call the -\u003eenable callback.\nNot all drivers implement that callback, leading to NULL dereferences.\nExample of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c.\n\nInstead use a dummy callback if no better was specified by the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21814",
"url": "https://www.suse.com/security/cve/CVE-2025-21814"
},
{
"category": "external",
"summary": "SUSE Bug 1238473 for CVE-2025-21814",
"url": "https://bugzilla.suse.com/1238473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-21814"
},
{
"cve": "CVE-2025-21868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: allow small head cache usage with large MAX_SKB_FRAGS values\n\nSabrina reported the following splat:\n\n WARNING: CPU: 0 PID: 1 at net/core/dev.c:6935 netif_napi_add_weight_locked+0x8f2/0xba0\n Modules linked in:\n CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.14.0-rc1-net-00092-g011b03359038 #996\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:netif_napi_add_weight_locked+0x8f2/0xba0\n Code: e8 c3 e6 6a fe 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc c7 44 24 10 ff ff ff ff e9 8f fb ff ff e8 9e e6 6a fe \u003c0f\u003e 0b e9 d3 fe ff ff e8 92 e6 6a fe 48 8b 04 24 be ff ff ff ff 48\n RSP: 0000:ffffc9000001fc60 EFLAGS: 00010293\n RAX: 0000000000000000 RBX: ffff88806ce48128 RCX: 1ffff11001664b9e\n RDX: ffff888008f00040 RSI: ffffffff8317ca42 RDI: ffff88800b325cb6\n RBP: ffff88800b325c40 R08: 0000000000000001 R09: ffffed100167502c\n R10: ffff88800b3a8163 R11: 0000000000000000 R12: ffff88800ac1c168\n R13: ffff88800ac1c168 R14: ffff88800ac1c168 R15: 0000000000000007\n FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffff888008201000 CR3: 0000000004c94001 CR4: 0000000000370ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n gro_cells_init+0x1ba/0x270\n xfrm_input_init+0x4b/0x2a0\n xfrm_init+0x38/0x50\n ip_rt_init+0x2d7/0x350\n ip_init+0xf/0x20\n inet_init+0x406/0x590\n do_one_initcall+0x9d/0x2e0\n do_initcalls+0x23b/0x280\n kernel_init_freeable+0x445/0x490\n kernel_init+0x20/0x1d0\n ret_from_fork+0x46/0x80\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n irq event stamp: 584330\n hardirqs last enabled at (584338): [\u003cffffffff8168bf87\u003e] __up_console_sem+0x77/0xb0\n hardirqs last disabled at (584345): [\u003cffffffff8168bf6c\u003e] __up_console_sem+0x5c/0xb0\n softirqs last enabled at (583242): [\u003cffffffff833ee96d\u003e] netlink_insert+0x14d/0x470\n softirqs last disabled at (583754): [\u003cffffffff8317c8cd\u003e] netif_napi_add_weight_locked+0x77d/0xba0\n\non kernel built with MAX_SKB_FRAGS=45, where SKB_WITH_OVERHEAD(1024)\nis smaller than GRO_MAX_HEAD.\n\nSuch built additionally contains the revert of the single page frag cache\nso that napi_get_frags() ends up using the page frag allocator, triggering\nthe splat.\n\nNote that the underlying issue is independent from the mentioned\nrevert; address it ensuring that the small head cache will fit either TCP\nand GRO allocation and updating napi_alloc_skb() and __netdev_alloc_skb()\nto select kmalloc() usage for any allocation fitting such cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21868",
"url": "https://www.suse.com/security/cve/CVE-2025-21868"
},
{
"category": "external",
"summary": "SUSE Bug 1240180 for CVE-2025-21868",
"url": "https://bugzilla.suse.com/1240180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-21868"
},
{
"cve": "CVE-2025-21919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Fix potential memory corruption in child_cfs_rq_on_list\n\nchild_cfs_rq_on_list attempts to convert a \u0027prev\u0027 pointer to a cfs_rq.\nThis \u0027prev\u0027 pointer can originate from struct rq\u0027s leaf_cfs_rq_list,\nmaking the conversion invalid and potentially leading to memory\ncorruption. Depending on the relative positions of leaf_cfs_rq_list and\nthe task group (tg) pointer within the struct, this can cause a memory\nfault or access garbage data.\n\nThe issue arises in list_add_leaf_cfs_rq, where both\ncfs_rq-\u003eleaf_cfs_rq_list and rq-\u003eleaf_cfs_rq_list are added to the same\nleaf list. Also, rq-\u003etmp_alone_branch can be set to rq-\u003eleaf_cfs_rq_list.\n\nThis adds a check `if (prev == \u0026rq-\u003eleaf_cfs_rq_list)` after the main\nconditional in child_cfs_rq_on_list. This ensures that the container_of\noperation will convert a correct cfs_rq struct.\n\nThis check is sufficient because only cfs_rqs on the same CPU are added\nto the list, so verifying the \u0027prev\u0027 pointer against the current rq\u0027s list\nhead is enough.\n\nFixes a potential memory corruption issue that due to current struct\nlayout might not be manifesting as a crash but could lead to unpredictable\nbehavior when the layout changes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21919",
"url": "https://www.suse.com/security/cve/CVE-2025-21919"
},
{
"category": "external",
"summary": "SUSE Bug 1240593 for CVE-2025-21919",
"url": "https://bugzilla.suse.com/1240593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-21919"
},
{
"cve": "CVE-2025-21938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix \u0027scheduling while atomic\u0027 in mptcp_pm_nl_append_new_local_addr\n\nIf multiple connection requests attempt to create an implicit mptcp\nendpoint in parallel, more than one caller may end up in\nmptcp_pm_nl_append_new_local_addr because none found the address in\nlocal_addr_list during their call to mptcp_pm_nl_get_local_id. In this\ncase, the concurrent new_local_addr calls may delete the address entry\ncreated by the previous caller. These deletes use synchronize_rcu, but\nthis is not permitted in some of the contexts where this function may be\ncalled. During packet recv, the caller may be in a rcu read critical\nsection and have preemption disabled.\n\nAn example stack:\n\n BUG: scheduling while atomic: swapper/2/0/0x00000302\n\n Call Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:117 (discriminator 1))\n dump_stack (lib/dump_stack.c:124)\n __schedule_bug (kernel/sched/core.c:5943)\n schedule_debug.constprop.0 (arch/x86/include/asm/preempt.h:33 kernel/sched/core.c:5970)\n __schedule (arch/x86/include/asm/jump_label.h:27 include/linux/jump_label.h:207 kernel/sched/features.h:29 kernel/sched/core.c:6621)\n schedule (arch/x86/include/asm/preempt.h:84 kernel/sched/core.c:6804 kernel/sched/core.c:6818)\n schedule_timeout (kernel/time/timer.c:2160)\n wait_for_completion (kernel/sched/completion.c:96 kernel/sched/completion.c:116 kernel/sched/completion.c:127 kernel/sched/completion.c:148)\n __wait_rcu_gp (include/linux/rcupdate.h:311 kernel/rcu/update.c:444)\n synchronize_rcu (kernel/rcu/tree.c:3609)\n mptcp_pm_nl_append_new_local_addr (net/mptcp/pm_netlink.c:966 net/mptcp/pm_netlink.c:1061)\n mptcp_pm_nl_get_local_id (net/mptcp/pm_netlink.c:1164)\n mptcp_pm_get_local_id (net/mptcp/pm.c:420)\n subflow_check_req (net/mptcp/subflow.c:98 net/mptcp/subflow.c:213)\n subflow_v4_route_req (net/mptcp/subflow.c:305)\n tcp_conn_request (net/ipv4/tcp_input.c:7216)\n subflow_v4_conn_request (net/mptcp/subflow.c:651)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6709)\n tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1934)\n tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2334)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205 (discriminator 1))\n ip_local_deliver_finish (include/linux/rcupdate.h:813 net/ipv4/ip_input.c:234)\n ip_local_deliver (include/linux/netfilter.h:314 include/linux/netfilter.h:308 net/ipv4/ip_input.c:254)\n ip_sublist_rcv_finish (include/net/dst.h:461 net/ipv4/ip_input.c:580)\n ip_sublist_rcv (net/ipv4/ip_input.c:640)\n ip_list_rcv (net/ipv4/ip_input.c:675)\n __netif_receive_skb_list_core (net/core/dev.c:5583 net/core/dev.c:5631)\n netif_receive_skb_list_internal (net/core/dev.c:5685 net/core/dev.c:5774)\n napi_complete_done (include/linux/list.h:37 include/net/gro.h:449 include/net/gro.h:444 net/core/dev.c:6114)\n igb_poll (drivers/net/ethernet/intel/igb/igb_main.c:8244) igb\n __napi_poll (net/core/dev.c:6582)\n net_rx_action (net/core/dev.c:6653 net/core/dev.c:6787)\n handle_softirqs (kernel/softirq.c:553)\n __irq_exit_rcu (kernel/softirq.c:588 kernel/softirq.c:427 kernel/softirq.c:636)\n irq_exit_rcu (kernel/softirq.c:651)\n common_interrupt (arch/x86/kernel/irq.c:247 (discriminator 14))\n \u003c/IRQ\u003e\n\nThis problem seems particularly prevalent if the user advertises an\nendpoint that has a different external vs internal address. In the case\nwhere the external address is advertised and multiple connections\nalready exist, multiple subflow SYNs arrive in parallel which tends to\ntrigger the race during creation of the first local_addr_list entries\nwhich have the internal address instead.\n\nFix by skipping the replacement of an existing implicit local address if\ncalled via mptcp_pm_nl_get_local_id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21938",
"url": "https://www.suse.com/security/cve/CVE-2025-21938"
},
{
"category": "external",
"summary": "SUSE Bug 1240723 for CVE-2025-21938",
"url": "https://bugzilla.suse.com/1240723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-21938"
},
{
"cve": "CVE-2025-21997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix an integer overflow in xp_create_and_assign_umem()\n\nSince the i and pool-\u003echunk_size variables are of type \u0027u32\u0027,\ntheir product can wrap around and then be cast to \u0027u64\u0027.\nThis can lead to two different XDP buffers pointing to the same\nmemory area.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21997",
"url": "https://www.suse.com/security/cve/CVE-2025-21997"
},
{
"category": "external",
"summary": "SUSE Bug 1240823 for CVE-2025-21997",
"url": "https://bugzilla.suse.com/1240823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-21997"
},
{
"cve": "CVE-2025-22005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().\n\nfib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything\nwhen it fails.\n\nCommit 7dd73168e273 (\"ipv6: Always allocate pcpu memory in a fib6_nh\")\nmoved fib_nh_common_init() before alloc_percpu_gfp() within fib6_nh_init()\nbut forgot to add cleanup for fib6_nh-\u003enh_common.nhc_pcpu_rth_output in\ncase it fails to allocate fib6_nh-\u003ert6i_pcpu, resulting in memleak.\n\nLet\u0027s call fib_nh_common_release() and clear nhc_pcpu_rth_output in the\nerror path.\n\nNote that we can remove the fib6_nh_release() call in nh_create_ipv6()\nlater in net-next.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22005",
"url": "https://www.suse.com/security/cve/CVE-2025-22005"
},
{
"category": "external",
"summary": "SUSE Bug 1240866 for CVE-2025-22005",
"url": "https://bugzilla.suse.com/1240866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22005"
},
{
"cve": "CVE-2025-22021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: socket: Lookup orig tuple for IPv6 SNAT\n\nnf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to\nrestore the original 5-tuple in case of SNAT, to be able to find the\nright socket (if any). Then socket_match() can correctly check whether\nthe socket was transparent.\n\nHowever, the IPv6 counterpart (nf_sk_lookup_slow_v6) lacks this\nconntrack lookup, making xt_socket fail to match on the socket when the\npacket was SNATed. Add the same logic to nf_sk_lookup_slow_v6.\n\nIPv6 SNAT is used in Kubernetes clusters for pod-to-world packets, as\npods\u0027 addresses are in the fd00::/8 ULA subnet and need to be replaced\nwith the node\u0027s external address. Cilium leverages Envoy to enforce L7\npolicies, and Envoy uses transparent sockets. Cilium inserts an iptables\nprerouting rule that matches on `-m socket --transparent` and redirects\nthe packets to localhost, but it fails to match SNATed IPv6 packets due\nto that missing conntrack lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22021",
"url": "https://www.suse.com/security/cve/CVE-2025-22021"
},
{
"category": "external",
"summary": "SUSE Bug 1241282 for CVE-2025-22021",
"url": "https://bugzilla.suse.com/1241282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "low"
}
],
"title": "CVE-2025-22021"
},
{
"cve": "CVE-2025-22030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()\n\nCurrently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding\nthe per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_lock\n(through crypto_exit_scomp_ops_async()).\n\nOn the other hand, crypto_alloc_acomp_node() holds the scomp_lock (through\ncrypto_scomp_init_tfm()), and then allocates memory. If the allocation\nresults in reclaim, we may attempt to hold the per-CPU acomp_ctx mutex.\n\nThe above dependencies can cause an ABBA deadlock. For example in the\nfollowing scenario:\n\n(1) Task A running on CPU #1:\n crypto_alloc_acomp_node()\n Holds scomp_lock\n Enters reclaim\n Reads per_cpu_ptr(pool-\u003eacomp_ctx, 1)\n\n(2) Task A is descheduled\n\n(3) CPU #1 goes offline\n zswap_cpu_comp_dead(CPU #1)\n Holds per_cpu_ptr(pool-\u003eacomp_ctx, 1))\n Calls crypto_free_acomp()\n Waits for scomp_lock\n\n(4) Task A running on CPU #2:\n Waits for per_cpu_ptr(pool-\u003eacomp_ctx, 1) // Read on CPU #1\n DEADLOCK\n\nSince there is no requirement to call crypto_free_acomp() with the per-CPU\nacomp_ctx mutex held in zswap_cpu_comp_dead(), move it after the mutex is\nunlocked. Also move the acomp_request_free() and kfree() calls for\nconsistency and to avoid any potential sublte locking dependencies in the\nfuture.\n\nWith this, only setting acomp_ctx fields to NULL occurs with the mutex\nheld. This is similar to how zswap_cpu_comp_prepare() only initializes\nacomp_ctx fields with the mutex held, after performing all allocations\nbefore holding the mutex.\n\nOpportunistically, move the NULL check on acomp_ctx so that it takes place\nbefore the mutex dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22030",
"url": "https://www.suse.com/security/cve/CVE-2025-22030"
},
{
"category": "external",
"summary": "SUSE Bug 1241376 for CVE-2025-22030",
"url": "https://bugzilla.suse.com/1241376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22030"
},
{
"cve": "CVE-2025-22056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_tunnel: fix geneve_opt type confusion addition\n\nWhen handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the\nparsing logic should place every geneve_opt structure one by one\ncompactly. Hence, when deciding the next geneve_opt position, the\npointer addition should be in units of char *.\n\nHowever, the current implementation erroneously does type conversion\nbefore the addition, which will lead to heap out-of-bounds write.\n\n[ 6.989857] ==================================================================\n[ 6.990293] BUG: KASAN: slab-out-of-bounds in nft_tunnel_obj_init+0x977/0xa70\n[ 6.990725] Write of size 124 at addr ffff888005f18974 by task poc/178\n[ 6.991162]\n[ 6.991259] CPU: 0 PID: 178 Comm: poc-oob-write Not tainted 6.1.132 #1\n[ 6.991655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 6.992281] Call Trace:\n[ 6.992423] \u003cTASK\u003e\n[ 6.992586] dump_stack_lvl+0x44/0x5c\n[ 6.992801] print_report+0x184/0x4be\n[ 6.993790] kasan_report+0xc5/0x100\n[ 6.994252] kasan_check_range+0xf3/0x1a0\n[ 6.994486] memcpy+0x38/0x60\n[ 6.994692] nft_tunnel_obj_init+0x977/0xa70\n[ 6.995677] nft_obj_init+0x10c/0x1b0\n[ 6.995891] nf_tables_newobj+0x585/0x950\n[ 6.996922] nfnetlink_rcv_batch+0xdf9/0x1020\n[ 6.998997] nfnetlink_rcv+0x1df/0x220\n[ 6.999537] netlink_unicast+0x395/0x530\n[ 7.000771] netlink_sendmsg+0x3d0/0x6d0\n[ 7.001462] __sock_sendmsg+0x99/0xa0\n[ 7.001707] ____sys_sendmsg+0x409/0x450\n[ 7.002391] ___sys_sendmsg+0xfd/0x170\n[ 7.003145] __sys_sendmsg+0xea/0x170\n[ 7.004359] do_syscall_64+0x5e/0x90\n[ 7.005817] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 7.006127] RIP: 0033:0x7ec756d4e407\n[ 7.006339] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 7.007364] RSP: 002b:00007ffed5d46760 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n[ 7.007827] RAX: ffffffffffffffda RBX: 00007ec756cc4740 RCX: 00007ec756d4e407\n[ 7.008223] RDX: 0000000000000000 RSI: 00007ffed5d467f0 RDI: 0000000000000003\n[ 7.008620] RBP: 00007ffed5d468a0 R08: 0000000000000000 R09: 0000000000000000\n[ 7.009039] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n[ 7.009429] R13: 00007ffed5d478b0 R14: 00007ec756ee5000 R15: 00005cbd4e655cb8\n\nFix this bug with correct pointer addition and conversion in parse\nand dump code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22056",
"url": "https://www.suse.com/security/cve/CVE-2025-22056"
},
{
"category": "external",
"summary": "SUSE Bug 1241525 for CVE-2025-22056",
"url": "https://bugzilla.suse.com/1241525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22056"
},
{
"cve": "CVE-2025-22057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: decrease cached dst counters in dst_release\n\nUpstream fix ac888d58869b (\"net: do not delay dst_entries_add() in\ndst_release()\") moved decrementing the dst count from dst_destroy to\ndst_release to avoid accessing already freed data in case of netns\ndismantle. However in case CONFIG_DST_CACHE is enabled and OvS+tunnels\nare used, this fix is incomplete as the same issue will be seen for\ncached dsts:\n\n Unable to handle kernel paging request at virtual address ffff5aabf6b5c000\n Call trace:\n percpu_counter_add_batch+0x3c/0x160 (P)\n dst_release+0xec/0x108\n dst_cache_destroy+0x68/0xd8\n dst_destroy+0x13c/0x168\n dst_destroy_rcu+0x1c/0xb0\n rcu_do_batch+0x18c/0x7d0\n rcu_core+0x174/0x378\n rcu_core_si+0x18/0x30\n\nFix this by invalidating the cache, and thus decrementing cached dst\ncounters, in dst_release too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22057",
"url": "https://www.suse.com/security/cve/CVE-2025-22057"
},
{
"category": "external",
"summary": "SUSE Bug 1241533 for CVE-2025-22057",
"url": "https://bugzilla.suse.com/1241533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22057"
},
{
"cve": "CVE-2025-22063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets\n\nWhen calling netlbl_conn_setattr(), addr-\u003esa_family is used\nto determine the function behavior. If sk is an IPv4 socket,\nbut the connect function is called with an IPv6 address,\nthe function calipso_sock_setattr() is triggered.\nInside this function, the following code is executed:\n\nsk_fullsock(__sk) ? inet_sk(__sk)-\u003epinet6 : NULL;\n\nSince sk is an IPv4 socket, pinet6 is NULL, leading to a\nnull pointer dereference.\n\nThis patch fixes the issue by checking if inet6_sk(sk)\nreturns a NULL pointer before accessing pinet6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22063",
"url": "https://www.suse.com/security/cve/CVE-2025-22063"
},
{
"category": "external",
"summary": "SUSE Bug 1241351 for CVE-2025-22063",
"url": "https://bugzilla.suse.com/1241351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22063"
},
{
"cve": "CVE-2025-22066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: imx-card: Add NULL check in imx_card_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nimx_card_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22066",
"url": "https://www.suse.com/security/cve/CVE-2025-22066"
},
{
"category": "external",
"summary": "SUSE Bug 1241340 for CVE-2025-22066",
"url": "https://bugzilla.suse.com/1241340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22066"
},
{
"cve": "CVE-2025-22070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: fix NULL pointer dereference on mkdir\n\nWhen a 9p tree was mounted with option \u0027posixacl\u0027, parent directory had a\ndefault ACL set for its subdirectories, e.g.:\n\n setfacl -m default:group:simpsons:rwx parentdir\n\nthen creating a subdirectory crashed 9p client, as v9fs_fid_add() call in\nfunction v9fs_vfs_mkdir_dotl() sets the passed \u0027fid\u0027 pointer to NULL\n(since dafbe689736) even though the subsequent v9fs_set_create_acl() call\nexpects a valid non-NULL \u0027fid\u0027 pointer:\n\n [ 37.273191] BUG: kernel NULL pointer dereference, address: 0000000000000000\n ...\n [ 37.322338] Call Trace:\n [ 37.323043] \u003cTASK\u003e\n [ 37.323621] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434)\n [ 37.324448] ? page_fault_oops (arch/x86/mm/fault.c:714)\n [ 37.325532] ? search_module_extables (kernel/module/main.c:3733)\n [ 37.326742] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.328006] ? search_bpf_extables (kernel/bpf/core.c:804)\n [ 37.329142] ? exc_page_fault (./arch/x86/include/asm/paravirt.h:686 arch/x86/mm/fault.c:1488 arch/x86/mm/fault.c:1538)\n [ 37.330196] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:574)\n [ 37.331330] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.332562] ? v9fs_fid_xattr_get (fs/9p/xattr.c:30) 9p\n [ 37.333824] v9fs_fid_xattr_set (fs/9p/fid.h:23 fs/9p/xattr.c:121) 9p\n [ 37.335077] v9fs_set_acl (fs/9p/acl.c:276) 9p\n [ 37.336112] v9fs_set_create_acl (fs/9p/acl.c:307) 9p\n [ 37.337326] v9fs_vfs_mkdir_dotl (fs/9p/vfs_inode_dotl.c:411) 9p\n [ 37.338590] vfs_mkdir (fs/namei.c:4313)\n [ 37.339535] do_mkdirat (fs/namei.c:4336)\n [ 37.340465] __x64_sys_mkdir (fs/namei.c:4354)\n [ 37.341455] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n [ 37.342447] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by simply swapping the sequence of these two calls in\nv9fs_vfs_mkdir_dotl(), i.e. calling v9fs_set_create_acl() before\nv9fs_fid_add().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22070",
"url": "https://www.suse.com/security/cve/CVE-2025-22070"
},
{
"category": "external",
"summary": "SUSE Bug 1241305 for CVE-2025-22070",
"url": "https://bugzilla.suse.com/1241305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22070"
},
{
"cve": "CVE-2025-22089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Don\u0027t expose hw_counters outside of init net namespace\n\nCommit 467f432a521a (\"RDMA/core: Split port and device counter sysfs\nattributes\") accidentally almost exposed hw counters to non-init net\nnamespaces. It didn\u0027t expose them fully, as an attempt to read any of\nthose counters leads to a crash like this one:\n\n[42021.807566] BUG: kernel NULL pointer dereference, address: 0000000000000028\n[42021.814463] #PF: supervisor read access in kernel mode\n[42021.819549] #PF: error_code(0x0000) - not-present page\n[42021.824636] PGD 0 P4D 0\n[42021.827145] Oops: 0000 [#1] SMP PTI\n[42021.830598] CPU: 82 PID: 2843922 Comm: switchto-defaul Kdump: loaded Tainted: G S W I XXX\n[42021.841697] Hardware name: XXX\n[42021.849619] RIP: 0010:hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.855362] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 49 89 d0 4c 8b 5e 20 48 8b 8f b8 04 00 00 48 81 c7 f0 fa ff ff \u003c48\u003e 8b 41 28 48 29 ce 48 83 c6 d0 48 c1 ee 04 69 d6 ab aa aa aa 48\n[42021.873931] RSP: 0018:ffff97fe90f03da0 EFLAGS: 00010287\n[42021.879108] RAX: ffff9406988a8c60 RBX: ffff940e1072d438 RCX: 0000000000000000\n[42021.886169] RDX: ffff94085f1aa000 RSI: ffff93c6cbbdbcb0 RDI: ffff940c7517aef0\n[42021.893230] RBP: ffff97fe90f03e70 R08: ffff94085f1aa000 R09: 0000000000000000\n[42021.900294] R10: ffff94085f1aa000 R11: ffffffffc0775680 R12: ffffffff87ca2530\n[42021.907355] R13: ffff940651602840 R14: ffff93c6cbbdbcb0 R15: ffff94085f1aa000\n[42021.914418] FS: 00007fda1a3b9700(0000) GS:ffff94453fb80000(0000) knlGS:0000000000000000\n[42021.922423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[42021.928130] CR2: 0000000000000028 CR3: 00000042dcfb8003 CR4: 00000000003726f0\n[42021.935194] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[42021.942257] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[42021.949324] Call Trace:\n[42021.951756] \u003cTASK\u003e\n[42021.953842] [\u003cffffffff86c58674\u003e] ? show_regs+0x64/0x70\n[42021.959030] [\u003cffffffff86c58468\u003e] ? __die+0x78/0xc0\n[42021.963874] [\u003cffffffff86c9ef75\u003e] ? page_fault_oops+0x2b5/0x3b0\n[42021.969749] [\u003cffffffff87674b92\u003e] ? exc_page_fault+0x1a2/0x3c0\n[42021.975549] [\u003cffffffff87801326\u003e] ? asm_exc_page_fault+0x26/0x30\n[42021.981517] [\u003cffffffffc0775680\u003e] ? __pfx_show_hw_stats+0x10/0x10 [ib_core]\n[42021.988482] [\u003cffffffffc077564e\u003e] ? hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.995438] [\u003cffffffff86ac7f8e\u003e] dev_attr_show+0x1e/0x50\n[42022.000803] [\u003cffffffff86a3eeb1\u003e] sysfs_kf_seq_show+0x81/0xe0\n[42022.006508] [\u003cffffffff86a11134\u003e] seq_read_iter+0xf4/0x410\n[42022.011954] [\u003cffffffff869f4b2e\u003e] vfs_read+0x16e/0x2f0\n[42022.017058] [\u003cffffffff869f50ee\u003e] ksys_read+0x6e/0xe0\n[42022.022073] [\u003cffffffff8766f1ca\u003e] do_syscall_64+0x6a/0xa0\n[42022.027441] [\u003cffffffff8780013b\u003e] entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nThe problem can be reproduced using the following steps:\n ip netns add foo\n ip netns exec foo bash\n cat /sys/class/infiniband/mlx4_0/hw_counters/*\n\nThe panic occurs because of casting the device pointer into an\nib_device pointer using container_of() in hw_stat_device_show() is\nwrong and leads to a memory corruption.\n\nHowever the real problem is that hw counters should never been exposed\noutside of the non-init net namespace.\n\nFix this by saving the index of the corresponding attribute group\n(it might be 1 or 2 depending on the presence of driver-specific\nattributes) and zeroing the pointer to hw_counters group for compat\ndevices during the initialization.\n\nWith this fix applied hw_counters are not available in a non-init\nnet namespace:\n find /sys/class/infiniband/mlx4_0/ -name hw_counters\n /sys/class/infiniband/mlx4_0/ports/1/hw_counters\n /sys/class/infiniband/mlx4_0/ports/2/hw_counters\n /sys/class/infiniband/mlx4_0/hw_counters\n\n ip netns add foo\n ip netns exec foo bash\n find /sys/class/infiniband/mlx4_0/ -name hw_counters",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22089",
"url": "https://www.suse.com/security/cve/CVE-2025-22089"
},
{
"category": "external",
"summary": "SUSE Bug 1241538 for CVE-2025-22089",
"url": "https://bugzilla.suse.com/1241538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22089"
},
{
"cve": "CVE-2025-22095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: brcmstb: Fix error path after a call to regulator_bulk_get()\n\nIf the regulator_bulk_get() returns an error and no regulators\nare created, we need to set their number to zero.\n\nIf we don\u0027t do this and the PCIe link up fails, a call to the\nregulator_bulk_free() will result in a kernel panic.\n\nWhile at it, print the error value, as we cannot return an error\nupwards as the kernel will WARN() on an error from add_bus().\n\n[kwilczynski: commit log, use comma in the message to match style with\nother similar messages]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22095",
"url": "https://www.suse.com/security/cve/CVE-2025-22095"
},
{
"category": "external",
"summary": "SUSE Bug 1241519 for CVE-2025-22095",
"url": "https://bugzilla.suse.com/1241519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22095"
},
{
"cve": "CVE-2025-22103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix NULL pointer dereference in l3mdev_l3_rcv\n\nWhen delete l3s ipvlan:\n\n ip link del link eth0 ipvlan1 type ipvlan mode l3s\n\nThis may cause a null pointer dereference:\n\n Call trace:\n ip_rcv_finish+0x48/0xd0\n ip_rcv+0x5c/0x100\n __netif_receive_skb_one_core+0x64/0xb0\n __netif_receive_skb+0x20/0x80\n process_backlog+0xb4/0x204\n napi_poll+0xe8/0x294\n net_rx_action+0xd8/0x22c\n __do_softirq+0x12c/0x354\n\nThis is because l3mdev_l3_rcv() visit dev-\u003el3mdev_ops after\nipvlan_l3s_unregister() assign the dev-\u003el3mdev_ops to NULL. The process\nlike this:\n\n (CPU1) | (CPU2)\n l3mdev_l3_rcv() |\n check dev-\u003epriv_flags: |\n master = skb-\u003edev; |\n |\n | ipvlan_l3s_unregister()\n | set dev-\u003epriv_flags\n | dev-\u003el3mdev_ops = NULL;\n |\n visit master-\u003el3mdev_ops |\n\nTo avoid this by do not set dev-\u003el3mdev_ops when unregister l3s ipvlan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22103",
"url": "https://www.suse.com/security/cve/CVE-2025-22103"
},
{
"category": "external",
"summary": "SUSE Bug 1241448 for CVE-2025-22103",
"url": "https://bugzilla.suse.com/1241448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22103"
},
{
"cve": "CVE-2025-22113",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22113"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid journaling sb update on error if journal is destroying\n\nPresently we always BUG_ON if trying to start a transaction on a journal marked\nwith JBD2_UNMOUNT, since this should never happen. However, while ltp running\nstress tests, it was observed that in case of some error handling paths, it is\npossible for update_super_work to start a transaction after the journal is\ndestroyed eg:\n\n(umount)\next4_kill_sb\n kill_block_super\n generic_shutdown_super\n sync_filesystem /* commits all txns */\n evict_inodes\n /* might start a new txn */\n ext4_put_super\n\tflush_work(\u0026sbi-\u003es_sb_upd_work) /* flush the workqueue */\n jbd2_journal_destroy\n journal_kill_thread\n journal-\u003ej_flags |= JBD2_UNMOUNT;\n jbd2_journal_commit_transaction\n jbd2_journal_get_descriptor_buffer\n jbd2_journal_bmap\n ext4_journal_bmap\n ext4_map_blocks\n ...\n ext4_inode_error\n ext4_handle_error\n schedule_work(\u0026sbi-\u003es_sb_upd_work)\n\n /* work queue kicks in */\n update_super_work\n jbd2_journal_start\n start_this_handle\n BUG_ON(journal-\u003ej_flags \u0026\n JBD2_UNMOUNT)\n\nHence, introduce a new mount flag to indicate journal is destroying and only do\na journaled (and deferred) update of sb if this flag is not set. Otherwise, just\nfallback to an un-journaled commit.\n\nFurther, in the journal destroy path, we have the following sequence:\n\n 1. Set mount flag indicating journal is destroying\n 2. force a commit and wait for it\n 3. flush pending sb updates\n\nThis sequence is important as it ensures that, after this point, there is no sb\nupdate that might be journaled so it is safe to update the sb outside the\njournal. (To avoid race discussed in 2d01ddc86606)\n\nAlso, we don\u0027t need a similar check in ext4_grp_locked_error since it is only\ncalled from mballoc and AFAICT it would be always valid to schedule work here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22113",
"url": "https://www.suse.com/security/cve/CVE-2025-22113"
},
{
"category": "external",
"summary": "SUSE Bug 1241617 for CVE-2025-22113",
"url": "https://bugzilla.suse.com/1241617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22113"
},
{
"cve": "CVE-2025-22119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: init wiphy_work before allocating rfkill fails\n\nsyzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1]\n\nAfter rfkill allocation fails, the wiphy release process will be performed,\nwhich will cause cfg80211_dev_free to access the uninitialized wiphy_work\nrelated data.\n\nMove the initialization of wiphy_work to before rfkill initialization to\navoid this issue.\n\n[1]\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn\u0027t initialize this object before use?\nturning off the locking correctness validator.\nCPU: 0 UID: 0 PID: 5935 Comm: syz-executor550 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n assign_lock_key kernel/locking/lockdep.c:983 [inline]\n register_lock_class+0xc39/0x1240 kernel/locking/lockdep.c:1297\n __lock_acquire+0x135/0x3c40 kernel/locking/lockdep.c:5103\n lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162\n cfg80211_dev_free+0x30/0x3d0 net/wireless/core.c:1196\n device_release+0xa1/0x240 drivers/base/core.c:2568\n kobject_cleanup lib/kobject.c:689 [inline]\n kobject_release lib/kobject.c:720 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1e4/0x5a0 lib/kobject.c:737\n put_device+0x1f/0x30 drivers/base/core.c:3774\n wiphy_free net/wireless/core.c:1224 [inline]\n wiphy_new_nm+0x1c1f/0x2160 net/wireless/core.c:562\n ieee80211_alloc_hw_nm+0x1b7a/0x2260 net/mac80211/main.c:835\n mac80211_hwsim_new_radio+0x1d6/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5185\n hwsim_new_radio_nl+0xb42/0x12b0 drivers/net/wireless/virtual/mac80211_hwsim.c:6242\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2533\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1338\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1882\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg net/socket.c:733 [inline]\n ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2573\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2627\n __sys_sendmsg+0x16e/0x220 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n\nClose: https://syzkaller.appspot.com/bug?extid=aaf0488c83d1d5f4f029",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22119",
"url": "https://www.suse.com/security/cve/CVE-2025-22119"
},
{
"category": "external",
"summary": "SUSE Bug 1241576 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "external",
"summary": "SUSE Bug 1241577 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "important"
}
],
"title": "CVE-2025-22119"
},
{
"cve": "CVE-2025-22124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: fix wrong bitmap_limit for clustermd when write sb\n\nIn clustermd, separate write-intent-bitmaps are used for each cluster\nnode:\n\n0 4k 8k 12k\n-------------------------------------------------------------------\n| idle | md super | bm super [0] + bits |\n| bm bits[0, contd] | bm super[1] + bits | bm bits[1, contd] |\n| bm super[2] + bits | bm bits [2, contd] | bm super[3] + bits |\n| bm bits [3, contd] | | |\n\nSo in node 1, pg_index in __write_sb_page() could equal to\nbitmap-\u003estorage.file_pages. Then bitmap_limit will be calculated to\n0. md_super_write() will be called with 0 size.\nThat means the first 4k sb area of node 1 will never be updated\nthrough filemap_write_page().\nThis bug causes hang of mdadm/clustermd_tests/01r1_Grow_resize.\n\nHere use (pg_index % bitmap-\u003estorage.file_pages) to make calculation\nof bitmap_limit correct.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22124",
"url": "https://www.suse.com/security/cve/CVE-2025-22124"
},
{
"category": "external",
"summary": "SUSE Bug 1241595 for CVE-2025-22124",
"url": "https://bugzilla.suse.com/1241595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22124"
},
{
"cve": "CVE-2025-22125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1,raid10: don\u0027t ignore IO flags\n\nIf blk-wbt is enabled by default, it\u0027s found that raid write performance\nis quite bad because all IO are throttled by wbt of underlying disks,\ndue to flag REQ_IDLE is ignored. And turns out this behaviour exist since\nblk-wbt is introduced.\n\nOther than REQ_IDLE, other flags should not be ignored as well, for\nexample REQ_META can be set for filesystems, clearing it can cause priority\nreverse problems; And REQ_NOWAIT should not be cleared as well, because\nio will wait instead of failing directly in underlying disks.\n\nFix those problems by keep IO flags from master bio.\n\nFises: f51d46d0e7cb (\"md: add support for REQ_NOWAIT\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22125",
"url": "https://www.suse.com/security/cve/CVE-2025-22125"
},
{
"category": "external",
"summary": "SUSE Bug 1241596 for CVE-2025-22125",
"url": "https://bugzilla.suse.com/1241596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22125"
},
{
"cve": "CVE-2025-22126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix mddev uaf while iterating all_mddevs list\n\nWhile iterating all_mddevs list from md_notify_reboot() and md_exit(),\nlist_for_each_entry_safe is used, and this can race with deletint the\nnext mddev, causing UAF:\n\nt1:\nspin_lock\n//list_for_each_entry_safe(mddev, n, ...)\n mddev_get(mddev1)\n // assume mddev2 is the next entry\n spin_unlock\n t2:\n //remove mddev2\n ...\n mddev_free\n spin_lock\n list_del\n spin_unlock\n kfree(mddev2)\n mddev_put(mddev1)\n spin_lock\n //continue dereference mddev2-\u003eall_mddevs\n\nThe old helper for_each_mddev() actually grab the reference of mddev2\nwhile holding the lock, to prevent from being freed. This problem can be\nfixed the same way, however, the code will be complex.\n\nHence switch to use list_for_each_entry, in this case mddev_put() can free\nthe mddev1 and it\u0027s not safe as well. Refer to md_seq_show(), also factor\nout a helper mddev_put_locked() to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22126",
"url": "https://www.suse.com/security/cve/CVE-2025-22126"
},
{
"category": "external",
"summary": "SUSE Bug 1241597 for CVE-2025-22126",
"url": "https://bugzilla.suse.com/1241597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22126"
},
{
"cve": "CVE-2025-23140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error\n\nAfter devm_request_irq() fails with error in pci_endpoint_test_request_irq(),\nthe pci_endpoint_test_free_irq_vectors() is called assuming that all IRQs\nhave been released.\n\nHowever, some requested IRQs remain unreleased, so there are still\n/proc/irq/* entries remaining, and this results in WARN() with the\nfollowing message:\n\n remove_proc_entry: removing non-empty directory \u0027irq/30\u0027, leaking at least \u0027pci-endpoint-test.0\u0027\n WARNING: CPU: 0 PID: 202 at fs/proc/generic.c:719 remove_proc_entry +0x190/0x19c\n\nTo solve this issue, set the number of remaining IRQs to test-\u003enum_irqs,\nand release IRQs in advance by calling pci_endpoint_test_release_irq().\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23140",
"url": "https://www.suse.com/security/cve/CVE-2025-23140"
},
{
"category": "external",
"summary": "SUSE Bug 1242763 for CVE-2025-23140",
"url": "https://bugzilla.suse.com/1242763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23140"
},
{
"cve": "CVE-2025-23141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses\n\nAcquire a lock on kvm-\u003esrcu when userspace is getting MP state to handle a\nrather extreme edge case where \"accepting\" APIC events, i.e. processing\npending INIT or SIPI, can trigger accesses to guest memory. If the vCPU\nis in L2 with INIT *and* a TRIPLE_FAULT request pending, then getting MP\nstate will trigger a nested VM-Exit by way of -\u003echeck_nested_events(), and\nemuating the nested VM-Exit can access guest memory.\n\nThe splat was originally hit by syzkaller on a Google-internal kernel, and\nreproduced on an upstream kernel by hacking the triple_fault_event_test\nselftest to stuff a pending INIT, store an MSR on VM-Exit (to generate a\nmemory access on VMX), and do vcpu_mp_state_get() to trigger the scenario.\n\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3-b112d356288b-vmx/pi_lockdep_false_pos-lock #3 Not tainted\n -----------------------------\n include/linux/kvm_host.h:1058 suspicious rcu_dereference_check() usage!\n\n other info that might help us debug this:\n\n rcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by triple_fault_ev/1256:\n #0: ffff88810df5a330 (\u0026vcpu-\u003emutex){+.+.}-{4:4}, at: kvm_vcpu_ioctl+0x8b/0x9a0 [kvm]\n\n stack backtrace:\n CPU: 11 UID: 1000 PID: 1256 Comm: triple_fault_ev Not tainted 6.14.0-rc3-b112d356288b-vmx #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7f/0x90\n lockdep_rcu_suspicious+0x144/0x190\n kvm_vcpu_gfn_to_memslot+0x156/0x180 [kvm]\n kvm_vcpu_read_guest+0x3e/0x90 [kvm]\n read_and_check_msr_entry+0x2e/0x180 [kvm_intel]\n __nested_vmx_vmexit+0x550/0xde0 [kvm_intel]\n kvm_check_nested_events+0x1b/0x30 [kvm]\n kvm_apic_accept_events+0x33/0x100 [kvm]\n kvm_arch_vcpu_ioctl_get_mpstate+0x30/0x1d0 [kvm]\n kvm_vcpu_ioctl+0x33e/0x9a0 [kvm]\n __x64_sys_ioctl+0x8b/0xb0\n do_syscall_64+0x6c/0x170\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23141",
"url": "https://www.suse.com/security/cve/CVE-2025-23141"
},
{
"category": "external",
"summary": "SUSE Bug 1242782 for CVE-2025-23141",
"url": "https://bugzilla.suse.com/1242782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23141"
},
{
"cve": "CVE-2025-23142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: detect and prevent references to a freed transport in sendmsg\n\nsctp_sendmsg() re-uses associations and transports when possible by\ndoing a lookup based on the socket endpoint and the message destination\naddress, and then sctp_sendmsg_to_asoc() sets the selected transport in\nall the message chunks to be sent.\n\nThere\u0027s a possible race condition if another thread triggers the removal\nof that selected transport, for instance, by explicitly unbinding an\naddress with setsockopt(SCTP_SOCKOPT_BINDX_REM), after the chunks have\nbeen set up and before the message is sent. This can happen if the send\nbuffer is full, during the period when the sender thread temporarily\nreleases the socket lock in sctp_wait_for_sndbuf().\n\nThis causes the access to the transport data in\nsctp_outq_select_transport(), when the association outqueue is flushed,\nto result in a use-after-free read.\n\nThis change avoids this scenario by having sctp_transport_free() signal\nthe freeing of the transport, tagging it as \"dead\". In order to do this,\nthe patch restores the \"dead\" bit in struct sctp_transport, which was\nremoved in\ncommit 47faa1e4c50e (\"sctp: remove the dead field of sctp_transport\").\n\nThen, in the scenario where the sender thread has released the socket\nlock in sctp_wait_for_sndbuf(), the bit is checked again after\nre-acquiring the socket lock to detect the deletion. This is done while\nholding a reference to the transport to prevent it from being freed in\nthe process.\n\nIf the transport was deleted while the socket lock was relinquished,\nsctp_sendmsg_to_asoc() will return -EAGAIN to let userspace retry the\nsend.\n\nThe bug was found by a private syzbot instance (see the error report [1]\nand the C reproducer that triggers it [2]).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23142",
"url": "https://www.suse.com/security/cve/CVE-2025-23142"
},
{
"category": "external",
"summary": "SUSE Bug 1242760 for CVE-2025-23142",
"url": "https://bugzilla.suse.com/1242760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23142"
},
{
"cve": "CVE-2025-23144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23144"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbacklight: led_bl: Hold led_access lock when calling led_sysfs_disable()\n\nLockdep detects the following issue on led-backlight removal:\n [ 142.315935] ------------[ cut here ]------------\n [ 142.315954] WARNING: CPU: 2 PID: 292 at drivers/leds/led-core.c:455 led_sysfs_enable+0x54/0x80\n ...\n [ 142.500725] Call trace:\n [ 142.503176] led_sysfs_enable+0x54/0x80 (P)\n [ 142.507370] led_bl_remove+0x80/0xa8 [led_bl]\n [ 142.511742] platform_remove+0x30/0x58\n [ 142.515501] device_remove+0x54/0x90\n ...\n\nIndeed, led_sysfs_enable() has to be called with the led_access\nlock held.\n\nHold the lock when calling led_sysfs_disable().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23144",
"url": "https://www.suse.com/security/cve/CVE-2025-23144"
},
{
"category": "external",
"summary": "SUSE Bug 1242568 for CVE-2025-23144",
"url": "https://bugzilla.suse.com/1242568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23144"
},
{
"cve": "CVE-2025-23146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: ene-kb3930: Fix a potential NULL pointer dereference\n\nThe off_gpios could be NULL. Add missing check in the kb3930_probe().\nThis is similar to the issue fixed in commit b1ba8bcb2d1f\n(\"backlight: hx8357: Fix potential NULL pointer dereference\").\n\nThis was detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23146",
"url": "https://www.suse.com/security/cve/CVE-2025-23146"
},
{
"category": "external",
"summary": "SUSE Bug 1242559 for CVE-2025-23146",
"url": "https://bugzilla.suse.com/1242559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23146"
},
{
"cve": "CVE-2025-23147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: Add NULL pointer check in i3c_master_queue_ibi()\n\nThe I3C master driver may receive an IBI from a target device that has not\nbeen probed yet. In such cases, the master calls `i3c_master_queue_ibi()`\nto queue an IBI work task, leading to \"Unable to handle kernel read from\nunreadable memory\" and resulting in a kernel panic.\n\nTypical IBI handling flow:\n1. The I3C master scans target devices and probes their respective drivers.\n2. The target device driver calls `i3c_device_request_ibi()` to enable IBI\n and assigns `dev-\u003eibi = ibi`.\n3. The I3C master receives an IBI from the target device and calls\n `i3c_master_queue_ibi()` to queue the target device driver\u0027s IBI\n handler task.\n\nHowever, since target device events are asynchronous to the I3C probe\nsequence, step 3 may occur before step 2, causing `dev-\u003eibi` to be `NULL`,\nleading to a kernel panic.\n\nAdd a NULL pointer check in `i3c_master_queue_ibi()` to prevent accessing\nan uninitialized `dev-\u003eibi`, ensuring stability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23147",
"url": "https://www.suse.com/security/cve/CVE-2025-23147"
},
{
"category": "external",
"summary": "SUSE Bug 1242530 for CVE-2025-23147",
"url": "https://bugzilla.suse.com/1242530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23147"
},
{
"cve": "CVE-2025-23148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()\n\nsoc_dev_attr-\u003erevision could be NULL, thus,\na pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23148",
"url": "https://www.suse.com/security/cve/CVE-2025-23148"
},
{
"category": "external",
"summary": "SUSE Bug 1242578 for CVE-2025-23148",
"url": "https://bugzilla.suse.com/1242578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23148"
},
{
"cve": "CVE-2025-23149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: do not start chip while suspended\n\nChecking TPM_CHIP_FLAG_SUSPENDED after the call to tpm_find_get_ops() can\nlead to a spurious tpm_chip_start() call:\n\n[35985.503771] i2c i2c-1: Transfer while suspended\n[35985.503796] WARNING: CPU: 0 PID: 74 at drivers/i2c/i2c-core.h:56 __i2c_transfer+0xbe/0x810\n[35985.503802] Modules linked in:\n[35985.503808] CPU: 0 UID: 0 PID: 74 Comm: hwrng Tainted: G W 6.13.0-next-20250203-00005-gfa0cb5642941 #19 9c3d7f78192f2d38e32010ac9c90fdc71109ef6f\n[35985.503814] Tainted: [W]=WARN\n[35985.503817] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[35985.503819] RIP: 0010:__i2c_transfer+0xbe/0x810\n[35985.503825] Code: 30 01 00 00 4c 89 f7 e8 40 fe d8 ff 48 8b 93 80 01 00 00 48 85 d2 75 03 49 8b 16 48 c7 c7 0a fb 7c a7 48 89 c6 e8 32 ad b0 fe \u003c0f\u003e 0b b8 94 ff ff ff e9 33 04 00 00 be 02 00 00 00 83 fd 02 0f 5\n[35985.503828] RSP: 0018:ffffa106c0333d30 EFLAGS: 00010246\n[35985.503833] RAX: 074ba64aa20f7000 RBX: ffff8aa4c1167120 RCX: 0000000000000000\n[35985.503836] RDX: 0000000000000000 RSI: ffffffffa77ab0e4 RDI: 0000000000000001\n[35985.503838] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\n[35985.503841] R10: 0000000000000004 R11: 00000001000313d5 R12: ffff8aa4c10f1820\n[35985.503843] R13: ffff8aa4c0e243c0 R14: ffff8aa4c1167250 R15: ffff8aa4c1167120\n[35985.503846] FS: 0000000000000000(0000) GS:ffff8aa4eae00000(0000) knlGS:0000000000000000\n[35985.503849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[35985.503852] CR2: 00007fab0aaf1000 CR3: 0000000105328000 CR4: 00000000003506f0\n[35985.503855] Call Trace:\n[35985.503859] \u003cTASK\u003e\n[35985.503863] ? __warn+0xd4/0x260\n[35985.503868] ? __i2c_transfer+0xbe/0x810\n[35985.503874] ? report_bug+0xf3/0x210\n[35985.503882] ? handle_bug+0x63/0xb0\n[35985.503887] ? exc_invalid_op+0x16/0x50\n[35985.503892] ? asm_exc_invalid_op+0x16/0x20\n[35985.503904] ? __i2c_transfer+0xbe/0x810\n[35985.503913] tpm_cr50_i2c_transfer_message+0x24/0xf0\n[35985.503920] tpm_cr50_i2c_read+0x8e/0x120\n[35985.503928] tpm_cr50_request_locality+0x75/0x170\n[35985.503935] tpm_chip_start+0x116/0x160\n[35985.503942] tpm_try_get_ops+0x57/0x90\n[35985.503948] tpm_find_get_ops+0x26/0xd0\n[35985.503955] tpm_get_random+0x2d/0x80\n\nDon\u0027t move forward with tpm_chip_start() inside tpm_try_get_ops(), unless\nTPM_CHIP_FLAG_SUSPENDED is not set. tpm_find_get_ops() will return NULL in\nsuch a failure case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23149",
"url": "https://www.suse.com/security/cve/CVE-2025-23149"
},
{
"category": "external",
"summary": "SUSE Bug 1242758 for CVE-2025-23149",
"url": "https://bugzilla.suse.com/1242758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23149"
},
{
"cve": "CVE-2025-23150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off-by-one error in do_split\n\nSyzkaller detected a use-after-free issue in ext4_insert_dentry that was\ncaused by out-of-bounds access due to incorrect splitting in do_split.\n\nBUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nWrite of size 251 at addr ffff888074572f14 by task syz-executor335/5847\n\nCPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\n ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\n add_dirent_to_buf+0x3d9/0x750 fs/ext4/namei.c:2154\n make_indexed_dir+0xf98/0x1600 fs/ext4/namei.c:2351\n ext4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2455\n ext4_add_nondir+0x8d/0x290 fs/ext4/namei.c:2796\n ext4_symlink+0x920/0xb50 fs/ext4/namei.c:3431\n vfs_symlink+0x137/0x2e0 fs/namei.c:4615\n do_symlinkat+0x222/0x3a0 fs/namei.c:4641\n __do_sys_symlink fs/namei.c:4662 [inline]\n __se_sys_symlink fs/namei.c:4660 [inline]\n __x64_sys_symlink+0x7a/0x90 fs/namei.c:4660\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThe following loop is located right above \u0027if\u0027 statement.\n\nfor (i = count-1; i \u003e= 0; i--) {\n\t/* is more than half of this entry in 2nd half of the block? */\n\tif (size + map[i].size/2 \u003e blocksize/2)\n\t\tbreak;\n\tsize += map[i].size;\n\tmove++;\n}\n\n\u0027i\u0027 in this case could go down to -1, in which case sum of active entries\nwouldn\u0027t exceed half the block size, but previous behaviour would also do\nsplit in half if sum would exceed at the very last block, which in case of\nhaving too many long name files in a single block could lead to\nout-of-bounds access and following use-after-free.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23150",
"url": "https://www.suse.com/security/cve/CVE-2025-23150"
},
{
"category": "external",
"summary": "SUSE Bug 1242513 for CVE-2025-23150",
"url": "https://bugzilla.suse.com/1242513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23150"
},
{
"cve": "CVE-2025-23151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Fix race between unprepare and queue_buf\n\nA client driver may use mhi_unprepare_from_transfer() to quiesce\nincoming data during the client driver\u0027s tear down. The client driver\nmight also be processing data at the same time, resulting in a call to\nmhi_queue_buf() which will invoke mhi_gen_tre(). If mhi_gen_tre() runs\nafter mhi_unprepare_from_transfer() has torn down the channel, a panic\nwill occur due to an invalid dereference leading to a page fault.\n\nThis occurs because mhi_gen_tre() does not verify the channel state\nafter locking it. Fix this by having mhi_gen_tre() confirm the channel\nstate is valid, or return error to avoid accessing deinitialized data.\n\n[mani: added stable tag]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23151",
"url": "https://www.suse.com/security/cve/CVE-2025-23151"
},
{
"category": "external",
"summary": "SUSE Bug 1242512 for CVE-2025-23151",
"url": "https://bugzilla.suse.com/1242512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23151"
},
{
"cve": "CVE-2025-23155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23155"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: Fix accessing freed irq affinity_hint\n\nThe cpumask should not be a local variable, since its pointer is saved\nto irq_desc and may be accessed from procfs.\nTo fix it, use the persistent mask cpumask_of(cpu#).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23155",
"url": "https://www.suse.com/security/cve/CVE-2025-23155"
},
{
"category": "external",
"summary": "SUSE Bug 1242573 for CVE-2025-23155",
"url": "https://bugzilla.suse.com/1242573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23155"
},
{
"cve": "CVE-2025-23156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: refactor hfi packet parsing logic\n\nwords_count denotes the number of words in total payload, while data\npoints to payload of various property within it. When words_count\nreaches last word, data can access memory beyond the total payload. This\ncan lead to OOB access. With this patch, the utility api for handling\nindividual properties now returns the size of data consumed. Accordingly\nremaining bytes are calculated before parsing the payload, thereby\neliminates the OOB access possibilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23156",
"url": "https://www.suse.com/security/cve/CVE-2025-23156"
},
{
"category": "external",
"summary": "SUSE Bug 1242569 for CVE-2025-23156",
"url": "https://bugzilla.suse.com/1242569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23156"
},
{
"cve": "CVE-2025-23157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: add check to avoid out of bound access\n\nThere is a possibility that init_codecs is invoked multiple times during\nmanipulated payload from video firmware. In such case, if codecs_count\ncan get incremented to value more than MAX_CODEC_NUM, there can be OOB\naccess. Reset the count so that it always starts from beginning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23157",
"url": "https://www.suse.com/security/cve/CVE-2025-23157"
},
{
"category": "external",
"summary": "SUSE Bug 1242532 for CVE-2025-23157",
"url": "https://bugzilla.suse.com/1242532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23157"
},
{
"cve": "CVE-2025-23158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add check to handle incorrect queue size\n\nqsize represents size of shared queued between driver and video\nfirmware. Firmware can modify this value to an invalid large value. In\nsuch situation, empty_space will be bigger than the space actually\navailable. Since new_wr_idx is not checked, so the following code will\nresult in an OOB write.\n...\nqsize = qhdr-\u003eq_size\n\nif (wr_idx \u003e= rd_idx)\n empty_space = qsize - (wr_idx - rd_idx)\n....\nif (new_wr_idx \u003c qsize) {\n memcpy(wr_ptr, packet, dwords \u003c\u003c 2) --\u003e OOB write\n\nAdd check to ensure qsize is within the allocated size while\nreading and writing packets into the queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23158",
"url": "https://www.suse.com/security/cve/CVE-2025-23158"
},
{
"category": "external",
"summary": "SUSE Bug 1242531 for CVE-2025-23158",
"url": "https://bugzilla.suse.com/1242531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23158"
},
{
"cve": "CVE-2025-23159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add a check to handle OOB in sfr region\n\nsfr-\u003ebuf_size is in shared memory and can be modified by malicious user.\nOOB write is possible when the size is made higher than actual sfr data\nbuffer. Cap the size to allocated size for such cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23159",
"url": "https://www.suse.com/security/cve/CVE-2025-23159"
},
{
"category": "external",
"summary": "SUSE Bug 1242529 for CVE-2025-23159",
"url": "https://bugzilla.suse.com/1242529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23159"
},
{
"cve": "CVE-2025-23160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization\n\nOn Mediatek devices with a system companion processor (SCP) the mtk_scp\nstructure has to be removed explicitly to avoid a resource leak.\nFree the structure in case the allocation of the firmware structure fails\nduring the firmware initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23160",
"url": "https://www.suse.com/security/cve/CVE-2025-23160"
},
{
"category": "external",
"summary": "SUSE Bug 1242507 for CVE-2025-23160",
"url": "https://bugzilla.suse.com/1242507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23160"
},
{
"cve": "CVE-2025-23161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type\n\nThe access to the PCI config space via pci_ops::read and pci_ops::write is\na low-level hardware access. The functions can be accessed with disabled\ninterrupts even on PREEMPT_RT. The pci_lock is a raw_spinlock_t for this\npurpose.\n\nA spinlock_t becomes a sleeping lock on PREEMPT_RT, so it cannot be\nacquired with disabled interrupts. The vmd_dev::cfg_lock is accessed in\nthe same context as the pci_lock.\n\nMake vmd_dev::cfg_lock a raw_spinlock_t type so it can be used with\ninterrupts disabled.\n\nThis was reported as:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n Call Trace:\n rt_spin_lock+0x4e/0x130\n vmd_pci_read+0x8d/0x100 [vmd]\n pci_user_read_config_byte+0x6f/0xe0\n pci_read_config+0xfe/0x290\n sysfs_kf_bin_read+0x68/0x90\n\n[bigeasy: reword commit message]\nTested-off-by: Luis Claudio R. Goncalves \u003clgoncalv@redhat.com\u003e\n[kwilczynski: commit log]\n[bhelgaas: add back report info from\nhttps://lore.kernel.org/lkml/20241218115951.83062-1-ryotkkr98@gmail.com/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23161",
"url": "https://www.suse.com/security/cve/CVE-2025-23161"
},
{
"category": "external",
"summary": "SUSE Bug 1242792 for CVE-2025-23161",
"url": "https://bugzilla.suse.com/1242792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23161"
},
{
"cve": "CVE-2025-37738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: ignore xattrs past end\n\nOnce inside \u0027ext4_xattr_inode_dec_ref_all\u0027 we should\nignore xattrs entries past the \u0027end\u0027 entry.\n\nThis fixes the following KASAN reported issue:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\nRead of size 4 at addr ffff888012c120c4 by task repro/2065\n\nCPU: 1 UID: 0 PID: 2065 Comm: repro Not tainted 6.13.0-rc2+ #11\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x1fd/0x300\n ? tcp_gro_dev_warn+0x260/0x260\n ? _printk+0xc0/0x100\n ? read_lock_is_recursive+0x10/0x10\n ? irq_work_queue+0x72/0xf0\n ? __virt_addr_valid+0x17b/0x4b0\n print_address_description+0x78/0x390\n print_report+0x107/0x1f0\n ? __virt_addr_valid+0x17b/0x4b0\n ? __virt_addr_valid+0x3ff/0x4b0\n ? __phys_addr+0xb5/0x160\n ? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n kasan_report+0xcc/0x100\n ? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n ? ext4_xattr_delete_inode+0xd30/0xd30\n ? __ext4_journal_ensure_credits+0x5f0/0x5f0\n ? __ext4_journal_ensure_credits+0x2b/0x5f0\n ? inode_update_timestamps+0x410/0x410\n ext4_xattr_delete_inode+0xb64/0xd30\n ? ext4_truncate+0xb70/0xdc0\n ? ext4_expand_extra_isize_ea+0x1d20/0x1d20\n ? __ext4_mark_inode_dirty+0x670/0x670\n ? ext4_journal_check_start+0x16f/0x240\n ? ext4_inode_is_fast_symlink+0x2f2/0x3a0\n ext4_evict_inode+0xc8c/0xff0\n ? ext4_inode_is_fast_symlink+0x3a0/0x3a0\n ? do_raw_spin_unlock+0x53/0x8a0\n ? ext4_inode_is_fast_symlink+0x3a0/0x3a0\n evict+0x4ac/0x950\n ? proc_nr_inodes+0x310/0x310\n ? trace_ext4_drop_inode+0xa2/0x220\n ? _raw_spin_unlock+0x1a/0x30\n ? iput+0x4cb/0x7e0\n do_unlinkat+0x495/0x7c0\n ? try_break_deleg+0x120/0x120\n ? 0xffffffff81000000\n ? __check_object_size+0x15a/0x210\n ? strncpy_from_user+0x13e/0x250\n ? getname_flags+0x1dc/0x530\n __x64_sys_unlinkat+0xc8/0xf0\n do_syscall_64+0x65/0x110\n entry_SYSCALL_64_after_hwframe+0x67/0x6f\nRIP: 0033:0x434ffd\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 8\nRSP: 002b:00007ffc50fa7b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000107\nRAX: ffffffffffffffda RBX: 00007ffc50fa7e18 RCX: 0000000000434ffd\nRDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000005\nRBP: 00007ffc50fa7be0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001\nR13: 00007ffc50fa7e08 R14: 00000000004bbf30 R15: 0000000000000001\n \u003c/TASK\u003e\n\nThe buggy address belongs to the object at ffff888012c12000\n which belongs to the cache filp of size 360\nThe buggy address is located 196 bytes inside of\n freed 360-byte region [ffff888012c12000, ffff888012c12168)\n\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12c12\nhead: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0\nflags: 0x40(head|node=0|zone=0)\npage_type: f5(slab)\nraw: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nraw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nhead: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000001 ffffea00004b0481 ffffffffffffffff 0000000000000000\nhead: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888012c11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888012c12000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n\u003e ffff888012c12080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888012c12100: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc\n ffff888012c12180: fc fc fc fc fc fc fc fc fc\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37738",
"url": "https://www.suse.com/security/cve/CVE-2025-37738"
},
{
"category": "external",
"summary": "SUSE Bug 1242846 for CVE-2025-37738",
"url": "https://bugzilla.suse.com/1242846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37738"
},
{
"cve": "CVE-2025-37740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add sanity check for agwidth in dbMount\n\nThe width in dmapctl of the AG is zero, it trigger a divide error when\ncalculating the control page level in dbAllocAG.\n\nTo avoid this issue, add a check for agwidth in dbAllocAG.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37740",
"url": "https://www.suse.com/security/cve/CVE-2025-37740"
},
{
"category": "external",
"summary": "SUSE Bug 1243006 for CVE-2025-37740",
"url": "https://bugzilla.suse.com/1243006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37740"
},
{
"cve": "CVE-2025-37741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Prevent copying of nlink with value 0 from disk inode\n\nsyzbot report a deadlock in diFree. [1]\n\nWhen calling \"ioctl$LOOP_SET_STATUS64\", the offset value passed in is 4,\nwhich does not match the mounted loop device, causing the mapping of the\nmounted loop device to be invalidated.\n\nWhen creating the directory and creating the inode of iag in diReadSpecial(),\nread the page of fixed disk inode (AIT) in raw mode in read_metapage(), the\nmetapage data it returns is corrupted, which causes the nlink value of 0 to be\nassigned to the iag inode when executing copy_from_dinode(), which ultimately\ncauses a deadlock when entering diFree().\n\nTo avoid this, first check the nlink value of dinode before setting iag inode.\n\n[1]\nWARNING: possible recursive locking detected\n6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0 Not tainted\n--------------------------------------------\nsyz-executor301/5309 is trying to acquire lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n\nbut task is already holding lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026(imap-\u003eim_aglock[index]));\n lock(\u0026(imap-\u003eim_aglock[index]));\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n5 locks held by syz-executor301/5309:\n #0: ffff8880422a4420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:515\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:850 [inline]\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: filename_create+0x260/0x540 fs/namei.c:4026\n #2: ffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2460 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocAG+0x4b7/0x1e50 fs/jfs/jfs_imap.c:1669\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2477 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocAG+0x869/0x1e50 fs/jfs/jfs_imap.c:1669\n\nstack backtrace:\nCPU: 0 UID: 0 PID: 5309 Comm: syz-executor301 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_deadlock_bug+0x483/0x620 kernel/locking/lockdep.c:3037\n check_deadlock kernel/locking/lockdep.c:3089 [inline]\n validate_chain+0x15e2/0x5920 kernel/locking/lockdep.c:3891\n __lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5202\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825\n __mutex_lock_common kernel/locking/mutex.c:608 [inline]\n __mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752\n diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n jfs_evict_inode+0x32d/0x440 fs/jfs/inode.c:156\n evict+0x4e8/0x9b0 fs/inode.c:725\n diFreeSpecial fs/jfs/jfs_imap.c:552 [inline]\n duplicateIXtree+0x3c6/0x550 fs/jfs/jfs_imap.c:3022\n diNewIAG fs/jfs/jfs_imap.c:2597 [inline]\n diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n diAllocAG+0x17dc/0x1e50 fs/jfs/jfs_imap.c:1669\n diAlloc+0x1d2/0x1630 fs/jfs/jfs_imap.c:1590\n ialloc+0x8f/0x900 fs/jfs/jfs_inode.c:56\n jfs_mkdir+0x1c5/0xba0 fs/jfs/namei.c:225\n vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257\n do_mkdirat+0x264/0x3a0 fs/namei.c:4280\n __do_sys_mkdirat fs/namei.c:4295 [inline]\n __se_sys_mkdirat fs/namei.c:4293 [inline]\n __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293\n do_syscall_x64 arch/x86/en\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37741",
"url": "https://www.suse.com/security/cve/CVE-2025-37741"
},
{
"category": "external",
"summary": "SUSE Bug 1243015 for CVE-2025-37741",
"url": "https://bugzilla.suse.com/1243015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37741"
},
{
"cve": "CVE-2025-37742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix uninit-value access of imap allocated in the diMount() function\n\nsyzbot reports that hex_dump_to_buffer is using uninit-value:\n\n=====================================================\nBUG: KMSAN: uninit-value in hex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nhex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nprint_hex_dump+0x13d/0x3e0 lib/hexdump.c:276\ndiFree+0x5ba/0x4350 fs/jfs/jfs_imap.c:876\njfs_evict_inode+0x510/0x550 fs/jfs/inode.c:156\nevict+0x723/0xd10 fs/inode.c:796\niput_final fs/inode.c:1946 [inline]\niput+0x97b/0xdb0 fs/inode.c:1972\ntxUpdateMap+0xf3e/0x1150 fs/jfs/jfs_txnmgr.c:2367\ntxLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline]\njfs_lazycommit+0x627/0x11d0 fs/jfs/jfs_txnmgr.c:2733\nkthread+0x6b9/0xef0 kernel/kthread.c:464\nret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:148\nret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nUninit was created at:\nslab_post_alloc_hook mm/slub.c:4121 [inline]\nslab_alloc_node mm/slub.c:4164 [inline]\n__kmalloc_cache_noprof+0x8e3/0xdf0 mm/slub.c:4320\nkmalloc_noprof include/linux/slab.h:901 [inline]\ndiMount+0x61/0x7f0 fs/jfs/jfs_imap.c:105\njfs_mount+0xa8e/0x11d0 fs/jfs/jfs_mount.c:176\njfs_fill_super+0xa47/0x17c0 fs/jfs/super.c:523\nget_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636\nget_tree_bdev+0x37/0x50 fs/super.c:1659\njfs_get_tree+0x34/0x40 fs/jfs/super.c:635\nvfs_get_tree+0xb1/0x5a0 fs/super.c:1814\ndo_new_mount+0x71f/0x15e0 fs/namespace.c:3560\npath_mount+0x742/0x1f10 fs/namespace.c:3887\ndo_mount fs/namespace.c:3900 [inline]\n__do_sys_mount fs/namespace.c:4111 [inline]\n__se_sys_mount+0x71f/0x800 fs/namespace.c:4088\n__x64_sys_mount+0xe4/0x150 fs/namespace.c:4088\nx64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\n=====================================================\n\nThe reason is that imap is not properly initialized after memory\nallocation. It will cause the snprintf() function to write uninitialized\ndata into linebuf within hex_dump_to_buffer().\n\nFix this by using kzalloc instead of kmalloc to clear its content at the\nbeginning in diMount().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37742",
"url": "https://www.suse.com/security/cve/CVE-2025-37742"
},
{
"category": "external",
"summary": "SUSE Bug 1243011 for CVE-2025-37742",
"url": "https://bugzilla.suse.com/1243011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37742"
},
{
"cve": "CVE-2025-37743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Avoid memory leak while enabling statistics\n\nDriver uses monitor destination rings for extended statistics mode and\nstandalone monitor mode. In extended statistics mode, TLVs are parsed from\nthe buffer received from the monitor destination ring and assigned to the\nppdu_info structure to update per-packet statistics. In standalone monitor\nmode, along with per-packet statistics, the packet data (payload) is\ncaptured, and the driver updates per MSDU to mac80211.\n\nWhen the AP interface is enabled, only extended statistics mode is\nactivated. As part of enabling monitor rings for collecting statistics,\nthe driver subscribes to HAL_RX_MPDU_START TLV in the filter\nconfiguration. This TLV is received from the monitor destination ring, and\nkzalloc for the mon_mpdu object occurs, which is not freed, leading to a\nmemory leak. The kzalloc for the mon_mpdu object is only required while\nenabling the standalone monitor interface. This causes a memory leak while\nenabling extended statistics mode in the driver.\n\nFix this memory leak by removing the kzalloc for the mon_mpdu object in\nthe HAL_RX_MPDU_START TLV handling. Additionally, remove the standalone\nmonitor mode handlings in the HAL_MON_BUF_ADDR and HAL_RX_MSDU_END TLVs.\nThese TLV tags will be handled properly when enabling standalone monitor\nmode in the future.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37743",
"url": "https://www.suse.com/security/cve/CVE-2025-37743"
},
{
"category": "external",
"summary": "SUSE Bug 1242163 for CVE-2025-37743",
"url": "https://bugzilla.suse.com/1242163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37743"
},
{
"cve": "CVE-2025-37747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37747",
"url": "https://www.suse.com/security/cve/CVE-2025-37747"
},
{
"category": "external",
"summary": "SUSE Bug 1242520 for CVE-2025-37747",
"url": "https://bugzilla.suse.com/1242520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37747"
},
{
"cve": "CVE-2025-37748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37748"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group\n\nCurrently, mtk_iommu calls during probe iommu_device_register before\nthe hw_list from driver data is initialized. Since iommu probing issue\nfix, it leads to NULL pointer dereference in mtk_iommu_device_group when\nhw_list is accessed with list_first_entry (not null safe).\n\nSo, change the call order to ensure iommu_device_register is called\nafter the driver data are initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37748",
"url": "https://www.suse.com/security/cve/CVE-2025-37748"
},
{
"category": "external",
"summary": "SUSE Bug 1242523 for CVE-2025-37748",
"url": "https://bugzilla.suse.com/1242523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37748"
},
{
"cve": "CVE-2025-37749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ppp: Add bound checking for skb data on ppp_sync_txmung\n\nEnsure we have enough data in linear buffer from skb before accessing\ninitial bytes. This prevents potential out-of-bounds accesses\nwhen processing short packets.\n\nWhen ppp_sync_txmung receives an incoming package with an empty\npayload:\n(remote) gef\u27a4 p *(struct pppoe_hdr *) (skb-\u003ehead + skb-\u003enetwork_header)\n$18 = {\n\ttype = 0x1,\n\tver = 0x1,\n\tcode = 0x0,\n\tsid = 0x2,\n length = 0x0,\n\ttag = 0xffff8880371cdb96\n}\n\nfrom the skb struct (trimmed)\n tail = 0x16,\n end = 0x140,\n head = 0xffff88803346f400 \"4\",\n data = 0xffff88803346f416 \":\\377\",\n truesize = 0x380,\n len = 0x0,\n data_len = 0x0,\n mac_len = 0xe,\n hdr_len = 0x0,\n\nit is not safe to access data[2].\n\n[pabeni@redhat.com: fixed subj typo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37749",
"url": "https://www.suse.com/security/cve/CVE-2025-37749"
},
{
"category": "external",
"summary": "SUSE Bug 1242859 for CVE-2025-37749",
"url": "https://bugzilla.suse.com/1242859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37749"
},
{
"cve": "CVE-2025-37750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in decryption with multichannel\n\nAfter commit f7025d861694 (\"smb: client: allocate crypto only for\nprimary server\") and commit b0abcd65ec54 (\"smb: client: fix UAF in\nasync decryption\"), the channels started reusing AEAD TFM from primary\nchannel to perform synchronous decryption, but that can\u0027t done as\nthere could be multiple cifsd threads (one per channel) simultaneously\naccessing it to perform decryption.\n\nThis fixes the following KASAN splat when running fstest generic/249\nwith \u0027vers=3.1.1,multichannel,max_channels=4,seal\u0027 against Windows\nServer 2022:\n\nBUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xba/0x110\nRead of size 8 at addr ffff8881046c18a0 by task cifsd/986\nCPU: 3 UID: 0 PID: 986 Comm: cifsd Not tainted 6.15.0-rc1 #1\nPREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n print_report+0x156/0x528\n ? gf128mul_4k_lle+0xba/0x110\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? gf128mul_4k_lle+0xba/0x110\n kasan_report+0xdf/0x1a0\n ? gf128mul_4k_lle+0xba/0x110\n gf128mul_4k_lle+0xba/0x110\n ghash_update+0x189/0x210\n shash_ahash_update+0x295/0x370\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_extract_iter_to_sg+0x10/0x10\n ? ___kmalloc_large_node+0x10e/0x180\n ? __asan_memset+0x23/0x50\n crypto_ahash_update+0x3c/0xc0\n gcm_hash_assoc_remain_continue+0x93/0xc0\n crypt_message+0xe09/0xec0 [cifs]\n ? __pfx_crypt_message+0x10/0x10 [cifs]\n ? _raw_spin_unlock+0x23/0x40\n ? __pfx_cifs_readv_from_socket+0x10/0x10 [cifs]\n decrypt_raw_data+0x229/0x380 [cifs]\n ? __pfx_decrypt_raw_data+0x10/0x10 [cifs]\n ? __pfx_cifs_read_iter_from_socket+0x10/0x10 [cifs]\n smb3_receive_transform+0x837/0xc80 [cifs]\n ? __pfx_smb3_receive_transform+0x10/0x10 [cifs]\n ? __pfx___might_resched+0x10/0x10\n ? __pfx_smb3_is_transform_hdr+0x10/0x10 [cifs]\n cifs_demultiplex_thread+0x692/0x1570 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n ? rcu_is_watching+0x20/0x50\n ? rcu_lockdep_current_cpu_online+0x62/0xb0\n ? find_held_lock+0x32/0x90\n ? kvm_sched_clock_read+0x11/0x20\n ? local_clock_noinstr+0xd/0xd0\n ? trace_irq_enable.constprop.0+0xa8/0xe0\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0x1fe/0x380\n ? kthread+0x10f/0x380\n ? __pfx_kthread+0x10/0x10\n ? local_clock_noinstr+0xd/0xd0\n ? ret_from_fork+0x1b/0x60\n ? local_clock+0x15/0x30\n ? lock_release+0x29b/0x390\n ? rcu_is_watching+0x20/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37750",
"url": "https://www.suse.com/security/cve/CVE-2025-37750"
},
{
"category": "external",
"summary": "SUSE Bug 1242510 for CVE-2025-37750",
"url": "https://bugzilla.suse.com/1242510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37750"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "important"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/huc: Fix fence not released on early probe errors\n\nHuC delayed loading fence, introduced with commit 27536e03271da\n(\"drm/i915/huc: track delayed HuC load with a fence\"), is registered with\nobject tracker early on driver probe but unregistered only from driver\nremove, which is not called on early probe errors. Since its memory is\nallocated under devres, then released anyway, it may happen to be\nallocated again to the fence and reused on future driver probes, resulting\nin kernel warnings that taint the kernel:\n\n\u003c4\u003e [309.731371] ------------[ cut here ]------------\n\u003c3\u003e [309.731373] ODEBUG: init destroyed (active state 0) object: ffff88813d7dd2e0 object type: i915_sw_fence hint: sw_fence_dummy_notify+0x0/0x20 [i915]\n\u003c4\u003e [309.731575] WARNING: CPU: 2 PID: 3161 at lib/debugobjects.c:612 debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731693] CPU: 2 UID: 0 PID: 3161 Comm: i915_module_loa Tainted: G U 6.14.0-CI_DRM_16362-gf0fd77956987+ #1\n...\n\u003c4\u003e [309.731700] RIP: 0010:debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731728] Call Trace:\n\u003c4\u003e [309.731730] \u003cTASK\u003e\n...\n\u003c4\u003e [309.731949] __debug_object_init+0x17b/0x1c0\n\u003c4\u003e [309.731957] debug_object_init+0x34/0x50\n\u003c4\u003e [309.732126] __i915_sw_fence_init+0x34/0x60 [i915]\n\u003c4\u003e [309.732256] intel_huc_init_early+0x4b/0x1d0 [i915]\n\u003c4\u003e [309.732468] intel_uc_init_early+0x61/0x680 [i915]\n\u003c4\u003e [309.732667] intel_gt_common_init_early+0x105/0x130 [i915]\n\u003c4\u003e [309.732804] intel_root_gt_init_early+0x63/0x80 [i915]\n\u003c4\u003e [309.732938] i915_driver_probe+0x1fa/0xeb0 [i915]\n\u003c4\u003e [309.733075] i915_pci_probe+0xe6/0x220 [i915]\n\u003c4\u003e [309.733198] local_pci_probe+0x44/0xb0\n\u003c4\u003e [309.733203] pci_device_probe+0xf4/0x270\n\u003c4\u003e [309.733209] really_probe+0xee/0x3c0\n\u003c4\u003e [309.733215] __driver_probe_device+0x8c/0x180\n\u003c4\u003e [309.733219] driver_probe_device+0x24/0xd0\n\u003c4\u003e [309.733223] __driver_attach+0x10f/0x220\n\u003c4\u003e [309.733230] bus_for_each_dev+0x7d/0xe0\n\u003c4\u003e [309.733236] driver_attach+0x1e/0x30\n\u003c4\u003e [309.733239] bus_add_driver+0x151/0x290\n\u003c4\u003e [309.733244] driver_register+0x5e/0x130\n\u003c4\u003e [309.733247] __pci_register_driver+0x7d/0x90\n\u003c4\u003e [309.733251] i915_pci_register_driver+0x23/0x30 [i915]\n\u003c4\u003e [309.733413] i915_init+0x34/0x120 [i915]\n\u003c4\u003e [309.733655] do_one_initcall+0x62/0x3f0\n\u003c4\u003e [309.733667] do_init_module+0x97/0x2a0\n\u003c4\u003e [309.733671] load_module+0x25ff/0x2890\n\u003c4\u003e [309.733688] init_module_from_file+0x97/0xe0\n\u003c4\u003e [309.733701] idempotent_init_module+0x118/0x330\n\u003c4\u003e [309.733711] __x64_sys_finit_module+0x77/0x100\n\u003c4\u003e [309.733715] x64_sys_call+0x1f37/0x2650\n\u003c4\u003e [309.733719] do_syscall_64+0x91/0x180\n\u003c4\u003e [309.733763] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\u003c4\u003e [309.733792] \u003c/TASK\u003e\n...\n\u003c4\u003e [309.733806] ---[ end trace 0000000000000000 ]---\n\nThat scenario is most easily reproducible with\nigt@i915_module_load@reload-with-fault-injection.\n\nFix the issue by moving the cleanup step to driver release path.\n\n(cherry picked from commit 795dbde92fe5c6996a02a5b579481de73035e7bf)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37754",
"url": "https://www.suse.com/security/cve/CVE-2025-37754"
},
{
"category": "external",
"summary": "SUSE Bug 1242524 for CVE-2025-37754",
"url": "https://bugzilla.suse.com/1242524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37754"
},
{
"cve": "CVE-2025-37755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37755"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: handle page_pool_dev_alloc_pages error\n\npage_pool_dev_alloc_pages could return NULL. There was a WARN_ON(!page)\nbut it would still proceed to use the NULL pointer and then crash.\n\nThis is similar to commit 001ba0902046\n(\"net: fec: handle page_pool_dev_alloc_pages error\").\n\nThis is found by our static analysis tool KNighter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37755",
"url": "https://www.suse.com/security/cve/CVE-2025-37755"
},
{
"category": "external",
"summary": "SUSE Bug 1242506 for CVE-2025-37755",
"url": "https://bugzilla.suse.com/1242506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37755"
},
{
"cve": "CVE-2025-37758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()\n\ndevm_ioremap() returns NULL on error. Currently, pxa_ata_probe() does\nnot check for this case, which can result in a NULL pointer dereference.\n\nAdd NULL check after devm_ioremap() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37758",
"url": "https://www.suse.com/security/cve/CVE-2025-37758"
},
{
"category": "external",
"summary": "SUSE Bug 1242514 for CVE-2025-37758",
"url": "https://bugzilla.suse.com/1242514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37758"
},
{
"cve": "CVE-2025-37765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: prime: fix ttm_bo_delayed_delete oops\n\nFix an oops in ttm_bo_delayed_delete which results from dererencing a\ndangling pointer:\n\nOops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [#1] PREEMPT SMP\nCPU: 4 UID: 0 PID: 1082 Comm: kworker/u65:2 Not tainted 6.14.0-rc4-00267-g505460b44513-dirty #216\nHardware name: LENOVO 82N6/LNVNB161216, BIOS GKCN65WW 01/16/2024\nWorkqueue: ttm ttm_bo_delayed_delete [ttm]\nRIP: 0010:dma_resv_iter_first_unlocked+0x55/0x290\nCode: 31 f6 48 c7 c7 00 2b fa aa e8 97 bd 52 ff e8 a2 c1 53 00 5a 85 c0 74 48 e9 88 01 00 00 4c 89 63 20 4d 85 e4 0f 84 30 01 00 00 \u003c41\u003e 8b 44 24 10 c6 43 2c 01 48 89 df 89 43 28 e8 97 fd ff ff 4c 8b\nRSP: 0018:ffffbf9383473d60 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: ffffbf9383473d88 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffbf9383473d78 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 6b6b6b6b6b6b6b6b\nR13: ffffa003bbf78580 R14: ffffa003a6728040 R15: 00000000000383cc\nFS: 0000000000000000(0000) GS:ffffa00991c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000758348024dd0 CR3: 000000012c259000 CR4: 0000000000f50ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x26\n ? die_addr+0x3d/0x70\n ? exc_general_protection+0x159/0x460\n ? asm_exc_general_protection+0x27/0x30\n ? dma_resv_iter_first_unlocked+0x55/0x290\n dma_resv_wait_timeout+0x56/0x100\n ttm_bo_delayed_delete+0x69/0xb0 [ttm]\n process_one_work+0x217/0x5c0\n worker_thread+0x1c8/0x3d0\n ? apply_wqattrs_cleanup.part.0+0xc0/0xc0\n kthread+0x10b/0x240\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork+0x40/0x70\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThe cause of this is:\n\n- drm_prime_gem_destroy calls dma_buf_put(dma_buf) which releases the\n reference to the shared dma_buf. The reference count is 0, so the\n dma_buf is destroyed, which in turn decrements the corresponding\n amdgpu_bo reference count to 0, and the amdgpu_bo is destroyed -\n calling drm_gem_object_release then dma_resv_fini (which destroys the\n reservation object), then finally freeing the amdgpu_bo.\n\n- nouveau_bo obj-\u003ebo.base.resv is now a dangling pointer to the memory\n formerly allocated to the amdgpu_bo.\n\n- nouveau_gem_object_del calls ttm_bo_put(\u0026nvbo-\u003ebo) which calls\n ttm_bo_release, which schedules ttm_bo_delayed_delete.\n\n- ttm_bo_delayed_delete runs and dereferences the dangling resv pointer,\n resulting in a general protection fault.\n\nFix this by moving the drm_prime_gem_destroy call from\nnouveau_gem_object_del to nouveau_bo_del_ttm. This ensures that it will\nbe run after ttm_bo_delayed_delete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37765",
"url": "https://www.suse.com/security/cve/CVE-2025-37765"
},
{
"category": "external",
"summary": "SUSE Bug 1242761 for CVE-2025-37765",
"url": "https://bugzilla.suse.com/1242761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37765"
},
{
"cve": "CVE-2025-37766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37766",
"url": "https://www.suse.com/security/cve/CVE-2025-37766"
},
{
"category": "external",
"summary": "SUSE Bug 1242785 for CVE-2025-37766",
"url": "https://bugzilla.suse.com/1242785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37766"
},
{
"cve": "CVE-2025-37767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37767",
"url": "https://www.suse.com/security/cve/CVE-2025-37767"
},
{
"category": "external",
"summary": "SUSE Bug 1242501 for CVE-2025-37767",
"url": "https://bugzilla.suse.com/1242501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37767"
},
{
"cve": "CVE-2025-37768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37768",
"url": "https://www.suse.com/security/cve/CVE-2025-37768"
},
{
"category": "external",
"summary": "SUSE Bug 1242567 for CVE-2025-37768",
"url": "https://bugzilla.suse.com/1242567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37768"
},
{
"cve": "CVE-2025-37769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm/smu11: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n(cherry picked from commit da7dc714a8f8e1c9fc33c57cd63583779a3bef71)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37769",
"url": "https://www.suse.com/security/cve/CVE-2025-37769"
},
{
"category": "external",
"summary": "SUSE Bug 1242587 for CVE-2025-37769",
"url": "https://bugzilla.suse.com/1242587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37769"
},
{
"cve": "CVE-2025-37770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37770",
"url": "https://www.suse.com/security/cve/CVE-2025-37770"
},
{
"category": "external",
"summary": "SUSE Bug 1242764 for CVE-2025-37770",
"url": "https://bugzilla.suse.com/1242764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37770"
},
{
"cve": "CVE-2025-37771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37771",
"url": "https://www.suse.com/security/cve/CVE-2025-37771"
},
{
"category": "external",
"summary": "SUSE Bug 1242781 for CVE-2025-37771",
"url": "https://bugzilla.suse.com/1242781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37771"
},
{
"cve": "CVE-2025-37772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix workqueue crash in cma_netevent_work_handler\n\nstruct rdma_cm_id has member \"struct work_struct net_work\"\nthat is reused for enqueuing cma_netevent_work_handler()s\nonto cma_wq.\n\nBelow crash[1] can occur if more than one call to\ncma_netevent_callback() occurs in quick succession,\nwhich further enqueues cma_netevent_work_handler()s for the\nsame rdma_cm_id, overwriting any previously queued work-item(s)\nthat was just scheduled to run i.e. there is no guarantee\nthe queued work item may run between two successive calls\nto cma_netevent_callback() and the 2nd INIT_WORK would overwrite\nthe 1st work item (for the same rdma_cm_id), despite grabbing\nid_table_lock during enqueue.\n\nAlso drgn analysis [2] indicates the work item was likely overwritten.\n\nFix this by moving the INIT_WORK() to __rdma_create_id(),\nso that it doesn\u0027t race with any existing queue_work() or\nits worker thread.\n\n[1] Trimmed crash stack:\n=============================================\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nkworker/u256:6 ... 6.12.0-0...\nWorkqueue: cma_netevent_work_handler [rdma_cm] (rdma_cm)\nRIP: 0010:process_one_work+0xba/0x31a\nCall Trace:\n worker_thread+0x266/0x3a0\n kthread+0xcf/0x100\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x1a/0x30\n=============================================\n\n[2] drgn crash analysis:\n\n\u003e\u003e\u003e trace = prog.crashed_thread().stack_trace()\n\u003e\u003e\u003e trace\n(0) crash_setup_regs (./arch/x86/include/asm/kexec.h:111:15)\n(1) __crash_kexec (kernel/crash_core.c:122:4)\n(2) panic (kernel/panic.c:399:3)\n(3) oops_end (arch/x86/kernel/dumpstack.c:382:3)\n...\n(8) process_one_work (kernel/workqueue.c:3168:2)\n(9) process_scheduled_works (kernel/workqueue.c:3310:3)\n(10) worker_thread (kernel/workqueue.c:3391:4)\n(11) kthread (kernel/kthread.c:389:9)\n\nLine workqueue.c:3168 for this kernel version is in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n\n\u003e\u003e\u003e trace[8][\"work\"]\n*(struct work_struct *)0xffff92577d0a21d8 = {\n\t.data = (atomic_long_t){\n\t\t.counter = (s64)536870912, \u003c=== Note\n\t},\n\t.entry = (struct list_head){\n\t\t.next = (struct list_head *)0xffff924d075924c0,\n\t\t.prev = (struct list_head *)0xffff924d075924c0,\n\t},\n\t.func = (work_func_t)cma_netevent_work_handler+0x0 = 0xffffffffc2cec280,\n}\n\nSuspicion is that pwq is NULL:\n\u003e\u003e\u003e trace[8][\"pwq\"]\n(struct pool_workqueue *)\u003cabsent\u003e\n\nIn process_one_work(), pwq is assigned from:\nstruct pool_workqueue *pwq = get_work_pwq(work);\n\nand get_work_pwq() is:\nstatic struct pool_workqueue *get_work_pwq(struct work_struct *work)\n{\n \tunsigned long data = atomic_long_read(\u0026work-\u003edata);\n\n \tif (data \u0026 WORK_STRUCT_PWQ)\n \t\treturn work_struct_pwq(data);\n \telse\n \t\treturn NULL;\n}\n\nWORK_STRUCT_PWQ is 0x4:\n\u003e\u003e\u003e print(repr(prog[\u0027WORK_STRUCT_PWQ\u0027]))\nObject(prog, \u0027enum work_flags\u0027, value=4)\n\nBut work-\u003edata is 536870912 which is 0x20000000.\nSo, get_work_pwq() returns NULL and we crash in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n=============================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37772",
"url": "https://www.suse.com/security/cve/CVE-2025-37772"
},
{
"category": "external",
"summary": "SUSE Bug 1242563 for CVE-2025-37772",
"url": "https://bugzilla.suse.com/1242563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37772"
},
{
"cve": "CVE-2025-37773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtiofs: add filesystem context source name check\n\nIn certain scenarios, for example, during fuzz testing, the source\nname may be NULL, which could lead to a kernel panic. Therefore, an\nextra check for the source name should be added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37773",
"url": "https://www.suse.com/security/cve/CVE-2025-37773"
},
{
"category": "external",
"summary": "SUSE Bug 1242502 for CVE-2025-37773",
"url": "https://bugzilla.suse.com/1242502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37773"
},
{
"cve": "CVE-2025-37780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Prevent the use of too small fid\n\nsyzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1]\n\nThe handle_bytes value passed in by the reproducing program is equal to 12.\nIn handle_to_path(), only 12 bytes of memory are allocated for the structure\nfile_handle-\u003ef_handle member, which causes an out-of-bounds access when\naccessing the member parent_block of the structure isofs_fid in isofs,\nbecause accessing parent_block requires at least 16 bytes of f_handle.\nHere, fh_len is used to indirectly confirm that the value of handle_bytes\nis greater than 3 before accessing parent_block.\n\n[1]\nBUG: KASAN: slab-out-of-bounds in isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\nRead of size 4 at addr ffff0000cc030d94 by task syz-executor215/6466\nCPU: 1 UID: 0 PID: 6466 Comm: syz-executor215 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0x198/0x550 mm/kasan/report.c:521\n kasan_report+0xd8/0x138 mm/kasan/report.c:634\n __asan_report_load4_noabort+0x20/0x2c mm/kasan/report_generic.c:380\n isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\n exportfs_decode_fh_raw+0x2dc/0x608 fs/exportfs/expfs.c:523\n do_handle_to_path+0xa0/0x198 fs/fhandle.c:257\n handle_to_path fs/fhandle.c:385 [inline]\n do_handle_open+0x8cc/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nAllocated by task 6466:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x40/0x50 mm/kasan/generic.c:562\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xac/0xc4 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4294 [inline]\n __kmalloc_noprof+0x32c/0x54c mm/slub.c:4306\n kmalloc_noprof include/linux/slab.h:905 [inline]\n handle_to_path fs/fhandle.c:357 [inline]\n do_handle_open+0x5a4/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37780",
"url": "https://www.suse.com/security/cve/CVE-2025-37780"
},
{
"category": "external",
"summary": "SUSE Bug 1242786 for CVE-2025-37780",
"url": "https://bugzilla.suse.com/1242786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37780"
},
{
"cve": "CVE-2025-37781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: cros-ec-tunnel: defer probe if parent EC is not present\n\nWhen i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent\ndevice will not be found, leading to NULL pointer dereference.\n\nThat can also be reproduced by unbinding the controller driver and then\nloading i2c-cros-ec-tunnel module (or binding the device).\n\n[ 271.991245] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 271.998215] #PF: supervisor read access in kernel mode\n[ 272.003351] #PF: error_code(0x0000) - not-present page\n[ 272.008485] PGD 0 P4D 0\n[ 272.011022] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 272.015207] CPU: 0 UID: 0 PID: 3859 Comm: insmod Tainted: G S 6.15.0-rc1-00004-g44722359ed83 #30 PREEMPT(full) 3c7fb39a552e7d949de2ad921a7d6588d3a4fdc5\n[ 272.030312] Tainted: [S]=CPU_OUT_OF_SPEC\n[ 272.034233] Hardware name: HP Berknip/Berknip, BIOS Google_Berknip.13434.356.0 05/17/2021\n[ 272.042400] RIP: 0010:ec_i2c_probe+0x2b/0x1c0 [i2c_cros_ec_tunnel]\n[ 272.048577] Code: 1f 44 00 00 41 57 41 56 41 55 41 54 53 48 83 ec 10 65 48 8b 05 06 a0 6c e7 48 89 44 24 08 4c 8d 7f 10 48 8b 47 50 4c 8b 60 78 \u003c49\u003e 83 7c 24 58 00 0f 84 2f 01 00 00 48 89 fb be 30 06 00 00 4c 9\n[ 272.067317] RSP: 0018:ffffa32082a03940 EFLAGS: 00010282\n[ 272.072541] RAX: ffff969580b6a810 RBX: ffff969580b68c10 RCX: 0000000000000000\n[ 272.079672] RDX: 0000000000000000 RSI: 0000000000000282 RDI: ffff969580b68c00\n[ 272.086804] RBP: 00000000fffffdfb R08: 0000000000000000 R09: 0000000000000000\n[ 272.093936] R10: 0000000000000000 R11: ffffffffc0600000 R12: 0000000000000000\n[ 272.101067] R13: ffffffffa666fbb8 R14: ffffffffc05b5528 R15: ffff969580b68c10\n[ 272.108198] FS: 00007b930906fc40(0000) GS:ffff969603149000(0000) knlGS:0000000000000000\n[ 272.116282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 272.122024] CR2: 0000000000000058 CR3: 000000012631c000 CR4: 00000000003506f0\n[ 272.129155] Call Trace:\n[ 272.131606] \u003cTASK\u003e\n[ 272.133709] ? acpi_dev_pm_attach+0xdd/0x110\n[ 272.137985] platform_probe+0x69/0xa0\n[ 272.141652] really_probe+0x152/0x310\n[ 272.145318] __driver_probe_device+0x77/0x110\n[ 272.149678] driver_probe_device+0x1e/0x190\n[ 272.153864] __driver_attach+0x10b/0x1e0\n[ 272.157790] ? driver_attach+0x20/0x20\n[ 272.161542] bus_for_each_dev+0x107/0x150\n[ 272.165553] bus_add_driver+0x15d/0x270\n[ 272.169392] driver_register+0x65/0x110\n[ 272.173232] ? cleanup_module+0xa80/0xa80 [i2c_cros_ec_tunnel 3a00532f3f4af4a9eade753f86b0f8dd4e4e5698]\n[ 272.182617] do_one_initcall+0x110/0x350\n[ 272.186543] ? security_kernfs_init_security+0x49/0xd0\n[ 272.191682] ? __kernfs_new_node+0x1b9/0x240\n[ 272.195954] ? security_kernfs_init_security+0x49/0xd0\n[ 272.201093] ? __kernfs_new_node+0x1b9/0x240\n[ 272.205365] ? kernfs_link_sibling+0x105/0x130\n[ 272.209810] ? kernfs_next_descendant_post+0x1c/0xa0\n[ 272.214773] ? kernfs_activate+0x57/0x70\n[ 272.218699] ? kernfs_add_one+0x118/0x160\n[ 272.222710] ? __kernfs_create_file+0x71/0xa0\n[ 272.227069] ? sysfs_add_bin_file_mode_ns+0xd6/0x110\n[ 272.232033] ? internal_create_group+0x453/0x4a0\n[ 272.236651] ? __vunmap_range_noflush+0x214/0x2d0\n[ 272.241355] ? __free_frozen_pages+0x1dc/0x420\n[ 272.245799] ? free_vmap_area_noflush+0x10a/0x1c0\n[ 272.250505] ? load_module+0x1509/0x16f0\n[ 272.254431] do_init_module+0x60/0x230\n[ 272.258181] __se_sys_finit_module+0x27a/0x370\n[ 272.262627] do_syscall_64+0x6a/0xf0\n[ 272.266206] ? do_syscall_64+0x76/0xf0\n[ 272.269956] ? irqentry_exit_to_user_mode+0x79/0x90\n[ 272.274836] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n[ 272.279887] RIP: 0033:0x7b9309168d39\n[ 272.283466] Code: 5b 41 5c 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d af 40 0c 00 f7 d8 64 89 01 8\n[ 272.302210] RSP: 002b:00007fff50f1a288 EFLAGS: 00000246 ORIG_RAX: 000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37781",
"url": "https://www.suse.com/security/cve/CVE-2025-37781"
},
{
"category": "external",
"summary": "SUSE Bug 1242575 for CVE-2025-37781",
"url": "https://bugzilla.suse.com/1242575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37781"
},
{
"cve": "CVE-2025-37782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37782"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37782",
"url": "https://www.suse.com/security/cve/CVE-2025-37782"
},
{
"category": "external",
"summary": "SUSE Bug 1242770 for CVE-2025-37782",
"url": "https://bugzilla.suse.com/1242770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37782"
},
{
"cve": "CVE-2025-37787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered\n\nRussell King reports that a system with mv88e6xxx dereferences a NULL\npointer when unbinding this driver:\nhttps://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/\n\nThe crash seems to be in devlink_region_destroy(), which is not NULL\ntolerant but is given a NULL devlink global region pointer.\n\nAt least on some chips, some devlink regions are conditionally registered\nsince the blamed commit, see mv88e6xxx_setup_devlink_regions_global():\n\n\t\tif (cond \u0026\u0026 !cond(chip))\n\t\t\tcontinue;\n\nThese are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip\ndoes not have an STU or PVT, it should crash like this.\n\nTo fix the issue, avoid unregistering those regions which are NULL, i.e.\nwere skipped at mv88e6xxx_setup_devlink_regions_global() time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37787",
"url": "https://www.suse.com/security/cve/CVE-2025-37787"
},
{
"category": "external",
"summary": "SUSE Bug 1242585 for CVE-2025-37787",
"url": "https://bugzilla.suse.com/1242585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37787"
},
{
"cve": "CVE-2025-37788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path\n\nIn the for loop used to allocate the loc_array and bmap for each port, a\nmemory leak is possible when the allocation for loc_array succeeds,\nbut the allocation for bmap fails. This is because when the control flow\ngoes to the label free_eth_finfo, only the allocations starting from\n(i-1)th iteration are freed.\n\nFix that by freeing the loc_array in the bmap allocation error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37788",
"url": "https://www.suse.com/security/cve/CVE-2025-37788"
},
{
"category": "external",
"summary": "SUSE Bug 1242766 for CVE-2025-37788",
"url": "https://bugzilla.suse.com/1242766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37788"
},
{
"cve": "CVE-2025-37789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix nested key length validation in the set() action\n\nIt\u0027s not safe to access nla_len(ovs_key) if the data is smaller than\nthe netlink header. Check that the attribute is OK first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37789",
"url": "https://www.suse.com/security/cve/CVE-2025-37789"
},
{
"category": "external",
"summary": "SUSE Bug 1242762 for CVE-2025-37789",
"url": "https://bugzilla.suse.com/1242762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37789"
},
{
"cve": "CVE-2025-37790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Set SOCK_RCU_FREE\n\nBind lookup runs under RCU, so ensure that a socket doesn\u0027t go away in\nthe middle of a lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37790",
"url": "https://www.suse.com/security/cve/CVE-2025-37790"
},
{
"category": "external",
"summary": "SUSE Bug 1242509 for CVE-2025-37790",
"url": "https://bugzilla.suse.com/1242509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37790"
},
{
"cve": "CVE-2025-37792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: Prevent potential NULL dereference\n\nThe btrtl_initialize() function checks that rtl_load_file() either\nhad an error or it loaded a zero length file. However, if it loaded\na zero length file then the error code is not set correctly. It\nresults in an error pointer vs NULL bug, followed by a NULL pointer\ndereference. This was detected by Smatch:\n\ndrivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to \u0027ERR_PTR\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37792",
"url": "https://www.suse.com/security/cve/CVE-2025-37792"
},
{
"category": "external",
"summary": "SUSE Bug 1242591 for CVE-2025-37792",
"url": "https://bugzilla.suse.com/1242591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37792"
},
{
"cve": "CVE-2025-37793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\navs_component_probe() does not check for this case, which results in a\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37793",
"url": "https://www.suse.com/security/cve/CVE-2025-37793"
},
{
"category": "external",
"summary": "SUSE Bug 1242584 for CVE-2025-37793",
"url": "https://bugzilla.suse.com/1242584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37793"
},
{
"cve": "CVE-2025-37794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Purge vif txq in ieee80211_do_stop()\n\nAfter ieee80211_do_stop() SKB from vif\u0027s txq could still be processed.\nIndeed another concurrent vif schedule_and_wake_txq call could cause\nthose packets to be dequeued (see ieee80211_handle_wake_tx_queue())\nwithout checking the sdata current state.\n\nBecause vif.drv_priv is now cleared in this function, this could lead to\ndriver crash.\n\nFor example in ath12k, ahvif is store in vif.drv_priv. Thus if\nath12k_mac_op_tx() is called after ieee80211_do_stop(), ahvif-\u003eah can be\nNULL, leading the ath12k_warn(ahvif-\u003eah,...) call in this function to\ntrigger the NULL deref below.\n\n Unable to handle kernel paging request at virtual address dfffffc000000001\n KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n batman_adv: bat0: Interface deactivated: brbh1337\n Mem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n [dfffffc000000001] address between user and kernel address ranges\n Internal error: Oops: 0000000096000004 [#1] SMP\n CPU: 1 UID: 0 PID: 978 Comm: lbd Not tainted 6.13.0-g633f875b8f1e #114\n Hardware name: HW (DT)\n pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k]\n lr : ath12k_mac_op_tx+0x174/0x29b8 [ath12k]\n sp : ffffffc086ace450\n x29: ffffffc086ace450 x28: 0000000000000000 x27: 1ffffff810d59ca4\n x26: ffffff801d05f7c0 x25: 0000000000000000 x24: 000000004000001e\n x23: ffffff8009ce4926 x22: ffffff801f9c0800 x21: ffffff801d05f7f0\n x20: ffffff8034a19f40 x19: 0000000000000000 x18: ffffff801f9c0958\n x17: ffffff800bc0a504 x16: dfffffc000000000 x15: ffffffc086ace4f8\n x14: ffffff801d05f83c x13: 0000000000000000 x12: ffffffb003a0bf03\n x11: 0000000000000000 x10: ffffffb003a0bf02 x9 : ffffff8034a19f40\n x8 : ffffff801d05f818 x7 : 1ffffff0069433dc x6 : ffffff8034a19ee0\n x5 : ffffff801d05f7f0 x4 : 0000000000000000 x3 : 0000000000000001\n x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000008\n Call trace:\n ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k] (P)\n ieee80211_handle_wake_tx_queue+0x16c/0x260\n ieee80211_queue_skb+0xeec/0x1d20\n ieee80211_tx+0x200/0x2c8\n ieee80211_xmit+0x22c/0x338\n __ieee80211_subif_start_xmit+0x7e8/0xc60\n ieee80211_subif_start_xmit+0xc4/0xee0\n __ieee80211_subif_start_xmit_8023.isra.0+0x854/0x17a0\n ieee80211_subif_start_xmit_8023+0x124/0x488\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n br_dev_queue_push_xmit+0x120/0x4a8\n __br_forward+0xe4/0x2b0\n deliver_clone+0x5c/0xd0\n br_flood+0x398/0x580\n br_dev_xmit+0x454/0x9f8\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n ip6_finish_output2+0xc28/0x1b60\n __ip6_finish_output+0x38c/0x638\n ip6_output+0x1b4/0x338\n ip6_local_out+0x7c/0xa8\n ip6_send_skb+0x7c/0x1b0\n ip6_push_pending_frames+0x94/0xd0\n rawv6_sendmsg+0x1a98/0x2898\n inet_sendmsg+0x94/0xe0\n __sys_sendto+0x1e4/0x308\n __arm64_sys_sendto+0xc4/0x140\n do_el0_svc+0x110/0x280\n el0_svc+0x20/0x60\n el0t_64_sync_handler+0x104/0x138\n el0t_64_sync+0x154/0x158\n\nTo avoid that, empty vif\u0027s txq at ieee80211_do_stop() so no packet could\nbe dequeued after ieee80211_do_stop() (new packets cannot be queued\nbecause SDATA_STATE_RUNNING is cleared at this point).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37794",
"url": "https://www.suse.com/security/cve/CVE-2025-37794"
},
{
"category": "external",
"summary": "SUSE Bug 1242566 for CVE-2025-37794",
"url": "https://bugzilla.suse.com/1242566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37794"
},
{
"cve": "CVE-2025-37796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: at76c50x: fix use after free access in at76_disconnect\n\nThe memory pointed to by priv is freed at the end of at76_delete_device\nfunction (using ieee80211_free_hw). But the code then accesses the udev\nfield of the freed object to put the USB device. This may also lead to a\nmemory leak of the usb device. Fix this by using udev from interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37796",
"url": "https://www.suse.com/security/cve/CVE-2025-37796"
},
{
"category": "external",
"summary": "SUSE Bug 1242727 for CVE-2025-37796",
"url": "https://bugzilla.suse.com/1242727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37796"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix potential NULL pointer dereference in dev_uevent()\n\nIf userspace reads \"uevent\" device attribute at the same time as another\nthreads unbinds the device from its driver, change to dev-\u003edriver from a\nvalid pointer to NULL may result in crash. Fix this by using READ_ONCE()\nwhen fetching the pointer, and take bus\u0027 drivers klist lock to make sure\ndriver instance will not disappear while we access it.\n\nUse WRITE_ONCE() when setting the driver pointer to ensure there is no\ntearing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37800",
"url": "https://www.suse.com/security/cve/CVE-2025-37800"
},
{
"category": "external",
"summary": "SUSE Bug 1242849 for CVE-2025-37800",
"url": "https://bugzilla.suse.com/1242849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37800"
},
{
"cve": "CVE-2025-37801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37801"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-imx: Add check for spi_imx_setupxfer()\n\nAdd check for the return value of spi_imx_setupxfer().\nspi_imx-\u003erx and spi_imx-\u003etx function pointer can be NULL when\nspi_imx_setupxfer() return error, and make NULL pointer dereference.\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n Call trace:\n 0x0\n spi_imx_pio_transfer+0x50/0xd8\n spi_imx_transfer_one+0x18c/0x858\n spi_transfer_one_message+0x43c/0x790\n __spi_pump_transfer_message+0x238/0x5d4\n __spi_sync+0x2b0/0x454\n spi_write_then_read+0x11c/0x200",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37801",
"url": "https://www.suse.com/security/cve/CVE-2025-37801"
},
{
"category": "external",
"summary": "SUSE Bug 1242850 for CVE-2025-37801",
"url": "https://bugzilla.suse.com/1242850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37801"
},
{
"cve": "CVE-2025-37803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudmabuf: fix a buf size overflow issue during udmabuf creation\n\nby casting size_limit_mb to u64 when calculate pglimit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37803",
"url": "https://www.suse.com/security/cve/CVE-2025-37803"
},
{
"category": "external",
"summary": "SUSE Bug 1242852 for CVE-2025-37803",
"url": "https://bugzilla.suse.com/1242852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37803"
},
{
"cve": "CVE-2025-37804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37804"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37804",
"url": "https://www.suse.com/security/cve/CVE-2025-37804"
},
{
"category": "external",
"summary": "SUSE Bug 1242854 for CVE-2025-37804",
"url": "https://bugzilla.suse.com/1242854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37804"
},
{
"cve": "CVE-2025-37805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsound/virtio: Fix cancel_sync warnings on uninitialized work_structs\n\nBetty reported hitting the following warning:\n\n[ 8.709131][ T221] WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182\n...\n[ 8.713282][ T221] Call trace:\n[ 8.713365][ T221] __flush_work+0x8d0/0x914\n[ 8.713468][ T221] __cancel_work_sync+0xac/0xfc\n[ 8.713570][ T221] cancel_work_sync+0x24/0x34\n[ 8.713667][ T221] virtsnd_remove+0xa8/0xf8 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.713868][ T221] virtsnd_probe+0x48c/0x664 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.714035][ T221] virtio_dev_probe+0x28c/0x390\n[ 8.714139][ T221] really_probe+0x1bc/0x4c8\n...\n\nIt seems we\u0027re hitting the error path in virtsnd_probe(), which\ntriggers a virtsnd_remove() which iterates over the substreams\ncalling cancel_work_sync() on the elapsed_period work_struct.\n\nLooking at the code, from earlier in:\nvirtsnd_probe()-\u003evirtsnd_build_devs()-\u003evirtsnd_pcm_parse_cfg()\n\nWe set snd-\u003ensubstreams, allocate the snd-\u003esubstreams, and if\nwe then hit an error on the info allocation or something in\nvirtsnd_ctl_query_info() fails, we will exit without having\ninitialized the elapsed_period work_struct.\n\nWhen that error path unwinds we then call virtsnd_remove()\nwhich as long as the substreams array is allocated, will iterate\nthrough calling cancel_work_sync() on the uninitialized work\nstruct hitting this warning.\n\nTakashi Iwai suggested this fix, which initializes the substreams\nstructure right after allocation, so that if we hit the error\npaths we avoid trying to cleanup uninitialized data.\n\nNote: I have not yet managed to reproduce the issue myself, so\nthis patch has had limited testing.\n\nFeedback or thoughts would be appreciated!",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37805",
"url": "https://www.suse.com/security/cve/CVE-2025-37805"
},
{
"category": "external",
"summary": "SUSE Bug 1242930 for CVE-2025-37805",
"url": "https://bugzilla.suse.com/1242930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37805"
},
{
"cve": "CVE-2025-37809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Fix NULL pointer access\n\nConcurrent calls to typec_partner_unlink_device can lead to a NULL pointer\ndereference. This patch adds a mutex to protect USB device pointers and\nprevent this issue. The same mutex protects both the device pointers and\nthe partner device registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37809",
"url": "https://www.suse.com/security/cve/CVE-2025-37809"
},
{
"category": "external",
"summary": "SUSE Bug 1242856 for CVE-2025-37809",
"url": "https://bugzilla.suse.com/1242856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37809"
},
{
"cve": "CVE-2025-37810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: check that event count does not exceed event buffer length\n\nThe event count is read from register DWC3_GEVNTCOUNT.\nThere is a check for the count being zero, but not for exceeding the\nevent buffer length.\nCheck that event count does not exceed event buffer length,\navoiding an out-of-bounds access when memcpy\u0027ing the event.\nCrash log:\nUnable to handle kernel paging request at virtual address ffffffc0129be000\npc : __memcpy+0x114/0x180\nlr : dwc3_check_event_buf+0xec/0x348\nx3 : 0000000000000030 x2 : 000000000000dfc4\nx1 : ffffffc0129be000 x0 : ffffff87aad60080\nCall trace:\n__memcpy+0x114/0x180\ndwc3_interrupt+0x24/0x34",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37810",
"url": "https://www.suse.com/security/cve/CVE-2025-37810"
},
{
"category": "external",
"summary": "SUSE Bug 1242906 for CVE-2025-37810",
"url": "https://bugzilla.suse.com/1242906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37810"
},
{
"cve": "CVE-2025-37812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: Fix deadlock when using NCM gadget\n\nThe cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit\n58f2fcb3a845 (\"usb: cdnsp: Fix deadlock issue during using NCM gadget\").\n\nUnder PREEMPT_RT the deadlock can be readily triggered by heavy network\ntraffic, for example using \"iperf --bidir\" over NCM ethernet link.\n\nThe deadlock occurs because the threaded interrupt handler gets\npreempted by a softirq, but both are protected by the same spinlock.\nPrevent deadlock by disabling softirq during threaded irq handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37812",
"url": "https://www.suse.com/security/cve/CVE-2025-37812"
},
{
"category": "external",
"summary": "SUSE Bug 1242908 for CVE-2025-37812",
"url": "https://bugzilla.suse.com/1242908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37812"
},
{
"cve": "CVE-2025-37815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration\n\nResolve kernel panic while accessing IRQ handler associated with the\ngenerated IRQ. This is done by acquiring the spinlock and storing the\ncurrent interrupt state before handling the interrupt request using\ngeneric_handle_irq.\n\nA previous fix patch was submitted where \u0027generic_handle_irq\u0027 was\nreplaced with \u0027handle_nested_irq\u0027. However, this change also causes\nthe kernel panic where after determining which GPIO triggered the\ninterrupt and attempting to call handle_nested_irq with the mapped\nIRQ number, leads to a failure in locating the registered handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37815",
"url": "https://www.suse.com/security/cve/CVE-2025-37815"
},
{
"category": "external",
"summary": "SUSE Bug 1242871 for CVE-2025-37815",
"url": "https://bugzilla.suse.com/1242871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37815"
},
{
"cve": "CVE-2025-37819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()\n\nWith ACPI in place, gicv2m_get_fwnode() is registered with the pci\nsubsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime\nduring a PCI host bridge probe. But, the call back is wrongly marked as\n__init, causing it to be freed, while being registered with the PCI\nsubsystem and could trigger:\n\n Unable to handle kernel paging request at virtual address ffff8000816c0400\n gicv2m_get_fwnode+0x0/0x58 (P)\n pci_set_bus_msi_domain+0x74/0x88\n pci_register_host_bridge+0x194/0x548\n\nThis is easily reproducible on a Juno board with ACPI boot.\n\nRetain the function for later use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37819",
"url": "https://www.suse.com/security/cve/CVE-2025-37819"
},
{
"category": "external",
"summary": "SUSE Bug 1242873 for CVE-2025-37819",
"url": "https://bugzilla.suse.com/1242873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37819"
},
{
"cve": "CVE-2025-37820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen-netfront: handle NULL returned by xdp_convert_buff_to_frame()\n\nThe function xdp_convert_buff_to_frame() may return NULL if it fails\nto correctly convert the XDP buffer into an XDP frame due to memory\nconstraints, internal errors, or invalid data. Failing to check for NULL\nmay lead to a NULL pointer dereference if the result is used later in\nprocessing, potentially causing crashes, data corruption, or undefined\nbehavior.\n\nOn XDP redirect failure, the associated page must be released explicitly\nif it was previously retained via get_page(). Failing to do so may result\nin a memory leak, as the pages reference count is not decremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37820",
"url": "https://www.suse.com/security/cve/CVE-2025-37820"
},
{
"category": "external",
"summary": "SUSE Bug 1242866 for CVE-2025-37820",
"url": "https://bugzilla.suse.com/1242866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37820"
},
{
"cve": "CVE-2025-37823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don\u0027t have a reliable reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37823",
"url": "https://www.suse.com/security/cve/CVE-2025-37823"
},
{
"category": "external",
"summary": "SUSE Bug 1242924 for CVE-2025-37823",
"url": "https://bugzilla.suse.com/1242924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37823"
},
{
"cve": "CVE-2025-37824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix NULL pointer dereference in tipc_mon_reinit_self()\n\nsyzbot reported:\n\ntipc: Node number set to 1055423674\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 3 UID: 0 PID: 6017 Comm: kworker/3:5 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: events tipc_net_finalize_work\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tipc_net_finalize+0x10b/0x180 net/tipc/net.c:140\n process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238\n process_scheduled_works kernel/workqueue.c:3319 [inline]\n worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400\n kthread+0x3c2/0x780 kernel/kthread.c:464\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n...\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\nThere is a racing condition between workqueue created when enabling\nbearer and another thread created when disabling bearer right after\nthat as follow:\n\nenabling_bearer | disabling_bearer\n--------------- | ----------------\ntipc_disc_timeout() |\n{ | bearer_disable()\n ... | {\n schedule_work(\u0026tn-\u003ework); | tipc_mon_delete()\n ... | {\n} | ...\n | write_lock_bh(\u0026mon-\u003elock);\n | mon-\u003eself = NULL;\n | write_unlock_bh(\u0026mon-\u003elock);\n | ...\n | }\ntipc_net_finalize_work() | }\n{ |\n ... |\n tipc_net_finalize() |\n { |\n ... |\n tipc_mon_reinit_self() |\n { |\n ... |\n write_lock_bh(\u0026mon-\u003elock); |\n mon-\u003eself-\u003eaddr = tipc_own_addr(net); |\n write_unlock_bh(\u0026mon-\u003elock); |\n ... \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37824",
"url": "https://www.suse.com/security/cve/CVE-2025-37824"
},
{
"category": "external",
"summary": "SUSE Bug 1242867 for CVE-2025-37824",
"url": "https://bugzilla.suse.com/1242867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37824"
},
{
"cve": "CVE-2025-37829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scpi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37829",
"url": "https://www.suse.com/security/cve/CVE-2025-37829"
},
{
"category": "external",
"summary": "SUSE Bug 1242875 for CVE-2025-37829",
"url": "https://bugzilla.suse.com/1242875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37829"
},
{
"cve": "CVE-2025-37830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scmi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.\n\nAdd NULL check after cpufreq_cpu_get_raw() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37830",
"url": "https://www.suse.com/security/cve/CVE-2025-37830"
},
{
"category": "external",
"summary": "SUSE Bug 1242860 for CVE-2025-37830",
"url": "https://bugzilla.suse.com/1242860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37830"
},
{
"cve": "CVE-2025-37831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. apple_soc_cpufreq_get_rate() does not check\nfor this case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37831",
"url": "https://www.suse.com/security/cve/CVE-2025-37831"
},
{
"category": "external",
"summary": "SUSE Bug 1242861 for CVE-2025-37831",
"url": "https://bugzilla.suse.com/1242861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37831"
},
{
"cve": "CVE-2025-37833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads\n\nFix niu_try_msix() to not cause a fatal trap on sparc systems.\n\nSet PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to\nwork around a bug in the hardware or firmware.\n\nFor each vector entry in the msix table, niu chips will cause a fatal\ntrap if any registers in that entry are read before that entries\u0027\nENTRY_DATA register is written to. Testing indicates writes to other\nregisters are not sufficient to prevent the fatal trap, however the value\ndoes not appear to matter. This only needs to happen once after power up,\nso simply rebooting into a kernel lacking this fix will NOT cause the\ntrap.\n\nNON-RESUMABLE ERROR: Reporting on cpu 64\nNON-RESUMABLE ERROR: TPC [0x00000000005f6900] \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\nNON-RESUMABLE ERROR: RAW [4010000000000016:00000e37f93e32ff:0000000202000080:ffffffffffffffff\nNON-RESUMABLE ERROR: 0000000800000000:0000000000000000:0000000000000000:0000000000000000]\nNON-RESUMABLE ERROR: handle [0x4010000000000016] stick [0x00000e37f93e32ff]\nNON-RESUMABLE ERROR: type [precise nonresumable]\nNON-RESUMABLE ERROR: attrs [0x02000080] \u003c ASI sp-faulted priv \u003e\nNON-RESUMABLE ERROR: raddr [0xffffffffffffffff]\nNON-RESUMABLE ERROR: insn effective address [0x000000c50020000c]\nNON-RESUMABLE ERROR: size [0x8]\nNON-RESUMABLE ERROR: asi [0x00]\nCPU: 64 UID: 0 PID: 745 Comm: kworker/64:1 Not tainted 6.11.5 #63\nWorkqueue: events work_for_cpu_fn\nTSTATE: 0000000011001602 TPC: 00000000005f6900 TNPC: 00000000005f6904 Y: 00000000 Not tainted\nTPC: \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\ng0: 00000000000002e9 g1: 000000000000000c g2: 000000c50020000c g3: 0000000000000100\ng4: ffff8000470307c0 g5: ffff800fec5be000 g6: ffff800047a08000 g7: 0000000000000000\no0: ffff800014feb000 o1: ffff800047a0b620 o2: 0000000000000011 o3: ffff800047a0b620\no4: 0000000000000080 o5: 0000000000000011 sp: ffff800047a0ad51 ret_pc: 00000000005f7128\nRPC: \u003c__pci_enable_msix_range+0x3cc/0x460\u003e\nl0: 000000000000000d l1: 000000000000c01f l2: ffff800014feb0a8 l3: 0000000000000020\nl4: 000000000000c000 l5: 0000000000000001 l6: 0000000020000000 l7: ffff800047a0b734\ni0: ffff800014feb000 i1: ffff800047a0b730 i2: 0000000000000001 i3: 000000000000000d\ni4: 0000000000000000 i5: 0000000000000000 i6: ffff800047a0ae81 i7: 00000000101888b0\nI7: \u003cniu_try_msix.constprop.0+0xc0/0x130 [niu]\u003e\nCall Trace:\n[\u003c00000000101888b0\u003e] niu_try_msix.constprop.0+0xc0/0x130 [niu]\n[\u003c000000001018f840\u003e] niu_get_invariants+0x183c/0x207c [niu]\n[\u003c00000000101902fc\u003e] niu_pci_init_one+0x27c/0x2fc [niu]\n[\u003c00000000005ef3e4\u003e] local_pci_probe+0x28/0x74\n[\u003c0000000000469240\u003e] work_for_cpu_fn+0x8/0x1c\n[\u003c000000000046b008\u003e] process_scheduled_works+0x144/0x210\n[\u003c000000000046b518\u003e] worker_thread+0x13c/0x1c0\n[\u003c00000000004710e0\u003e] kthread+0xb8/0xc8\n[\u003c00000000004060c8\u003e] ret_from_fork+0x1c/0x2c\n[\u003c0000000000000000\u003e] 0x0\nKernel panic - not syncing: Non-resumable error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37833",
"url": "https://www.suse.com/security/cve/CVE-2025-37833"
},
{
"category": "external",
"summary": "SUSE Bug 1242868 for CVE-2025-37833",
"url": "https://bugzilla.suse.com/1242868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37833"
},
{
"cve": "CVE-2025-37836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix reference leak in pci_register_host_bridge()\n\nIf device_register() fails, call put_device() to give up the reference to\navoid a memory leak, per the comment at device_register().\n\nFound by code review.\n\n[bhelgaas: squash Dan Carpenter\u0027s double free fix from\nhttps://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37836",
"url": "https://www.suse.com/security/cve/CVE-2025-37836"
},
{
"category": "external",
"summary": "SUSE Bug 1242957 for CVE-2025-37836",
"url": "https://bugzilla.suse.com/1242957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37836"
},
{
"cve": "CVE-2025-37839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb-\u003es_sequence check\n\nJournal emptiness is not determined by sb-\u003es_sequence == 0 but rather by\nsb-\u003es_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37839",
"url": "https://www.suse.com/security/cve/CVE-2025-37839"
},
{
"category": "external",
"summary": "SUSE Bug 1242990 for CVE-2025-37839",
"url": "https://bugzilla.suse.com/1242990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37839"
},
{
"cve": "CVE-2025-37840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: fix PM resume warning\n\nFixed warning on PM resume as shown below caused due to uninitialized\nstruct nand_operation that checks chip select field :\nWARN_ON(op-\u003ecs \u003e= nanddev_ntargets(\u0026chip-\u003ebase)\n\n[ 14.588522] ------------[ cut here ]------------\n[ 14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8\n[ 14.588553] Modules linked in: bdc udc_core\n[ 14.588579] CPU: 0 UID: 0 PID: 1392 Comm: rtcwake Tainted: G W 6.14.0-rc4-g5394eea10651 #16\n[ 14.588590] Tainted: [W]=WARN\n[ 14.588593] Hardware name: Broadcom STB (Flattened Device Tree)\n[ 14.588598] Call trace:\n[ 14.588604] dump_backtrace from show_stack+0x18/0x1c\n[ 14.588622] r7:00000009 r6:0000008b r5:60000153 r4:c0fa558c\n[ 14.588625] show_stack from dump_stack_lvl+0x70/0x7c\n[ 14.588639] dump_stack_lvl from dump_stack+0x18/0x1c\n[ 14.588653] r5:c08d40b0 r4:c1003cb0\n[ 14.588656] dump_stack from __warn+0x84/0xe4\n[ 14.588668] __warn from warn_slowpath_fmt+0x18c/0x194\n[ 14.588678] r7:c08d40b0 r6:c1003cb0 r5:00000000 r4:00000000\n[ 14.588681] warn_slowpath_fmt from nand_reset_op+0x1e0/0x1f8\n[ 14.588695] r8:70c40dff r7:89705f41 r6:36b4a597 r5:c26c9444 r4:c26b0048\n[ 14.588697] nand_reset_op from brcmnand_resume+0x13c/0x150\n[ 14.588714] r9:00000000 r8:00000000 r7:c24f8010 r6:c228a3f8 r5:c26c94bc r4:c26b0040\n[ 14.588717] brcmnand_resume from platform_pm_resume+0x34/0x54\n[ 14.588735] r5:00000010 r4:c0840a50\n[ 14.588738] platform_pm_resume from dpm_run_callback+0x5c/0x14c\n[ 14.588757] dpm_run_callback from device_resume+0xc0/0x324\n[ 14.588776] r9:c24f8054 r8:c24f80a0 r7:00000000 r6:00000000 r5:00000010 r4:c24f8010\n[ 14.588779] device_resume from dpm_resume+0x130/0x160\n[ 14.588799] r9:c22539e4 r8:00000010 r7:c22bebb0 r6:c24f8010 r5:c22539dc r4:c22539b0\n[ 14.588802] dpm_resume from dpm_resume_end+0x14/0x20\n[ 14.588822] r10:c2204e40 r9:00000000 r8:c228a3fc r7:00000000 r6:00000003 r5:c228a414\n[ 14.588826] r4:00000010\n[ 14.588828] dpm_resume_end from suspend_devices_and_enter+0x274/0x6f8\n[ 14.588848] r5:c228a414 r4:00000000\n[ 14.588851] suspend_devices_and_enter from pm_suspend+0x228/0x2bc\n[ 14.588868] r10:c3502910 r9:c3501f40 r8:00000004 r7:c228a438 r6:c0f95e18 r5:00000000\n[ 14.588871] r4:00000003\n[ 14.588874] pm_suspend from state_store+0x74/0xd0\n[ 14.588889] r7:c228a438 r6:c0f934c8 r5:00000003 r4:00000003\n[ 14.588892] state_store from kobj_attr_store+0x1c/0x28\n[ 14.588913] r9:00000000 r8:00000000 r7:f09f9f08 r6:00000004 r5:c3502900 r4:c0283250\n[ 14.588916] kobj_attr_store from sysfs_kf_write+0x40/0x4c\n[ 14.588936] r5:c3502900 r4:c0d92a48\n[ 14.588939] sysfs_kf_write from kernfs_fop_write_iter+0x104/0x1f0\n[ 14.588956] r5:c3502900 r4:c3501f40\n[ 14.588960] kernfs_fop_write_iter from vfs_write+0x250/0x420\n[ 14.588980] r10:c0e14b48 r9:00000000 r8:c25f5780 r7:00443398 r6:f09f9f68 r5:c34f7f00\n[ 14.588983] r4:c042a88c\n[ 14.588987] vfs_write from ksys_write+0x74/0xe4\n[ 14.589005] r10:00000004 r9:c25f5780 r8:c02002fA0 r7:00000000 r6:00000000 r5:c34f7f00\n[ 14.589008] r4:c34f7f00\n[ 14.589011] ksys_write from sys_write+0x10/0x14\n[ 14.589029] r7:00000004 r6:004421c0 r5:00443398 r4:00000004\n[ 14.589032] sys_write from ret_fast_syscall+0x0/0x5c\n[ 14.589044] Exception stack(0xf09f9fa8 to 0xf09f9ff0)\n[ 14.589050] 9fa0: 00000004 00443398 00000004 00443398 00000004 00000001\n[ 14.589056] 9fc0: 00000004 00443398 004421c0 00000004 b6ecbd58 00000008 bebfbc38 0043eb78\n[ 14.589062] 9fe0: 00440eb0 bebfbaf8 b6de18a0 b6e579e8\n[ 14.589065] ---[ end trace 0000000000000000 ]---\n\nThe fix uses the higher level nand_reset(chip, chipnr); where chipnr = 0, when\ndoing PM resume operation in compliance with the controller support for single\ndie nand chip. Switching from nand_reset_op() to nan\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37840",
"url": "https://www.suse.com/security/cve/CVE-2025-37840"
},
{
"category": "external",
"summary": "SUSE Bug 1242953 for CVE-2025-37840",
"url": "https://bugzilla.suse.com/1242953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37840"
},
{
"cve": "CVE-2025-37841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npm: cpupower: bench: Prevent NULL dereference on malloc failure\n\nIf malloc returns NULL due to low memory, \u0027config\u0027 pointer can be NULL.\nAdd a check to prevent NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37841",
"url": "https://www.suse.com/security/cve/CVE-2025-37841"
},
{
"category": "external",
"summary": "SUSE Bug 1242974 for CVE-2025-37841",
"url": "https://bugzilla.suse.com/1242974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37841"
},
{
"cve": "CVE-2025-37842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fsl-qspi: use devm function instead of driver remove\n\nDriver use devm APIs to manage clk/irq/resources and register the spi\ncontroller, but the legacy remove function will be called first during\ndevice detach and trigger kernel panic. Drop the remove function and use\ndevm_add_action_or_reset() for driver cleanup to ensure the release\nsequence.\n\nTrigger kernel panic on i.MX8MQ by\necho 30bb0000.spi \u003e/sys/bus/platform/drivers/fsl-quadspi/unbind",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37842",
"url": "https://www.suse.com/security/cve/CVE-2025-37842"
},
{
"category": "external",
"summary": "SUSE Bug 1242951 for CVE-2025-37842",
"url": "https://bugzilla.suse.com/1242951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37842"
},
{
"cve": "CVE-2025-37844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: avoid NULL pointer dereference in dbg call\n\ncifs_server_dbg() implies server to be non-NULL so\nmove call under condition to avoid NULL pointer dereference.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37844",
"url": "https://www.suse.com/security/cve/CVE-2025-37844"
},
{
"category": "external",
"summary": "SUSE Bug 1242946 for CVE-2025-37844",
"url": "https://bugzilla.suse.com/1242946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37844"
},
{
"cve": "CVE-2025-37849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Tear down vGIC on failed vCPU creation\n\nIf kvm_arch_vcpu_create() fails to share the vCPU page with the\nhypervisor, we propagate the error back to the ioctl but leave the\nvGIC vCPU data initialised. Note only does this leak the corresponding\nmemory when the vCPU is destroyed but it can also lead to use-after-free\nif the redistributor device handling tries to walk into the vCPU.\n\nAdd the missing cleanup to kvm_arch_vcpu_create(), ensuring that the\nvGIC vCPU structures are destroyed on error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37849",
"url": "https://www.suse.com/security/cve/CVE-2025-37849"
},
{
"category": "external",
"summary": "SUSE Bug 1243000 for CVE-2025-37849",
"url": "https://bugzilla.suse.com/1243000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37849"
},
{
"cve": "CVE-2025-37850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()\n\nWith CONFIG_COMPILE_TEST \u0026\u0026 !CONFIG_HAVE_CLK, pwm_mediatek_config() has a\ndivide-by-zero in the following line:\n\n\tdo_div(resolution, clk_get_rate(pc-\u003eclk_pwms[pwm-\u003ehwpwm]));\n\ndue to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate()\nreturns zero.\n\nThis is presumably just a theoretical problem: COMPILE_TEST overrides\nthe dependency on RALINK which would select COMMON_CLK. Regardless it\u0027s\na good idea to check for the error explicitly to avoid divide-by-zero.\n\nFixes the following warning:\n\n drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section\n\n[ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37850",
"url": "https://www.suse.com/security/cve/CVE-2025-37850"
},
{
"category": "external",
"summary": "SUSE Bug 1242955 for CVE-2025-37850",
"url": "https://bugzilla.suse.com/1242955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37850"
},
{
"cve": "CVE-2025-37851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: Add \u0027plane\u0027 value check\n\nFunction dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB\nof the enum parameter plane.\n\nThe value of this parameter is initialized in dss_init_overlays and in the\ncurrent state of the code it cannot take this value so it\u0027s not a real\nproblem.\n\nFor the purposes of defensive coding it wouldn\u0027t be superfluous to check\nthe parameter value, because some functions down the call stack process\nthis value correctly and some not.\n\nFor example, in dispc_ovl_setup_global_alpha it may lead to buffer\noverflow.\n\nAdd check for this value.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37851",
"url": "https://www.suse.com/security/cve/CVE-2025-37851"
},
{
"category": "external",
"summary": "SUSE Bug 1242977 for CVE-2025-37851",
"url": "https://bugzilla.suse.com/1242977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37851"
},
{
"cve": "CVE-2025-37852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create()\n\nAdd error handling to propagate amdgpu_cgs_create_device() failures\nto the caller. When amdgpu_cgs_create_device() fails, release hwmgr\nand return -ENOMEM to prevent null pointer dereference.\n\n[v1]-\u003e[v2]: Change error code from -EINVAL to -ENOMEM. Free hwmgr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37852",
"url": "https://www.suse.com/security/cve/CVE-2025-37852"
},
{
"category": "external",
"summary": "SUSE Bug 1243074 for CVE-2025-37852",
"url": "https://bugzilla.suse.com/1243074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37852"
},
{
"cve": "CVE-2025-37853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: debugfs hang_hws skip GPU with MES\n\ndebugfs hang_hws is used by GPU reset test with HWS, for MES this crash\nthe kernel with NULL pointer access because dqm-\u003epacket_mgr is not setup\nfor MES path.\n\nSkip GPU with MES for now, MES hang_hws debugfs interface will be\nsupported later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37853",
"url": "https://www.suse.com/security/cve/CVE-2025-37853"
},
{
"category": "external",
"summary": "SUSE Bug 1243076 for CVE-2025-37853",
"url": "https://bugzilla.suse.com/1243076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37853"
},
{
"cve": "CVE-2025-37854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix mode1 reset crash issue\n\nIf HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal\nuser space to abort the processes. After process abort exit, user queues\nstill use the GPU to access system memory before h/w is reset while KFD\ncleanup worker free system memory and free VRAM.\n\nThere is use-after-free race bug that KFD allocate and reuse the freed\nsystem memory, and user queue write to the same system memory to corrupt\nthe data structure and cause driver crash.\n\nTo fix this race, KFD cleanup worker terminate user queues, then flush\nreset_domain wq to wait for any GPU ongoing reset complete, and then\nfree outstanding BOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37854",
"url": "https://www.suse.com/security/cve/CVE-2025-37854"
},
{
"category": "external",
"summary": "SUSE Bug 1243082 for CVE-2025-37854",
"url": "https://bugzilla.suse.com/1243082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37854"
},
{
"cve": "CVE-2025-37858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Prevent integer overflow in AG size calculation\n\nThe JFS filesystem calculates allocation group (AG) size using 1 \u003c\u003c\nl2agsize in dbExtendFS(). When l2agsize exceeds 31 (possible with \u003e2TB\naggregates on 32-bit systems), this 32-bit shift operation causes undefined\nbehavior and improper AG sizing.\n\nOn 32-bit architectures:\n- Left-shifting 1 by 32+ bits results in 0 due to integer overflow\n- This creates invalid AG sizes (0 or garbage values) in\nsbi-\u003ebmap-\u003edb_agsize\n- Subsequent block allocations would reference invalid AG structures\n- Could lead to:\n - Filesystem corruption during extend operations\n - Kernel crashes due to invalid memory accesses\n - Security vulnerabilities via malformed on-disk structures\n\nFix by casting to s64 before shifting:\nbmp-\u003edb_agsize = (s64)1 \u003c\u003c l2agsize;\n\nThis ensures 64-bit arithmetic even on 32-bit architectures. The cast\nmatches the data type of db_agsize (s64) and follows similar patterns in\nJFS block calculation code.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37858",
"url": "https://www.suse.com/security/cve/CVE-2025-37858"
},
{
"category": "external",
"summary": "SUSE Bug 1243049 for CVE-2025-37858",
"url": "https://bugzilla.suse.com/1243049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37858"
},
{
"cve": "CVE-2025-37862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: pidff: Fix null pointer dereference in pidff_find_fields\n\nThis function triggered a null pointer dereference if used to search for\na report that isn\u0027t implemented on the device. This happened both for\noptional and required reports alike.\n\nThe same logic was applied to pidff_find_special_field and although\npidff_init_fields should return an error earlier if one of the required\nreports is missing, future modifications could change this logic and\nresurface this possible null pointer dereference again.\n\nLKML bug report:\nhttps://lore.kernel.org/all/CAL-gK7f5=R0nrrQdPtaZZr1fd-cdAMbDMuZ_NLA8vM0SX+nGSw@mail.gmail.com",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37862",
"url": "https://www.suse.com/security/cve/CVE-2025-37862"
},
{
"category": "external",
"summary": "SUSE Bug 1242982 for CVE-2025-37862",
"url": "https://bugzilla.suse.com/1242982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37862"
},
{
"cve": "CVE-2025-37865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported\n\nRussell King reports that on the ZII dev rev B, deleting a bridge VLAN\nfrom a user port fails with -ENOENT:\nhttps://lore.kernel.org/netdev/Z_lQXNP0s5-IiJzd@shell.armlinux.org.uk/\n\nThis comes from mv88e6xxx_port_vlan_leave() -\u003e mv88e6xxx_mst_put(),\nwhich tries to find an MST entry in \u0026chip-\u003emsts associated with the SID,\nbut fails and returns -ENOENT as such.\n\nBut we know that this chip does not support MST at all, so that is not\nsurprising. The question is why does the guard in mv88e6xxx_mst_put()\nnot exit early:\n\n\tif (!sid)\n\t\treturn 0;\n\nAnd the answer seems to be simple: the sid comes from vlan.sid which\nsupposedly was previously populated by mv88e6xxx_vtu_get().\nBut some chip-\u003einfo-\u003eops-\u003evtu_getnext() implementations do not populate\nvlan.sid, for example see mv88e6185_g1_vtu_getnext(). In that case,\nlater in mv88e6xxx_port_vlan_leave() we are using a garbage sid which is\njust residual stack memory.\n\nTesting for sid == 0 covers all cases of a non-bridge VLAN or a bridge\nVLAN mapped to the default MSTI. For some chips, SID 0 is valid and\ninstalled by mv88e6xxx_stu_setup(). A chip which does not support the\nSTU would implicitly only support mapping all VLANs to the default MSTI,\nso although SID 0 is not valid, it would be sufficient, if we were to\nzero-initialize the vlan structure, to fix the bug, due to the\ncoincidence that a test for vlan.sid == 0 already exists and leads to\nthe same (correct) behavior.\n\nAnother option which would be sufficient would be to add a test for\nmv88e6xxx_has_stu() inside mv88e6xxx_mst_put(), symmetric to the one\nwhich already exists in mv88e6xxx_mst_get(). But that placement means\nthe caller will have to dereference vlan.sid, which means it will access\nuninitialized memory, which is not nice even if it ignores it later.\n\nSo we end up making both modifications, in order to not rely just on the\nsid == 0 coincidence, but also to avoid having uninitialized structure\nfields which might get temporarily accessed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37865",
"url": "https://www.suse.com/security/cve/CVE-2025-37865"
},
{
"category": "external",
"summary": "SUSE Bug 1242954 for CVE-2025-37865",
"url": "https://bugzilla.suse.com/1242954"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37865"
},
{
"cve": "CVE-2025-37867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Silence oversized kvmalloc() warning\n\nsyzkaller triggered an oversized kvmalloc() warning.\nSilence it by adding __GFP_NOWARN.\n\nsyzkaller log:\n WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node_noprof+0x175/0x180\n CPU: 7 UID: 0 PID: 518 Comm: c_repro Not tainted 6.11.0-rc6+ #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__kvmalloc_node_noprof+0x175/0x180\n RSP: 0018:ffffc90001e67c10 EFLAGS: 00010246\n RAX: 0000000000000100 RBX: 0000000000000400 RCX: ffffffff8149d46b\n RDX: 0000000000000000 RSI: ffff8881030fae80 RDI: 0000000000000002\n RBP: 000000712c800000 R08: 0000000000000100 R09: 0000000000000000\n R10: ffffc90001e67c10 R11: 0030ae0601000000 R12: 0000000000000000\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000\n FS: 00007fde79159740(0000) GS:ffff88813bdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000180 CR3: 0000000105eb4005 CR4: 00000000003706b0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ib_umem_odp_get+0x1f6/0x390\n mlx5_ib_reg_user_mr+0x1e8/0x450\n ib_uverbs_reg_mr+0x28b/0x440\n ib_uverbs_write+0x7d3/0xa30\n vfs_write+0x1ac/0x6c0\n ksys_write+0x134/0x170\n ? __sanitizer_cov_trace_pc+0x1c/0x50\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37867",
"url": "https://www.suse.com/security/cve/CVE-2025-37867"
},
{
"category": "external",
"summary": "SUSE Bug 1242948 for CVE-2025-37867",
"url": "https://bugzilla.suse.com/1242948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37867"
},
{
"cve": "CVE-2025-37870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: prevent hang on link training fail\n\n[Why]\nWhen link training fails, the phy clock will be disabled. However, in\nenable_streams, it is assumed that link training succeeded and the\nmux selects the phy clock, causing a hang when a register write is made.\n\n[How]\nWhen enable_stream is hit, check if link training failed. If it did, fall\nback to the ref clock to avoid a hang and keep the system in a recoverable\nstate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37870",
"url": "https://www.suse.com/security/cve/CVE-2025-37870"
},
{
"category": "external",
"summary": "SUSE Bug 1243056 for CVE-2025-37870",
"url": "https://bugzilla.suse.com/1243056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37870"
},
{
"cve": "CVE-2025-37871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: decrease sc_count directly if fail to queue dl_recall\n\nA deadlock warning occurred when invoking nfs4_put_stid following a failed\ndl_recall queue operation:\n T1 T2\n nfs4_laundromat\n nfs4_get_client_reaplist\n nfs4_anylock_blockers\n__break_lease\n spin_lock // ctx-\u003eflc_lock\n spin_lock // clp-\u003ecl_lock\n nfs4_lockowner_has_blockers\n locks_owner_has_blockers\n spin_lock // flctx-\u003eflc_lock\n nfsd_break_deleg_cb\n nfsd_break_one_deleg\n nfs4_put_stid\n refcount_dec_and_lock\n spin_lock // clp-\u003ecl_lock\n\nWhen a file is opened, an nfs4_delegation is allocated with sc_count\ninitialized to 1, and the file_lease holds a reference to the delegation.\nThe file_lease is then associated with the file through kernel_setlease.\n\nThe disassociation is performed in nfsd4_delegreturn via the following\ncall chain:\nnfsd4_delegreturn --\u003e destroy_delegation --\u003e destroy_unhashed_deleg --\u003e\nnfs4_unlock_deleg_lease --\u003e kernel_setlease --\u003e generic_delete_lease\nThe corresponding sc_count reference will be released after this\ndisassociation.\n\nSince nfsd_break_one_deleg executes while holding the flc_lock, the\ndisassociation process becomes blocked when attempting to acquire flc_lock\nin generic_delete_lease. This means:\n1) sc_count in nfsd_break_one_deleg will not be decremented to 0;\n2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to\nacquire cl_lock;\n3) Consequently, no deadlock condition is created.\n\nGiven that sc_count in nfsd_break_one_deleg remains non-zero, we can\nsafely perform refcount_dec on sc_count directly. This approach\neffectively avoids triggering deadlock warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37871",
"url": "https://www.suse.com/security/cve/CVE-2025-37871"
},
{
"category": "external",
"summary": "SUSE Bug 1242949 for CVE-2025-37871",
"url": "https://bugzilla.suse.com/1242949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37871"
},
{
"cve": "CVE-2025-37873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix missing ring index trim on error path\n\nCommit under Fixes converted tx_prod to be free running but missed\nmasking it on the Tx error path. This crashes on error conditions,\nfor example when DMA mapping fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37873",
"url": "https://www.suse.com/security/cve/CVE-2025-37873"
},
{
"category": "external",
"summary": "SUSE Bug 1242961 for CVE-2025-37873",
"url": "https://bugzilla.suse.com/1242961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37873"
},
{
"cve": "CVE-2025-37874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37874"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ngbe: fix memory leak in ngbe_probe() error path\n\nWhen ngbe_sw_init() is called, memory is allocated for wx-\u003erss_key\nin wx_init_rss_key(). However, in ngbe_probe() function, the subsequent\nerror paths after ngbe_sw_init() don\u0027t free the rss_key. Fix that by\nfreeing it in error path along with wx-\u003emac_table.\n\nAlso change the label to which execution jumps when ngbe_sw_init()\nfails, because otherwise, it could lead to a double free for rss_key,\nwhen the mac_table allocation fails in wx_sw_init().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37874",
"url": "https://www.suse.com/security/cve/CVE-2025-37874"
},
{
"category": "external",
"summary": "SUSE Bug 1242940 for CVE-2025-37874",
"url": "https://bugzilla.suse.com/1242940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37874"
},
{
"cve": "CVE-2025-37875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix PTM cycle trigger logic\n\nWriting to clear the PTM status \u0027valid\u0027 bit while the PTM cycle is\ntriggered results in unreliable PTM operation. To fix this, clear the\nPTM \u0027trigger\u0027 and status after each PTM transaction.\n\nThe issue can be reproduced with the following:\n\n$ sudo phc2sys -R 1000 -O 0 -i tsn0 -m\n\nNote: 1000 Hz (-R 1000) is unrealistically large, but provides a way to\nquickly reproduce the issue.\n\nPHC2SYS exits with:\n\n\"ioctl PTP_OFFSET_PRECISE: Connection timed out\" when the PTM transaction\n fails\n\nThis patch also fixes a hang in igc_probe() when loading the igc\ndriver in the kdump kernel on systems supporting PTM.\n\nThe igc driver running in the base kernel enables PTM trigger in\nigc_probe(). Therefore the driver is always in PTM trigger mode,\nexcept in brief periods when manually triggering a PTM cycle.\n\nWhen a crash occurs, the NIC is reset while PTM trigger is enabled.\nDue to a hardware problem, the NIC is subsequently in a bad busmaster\nstate and doesn\u0027t handle register reads/writes. When running\nigc_probe() in the kdump kernel, the first register access to a NIC\nregister hangs driver probing and ultimately breaks kdump.\n\nWith this patch, igc has PTM trigger disabled most of the time,\nand the trigger is only enabled for very brief (10 - 100 us) periods\nwhen manually triggering a PTM cycle. Chances that a crash occurs\nduring a PTM trigger are not 0, but extremely reduced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37875",
"url": "https://www.suse.com/security/cve/CVE-2025-37875"
},
{
"category": "external",
"summary": "SUSE Bug 1242959 for CVE-2025-37875",
"url": "https://bugzilla.suse.com/1242959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37875"
},
{
"cve": "CVE-2025-37879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37879"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/net: fix improper handling of bogus negative read/write replies\n\nIn p9_client_write() and p9_client_read_once(), if the server\nincorrectly replies with success but a negative write/read count then we\nwould consider written (negative) \u003c= rsize (positive) because both\nvariables were signed.\n\nMake variables unsigned to avoid this problem.\n\nThe reproducer linked below now fails with the following error instead\nof a null pointer deref:\n9pnet: bogus RWRITE count (4294967295 \u003e 3)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37879",
"url": "https://www.suse.com/security/cve/CVE-2025-37879"
},
{
"category": "external",
"summary": "SUSE Bug 1243077 for CVE-2025-37879",
"url": "https://bugzilla.suse.com/1243077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37879"
},
{
"cve": "CVE-2025-37881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()\n\nThe variable d-\u003ename, returned by devm_kasprintf(), could be NULL.\nA pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37881",
"url": "https://www.suse.com/security/cve/CVE-2025-37881"
},
{
"category": "external",
"summary": "SUSE Bug 1242973 for CVE-2025-37881",
"url": "https://bugzilla.suse.com/1242973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37881"
},
{
"cve": "CVE-2025-37886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: make wait_context part of q_info\n\nMake the wait_context a full part of the q_info struct rather\nthan a stack variable that goes away after pdsc_adminq_post()\nis done so that the context is still available after the wait\nloop has given up.\n\nThere was a case where a slow development firmware caused\nthe adminq request to time out, but then later the FW finally\nfinished the request and sent the interrupt. The handler tried\nto complete_all() the completion context that had been created\non the stack in pdsc_adminq_post() but no longer existed.\nThis caused bad pointer usage, kernel crashes, and much wailing\nand gnashing of teeth.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37886",
"url": "https://www.suse.com/security/cve/CVE-2025-37886"
},
{
"category": "external",
"summary": "SUSE Bug 1242944 for CVE-2025-37886",
"url": "https://bugzilla.suse.com/1242944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37886"
},
{
"cve": "CVE-2025-37887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result\n\nIf the FW doesn\u0027t support the PDS_CORE_CMD_FW_CONTROL command\nthe driver might at the least print garbage and at the worst\ncrash when the user runs the \"devlink dev info\" devlink command.\n\nThis happens because the stack variable fw_list is not 0\ninitialized which results in fw_list.num_fw_slots being a\ngarbage value from the stack. Then the driver tries to access\nfw_list.fw_names[i] with i \u003e= ARRAY_SIZE and runs off the end\nof the array.\n\nFix this by initializing the fw_list and by not failing\ncompletely if the devcmd fails because other useful information\nis printed via devlink dev info even if the devcmd fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37887",
"url": "https://www.suse.com/security/cve/CVE-2025-37887"
},
{
"category": "external",
"summary": "SUSE Bug 1242962 for CVE-2025-37887",
"url": "https://bugzilla.suse.com/1242962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37887"
},
{
"cve": "CVE-2025-37889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Consistently treat platform_max as control value\n\nThis reverts commit 9bdd10d57a88 (\"ASoC: ops: Shift tested values in\nsnd_soc_put_volsw() by +min\"), and makes some additional related\nupdates.\n\nThere are two ways the platform_max could be interpreted; the maximum\nregister value, or the maximum value the control can be set to. The\npatch moved from treating the value as a control value to a register\none. When the patch was applied it was technically correct as\nsnd_soc_limit_volume() also used the register interpretation. However,\neven then most of the other usages treated platform_max as a\ncontrol value, and snd_soc_limit_volume() has since been updated to\nalso do so in commit fb9ad24485087 (\"ASoC: ops: add correct range\ncheck for limiting volume\"). That patch however, missed updating\nsnd_soc_put_volsw() back to the control interpretation, and fixing\nsnd_soc_info_volsw_range(). The control interpretation makes more\nsense as limiting is typically done from the machine driver, so it is\nappropriate to use the customer facing representation rather than the\ninternal codec representation. Update all the code to consistently use\nthis interpretation of platform_max.\n\nFinally, also add some comments to the soc_mixer_control struct to\nhopefully avoid further patches switching between the two approaches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37889",
"url": "https://www.suse.com/security/cve/CVE-2025-37889"
},
{
"category": "external",
"summary": "SUSE Bug 1242945 for CVE-2025-37889",
"url": "https://bugzilla.suse.com/1242945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37889"
},
{
"cve": "CVE-2025-37890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], we have a UAF case when an hfsc class\nhas a netem child qdisc. The crux of the issue is that hfsc is assuming\nthat checking for cl-\u003eqdisc-\u003eq.qlen == 0 guarantees that it hasn\u0027t inserted\nthe class in the vttree or eltree (which is not true for the netem\nduplicate case).\n\nThis patch checks the n_active class variable to make sure that the code\nwon\u0027t insert the class in the vttree or eltree twice, catering for the\nreentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37890",
"url": "https://www.suse.com/security/cve/CVE-2025-37890"
},
{
"category": "external",
"summary": "SUSE Bug 1243330 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "external",
"summary": "SUSE Bug 1245791 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1245791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "important"
}
],
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-37891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ump: Fix buffer overflow at UMP SysEx message conversion\n\nThe conversion function from MIDI 1.0 to UMP packet contains an\ninternal buffer to keep the incoming MIDI bytes, and its size is 4, as\nit was supposed to be the max size for a MIDI1 UMP packet data.\nHowever, the implementation overlooked that SysEx is handled in a\ndifferent format, and it can be up to 6 bytes, as found in\ndo_convert_to_ump(). It leads eventually to a buffer overflow, and\nmay corrupt the memory when a longer SysEx message is received.\n\nThe fix is simply to extend the buffer size to 6 to fit with the SysEx\nUMP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37891",
"url": "https://www.suse.com/security/cve/CVE-2025-37891"
},
{
"category": "external",
"summary": "SUSE Bug 1243589 for CVE-2025-37891",
"url": "https://bugzilla.suse.com/1243589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37891"
},
{
"cve": "CVE-2025-37892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: inftlcore: Add error check for inftl_read_oob()\n\nIn INFTL_findwriteunit(), the return value of inftl_read_oob()\nneed to be checked. A proper implementation can be\nfound in INFTL_deleteblock(). The status will be set as\nSECTOR_IGNORE to break from the while-loop correctly\nif the inftl_read_oob() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37892",
"url": "https://www.suse.com/security/cve/CVE-2025-37892"
},
{
"category": "external",
"summary": "SUSE Bug 1243536 for CVE-2025-37892",
"url": "https://bugzilla.suse.com/1243536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37892"
},
{
"cve": "CVE-2025-37897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37897"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: plfxlc: Remove erroneous assert in plfxlc_mac_release\n\nplfxlc_mac_release() asserts that mac-\u003elock is held. This assertion is\nincorrect, because even if it was possible, it would not be the valid\nbehaviour. The function is used when probe fails or after the device is\ndisconnected. In both cases mac-\u003elock can not be held as the driver is\nnot working with the device at the moment. All functions that use mac-\u003elock\nunlock it just after it was held. There is also no need to hold mac-\u003elock\nfor plfxlc_mac_release() itself, as mac data is not affected, except for\nmac-\u003eflags, which is modified atomically.\n\nThis bug leads to the following warning:\n================================================================\nWARNING: CPU: 0 PID: 127 at drivers/net/wireless/purelifi/plfxlc/mac.c:106 plfxlc_mac_release+0x7d/0xa0\nModules linked in:\nCPU: 0 PID: 127 Comm: kworker/0:2 Not tainted 6.1.124-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:plfxlc_mac_release+0x7d/0xa0 drivers/net/wireless/purelifi/plfxlc/mac.c:106\nCall Trace:\n \u003cTASK\u003e\n probe+0x941/0xbd0 drivers/net/wireless/purelifi/plfxlc/usb.c:694\n usb_probe_interface+0x5c0/0xaf0 drivers/usb/core/driver.c:396\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_set_configuration+0x19dd/0x2020 drivers/usb/core/message.c:2165\n usb_generic_driver_probe+0x84/0x140 drivers/usb/core/generic.c:238\n usb_probe_device+0x130/0x260 drivers/usb/core/driver.c:293\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_new_device+0xbdd/0x18f0 drivers/usb/core/hub.c:2620\n hub_port_connect drivers/usb/core/hub.c:5477 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5617 [inline]\n port_event drivers/usb/core/hub.c:5773 [inline]\n hub_event+0x2efe/0x5730 drivers/usb/core/hub.c:5855\n process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292\n worker_thread+0xa47/0x1200 kernel/workqueue.c:2439\n kthread+0x28d/0x320 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n \u003c/TASK\u003e\n================================================================\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37897",
"url": "https://www.suse.com/security/cve/CVE-2025-37897"
},
{
"category": "external",
"summary": "SUSE Bug 1243534 for CVE-2025-37897",
"url": "https://bugzilla.suse.com/1243534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "low"
}
],
"title": "CVE-2025-37897"
},
{
"cve": "CVE-2025-37900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix two issues in iommu_copy_struct_from_user()\n\nIn the review for iommu_copy_struct_to_user() helper, Matt pointed out that\na NULL pointer should be rejected prior to dereferencing it:\nhttps://lore.kernel.org/all/86881827-8E2D-461C-BDA3-FA8FD14C343C@nvidia.com\n\nAnd Alok pointed out a typo at the same time:\nhttps://lore.kernel.org/all/480536af-6830-43ce-a327-adbd13dc3f1d@oracle.com\n\nSince both issues were copied from iommu_copy_struct_from_user(), fix them\nfirst in the current header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37900",
"url": "https://www.suse.com/security/cve/CVE-2025-37900"
},
{
"category": "external",
"summary": "SUSE Bug 1243560 for CVE-2025-37900",
"url": "https://bugzilla.suse.com/1243560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37900"
},
{
"cve": "CVE-2025-37901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs\n\nOn Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not\nhave a corresponding MPM pin and should not be handled inside the MPM\ndriver. The IRQ domain hierarchy is always applied, so it\u0027s required to\nexplicitly disconnect the hierarchy for those. The pinctrl-msm driver marks\nthese with GPIO_NO_WAKE_IRQ. qcom-pdc has a check for this, but\nirq-qcom-mpm is currently missing the check. This is causing crashes when\nsetting up interrupts for non-wake GPIOs:\n\n root@rb1:~# gpiomon -c gpiochip1 10\n irq: IRQ159: trimming hierarchy from :soc@0:interrupt-controller@f200000-1\n Unable to handle kernel paging request at virtual address ffff8000a1dc3820\n Hardware name: Qualcomm Technologies, Inc. Robotics RB1 (DT)\n pc : mpm_set_type+0x80/0xcc\n lr : mpm_set_type+0x5c/0xcc\n Call trace:\n mpm_set_type+0x80/0xcc (P)\n qcom_mpm_set_type+0x64/0x158\n irq_chip_set_type_parent+0x20/0x38\n msm_gpio_irq_set_type+0x50/0x530\n __irq_set_trigger+0x60/0x184\n __setup_irq+0x304/0x6bc\n request_threaded_irq+0xc8/0x19c\n edge_detector_setup+0x260/0x364\n linereq_create+0x420/0x5a8\n gpio_ioctl+0x2d4/0x6c0\n\nFix this by copying the check for GPIO_NO_WAKE_IRQ from qcom-pdc.c, so that\nMPM is removed entirely from the hierarchy for non-wake GPIOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37901",
"url": "https://www.suse.com/security/cve/CVE-2025-37901"
},
{
"category": "external",
"summary": "SUSE Bug 1243559 for CVE-2025-37901",
"url": "https://bugzilla.suse.com/1243559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37901"
},
{
"cve": "CVE-2025-37903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free in hdcp\n\nThe HDCP code in amdgpu_dm_hdcp.c copies pointers to amdgpu_dm_connector\nobjects without incrementing the kref reference counts. When using a\nUSB-C dock, and the dock is unplugged, the corresponding\namdgpu_dm_connector objects are freed, creating dangling pointers in the\nHDCP code. When the dock is plugged back, the dangling pointers are\ndereferenced, resulting in a slab-use-after-free:\n\n[ 66.775837] BUG: KASAN: slab-use-after-free in event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776171] Read of size 4 at addr ffff888127804120 by task kworker/0:1/10\n\n[ 66.776179] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.14.0-rc7-00180-g54505f727a38-dirty #233\n[ 66.776183] Hardware name: HP HP Pavilion Aero Laptop 13-be0xxx/8916, BIOS F.17 12/18/2024\n[ 66.776186] Workqueue: events event_property_validate [amdgpu]\n[ 66.776494] Call Trace:\n[ 66.776496] \u003cTASK\u003e\n[ 66.776497] dump_stack_lvl+0x70/0xa0\n[ 66.776504] print_report+0x175/0x555\n[ 66.776507] ? __virt_addr_valid+0x243/0x450\n[ 66.776510] ? kasan_complete_mode_report_info+0x66/0x1c0\n[ 66.776515] kasan_report+0xeb/0x1c0\n[ 66.776518] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776819] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777121] __asan_report_load4_noabort+0x14/0x20\n[ 66.777124] event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777342] ? __lock_acquire+0x6b40/0x6b40\n[ 66.777347] ? enable_assr+0x250/0x250 [amdgpu]\n[ 66.777571] process_one_work+0x86b/0x1510\n[ 66.777575] ? pwq_dec_nr_in_flight+0xcf0/0xcf0\n[ 66.777578] ? assign_work+0x16b/0x280\n[ 66.777580] ? lock_is_held_type+0xa3/0x130\n[ 66.777583] worker_thread+0x5c0/0xfa0\n[ 66.777587] ? process_one_work+0x1510/0x1510\n[ 66.777588] kthread+0x3a2/0x840\n[ 66.777591] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777594] ? trace_hardirqs_on+0x4f/0x60\n[ 66.777597] ? _raw_spin_unlock_irq+0x27/0x60\n[ 66.777599] ? calculate_sigpending+0x77/0xa0\n[ 66.777602] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777605] ret_from_fork+0x40/0x90\n[ 66.777607] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777609] ret_from_fork_asm+0x11/0x20\n[ 66.777614] \u003c/TASK\u003e\n\n[ 66.777643] Allocated by task 10:\n[ 66.777646] kasan_save_stack+0x39/0x60\n[ 66.777649] kasan_save_track+0x14/0x40\n[ 66.777652] kasan_save_alloc_info+0x37/0x50\n[ 66.777655] __kasan_kmalloc+0xbb/0xc0\n[ 66.777658] __kmalloc_cache_noprof+0x1c8/0x4b0\n[ 66.777661] dm_dp_add_mst_connector+0xdd/0x5c0 [amdgpu]\n[ 66.777880] drm_dp_mst_port_add_connector+0x47e/0x770 [drm_display_helper]\n[ 66.777892] drm_dp_send_link_address+0x1554/0x2bf0 [drm_display_helper]\n[ 66.777901] drm_dp_check_and_send_link_address+0x187/0x1f0 [drm_display_helper]\n[ 66.777909] drm_dp_mst_link_probe_work+0x2b8/0x410 [drm_display_helper]\n[ 66.777917] process_one_work+0x86b/0x1510\n[ 66.777919] worker_thread+0x5c0/0xfa0\n[ 66.777922] kthread+0x3a2/0x840\n[ 66.777925] ret_from_fork+0x40/0x90\n[ 66.777927] ret_from_fork_asm+0x11/0x20\n\n[ 66.777932] Freed by task 1713:\n[ 66.777935] kasan_save_stack+0x39/0x60\n[ 66.777938] kasan_save_track+0x14/0x40\n[ 66.777940] kasan_save_free_info+0x3b/0x60\n[ 66.777944] __kasan_slab_free+0x52/0x70\n[ 66.777946] kfree+0x13f/0x4b0\n[ 66.777949] dm_dp_mst_connector_destroy+0xfa/0x150 [amdgpu]\n[ 66.778179] drm_connector_free+0x7d/0xb0\n[ 66.778184] drm_mode_object_put.part.0+0xee/0x160\n[ 66.778188] drm_mode_object_put+0x37/0x50\n[ 66.778191] drm_atomic_state_default_clear+0x220/0xd60\n[ 66.778194] __drm_atomic_state_free+0x16e/0x2a0\n[ 66.778197] drm_mode_atomic_ioctl+0x15ed/0x2ba0\n[ 66.778200] drm_ioctl_kernel+0x17a/0x310\n[ 66.778203] drm_ioctl+0x584/0xd10\n[ 66.778206] amdgpu_drm_ioctl+0xd2/0x1c0 [amdgpu]\n[ 66.778375] __x64_sys_ioctl+0x139/0x1a0\n[ 66.778378] x64_sys_call+0xee7/0xfb0\n[ 66.778381] \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37903",
"url": "https://www.suse.com/security/cve/CVE-2025-37903"
},
{
"category": "external",
"summary": "SUSE Bug 1243562 for CVE-2025-37903",
"url": "https://bugzilla.suse.com/1243562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37903"
},
{
"cve": "CVE-2025-37905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Balance device refcount when destroying devices\n\nUsing device_find_child() to lookup the proper SCMI device to destroy\ncauses an unbalance in device refcount, since device_find_child() calls an\nimplicit get_device(): this, in turns, inhibits the call of the provided\nrelease methods upon devices destruction.\n\nAs a consequence, one of the structures that is not freed properly upon\ndestruction is the internal struct device_private dev-\u003ep populated by the\ndrivers subsystem core.\n\nKMemleak detects this situation since loading/unloding some SCMI driver\ncauses related devices to be created/destroyed without calling any\ndevice_release method.\n\nunreferenced object 0xffff00000f583800 (size 512):\n comm \"insmod\", pid 227, jiffies 4294912190\n hex dump (first 32 bytes):\n 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........\n ff ff ff ff ff ff ff ff 60 36 1d 8a 00 80 ff ff ........`6......\n backtrace (crc 114e2eed):\n kmemleak_alloc+0xbc/0xd8\n __kmalloc_cache_noprof+0x2dc/0x398\n device_add+0x954/0x12d0\n device_register+0x28/0x40\n __scmi_device_create.part.0+0x1bc/0x380\n scmi_device_create+0x2d0/0x390\n scmi_create_protocol_devices+0x74/0xf8\n scmi_device_request_notifier+0x1f8/0x2a8\n notifier_call_chain+0x110/0x3b0\n blocking_notifier_call_chain+0x70/0xb0\n scmi_driver_register+0x350/0x7f0\n 0xffff80000a3b3038\n do_one_initcall+0x12c/0x730\n do_init_module+0x1dc/0x640\n load_module+0x4b20/0x5b70\n init_module_from_file+0xec/0x158\n\n$ ./scripts/faddr2line ./vmlinux device_add+0x954/0x12d0\ndevice_add+0x954/0x12d0:\nkmalloc_noprof at include/linux/slab.h:901\n(inlined by) kzalloc_noprof at include/linux/slab.h:1037\n(inlined by) device_private_init at drivers/base/core.c:3510\n(inlined by) device_add at drivers/base/core.c:3561\n\nBalance device refcount by issuing a put_device() on devices found via\ndevice_find_child().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37905",
"url": "https://www.suse.com/security/cve/CVE-2025-37905"
},
{
"category": "external",
"summary": "SUSE Bug 1243456 for CVE-2025-37905",
"url": "https://bugzilla.suse.com/1243456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37905"
},
{
"cve": "CVE-2025-37911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix out-of-bound memcpy() during ethtool -w\n\nWhen retrieving the FW coredump using ethtool, it can sometimes cause\nmemory corruption:\n\nBUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nCorrupted memory at 0x000000008f0f30e8 [ ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ] (in kfence-#45):\n__bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nethtool_get_dump_data+0xdc/0x1a0\n__dev_ethtool+0xa1e/0x1af0\ndev_ethtool+0xa8/0x170\ndev_ioctl+0x1b5/0x580\nsock_do_ioctl+0xab/0xf0\nsock_ioctl+0x1ce/0x2e0\n__x64_sys_ioctl+0x87/0xc0\ndo_syscall_64+0x5c/0xf0\nentry_SYSCALL_64_after_hwframe+0x78/0x80\n\n...\n\nThis happens when copying the coredump segment list in\nbnxt_hwrm_dbg_dma_data() with the HWRM_DBG_COREDUMP_LIST FW command.\nThe info-\u003edest_buf buffer is allocated based on the number of coredump\nsegments returned by the FW. The segment list is then DMA\u0027ed by\nthe FW and the length of the DMA is returned by FW. The driver then\ncopies this DMA\u0027ed segment list to info-\u003edest_buf.\n\nIn some cases, this DMA length may exceed the info-\u003edest_buf length\nand cause the above BUG condition. Fix it by capping the copy\nlength to not exceed the length of info-\u003edest_buf. The extra\nDMA data contains no useful information.\n\nThis code path is shared for the HWRM_DBG_COREDUMP_LIST and the\nHWRM_DBG_COREDUMP_RETRIEVE FW commands. The buffering is different\nfor these 2 FW commands. To simplify the logic, we need to move\nthe line to adjust the buffer length for HWRM_DBG_COREDUMP_RETRIEVE\nup, so that the new check to cap the copy length will work for both\ncommands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37911",
"url": "https://www.suse.com/security/cve/CVE-2025-37911"
},
{
"category": "external",
"summary": "SUSE Bug 1243469 for CVE-2025-37911",
"url": "https://bugzilla.suse.com/1243469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37911"
},
{
"cve": "CVE-2025-37912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()\n\nAs mentioned in the commit baeb705fd6a7 (\"ice: always check VF VSI\npointer values\"), we need to perform a null pointer check on the return\nvalue of ice_get_vf_vsi() before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37912",
"url": "https://www.suse.com/security/cve/CVE-2025-37912"
},
{
"category": "external",
"summary": "SUSE Bug 1243470 for CVE-2025-37912",
"url": "https://bugzilla.suse.com/1243470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37912"
},
{
"cve": "CVE-2025-37913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: qfq: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of qfq, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nThis patch checks whether the class was already added to the agg-\u003eactive\nlist (cl_is_active) before doing the addition to cater for the reentrant\ncase.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37913",
"url": "https://www.suse.com/security/cve/CVE-2025-37913"
},
{
"category": "external",
"summary": "SUSE Bug 1243471 for CVE-2025-37913",
"url": "https://bugzilla.suse.com/1243471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37913"
},
{
"cve": "CVE-2025-37914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: ets: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of ets, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether\nthe class was already added to the active_list (cl_is_active) before\ndoing the addition to cater for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37914",
"url": "https://www.suse.com/security/cve/CVE-2025-37914"
},
{
"category": "external",
"summary": "SUSE Bug 1243472 for CVE-2025-37914",
"url": "https://bugzilla.suse.com/1243472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37914"
},
{
"cve": "CVE-2025-37915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: drr: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of drr, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether the\nclass was already added to the active_list (cl_is_active) before adding\nto the list to cover for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37915",
"url": "https://www.suse.com/security/cve/CVE-2025-37915"
},
{
"category": "external",
"summary": "SUSE Bug 1243473 for CVE-2025-37915",
"url": "https://bugzilla.suse.com/1243473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37915"
},
{
"cve": "CVE-2025-37917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll\n\nUse spin_lock_irqsave and spin_unlock_irqrestore instead of spin_lock\nand spin_unlock in mtk_star_emac driver to avoid spinlock recursion\noccurrence that can happen when enabling the DMA interrupts again in\nrx/tx poll.\n\n```\nBUG: spinlock recursion on CPU#0, swapper/0/0\n lock: 0xffff00000db9cf20, .magic: dead4ead, .owner: swapper/0/0,\n .owner_cpu: 0\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted\n 6.15.0-rc2-next-20250417-00001-gf6a27738686c-dirty #28 PREEMPT\nHardware name: MediaTek MT8365 Open Platform EVK (DT)\nCall trace:\n show_stack+0x18/0x24 (C)\n dump_stack_lvl+0x60/0x80\n dump_stack+0x18/0x24\n spin_dump+0x78/0x88\n do_raw_spin_lock+0x11c/0x120\n _raw_spin_lock+0x20/0x2c\n mtk_star_handle_irq+0xc0/0x22c [mtk_star_emac]\n __handle_irq_event_percpu+0x48/0x140\n handle_irq_event+0x4c/0xb0\n handle_fasteoi_irq+0xa0/0x1bc\n handle_irq_desc+0x34/0x58\n generic_handle_domain_irq+0x1c/0x28\n gic_handle_irq+0x4c/0x120\n do_interrupt_handler+0x50/0x84\n el1_interrupt+0x34/0x68\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x6c/0x70\n regmap_mmio_read32le+0xc/0x20 (P)\n _regmap_bus_reg_read+0x6c/0xac\n _regmap_read+0x60/0xdc\n regmap_read+0x4c/0x80\n mtk_star_rx_poll+0x2f4/0x39c [mtk_star_emac]\n __napi_poll+0x38/0x188\n net_rx_action+0x164/0x2c0\n handle_softirqs+0x100/0x244\n __do_softirq+0x14/0x20\n ____do_softirq+0x10/0x20\n call_on_irq_stack+0x24/0x64\n do_softirq_own_stack+0x1c/0x40\n __irq_exit_rcu+0xd4/0x10c\n irq_exit_rcu+0x10/0x1c\n el1_interrupt+0x38/0x68\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x6c/0x70\n cpuidle_enter_state+0xac/0x320 (P)\n cpuidle_enter+0x38/0x50\n do_idle+0x1e4/0x260\n cpu_startup_entry+0x34/0x3c\n rest_init+0xdc/0xe0\n console_on_rootfs+0x0/0x6c\n __primary_switched+0x88/0x90\n```",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37917",
"url": "https://www.suse.com/security/cve/CVE-2025-37917"
},
{
"category": "external",
"summary": "SUSE Bug 1243475 for CVE-2025-37917",
"url": "https://bugzilla.suse.com/1243475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37917"
},
{
"cve": "CVE-2025-37918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: avoid NULL pointer dereference in skb_dequeue()\n\nA NULL pointer dereference can occur in skb_dequeue() when processing a\nQCA firmware crash dump on WCN7851 (0489:e0f3).\n\n[ 93.672166] Bluetooth: hci0: ACL memdump size(589824)\n\n[ 93.672475] BUG: kernel NULL pointer dereference, address: 0000000000000008\n[ 93.672517] Workqueue: hci0 hci_devcd_rx [bluetooth]\n[ 93.672598] RIP: 0010:skb_dequeue+0x50/0x80\n\nThe issue stems from handle_dump_pkt_qca() returning 0 even when a dump\npacket is successfully processed. This is because it incorrectly\nforwards the return value of hci_devcd_init() (which returns 0 on\nsuccess). As a result, the caller (btusb_recv_acl_qca() or\nbtusb_recv_evt_qca()) assumes the packet was not handled and passes it\nto hci_recv_frame(), leading to premature kfree() of the skb.\n\nLater, hci_devcd_rx() attempts to dequeue the same skb from the dump\nqueue, resulting in a NULL pointer dereference.\n\nFix this by:\n1. Making handle_dump_pkt_qca() return 0 on success and negative errno\n on failure, consistent with kernel conventions.\n2. Splitting dump packet detection into separate functions for ACL\n and event packets for better structure and readability.\n\nThis ensures dump packets are properly identified and consumed, avoiding\ndouble handling and preventing NULL pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37918",
"url": "https://www.suse.com/security/cve/CVE-2025-37918"
},
{
"category": "external",
"summary": "SUSE Bug 1243476 for CVE-2025-37918",
"url": "https://bugzilla.suse.com/1243476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37918"
},
{
"cve": "CVE-2025-37925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: reject on-disk inodes of an unsupported type\n\nSyzbot has reported the following BUG:\n\nkernel BUG at fs/inode.c:668!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted 6.12.0-rc4-syzkaller-00085-g4e46774408d9 #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\nRIP: 0010:clear_inode+0x168/0x190\nCode: 4c 89 f7 e8 ba fe e5 ff e9 61 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 7c c1 4c 89 f7 e8 90 ff e5 ff eb b7\n 0b e8 01 5d 7f ff 90 0f 0b e8 f9 5c 7f ff 90 0f 0b e8 f1 5c 7f\nRSP: 0018:ffffc900027dfae8 EFLAGS: 00010093\nRAX: ffffffff82157a87 RBX: 0000000000000001 RCX: ffff888104d4b980\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\nRBP: ffffc900027dfc90 R08: ffffffff82157977 R09: fffff520004fbf38\nR10: dffffc0000000000 R11: fffff520004fbf38 R12: dffffc0000000000\nR13: ffff88811315bc00 R14: ffff88811315bda8 R15: ffff88811315bb80\nFS: 0000000000000000(0000) GS:ffff888135f00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005565222e0578 CR3: 0000000026ef0000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n ? __die_body+0x5f/0xb0\n ? die+0x9e/0xc0\n ? do_trap+0x15a/0x3a0\n ? clear_inode+0x168/0x190\n ? do_error_trap+0x1dc/0x2c0\n ? clear_inode+0x168/0x190\n ? __pfx_do_error_trap+0x10/0x10\n ? report_bug+0x3cd/0x500\n ? handle_invalid_op+0x34/0x40\n ? clear_inode+0x168/0x190\n ? exc_invalid_op+0x38/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? clear_inode+0x57/0x190\n ? clear_inode+0x167/0x190\n ? clear_inode+0x168/0x190\n ? clear_inode+0x167/0x190\n jfs_evict_inode+0xb5/0x440\n ? __pfx_jfs_evict_inode+0x10/0x10\n evict+0x4ea/0x9b0\n ? __pfx_evict+0x10/0x10\n ? iput+0x713/0xa50\n txUpdateMap+0x931/0xb10\n ? __pfx_txUpdateMap+0x10/0x10\n jfs_lazycommit+0x49a/0xb80\n ? _raw_spin_unlock_irqrestore+0x8f/0x140\n ? lockdep_hardirqs_on+0x99/0x150\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_default_wake_function+0x10/0x10\n ? __kthread_parkme+0x169/0x1d0\n ? __pfx_jfs_lazycommit+0x10/0x10\n kthread+0x2f2/0x390\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4d/0x80\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nThis happens when \u0027clear_inode()\u0027 makes an attempt to finalize an underlying\nJFS inode of unknown type. According to JFS layout description from\nhttps://jfs.sourceforge.net/project/pub/jfslayout.pdf, inode types from 5 to\n15 are reserved for future extensions and should not be encountered on a valid\nfilesystem. So add an extra check for valid inode type in \u0027copy_from_dinode()\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37925",
"url": "https://www.suse.com/security/cve/CVE-2025-37925"
},
{
"category": "external",
"summary": "SUSE Bug 1241654 for CVE-2025-37925",
"url": "https://bugzilla.suse.com/1241654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37925"
},
{
"cve": "CVE-2025-37928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-bufio: don\u0027t schedule in atomic context\n\nA BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and\ntry_verify_in_tasklet are enabled.\n[ 129.444685][ T934] BUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2421\n[ 129.444723][ T934] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 934, name: kworker/1:4\n[ 129.444740][ T934] preempt_count: 201, expected: 0\n[ 129.444756][ T934] RCU nest depth: 0, expected: 0\n[ 129.444781][ T934] Preemption disabled at:\n[ 129.444789][ T934] [\u003cffffffd816231900\u003e] shrink_work+0x21c/0x248\n[ 129.445167][ T934] kernel BUG at kernel/sched/walt/walt_debug.c:16!\n[ 129.445183][ T934] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ 129.445204][ T934] Skip md ftrace buffer dump for: 0x1609e0\n[ 129.447348][ T934] CPU: 1 PID: 934 Comm: kworker/1:4 Tainted: G W OE 6.6.56-android15-8-o-g6f82312b30b9-debug #1 1400000003000000474e5500b3187743670464e8\n[ 129.447362][ T934] Hardware name: Qualcomm Technologies, Inc. Parrot QRD, Alpha-M (DT)\n[ 129.447373][ T934] Workqueue: dm_bufio_cache shrink_work\n[ 129.447394][ T934] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 129.447406][ T934] pc : android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug]\n[ 129.447435][ T934] lr : __traceiter_android_rvh_schedule_bug+0x44/0x6c\n[ 129.447451][ T934] sp : ffffffc0843dbc90\n[ 129.447459][ T934] x29: ffffffc0843dbc90 x28: ffffffffffffffff x27: 0000000000000c8b\n[ 129.447479][ T934] x26: 0000000000000040 x25: ffffff804b3d6260 x24: ffffffd816232b68\n[ 129.447497][ T934] x23: ffffff805171c5b4 x22: 0000000000000000 x21: ffffffd816231900\n[ 129.447517][ T934] x20: ffffff80306ba898 x19: 0000000000000000 x18: ffffffc084159030\n[ 129.447535][ T934] x17: 00000000d2b5dd1f x16: 00000000d2b5dd1f x15: ffffffd816720358\n[ 129.447554][ T934] x14: 0000000000000004 x13: ffffff89ef978000 x12: 0000000000000003\n[ 129.447572][ T934] x11: ffffffd817a823c4 x10: 0000000000000202 x9 : 7e779c5735de9400\n[ 129.447591][ T934] x8 : ffffffd81560d004 x7 : 205b5d3938373434 x6 : ffffffd8167397c8\n[ 129.447610][ T934] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffffffc0843db9e0\n[ 129.447629][ T934] x2 : 0000000000002f15 x1 : 0000000000000000 x0 : 0000000000000000\n[ 129.447647][ T934] Call trace:\n[ 129.447655][ T934] android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug 1400000003000000474e550080cce8a8a78606b6]\n[ 129.447681][ T934] __might_resched+0x190/0x1a8\n[ 129.447694][ T934] shrink_work+0x180/0x248\n[ 129.447706][ T934] process_one_work+0x260/0x624\n[ 129.447718][ T934] worker_thread+0x28c/0x454\n[ 129.447729][ T934] kthread+0x118/0x158\n[ 129.447742][ T934] ret_from_fork+0x10/0x20\n[ 129.447761][ T934] Code: ???????? ???????? ???????? d2b5dd1f (d4210000)\n[ 129.447772][ T934] ---[ end trace 0000000000000000 ]---\n\ndm_bufio_lock will call spin_lock_bh when try_verify_in_tasklet\nis enabled, and __scan will be called in atomic context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37928",
"url": "https://www.suse.com/security/cve/CVE-2025-37928"
},
{
"category": "external",
"summary": "SUSE Bug 1243621 for CVE-2025-37928",
"url": "https://bugzilla.suse.com/1243621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37928"
},
{
"cve": "CVE-2025-37929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays\n\nCommit a5951389e58d (\"arm64: errata: Add newer ARM cores to the\nspectre_bhb_loop_affected() lists\") added some additional CPUs to the\nSpectre-BHB workaround, including some new arrays for designs that\nrequire new \u0027k\u0027 values for the workaround to be effective.\n\nUnfortunately, the new arrays omitted the sentinel entry and so\nis_midr_in_range_list() will walk off the end when it doesn\u0027t find a\nmatch. With UBSAN enabled, this leads to a crash during boot when\nis_midr_in_range_list() is inlined (which was more common prior to\nc8c2647e69be (\"arm64: Make _midr_in_range_list() an exported\nfunction\")):\n\n | Internal error: aarch64 BRK: 00000000f2000001 [#1] PREEMPT SMP\n | pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n | pc : spectre_bhb_loop_affected+0x28/0x30\n | lr : is_spectre_bhb_affected+0x170/0x190\n | [...]\n | Call trace:\n | spectre_bhb_loop_affected+0x28/0x30\n | update_cpu_capabilities+0xc0/0x184\n | init_cpu_features+0x188/0x1a4\n | cpuinfo_store_boot_cpu+0x4c/0x60\n | smp_prepare_boot_cpu+0x38/0x54\n | start_kernel+0x8c/0x478\n | __primary_switched+0xc8/0xd4\n | Code: 6b09011f 54000061 52801080 d65f03c0 (d4200020)\n | ---[ end trace 0000000000000000 ]---\n | Kernel panic - not syncing: aarch64 BRK: Fatal exception\n\nAdd the missing sentinel entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37929",
"url": "https://www.suse.com/security/cve/CVE-2025-37929"
},
{
"category": "external",
"summary": "SUSE Bug 1243624 for CVE-2025-37929",
"url": "https://bugzilla.suse.com/1243624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37929"
},
{
"cve": "CVE-2025-37930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()\n\nNouveau is mostly designed in a way that it\u0027s expected that fences only\never get signaled through nouveau_fence_signal(). However, in at least\none other place, nouveau_fence_done(), can signal fences, too. If that\nhappens (race) a signaled fence remains in the pending list for a while,\nuntil it gets removed by nouveau_fence_update().\n\nShould nouveau_fence_context_kill() run in the meantime, this would be\na bug because the function would attempt to set an error code on an\nalready signaled fence.\n\nHave nouveau_fence_context_kill() check for a fence being signaled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37930",
"url": "https://www.suse.com/security/cve/CVE-2025-37930"
},
{
"category": "external",
"summary": "SUSE Bug 1243625 for CVE-2025-37930",
"url": "https://bugzilla.suse.com/1243625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37930"
},
{
"cve": "CVE-2025-37931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: adjust subpage bit start based on sectorsize\n\nWhen running machines with 64k page size and a 16k nodesize we started\nseeing tree log corruption in production. This turned out to be because\nwe were not writing out dirty blocks sometimes, so this in fact affects\nall metadata writes.\n\nWhen writing out a subpage EB we scan the subpage bitmap for a dirty\nrange. If the range isn\u0027t dirty we do\n\n\tbit_start++;\n\nto move onto the next bit. The problem is the bitmap is based on the\nnumber of sectors that an EB has. So in this case, we have a 64k\npagesize, 16k nodesize, but a 4k sectorsize. This means our bitmap is 4\nbits for every node. With a 64k page size we end up with 4 nodes per\npage.\n\nTo make this easier this is how everything looks\n\n[0 16k 32k 48k ] logical address\n[0 4 8 12 ] radix tree offset\n[ 64k page ] folio\n[ 16k eb ][ 16k eb ][ 16k eb ][ 16k eb ] extent buffers\n[ | | | | | | | | | | | | | | | | ] bitmap\n\nNow we use all of our addressing based on fs_info-\u003esectorsize_bits, so\nas you can see the above our 16k eb-\u003estart turns into radix entry 4.\n\nWhen we find a dirty range for our eb, we correctly do bit_start +=\nsectors_per_node, because if we start at bit 0, the next bit for the\nnext eb is 4, to correspond to eb-\u003estart 16k.\n\nHowever if our range is clean, we will do bit_start++, which will now\nput us offset from our radix tree entries.\n\nIn our case, assume that the first time we check the bitmap the block is\nnot dirty, we increment bit_start so now it == 1, and then we loop\naround and check again. This time it is dirty, and we go to find that\nstart using the following equation\n\n\tstart = folio_start + bit_start * fs_info-\u003esectorsize;\n\nso in the case above, eb-\u003estart 0 is now dirty, and we calculate start\nas\n\n\t0 + 1 * fs_info-\u003esectorsize = 4096\n\t4096 \u003e\u003e 12 = 1\n\nNow we\u0027re looking up the radix tree for 1, and we won\u0027t find an eb.\nWhat\u0027s worse is now we\u0027re using bit_start == 1, so we do bit_start +=\nsectors_per_node, which is now 5. If that eb is dirty we will run into\nthe same thing, we will look at an offset that is not populated in the\nradix tree, and now we\u0027re skipping the writeout of dirty extent buffers.\n\nThe best fix for this is to not use sectorsize_bits to address nodes,\nbut that\u0027s a larger change. Since this is a fs corruption problem fix\nit simply by always using sectors_per_node to increment the start bit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37931",
"url": "https://www.suse.com/security/cve/CVE-2025-37931"
},
{
"category": "external",
"summary": "SUSE Bug 1243626 for CVE-2025-37931",
"url": "https://bugzilla.suse.com/1243626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37931"
},
{
"cve": "CVE-2025-37932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_qlen_notify() idempotent\n\nhtb_qlen_notify() always deactivates the HTB class and in fact could\ntrigger a warning if it is already deactivated. Therefore, it is not\nidempotent and not friendly to its callers, like fq_codel_dequeue().\n\nLet\u0027s make it idempotent to ease qdisc_tree_reduce_backlog() callers\u0027\nlife.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37932",
"url": "https://www.suse.com/security/cve/CVE-2025-37932"
},
{
"category": "external",
"summary": "SUSE Bug 1243627 for CVE-2025-37932",
"url": "https://bugzilla.suse.com/1243627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37932"
},
{
"cve": "CVE-2025-37933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37933"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteon_ep: Fix host hang issue during device reboot\n\nWhen the host loses heartbeat messages from the device,\nthe driver calls the device-specific ndo_stop function,\nwhich frees the resources. If the driver is unloaded in\nthis scenario, it calls ndo_stop again, attempting to free\nresources that have already been freed, leading to a host\nhang issue. To resolve this, dev_close should be called\ninstead of the device-specific stop function.dev_close\ninternally calls ndo_stop to stop the network interface\nand performs additional cleanup tasks. During the driver\nunload process, if the device is already down, ndo_stop\nis not called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37933",
"url": "https://www.suse.com/security/cve/CVE-2025-37933"
},
{
"category": "external",
"summary": "SUSE Bug 1243628 for CVE-2025-37933",
"url": "https://bugzilla.suse.com/1243628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37933"
},
{
"cve": "CVE-2025-37936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU\u0027s value.\n\nWhen generating the MSR_IA32_PEBS_ENABLE value that will be loaded on\nVM-Entry to a KVM guest, mask the value with the vCPU\u0027s desired PEBS_ENABLE\nvalue. Consulting only the host kernel\u0027s host vs. guest masks results in\nrunning the guest with PEBS enabled even when the guest doesn\u0027t want to use\nPEBS. Because KVM uses perf events to proxy the guest virtual PMU, simply\nlooking at exclude_host can\u0027t differentiate between events created by host\nuserspace, and events created by KVM on behalf of the guest.\n\nRunning the guest with PEBS unexpectedly enabled typically manifests as\ncrashes due to a near-infinite stream of #PFs. E.g. if the guest hasn\u0027t\nwritten MSR_IA32_DS_AREA, the CPU will hit page faults on address \u00270\u0027 when\ntrying to record PEBS events.\n\nThe issue is most easily reproduced by running `perf kvm top` from before\ncommit 7b100989b4f6 (\"perf evlist: Remove __evlist__add_default\") (after\nwhich, `perf kvm top` effectively stopped using PEBS).\tThe userspace side\nof perf creates a guest-only PEBS event, which intel_guest_get_msrs()\nmisconstrues a guest-*owned* PEBS event.\n\nArguably, this is a userspace bug, as enabling PEBS on guest-only events\nsimply cannot work, and userspace can kill VMs in many other ways (there\nis no danger to the host). However, even if this is considered to be bad\nuserspace behavior, there\u0027s zero downside to perf/KVM restricting PEBS to\nguest-owned events.\n\nNote, commit 854250329c02 (\"KVM: x86/pmu: Disable guest PEBS temporarily\nin two rare situations\") fixed the case where host userspace is profiling\nKVM *and* userspace, but missed the case where userspace is profiling only\nKVM.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37936",
"url": "https://www.suse.com/security/cve/CVE-2025-37936"
},
{
"category": "external",
"summary": "SUSE Bug 1243537 for CVE-2025-37936",
"url": "https://bugzilla.suse.com/1243537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37936"
},
{
"cve": "CVE-2025-37937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds()\n\nIf dib8000_set_dds()\u0027s call to dib8000_read32() returns zero, the result\nis a divide-by-zero. Prevent that from happening.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/media/dvb-frontends/dib8000.o: warning: objtool: dib8000_tune() falls through to next function dib8096p_cfg_DibRx()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37937",
"url": "https://www.suse.com/security/cve/CVE-2025-37937"
},
{
"category": "external",
"summary": "SUSE Bug 1243540 for CVE-2025-37937",
"url": "https://bugzilla.suse.com/1243540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37937"
},
{
"cve": "CVE-2025-37943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi\n\nIn certain cases, hardware might provide packets with a\nlength greater than the maximum native Wi-Fi header length.\nThis can lead to accessing and modifying fields in the header\nwithin the ath12k_dp_rx_h_undecap_nwifi function for\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type and\npotentially resulting in invalid data access and memory corruption.\n\nAdd a sanity check before processing the SKB to prevent invalid\ndata access in the undecap native Wi-Fi function for the\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37943",
"url": "https://www.suse.com/security/cve/CVE-2025-37943"
},
{
"category": "external",
"summary": "SUSE Bug 1243509 for CVE-2025-37943",
"url": "https://bugzilla.suse.com/1243509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37943"
},
{
"cve": "CVE-2025-37944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process\n\nCurrently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry\nto fetch the next entry from the destination ring. This is incorrect because\nath12k_hal_srng_src_get_next_entry is intended for source rings, not destination\nrings. This leads to invalid entry fetches, causing potential data corruption or\ncrashes due to accessing incorrect memory locations. This happens because the\nsource ring and destination ring have different handling mechanisms and using\nthe wrong function results in incorrect pointer arithmetic and ring management.\n\nTo fix this issue, replace the call to ath12k_hal_srng_src_get_next_entry with\nath12k_hal_srng_dst_get_next_entry in ath12k_dp_mon_srng_process. This ensures\nthat the correct function is used for fetching entries from the destination\nring, preventing invalid memory accesses.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37944",
"url": "https://www.suse.com/security/cve/CVE-2025-37944"
},
{
"category": "external",
"summary": "SUSE Bug 1243530 for CVE-2025-37944",
"url": "https://bugzilla.suse.com/1243530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37944"
},
{
"cve": "CVE-2025-37948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Add BHB mitigation to the epilogue for cBPF programs\n\nA malicious BPF program may manipulate the branch history to influence\nwhat the hardware speculates will happen next.\n\nOn exit from a BPF program, emit the BHB mititgation sequence.\n\nThis is only applied for \u0027classic\u0027 cBPF programs that are loaded by\nseccomp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37948",
"url": "https://www.suse.com/security/cve/CVE-2025-37948"
},
{
"category": "external",
"summary": "SUSE Bug 1243649 for CVE-2025-37948",
"url": "https://bugzilla.suse.com/1243649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37948"
},
{
"cve": "CVE-2025-37949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxenbus: Use kref to track req lifetime\n\nMarek reported seeing a NULL pointer fault in the xenbus_thread\ncallstack:\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: e030:__wake_up_common+0x4c/0x180\nCall Trace:\n \u003cTASK\u003e\n __wake_up_common_lock+0x82/0xd0\n process_msg+0x18e/0x2f0\n xenbus_thread+0x165/0x1c0\n\nprocess_msg+0x18e is req-\u003ecb(req). req-\u003ecb is set to xs_wake_up(), a\nthin wrapper around wake_up(), or xenbus_dev_queue_reply(). It seems\nlike it was xs_wake_up() in this case.\n\nIt seems like req may have woken up the xs_wait_for_reply(), which\nkfree()ed the req. When xenbus_thread resumes, it faults on the zero-ed\ndata.\n\nLinux Device Drivers 2nd edition states:\n\"Normally, a wake_up call can cause an immediate reschedule to happen,\nmeaning that other processes might run before wake_up returns.\"\n... which would match the behaviour observed.\n\nChange to keeping two krefs on each request. One for the caller, and\none for xenbus_thread. Each will kref_put() when finished, and the last\nwill free it.\n\nThis use of kref matches the description in\nDocumentation/core-api/kref.rst",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37949",
"url": "https://www.suse.com/security/cve/CVE-2025-37949"
},
{
"category": "external",
"summary": "SUSE Bug 1243541 for CVE-2025-37949",
"url": "https://bugzilla.suse.com/1243541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37949"
},
{
"cve": "CVE-2025-37951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Add job to pending list if the reset was skipped\n\nWhen a CL/CSD job times out, we check if the GPU has made any progress\nsince the last timeout. If so, instead of resetting the hardware, we skip\nthe reset and let the timer get rearmed. This gives long-running jobs a\nchance to complete.\n\nHowever, when `timedout_job()` is called, the job in question is removed\nfrom the pending list, which means it won\u0027t be automatically freed through\n`free_job()`. Consequently, when we skip the reset and keep the job\nrunning, the job won\u0027t be freed when it finally completes.\n\nThis situation leads to a memory leak, as exposed in [1] and [2].\n\nSimilarly to commit 704d3d60fec4 (\"drm/etnaviv: don\u0027t block scheduler when\nGPU is still active\"), this patch ensures the job is put back on the\npending list when extending the timeout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37951",
"url": "https://www.suse.com/security/cve/CVE-2025-37951"
},
{
"category": "external",
"summary": "SUSE Bug 1243659 for CVE-2025-37951",
"url": "https://bugzilla.suse.com/1243659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37951"
},
{
"cve": "CVE-2025-37953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_deactivate() idempotent\n\nAlan reported a NULL pointer dereference in htb_next_rb_node()\nafter we made htb_qlen_notify() idempotent.\n\nIt turns out in the following case it introduced some regression:\n\nhtb_dequeue_tree():\n |-\u003e fq_codel_dequeue()\n |-\u003e qdisc_tree_reduce_backlog()\n |-\u003e htb_qlen_notify()\n |-\u003e htb_deactivate()\n |-\u003e htb_next_rb_node()\n |-\u003e htb_deactivate()\n\nFor htb_next_rb_node(), after calling the 1st htb_deactivate(), the\nclprio[prio]-\u003eptr could be already set to NULL, which means\nhtb_next_rb_node() is vulnerable here.\n\nFor htb_deactivate(), although we checked qlen before calling it, in\ncase of qlen==0 after qdisc_tree_reduce_backlog(), we may call it again\nwhich triggers the warning inside.\n\nTo fix the issues here, we need to:\n\n1) Make htb_deactivate() idempotent, that is, simply return if we\n already call it before.\n2) Make htb_next_rb_node() safe against ptr==NULL.\n\nMany thanks to Alan for testing and for the reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37953",
"url": "https://www.suse.com/security/cve/CVE-2025-37953"
},
{
"category": "external",
"summary": "SUSE Bug 1243543 for CVE-2025-37953",
"url": "https://bugzilla.suse.com/1243543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37953"
},
{
"cve": "CVE-2025-37954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Avoid race in open_cached_dir with lease breaks\n\nA pre-existing valid cfid returned from find_or_create_cached_dir might\nrace with a lease break, meaning open_cached_dir doesn\u0027t consider it\nvalid, and thinks it\u0027s newly-constructed. This leaks a dentry reference\nif the allocation occurs before the queued lease break work runs.\n\nAvoid the race by extending holding the cfid_list_lock across\nfind_or_create_cached_dir and when the result is checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37954",
"url": "https://www.suse.com/security/cve/CVE-2025-37954"
},
{
"category": "external",
"summary": "SUSE Bug 1243664 for CVE-2025-37954",
"url": "https://bugzilla.suse.com/1243664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37954"
},
{
"cve": "CVE-2025-37957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception\n\nPreviously, commit ed129ec9057f (\"KVM: x86: forcibly leave nested mode\non vCPU reset\") addressed an issue where a triple fault occurring in\nnested mode could lead to use-after-free scenarios. However, the commit\ndid not handle the analogous situation for System Management Mode (SMM).\n\nThis omission results in triggering a WARN when KVM forces a vCPU INIT\nafter SHUTDOWN interception while the vCPU is in SMM. This situation was\nreprodused using Syzkaller by:\n\n 1) Creating a KVM VM and vCPU\n 2) Sending a KVM_SMI ioctl to explicitly enter SMM\n 3) Executing invalid instructions causing consecutive exceptions and\n eventually a triple fault\n\nThe issue manifests as follows:\n\n WARNING: CPU: 0 PID: 25506 at arch/x86/kvm/x86.c:12112\n kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Modules linked in:\n CPU: 0 PID: 25506 Comm: syz-executor.0 Not tainted\n 6.1.130-syzkaller-00157-g164fe5dde9b6 #0\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),\n BIOS 1.12.0-1 04/01/2014\n RIP: 0010:kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Call Trace:\n \u003cTASK\u003e\n shutdown_interception+0x66/0xb0 arch/x86/kvm/svm/svm.c:2136\n svm_invoke_exit_handler+0x110/0x530 arch/x86/kvm/svm/svm.c:3395\n svm_handle_exit+0x424/0x920 arch/x86/kvm/svm/svm.c:3457\n vcpu_enter_guest arch/x86/kvm/x86.c:10959 [inline]\n vcpu_run+0x2c43/0x5a90 arch/x86/kvm/x86.c:11062\n kvm_arch_vcpu_ioctl_run+0x50f/0x1cf0 arch/x86/kvm/x86.c:11283\n kvm_vcpu_ioctl+0x570/0xf00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4122\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nArchitecturally, INIT is blocked when the CPU is in SMM, hence KVM\u0027s WARN()\nin kvm_vcpu_reset() to guard against KVM bugs, e.g. to detect improper\nemulation of INIT. SHUTDOWN on SVM is a weird edge case where KVM needs to\ndo _something_ sane with the VMCB, since it\u0027s technically undefined, and\nINIT is the least awful choice given KVM\u0027s ABI.\n\nSo, double down on stuffing INIT on SHUTDOWN, and force the vCPU out of\nSMM to avoid any weirdness (and the WARN).\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.\n\n[sean: massage changelog, make it clear this isn\u0027t architectural behavior]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37957",
"url": "https://www.suse.com/security/cve/CVE-2025-37957"
},
{
"category": "external",
"summary": "SUSE Bug 1243513 for CVE-2025-37957",
"url": "https://bugzilla.suse.com/1243513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37957"
},
{
"cve": "CVE-2025-37958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: fix dereferencing invalid pmd migration entry\n\nWhen migrating a THP, concurrent access to the PMD migration entry during\na deferred split scan can lead to an invalid address access, as\nillustrated below. To prevent this invalid access, it is necessary to\ncheck the PMD migration entry and return early. In this context, there is\nno need to use pmd_to_swp_entry and pfn_swap_entry_to_page to verify the\nequality of the target folio. Since the PMD migration entry is locked, it\ncannot be served as the target.\n\nMailing list discussion and explanation from Hugh Dickins: \"An anon_vma\nlookup points to a location which may contain the folio of interest, but\nmight instead contain another folio: and weeding out those other folios is\nprecisely what the \"folio != pmd_folio((*pmd)\" check (and the \"risk of\nreplacing the wrong folio\" comment a few lines above it) is for.\"\n\nBUG: unable to handle page fault for address: ffffea60001db008\nCPU: 0 UID: 0 PID: 2199114 Comm: tee Not tainted 6.14.0+ #4 NONE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:split_huge_pmd_locked+0x3b5/0x2b60\nCall Trace:\n\u003cTASK\u003e\ntry_to_migrate_one+0x28c/0x3730\nrmap_walk_anon+0x4f6/0x770\nunmap_folio+0x196/0x1f0\nsplit_huge_page_to_list_to_order+0x9f6/0x1560\ndeferred_split_scan+0xac5/0x12a0\nshrinker_debugfs_scan_write+0x376/0x470\nfull_proxy_write+0x15c/0x220\nvfs_write+0x2fc/0xcb0\nksys_write+0x146/0x250\ndo_syscall_64+0x6a/0x120\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe bug is found by syzkaller on an internal kernel, then confirmed on\nupstream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37958",
"url": "https://www.suse.com/security/cve/CVE-2025-37958"
},
{
"category": "external",
"summary": "SUSE Bug 1243539 for CVE-2025-37958",
"url": "https://bugzilla.suse.com/1243539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37958"
},
{
"cve": "CVE-2025-37959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Scrub packet on bpf_redirect_peer\n\nWhen bpf_redirect_peer is used to redirect packets to a device in\nanother network namespace, the skb isn\u0027t scrubbed. That can lead skb\ninformation from one namespace to be \"misused\" in another namespace.\n\nAs one example, this is causing Cilium to drop traffic when using\nbpf_redirect_peer to redirect packets that just went through IPsec\ndecryption to a container namespace. The following pwru trace shows (1)\nthe packet path from the host\u0027s XFRM layer to the container\u0027s XFRM\nlayer where it\u0027s dropped and (2) the number of active skb extensions at\neach function.\n\n NETNS MARK IFACE TUPLE FUNC\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm4_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 gro_cells_receive\n .active_extensions = (__u8)2,\n [...]\n 4026533547 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 skb_do_redirect\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv_core\n .active_extensions = (__u8)2,\n [...]\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 udp_queue_rcv_one_skb\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_policy_check\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 security_xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 kfree_skb_reason(SKB_DROP_REASON_XFRM_POLICY)\n .active_extensions = (__u8)2,\n\nIn this case, there are no XFRM policies in the container\u0027s network\nnamespace so the drop is unexpected. When we decrypt the IPsec packet,\nthe XFRM state used for decryption is set in the skb extensions. This\ninformation is preserved across the netns switch. When we reach the\nXFRM policy check in the container\u0027s netns, __xfrm_policy_check drops\nthe packet with LINUX_MIB_XFRMINNOPOLS because a (container-side) XFRM\npolicy can\u0027t be found that matches the (host-side) XFRM state used for\ndecryption.\n\nThis patch fixes this by scrubbing the packet when using\nbpf_redirect_peer, as is done on typical netns switches via veth\ndevices except skb-\u003emark and skb-\u003etstamp are not zeroed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37959",
"url": "https://www.suse.com/security/cve/CVE-2025-37959"
},
{
"category": "external",
"summary": "SUSE Bug 1243517 for CVE-2025-37959",
"url": "https://bugzilla.suse.com/1243517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37959"
},
{
"cve": "CVE-2025-37960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemblock: Accept allocated memory before use in memblock_double_array()\n\nWhen increasing the array size in memblock_double_array() and the slab\nis not yet available, a call to memblock_find_in_range() is used to\nreserve/allocate memory. However, the range returned may not have been\naccepted, which can result in a crash when booting an SNP guest:\n\n RIP: 0010:memcpy_orig+0x68/0x130\n Code: ...\n RSP: 0000:ffffffff9cc03ce8 EFLAGS: 00010006\n RAX: ff11001ff83e5000 RBX: 0000000000000000 RCX: fffffffffffff000\n RDX: 0000000000000bc0 RSI: ffffffff9dba8860 RDI: ff11001ff83e5c00\n RBP: 0000000000002000 R08: 0000000000000000 R09: 0000000000002000\n R10: 000000207fffe000 R11: 0000040000000000 R12: ffffffff9d06ef78\n R13: ff11001ff83e5000 R14: ffffffff9dba7c60 R15: 0000000000000c00\n memblock_double_array+0xff/0x310\n memblock_add_range+0x1fb/0x2f0\n memblock_reserve+0x4f/0xa0\n memblock_alloc_range_nid+0xac/0x130\n memblock_alloc_internal+0x53/0xc0\n memblock_alloc_try_nid+0x3d/0xa0\n swiotlb_init_remap+0x149/0x2f0\n mem_init+0xb/0xb0\n mm_core_init+0x8f/0x350\n start_kernel+0x17e/0x5d0\n x86_64_start_reservations+0x14/0x30\n x86_64_start_kernel+0x92/0xa0\n secondary_startup_64_no_verify+0x194/0x19b\n\nMitigate this by calling accept_memory() on the memory range returned\nbefore the slab is available.\n\nPrior to v6.12, the accept_memory() interface used a \u0027start\u0027 and \u0027end\u0027\nparameter instead of \u0027start\u0027 and \u0027size\u0027, therefore the accept_memory()\ncall must be adjusted to specify \u0027start + size\u0027 for \u0027end\u0027 when applying\nto kernels prior to v6.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37960",
"url": "https://www.suse.com/security/cve/CVE-2025-37960"
},
{
"category": "external",
"summary": "SUSE Bug 1243519 for CVE-2025-37960",
"url": "https://bugzilla.suse.com/1243519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37960"
},
{
"cve": "CVE-2025-37963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Only mitigate cBPF programs loaded by unprivileged users\n\nSupport for eBPF programs loaded by unprivileged users is typically\ndisabled. This means only cBPF programs need to be mitigated for BHB.\n\nIn addition, only mitigate cBPF programs that were loaded by an\nunprivileged user. Privileged users can also load the same program\nvia eBPF, making the mitigation pointless.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37963",
"url": "https://www.suse.com/security/cve/CVE-2025-37963"
},
{
"category": "external",
"summary": "SUSE Bug 1243660 for CVE-2025-37963",
"url": "https://bugzilla.suse.com/1243660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "low"
}
],
"title": "CVE-2025-37963"
},
{
"cve": "CVE-2025-37967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37967"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: displayport: Fix deadlock\n\nThis patch introduces the ucsi_con_mutex_lock / ucsi_con_mutex_unlock\nfunctions to the UCSI driver. ucsi_con_mutex_lock ensures the connector\nmutex is only locked if a connection is established and the partner pointer\nis valid. This resolves a deadlock scenario where\nucsi_displayport_remove_partner holds con-\u003emutex waiting for\ndp_altmode_work to complete while dp_altmode_work attempts to acquire it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37967",
"url": "https://www.suse.com/security/cve/CVE-2025-37967"
},
{
"category": "external",
"summary": "SUSE Bug 1243572 for CVE-2025-37967",
"url": "https://bugzilla.suse.com/1243572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37967"
},
{
"cve": "CVE-2025-37968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: opt3001: fix deadlock due to concurrent flag access\n\nThe threaded IRQ function in this driver is reading the flag twice: once to\nlock a mutex and once to unlock it. Even though the code setting the flag\nis designed to prevent it, there are subtle cases where the flag could be\ntrue at the mutex_lock stage and false at the mutex_unlock stage. This\nresults in the mutex not being unlocked, resulting in a deadlock.\n\nFix it by making the opt3001_irq() code generally more robust, reading the\nflag into a variable and using the variable value at both stages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37968",
"url": "https://www.suse.com/security/cve/CVE-2025-37968"
},
{
"category": "external",
"summary": "SUSE Bug 1243571 for CVE-2025-37968",
"url": "https://bugzilla.suse.com/1243571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37968"
},
{
"cve": "CVE-2025-37969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo\n\nPrevent st_lsm6dsx_read_tagged_fifo from falling in an infinite loop in\ncase pattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37969",
"url": "https://www.suse.com/security/cve/CVE-2025-37969"
},
{
"category": "external",
"summary": "SUSE Bug 1243574 for CVE-2025-37969",
"url": "https://bugzilla.suse.com/1243574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37969"
},
{
"cve": "CVE-2025-37970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo\n\nPrevent st_lsm6dsx_read_fifo from falling in an infinite loop in case\npattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37970",
"url": "https://www.suse.com/security/cve/CVE-2025-37970"
},
{
"category": "external",
"summary": "SUSE Bug 1243575 for CVE-2025-37970",
"url": "https://bugzilla.suse.com/1243575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37970"
},
{
"cve": "CVE-2025-37972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: mtk-pmic-keys - fix possible null pointer dereference\n\nIn mtk_pmic_keys_probe, the regs parameter is only set if the button is\nparsed in the device tree. However, on hardware where the button is left\nfloating, that node will most likely be removed not to enable that\ninput. In that case the code will try to dereference a null pointer.\n\nLet\u0027s use the regs struct instead as it is defined for all supported\nplatforms. Note that it is ok setting the key reg even if that latter is\ndisabled as the interrupt won\u0027t be enabled anyway.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37972",
"url": "https://www.suse.com/security/cve/CVE-2025-37972"
},
{
"category": "external",
"summary": "SUSE Bug 1243573 for CVE-2025-37972",
"url": "https://bugzilla.suse.com/1243573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37972"
},
{
"cve": "CVE-2025-37974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix missing check for zpci_create_device() error return\n\nThe zpci_create_device() function returns an error pointer that needs to\nbe checked before dereferencing it as a struct zpci_dev pointer. Add the\nmissing check in __clp_add() where it was missed when adding the\nscan_list in the fixed commit. Simply not adding the device to the scan\nlist results in the previous behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37974",
"url": "https://www.suse.com/security/cve/CVE-2025-37974"
},
{
"category": "external",
"summary": "SUSE Bug 1243547 for CVE-2025-37974",
"url": "https://bugzilla.suse.com/1243547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37974"
},
{
"cve": "CVE-2025-37978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: integrity: Do not call set_page_dirty_lock()\n\nPlacing multiple protection information buffers inside the same page\ncan lead to oopses because set_page_dirty_lock() can\u0027t be called from\ninterrupt context.\n\nSince a protection information buffer is not backed by a file there is\nno point in setting its page dirty, there is nothing to synchronize.\nDrop the call to set_page_dirty_lock() and remove the last argument to\nbio_integrity_unpin_bvec().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37978",
"url": "https://www.suse.com/security/cve/CVE-2025-37978"
},
{
"category": "external",
"summary": "SUSE Bug 1243516 for CVE-2025-37978",
"url": "https://bugzilla.suse.com/1243516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37978"
},
{
"cve": "CVE-2025-37979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: Fix sc7280 lpass potential buffer overflow\n\nCase values introduced in commit\n5f78e1fb7a3e (\"ASoC: qcom: Add driver support for audioreach solution\")\ncause out of bounds access in arrays of sc7280 driver data (e.g. in case\nof RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()).\n\nRedefine LPASS_MAX_PORTS to consider the maximum possible port id for\nq6dsp as sc7280 driver utilizes some of those values.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37979",
"url": "https://www.suse.com/security/cve/CVE-2025-37979"
},
{
"category": "external",
"summary": "SUSE Bug 1243545 for CVE-2025-37979",
"url": "https://bugzilla.suse.com/1243545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37979"
},
{
"cve": "CVE-2025-37980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix resource leak in blk_register_queue() error path\n\nWhen registering a queue fails after blk_mq_sysfs_register() is\nsuccessful but the function later encounters an error, we need\nto clean up the blk_mq_sysfs resources.\n\nAdd the missing blk_mq_sysfs_unregister() call in the error path\nto properly clean up these resources and prevent a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37980",
"url": "https://www.suse.com/security/cve/CVE-2025-37980"
},
{
"category": "external",
"summary": "SUSE Bug 1243522 for CVE-2025-37980",
"url": "https://bugzilla.suse.com/1243522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37980"
},
{
"cve": "CVE-2025-37982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wl1251: fix memory leak in wl1251_tx_work\n\nThe skb dequeued from tx_queue is lost when wl1251_ps_elp_wakeup fails\nwith a -ETIMEDOUT error. Fix that by queueing the skb back to tx_queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37982",
"url": "https://www.suse.com/security/cve/CVE-2025-37982"
},
{
"category": "external",
"summary": "SUSE Bug 1243524 for CVE-2025-37982",
"url": "https://bugzilla.suse.com/1243524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37982"
},
{
"cve": "CVE-2025-37983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqibfs: fix _another_ leak\n\nfailure to allocate inode =\u003e leaked dentry...\n\nthis one had been there since the initial merge; to be fair,\nif we are that far OOM, the odds of failing at that particular\nallocation are low...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37983",
"url": "https://www.suse.com/security/cve/CVE-2025-37983"
},
{
"category": "external",
"summary": "SUSE Bug 1243567 for CVE-2025-37983",
"url": "https://bugzilla.suse.com/1243567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37983"
},
{
"cve": "CVE-2025-37985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: wdm: close race between wdm_open and wdm_wwan_port_stop\n\nClearing WDM_WWAN_IN_USE must be the last action or\nwe can open a chardev whose URBs are still poisoned",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37985",
"url": "https://www.suse.com/security/cve/CVE-2025-37985"
},
{
"category": "external",
"summary": "SUSE Bug 1243529 for CVE-2025-37985",
"url": "https://bugzilla.suse.com/1243529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37985"
},
{
"cve": "CVE-2025-37986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Invalidate USB device pointers on partner unregistration\n\nTo avoid using invalid USB device pointers after a Type-C partner\ndisconnects, this patch clears the pointers upon partner unregistration.\nThis ensures a clean state for future connections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37986",
"url": "https://www.suse.com/security/cve/CVE-2025-37986"
},
{
"category": "external",
"summary": "SUSE Bug 1243515 for CVE-2025-37986",
"url": "https://bugzilla.suse.com/1243515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37986"
},
{
"cve": "CVE-2025-37987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37987"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: Prevent possible adminq overflow/stuck condition\n\nThe pds_core\u0027s adminq is protected by the adminq_lock, which prevents\nmore than 1 command to be posted onto it at any one time. This makes it\nso the client drivers cannot simultaneously post adminq commands.\nHowever, the completions happen in a different context, which means\nmultiple adminq commands can be posted sequentially and all waiting\non completion.\n\nOn the FW side, the backing adminq request queue is only 16 entries\nlong and the retry mechanism and/or overflow/stuck prevention is\nlacking. This can cause the adminq to get stuck, so commands are no\nlonger processed and completions are no longer sent by the FW.\n\nAs an initial fix, prevent more than 16 outstanding adminq commands so\nthere\u0027s no way to cause the adminq from getting stuck. This works\nbecause the backing adminq request queue will never have more than 16\npending adminq commands, so it will never overflow. This is done by\nreducing the adminq depth to 16.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37987",
"url": "https://www.suse.com/security/cve/CVE-2025-37987"
},
{
"category": "external",
"summary": "SUSE Bug 1243542 for CVE-2025-37987",
"url": "https://bugzilla.suse.com/1243542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37987"
},
{
"cve": "CVE-2025-37989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: leds: fix memory leak\n\nA network restart test on a router led to an out-of-memory condition,\nwhich was traced to a memory leak in the PHY LED trigger code.\n\nThe root cause is misuse of the devm API. The registration function\n(phy_led_triggers_register) is called from phy_attach_direct, not\nphy_probe, and the unregister function (phy_led_triggers_unregister)\nis called from phy_detach, not phy_remove. This means the register and\nunregister functions can be called multiple times for the same PHY\ndevice, but devm-allocated memory is not freed until the driver is\nunbound.\n\nThis also prevents kmemleak from detecting the leak, as the devm API\ninternally stores the allocated pointer.\n\nFix this by replacing devm_kzalloc/devm_kcalloc with standard\nkzalloc/kcalloc, and add the corresponding kfree calls in the unregister\npath.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37989",
"url": "https://www.suse.com/security/cve/CVE-2025-37989"
},
{
"category": "external",
"summary": "SUSE Bug 1243511 for CVE-2025-37989",
"url": "https://bugzilla.suse.com/1243511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37989"
},
{
"cve": "CVE-2025-37990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()\n\nThe function brcmf_usb_dl_writeimage() calls the function\nbrcmf_usb_dl_cmd() but dose not check its return value. The\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized if the\nfunction brcmf_usb_dl_cmd() fails. It is dangerous to use\nuninitialized variables in the conditions.\n\nAdd error handling for brcmf_usb_dl_cmd() to jump to error\nhandling path if the brcmf_usb_dl_cmd() fails and the\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized.\n\nImprove the error message to report more detailed error\ninformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37990",
"url": "https://www.suse.com/security/cve/CVE-2025-37990"
},
{
"category": "external",
"summary": "SUSE Bug 1243528 for CVE-2025-37990",
"url": "https://bugzilla.suse.com/1243528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37990"
},
{
"cve": "CVE-2025-37998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: Fix unsafe attribute parsing in output_userspace()\n\nThis patch replaces the manual Netlink attribute iteration in\noutput_userspace() with nla_for_each_nested(), which ensures that only\nwell-formed attributes are processed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37998",
"url": "https://www.suse.com/security/cve/CVE-2025-37998"
},
{
"category": "external",
"summary": "SUSE Bug 1243836 for CVE-2025-37998",
"url": "https://bugzilla.suse.com/1243836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "low"
}
],
"title": "CVE-2025-37998"
},
{
"cve": "CVE-2025-38104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV\n\nRLCG Register Access is a way for virtual functions to safely access GPU\nregisters in a virtualized environment., including TLB flushes and\nregister reads. When multiple threads or VFs try to access the same\nregisters simultaneously, it can lead to race conditions. By using the\nRLCG interface, the driver can serialize access to the registers. This\nmeans that only one thread can access the registers at a time,\npreventing conflicts and ensuring that operations are performed\ncorrectly. Additionally, when a low-priority task holds a mutex that a\nhigh-priority task needs, ie., If a thread holding a spinlock tries to\nacquire a mutex, it can lead to priority inversion. register access in\namdgpu_virt_rlcg_reg_rw especially in a fast code path is critical.\n\nThe call stack shows that the function amdgpu_virt_rlcg_reg_rw is being\ncalled, which attempts to acquire the mutex. This function is invoked\nfrom amdgpu_sriov_wreg, which in turn is called from\ngmc_v11_0_flush_gpu_tlb.\n\nThe [ BUG: Invalid wait context ] indicates that a thread is trying to\nacquire a mutex while it is in a context that does not allow it to sleep\n(like holding a spinlock).\n\nFixes the below:\n\n[ 253.013423] =============================\n[ 253.013434] [ BUG: Invalid wait context ]\n[ 253.013446] 6.12.0-amdstaging-drm-next-lol-050225 #14 Tainted: G U OE\n[ 253.013464] -----------------------------\n[ 253.013475] kworker/0:1/10 is trying to lock:\n[ 253.013487] ffff9f30542e3cf8 (\u0026adev-\u003evirt.rlcg_reg_lock){+.+.}-{3:3}, at: amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.013815] other info that might help us debug this:\n[ 253.013827] context-{4:4}\n[ 253.013835] 3 locks held by kworker/0:1/10:\n[ 253.013847] #0: ffff9f3040050f58 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x3f5/0x680\n[ 253.013877] #1: ffffb789c008be40 ((work_completion)(\u0026wfc.work)){+.+.}-{0:0}, at: process_one_work+0x1d6/0x680\n[ 253.013905] #2: ffff9f3054281838 (\u0026adev-\u003egmc.invalidate_lock){+.+.}-{2:2}, at: gmc_v11_0_flush_gpu_tlb+0x198/0x4f0 [amdgpu]\n[ 253.014154] stack backtrace:\n[ 253.014164] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G U OE 6.12.0-amdstaging-drm-next-lol-050225 #14\n[ 253.014189] Tainted: [U]=USER, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n[ 253.014203] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/18/2024\n[ 253.014224] Workqueue: events work_for_cpu_fn\n[ 253.014241] Call Trace:\n[ 253.014250] \u003cTASK\u003e\n[ 253.014260] dump_stack_lvl+0x9b/0xf0\n[ 253.014275] dump_stack+0x10/0x20\n[ 253.014287] __lock_acquire+0xa47/0x2810\n[ 253.014303] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014321] lock_acquire+0xd1/0x300\n[ 253.014333] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014562] ? __lock_acquire+0xa6b/0x2810\n[ 253.014578] __mutex_lock+0x85/0xe20\n[ 253.014591] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014782] ? sched_clock_noinstr+0x9/0x10\n[ 253.014795] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014808] ? local_clock_noinstr+0xe/0xc0\n[ 253.014822] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015012] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.015029] mutex_lock_nested+0x1b/0x30\n[ 253.015044] ? mutex_lock_nested+0x1b/0x30\n[ 253.015057] amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015249] amdgpu_sriov_wreg+0xc5/0xd0 [amdgpu]\n[ 253.015435] gmc_v11_0_flush_gpu_tlb+0x44b/0x4f0 [amdgpu]\n[ 253.015667] gfx_v11_0_hw_init+0x499/0x29c0 [amdgpu]\n[ 253.015901] ? __pfx_smu_v13_0_update_pcie_parameters+0x10/0x10 [amdgpu]\n[ 253.016159] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.016173] ? smu_hw_init+0x18d/0x300 [amdgpu]\n[ 253.016403] amdgpu_device_init+0x29ad/0x36a0 [amdgpu]\n[ 253.016614] amdgpu_driver_load_kms+0x1a/0xc0 [amdgpu]\n[ 253.0170\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38104",
"url": "https://www.suse.com/security/cve/CVE-2025-38104"
},
{
"category": "external",
"summary": "SUSE Bug 1241635 for CVE-2025-38104",
"url": "https://bugzilla.suse.com/1241635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-38104"
},
{
"cve": "CVE-2025-38152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Clear table_sz when rproc_shutdown\n\nThere is case as below could trigger kernel dump:\nUse U-Boot to start remote processor(rproc) with resource table\npublished to a fixed address by rproc. After Kernel boots up,\nstop the rproc, load a new firmware which doesn\u0027t have resource table\n,and start rproc.\n\nWhen starting rproc with a firmware not have resource table,\n`memcpy(loaded_table, rproc-\u003ecached_table, rproc-\u003etable_sz)` will\ntrigger dump, because rproc-\u003ecache_table is set to NULL during the last\nstop operation, but rproc-\u003etable_sz is still valid.\n\nThis issue is found on i.MX8MP and i.MX9.\n\nDump as below:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af63000\n[0000000000000000] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in:\nCPU: 2 UID: 0 PID: 1060 Comm: sh Not tainted 6.14.0-rc7-next-20250317-dirty #38\nHardware name: NXP i.MX8MPlus EVK board (DT)\npstate: a0000005 (NzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __pi_memcpy_generic+0x110/0x22c\nlr : rproc_start+0x88/0x1e0\nCall trace:\n __pi_memcpy_generic+0x110/0x22c (P)\n rproc_boot+0x198/0x57c\n state_store+0x40/0x104\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x7c/0x94\n kernfs_fop_write_iter+0x120/0x1cc\n vfs_write+0x240/0x378\n ksys_write+0x70/0x108\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xcc\n el0t_64_sync_handler+0x10c/0x138\n el0t_64_sync+0x198/0x19c\n\nClear rproc-\u003etable_sz to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38152",
"url": "https://www.suse.com/security/cve/CVE-2025-38152"
},
{
"category": "external",
"summary": "SUSE Bug 1241627 for CVE-2025-38152",
"url": "https://bugzilla.suse.com/1241627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-38152"
},
{
"cve": "CVE-2025-38240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38240"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr\n\nThe function mtk_dp_wait_hpd_asserted() may be called before the\n`mtk_dp-\u003edrm_dev` pointer is assigned in mtk_dp_bridge_attach().\nSpecifically it can be called via this callpath:\n - mtk_edp_wait_hpd_asserted\n - [panel probe]\n - dp_aux_ep_probe\n\nUsing \"drm\" level prints anywhere in this callpath causes a NULL\npointer dereference. Change the error message directly in\nmtk_dp_wait_hpd_asserted() to dev_err() to avoid this. Also change the\nerror messages in mtk_dp_parse_capabilities(), which is called by\nmtk_dp_wait_hpd_asserted().\n\nWhile touching these prints, also add the error code to them to make\nfuture debugging easier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38240",
"url": "https://www.suse.com/security/cve/CVE-2025-38240"
},
{
"category": "external",
"summary": "SUSE Bug 1241457 for CVE-2025-38240",
"url": "https://bugzilla.suse.com/1241457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-38240"
},
{
"cve": "CVE-2025-38637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: skbprio: Remove overly strict queue assertions\n\nIn the current implementation, skbprio enqueue/dequeue contains an assertion\nthat fails under certain conditions when SKBPRIO is used as a child qdisc under\nTBF with specific parameters. The failure occurs because TBF sometimes peeks at\npackets in the child qdisc without actually dequeuing them when tokens are\nunavailable.\n\nThis peek operation creates a discrepancy between the parent and child qdisc\nqueue length counters. When TBF later receives a high-priority packet,\nSKBPRIO\u0027s queue length may show a different value than what\u0027s reflected in its\ninternal priority queue tracking, triggering the assertion.\n\nThe fix removes this overly strict assertions in SKBPRIO, they are not\nnecessary at all.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38637",
"url": "https://www.suse.com/security/cve/CVE-2025-38637"
},
{
"category": "external",
"summary": "SUSE Bug 1241657 for CVE-2025-38637",
"url": "https://bugzilla.suse.com/1241657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-38637"
},
{
"cve": "CVE-2025-39735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix slab-out-of-bounds read in ea_get()\n\nDuring the \"size_check\" label in ea_get(), the code checks if the extended\nattribute list (xattr) size matches ea_size. If not, it logs\n\"ea_get: invalid extended attribute\" and calls print_hex_dump().\n\nHere, EALIST_SIZE(ea_buf-\u003exattr) returns 4110417968, which exceeds\nINT_MAX (2,147,483,647). Then ea_size is clamped:\n\n\tint size = clamp_t(int, ea_size, 0, EALIST_SIZE(ea_buf-\u003exattr));\n\nAlthough clamp_t aims to bound ea_size between 0 and 4110417968, the upper\nlimit is treated as an int, causing an overflow above 2^31 - 1. This leads\n\"size\" to wrap around and become negative (-184549328).\n\nThe \"size\" is then passed to print_hex_dump() (called \"len\" in\nprint_hex_dump()), it is passed as type size_t (an unsigned\ntype), this is then stored inside a variable called\n\"int remaining\", which is then assigned to \"int linelen\" which\nis then passed to hex_dump_to_buffer(). In print_hex_dump()\nthe for loop, iterates through 0 to len-1, where len is\n18446744073525002176, calling hex_dump_to_buffer()\non each iteration:\n\n\tfor (i = 0; i \u003c len; i += rowsize) {\n\t\tlinelen = min(remaining, rowsize);\n\t\tremaining -= rowsize;\n\n\t\thex_dump_to_buffer(ptr + i, linelen, rowsize, groupsize,\n\t\t\t\t linebuf, sizeof(linebuf), ascii);\n\n\t\t...\n\t}\n\nThe expected stopping condition (i \u003c len) is effectively broken\nsince len is corrupted and very large. This eventually leads to\nthe \"ptr+i\" being passed to hex_dump_to_buffer() to get closer\nto the end of the actual bounds of \"ptr\", eventually an out of\nbounds access is done in hex_dump_to_buffer() in the following\nfor loop:\n\n\tfor (j = 0; j \u003c len; j++) {\n\t\t\tif (linebuflen \u003c lx + 2)\n\t\t\t\tgoto overflow2;\n\t\t\tch = ptr[j];\n\t\t...\n\t}\n\nTo fix this we should validate \"EALIST_SIZE(ea_buf-\u003exattr)\"\nbefore it is utilised.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39735",
"url": "https://www.suse.com/security/cve/CVE-2025-39735"
},
{
"category": "external",
"summary": "SUSE Bug 1241625 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "external",
"summary": "SUSE Bug 1241699 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "important"
}
],
"title": "CVE-2025-39735"
},
{
"cve": "CVE-2025-40014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq()\n\nIf speed_hz \u003c AMD_SPI_MIN_HZ, amd_set_spi_freq() iterates over the\nentire amd_spi_freq array without breaking out early, causing \u0027i\u0027 to go\nbeyond the array bounds.\n\nFix that by stopping the loop when it gets to the last entry, so the low\nspeed_hz value gets clamped up to AMD_SPI_MIN_HZ.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/spi/spi-amd.o: error: objtool: amd_set_spi_freq() falls through to next function amd_spi_set_opcode()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40014",
"url": "https://www.suse.com/security/cve/CVE-2025-40014"
},
{
"category": "external",
"summary": "SUSE Bug 1241644 for CVE-2025-40014",
"url": "https://bugzilla.suse.com/1241644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-40014"
},
{
"cve": "CVE-2025-40325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: wait barrier before returning discard request with REQ_NOWAIT\n\nraid10_handle_discard should wait barrier before returning a discard bio\nwhich has REQ_NOWAIT. And there is no need to print warning calltrace\nif a discard bio has REQ_NOWAIT flag. Quality engineer usually checks\ndmesg and reports error if dmesg has warning/error calltrace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40325",
"url": "https://www.suse.com/security/cve/CVE-2025-40325"
},
{
"category": "external",
"summary": "SUSE Bug 1241638 for CVE-2025-40325",
"url": "https://bugzilla.suse.com/1241638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-40325"
}
]
}
suse-su-2025:01965-1
Vulnerability from csaf_suse
Published
2025-06-16 14:54
Modified
2025-06-16 14:54
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
The following non-security bugs were fixed:
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).
- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
- KVM: arm64: Mark some header functions as inline (git-fixes).
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).
- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
- KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).
- KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (git-fixes).
- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- RDMA/core: Fix 'KASAN: slab-use-after-free Read in ib_register_device' problem (git-fixes)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- RDMA/rxe: Fix 'trying to register non-static key in rxe_qp_do_cleanup' bug (git-fixes)
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- cBPF: Refresh fixes for cBPF issue (bsc#1242778)
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- Update patches.suse/nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch (git-fixes bsc#1235149).
- Update patches.suse/nvme-re-read-ANA-log-page-after-ns-scan-completes.patch (git-fixes bsc#1235149).
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
- afs: Make it possible to find the volumes that are using a server (git-fixes).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- arm64: insn: Add support for encoding DSB (git-fixes)
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).
- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- can: bcm: add missing rcu read protection for procfs content (git-fixes).
- can: slcan: allow reception of short error messages (git-fixes).
- cifs: change tcon status when need_reconnect is set on it (git-fixes).
- cifs: reduce warning log level for server not advertising interfaces (git-fixes).
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- devlink: fix port new reply cmd type (git-fixes).
- dm-integrity: fix a warning on invalid table line (git-fixes).
- dma-buf: insert memory barrier before updating num_fences (git-fixes).
- dmaengine: Revert 'dmaengine: dmatest: Fix dmatest waiting less when interrupted' (git-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).
- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
- exfat: fix potential wrong error return from get_block (git-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).
- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- ipv4: Fix incorrect source address in Record Route option (git-fixes).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).
- ipv4: fix source address selection with route leak (git-fixes).
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes).
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
- ipv6: Align behavior across nexthops during path selection (git-fixes).
- ipv6: Do not consider link down nexthops in path selection (git-fixes).
- ipv6: Start path selection from the first nexthop (git-fixes).
- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- kernel-obs-qa: Use srchash for dependency as well
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: aio inherit the ioprio of original request (git-fixes).
- loop: do not require ->write_iter for writable files in loop_configure (git-fixes).
- md/raid1,raid10: do not ignore IO flags (git-fixes).
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- md: add a new callback pers->bitmap_sector() (git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md: preserve KABI in struct md_personality v2 (git-fixes).
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- neighbour: delete redundant judgment statements (git-fixes).
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).
- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).
- net: Handle napi_schedule() calls from non-interrupt (git-fixes).
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).
- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
- net: do not dump stack on queue timeout (git-fixes).
- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).
- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- netpoll: Ensure clean state on setup failures (git-fixes).
- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
- nvme: multipath: fix return value of nvme_available_path (git-fixes).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvme: unblock ctrl state transition for firmware update (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).
- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
- padata: do not leak refcount in reorder_work (git-fixes).
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- qibfs: fix _another_ leak (git-fixes)
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- rcu: Introduce rcu_cpu_online() (git-fixes)
- regulator: max20086: fix invalid memory access (git-fixes).
- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
- scsi: Improve CDL control (git-fixes).
- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
- smb3: fix Open files on server counter going negative (git-fixes).
- smb: client: Use str_yes_no() helper function (git-fixes).
- smb: client: allow more DFS referrals to be cached (git-fixes).
- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).
- smb: client: do not retry DFS targets on server shutdown (git-fixes).
- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).
- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).
- smb: client: fix DFS interlink failover (git-fixes).
- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- smb: client: fix return value of parse_dfs_referrals() (git-fixes).
- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).
- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).
- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).
- smb: client: improve purging of cached referrals (git-fixes).
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- smb: client: optimize referral walk on failed link targets (git-fixes).
- smb: client: parse DNS domain name from domain= option (git-fixes).
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- smb: client: refresh referral without acquiring refpath_lock (git-fixes).
- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
- spi: tegra114: Use value to check for invalid delays (git-fixes).
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).
- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).
- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).
- virtio_console: fix missing byte order handling for cols and rows (git-fixes).
- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- xenfs/xensyms: respect hypervisor's 'next' indication (git-fixes).
- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
- xhci: split free interrupter into separate remove and free parts (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- xsk: Do not assume metadata is always requested in TX completion (git-fixes).
Patchnames
SUSE-2025-1965,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1965,openSUSE-SLE-15.6-2025-1965
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).\n- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).\n- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).\n- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).\n- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).\n- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1237312).\n- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).\n- CVE-2025-21814: ptp: Ensure info-\u003eenable callback is always set (bsc#1238473).\n- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).\n- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).\n- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).\n- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).\n- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).\n- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).\n- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).\n- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).\n- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).\n- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).\n- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).\n- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).\n- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).\n- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).\n- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).\n- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).\n- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).\n- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).\n- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).\n- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).\n- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).\n- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).\n- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).\n- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).\n- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).\n- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).\n- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).\n- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).\n- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).\n- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).\n- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).\n- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).\n- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).\n- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).\n- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).\n- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).\n- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).\n- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).\n- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).\n- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).\n- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).\n- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).\n- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).\n\nThe following non-security bugs were fixed:\n\n- ACPI: PPTT: Fix processor subtable walk (git-fixes).\n- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).\n- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).\n- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).\n- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).\n- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).\n- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).\n- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).\n- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).\n- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).\n- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).\n- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).\n- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).\n- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).\n- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).\n- IB/cm: use rwlock for MAD agent lock (git-fixes)\n- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).\n- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).\n- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).\n- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).\n- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).\n- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).\n- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).\n- KVM: SVM: Drop DEBUGCTL[5:2] from guest\u0027s effective value (git-fixes).\n- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).\n- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).\n- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).\n- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).\n- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).\n- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).\n- KVM: arm64: Mark some header functions as inline (git-fixes).\n- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).\n- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).\n- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).\n- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).\n- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).\n- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).\n- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).\n- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).\n- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).\n- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).\n- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).\n- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).\n- KVM: x86/xen: Use guest\u0027s copy of pvclock when starting timer (git-fixes).\n- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).\n- KVM: x86: Do not take kvm-\u003elock when iterating over vCPUs in suspend notifier (git-fixes).\n- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).\n- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn\u0027t supported by KVM (git-fixes).\n- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).\n- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).\n- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).\n- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).\n- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).\n- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).\n- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn\u0027t up (git-fixes).\n- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).\n- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).\n- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)\n- RDMA/core: Fix \u0027KASAN: slab-use-after-free Read in ib_register_device\u0027 problem (git-fixes)\n- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)\n- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)\n- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)\n- RDMA/rxe: Fix \u0027trying to register non-static key in rxe_qp_do_cleanup\u0027 bug (git-fixes)\n- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)\n- cBPF: Refresh fixes for cBPF issue (bsc#1242778)\n- Squashfs: check return result of sb_min_blocksize (git-fixes).\n- Update patches.suse/nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch (git-fixes bsc#1235149).\n- Update patches.suse/nvme-re-read-ANA-log-page-after-ns-scan-completes.patch (git-fixes bsc#1235149).\n- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).\n- add bug reference for an existing hv_netvsc change (bsc#1243737).\n- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).\n- afs: Make it possible to find the volumes that are using a server (git-fixes).\n- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)\n- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)\n- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)\n- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)\n- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)\n- arm64: insn: Add support for encoding DSB (git-fixes)\n- arm64: proton-pack: Add new CPUs \u0027k\u0027 values for branch mitigation (git-fixes)\n- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)\n- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)\n- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).\n- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).\n- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).\n- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).\n- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).\n- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).\n- bpf: Scrub packet on bpf_redirect_peer (git-fixes).\n- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).\n- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).\n- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).\n- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).\n- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).\n- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).\n- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).\n- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).\n- can: bcm: add locking for bcm_op runtime updates (git-fixes).\n- can: bcm: add missing rcu read protection for procfs content (git-fixes).\n- can: slcan: allow reception of short error messages (git-fixes).\n- cifs: change tcon status when need_reconnect is set on it (git-fixes).\n- cifs: reduce warning log level for server not advertising interfaces (git-fixes).\n- crypto: algif_hash - fix double free in hash_accept (git-fixes).\n- devlink: fix port new reply cmd type (git-fixes).\n- dm-integrity: fix a warning on invalid table line (git-fixes).\n- dma-buf: insert memory barrier before updating num_fences (git-fixes).\n- dmaengine: Revert \u0027dmaengine: dmatest: Fix dmatest waiting less when interrupted\u0027 (git-fixes).\n- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).\n- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).\n- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).\n- dmaengine: idxd: Fix -\u003epoll() return value (git-fixes).\n- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).\n- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).\n- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).\n- dmaengine: mediatek: drop unused variable (git-fixes).\n- dmaengine: ti: k3-udma: Add missing locking (git-fixes).\n- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).\n- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).\n- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).\n- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).\n- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).\n- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).\n- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).\n- drm/amdgpu: fix pm notifier handling (git-fixes).\n- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).\n- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).\n- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).\n- exfat: fix potential wrong error return from get_block (git-fixes).\n- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).\n- hv_netvsc: Remove rmsg_pgcnt (git-fixes).\n- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).\n- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).\n- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).\n- idpf: fix offloads support for encapsulated packets (git-fixes).\n- idpf: fix potential memory leak on kcalloc() failure (git-fixes).\n- idpf: protect shutdown from reset (git-fixes).\n- igc: fix lock order in igc_ptp_reset (git-fixes).\n- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).\n- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).\n- ipv4/route: avoid unused-but-set-variable warning (git-fixes).\n- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).\n- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).\n- ipv4: Fix incorrect source address in Record Route option (git-fixes).\n- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).\n- ipv4: fix source address selection with route leak (git-fixes).\n- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).\n- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).\n- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes).\n- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).\n- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).\n- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).\n- ipv6: Align behavior across nexthops during path selection (git-fixes).\n- ipv6: Do not consider link down nexthops in path selection (git-fixes).\n- ipv6: Start path selection from the first nexthop (git-fixes).\n- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).\n- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).\n- jiffies: Define secs_to_jiffies() (bsc#1242993).\n- kernel-obs-qa: Use srchash for dependency as well\n- loop: Add sanity check for read/write_iter (git-fixes).\n- loop: aio inherit the ioprio of original request (git-fixes).\n- loop: do not require -\u003ewrite_iter for writable files in loop_configure (git-fixes).\n- md/raid1,raid10: do not ignore IO flags (git-fixes).\n- md/raid10: fix missing discard IO accounting (git-fixes).\n- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).\n- md/raid1: Add check for missing source disk in process_checks() (git-fixes).\n- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).\n- md/raid5: implement pers-\u003ebitmap_sector() (git-fixes).\n- md: add a new callback pers-\u003ebitmap_sector() (git-fixes).\n- md: ensure resync is prioritized over recovery (git-fixes).\n- md: fix mddev uaf while iterating all_mddevs list (git-fixes).\n- md: preserve KABI in struct md_personality v2 (git-fixes).\n- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).\n- mtd: phram: Add the kernel lock down check (bsc#1232649).\n- neighbour: delete redundant judgment statements (git-fixes).\n- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).\n- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).\n- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).\n- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).\n- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).\n- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).\n- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).\n- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).\n- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).\n- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).\n- net: Handle napi_schedule() calls from non-interrupt (git-fixes).\n- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).\n- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).\n- net: do not dump stack on queue timeout (git-fixes).\n- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).\n- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).\n- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).\n- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).\n- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).\n- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).\n- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).\n- netdev-genl: avoid empty messages in queue dump (git-fixes).\n- netdev: fix repeated netlink messages in queue dump (git-fixes).\n- netlink: annotate data-races around sk-\u003esk_err (git-fixes).\n- netpoll: Ensure clean state on setup failures (git-fixes).\n- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).\n- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).\n- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).\n- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).\n- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).\n- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).\n- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).\n- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).\n- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).\n- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).\n- nvme: Add \u0027partial_nid\u0027 quirk (bsc#1241148).\n- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).\n- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).\n- nvme: multipath: fix return value of nvme_available_path (git-fixes).\n- nvme: re-read ANA log page after ns scan completes (git-fixes).\n- nvme: requeue namespace scan on missed AENs (git-fixes).\n- nvme: unblock ctrl state transition for firmware update (git-fixes).\n- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).\n- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).\n- nvmet-fc: put ref when assoc-\u003edel_work is already scheduled (git-fixes).\n- nvmet-fc: take tgtport reference only once (git-fixes).\n- nvmet-fc: update tgtport ref per assoc (git-fixes).\n- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).\n- nvmet-fcloop: add ref counting to lport (git-fixes).\n- nvmet-fcloop: replace kref with refcount (git-fixes).\n- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).\n- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).\n- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).\n- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).\n- padata: do not leak refcount in reorder_work (git-fixes).\n- phy: Fix error handling in tegra_xusb_port_init (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).\n- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).\n- phy: tegra: xusb: remove a stray unlock (git-fixes).\n- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).\n- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).\n- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).\n- qibfs: fix _another_ leak (git-fixes)\n- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)\n- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)\n- rcu: Break rcu_node_0 --\u003e \u0026rq-\u003e__lock order (git-fixes)\n- rcu: Introduce rcu_cpu_online() (git-fixes)\n- regulator: max20086: fix invalid memory access (git-fixes).\n- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).\n- scsi: Improve CDL control (git-fixes).\n- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).\n- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).\n- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).\n- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).\n- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).\n- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).\n- scsi: lpfc: Fix spelling mistake \u0027Toplogy\u0027 -\u003e \u0027Topology\u0027 (bsc#1242993).\n- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).\n- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).\n- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).\n- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).\n- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).\n- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).\n- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).\n- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).\n- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).\n- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).\n- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).\n- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).\n- selftests/mm: fix incorrect buffer-\u003emirror size in hmm2 double_map test (bsc#1242203).\n- smb3: fix Open files on server counter going negative (git-fixes).\n- smb: client: Use str_yes_no() helper function (git-fixes).\n- smb: client: allow more DFS referrals to be cached (git-fixes).\n- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).\n- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).\n- smb: client: do not retry DFS targets on server shutdown (git-fixes).\n- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).\n- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).\n- smb: client: fix DFS interlink failover (git-fixes).\n- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).\n- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).\n- smb: client: fix potential race in cifs_put_tcon() (git-fixes).\n- smb: client: fix return value of parse_dfs_referrals() (git-fixes).\n- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).\n- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).\n- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).\n- smb: client: improve purging of cached referrals (git-fixes).\n- smb: client: introduce av_for_each_entry() helper (git-fixes).\n- smb: client: optimize referral walk on failed link targets (git-fixes).\n- smb: client: parse DNS domain name from domain= option (git-fixes).\n- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).\n- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).\n- smb: client: refresh referral without acquiring refpath_lock (git-fixes).\n- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).\n- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).\n- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).\n- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).\n- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).\n- spi: tegra114: Use value to check for invalid delays (git-fixes).\n- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).\n- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).\n- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).\n- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).\n- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).\n- virtio_console: fix missing byte order handling for cols and rows (git-fixes).\n- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).\n- wifi: mt76: disable napi on driver removal (git-fixes).\n- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).\n- x86/xen: move xen_reserve_extra_memory() (git-fixes).\n- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).\n- xen: Change xen-acpi-processor dom0 dependency (git-fixes).\n- xenfs/xensyms: respect hypervisor\u0027s \u0027next\u0027 indication (git-fixes).\n- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).\n- xhci: split free interrupter into separate remove and free parts (git-fixes).\n- xsk: Add truesize to skb_add_rx_frag() (git-fixes).\n- xsk: Do not assume metadata is always requested in TX completion (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1965,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1965,openSUSE-SLE-15.6-2025-1965",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01965-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01965-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501965-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01965-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021535.html"
},
{
"category": "self",
"summary": "SUSE Bug 1220112",
"url": "https://bugzilla.suse.com/1220112"
},
{
"category": "self",
"summary": "SUSE Bug 1223096",
"url": "https://bugzilla.suse.com/1223096"
},
{
"category": "self",
"summary": "SUSE Bug 1226498",
"url": "https://bugzilla.suse.com/1226498"
},
{
"category": "self",
"summary": "SUSE Bug 1229491",
"url": "https://bugzilla.suse.com/1229491"
},
{
"category": "self",
"summary": "SUSE Bug 1230581",
"url": "https://bugzilla.suse.com/1230581"
},
{
"category": "self",
"summary": "SUSE Bug 1231016",
"url": "https://bugzilla.suse.com/1231016"
},
{
"category": "self",
"summary": "SUSE Bug 1232649",
"url": "https://bugzilla.suse.com/1232649"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1233192",
"url": "https://bugzilla.suse.com/1233192"
},
{
"category": "self",
"summary": "SUSE Bug 1234154",
"url": "https://bugzilla.suse.com/1234154"
},
{
"category": "self",
"summary": "SUSE Bug 1235149",
"url": "https://bugzilla.suse.com/1235149"
},
{
"category": "self",
"summary": "SUSE Bug 1235968",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "self",
"summary": "SUSE Bug 1236142",
"url": "https://bugzilla.suse.com/1236142"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238473",
"url": "https://bugzilla.suse.com/1238473"
},
{
"category": "self",
"summary": "SUSE Bug 1238774",
"url": "https://bugzilla.suse.com/1238774"
},
{
"category": "self",
"summary": "SUSE Bug 1238992",
"url": "https://bugzilla.suse.com/1238992"
},
{
"category": "self",
"summary": "SUSE Bug 1239691",
"url": "https://bugzilla.suse.com/1239691"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1240593",
"url": "https://bugzilla.suse.com/1240593"
},
{
"category": "self",
"summary": "SUSE Bug 1240866",
"url": "https://bugzilla.suse.com/1240866"
},
{
"category": "self",
"summary": "SUSE Bug 1240966",
"url": "https://bugzilla.suse.com/1240966"
},
{
"category": "self",
"summary": "SUSE Bug 1241148",
"url": "https://bugzilla.suse.com/1241148"
},
{
"category": "self",
"summary": "SUSE Bug 1241282",
"url": "https://bugzilla.suse.com/1241282"
},
{
"category": "self",
"summary": "SUSE Bug 1241305",
"url": "https://bugzilla.suse.com/1241305"
},
{
"category": "self",
"summary": "SUSE Bug 1241340",
"url": "https://bugzilla.suse.com/1241340"
},
{
"category": "self",
"summary": "SUSE Bug 1241351",
"url": "https://bugzilla.suse.com/1241351"
},
{
"category": "self",
"summary": "SUSE Bug 1241376",
"url": "https://bugzilla.suse.com/1241376"
},
{
"category": "self",
"summary": "SUSE Bug 1241448",
"url": "https://bugzilla.suse.com/1241448"
},
{
"category": "self",
"summary": "SUSE Bug 1241457",
"url": "https://bugzilla.suse.com/1241457"
},
{
"category": "self",
"summary": "SUSE Bug 1241492",
"url": "https://bugzilla.suse.com/1241492"
},
{
"category": "self",
"summary": "SUSE Bug 1241519",
"url": "https://bugzilla.suse.com/1241519"
},
{
"category": "self",
"summary": "SUSE Bug 1241525",
"url": "https://bugzilla.suse.com/1241525"
},
{
"category": "self",
"summary": "SUSE Bug 1241533",
"url": "https://bugzilla.suse.com/1241533"
},
{
"category": "self",
"summary": "SUSE Bug 1241538",
"url": "https://bugzilla.suse.com/1241538"
},
{
"category": "self",
"summary": "SUSE Bug 1241576",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "self",
"summary": "SUSE Bug 1241590",
"url": "https://bugzilla.suse.com/1241590"
},
{
"category": "self",
"summary": "SUSE Bug 1241595",
"url": "https://bugzilla.suse.com/1241595"
},
{
"category": "self",
"summary": "SUSE Bug 1241596",
"url": "https://bugzilla.suse.com/1241596"
},
{
"category": "self",
"summary": "SUSE Bug 1241597",
"url": "https://bugzilla.suse.com/1241597"
},
{
"category": "self",
"summary": "SUSE Bug 1241625",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "self",
"summary": "SUSE Bug 1241627",
"url": "https://bugzilla.suse.com/1241627"
},
{
"category": "self",
"summary": "SUSE Bug 1241635",
"url": "https://bugzilla.suse.com/1241635"
},
{
"category": "self",
"summary": "SUSE Bug 1241638",
"url": "https://bugzilla.suse.com/1241638"
},
{
"category": "self",
"summary": "SUSE Bug 1241644",
"url": "https://bugzilla.suse.com/1241644"
},
{
"category": "self",
"summary": "SUSE Bug 1241654",
"url": "https://bugzilla.suse.com/1241654"
},
{
"category": "self",
"summary": "SUSE Bug 1241657",
"url": "https://bugzilla.suse.com/1241657"
},
{
"category": "self",
"summary": "SUSE Bug 1242006",
"url": "https://bugzilla.suse.com/1242006"
},
{
"category": "self",
"summary": "SUSE Bug 1242012",
"url": "https://bugzilla.suse.com/1242012"
},
{
"category": "self",
"summary": "SUSE Bug 1242035",
"url": "https://bugzilla.suse.com/1242035"
},
{
"category": "self",
"summary": "SUSE Bug 1242044",
"url": "https://bugzilla.suse.com/1242044"
},
{
"category": "self",
"summary": "SUSE Bug 1242203",
"url": "https://bugzilla.suse.com/1242203"
},
{
"category": "self",
"summary": "SUSE Bug 1242343",
"url": "https://bugzilla.suse.com/1242343"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242417",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "self",
"summary": "SUSE Bug 1242501",
"url": "https://bugzilla.suse.com/1242501"
},
{
"category": "self",
"summary": "SUSE Bug 1242502",
"url": "https://bugzilla.suse.com/1242502"
},
{
"category": "self",
"summary": "SUSE Bug 1242506",
"url": "https://bugzilla.suse.com/1242506"
},
{
"category": "self",
"summary": "SUSE Bug 1242507",
"url": "https://bugzilla.suse.com/1242507"
},
{
"category": "self",
"summary": "SUSE Bug 1242509",
"url": "https://bugzilla.suse.com/1242509"
},
{
"category": "self",
"summary": "SUSE Bug 1242510",
"url": "https://bugzilla.suse.com/1242510"
},
{
"category": "self",
"summary": "SUSE Bug 1242512",
"url": "https://bugzilla.suse.com/1242512"
},
{
"category": "self",
"summary": "SUSE Bug 1242513",
"url": "https://bugzilla.suse.com/1242513"
},
{
"category": "self",
"summary": "SUSE Bug 1242514",
"url": "https://bugzilla.suse.com/1242514"
},
{
"category": "self",
"summary": "SUSE Bug 1242520",
"url": "https://bugzilla.suse.com/1242520"
},
{
"category": "self",
"summary": "SUSE Bug 1242523",
"url": "https://bugzilla.suse.com/1242523"
},
{
"category": "self",
"summary": "SUSE Bug 1242524",
"url": "https://bugzilla.suse.com/1242524"
},
{
"category": "self",
"summary": "SUSE Bug 1242529",
"url": "https://bugzilla.suse.com/1242529"
},
{
"category": "self",
"summary": "SUSE Bug 1242530",
"url": "https://bugzilla.suse.com/1242530"
},
{
"category": "self",
"summary": "SUSE Bug 1242531",
"url": "https://bugzilla.suse.com/1242531"
},
{
"category": "self",
"summary": "SUSE Bug 1242532",
"url": "https://bugzilla.suse.com/1242532"
},
{
"category": "self",
"summary": "SUSE Bug 1242559",
"url": "https://bugzilla.suse.com/1242559"
},
{
"category": "self",
"summary": "SUSE Bug 1242563",
"url": "https://bugzilla.suse.com/1242563"
},
{
"category": "self",
"summary": "SUSE Bug 1242564",
"url": "https://bugzilla.suse.com/1242564"
},
{
"category": "self",
"summary": "SUSE Bug 1242565",
"url": "https://bugzilla.suse.com/1242565"
},
{
"category": "self",
"summary": "SUSE Bug 1242566",
"url": "https://bugzilla.suse.com/1242566"
},
{
"category": "self",
"summary": "SUSE Bug 1242567",
"url": "https://bugzilla.suse.com/1242567"
},
{
"category": "self",
"summary": "SUSE Bug 1242568",
"url": "https://bugzilla.suse.com/1242568"
},
{
"category": "self",
"summary": "SUSE Bug 1242569",
"url": "https://bugzilla.suse.com/1242569"
},
{
"category": "self",
"summary": "SUSE Bug 1242574",
"url": "https://bugzilla.suse.com/1242574"
},
{
"category": "self",
"summary": "SUSE Bug 1242575",
"url": "https://bugzilla.suse.com/1242575"
},
{
"category": "self",
"summary": "SUSE Bug 1242578",
"url": "https://bugzilla.suse.com/1242578"
},
{
"category": "self",
"summary": "SUSE Bug 1242584",
"url": "https://bugzilla.suse.com/1242584"
},
{
"category": "self",
"summary": "SUSE Bug 1242585",
"url": "https://bugzilla.suse.com/1242585"
},
{
"category": "self",
"summary": "SUSE Bug 1242587",
"url": "https://bugzilla.suse.com/1242587"
},
{
"category": "self",
"summary": "SUSE Bug 1242591",
"url": "https://bugzilla.suse.com/1242591"
},
{
"category": "self",
"summary": "SUSE Bug 1242709",
"url": "https://bugzilla.suse.com/1242709"
},
{
"category": "self",
"summary": "SUSE Bug 1242727",
"url": "https://bugzilla.suse.com/1242727"
},
{
"category": "self",
"summary": "SUSE Bug 1242758",
"url": "https://bugzilla.suse.com/1242758"
},
{
"category": "self",
"summary": "SUSE Bug 1242760",
"url": "https://bugzilla.suse.com/1242760"
},
{
"category": "self",
"summary": "SUSE Bug 1242761",
"url": "https://bugzilla.suse.com/1242761"
},
{
"category": "self",
"summary": "SUSE Bug 1242762",
"url": "https://bugzilla.suse.com/1242762"
},
{
"category": "self",
"summary": "SUSE Bug 1242763",
"url": "https://bugzilla.suse.com/1242763"
},
{
"category": "self",
"summary": "SUSE Bug 1242764",
"url": "https://bugzilla.suse.com/1242764"
},
{
"category": "self",
"summary": "SUSE Bug 1242766",
"url": "https://bugzilla.suse.com/1242766"
},
{
"category": "self",
"summary": "SUSE Bug 1242770",
"url": "https://bugzilla.suse.com/1242770"
},
{
"category": "self",
"summary": "SUSE Bug 1242778",
"url": "https://bugzilla.suse.com/1242778"
},
{
"category": "self",
"summary": "SUSE Bug 1242781",
"url": "https://bugzilla.suse.com/1242781"
},
{
"category": "self",
"summary": "SUSE Bug 1242782",
"url": "https://bugzilla.suse.com/1242782"
},
{
"category": "self",
"summary": "SUSE Bug 1242785",
"url": "https://bugzilla.suse.com/1242785"
},
{
"category": "self",
"summary": "SUSE Bug 1242786",
"url": "https://bugzilla.suse.com/1242786"
},
{
"category": "self",
"summary": "SUSE Bug 1242792",
"url": "https://bugzilla.suse.com/1242792"
},
{
"category": "self",
"summary": "SUSE Bug 1242852",
"url": "https://bugzilla.suse.com/1242852"
},
{
"category": "self",
"summary": "SUSE Bug 1242854",
"url": "https://bugzilla.suse.com/1242854"
},
{
"category": "self",
"summary": "SUSE Bug 1242856",
"url": "https://bugzilla.suse.com/1242856"
},
{
"category": "self",
"summary": "SUSE Bug 1242859",
"url": "https://bugzilla.suse.com/1242859"
},
{
"category": "self",
"summary": "SUSE Bug 1242860",
"url": "https://bugzilla.suse.com/1242860"
},
{
"category": "self",
"summary": "SUSE Bug 1242861",
"url": "https://bugzilla.suse.com/1242861"
},
{
"category": "self",
"summary": "SUSE Bug 1242866",
"url": "https://bugzilla.suse.com/1242866"
},
{
"category": "self",
"summary": "SUSE Bug 1242867",
"url": "https://bugzilla.suse.com/1242867"
},
{
"category": "self",
"summary": "SUSE Bug 1242868",
"url": "https://bugzilla.suse.com/1242868"
},
{
"category": "self",
"summary": "SUSE Bug 1242871",
"url": "https://bugzilla.suse.com/1242871"
},
{
"category": "self",
"summary": "SUSE Bug 1242873",
"url": "https://bugzilla.suse.com/1242873"
},
{
"category": "self",
"summary": "SUSE Bug 1242875",
"url": "https://bugzilla.suse.com/1242875"
},
{
"category": "self",
"summary": "SUSE Bug 1242906",
"url": "https://bugzilla.suse.com/1242906"
},
{
"category": "self",
"summary": "SUSE Bug 1242908",
"url": "https://bugzilla.suse.com/1242908"
},
{
"category": "self",
"summary": "SUSE Bug 1242924",
"url": "https://bugzilla.suse.com/1242924"
},
{
"category": "self",
"summary": "SUSE Bug 1242930",
"url": "https://bugzilla.suse.com/1242930"
},
{
"category": "self",
"summary": "SUSE Bug 1242944",
"url": "https://bugzilla.suse.com/1242944"
},
{
"category": "self",
"summary": "SUSE Bug 1242945",
"url": "https://bugzilla.suse.com/1242945"
},
{
"category": "self",
"summary": "SUSE Bug 1242948",
"url": "https://bugzilla.suse.com/1242948"
},
{
"category": "self",
"summary": "SUSE Bug 1242949",
"url": "https://bugzilla.suse.com/1242949"
},
{
"category": "self",
"summary": "SUSE Bug 1242951",
"url": "https://bugzilla.suse.com/1242951"
},
{
"category": "self",
"summary": "SUSE Bug 1242953",
"url": "https://bugzilla.suse.com/1242953"
},
{
"category": "self",
"summary": "SUSE Bug 1242955",
"url": "https://bugzilla.suse.com/1242955"
},
{
"category": "self",
"summary": "SUSE Bug 1242957",
"url": "https://bugzilla.suse.com/1242957"
},
{
"category": "self",
"summary": "SUSE Bug 1242959",
"url": "https://bugzilla.suse.com/1242959"
},
{
"category": "self",
"summary": "SUSE Bug 1242961",
"url": "https://bugzilla.suse.com/1242961"
},
{
"category": "self",
"summary": "SUSE Bug 1242962",
"url": "https://bugzilla.suse.com/1242962"
},
{
"category": "self",
"summary": "SUSE Bug 1242973",
"url": "https://bugzilla.suse.com/1242973"
},
{
"category": "self",
"summary": "SUSE Bug 1242974",
"url": "https://bugzilla.suse.com/1242974"
},
{
"category": "self",
"summary": "SUSE Bug 1242977",
"url": "https://bugzilla.suse.com/1242977"
},
{
"category": "self",
"summary": "SUSE Bug 1242990",
"url": "https://bugzilla.suse.com/1242990"
},
{
"category": "self",
"summary": "SUSE Bug 1242993",
"url": "https://bugzilla.suse.com/1242993"
},
{
"category": "self",
"summary": "SUSE Bug 1243000",
"url": "https://bugzilla.suse.com/1243000"
},
{
"category": "self",
"summary": "SUSE Bug 1243006",
"url": "https://bugzilla.suse.com/1243006"
},
{
"category": "self",
"summary": "SUSE Bug 1243011",
"url": "https://bugzilla.suse.com/1243011"
},
{
"category": "self",
"summary": "SUSE Bug 1243015",
"url": "https://bugzilla.suse.com/1243015"
},
{
"category": "self",
"summary": "SUSE Bug 1243044",
"url": "https://bugzilla.suse.com/1243044"
},
{
"category": "self",
"summary": "SUSE Bug 1243049",
"url": "https://bugzilla.suse.com/1243049"
},
{
"category": "self",
"summary": "SUSE Bug 1243056",
"url": "https://bugzilla.suse.com/1243056"
},
{
"category": "self",
"summary": "SUSE Bug 1243074",
"url": "https://bugzilla.suse.com/1243074"
},
{
"category": "self",
"summary": "SUSE Bug 1243076",
"url": "https://bugzilla.suse.com/1243076"
},
{
"category": "self",
"summary": "SUSE Bug 1243077",
"url": "https://bugzilla.suse.com/1243077"
},
{
"category": "self",
"summary": "SUSE Bug 1243082",
"url": "https://bugzilla.suse.com/1243082"
},
{
"category": "self",
"summary": "SUSE Bug 1243090",
"url": "https://bugzilla.suse.com/1243090"
},
{
"category": "self",
"summary": "SUSE Bug 1243330",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243456",
"url": "https://bugzilla.suse.com/1243456"
},
{
"category": "self",
"summary": "SUSE Bug 1243469",
"url": "https://bugzilla.suse.com/1243469"
},
{
"category": "self",
"summary": "SUSE Bug 1243470",
"url": "https://bugzilla.suse.com/1243470"
},
{
"category": "self",
"summary": "SUSE Bug 1243471",
"url": "https://bugzilla.suse.com/1243471"
},
{
"category": "self",
"summary": "SUSE Bug 1243472",
"url": "https://bugzilla.suse.com/1243472"
},
{
"category": "self",
"summary": "SUSE Bug 1243473",
"url": "https://bugzilla.suse.com/1243473"
},
{
"category": "self",
"summary": "SUSE Bug 1243476",
"url": "https://bugzilla.suse.com/1243476"
},
{
"category": "self",
"summary": "SUSE Bug 1243509",
"url": "https://bugzilla.suse.com/1243509"
},
{
"category": "self",
"summary": "SUSE Bug 1243511",
"url": "https://bugzilla.suse.com/1243511"
},
{
"category": "self",
"summary": "SUSE Bug 1243513",
"url": "https://bugzilla.suse.com/1243513"
},
{
"category": "self",
"summary": "SUSE Bug 1243515",
"url": "https://bugzilla.suse.com/1243515"
},
{
"category": "self",
"summary": "SUSE Bug 1243516",
"url": "https://bugzilla.suse.com/1243516"
},
{
"category": "self",
"summary": "SUSE Bug 1243517",
"url": "https://bugzilla.suse.com/1243517"
},
{
"category": "self",
"summary": "SUSE Bug 1243519",
"url": "https://bugzilla.suse.com/1243519"
},
{
"category": "self",
"summary": "SUSE Bug 1243522",
"url": "https://bugzilla.suse.com/1243522"
},
{
"category": "self",
"summary": "SUSE Bug 1243524",
"url": "https://bugzilla.suse.com/1243524"
},
{
"category": "self",
"summary": "SUSE Bug 1243528",
"url": "https://bugzilla.suse.com/1243528"
},
{
"category": "self",
"summary": "SUSE Bug 1243529",
"url": "https://bugzilla.suse.com/1243529"
},
{
"category": "self",
"summary": "SUSE Bug 1243530",
"url": "https://bugzilla.suse.com/1243530"
},
{
"category": "self",
"summary": "SUSE Bug 1243534",
"url": "https://bugzilla.suse.com/1243534"
},
{
"category": "self",
"summary": "SUSE Bug 1243536",
"url": "https://bugzilla.suse.com/1243536"
},
{
"category": "self",
"summary": "SUSE Bug 1243539",
"url": "https://bugzilla.suse.com/1243539"
},
{
"category": "self",
"summary": "SUSE Bug 1243540",
"url": "https://bugzilla.suse.com/1243540"
},
{
"category": "self",
"summary": "SUSE Bug 1243541",
"url": "https://bugzilla.suse.com/1243541"
},
{
"category": "self",
"summary": "SUSE Bug 1243543",
"url": "https://bugzilla.suse.com/1243543"
},
{
"category": "self",
"summary": "SUSE Bug 1243545",
"url": "https://bugzilla.suse.com/1243545"
},
{
"category": "self",
"summary": "SUSE Bug 1243547",
"url": "https://bugzilla.suse.com/1243547"
},
{
"category": "self",
"summary": "SUSE Bug 1243559",
"url": "https://bugzilla.suse.com/1243559"
},
{
"category": "self",
"summary": "SUSE Bug 1243560",
"url": "https://bugzilla.suse.com/1243560"
},
{
"category": "self",
"summary": "SUSE Bug 1243562",
"url": "https://bugzilla.suse.com/1243562"
},
{
"category": "self",
"summary": "SUSE Bug 1243567",
"url": "https://bugzilla.suse.com/1243567"
},
{
"category": "self",
"summary": "SUSE Bug 1243573",
"url": "https://bugzilla.suse.com/1243573"
},
{
"category": "self",
"summary": "SUSE Bug 1243574",
"url": "https://bugzilla.suse.com/1243574"
},
{
"category": "self",
"summary": "SUSE Bug 1243575",
"url": "https://bugzilla.suse.com/1243575"
},
{
"category": "self",
"summary": "SUSE Bug 1243589",
"url": "https://bugzilla.suse.com/1243589"
},
{
"category": "self",
"summary": "SUSE Bug 1243621",
"url": "https://bugzilla.suse.com/1243621"
},
{
"category": "self",
"summary": "SUSE Bug 1243624",
"url": "https://bugzilla.suse.com/1243624"
},
{
"category": "self",
"summary": "SUSE Bug 1243625",
"url": "https://bugzilla.suse.com/1243625"
},
{
"category": "self",
"summary": "SUSE Bug 1243626",
"url": "https://bugzilla.suse.com/1243626"
},
{
"category": "self",
"summary": "SUSE Bug 1243627",
"url": "https://bugzilla.suse.com/1243627"
},
{
"category": "self",
"summary": "SUSE Bug 1243649",
"url": "https://bugzilla.suse.com/1243649"
},
{
"category": "self",
"summary": "SUSE Bug 1243657",
"url": "https://bugzilla.suse.com/1243657"
},
{
"category": "self",
"summary": "SUSE Bug 1243658",
"url": "https://bugzilla.suse.com/1243658"
},
{
"category": "self",
"summary": "SUSE Bug 1243659",
"url": "https://bugzilla.suse.com/1243659"
},
{
"category": "self",
"summary": "SUSE Bug 1243660",
"url": "https://bugzilla.suse.com/1243660"
},
{
"category": "self",
"summary": "SUSE Bug 1243664",
"url": "https://bugzilla.suse.com/1243664"
},
{
"category": "self",
"summary": "SUSE Bug 1243737",
"url": "https://bugzilla.suse.com/1243737"
},
{
"category": "self",
"summary": "SUSE Bug 1243805",
"url": "https://bugzilla.suse.com/1243805"
},
{
"category": "self",
"summary": "SUSE Bug 1243963",
"url": "https://bugzilla.suse.com/1243963"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53146 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46713 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50223 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53135 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54458 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58098 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58100 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21629 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21648 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21919 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22030 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22056 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22063 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22070 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22089 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22095 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22124 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22126 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23147 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23148 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23150 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23151 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23157 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23158 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23159 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23161 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37740 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37748 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37769 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37771 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37788 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37789 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37803 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37805 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37809 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37841 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37849 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37851 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37867 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37879 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37897 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37900 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37901 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37903 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37929 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37944 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37949 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37954 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37958 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37974 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37980 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37982 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37983 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37986 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37989 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37990 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38152 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38240 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40325 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40325/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-06-16T14:54:36Z",
"generator": {
"date": "2025-06-16T14:54:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01965-1",
"initial_release_date": "2025-06-16T14:54:36Z",
"revision_history": [
{
"date": "2025-06-16T14:54:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"product": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"product_id": "cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"product": {
"name": "dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"product_id": "dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"product": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"product_id": "gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.4.0-150600.8.40.1.aarch64",
"product": {
"name": "kernel-azure-6.4.0-150600.8.40.1.aarch64",
"product_id": "kernel-azure-6.4.0-150600.8.40.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"product": {
"name": "kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"product_id": "kernel-azure-devel-6.4.0-150600.8.40.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"product": {
"name": "kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"product_id": "kernel-azure-extra-6.4.0-150600.8.40.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"product": {
"name": "kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"product_id": "kernel-azure-optional-6.4.0-150600.8.40.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"product": {
"name": "kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"product_id": "kernel-syms-azure-6.4.0-150600.8.40.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"product": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"product_id": "kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"product": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"product_id": "ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"product": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"product_id": "reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"product": {
"name": "kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"product_id": "kernel-devel-azure-6.4.0-150600.8.40.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"product": {
"name": "kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"product_id": "kernel-source-azure-6.4.0-150600.8.40.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"product_id": "cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"product": {
"name": "dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"product_id": "dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"product_id": "gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.4.0-150600.8.40.1.x86_64",
"product": {
"name": "kernel-azure-6.4.0-150600.8.40.1.x86_64",
"product_id": "kernel-azure-6.4.0-150600.8.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"product": {
"name": "kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"product_id": "kernel-azure-devel-6.4.0-150600.8.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"product": {
"name": "kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"product_id": "kernel-azure-extra-6.4.0-150600.8.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"product": {
"name": "kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"product_id": "kernel-azure-optional-6.4.0-150600.8.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"product": {
"name": "kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"product_id": "kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"product": {
"name": "kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"product_id": "kernel-syms-azure-6.4.0-150600.8.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"product_id": "kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"product_id": "ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"product": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"product_id": "reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.40.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.40.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.40.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.40.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.40.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-6.4.0-150600.8.40.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch"
},
"product_reference": "kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-6.4.0-150600.8.40.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch"
},
"product_reference": "kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.40.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.40.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64"
},
"product_reference": "cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64"
},
"product_reference": "cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64"
},
"product_reference": "dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64"
},
"product_reference": "dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64"
},
"product_reference": "gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64"
},
"product_reference": "gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.40.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.40.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.40.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.40.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.40.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.40.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-6.4.0-150600.8.40.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64"
},
"product_reference": "kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-6.4.0-150600.8.40.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64"
},
"product_reference": "kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-6.4.0-150600.8.40.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64"
},
"product_reference": "kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-6.4.0-150600.8.40.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64"
},
"product_reference": "kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64"
},
"product_reference": "kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-6.4.0-150600.8.40.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch"
},
"product_reference": "kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-6.4.0-150600.8.40.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch"
},
"product_reference": "kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.40.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.40.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64"
},
"product_reference": "kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64"
},
"product_reference": "kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64"
},
"product_reference": "ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64"
},
"product_reference": "ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64"
},
"product_reference": "reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
},
"product_reference": "reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()\n\nIn dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach dw2102_i2c_transfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 950e252cb469\n(\"[media] dw2102: limit messages to buffer size\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53146",
"url": "https://www.suse.com/security/cve/CVE-2023-53146"
},
{
"category": "external",
"summary": "SUSE Bug 1220112 for CVE-2023-53146",
"url": "https://bugzilla.suse.com/1220112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2023-53146"
},
{
"cve": "CVE-2024-28956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28956"
}
],
"notes": [
{
"category": "general",
"text": "Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28956",
"url": "https://www.suse.com/security/cve/CVE-2024-28956"
},
{
"category": "external",
"summary": "SUSE Bug 1242006 for CVE-2024-28956",
"url": "https://bugzilla.suse.com/1242006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2024-28956"
},
{
"cve": "CVE-2024-43869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix event leak upon exec and file release\n\nThe perf pending task work is never waited upon the matching event\nrelease. In the case of a child event, released via free_event()\ndirectly, this can potentially result in a leaked event, such as in the\nfollowing scenario that doesn\u0027t even require a weak IRQ work\nimplementation to trigger:\n\nschedule()\n prepare_task_switch()\n=======\u003e \u003cNMI\u003e\n perf_event_overflow()\n event-\u003epending_sigtrap = ...\n irq_work_queue(\u0026event-\u003epending_irq)\n\u003c======= \u003c/NMI\u003e\n perf_event_task_sched_out()\n event_sched_out()\n event-\u003epending_sigtrap = 0;\n atomic_long_inc_not_zero(\u0026event-\u003erefcount)\n task_work_add(\u0026event-\u003epending_task)\n finish_lock_switch()\n=======\u003e \u003cIRQ\u003e\n perf_pending_irq()\n //do nothing, rely on pending task work\n\u003c======= \u003c/IRQ\u003e\n\nbegin_new_exec()\n perf_event_exit_task()\n perf_event_exit_event()\n // If is child event\n free_event()\n WARN(atomic_long_cmpxchg(\u0026event-\u003erefcount, 1, 0) != 1)\n // event is leaked\n\nSimilar scenarios can also happen with perf_event_remove_on_exec() or\nsimply against concurrent perf_event_release().\n\nFix this with synchonizing against the possibly remaining pending task\nwork while freeing the event, just like is done with remaining pending\nIRQ work. This means that the pending task callback neither need nor\nshould hold a reference to the event, preventing it from ever beeing\nfreed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43869",
"url": "https://www.suse.com/security/cve/CVE-2024-43869"
},
{
"category": "external",
"summary": "SUSE Bug 1229491 for CVE-2024-43869",
"url": "https://bugzilla.suse.com/1229491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2024-43869"
},
{
"cve": "CVE-2024-46713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/aux: Fix AUX buffer serialization\n\nOle reported that event-\u003emmap_mutex is strictly insufficient to\nserialize the AUX buffer, add a per RB mutex to fully serialize it.\n\nNote that in the lock order comment the perf_event::mmap_mutex order\nwas already wrong, that is, it nesting under mmap_lock is not new with\nthis patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46713",
"url": "https://www.suse.com/security/cve/CVE-2024-46713"
},
{
"category": "external",
"summary": "SUSE Bug 1230581 for CVE-2024-46713",
"url": "https://bugzilla.suse.com/1230581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2024-46713"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.com/1232882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2024-50106"
},
{
"cve": "CVE-2024-50223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50223"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: Fix the potential null pointer dereference in task_numa_work()\n\nWhen running stress-ng-vm-segv test, we found a null pointer dereference\nerror in task_numa_work(). Here is the backtrace:\n\n [323676.066985] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ......\n [323676.067108] CPU: 35 PID: 2694524 Comm: stress-ng-vm-se\n ......\n [323676.067113] pstate: 23401009 (nzCv daif +PAN -UAO +TCO +DIT +SSBS BTYPE=--)\n [323676.067115] pc : vma_migratable+0x1c/0xd0\n [323676.067122] lr : task_numa_work+0x1ec/0x4e0\n [323676.067127] sp : ffff8000ada73d20\n [323676.067128] x29: ffff8000ada73d20 x28: 0000000000000000 x27: 000000003e89f010\n [323676.067130] x26: 0000000000080000 x25: ffff800081b5c0d8 x24: ffff800081b27000\n [323676.067133] x23: 0000000000010000 x22: 0000000104d18cc0 x21: ffff0009f7158000\n [323676.067135] x20: 0000000000000000 x19: 0000000000000000 x18: ffff8000ada73db8\n [323676.067138] x17: 0001400000000000 x16: ffff800080df40b0 x15: 0000000000000035\n [323676.067140] x14: ffff8000ada73cc8 x13: 1fffe0017cc72001 x12: ffff8000ada73cc8\n [323676.067142] x11: ffff80008001160c x10: ffff000be639000c x9 : ffff8000800f4ba4\n [323676.067145] x8 : ffff000810375000 x7 : ffff8000ada73974 x6 : 0000000000000001\n [323676.067147] x5 : 0068000b33e26707 x4 : 0000000000000001 x3 : ffff0009f7158000\n [323676.067149] x2 : 0000000000000041 x1 : 0000000000004400 x0 : 0000000000000000\n [323676.067152] Call trace:\n [323676.067153] vma_migratable+0x1c/0xd0\n [323676.067155] task_numa_work+0x1ec/0x4e0\n [323676.067157] task_work_run+0x78/0xd8\n [323676.067161] do_notify_resume+0x1ec/0x290\n [323676.067163] el0_svc+0x150/0x160\n [323676.067167] el0t_64_sync_handler+0xf8/0x128\n [323676.067170] el0t_64_sync+0x17c/0x180\n [323676.067173] Code: d2888001 910003fd f9000bf3 aa0003f3 (f9401000)\n [323676.067177] SMP: stopping secondary CPUs\n [323676.070184] Starting crashdump kernel...\n\nstress-ng-vm-segv in stress-ng is used to stress test the SIGSEGV error\nhandling function of the system, which tries to cause a SIGSEGV error on\nreturn from unmapping the whole address space of the child process.\n\nNormally this program will not cause kernel crashes. But before the\nmunmap system call returns to user mode, a potential task_numa_work()\nfor numa balancing could be added and executed. In this scenario, since the\nchild process has no vma after munmap, the vma_next() in task_numa_work()\nwill return a null pointer even if the vma iterator restarts from 0.\n\nRecheck the vma pointer before dereferencing it in task_numa_work().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50223",
"url": "https://www.suse.com/security/cve/CVE-2024-50223"
},
{
"category": "external",
"summary": "SUSE Bug 1233192 for CVE-2024-50223",
"url": "https://bugzilla.suse.com/1233192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2024-50223"
},
{
"cve": "CVE-2024-53135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN\n\nHide KVM\u0027s pt_mode module param behind CONFIG_BROKEN, i.e. disable support\nfor virtualizing Intel PT via guest/host mode unless BROKEN=y. There are\nmyriad bugs in the implementation, some of which are fatal to the guest,\nand others which put the stability and health of the host at risk.\n\nFor guest fatalities, the most glaring issue is that KVM fails to ensure\ntracing is disabled, and *stays* disabled prior to VM-Enter, which is\nnecessary as hardware disallows loading (the guest\u0027s) RTIT_CTL if tracing\nis enabled (enforced via a VMX consistency check). Per the SDM:\n\n If the logical processor is operating with Intel PT enabled (if\n IA32_RTIT_CTL.TraceEn = 1) at the time of VM entry, the \"load\n IA32_RTIT_CTL\" VM-entry control must be 0.\n\nOn the host side, KVM doesn\u0027t validate the guest CPUID configuration\nprovided by userspace, and even worse, uses the guest configuration to\ndecide what MSRs to save/load at VM-Enter and VM-Exit. E.g. configuring\nguest CPUID to enumerate more address ranges than are supported in hardware\nwill result in KVM trying to passthrough, save, and load non-existent MSRs,\nwhich generates a variety of WARNs, ToPA ERRORs in the host, a potential\ndeadlock, etc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53135",
"url": "https://www.suse.com/security/cve/CVE-2024-53135"
},
{
"category": "external",
"summary": "SUSE Bug 1234154 for CVE-2024-53135",
"url": "https://bugzilla.suse.com/1234154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2024-53135"
},
{
"cve": "CVE-2024-54458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: bsg: Set bsg_queue to NULL after removal\n\nCurrently, this does not cause any issues, but I believe it is necessary to\nset bsg_queue to NULL after removing it to prevent potential use-after-free\n(UAF) access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54458",
"url": "https://www.suse.com/security/cve/CVE-2024-54458"
},
{
"category": "external",
"summary": "SUSE Bug 1238992 for CVE-2024-54458",
"url": "https://bugzilla.suse.com/1238992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2024-54458"
},
{
"cve": "CVE-2024-58098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: track changes_pkt_data property for global functions\n\nWhen processing calls to certain helpers, verifier invalidates all\npacket pointers in a current state. For example, consider the\nfollowing program:\n\n __attribute__((__noinline__))\n long skb_pull_data(struct __sk_buff *sk, __u32 len)\n {\n return bpf_skb_pull_data(sk, len);\n }\n\n SEC(\"tc\")\n int test_invalidate_checks(struct __sk_buff *sk)\n {\n int *p = (void *)(long)sk-\u003edata;\n if ((void *)(p + 1) \u003e (void *)(long)sk-\u003edata_end) return TCX_DROP;\n skb_pull_data(sk, 0);\n *p = 42;\n return TCX_PASS;\n }\n\nAfter a call to bpf_skb_pull_data() the pointer \u0027p\u0027 can\u0027t be used\nsafely. See function filter.c:bpf_helper_changes_pkt_data() for a list\nof such helpers.\n\nAt the moment verifier invalidates packet pointers when processing\nhelper function calls, and does not traverse global sub-programs when\nprocessing calls to global sub-programs. This means that calls to\nhelpers done from global sub-programs do not invalidate pointers in\nthe caller state. E.g. the program above is unsafe, but is not\nrejected by verifier.\n\nThis commit fixes the omission by computing field\nbpf_subprog_info-\u003echanges_pkt_data for each sub-program before main\nverification pass.\nchanges_pkt_data should be set if:\n- subprogram calls helper for which bpf_helper_changes_pkt_data\n returns true;\n- subprogram calls a global function,\n for which bpf_subprog_info-\u003echanges_pkt_data should be set.\n\nThe verifier.c:check_cfg() pass is modified to compute this\ninformation. The commit relies on depth first instruction traversal\ndone by check_cfg() and absence of recursive function calls:\n- check_cfg() would eventually visit every call to subprogram S in a\n state when S is fully explored;\n- when S is fully explored:\n - every direct helper call within S is explored\n (and thus changes_pkt_data is set if needed);\n - every call to subprogram S1 called by S was visited with S1 fully\n explored (and thus S inherits changes_pkt_data from S1).\n\nThe downside of such approach is that dead code elimination is not\ntaken into account: if a helper call inside global function is dead\nbecause of current configuration, verifier would conservatively assume\nthat the call occurs for the purpose of the changes_pkt_data\ncomputation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58098",
"url": "https://www.suse.com/security/cve/CVE-2024-58098"
},
{
"category": "external",
"summary": "SUSE Bug 1242565 for CVE-2024-58098",
"url": "https://bugzilla.suse.com/1242565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2024-58098"
},
{
"cve": "CVE-2024-58099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame\n\nAndrew and Nikolay reported connectivity issues with Cilium\u0027s service\nload-balancing in case of vmxnet3.\n\nIf a BPF program for native XDP adds an encapsulation header such as\nIPIP and transmits the packet out the same interface, then in case\nof vmxnet3 a corrupted packet is being sent and subsequently dropped\non the path.\n\nvmxnet3_xdp_xmit_frame() which is called e.g. via vmxnet3_run_xdp()\nthrough vmxnet3_xdp_xmit_back() calculates an incorrect DMA address:\n\n page = virt_to_page(xdpf-\u003edata);\n tbi-\u003edma_addr = page_pool_get_dma_addr(page) +\n VMXNET3_XDP_HEADROOM;\n dma_sync_single_for_device(\u0026adapter-\u003epdev-\u003edev,\n tbi-\u003edma_addr, buf_size,\n DMA_TO_DEVICE);\n\nThe above assumes a fixed offset (VMXNET3_XDP_HEADROOM), but the XDP\nBPF program could have moved xdp-\u003edata. While the passed buf_size is\ncorrect (xdpf-\u003elen), the dma_addr needs to have a dynamic offset which\ncan be calculated as xdpf-\u003edata - (void *)xdpf, that is, xdp-\u003edata -\nxdp-\u003edata_hard_start.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58099",
"url": "https://www.suse.com/security/cve/CVE-2024-58099"
},
{
"category": "external",
"summary": "SUSE Bug 1242035 for CVE-2024-58099",
"url": "https://bugzilla.suse.com/1242035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2024-58099"
},
{
"cve": "CVE-2024-58100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: check changes_pkt_data property for extension programs\n\nWhen processing calls to global sub-programs, verifier decides whether\nto invalidate all packet pointers in current state depending on the\nchanges_pkt_data property of the global sub-program.\n\nBecause of this, an extension program replacing a global sub-program\nmust be compatible with changes_pkt_data property of the sub-program\nbeing replaced.\n\nThis commit:\n- adds changes_pkt_data flag to struct bpf_prog_aux:\n - this flag is set in check_cfg() for main sub-program;\n - in jit_subprogs() for other sub-programs;\n- modifies bpf_check_attach_btf_id() to check changes_pkt_data flag;\n- moves call to check_attach_btf_id() after the call to check_cfg(),\n because it needs changes_pkt_data flag to be set:\n\n bpf_check:\n ... ...\n - check_attach_btf_id resolve_pseudo_ldimm64\n resolve_pseudo_ldimm64 --\u003e bpf_prog_is_offloaded\n bpf_prog_is_offloaded check_cfg\n check_cfg + check_attach_btf_id\n ... ...\n\nThe following fields are set by check_attach_btf_id():\n- env-\u003eops\n- prog-\u003eaux-\u003eattach_btf_trace\n- prog-\u003eaux-\u003eattach_func_name\n- prog-\u003eaux-\u003eattach_func_proto\n- prog-\u003eaux-\u003edst_trampoline\n- prog-\u003eaux-\u003emod\n- prog-\u003eaux-\u003esaved_dst_attach_type\n- prog-\u003eaux-\u003esaved_dst_prog_type\n- prog-\u003eexpected_attach_type\n\nNeither of these fields are used by resolve_pseudo_ldimm64() or\nbpf_prog_offload_verifier_prep() (for netronome and netdevsim\ndrivers), so the reordering is safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58100",
"url": "https://www.suse.com/security/cve/CVE-2024-58100"
},
{
"category": "external",
"summary": "SUSE Bug 1242564 for CVE-2024-58100",
"url": "https://bugzilla.suse.com/1242564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2024-58100"
},
{
"cve": "CVE-2024-58237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: consider that tail calls invalidate packet pointers\n\nTail-called programs could execute any of the helpers that invalidate\npacket pointers. Hence, conservatively assume that each tail call\ninvalidates packet pointers.\n\nMaking the change in bpf_helper_changes_pkt_data() automatically makes\nuse of check_cfg() logic that computes \u0027changes_pkt_data\u0027 effect for\nglobal sub-programs, such that the following program could be\nrejected:\n\n int tail_call(struct __sk_buff *sk)\n {\n \tbpf_tail_call_static(sk, \u0026jmp_table, 0);\n \treturn 0;\n }\n\n SEC(\"tc\")\n int not_safe(struct __sk_buff *sk)\n {\n \tint *p = (void *)(long)sk-\u003edata;\n \t... make p valid ...\n \ttail_call(sk);\n \t*p = 42; /* this is unsafe */\n \t...\n }\n\nThe tc_bpf2bpf.c:subprog_tc() needs change: mark it as a function that\ncan invalidate packet pointers. Otherwise, it can\u0027t be freplaced with\ntailcall_freplace.c:entry_freplace() that does a tail call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58237",
"url": "https://www.suse.com/security/cve/CVE-2024-58237"
},
{
"category": "external",
"summary": "SUSE Bug 1242574 for CVE-2024-58237",
"url": "https://bugzilla.suse.com/1242574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2024-58237"
},
{
"cve": "CVE-2025-21629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\n\nThe blamed commit disabled hardware offoad of IPv6 packets with\nextension headers on devices that advertise NETIF_F_IPV6_CSUM,\nbased on the definition of that feature in skbuff.h:\n\n * * - %NETIF_F_IPV6_CSUM\n * - Driver (device) is only able to checksum plain\n * TCP or UDP packets over IPv6. These are specifically\n * unencapsulated packets of the form IPv6|TCP or\n * IPv6|UDP where the Next Header field in the IPv6\n * header is either TCP or UDP. IPv6 extension headers\n * are not supported with this feature. This feature\n * cannot be set in features for a device with\n * NETIF_F_HW_CSUM also set. This feature is being\n * DEPRECATED (see below).\n\nThe change causes skb_warn_bad_offload to fire for BIG TCP\npackets.\n\n[ 496.310233] WARNING: CPU: 13 PID: 23472 at net/core/dev.c:3129 skb_warn_bad_offload+0xc4/0xe0\n\n[ 496.310297] ? skb_warn_bad_offload+0xc4/0xe0\n[ 496.310300] skb_checksum_help+0x129/0x1f0\n[ 496.310303] skb_csum_hwoffload_help+0x150/0x1b0\n[ 496.310306] validate_xmit_skb+0x159/0x270\n[ 496.310309] validate_xmit_skb_list+0x41/0x70\n[ 496.310312] sch_direct_xmit+0x5c/0x250\n[ 496.310317] __qdisc_run+0x388/0x620\n\nBIG TCP introduced an IPV6_TLV_JUMBO IPv6 extension header to\ncommunicate packet length, as this is an IPv6 jumbogram. But, the\nfeature is only enabled on devices that support BIG TCP TSO. The\nheader is only present for PF_PACKET taps like tcpdump, and not\ntransmitted by physical devices.\n\nFor this specific case of extension headers that are not\ntransmitted, return to the situation before the blamed commit\nand support hardware offload.\n\nipv6_has_hopopt_jumbo() tests not only whether this header is present,\nbut also that it is the only extension header before a terminal (L4)\nheader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21629",
"url": "https://www.suse.com/security/cve/CVE-2025-21629"
},
{
"category": "external",
"summary": "SUSE Bug 1235968 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "external",
"summary": "SUSE Bug 1244722 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1244722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "important"
}
],
"title": "CVE-2025-21629"
},
{
"cve": "CVE-2025-21648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\n\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\nresizing hashtable because __GFP_NOWARN is unset. See:\n\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\n\nNote: hashtable resize is only possible from init_netns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21648",
"url": "https://www.suse.com/security/cve/CVE-2025-21648"
},
{
"category": "external",
"summary": "SUSE Bug 1236142 for CVE-2025-21648",
"url": "https://bugzilla.suse.com/1236142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-21648"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: better TEAM_OPTION_TYPE_STRING validation\n\nsyzbot reported following splat [1]\n\nMake sure user-provided data contains one nul byte.\n\n[1]\n BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inline]\n BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714\n string_nocheck lib/vsprintf.c:633 [inline]\n string+0x3ec/0x5f0 lib/vsprintf.c:714\n vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843\n __request_module+0x252/0x9f0 kernel/module/kmod.c:149\n team_mode_get drivers/net/team/team_core.c:480 [inline]\n team_change_mode drivers/net/team/team_core.c:607 [inline]\n team_mode_option_set+0x437/0x970 drivers/net/team/team_core.c:1401\n team_option_set drivers/net/team/team_core.c:375 [inline]\n team_nl_options_set_doit+0x1339/0x1f90 drivers/net/team/team_core.c:2662\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x1214/0x12c0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2543\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:733\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2573\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2627\n __sys_sendmsg net/socket.c:2659 [inline]\n __do_sys_sendmsg net/socket.c:2664 [inline]\n __se_sys_sendmsg net/socket.c:2662 [inline]\n __x64_sys_sendmsg+0x212/0x3c0 net/socket.c:2662\n x64_sys_call+0x2ed6/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21787",
"url": "https://www.suse.com/security/cve/CVE-2025-21787"
},
{
"category": "external",
"summary": "SUSE Bug 1238774 for CVE-2025-21787",
"url": "https://bugzilla.suse.com/1238774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-21787"
},
{
"cve": "CVE-2025-21814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: Ensure info-\u003eenable callback is always set\n\nThe ioctl and sysfs handlers unconditionally call the -\u003eenable callback.\nNot all drivers implement that callback, leading to NULL dereferences.\nExample of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c.\n\nInstead use a dummy callback if no better was specified by the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21814",
"url": "https://www.suse.com/security/cve/CVE-2025-21814"
},
{
"category": "external",
"summary": "SUSE Bug 1238473 for CVE-2025-21814",
"url": "https://bugzilla.suse.com/1238473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-21814"
},
{
"cve": "CVE-2025-21919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Fix potential memory corruption in child_cfs_rq_on_list\n\nchild_cfs_rq_on_list attempts to convert a \u0027prev\u0027 pointer to a cfs_rq.\nThis \u0027prev\u0027 pointer can originate from struct rq\u0027s leaf_cfs_rq_list,\nmaking the conversion invalid and potentially leading to memory\ncorruption. Depending on the relative positions of leaf_cfs_rq_list and\nthe task group (tg) pointer within the struct, this can cause a memory\nfault or access garbage data.\n\nThe issue arises in list_add_leaf_cfs_rq, where both\ncfs_rq-\u003eleaf_cfs_rq_list and rq-\u003eleaf_cfs_rq_list are added to the same\nleaf list. Also, rq-\u003etmp_alone_branch can be set to rq-\u003eleaf_cfs_rq_list.\n\nThis adds a check `if (prev == \u0026rq-\u003eleaf_cfs_rq_list)` after the main\nconditional in child_cfs_rq_on_list. This ensures that the container_of\noperation will convert a correct cfs_rq struct.\n\nThis check is sufficient because only cfs_rqs on the same CPU are added\nto the list, so verifying the \u0027prev\u0027 pointer against the current rq\u0027s list\nhead is enough.\n\nFixes a potential memory corruption issue that due to current struct\nlayout might not be manifesting as a crash but could lead to unpredictable\nbehavior when the layout changes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21919",
"url": "https://www.suse.com/security/cve/CVE-2025-21919"
},
{
"category": "external",
"summary": "SUSE Bug 1240593 for CVE-2025-21919",
"url": "https://bugzilla.suse.com/1240593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-21919"
},
{
"cve": "CVE-2025-22005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().\n\nfib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything\nwhen it fails.\n\nCommit 7dd73168e273 (\"ipv6: Always allocate pcpu memory in a fib6_nh\")\nmoved fib_nh_common_init() before alloc_percpu_gfp() within fib6_nh_init()\nbut forgot to add cleanup for fib6_nh-\u003enh_common.nhc_pcpu_rth_output in\ncase it fails to allocate fib6_nh-\u003ert6i_pcpu, resulting in memleak.\n\nLet\u0027s call fib_nh_common_release() and clear nhc_pcpu_rth_output in the\nerror path.\n\nNote that we can remove the fib6_nh_release() call in nh_create_ipv6()\nlater in net-next.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22005",
"url": "https://www.suse.com/security/cve/CVE-2025-22005"
},
{
"category": "external",
"summary": "SUSE Bug 1240866 for CVE-2025-22005",
"url": "https://bugzilla.suse.com/1240866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-22005"
},
{
"cve": "CVE-2025-22021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: socket: Lookup orig tuple for IPv6 SNAT\n\nnf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to\nrestore the original 5-tuple in case of SNAT, to be able to find the\nright socket (if any). Then socket_match() can correctly check whether\nthe socket was transparent.\n\nHowever, the IPv6 counterpart (nf_sk_lookup_slow_v6) lacks this\nconntrack lookup, making xt_socket fail to match on the socket when the\npacket was SNATed. Add the same logic to nf_sk_lookup_slow_v6.\n\nIPv6 SNAT is used in Kubernetes clusters for pod-to-world packets, as\npods\u0027 addresses are in the fd00::/8 ULA subnet and need to be replaced\nwith the node\u0027s external address. Cilium leverages Envoy to enforce L7\npolicies, and Envoy uses transparent sockets. Cilium inserts an iptables\nprerouting rule that matches on `-m socket --transparent` and redirects\nthe packets to localhost, but it fails to match SNATed IPv6 packets due\nto that missing conntrack lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22021",
"url": "https://www.suse.com/security/cve/CVE-2025-22021"
},
{
"category": "external",
"summary": "SUSE Bug 1241282 for CVE-2025-22021",
"url": "https://bugzilla.suse.com/1241282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "low"
}
],
"title": "CVE-2025-22021"
},
{
"cve": "CVE-2025-22030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()\n\nCurrently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding\nthe per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_lock\n(through crypto_exit_scomp_ops_async()).\n\nOn the other hand, crypto_alloc_acomp_node() holds the scomp_lock (through\ncrypto_scomp_init_tfm()), and then allocates memory. If the allocation\nresults in reclaim, we may attempt to hold the per-CPU acomp_ctx mutex.\n\nThe above dependencies can cause an ABBA deadlock. For example in the\nfollowing scenario:\n\n(1) Task A running on CPU #1:\n crypto_alloc_acomp_node()\n Holds scomp_lock\n Enters reclaim\n Reads per_cpu_ptr(pool-\u003eacomp_ctx, 1)\n\n(2) Task A is descheduled\n\n(3) CPU #1 goes offline\n zswap_cpu_comp_dead(CPU #1)\n Holds per_cpu_ptr(pool-\u003eacomp_ctx, 1))\n Calls crypto_free_acomp()\n Waits for scomp_lock\n\n(4) Task A running on CPU #2:\n Waits for per_cpu_ptr(pool-\u003eacomp_ctx, 1) // Read on CPU #1\n DEADLOCK\n\nSince there is no requirement to call crypto_free_acomp() with the per-CPU\nacomp_ctx mutex held in zswap_cpu_comp_dead(), move it after the mutex is\nunlocked. Also move the acomp_request_free() and kfree() calls for\nconsistency and to avoid any potential sublte locking dependencies in the\nfuture.\n\nWith this, only setting acomp_ctx fields to NULL occurs with the mutex\nheld. This is similar to how zswap_cpu_comp_prepare() only initializes\nacomp_ctx fields with the mutex held, after performing all allocations\nbefore holding the mutex.\n\nOpportunistically, move the NULL check on acomp_ctx so that it takes place\nbefore the mutex dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22030",
"url": "https://www.suse.com/security/cve/CVE-2025-22030"
},
{
"category": "external",
"summary": "SUSE Bug 1241376 for CVE-2025-22030",
"url": "https://bugzilla.suse.com/1241376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-22030"
},
{
"cve": "CVE-2025-22056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_tunnel: fix geneve_opt type confusion addition\n\nWhen handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the\nparsing logic should place every geneve_opt structure one by one\ncompactly. Hence, when deciding the next geneve_opt position, the\npointer addition should be in units of char *.\n\nHowever, the current implementation erroneously does type conversion\nbefore the addition, which will lead to heap out-of-bounds write.\n\n[ 6.989857] ==================================================================\n[ 6.990293] BUG: KASAN: slab-out-of-bounds in nft_tunnel_obj_init+0x977/0xa70\n[ 6.990725] Write of size 124 at addr ffff888005f18974 by task poc/178\n[ 6.991162]\n[ 6.991259] CPU: 0 PID: 178 Comm: poc-oob-write Not tainted 6.1.132 #1\n[ 6.991655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 6.992281] Call Trace:\n[ 6.992423] \u003cTASK\u003e\n[ 6.992586] dump_stack_lvl+0x44/0x5c\n[ 6.992801] print_report+0x184/0x4be\n[ 6.993790] kasan_report+0xc5/0x100\n[ 6.994252] kasan_check_range+0xf3/0x1a0\n[ 6.994486] memcpy+0x38/0x60\n[ 6.994692] nft_tunnel_obj_init+0x977/0xa70\n[ 6.995677] nft_obj_init+0x10c/0x1b0\n[ 6.995891] nf_tables_newobj+0x585/0x950\n[ 6.996922] nfnetlink_rcv_batch+0xdf9/0x1020\n[ 6.998997] nfnetlink_rcv+0x1df/0x220\n[ 6.999537] netlink_unicast+0x395/0x530\n[ 7.000771] netlink_sendmsg+0x3d0/0x6d0\n[ 7.001462] __sock_sendmsg+0x99/0xa0\n[ 7.001707] ____sys_sendmsg+0x409/0x450\n[ 7.002391] ___sys_sendmsg+0xfd/0x170\n[ 7.003145] __sys_sendmsg+0xea/0x170\n[ 7.004359] do_syscall_64+0x5e/0x90\n[ 7.005817] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 7.006127] RIP: 0033:0x7ec756d4e407\n[ 7.006339] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 7.007364] RSP: 002b:00007ffed5d46760 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n[ 7.007827] RAX: ffffffffffffffda RBX: 00007ec756cc4740 RCX: 00007ec756d4e407\n[ 7.008223] RDX: 0000000000000000 RSI: 00007ffed5d467f0 RDI: 0000000000000003\n[ 7.008620] RBP: 00007ffed5d468a0 R08: 0000000000000000 R09: 0000000000000000\n[ 7.009039] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n[ 7.009429] R13: 00007ffed5d478b0 R14: 00007ec756ee5000 R15: 00005cbd4e655cb8\n\nFix this bug with correct pointer addition and conversion in parse\nand dump code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22056",
"url": "https://www.suse.com/security/cve/CVE-2025-22056"
},
{
"category": "external",
"summary": "SUSE Bug 1241525 for CVE-2025-22056",
"url": "https://bugzilla.suse.com/1241525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-22056"
},
{
"cve": "CVE-2025-22057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: decrease cached dst counters in dst_release\n\nUpstream fix ac888d58869b (\"net: do not delay dst_entries_add() in\ndst_release()\") moved decrementing the dst count from dst_destroy to\ndst_release to avoid accessing already freed data in case of netns\ndismantle. However in case CONFIG_DST_CACHE is enabled and OvS+tunnels\nare used, this fix is incomplete as the same issue will be seen for\ncached dsts:\n\n Unable to handle kernel paging request at virtual address ffff5aabf6b5c000\n Call trace:\n percpu_counter_add_batch+0x3c/0x160 (P)\n dst_release+0xec/0x108\n dst_cache_destroy+0x68/0xd8\n dst_destroy+0x13c/0x168\n dst_destroy_rcu+0x1c/0xb0\n rcu_do_batch+0x18c/0x7d0\n rcu_core+0x174/0x378\n rcu_core_si+0x18/0x30\n\nFix this by invalidating the cache, and thus decrementing cached dst\ncounters, in dst_release too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22057",
"url": "https://www.suse.com/security/cve/CVE-2025-22057"
},
{
"category": "external",
"summary": "SUSE Bug 1241533 for CVE-2025-22057",
"url": "https://bugzilla.suse.com/1241533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-22057"
},
{
"cve": "CVE-2025-22063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets\n\nWhen calling netlbl_conn_setattr(), addr-\u003esa_family is used\nto determine the function behavior. If sk is an IPv4 socket,\nbut the connect function is called with an IPv6 address,\nthe function calipso_sock_setattr() is triggered.\nInside this function, the following code is executed:\n\nsk_fullsock(__sk) ? inet_sk(__sk)-\u003epinet6 : NULL;\n\nSince sk is an IPv4 socket, pinet6 is NULL, leading to a\nnull pointer dereference.\n\nThis patch fixes the issue by checking if inet6_sk(sk)\nreturns a NULL pointer before accessing pinet6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22063",
"url": "https://www.suse.com/security/cve/CVE-2025-22063"
},
{
"category": "external",
"summary": "SUSE Bug 1241351 for CVE-2025-22063",
"url": "https://bugzilla.suse.com/1241351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-22063"
},
{
"cve": "CVE-2025-22066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: imx-card: Add NULL check in imx_card_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nimx_card_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22066",
"url": "https://www.suse.com/security/cve/CVE-2025-22066"
},
{
"category": "external",
"summary": "SUSE Bug 1241340 for CVE-2025-22066",
"url": "https://bugzilla.suse.com/1241340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-22066"
},
{
"cve": "CVE-2025-22070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: fix NULL pointer dereference on mkdir\n\nWhen a 9p tree was mounted with option \u0027posixacl\u0027, parent directory had a\ndefault ACL set for its subdirectories, e.g.:\n\n setfacl -m default:group:simpsons:rwx parentdir\n\nthen creating a subdirectory crashed 9p client, as v9fs_fid_add() call in\nfunction v9fs_vfs_mkdir_dotl() sets the passed \u0027fid\u0027 pointer to NULL\n(since dafbe689736) even though the subsequent v9fs_set_create_acl() call\nexpects a valid non-NULL \u0027fid\u0027 pointer:\n\n [ 37.273191] BUG: kernel NULL pointer dereference, address: 0000000000000000\n ...\n [ 37.322338] Call Trace:\n [ 37.323043] \u003cTASK\u003e\n [ 37.323621] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434)\n [ 37.324448] ? page_fault_oops (arch/x86/mm/fault.c:714)\n [ 37.325532] ? search_module_extables (kernel/module/main.c:3733)\n [ 37.326742] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.328006] ? search_bpf_extables (kernel/bpf/core.c:804)\n [ 37.329142] ? exc_page_fault (./arch/x86/include/asm/paravirt.h:686 arch/x86/mm/fault.c:1488 arch/x86/mm/fault.c:1538)\n [ 37.330196] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:574)\n [ 37.331330] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.332562] ? v9fs_fid_xattr_get (fs/9p/xattr.c:30) 9p\n [ 37.333824] v9fs_fid_xattr_set (fs/9p/fid.h:23 fs/9p/xattr.c:121) 9p\n [ 37.335077] v9fs_set_acl (fs/9p/acl.c:276) 9p\n [ 37.336112] v9fs_set_create_acl (fs/9p/acl.c:307) 9p\n [ 37.337326] v9fs_vfs_mkdir_dotl (fs/9p/vfs_inode_dotl.c:411) 9p\n [ 37.338590] vfs_mkdir (fs/namei.c:4313)\n [ 37.339535] do_mkdirat (fs/namei.c:4336)\n [ 37.340465] __x64_sys_mkdir (fs/namei.c:4354)\n [ 37.341455] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n [ 37.342447] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by simply swapping the sequence of these two calls in\nv9fs_vfs_mkdir_dotl(), i.e. calling v9fs_set_create_acl() before\nv9fs_fid_add().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22070",
"url": "https://www.suse.com/security/cve/CVE-2025-22070"
},
{
"category": "external",
"summary": "SUSE Bug 1241305 for CVE-2025-22070",
"url": "https://bugzilla.suse.com/1241305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-22070"
},
{
"cve": "CVE-2025-22089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Don\u0027t expose hw_counters outside of init net namespace\n\nCommit 467f432a521a (\"RDMA/core: Split port and device counter sysfs\nattributes\") accidentally almost exposed hw counters to non-init net\nnamespaces. It didn\u0027t expose them fully, as an attempt to read any of\nthose counters leads to a crash like this one:\n\n[42021.807566] BUG: kernel NULL pointer dereference, address: 0000000000000028\n[42021.814463] #PF: supervisor read access in kernel mode\n[42021.819549] #PF: error_code(0x0000) - not-present page\n[42021.824636] PGD 0 P4D 0\n[42021.827145] Oops: 0000 [#1] SMP PTI\n[42021.830598] CPU: 82 PID: 2843922 Comm: switchto-defaul Kdump: loaded Tainted: G S W I XXX\n[42021.841697] Hardware name: XXX\n[42021.849619] RIP: 0010:hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.855362] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 49 89 d0 4c 8b 5e 20 48 8b 8f b8 04 00 00 48 81 c7 f0 fa ff ff \u003c48\u003e 8b 41 28 48 29 ce 48 83 c6 d0 48 c1 ee 04 69 d6 ab aa aa aa 48\n[42021.873931] RSP: 0018:ffff97fe90f03da0 EFLAGS: 00010287\n[42021.879108] RAX: ffff9406988a8c60 RBX: ffff940e1072d438 RCX: 0000000000000000\n[42021.886169] RDX: ffff94085f1aa000 RSI: ffff93c6cbbdbcb0 RDI: ffff940c7517aef0\n[42021.893230] RBP: ffff97fe90f03e70 R08: ffff94085f1aa000 R09: 0000000000000000\n[42021.900294] R10: ffff94085f1aa000 R11: ffffffffc0775680 R12: ffffffff87ca2530\n[42021.907355] R13: ffff940651602840 R14: ffff93c6cbbdbcb0 R15: ffff94085f1aa000\n[42021.914418] FS: 00007fda1a3b9700(0000) GS:ffff94453fb80000(0000) knlGS:0000000000000000\n[42021.922423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[42021.928130] CR2: 0000000000000028 CR3: 00000042dcfb8003 CR4: 00000000003726f0\n[42021.935194] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[42021.942257] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[42021.949324] Call Trace:\n[42021.951756] \u003cTASK\u003e\n[42021.953842] [\u003cffffffff86c58674\u003e] ? show_regs+0x64/0x70\n[42021.959030] [\u003cffffffff86c58468\u003e] ? __die+0x78/0xc0\n[42021.963874] [\u003cffffffff86c9ef75\u003e] ? page_fault_oops+0x2b5/0x3b0\n[42021.969749] [\u003cffffffff87674b92\u003e] ? exc_page_fault+0x1a2/0x3c0\n[42021.975549] [\u003cffffffff87801326\u003e] ? asm_exc_page_fault+0x26/0x30\n[42021.981517] [\u003cffffffffc0775680\u003e] ? __pfx_show_hw_stats+0x10/0x10 [ib_core]\n[42021.988482] [\u003cffffffffc077564e\u003e] ? hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.995438] [\u003cffffffff86ac7f8e\u003e] dev_attr_show+0x1e/0x50\n[42022.000803] [\u003cffffffff86a3eeb1\u003e] sysfs_kf_seq_show+0x81/0xe0\n[42022.006508] [\u003cffffffff86a11134\u003e] seq_read_iter+0xf4/0x410\n[42022.011954] [\u003cffffffff869f4b2e\u003e] vfs_read+0x16e/0x2f0\n[42022.017058] [\u003cffffffff869f50ee\u003e] ksys_read+0x6e/0xe0\n[42022.022073] [\u003cffffffff8766f1ca\u003e] do_syscall_64+0x6a/0xa0\n[42022.027441] [\u003cffffffff8780013b\u003e] entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nThe problem can be reproduced using the following steps:\n ip netns add foo\n ip netns exec foo bash\n cat /sys/class/infiniband/mlx4_0/hw_counters/*\n\nThe panic occurs because of casting the device pointer into an\nib_device pointer using container_of() in hw_stat_device_show() is\nwrong and leads to a memory corruption.\n\nHowever the real problem is that hw counters should never been exposed\noutside of the non-init net namespace.\n\nFix this by saving the index of the corresponding attribute group\n(it might be 1 or 2 depending on the presence of driver-specific\nattributes) and zeroing the pointer to hw_counters group for compat\ndevices during the initialization.\n\nWith this fix applied hw_counters are not available in a non-init\nnet namespace:\n find /sys/class/infiniband/mlx4_0/ -name hw_counters\n /sys/class/infiniband/mlx4_0/ports/1/hw_counters\n /sys/class/infiniband/mlx4_0/ports/2/hw_counters\n /sys/class/infiniband/mlx4_0/hw_counters\n\n ip netns add foo\n ip netns exec foo bash\n find /sys/class/infiniband/mlx4_0/ -name hw_counters",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22089",
"url": "https://www.suse.com/security/cve/CVE-2025-22089"
},
{
"category": "external",
"summary": "SUSE Bug 1241538 for CVE-2025-22089",
"url": "https://bugzilla.suse.com/1241538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-22089"
},
{
"cve": "CVE-2025-22095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: brcmstb: Fix error path after a call to regulator_bulk_get()\n\nIf the regulator_bulk_get() returns an error and no regulators\nare created, we need to set their number to zero.\n\nIf we don\u0027t do this and the PCIe link up fails, a call to the\nregulator_bulk_free() will result in a kernel panic.\n\nWhile at it, print the error value, as we cannot return an error\nupwards as the kernel will WARN() on an error from add_bus().\n\n[kwilczynski: commit log, use comma in the message to match style with\nother similar messages]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22095",
"url": "https://www.suse.com/security/cve/CVE-2025-22095"
},
{
"category": "external",
"summary": "SUSE Bug 1241519 for CVE-2025-22095",
"url": "https://bugzilla.suse.com/1241519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-22095"
},
{
"cve": "CVE-2025-22103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix NULL pointer dereference in l3mdev_l3_rcv\n\nWhen delete l3s ipvlan:\n\n ip link del link eth0 ipvlan1 type ipvlan mode l3s\n\nThis may cause a null pointer dereference:\n\n Call trace:\n ip_rcv_finish+0x48/0xd0\n ip_rcv+0x5c/0x100\n __netif_receive_skb_one_core+0x64/0xb0\n __netif_receive_skb+0x20/0x80\n process_backlog+0xb4/0x204\n napi_poll+0xe8/0x294\n net_rx_action+0xd8/0x22c\n __do_softirq+0x12c/0x354\n\nThis is because l3mdev_l3_rcv() visit dev-\u003el3mdev_ops after\nipvlan_l3s_unregister() assign the dev-\u003el3mdev_ops to NULL. The process\nlike this:\n\n (CPU1) | (CPU2)\n l3mdev_l3_rcv() |\n check dev-\u003epriv_flags: |\n master = skb-\u003edev; |\n |\n | ipvlan_l3s_unregister()\n | set dev-\u003epriv_flags\n | dev-\u003el3mdev_ops = NULL;\n |\n visit master-\u003el3mdev_ops |\n\nTo avoid this by do not set dev-\u003el3mdev_ops when unregister l3s ipvlan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22103",
"url": "https://www.suse.com/security/cve/CVE-2025-22103"
},
{
"category": "external",
"summary": "SUSE Bug 1241448 for CVE-2025-22103",
"url": "https://bugzilla.suse.com/1241448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-22103"
},
{
"cve": "CVE-2025-22119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: init wiphy_work before allocating rfkill fails\n\nsyzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1]\n\nAfter rfkill allocation fails, the wiphy release process will be performed,\nwhich will cause cfg80211_dev_free to access the uninitialized wiphy_work\nrelated data.\n\nMove the initialization of wiphy_work to before rfkill initialization to\navoid this issue.\n\n[1]\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn\u0027t initialize this object before use?\nturning off the locking correctness validator.\nCPU: 0 UID: 0 PID: 5935 Comm: syz-executor550 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n assign_lock_key kernel/locking/lockdep.c:983 [inline]\n register_lock_class+0xc39/0x1240 kernel/locking/lockdep.c:1297\n __lock_acquire+0x135/0x3c40 kernel/locking/lockdep.c:5103\n lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162\n cfg80211_dev_free+0x30/0x3d0 net/wireless/core.c:1196\n device_release+0xa1/0x240 drivers/base/core.c:2568\n kobject_cleanup lib/kobject.c:689 [inline]\n kobject_release lib/kobject.c:720 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1e4/0x5a0 lib/kobject.c:737\n put_device+0x1f/0x30 drivers/base/core.c:3774\n wiphy_free net/wireless/core.c:1224 [inline]\n wiphy_new_nm+0x1c1f/0x2160 net/wireless/core.c:562\n ieee80211_alloc_hw_nm+0x1b7a/0x2260 net/mac80211/main.c:835\n mac80211_hwsim_new_radio+0x1d6/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5185\n hwsim_new_radio_nl+0xb42/0x12b0 drivers/net/wireless/virtual/mac80211_hwsim.c:6242\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2533\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1338\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1882\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg net/socket.c:733 [inline]\n ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2573\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2627\n __sys_sendmsg+0x16e/0x220 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n\nClose: https://syzkaller.appspot.com/bug?extid=aaf0488c83d1d5f4f029",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22119",
"url": "https://www.suse.com/security/cve/CVE-2025-22119"
},
{
"category": "external",
"summary": "SUSE Bug 1241576 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "external",
"summary": "SUSE Bug 1241577 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "important"
}
],
"title": "CVE-2025-22119"
},
{
"cve": "CVE-2025-22124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: fix wrong bitmap_limit for clustermd when write sb\n\nIn clustermd, separate write-intent-bitmaps are used for each cluster\nnode:\n\n0 4k 8k 12k\n-------------------------------------------------------------------\n| idle | md super | bm super [0] + bits |\n| bm bits[0, contd] | bm super[1] + bits | bm bits[1, contd] |\n| bm super[2] + bits | bm bits [2, contd] | bm super[3] + bits |\n| bm bits [3, contd] | | |\n\nSo in node 1, pg_index in __write_sb_page() could equal to\nbitmap-\u003estorage.file_pages. Then bitmap_limit will be calculated to\n0. md_super_write() will be called with 0 size.\nThat means the first 4k sb area of node 1 will never be updated\nthrough filemap_write_page().\nThis bug causes hang of mdadm/clustermd_tests/01r1_Grow_resize.\n\nHere use (pg_index % bitmap-\u003estorage.file_pages) to make calculation\nof bitmap_limit correct.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22124",
"url": "https://www.suse.com/security/cve/CVE-2025-22124"
},
{
"category": "external",
"summary": "SUSE Bug 1241595 for CVE-2025-22124",
"url": "https://bugzilla.suse.com/1241595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-22124"
},
{
"cve": "CVE-2025-22125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1,raid10: don\u0027t ignore IO flags\n\nIf blk-wbt is enabled by default, it\u0027s found that raid write performance\nis quite bad because all IO are throttled by wbt of underlying disks,\ndue to flag REQ_IDLE is ignored. And turns out this behaviour exist since\nblk-wbt is introduced.\n\nOther than REQ_IDLE, other flags should not be ignored as well, for\nexample REQ_META can be set for filesystems, clearing it can cause priority\nreverse problems; And REQ_NOWAIT should not be cleared as well, because\nio will wait instead of failing directly in underlying disks.\n\nFix those problems by keep IO flags from master bio.\n\nFises: f51d46d0e7cb (\"md: add support for REQ_NOWAIT\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22125",
"url": "https://www.suse.com/security/cve/CVE-2025-22125"
},
{
"category": "external",
"summary": "SUSE Bug 1241596 for CVE-2025-22125",
"url": "https://bugzilla.suse.com/1241596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-22125"
},
{
"cve": "CVE-2025-22126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix mddev uaf while iterating all_mddevs list\n\nWhile iterating all_mddevs list from md_notify_reboot() and md_exit(),\nlist_for_each_entry_safe is used, and this can race with deletint the\nnext mddev, causing UAF:\n\nt1:\nspin_lock\n//list_for_each_entry_safe(mddev, n, ...)\n mddev_get(mddev1)\n // assume mddev2 is the next entry\n spin_unlock\n t2:\n //remove mddev2\n ...\n mddev_free\n spin_lock\n list_del\n spin_unlock\n kfree(mddev2)\n mddev_put(mddev1)\n spin_lock\n //continue dereference mddev2-\u003eall_mddevs\n\nThe old helper for_each_mddev() actually grab the reference of mddev2\nwhile holding the lock, to prevent from being freed. This problem can be\nfixed the same way, however, the code will be complex.\n\nHence switch to use list_for_each_entry, in this case mddev_put() can free\nthe mddev1 and it\u0027s not safe as well. Refer to md_seq_show(), also factor\nout a helper mddev_put_locked() to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22126",
"url": "https://www.suse.com/security/cve/CVE-2025-22126"
},
{
"category": "external",
"summary": "SUSE Bug 1241597 for CVE-2025-22126",
"url": "https://bugzilla.suse.com/1241597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-22126"
},
{
"cve": "CVE-2025-23140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error\n\nAfter devm_request_irq() fails with error in pci_endpoint_test_request_irq(),\nthe pci_endpoint_test_free_irq_vectors() is called assuming that all IRQs\nhave been released.\n\nHowever, some requested IRQs remain unreleased, so there are still\n/proc/irq/* entries remaining, and this results in WARN() with the\nfollowing message:\n\n remove_proc_entry: removing non-empty directory \u0027irq/30\u0027, leaking at least \u0027pci-endpoint-test.0\u0027\n WARNING: CPU: 0 PID: 202 at fs/proc/generic.c:719 remove_proc_entry +0x190/0x19c\n\nTo solve this issue, set the number of remaining IRQs to test-\u003enum_irqs,\nand release IRQs in advance by calling pci_endpoint_test_release_irq().\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23140",
"url": "https://www.suse.com/security/cve/CVE-2025-23140"
},
{
"category": "external",
"summary": "SUSE Bug 1242763 for CVE-2025-23140",
"url": "https://bugzilla.suse.com/1242763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-23140"
},
{
"cve": "CVE-2025-23141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses\n\nAcquire a lock on kvm-\u003esrcu when userspace is getting MP state to handle a\nrather extreme edge case where \"accepting\" APIC events, i.e. processing\npending INIT or SIPI, can trigger accesses to guest memory. If the vCPU\nis in L2 with INIT *and* a TRIPLE_FAULT request pending, then getting MP\nstate will trigger a nested VM-Exit by way of -\u003echeck_nested_events(), and\nemuating the nested VM-Exit can access guest memory.\n\nThe splat was originally hit by syzkaller on a Google-internal kernel, and\nreproduced on an upstream kernel by hacking the triple_fault_event_test\nselftest to stuff a pending INIT, store an MSR on VM-Exit (to generate a\nmemory access on VMX), and do vcpu_mp_state_get() to trigger the scenario.\n\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3-b112d356288b-vmx/pi_lockdep_false_pos-lock #3 Not tainted\n -----------------------------\n include/linux/kvm_host.h:1058 suspicious rcu_dereference_check() usage!\n\n other info that might help us debug this:\n\n rcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by triple_fault_ev/1256:\n #0: ffff88810df5a330 (\u0026vcpu-\u003emutex){+.+.}-{4:4}, at: kvm_vcpu_ioctl+0x8b/0x9a0 [kvm]\n\n stack backtrace:\n CPU: 11 UID: 1000 PID: 1256 Comm: triple_fault_ev Not tainted 6.14.0-rc3-b112d356288b-vmx #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7f/0x90\n lockdep_rcu_suspicious+0x144/0x190\n kvm_vcpu_gfn_to_memslot+0x156/0x180 [kvm]\n kvm_vcpu_read_guest+0x3e/0x90 [kvm]\n read_and_check_msr_entry+0x2e/0x180 [kvm_intel]\n __nested_vmx_vmexit+0x550/0xde0 [kvm_intel]\n kvm_check_nested_events+0x1b/0x30 [kvm]\n kvm_apic_accept_events+0x33/0x100 [kvm]\n kvm_arch_vcpu_ioctl_get_mpstate+0x30/0x1d0 [kvm]\n kvm_vcpu_ioctl+0x33e/0x9a0 [kvm]\n __x64_sys_ioctl+0x8b/0xb0\n do_syscall_64+0x6c/0x170\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23141",
"url": "https://www.suse.com/security/cve/CVE-2025-23141"
},
{
"category": "external",
"summary": "SUSE Bug 1242782 for CVE-2025-23141",
"url": "https://bugzilla.suse.com/1242782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-23141"
},
{
"cve": "CVE-2025-23142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: detect and prevent references to a freed transport in sendmsg\n\nsctp_sendmsg() re-uses associations and transports when possible by\ndoing a lookup based on the socket endpoint and the message destination\naddress, and then sctp_sendmsg_to_asoc() sets the selected transport in\nall the message chunks to be sent.\n\nThere\u0027s a possible race condition if another thread triggers the removal\nof that selected transport, for instance, by explicitly unbinding an\naddress with setsockopt(SCTP_SOCKOPT_BINDX_REM), after the chunks have\nbeen set up and before the message is sent. This can happen if the send\nbuffer is full, during the period when the sender thread temporarily\nreleases the socket lock in sctp_wait_for_sndbuf().\n\nThis causes the access to the transport data in\nsctp_outq_select_transport(), when the association outqueue is flushed,\nto result in a use-after-free read.\n\nThis change avoids this scenario by having sctp_transport_free() signal\nthe freeing of the transport, tagging it as \"dead\". In order to do this,\nthe patch restores the \"dead\" bit in struct sctp_transport, which was\nremoved in\ncommit 47faa1e4c50e (\"sctp: remove the dead field of sctp_transport\").\n\nThen, in the scenario where the sender thread has released the socket\nlock in sctp_wait_for_sndbuf(), the bit is checked again after\nre-acquiring the socket lock to detect the deletion. This is done while\nholding a reference to the transport to prevent it from being freed in\nthe process.\n\nIf the transport was deleted while the socket lock was relinquished,\nsctp_sendmsg_to_asoc() will return -EAGAIN to let userspace retry the\nsend.\n\nThe bug was found by a private syzbot instance (see the error report [1]\nand the C reproducer that triggers it [2]).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23142",
"url": "https://www.suse.com/security/cve/CVE-2025-23142"
},
{
"category": "external",
"summary": "SUSE Bug 1242760 for CVE-2025-23142",
"url": "https://bugzilla.suse.com/1242760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-23142"
},
{
"cve": "CVE-2025-23144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23144"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbacklight: led_bl: Hold led_access lock when calling led_sysfs_disable()\n\nLockdep detects the following issue on led-backlight removal:\n [ 142.315935] ------------[ cut here ]------------\n [ 142.315954] WARNING: CPU: 2 PID: 292 at drivers/leds/led-core.c:455 led_sysfs_enable+0x54/0x80\n ...\n [ 142.500725] Call trace:\n [ 142.503176] led_sysfs_enable+0x54/0x80 (P)\n [ 142.507370] led_bl_remove+0x80/0xa8 [led_bl]\n [ 142.511742] platform_remove+0x30/0x58\n [ 142.515501] device_remove+0x54/0x90\n ...\n\nIndeed, led_sysfs_enable() has to be called with the led_access\nlock held.\n\nHold the lock when calling led_sysfs_disable().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23144",
"url": "https://www.suse.com/security/cve/CVE-2025-23144"
},
{
"category": "external",
"summary": "SUSE Bug 1242568 for CVE-2025-23144",
"url": "https://bugzilla.suse.com/1242568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-23144"
},
{
"cve": "CVE-2025-23146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: ene-kb3930: Fix a potential NULL pointer dereference\n\nThe off_gpios could be NULL. Add missing check in the kb3930_probe().\nThis is similar to the issue fixed in commit b1ba8bcb2d1f\n(\"backlight: hx8357: Fix potential NULL pointer dereference\").\n\nThis was detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23146",
"url": "https://www.suse.com/security/cve/CVE-2025-23146"
},
{
"category": "external",
"summary": "SUSE Bug 1242559 for CVE-2025-23146",
"url": "https://bugzilla.suse.com/1242559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-23146"
},
{
"cve": "CVE-2025-23147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: Add NULL pointer check in i3c_master_queue_ibi()\n\nThe I3C master driver may receive an IBI from a target device that has not\nbeen probed yet. In such cases, the master calls `i3c_master_queue_ibi()`\nto queue an IBI work task, leading to \"Unable to handle kernel read from\nunreadable memory\" and resulting in a kernel panic.\n\nTypical IBI handling flow:\n1. The I3C master scans target devices and probes their respective drivers.\n2. The target device driver calls `i3c_device_request_ibi()` to enable IBI\n and assigns `dev-\u003eibi = ibi`.\n3. The I3C master receives an IBI from the target device and calls\n `i3c_master_queue_ibi()` to queue the target device driver\u0027s IBI\n handler task.\n\nHowever, since target device events are asynchronous to the I3C probe\nsequence, step 3 may occur before step 2, causing `dev-\u003eibi` to be `NULL`,\nleading to a kernel panic.\n\nAdd a NULL pointer check in `i3c_master_queue_ibi()` to prevent accessing\nan uninitialized `dev-\u003eibi`, ensuring stability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23147",
"url": "https://www.suse.com/security/cve/CVE-2025-23147"
},
{
"category": "external",
"summary": "SUSE Bug 1242530 for CVE-2025-23147",
"url": "https://bugzilla.suse.com/1242530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-23147"
},
{
"cve": "CVE-2025-23148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()\n\nsoc_dev_attr-\u003erevision could be NULL, thus,\na pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23148",
"url": "https://www.suse.com/security/cve/CVE-2025-23148"
},
{
"category": "external",
"summary": "SUSE Bug 1242578 for CVE-2025-23148",
"url": "https://bugzilla.suse.com/1242578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-23148"
},
{
"cve": "CVE-2025-23149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: do not start chip while suspended\n\nChecking TPM_CHIP_FLAG_SUSPENDED after the call to tpm_find_get_ops() can\nlead to a spurious tpm_chip_start() call:\n\n[35985.503771] i2c i2c-1: Transfer while suspended\n[35985.503796] WARNING: CPU: 0 PID: 74 at drivers/i2c/i2c-core.h:56 __i2c_transfer+0xbe/0x810\n[35985.503802] Modules linked in:\n[35985.503808] CPU: 0 UID: 0 PID: 74 Comm: hwrng Tainted: G W 6.13.0-next-20250203-00005-gfa0cb5642941 #19 9c3d7f78192f2d38e32010ac9c90fdc71109ef6f\n[35985.503814] Tainted: [W]=WARN\n[35985.503817] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[35985.503819] RIP: 0010:__i2c_transfer+0xbe/0x810\n[35985.503825] Code: 30 01 00 00 4c 89 f7 e8 40 fe d8 ff 48 8b 93 80 01 00 00 48 85 d2 75 03 49 8b 16 48 c7 c7 0a fb 7c a7 48 89 c6 e8 32 ad b0 fe \u003c0f\u003e 0b b8 94 ff ff ff e9 33 04 00 00 be 02 00 00 00 83 fd 02 0f 5\n[35985.503828] RSP: 0018:ffffa106c0333d30 EFLAGS: 00010246\n[35985.503833] RAX: 074ba64aa20f7000 RBX: ffff8aa4c1167120 RCX: 0000000000000000\n[35985.503836] RDX: 0000000000000000 RSI: ffffffffa77ab0e4 RDI: 0000000000000001\n[35985.503838] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\n[35985.503841] R10: 0000000000000004 R11: 00000001000313d5 R12: ffff8aa4c10f1820\n[35985.503843] R13: ffff8aa4c0e243c0 R14: ffff8aa4c1167250 R15: ffff8aa4c1167120\n[35985.503846] FS: 0000000000000000(0000) GS:ffff8aa4eae00000(0000) knlGS:0000000000000000\n[35985.503849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[35985.503852] CR2: 00007fab0aaf1000 CR3: 0000000105328000 CR4: 00000000003506f0\n[35985.503855] Call Trace:\n[35985.503859] \u003cTASK\u003e\n[35985.503863] ? __warn+0xd4/0x260\n[35985.503868] ? __i2c_transfer+0xbe/0x810\n[35985.503874] ? report_bug+0xf3/0x210\n[35985.503882] ? handle_bug+0x63/0xb0\n[35985.503887] ? exc_invalid_op+0x16/0x50\n[35985.503892] ? asm_exc_invalid_op+0x16/0x20\n[35985.503904] ? __i2c_transfer+0xbe/0x810\n[35985.503913] tpm_cr50_i2c_transfer_message+0x24/0xf0\n[35985.503920] tpm_cr50_i2c_read+0x8e/0x120\n[35985.503928] tpm_cr50_request_locality+0x75/0x170\n[35985.503935] tpm_chip_start+0x116/0x160\n[35985.503942] tpm_try_get_ops+0x57/0x90\n[35985.503948] tpm_find_get_ops+0x26/0xd0\n[35985.503955] tpm_get_random+0x2d/0x80\n\nDon\u0027t move forward with tpm_chip_start() inside tpm_try_get_ops(), unless\nTPM_CHIP_FLAG_SUSPENDED is not set. tpm_find_get_ops() will return NULL in\nsuch a failure case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23149",
"url": "https://www.suse.com/security/cve/CVE-2025-23149"
},
{
"category": "external",
"summary": "SUSE Bug 1242758 for CVE-2025-23149",
"url": "https://bugzilla.suse.com/1242758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-23149"
},
{
"cve": "CVE-2025-23150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off-by-one error in do_split\n\nSyzkaller detected a use-after-free issue in ext4_insert_dentry that was\ncaused by out-of-bounds access due to incorrect splitting in do_split.\n\nBUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nWrite of size 251 at addr ffff888074572f14 by task syz-executor335/5847\n\nCPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\n ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\n add_dirent_to_buf+0x3d9/0x750 fs/ext4/namei.c:2154\n make_indexed_dir+0xf98/0x1600 fs/ext4/namei.c:2351\n ext4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2455\n ext4_add_nondir+0x8d/0x290 fs/ext4/namei.c:2796\n ext4_symlink+0x920/0xb50 fs/ext4/namei.c:3431\n vfs_symlink+0x137/0x2e0 fs/namei.c:4615\n do_symlinkat+0x222/0x3a0 fs/namei.c:4641\n __do_sys_symlink fs/namei.c:4662 [inline]\n __se_sys_symlink fs/namei.c:4660 [inline]\n __x64_sys_symlink+0x7a/0x90 fs/namei.c:4660\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThe following loop is located right above \u0027if\u0027 statement.\n\nfor (i = count-1; i \u003e= 0; i--) {\n\t/* is more than half of this entry in 2nd half of the block? */\n\tif (size + map[i].size/2 \u003e blocksize/2)\n\t\tbreak;\n\tsize += map[i].size;\n\tmove++;\n}\n\n\u0027i\u0027 in this case could go down to -1, in which case sum of active entries\nwouldn\u0027t exceed half the block size, but previous behaviour would also do\nsplit in half if sum would exceed at the very last block, which in case of\nhaving too many long name files in a single block could lead to\nout-of-bounds access and following use-after-free.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23150",
"url": "https://www.suse.com/security/cve/CVE-2025-23150"
},
{
"category": "external",
"summary": "SUSE Bug 1242513 for CVE-2025-23150",
"url": "https://bugzilla.suse.com/1242513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-23150"
},
{
"cve": "CVE-2025-23151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Fix race between unprepare and queue_buf\n\nA client driver may use mhi_unprepare_from_transfer() to quiesce\nincoming data during the client driver\u0027s tear down. The client driver\nmight also be processing data at the same time, resulting in a call to\nmhi_queue_buf() which will invoke mhi_gen_tre(). If mhi_gen_tre() runs\nafter mhi_unprepare_from_transfer() has torn down the channel, a panic\nwill occur due to an invalid dereference leading to a page fault.\n\nThis occurs because mhi_gen_tre() does not verify the channel state\nafter locking it. Fix this by having mhi_gen_tre() confirm the channel\nstate is valid, or return error to avoid accessing deinitialized data.\n\n[mani: added stable tag]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23151",
"url": "https://www.suse.com/security/cve/CVE-2025-23151"
},
{
"category": "external",
"summary": "SUSE Bug 1242512 for CVE-2025-23151",
"url": "https://bugzilla.suse.com/1242512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-23151"
},
{
"cve": "CVE-2025-23156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: refactor hfi packet parsing logic\n\nwords_count denotes the number of words in total payload, while data\npoints to payload of various property within it. When words_count\nreaches last word, data can access memory beyond the total payload. This\ncan lead to OOB access. With this patch, the utility api for handling\nindividual properties now returns the size of data consumed. Accordingly\nremaining bytes are calculated before parsing the payload, thereby\neliminates the OOB access possibilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23156",
"url": "https://www.suse.com/security/cve/CVE-2025-23156"
},
{
"category": "external",
"summary": "SUSE Bug 1242569 for CVE-2025-23156",
"url": "https://bugzilla.suse.com/1242569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-23156"
},
{
"cve": "CVE-2025-23157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: add check to avoid out of bound access\n\nThere is a possibility that init_codecs is invoked multiple times during\nmanipulated payload from video firmware. In such case, if codecs_count\ncan get incremented to value more than MAX_CODEC_NUM, there can be OOB\naccess. Reset the count so that it always starts from beginning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23157",
"url": "https://www.suse.com/security/cve/CVE-2025-23157"
},
{
"category": "external",
"summary": "SUSE Bug 1242532 for CVE-2025-23157",
"url": "https://bugzilla.suse.com/1242532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-23157"
},
{
"cve": "CVE-2025-23158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add check to handle incorrect queue size\n\nqsize represents size of shared queued between driver and video\nfirmware. Firmware can modify this value to an invalid large value. In\nsuch situation, empty_space will be bigger than the space actually\navailable. Since new_wr_idx is not checked, so the following code will\nresult in an OOB write.\n...\nqsize = qhdr-\u003eq_size\n\nif (wr_idx \u003e= rd_idx)\n empty_space = qsize - (wr_idx - rd_idx)\n....\nif (new_wr_idx \u003c qsize) {\n memcpy(wr_ptr, packet, dwords \u003c\u003c 2) --\u003e OOB write\n\nAdd check to ensure qsize is within the allocated size while\nreading and writing packets into the queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23158",
"url": "https://www.suse.com/security/cve/CVE-2025-23158"
},
{
"category": "external",
"summary": "SUSE Bug 1242531 for CVE-2025-23158",
"url": "https://bugzilla.suse.com/1242531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-23158"
},
{
"cve": "CVE-2025-23159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add a check to handle OOB in sfr region\n\nsfr-\u003ebuf_size is in shared memory and can be modified by malicious user.\nOOB write is possible when the size is made higher than actual sfr data\nbuffer. Cap the size to allocated size for such cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23159",
"url": "https://www.suse.com/security/cve/CVE-2025-23159"
},
{
"category": "external",
"summary": "SUSE Bug 1242529 for CVE-2025-23159",
"url": "https://bugzilla.suse.com/1242529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-23159"
},
{
"cve": "CVE-2025-23160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization\n\nOn Mediatek devices with a system companion processor (SCP) the mtk_scp\nstructure has to be removed explicitly to avoid a resource leak.\nFree the structure in case the allocation of the firmware structure fails\nduring the firmware initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23160",
"url": "https://www.suse.com/security/cve/CVE-2025-23160"
},
{
"category": "external",
"summary": "SUSE Bug 1242507 for CVE-2025-23160",
"url": "https://bugzilla.suse.com/1242507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-23160"
},
{
"cve": "CVE-2025-23161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type\n\nThe access to the PCI config space via pci_ops::read and pci_ops::write is\na low-level hardware access. The functions can be accessed with disabled\ninterrupts even on PREEMPT_RT. The pci_lock is a raw_spinlock_t for this\npurpose.\n\nA spinlock_t becomes a sleeping lock on PREEMPT_RT, so it cannot be\nacquired with disabled interrupts. The vmd_dev::cfg_lock is accessed in\nthe same context as the pci_lock.\n\nMake vmd_dev::cfg_lock a raw_spinlock_t type so it can be used with\ninterrupts disabled.\n\nThis was reported as:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n Call Trace:\n rt_spin_lock+0x4e/0x130\n vmd_pci_read+0x8d/0x100 [vmd]\n pci_user_read_config_byte+0x6f/0xe0\n pci_read_config+0xfe/0x290\n sysfs_kf_bin_read+0x68/0x90\n\n[bigeasy: reword commit message]\nTested-off-by: Luis Claudio R. Goncalves \u003clgoncalv@redhat.com\u003e\n[kwilczynski: commit log]\n[bhelgaas: add back report info from\nhttps://lore.kernel.org/lkml/20241218115951.83062-1-ryotkkr98@gmail.com/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23161",
"url": "https://www.suse.com/security/cve/CVE-2025-23161"
},
{
"category": "external",
"summary": "SUSE Bug 1242792 for CVE-2025-23161",
"url": "https://bugzilla.suse.com/1242792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-23161"
},
{
"cve": "CVE-2025-37740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add sanity check for agwidth in dbMount\n\nThe width in dmapctl of the AG is zero, it trigger a divide error when\ncalculating the control page level in dbAllocAG.\n\nTo avoid this issue, add a check for agwidth in dbAllocAG.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37740",
"url": "https://www.suse.com/security/cve/CVE-2025-37740"
},
{
"category": "external",
"summary": "SUSE Bug 1243006 for CVE-2025-37740",
"url": "https://bugzilla.suse.com/1243006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37740"
},
{
"cve": "CVE-2025-37741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Prevent copying of nlink with value 0 from disk inode\n\nsyzbot report a deadlock in diFree. [1]\n\nWhen calling \"ioctl$LOOP_SET_STATUS64\", the offset value passed in is 4,\nwhich does not match the mounted loop device, causing the mapping of the\nmounted loop device to be invalidated.\n\nWhen creating the directory and creating the inode of iag in diReadSpecial(),\nread the page of fixed disk inode (AIT) in raw mode in read_metapage(), the\nmetapage data it returns is corrupted, which causes the nlink value of 0 to be\nassigned to the iag inode when executing copy_from_dinode(), which ultimately\ncauses a deadlock when entering diFree().\n\nTo avoid this, first check the nlink value of dinode before setting iag inode.\n\n[1]\nWARNING: possible recursive locking detected\n6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0 Not tainted\n--------------------------------------------\nsyz-executor301/5309 is trying to acquire lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n\nbut task is already holding lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026(imap-\u003eim_aglock[index]));\n lock(\u0026(imap-\u003eim_aglock[index]));\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n5 locks held by syz-executor301/5309:\n #0: ffff8880422a4420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:515\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:850 [inline]\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: filename_create+0x260/0x540 fs/namei.c:4026\n #2: ffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2460 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocAG+0x4b7/0x1e50 fs/jfs/jfs_imap.c:1669\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2477 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocAG+0x869/0x1e50 fs/jfs/jfs_imap.c:1669\n\nstack backtrace:\nCPU: 0 UID: 0 PID: 5309 Comm: syz-executor301 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_deadlock_bug+0x483/0x620 kernel/locking/lockdep.c:3037\n check_deadlock kernel/locking/lockdep.c:3089 [inline]\n validate_chain+0x15e2/0x5920 kernel/locking/lockdep.c:3891\n __lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5202\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825\n __mutex_lock_common kernel/locking/mutex.c:608 [inline]\n __mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752\n diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n jfs_evict_inode+0x32d/0x440 fs/jfs/inode.c:156\n evict+0x4e8/0x9b0 fs/inode.c:725\n diFreeSpecial fs/jfs/jfs_imap.c:552 [inline]\n duplicateIXtree+0x3c6/0x550 fs/jfs/jfs_imap.c:3022\n diNewIAG fs/jfs/jfs_imap.c:2597 [inline]\n diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n diAllocAG+0x17dc/0x1e50 fs/jfs/jfs_imap.c:1669\n diAlloc+0x1d2/0x1630 fs/jfs/jfs_imap.c:1590\n ialloc+0x8f/0x900 fs/jfs/jfs_inode.c:56\n jfs_mkdir+0x1c5/0xba0 fs/jfs/namei.c:225\n vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257\n do_mkdirat+0x264/0x3a0 fs/namei.c:4280\n __do_sys_mkdirat fs/namei.c:4295 [inline]\n __se_sys_mkdirat fs/namei.c:4293 [inline]\n __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293\n do_syscall_x64 arch/x86/en\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37741",
"url": "https://www.suse.com/security/cve/CVE-2025-37741"
},
{
"category": "external",
"summary": "SUSE Bug 1243015 for CVE-2025-37741",
"url": "https://bugzilla.suse.com/1243015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37741"
},
{
"cve": "CVE-2025-37742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix uninit-value access of imap allocated in the diMount() function\n\nsyzbot reports that hex_dump_to_buffer is using uninit-value:\n\n=====================================================\nBUG: KMSAN: uninit-value in hex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nhex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nprint_hex_dump+0x13d/0x3e0 lib/hexdump.c:276\ndiFree+0x5ba/0x4350 fs/jfs/jfs_imap.c:876\njfs_evict_inode+0x510/0x550 fs/jfs/inode.c:156\nevict+0x723/0xd10 fs/inode.c:796\niput_final fs/inode.c:1946 [inline]\niput+0x97b/0xdb0 fs/inode.c:1972\ntxUpdateMap+0xf3e/0x1150 fs/jfs/jfs_txnmgr.c:2367\ntxLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline]\njfs_lazycommit+0x627/0x11d0 fs/jfs/jfs_txnmgr.c:2733\nkthread+0x6b9/0xef0 kernel/kthread.c:464\nret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:148\nret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nUninit was created at:\nslab_post_alloc_hook mm/slub.c:4121 [inline]\nslab_alloc_node mm/slub.c:4164 [inline]\n__kmalloc_cache_noprof+0x8e3/0xdf0 mm/slub.c:4320\nkmalloc_noprof include/linux/slab.h:901 [inline]\ndiMount+0x61/0x7f0 fs/jfs/jfs_imap.c:105\njfs_mount+0xa8e/0x11d0 fs/jfs/jfs_mount.c:176\njfs_fill_super+0xa47/0x17c0 fs/jfs/super.c:523\nget_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636\nget_tree_bdev+0x37/0x50 fs/super.c:1659\njfs_get_tree+0x34/0x40 fs/jfs/super.c:635\nvfs_get_tree+0xb1/0x5a0 fs/super.c:1814\ndo_new_mount+0x71f/0x15e0 fs/namespace.c:3560\npath_mount+0x742/0x1f10 fs/namespace.c:3887\ndo_mount fs/namespace.c:3900 [inline]\n__do_sys_mount fs/namespace.c:4111 [inline]\n__se_sys_mount+0x71f/0x800 fs/namespace.c:4088\n__x64_sys_mount+0xe4/0x150 fs/namespace.c:4088\nx64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\n=====================================================\n\nThe reason is that imap is not properly initialized after memory\nallocation. It will cause the snprintf() function to write uninitialized\ndata into linebuf within hex_dump_to_buffer().\n\nFix this by using kzalloc instead of kmalloc to clear its content at the\nbeginning in diMount().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37742",
"url": "https://www.suse.com/security/cve/CVE-2025-37742"
},
{
"category": "external",
"summary": "SUSE Bug 1243011 for CVE-2025-37742",
"url": "https://bugzilla.suse.com/1243011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37742"
},
{
"cve": "CVE-2025-37747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37747",
"url": "https://www.suse.com/security/cve/CVE-2025-37747"
},
{
"category": "external",
"summary": "SUSE Bug 1242520 for CVE-2025-37747",
"url": "https://bugzilla.suse.com/1242520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37747"
},
{
"cve": "CVE-2025-37748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37748"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group\n\nCurrently, mtk_iommu calls during probe iommu_device_register before\nthe hw_list from driver data is initialized. Since iommu probing issue\nfix, it leads to NULL pointer dereference in mtk_iommu_device_group when\nhw_list is accessed with list_first_entry (not null safe).\n\nSo, change the call order to ensure iommu_device_register is called\nafter the driver data are initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37748",
"url": "https://www.suse.com/security/cve/CVE-2025-37748"
},
{
"category": "external",
"summary": "SUSE Bug 1242523 for CVE-2025-37748",
"url": "https://bugzilla.suse.com/1242523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37748"
},
{
"cve": "CVE-2025-37749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ppp: Add bound checking for skb data on ppp_sync_txmung\n\nEnsure we have enough data in linear buffer from skb before accessing\ninitial bytes. This prevents potential out-of-bounds accesses\nwhen processing short packets.\n\nWhen ppp_sync_txmung receives an incoming package with an empty\npayload:\n(remote) gef\u27a4 p *(struct pppoe_hdr *) (skb-\u003ehead + skb-\u003enetwork_header)\n$18 = {\n\ttype = 0x1,\n\tver = 0x1,\n\tcode = 0x0,\n\tsid = 0x2,\n length = 0x0,\n\ttag = 0xffff8880371cdb96\n}\n\nfrom the skb struct (trimmed)\n tail = 0x16,\n end = 0x140,\n head = 0xffff88803346f400 \"4\",\n data = 0xffff88803346f416 \":\\377\",\n truesize = 0x380,\n len = 0x0,\n data_len = 0x0,\n mac_len = 0xe,\n hdr_len = 0x0,\n\nit is not safe to access data[2].\n\n[pabeni@redhat.com: fixed subj typo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37749",
"url": "https://www.suse.com/security/cve/CVE-2025-37749"
},
{
"category": "external",
"summary": "SUSE Bug 1242859 for CVE-2025-37749",
"url": "https://bugzilla.suse.com/1242859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37749"
},
{
"cve": "CVE-2025-37750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in decryption with multichannel\n\nAfter commit f7025d861694 (\"smb: client: allocate crypto only for\nprimary server\") and commit b0abcd65ec54 (\"smb: client: fix UAF in\nasync decryption\"), the channels started reusing AEAD TFM from primary\nchannel to perform synchronous decryption, but that can\u0027t done as\nthere could be multiple cifsd threads (one per channel) simultaneously\naccessing it to perform decryption.\n\nThis fixes the following KASAN splat when running fstest generic/249\nwith \u0027vers=3.1.1,multichannel,max_channels=4,seal\u0027 against Windows\nServer 2022:\n\nBUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xba/0x110\nRead of size 8 at addr ffff8881046c18a0 by task cifsd/986\nCPU: 3 UID: 0 PID: 986 Comm: cifsd Not tainted 6.15.0-rc1 #1\nPREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n print_report+0x156/0x528\n ? gf128mul_4k_lle+0xba/0x110\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? gf128mul_4k_lle+0xba/0x110\n kasan_report+0xdf/0x1a0\n ? gf128mul_4k_lle+0xba/0x110\n gf128mul_4k_lle+0xba/0x110\n ghash_update+0x189/0x210\n shash_ahash_update+0x295/0x370\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_extract_iter_to_sg+0x10/0x10\n ? ___kmalloc_large_node+0x10e/0x180\n ? __asan_memset+0x23/0x50\n crypto_ahash_update+0x3c/0xc0\n gcm_hash_assoc_remain_continue+0x93/0xc0\n crypt_message+0xe09/0xec0 [cifs]\n ? __pfx_crypt_message+0x10/0x10 [cifs]\n ? _raw_spin_unlock+0x23/0x40\n ? __pfx_cifs_readv_from_socket+0x10/0x10 [cifs]\n decrypt_raw_data+0x229/0x380 [cifs]\n ? __pfx_decrypt_raw_data+0x10/0x10 [cifs]\n ? __pfx_cifs_read_iter_from_socket+0x10/0x10 [cifs]\n smb3_receive_transform+0x837/0xc80 [cifs]\n ? __pfx_smb3_receive_transform+0x10/0x10 [cifs]\n ? __pfx___might_resched+0x10/0x10\n ? __pfx_smb3_is_transform_hdr+0x10/0x10 [cifs]\n cifs_demultiplex_thread+0x692/0x1570 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n ? rcu_is_watching+0x20/0x50\n ? rcu_lockdep_current_cpu_online+0x62/0xb0\n ? find_held_lock+0x32/0x90\n ? kvm_sched_clock_read+0x11/0x20\n ? local_clock_noinstr+0xd/0xd0\n ? trace_irq_enable.constprop.0+0xa8/0xe0\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0x1fe/0x380\n ? kthread+0x10f/0x380\n ? __pfx_kthread+0x10/0x10\n ? local_clock_noinstr+0xd/0xd0\n ? ret_from_fork+0x1b/0x60\n ? local_clock+0x15/0x30\n ? lock_release+0x29b/0x390\n ? rcu_is_watching+0x20/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37750",
"url": "https://www.suse.com/security/cve/CVE-2025-37750"
},
{
"category": "external",
"summary": "SUSE Bug 1242510 for CVE-2025-37750",
"url": "https://bugzilla.suse.com/1242510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37750"
},
{
"cve": "CVE-2025-37754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/huc: Fix fence not released on early probe errors\n\nHuC delayed loading fence, introduced with commit 27536e03271da\n(\"drm/i915/huc: track delayed HuC load with a fence\"), is registered with\nobject tracker early on driver probe but unregistered only from driver\nremove, which is not called on early probe errors. Since its memory is\nallocated under devres, then released anyway, it may happen to be\nallocated again to the fence and reused on future driver probes, resulting\nin kernel warnings that taint the kernel:\n\n\u003c4\u003e [309.731371] ------------[ cut here ]------------\n\u003c3\u003e [309.731373] ODEBUG: init destroyed (active state 0) object: ffff88813d7dd2e0 object type: i915_sw_fence hint: sw_fence_dummy_notify+0x0/0x20 [i915]\n\u003c4\u003e [309.731575] WARNING: CPU: 2 PID: 3161 at lib/debugobjects.c:612 debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731693] CPU: 2 UID: 0 PID: 3161 Comm: i915_module_loa Tainted: G U 6.14.0-CI_DRM_16362-gf0fd77956987+ #1\n...\n\u003c4\u003e [309.731700] RIP: 0010:debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731728] Call Trace:\n\u003c4\u003e [309.731730] \u003cTASK\u003e\n...\n\u003c4\u003e [309.731949] __debug_object_init+0x17b/0x1c0\n\u003c4\u003e [309.731957] debug_object_init+0x34/0x50\n\u003c4\u003e [309.732126] __i915_sw_fence_init+0x34/0x60 [i915]\n\u003c4\u003e [309.732256] intel_huc_init_early+0x4b/0x1d0 [i915]\n\u003c4\u003e [309.732468] intel_uc_init_early+0x61/0x680 [i915]\n\u003c4\u003e [309.732667] intel_gt_common_init_early+0x105/0x130 [i915]\n\u003c4\u003e [309.732804] intel_root_gt_init_early+0x63/0x80 [i915]\n\u003c4\u003e [309.732938] i915_driver_probe+0x1fa/0xeb0 [i915]\n\u003c4\u003e [309.733075] i915_pci_probe+0xe6/0x220 [i915]\n\u003c4\u003e [309.733198] local_pci_probe+0x44/0xb0\n\u003c4\u003e [309.733203] pci_device_probe+0xf4/0x270\n\u003c4\u003e [309.733209] really_probe+0xee/0x3c0\n\u003c4\u003e [309.733215] __driver_probe_device+0x8c/0x180\n\u003c4\u003e [309.733219] driver_probe_device+0x24/0xd0\n\u003c4\u003e [309.733223] __driver_attach+0x10f/0x220\n\u003c4\u003e [309.733230] bus_for_each_dev+0x7d/0xe0\n\u003c4\u003e [309.733236] driver_attach+0x1e/0x30\n\u003c4\u003e [309.733239] bus_add_driver+0x151/0x290\n\u003c4\u003e [309.733244] driver_register+0x5e/0x130\n\u003c4\u003e [309.733247] __pci_register_driver+0x7d/0x90\n\u003c4\u003e [309.733251] i915_pci_register_driver+0x23/0x30 [i915]\n\u003c4\u003e [309.733413] i915_init+0x34/0x120 [i915]\n\u003c4\u003e [309.733655] do_one_initcall+0x62/0x3f0\n\u003c4\u003e [309.733667] do_init_module+0x97/0x2a0\n\u003c4\u003e [309.733671] load_module+0x25ff/0x2890\n\u003c4\u003e [309.733688] init_module_from_file+0x97/0xe0\n\u003c4\u003e [309.733701] idempotent_init_module+0x118/0x330\n\u003c4\u003e [309.733711] __x64_sys_finit_module+0x77/0x100\n\u003c4\u003e [309.733715] x64_sys_call+0x1f37/0x2650\n\u003c4\u003e [309.733719] do_syscall_64+0x91/0x180\n\u003c4\u003e [309.733763] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\u003c4\u003e [309.733792] \u003c/TASK\u003e\n...\n\u003c4\u003e [309.733806] ---[ end trace 0000000000000000 ]---\n\nThat scenario is most easily reproducible with\nigt@i915_module_load@reload-with-fault-injection.\n\nFix the issue by moving the cleanup step to driver release path.\n\n(cherry picked from commit 795dbde92fe5c6996a02a5b579481de73035e7bf)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37754",
"url": "https://www.suse.com/security/cve/CVE-2025-37754"
},
{
"category": "external",
"summary": "SUSE Bug 1242524 for CVE-2025-37754",
"url": "https://bugzilla.suse.com/1242524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37754"
},
{
"cve": "CVE-2025-37755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37755"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: handle page_pool_dev_alloc_pages error\n\npage_pool_dev_alloc_pages could return NULL. There was a WARN_ON(!page)\nbut it would still proceed to use the NULL pointer and then crash.\n\nThis is similar to commit 001ba0902046\n(\"net: fec: handle page_pool_dev_alloc_pages error\").\n\nThis is found by our static analysis tool KNighter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37755",
"url": "https://www.suse.com/security/cve/CVE-2025-37755"
},
{
"category": "external",
"summary": "SUSE Bug 1242506 for CVE-2025-37755",
"url": "https://bugzilla.suse.com/1242506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37755"
},
{
"cve": "CVE-2025-37758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()\n\ndevm_ioremap() returns NULL on error. Currently, pxa_ata_probe() does\nnot check for this case, which can result in a NULL pointer dereference.\n\nAdd NULL check after devm_ioremap() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37758",
"url": "https://www.suse.com/security/cve/CVE-2025-37758"
},
{
"category": "external",
"summary": "SUSE Bug 1242514 for CVE-2025-37758",
"url": "https://bugzilla.suse.com/1242514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37758"
},
{
"cve": "CVE-2025-37765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: prime: fix ttm_bo_delayed_delete oops\n\nFix an oops in ttm_bo_delayed_delete which results from dererencing a\ndangling pointer:\n\nOops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [#1] PREEMPT SMP\nCPU: 4 UID: 0 PID: 1082 Comm: kworker/u65:2 Not tainted 6.14.0-rc4-00267-g505460b44513-dirty #216\nHardware name: LENOVO 82N6/LNVNB161216, BIOS GKCN65WW 01/16/2024\nWorkqueue: ttm ttm_bo_delayed_delete [ttm]\nRIP: 0010:dma_resv_iter_first_unlocked+0x55/0x290\nCode: 31 f6 48 c7 c7 00 2b fa aa e8 97 bd 52 ff e8 a2 c1 53 00 5a 85 c0 74 48 e9 88 01 00 00 4c 89 63 20 4d 85 e4 0f 84 30 01 00 00 \u003c41\u003e 8b 44 24 10 c6 43 2c 01 48 89 df 89 43 28 e8 97 fd ff ff 4c 8b\nRSP: 0018:ffffbf9383473d60 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: ffffbf9383473d88 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffbf9383473d78 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 6b6b6b6b6b6b6b6b\nR13: ffffa003bbf78580 R14: ffffa003a6728040 R15: 00000000000383cc\nFS: 0000000000000000(0000) GS:ffffa00991c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000758348024dd0 CR3: 000000012c259000 CR4: 0000000000f50ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x26\n ? die_addr+0x3d/0x70\n ? exc_general_protection+0x159/0x460\n ? asm_exc_general_protection+0x27/0x30\n ? dma_resv_iter_first_unlocked+0x55/0x290\n dma_resv_wait_timeout+0x56/0x100\n ttm_bo_delayed_delete+0x69/0xb0 [ttm]\n process_one_work+0x217/0x5c0\n worker_thread+0x1c8/0x3d0\n ? apply_wqattrs_cleanup.part.0+0xc0/0xc0\n kthread+0x10b/0x240\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork+0x40/0x70\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThe cause of this is:\n\n- drm_prime_gem_destroy calls dma_buf_put(dma_buf) which releases the\n reference to the shared dma_buf. The reference count is 0, so the\n dma_buf is destroyed, which in turn decrements the corresponding\n amdgpu_bo reference count to 0, and the amdgpu_bo is destroyed -\n calling drm_gem_object_release then dma_resv_fini (which destroys the\n reservation object), then finally freeing the amdgpu_bo.\n\n- nouveau_bo obj-\u003ebo.base.resv is now a dangling pointer to the memory\n formerly allocated to the amdgpu_bo.\n\n- nouveau_gem_object_del calls ttm_bo_put(\u0026nvbo-\u003ebo) which calls\n ttm_bo_release, which schedules ttm_bo_delayed_delete.\n\n- ttm_bo_delayed_delete runs and dereferences the dangling resv pointer,\n resulting in a general protection fault.\n\nFix this by moving the drm_prime_gem_destroy call from\nnouveau_gem_object_del to nouveau_bo_del_ttm. This ensures that it will\nbe run after ttm_bo_delayed_delete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37765",
"url": "https://www.suse.com/security/cve/CVE-2025-37765"
},
{
"category": "external",
"summary": "SUSE Bug 1242761 for CVE-2025-37765",
"url": "https://bugzilla.suse.com/1242761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37765"
},
{
"cve": "CVE-2025-37766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37766",
"url": "https://www.suse.com/security/cve/CVE-2025-37766"
},
{
"category": "external",
"summary": "SUSE Bug 1242785 for CVE-2025-37766",
"url": "https://bugzilla.suse.com/1242785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37766"
},
{
"cve": "CVE-2025-37767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37767",
"url": "https://www.suse.com/security/cve/CVE-2025-37767"
},
{
"category": "external",
"summary": "SUSE Bug 1242501 for CVE-2025-37767",
"url": "https://bugzilla.suse.com/1242501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37767"
},
{
"cve": "CVE-2025-37768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37768",
"url": "https://www.suse.com/security/cve/CVE-2025-37768"
},
{
"category": "external",
"summary": "SUSE Bug 1242567 for CVE-2025-37768",
"url": "https://bugzilla.suse.com/1242567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37768"
},
{
"cve": "CVE-2025-37769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm/smu11: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n(cherry picked from commit da7dc714a8f8e1c9fc33c57cd63583779a3bef71)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37769",
"url": "https://www.suse.com/security/cve/CVE-2025-37769"
},
{
"category": "external",
"summary": "SUSE Bug 1242587 for CVE-2025-37769",
"url": "https://bugzilla.suse.com/1242587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37769"
},
{
"cve": "CVE-2025-37770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37770",
"url": "https://www.suse.com/security/cve/CVE-2025-37770"
},
{
"category": "external",
"summary": "SUSE Bug 1242764 for CVE-2025-37770",
"url": "https://bugzilla.suse.com/1242764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37770"
},
{
"cve": "CVE-2025-37771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37771",
"url": "https://www.suse.com/security/cve/CVE-2025-37771"
},
{
"category": "external",
"summary": "SUSE Bug 1242781 for CVE-2025-37771",
"url": "https://bugzilla.suse.com/1242781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37771"
},
{
"cve": "CVE-2025-37772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix workqueue crash in cma_netevent_work_handler\n\nstruct rdma_cm_id has member \"struct work_struct net_work\"\nthat is reused for enqueuing cma_netevent_work_handler()s\nonto cma_wq.\n\nBelow crash[1] can occur if more than one call to\ncma_netevent_callback() occurs in quick succession,\nwhich further enqueues cma_netevent_work_handler()s for the\nsame rdma_cm_id, overwriting any previously queued work-item(s)\nthat was just scheduled to run i.e. there is no guarantee\nthe queued work item may run between two successive calls\nto cma_netevent_callback() and the 2nd INIT_WORK would overwrite\nthe 1st work item (for the same rdma_cm_id), despite grabbing\nid_table_lock during enqueue.\n\nAlso drgn analysis [2] indicates the work item was likely overwritten.\n\nFix this by moving the INIT_WORK() to __rdma_create_id(),\nso that it doesn\u0027t race with any existing queue_work() or\nits worker thread.\n\n[1] Trimmed crash stack:\n=============================================\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nkworker/u256:6 ... 6.12.0-0...\nWorkqueue: cma_netevent_work_handler [rdma_cm] (rdma_cm)\nRIP: 0010:process_one_work+0xba/0x31a\nCall Trace:\n worker_thread+0x266/0x3a0\n kthread+0xcf/0x100\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x1a/0x30\n=============================================\n\n[2] drgn crash analysis:\n\n\u003e\u003e\u003e trace = prog.crashed_thread().stack_trace()\n\u003e\u003e\u003e trace\n(0) crash_setup_regs (./arch/x86/include/asm/kexec.h:111:15)\n(1) __crash_kexec (kernel/crash_core.c:122:4)\n(2) panic (kernel/panic.c:399:3)\n(3) oops_end (arch/x86/kernel/dumpstack.c:382:3)\n...\n(8) process_one_work (kernel/workqueue.c:3168:2)\n(9) process_scheduled_works (kernel/workqueue.c:3310:3)\n(10) worker_thread (kernel/workqueue.c:3391:4)\n(11) kthread (kernel/kthread.c:389:9)\n\nLine workqueue.c:3168 for this kernel version is in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n\n\u003e\u003e\u003e trace[8][\"work\"]\n*(struct work_struct *)0xffff92577d0a21d8 = {\n\t.data = (atomic_long_t){\n\t\t.counter = (s64)536870912, \u003c=== Note\n\t},\n\t.entry = (struct list_head){\n\t\t.next = (struct list_head *)0xffff924d075924c0,\n\t\t.prev = (struct list_head *)0xffff924d075924c0,\n\t},\n\t.func = (work_func_t)cma_netevent_work_handler+0x0 = 0xffffffffc2cec280,\n}\n\nSuspicion is that pwq is NULL:\n\u003e\u003e\u003e trace[8][\"pwq\"]\n(struct pool_workqueue *)\u003cabsent\u003e\n\nIn process_one_work(), pwq is assigned from:\nstruct pool_workqueue *pwq = get_work_pwq(work);\n\nand get_work_pwq() is:\nstatic struct pool_workqueue *get_work_pwq(struct work_struct *work)\n{\n \tunsigned long data = atomic_long_read(\u0026work-\u003edata);\n\n \tif (data \u0026 WORK_STRUCT_PWQ)\n \t\treturn work_struct_pwq(data);\n \telse\n \t\treturn NULL;\n}\n\nWORK_STRUCT_PWQ is 0x4:\n\u003e\u003e\u003e print(repr(prog[\u0027WORK_STRUCT_PWQ\u0027]))\nObject(prog, \u0027enum work_flags\u0027, value=4)\n\nBut work-\u003edata is 536870912 which is 0x20000000.\nSo, get_work_pwq() returns NULL and we crash in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n=============================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37772",
"url": "https://www.suse.com/security/cve/CVE-2025-37772"
},
{
"category": "external",
"summary": "SUSE Bug 1242563 for CVE-2025-37772",
"url": "https://bugzilla.suse.com/1242563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37772"
},
{
"cve": "CVE-2025-37773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtiofs: add filesystem context source name check\n\nIn certain scenarios, for example, during fuzz testing, the source\nname may be NULL, which could lead to a kernel panic. Therefore, an\nextra check for the source name should be added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37773",
"url": "https://www.suse.com/security/cve/CVE-2025-37773"
},
{
"category": "external",
"summary": "SUSE Bug 1242502 for CVE-2025-37773",
"url": "https://bugzilla.suse.com/1242502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37773"
},
{
"cve": "CVE-2025-37780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Prevent the use of too small fid\n\nsyzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1]\n\nThe handle_bytes value passed in by the reproducing program is equal to 12.\nIn handle_to_path(), only 12 bytes of memory are allocated for the structure\nfile_handle-\u003ef_handle member, which causes an out-of-bounds access when\naccessing the member parent_block of the structure isofs_fid in isofs,\nbecause accessing parent_block requires at least 16 bytes of f_handle.\nHere, fh_len is used to indirectly confirm that the value of handle_bytes\nis greater than 3 before accessing parent_block.\n\n[1]\nBUG: KASAN: slab-out-of-bounds in isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\nRead of size 4 at addr ffff0000cc030d94 by task syz-executor215/6466\nCPU: 1 UID: 0 PID: 6466 Comm: syz-executor215 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0x198/0x550 mm/kasan/report.c:521\n kasan_report+0xd8/0x138 mm/kasan/report.c:634\n __asan_report_load4_noabort+0x20/0x2c mm/kasan/report_generic.c:380\n isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\n exportfs_decode_fh_raw+0x2dc/0x608 fs/exportfs/expfs.c:523\n do_handle_to_path+0xa0/0x198 fs/fhandle.c:257\n handle_to_path fs/fhandle.c:385 [inline]\n do_handle_open+0x8cc/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nAllocated by task 6466:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x40/0x50 mm/kasan/generic.c:562\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xac/0xc4 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4294 [inline]\n __kmalloc_noprof+0x32c/0x54c mm/slub.c:4306\n kmalloc_noprof include/linux/slab.h:905 [inline]\n handle_to_path fs/fhandle.c:357 [inline]\n do_handle_open+0x5a4/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37780",
"url": "https://www.suse.com/security/cve/CVE-2025-37780"
},
{
"category": "external",
"summary": "SUSE Bug 1242786 for CVE-2025-37780",
"url": "https://bugzilla.suse.com/1242786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37780"
},
{
"cve": "CVE-2025-37781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: cros-ec-tunnel: defer probe if parent EC is not present\n\nWhen i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent\ndevice will not be found, leading to NULL pointer dereference.\n\nThat can also be reproduced by unbinding the controller driver and then\nloading i2c-cros-ec-tunnel module (or binding the device).\n\n[ 271.991245] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 271.998215] #PF: supervisor read access in kernel mode\n[ 272.003351] #PF: error_code(0x0000) - not-present page\n[ 272.008485] PGD 0 P4D 0\n[ 272.011022] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 272.015207] CPU: 0 UID: 0 PID: 3859 Comm: insmod Tainted: G S 6.15.0-rc1-00004-g44722359ed83 #30 PREEMPT(full) 3c7fb39a552e7d949de2ad921a7d6588d3a4fdc5\n[ 272.030312] Tainted: [S]=CPU_OUT_OF_SPEC\n[ 272.034233] Hardware name: HP Berknip/Berknip, BIOS Google_Berknip.13434.356.0 05/17/2021\n[ 272.042400] RIP: 0010:ec_i2c_probe+0x2b/0x1c0 [i2c_cros_ec_tunnel]\n[ 272.048577] Code: 1f 44 00 00 41 57 41 56 41 55 41 54 53 48 83 ec 10 65 48 8b 05 06 a0 6c e7 48 89 44 24 08 4c 8d 7f 10 48 8b 47 50 4c 8b 60 78 \u003c49\u003e 83 7c 24 58 00 0f 84 2f 01 00 00 48 89 fb be 30 06 00 00 4c 9\n[ 272.067317] RSP: 0018:ffffa32082a03940 EFLAGS: 00010282\n[ 272.072541] RAX: ffff969580b6a810 RBX: ffff969580b68c10 RCX: 0000000000000000\n[ 272.079672] RDX: 0000000000000000 RSI: 0000000000000282 RDI: ffff969580b68c00\n[ 272.086804] RBP: 00000000fffffdfb R08: 0000000000000000 R09: 0000000000000000\n[ 272.093936] R10: 0000000000000000 R11: ffffffffc0600000 R12: 0000000000000000\n[ 272.101067] R13: ffffffffa666fbb8 R14: ffffffffc05b5528 R15: ffff969580b68c10\n[ 272.108198] FS: 00007b930906fc40(0000) GS:ffff969603149000(0000) knlGS:0000000000000000\n[ 272.116282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 272.122024] CR2: 0000000000000058 CR3: 000000012631c000 CR4: 00000000003506f0\n[ 272.129155] Call Trace:\n[ 272.131606] \u003cTASK\u003e\n[ 272.133709] ? acpi_dev_pm_attach+0xdd/0x110\n[ 272.137985] platform_probe+0x69/0xa0\n[ 272.141652] really_probe+0x152/0x310\n[ 272.145318] __driver_probe_device+0x77/0x110\n[ 272.149678] driver_probe_device+0x1e/0x190\n[ 272.153864] __driver_attach+0x10b/0x1e0\n[ 272.157790] ? driver_attach+0x20/0x20\n[ 272.161542] bus_for_each_dev+0x107/0x150\n[ 272.165553] bus_add_driver+0x15d/0x270\n[ 272.169392] driver_register+0x65/0x110\n[ 272.173232] ? cleanup_module+0xa80/0xa80 [i2c_cros_ec_tunnel 3a00532f3f4af4a9eade753f86b0f8dd4e4e5698]\n[ 272.182617] do_one_initcall+0x110/0x350\n[ 272.186543] ? security_kernfs_init_security+0x49/0xd0\n[ 272.191682] ? __kernfs_new_node+0x1b9/0x240\n[ 272.195954] ? security_kernfs_init_security+0x49/0xd0\n[ 272.201093] ? __kernfs_new_node+0x1b9/0x240\n[ 272.205365] ? kernfs_link_sibling+0x105/0x130\n[ 272.209810] ? kernfs_next_descendant_post+0x1c/0xa0\n[ 272.214773] ? kernfs_activate+0x57/0x70\n[ 272.218699] ? kernfs_add_one+0x118/0x160\n[ 272.222710] ? __kernfs_create_file+0x71/0xa0\n[ 272.227069] ? sysfs_add_bin_file_mode_ns+0xd6/0x110\n[ 272.232033] ? internal_create_group+0x453/0x4a0\n[ 272.236651] ? __vunmap_range_noflush+0x214/0x2d0\n[ 272.241355] ? __free_frozen_pages+0x1dc/0x420\n[ 272.245799] ? free_vmap_area_noflush+0x10a/0x1c0\n[ 272.250505] ? load_module+0x1509/0x16f0\n[ 272.254431] do_init_module+0x60/0x230\n[ 272.258181] __se_sys_finit_module+0x27a/0x370\n[ 272.262627] do_syscall_64+0x6a/0xf0\n[ 272.266206] ? do_syscall_64+0x76/0xf0\n[ 272.269956] ? irqentry_exit_to_user_mode+0x79/0x90\n[ 272.274836] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n[ 272.279887] RIP: 0033:0x7b9309168d39\n[ 272.283466] Code: 5b 41 5c 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d af 40 0c 00 f7 d8 64 89 01 8\n[ 272.302210] RSP: 002b:00007fff50f1a288 EFLAGS: 00000246 ORIG_RAX: 000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37781",
"url": "https://www.suse.com/security/cve/CVE-2025-37781"
},
{
"category": "external",
"summary": "SUSE Bug 1242575 for CVE-2025-37781",
"url": "https://bugzilla.suse.com/1242575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37781"
},
{
"cve": "CVE-2025-37782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37782"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37782",
"url": "https://www.suse.com/security/cve/CVE-2025-37782"
},
{
"category": "external",
"summary": "SUSE Bug 1242770 for CVE-2025-37782",
"url": "https://bugzilla.suse.com/1242770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37782"
},
{
"cve": "CVE-2025-37787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered\n\nRussell King reports that a system with mv88e6xxx dereferences a NULL\npointer when unbinding this driver:\nhttps://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/\n\nThe crash seems to be in devlink_region_destroy(), which is not NULL\ntolerant but is given a NULL devlink global region pointer.\n\nAt least on some chips, some devlink regions are conditionally registered\nsince the blamed commit, see mv88e6xxx_setup_devlink_regions_global():\n\n\t\tif (cond \u0026\u0026 !cond(chip))\n\t\t\tcontinue;\n\nThese are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip\ndoes not have an STU or PVT, it should crash like this.\n\nTo fix the issue, avoid unregistering those regions which are NULL, i.e.\nwere skipped at mv88e6xxx_setup_devlink_regions_global() time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37787",
"url": "https://www.suse.com/security/cve/CVE-2025-37787"
},
{
"category": "external",
"summary": "SUSE Bug 1242585 for CVE-2025-37787",
"url": "https://bugzilla.suse.com/1242585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37787"
},
{
"cve": "CVE-2025-37788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path\n\nIn the for loop used to allocate the loc_array and bmap for each port, a\nmemory leak is possible when the allocation for loc_array succeeds,\nbut the allocation for bmap fails. This is because when the control flow\ngoes to the label free_eth_finfo, only the allocations starting from\n(i-1)th iteration are freed.\n\nFix that by freeing the loc_array in the bmap allocation error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37788",
"url": "https://www.suse.com/security/cve/CVE-2025-37788"
},
{
"category": "external",
"summary": "SUSE Bug 1242766 for CVE-2025-37788",
"url": "https://bugzilla.suse.com/1242766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37788"
},
{
"cve": "CVE-2025-37789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix nested key length validation in the set() action\n\nIt\u0027s not safe to access nla_len(ovs_key) if the data is smaller than\nthe netlink header. Check that the attribute is OK first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37789",
"url": "https://www.suse.com/security/cve/CVE-2025-37789"
},
{
"category": "external",
"summary": "SUSE Bug 1242762 for CVE-2025-37789",
"url": "https://bugzilla.suse.com/1242762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37789"
},
{
"cve": "CVE-2025-37790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Set SOCK_RCU_FREE\n\nBind lookup runs under RCU, so ensure that a socket doesn\u0027t go away in\nthe middle of a lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37790",
"url": "https://www.suse.com/security/cve/CVE-2025-37790"
},
{
"category": "external",
"summary": "SUSE Bug 1242509 for CVE-2025-37790",
"url": "https://bugzilla.suse.com/1242509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37790"
},
{
"cve": "CVE-2025-37792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: Prevent potential NULL dereference\n\nThe btrtl_initialize() function checks that rtl_load_file() either\nhad an error or it loaded a zero length file. However, if it loaded\na zero length file then the error code is not set correctly. It\nresults in an error pointer vs NULL bug, followed by a NULL pointer\ndereference. This was detected by Smatch:\n\ndrivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to \u0027ERR_PTR\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37792",
"url": "https://www.suse.com/security/cve/CVE-2025-37792"
},
{
"category": "external",
"summary": "SUSE Bug 1242591 for CVE-2025-37792",
"url": "https://bugzilla.suse.com/1242591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37792"
},
{
"cve": "CVE-2025-37793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\navs_component_probe() does not check for this case, which results in a\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37793",
"url": "https://www.suse.com/security/cve/CVE-2025-37793"
},
{
"category": "external",
"summary": "SUSE Bug 1242584 for CVE-2025-37793",
"url": "https://bugzilla.suse.com/1242584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37793"
},
{
"cve": "CVE-2025-37794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Purge vif txq in ieee80211_do_stop()\n\nAfter ieee80211_do_stop() SKB from vif\u0027s txq could still be processed.\nIndeed another concurrent vif schedule_and_wake_txq call could cause\nthose packets to be dequeued (see ieee80211_handle_wake_tx_queue())\nwithout checking the sdata current state.\n\nBecause vif.drv_priv is now cleared in this function, this could lead to\ndriver crash.\n\nFor example in ath12k, ahvif is store in vif.drv_priv. Thus if\nath12k_mac_op_tx() is called after ieee80211_do_stop(), ahvif-\u003eah can be\nNULL, leading the ath12k_warn(ahvif-\u003eah,...) call in this function to\ntrigger the NULL deref below.\n\n Unable to handle kernel paging request at virtual address dfffffc000000001\n KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n batman_adv: bat0: Interface deactivated: brbh1337\n Mem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n [dfffffc000000001] address between user and kernel address ranges\n Internal error: Oops: 0000000096000004 [#1] SMP\n CPU: 1 UID: 0 PID: 978 Comm: lbd Not tainted 6.13.0-g633f875b8f1e #114\n Hardware name: HW (DT)\n pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k]\n lr : ath12k_mac_op_tx+0x174/0x29b8 [ath12k]\n sp : ffffffc086ace450\n x29: ffffffc086ace450 x28: 0000000000000000 x27: 1ffffff810d59ca4\n x26: ffffff801d05f7c0 x25: 0000000000000000 x24: 000000004000001e\n x23: ffffff8009ce4926 x22: ffffff801f9c0800 x21: ffffff801d05f7f0\n x20: ffffff8034a19f40 x19: 0000000000000000 x18: ffffff801f9c0958\n x17: ffffff800bc0a504 x16: dfffffc000000000 x15: ffffffc086ace4f8\n x14: ffffff801d05f83c x13: 0000000000000000 x12: ffffffb003a0bf03\n x11: 0000000000000000 x10: ffffffb003a0bf02 x9 : ffffff8034a19f40\n x8 : ffffff801d05f818 x7 : 1ffffff0069433dc x6 : ffffff8034a19ee0\n x5 : ffffff801d05f7f0 x4 : 0000000000000000 x3 : 0000000000000001\n x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000008\n Call trace:\n ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k] (P)\n ieee80211_handle_wake_tx_queue+0x16c/0x260\n ieee80211_queue_skb+0xeec/0x1d20\n ieee80211_tx+0x200/0x2c8\n ieee80211_xmit+0x22c/0x338\n __ieee80211_subif_start_xmit+0x7e8/0xc60\n ieee80211_subif_start_xmit+0xc4/0xee0\n __ieee80211_subif_start_xmit_8023.isra.0+0x854/0x17a0\n ieee80211_subif_start_xmit_8023+0x124/0x488\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n br_dev_queue_push_xmit+0x120/0x4a8\n __br_forward+0xe4/0x2b0\n deliver_clone+0x5c/0xd0\n br_flood+0x398/0x580\n br_dev_xmit+0x454/0x9f8\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n ip6_finish_output2+0xc28/0x1b60\n __ip6_finish_output+0x38c/0x638\n ip6_output+0x1b4/0x338\n ip6_local_out+0x7c/0xa8\n ip6_send_skb+0x7c/0x1b0\n ip6_push_pending_frames+0x94/0xd0\n rawv6_sendmsg+0x1a98/0x2898\n inet_sendmsg+0x94/0xe0\n __sys_sendto+0x1e4/0x308\n __arm64_sys_sendto+0xc4/0x140\n do_el0_svc+0x110/0x280\n el0_svc+0x20/0x60\n el0t_64_sync_handler+0x104/0x138\n el0t_64_sync+0x154/0x158\n\nTo avoid that, empty vif\u0027s txq at ieee80211_do_stop() so no packet could\nbe dequeued after ieee80211_do_stop() (new packets cannot be queued\nbecause SDATA_STATE_RUNNING is cleared at this point).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37794",
"url": "https://www.suse.com/security/cve/CVE-2025-37794"
},
{
"category": "external",
"summary": "SUSE Bug 1242566 for CVE-2025-37794",
"url": "https://bugzilla.suse.com/1242566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37794"
},
{
"cve": "CVE-2025-37796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: at76c50x: fix use after free access in at76_disconnect\n\nThe memory pointed to by priv is freed at the end of at76_delete_device\nfunction (using ieee80211_free_hw). But the code then accesses the udev\nfield of the freed object to put the USB device. This may also lead to a\nmemory leak of the usb device. Fix this by using udev from interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37796",
"url": "https://www.suse.com/security/cve/CVE-2025-37796"
},
{
"category": "external",
"summary": "SUSE Bug 1242727 for CVE-2025-37796",
"url": "https://bugzilla.suse.com/1242727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37796"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudmabuf: fix a buf size overflow issue during udmabuf creation\n\nby casting size_limit_mb to u64 when calculate pglimit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37803",
"url": "https://www.suse.com/security/cve/CVE-2025-37803"
},
{
"category": "external",
"summary": "SUSE Bug 1242852 for CVE-2025-37803",
"url": "https://bugzilla.suse.com/1242852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37803"
},
{
"cve": "CVE-2025-37804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37804"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37804",
"url": "https://www.suse.com/security/cve/CVE-2025-37804"
},
{
"category": "external",
"summary": "SUSE Bug 1242854 for CVE-2025-37804",
"url": "https://bugzilla.suse.com/1242854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37804"
},
{
"cve": "CVE-2025-37805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsound/virtio: Fix cancel_sync warnings on uninitialized work_structs\n\nBetty reported hitting the following warning:\n\n[ 8.709131][ T221] WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182\n...\n[ 8.713282][ T221] Call trace:\n[ 8.713365][ T221] __flush_work+0x8d0/0x914\n[ 8.713468][ T221] __cancel_work_sync+0xac/0xfc\n[ 8.713570][ T221] cancel_work_sync+0x24/0x34\n[ 8.713667][ T221] virtsnd_remove+0xa8/0xf8 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.713868][ T221] virtsnd_probe+0x48c/0x664 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.714035][ T221] virtio_dev_probe+0x28c/0x390\n[ 8.714139][ T221] really_probe+0x1bc/0x4c8\n...\n\nIt seems we\u0027re hitting the error path in virtsnd_probe(), which\ntriggers a virtsnd_remove() which iterates over the substreams\ncalling cancel_work_sync() on the elapsed_period work_struct.\n\nLooking at the code, from earlier in:\nvirtsnd_probe()-\u003evirtsnd_build_devs()-\u003evirtsnd_pcm_parse_cfg()\n\nWe set snd-\u003ensubstreams, allocate the snd-\u003esubstreams, and if\nwe then hit an error on the info allocation or something in\nvirtsnd_ctl_query_info() fails, we will exit without having\ninitialized the elapsed_period work_struct.\n\nWhen that error path unwinds we then call virtsnd_remove()\nwhich as long as the substreams array is allocated, will iterate\nthrough calling cancel_work_sync() on the uninitialized work\nstruct hitting this warning.\n\nTakashi Iwai suggested this fix, which initializes the substreams\nstructure right after allocation, so that if we hit the error\npaths we avoid trying to cleanup uninitialized data.\n\nNote: I have not yet managed to reproduce the issue myself, so\nthis patch has had limited testing.\n\nFeedback or thoughts would be appreciated!",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37805",
"url": "https://www.suse.com/security/cve/CVE-2025-37805"
},
{
"category": "external",
"summary": "SUSE Bug 1242930 for CVE-2025-37805",
"url": "https://bugzilla.suse.com/1242930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37805"
},
{
"cve": "CVE-2025-37809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Fix NULL pointer access\n\nConcurrent calls to typec_partner_unlink_device can lead to a NULL pointer\ndereference. This patch adds a mutex to protect USB device pointers and\nprevent this issue. The same mutex protects both the device pointers and\nthe partner device registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37809",
"url": "https://www.suse.com/security/cve/CVE-2025-37809"
},
{
"category": "external",
"summary": "SUSE Bug 1242856 for CVE-2025-37809",
"url": "https://bugzilla.suse.com/1242856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37809"
},
{
"cve": "CVE-2025-37810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: check that event count does not exceed event buffer length\n\nThe event count is read from register DWC3_GEVNTCOUNT.\nThere is a check for the count being zero, but not for exceeding the\nevent buffer length.\nCheck that event count does not exceed event buffer length,\navoiding an out-of-bounds access when memcpy\u0027ing the event.\nCrash log:\nUnable to handle kernel paging request at virtual address ffffffc0129be000\npc : __memcpy+0x114/0x180\nlr : dwc3_check_event_buf+0xec/0x348\nx3 : 0000000000000030 x2 : 000000000000dfc4\nx1 : ffffffc0129be000 x0 : ffffff87aad60080\nCall trace:\n__memcpy+0x114/0x180\ndwc3_interrupt+0x24/0x34",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37810",
"url": "https://www.suse.com/security/cve/CVE-2025-37810"
},
{
"category": "external",
"summary": "SUSE Bug 1242906 for CVE-2025-37810",
"url": "https://bugzilla.suse.com/1242906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37810"
},
{
"cve": "CVE-2025-37812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: Fix deadlock when using NCM gadget\n\nThe cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit\n58f2fcb3a845 (\"usb: cdnsp: Fix deadlock issue during using NCM gadget\").\n\nUnder PREEMPT_RT the deadlock can be readily triggered by heavy network\ntraffic, for example using \"iperf --bidir\" over NCM ethernet link.\n\nThe deadlock occurs because the threaded interrupt handler gets\npreempted by a softirq, but both are protected by the same spinlock.\nPrevent deadlock by disabling softirq during threaded irq handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37812",
"url": "https://www.suse.com/security/cve/CVE-2025-37812"
},
{
"category": "external",
"summary": "SUSE Bug 1242908 for CVE-2025-37812",
"url": "https://bugzilla.suse.com/1242908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37812"
},
{
"cve": "CVE-2025-37815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration\n\nResolve kernel panic while accessing IRQ handler associated with the\ngenerated IRQ. This is done by acquiring the spinlock and storing the\ncurrent interrupt state before handling the interrupt request using\ngeneric_handle_irq.\n\nA previous fix patch was submitted where \u0027generic_handle_irq\u0027 was\nreplaced with \u0027handle_nested_irq\u0027. However, this change also causes\nthe kernel panic where after determining which GPIO triggered the\ninterrupt and attempting to call handle_nested_irq with the mapped\nIRQ number, leads to a failure in locating the registered handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37815",
"url": "https://www.suse.com/security/cve/CVE-2025-37815"
},
{
"category": "external",
"summary": "SUSE Bug 1242871 for CVE-2025-37815",
"url": "https://bugzilla.suse.com/1242871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37815"
},
{
"cve": "CVE-2025-37819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()\n\nWith ACPI in place, gicv2m_get_fwnode() is registered with the pci\nsubsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime\nduring a PCI host bridge probe. But, the call back is wrongly marked as\n__init, causing it to be freed, while being registered with the PCI\nsubsystem and could trigger:\n\n Unable to handle kernel paging request at virtual address ffff8000816c0400\n gicv2m_get_fwnode+0x0/0x58 (P)\n pci_set_bus_msi_domain+0x74/0x88\n pci_register_host_bridge+0x194/0x548\n\nThis is easily reproducible on a Juno board with ACPI boot.\n\nRetain the function for later use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37819",
"url": "https://www.suse.com/security/cve/CVE-2025-37819"
},
{
"category": "external",
"summary": "SUSE Bug 1242873 for CVE-2025-37819",
"url": "https://bugzilla.suse.com/1242873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37819"
},
{
"cve": "CVE-2025-37820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen-netfront: handle NULL returned by xdp_convert_buff_to_frame()\n\nThe function xdp_convert_buff_to_frame() may return NULL if it fails\nto correctly convert the XDP buffer into an XDP frame due to memory\nconstraints, internal errors, or invalid data. Failing to check for NULL\nmay lead to a NULL pointer dereference if the result is used later in\nprocessing, potentially causing crashes, data corruption, or undefined\nbehavior.\n\nOn XDP redirect failure, the associated page must be released explicitly\nif it was previously retained via get_page(). Failing to do so may result\nin a memory leak, as the pages reference count is not decremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37820",
"url": "https://www.suse.com/security/cve/CVE-2025-37820"
},
{
"category": "external",
"summary": "SUSE Bug 1242866 for CVE-2025-37820",
"url": "https://bugzilla.suse.com/1242866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37820"
},
{
"cve": "CVE-2025-37823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don\u0027t have a reliable reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37823",
"url": "https://www.suse.com/security/cve/CVE-2025-37823"
},
{
"category": "external",
"summary": "SUSE Bug 1242924 for CVE-2025-37823",
"url": "https://bugzilla.suse.com/1242924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37823"
},
{
"cve": "CVE-2025-37824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix NULL pointer dereference in tipc_mon_reinit_self()\n\nsyzbot reported:\n\ntipc: Node number set to 1055423674\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 3 UID: 0 PID: 6017 Comm: kworker/3:5 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: events tipc_net_finalize_work\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tipc_net_finalize+0x10b/0x180 net/tipc/net.c:140\n process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238\n process_scheduled_works kernel/workqueue.c:3319 [inline]\n worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400\n kthread+0x3c2/0x780 kernel/kthread.c:464\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n...\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\nThere is a racing condition between workqueue created when enabling\nbearer and another thread created when disabling bearer right after\nthat as follow:\n\nenabling_bearer | disabling_bearer\n--------------- | ----------------\ntipc_disc_timeout() |\n{ | bearer_disable()\n ... | {\n schedule_work(\u0026tn-\u003ework); | tipc_mon_delete()\n ... | {\n} | ...\n | write_lock_bh(\u0026mon-\u003elock);\n | mon-\u003eself = NULL;\n | write_unlock_bh(\u0026mon-\u003elock);\n | ...\n | }\ntipc_net_finalize_work() | }\n{ |\n ... |\n tipc_net_finalize() |\n { |\n ... |\n tipc_mon_reinit_self() |\n { |\n ... |\n write_lock_bh(\u0026mon-\u003elock); |\n mon-\u003eself-\u003eaddr = tipc_own_addr(net); |\n write_unlock_bh(\u0026mon-\u003elock); |\n ... \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37824",
"url": "https://www.suse.com/security/cve/CVE-2025-37824"
},
{
"category": "external",
"summary": "SUSE Bug 1242867 for CVE-2025-37824",
"url": "https://bugzilla.suse.com/1242867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37824"
},
{
"cve": "CVE-2025-37829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scpi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37829",
"url": "https://www.suse.com/security/cve/CVE-2025-37829"
},
{
"category": "external",
"summary": "SUSE Bug 1242875 for CVE-2025-37829",
"url": "https://bugzilla.suse.com/1242875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37829"
},
{
"cve": "CVE-2025-37830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scmi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.\n\nAdd NULL check after cpufreq_cpu_get_raw() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37830",
"url": "https://www.suse.com/security/cve/CVE-2025-37830"
},
{
"category": "external",
"summary": "SUSE Bug 1242860 for CVE-2025-37830",
"url": "https://bugzilla.suse.com/1242860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37830"
},
{
"cve": "CVE-2025-37831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. apple_soc_cpufreq_get_rate() does not check\nfor this case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37831",
"url": "https://www.suse.com/security/cve/CVE-2025-37831"
},
{
"category": "external",
"summary": "SUSE Bug 1242861 for CVE-2025-37831",
"url": "https://bugzilla.suse.com/1242861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37831"
},
{
"cve": "CVE-2025-37833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads\n\nFix niu_try_msix() to not cause a fatal trap on sparc systems.\n\nSet PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to\nwork around a bug in the hardware or firmware.\n\nFor each vector entry in the msix table, niu chips will cause a fatal\ntrap if any registers in that entry are read before that entries\u0027\nENTRY_DATA register is written to. Testing indicates writes to other\nregisters are not sufficient to prevent the fatal trap, however the value\ndoes not appear to matter. This only needs to happen once after power up,\nso simply rebooting into a kernel lacking this fix will NOT cause the\ntrap.\n\nNON-RESUMABLE ERROR: Reporting on cpu 64\nNON-RESUMABLE ERROR: TPC [0x00000000005f6900] \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\nNON-RESUMABLE ERROR: RAW [4010000000000016:00000e37f93e32ff:0000000202000080:ffffffffffffffff\nNON-RESUMABLE ERROR: 0000000800000000:0000000000000000:0000000000000000:0000000000000000]\nNON-RESUMABLE ERROR: handle [0x4010000000000016] stick [0x00000e37f93e32ff]\nNON-RESUMABLE ERROR: type [precise nonresumable]\nNON-RESUMABLE ERROR: attrs [0x02000080] \u003c ASI sp-faulted priv \u003e\nNON-RESUMABLE ERROR: raddr [0xffffffffffffffff]\nNON-RESUMABLE ERROR: insn effective address [0x000000c50020000c]\nNON-RESUMABLE ERROR: size [0x8]\nNON-RESUMABLE ERROR: asi [0x00]\nCPU: 64 UID: 0 PID: 745 Comm: kworker/64:1 Not tainted 6.11.5 #63\nWorkqueue: events work_for_cpu_fn\nTSTATE: 0000000011001602 TPC: 00000000005f6900 TNPC: 00000000005f6904 Y: 00000000 Not tainted\nTPC: \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\ng0: 00000000000002e9 g1: 000000000000000c g2: 000000c50020000c g3: 0000000000000100\ng4: ffff8000470307c0 g5: ffff800fec5be000 g6: ffff800047a08000 g7: 0000000000000000\no0: ffff800014feb000 o1: ffff800047a0b620 o2: 0000000000000011 o3: ffff800047a0b620\no4: 0000000000000080 o5: 0000000000000011 sp: ffff800047a0ad51 ret_pc: 00000000005f7128\nRPC: \u003c__pci_enable_msix_range+0x3cc/0x460\u003e\nl0: 000000000000000d l1: 000000000000c01f l2: ffff800014feb0a8 l3: 0000000000000020\nl4: 000000000000c000 l5: 0000000000000001 l6: 0000000020000000 l7: ffff800047a0b734\ni0: ffff800014feb000 i1: ffff800047a0b730 i2: 0000000000000001 i3: 000000000000000d\ni4: 0000000000000000 i5: 0000000000000000 i6: ffff800047a0ae81 i7: 00000000101888b0\nI7: \u003cniu_try_msix.constprop.0+0xc0/0x130 [niu]\u003e\nCall Trace:\n[\u003c00000000101888b0\u003e] niu_try_msix.constprop.0+0xc0/0x130 [niu]\n[\u003c000000001018f840\u003e] niu_get_invariants+0x183c/0x207c [niu]\n[\u003c00000000101902fc\u003e] niu_pci_init_one+0x27c/0x2fc [niu]\n[\u003c00000000005ef3e4\u003e] local_pci_probe+0x28/0x74\n[\u003c0000000000469240\u003e] work_for_cpu_fn+0x8/0x1c\n[\u003c000000000046b008\u003e] process_scheduled_works+0x144/0x210\n[\u003c000000000046b518\u003e] worker_thread+0x13c/0x1c0\n[\u003c00000000004710e0\u003e] kthread+0xb8/0xc8\n[\u003c00000000004060c8\u003e] ret_from_fork+0x1c/0x2c\n[\u003c0000000000000000\u003e] 0x0\nKernel panic - not syncing: Non-resumable error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37833",
"url": "https://www.suse.com/security/cve/CVE-2025-37833"
},
{
"category": "external",
"summary": "SUSE Bug 1242868 for CVE-2025-37833",
"url": "https://bugzilla.suse.com/1242868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37833"
},
{
"cve": "CVE-2025-37836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix reference leak in pci_register_host_bridge()\n\nIf device_register() fails, call put_device() to give up the reference to\navoid a memory leak, per the comment at device_register().\n\nFound by code review.\n\n[bhelgaas: squash Dan Carpenter\u0027s double free fix from\nhttps://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37836",
"url": "https://www.suse.com/security/cve/CVE-2025-37836"
},
{
"category": "external",
"summary": "SUSE Bug 1242957 for CVE-2025-37836",
"url": "https://bugzilla.suse.com/1242957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37836"
},
{
"cve": "CVE-2025-37839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb-\u003es_sequence check\n\nJournal emptiness is not determined by sb-\u003es_sequence == 0 but rather by\nsb-\u003es_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37839",
"url": "https://www.suse.com/security/cve/CVE-2025-37839"
},
{
"category": "external",
"summary": "SUSE Bug 1242990 for CVE-2025-37839",
"url": "https://bugzilla.suse.com/1242990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37839"
},
{
"cve": "CVE-2025-37840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: fix PM resume warning\n\nFixed warning on PM resume as shown below caused due to uninitialized\nstruct nand_operation that checks chip select field :\nWARN_ON(op-\u003ecs \u003e= nanddev_ntargets(\u0026chip-\u003ebase)\n\n[ 14.588522] ------------[ cut here ]------------\n[ 14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8\n[ 14.588553] Modules linked in: bdc udc_core\n[ 14.588579] CPU: 0 UID: 0 PID: 1392 Comm: rtcwake Tainted: G W 6.14.0-rc4-g5394eea10651 #16\n[ 14.588590] Tainted: [W]=WARN\n[ 14.588593] Hardware name: Broadcom STB (Flattened Device Tree)\n[ 14.588598] Call trace:\n[ 14.588604] dump_backtrace from show_stack+0x18/0x1c\n[ 14.588622] r7:00000009 r6:0000008b r5:60000153 r4:c0fa558c\n[ 14.588625] show_stack from dump_stack_lvl+0x70/0x7c\n[ 14.588639] dump_stack_lvl from dump_stack+0x18/0x1c\n[ 14.588653] r5:c08d40b0 r4:c1003cb0\n[ 14.588656] dump_stack from __warn+0x84/0xe4\n[ 14.588668] __warn from warn_slowpath_fmt+0x18c/0x194\n[ 14.588678] r7:c08d40b0 r6:c1003cb0 r5:00000000 r4:00000000\n[ 14.588681] warn_slowpath_fmt from nand_reset_op+0x1e0/0x1f8\n[ 14.588695] r8:70c40dff r7:89705f41 r6:36b4a597 r5:c26c9444 r4:c26b0048\n[ 14.588697] nand_reset_op from brcmnand_resume+0x13c/0x150\n[ 14.588714] r9:00000000 r8:00000000 r7:c24f8010 r6:c228a3f8 r5:c26c94bc r4:c26b0040\n[ 14.588717] brcmnand_resume from platform_pm_resume+0x34/0x54\n[ 14.588735] r5:00000010 r4:c0840a50\n[ 14.588738] platform_pm_resume from dpm_run_callback+0x5c/0x14c\n[ 14.588757] dpm_run_callback from device_resume+0xc0/0x324\n[ 14.588776] r9:c24f8054 r8:c24f80a0 r7:00000000 r6:00000000 r5:00000010 r4:c24f8010\n[ 14.588779] device_resume from dpm_resume+0x130/0x160\n[ 14.588799] r9:c22539e4 r8:00000010 r7:c22bebb0 r6:c24f8010 r5:c22539dc r4:c22539b0\n[ 14.588802] dpm_resume from dpm_resume_end+0x14/0x20\n[ 14.588822] r10:c2204e40 r9:00000000 r8:c228a3fc r7:00000000 r6:00000003 r5:c228a414\n[ 14.588826] r4:00000010\n[ 14.588828] dpm_resume_end from suspend_devices_and_enter+0x274/0x6f8\n[ 14.588848] r5:c228a414 r4:00000000\n[ 14.588851] suspend_devices_and_enter from pm_suspend+0x228/0x2bc\n[ 14.588868] r10:c3502910 r9:c3501f40 r8:00000004 r7:c228a438 r6:c0f95e18 r5:00000000\n[ 14.588871] r4:00000003\n[ 14.588874] pm_suspend from state_store+0x74/0xd0\n[ 14.588889] r7:c228a438 r6:c0f934c8 r5:00000003 r4:00000003\n[ 14.588892] state_store from kobj_attr_store+0x1c/0x28\n[ 14.588913] r9:00000000 r8:00000000 r7:f09f9f08 r6:00000004 r5:c3502900 r4:c0283250\n[ 14.588916] kobj_attr_store from sysfs_kf_write+0x40/0x4c\n[ 14.588936] r5:c3502900 r4:c0d92a48\n[ 14.588939] sysfs_kf_write from kernfs_fop_write_iter+0x104/0x1f0\n[ 14.588956] r5:c3502900 r4:c3501f40\n[ 14.588960] kernfs_fop_write_iter from vfs_write+0x250/0x420\n[ 14.588980] r10:c0e14b48 r9:00000000 r8:c25f5780 r7:00443398 r6:f09f9f68 r5:c34f7f00\n[ 14.588983] r4:c042a88c\n[ 14.588987] vfs_write from ksys_write+0x74/0xe4\n[ 14.589005] r10:00000004 r9:c25f5780 r8:c02002fA0 r7:00000000 r6:00000000 r5:c34f7f00\n[ 14.589008] r4:c34f7f00\n[ 14.589011] ksys_write from sys_write+0x10/0x14\n[ 14.589029] r7:00000004 r6:004421c0 r5:00443398 r4:00000004\n[ 14.589032] sys_write from ret_fast_syscall+0x0/0x5c\n[ 14.589044] Exception stack(0xf09f9fa8 to 0xf09f9ff0)\n[ 14.589050] 9fa0: 00000004 00443398 00000004 00443398 00000004 00000001\n[ 14.589056] 9fc0: 00000004 00443398 004421c0 00000004 b6ecbd58 00000008 bebfbc38 0043eb78\n[ 14.589062] 9fe0: 00440eb0 bebfbaf8 b6de18a0 b6e579e8\n[ 14.589065] ---[ end trace 0000000000000000 ]---\n\nThe fix uses the higher level nand_reset(chip, chipnr); where chipnr = 0, when\ndoing PM resume operation in compliance with the controller support for single\ndie nand chip. Switching from nand_reset_op() to nan\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37840",
"url": "https://www.suse.com/security/cve/CVE-2025-37840"
},
{
"category": "external",
"summary": "SUSE Bug 1242953 for CVE-2025-37840",
"url": "https://bugzilla.suse.com/1242953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37840"
},
{
"cve": "CVE-2025-37841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npm: cpupower: bench: Prevent NULL dereference on malloc failure\n\nIf malloc returns NULL due to low memory, \u0027config\u0027 pointer can be NULL.\nAdd a check to prevent NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37841",
"url": "https://www.suse.com/security/cve/CVE-2025-37841"
},
{
"category": "external",
"summary": "SUSE Bug 1242974 for CVE-2025-37841",
"url": "https://bugzilla.suse.com/1242974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37841"
},
{
"cve": "CVE-2025-37842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fsl-qspi: use devm function instead of driver remove\n\nDriver use devm APIs to manage clk/irq/resources and register the spi\ncontroller, but the legacy remove function will be called first during\ndevice detach and trigger kernel panic. Drop the remove function and use\ndevm_add_action_or_reset() for driver cleanup to ensure the release\nsequence.\n\nTrigger kernel panic on i.MX8MQ by\necho 30bb0000.spi \u003e/sys/bus/platform/drivers/fsl-quadspi/unbind",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37842",
"url": "https://www.suse.com/security/cve/CVE-2025-37842"
},
{
"category": "external",
"summary": "SUSE Bug 1242951 for CVE-2025-37842",
"url": "https://bugzilla.suse.com/1242951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37842"
},
{
"cve": "CVE-2025-37849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Tear down vGIC on failed vCPU creation\n\nIf kvm_arch_vcpu_create() fails to share the vCPU page with the\nhypervisor, we propagate the error back to the ioctl but leave the\nvGIC vCPU data initialised. Note only does this leak the corresponding\nmemory when the vCPU is destroyed but it can also lead to use-after-free\nif the redistributor device handling tries to walk into the vCPU.\n\nAdd the missing cleanup to kvm_arch_vcpu_create(), ensuring that the\nvGIC vCPU structures are destroyed on error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37849",
"url": "https://www.suse.com/security/cve/CVE-2025-37849"
},
{
"category": "external",
"summary": "SUSE Bug 1243000 for CVE-2025-37849",
"url": "https://bugzilla.suse.com/1243000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37849"
},
{
"cve": "CVE-2025-37850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()\n\nWith CONFIG_COMPILE_TEST \u0026\u0026 !CONFIG_HAVE_CLK, pwm_mediatek_config() has a\ndivide-by-zero in the following line:\n\n\tdo_div(resolution, clk_get_rate(pc-\u003eclk_pwms[pwm-\u003ehwpwm]));\n\ndue to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate()\nreturns zero.\n\nThis is presumably just a theoretical problem: COMPILE_TEST overrides\nthe dependency on RALINK which would select COMMON_CLK. Regardless it\u0027s\na good idea to check for the error explicitly to avoid divide-by-zero.\n\nFixes the following warning:\n\n drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section\n\n[ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37850",
"url": "https://www.suse.com/security/cve/CVE-2025-37850"
},
{
"category": "external",
"summary": "SUSE Bug 1242955 for CVE-2025-37850",
"url": "https://bugzilla.suse.com/1242955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37850"
},
{
"cve": "CVE-2025-37851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: Add \u0027plane\u0027 value check\n\nFunction dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB\nof the enum parameter plane.\n\nThe value of this parameter is initialized in dss_init_overlays and in the\ncurrent state of the code it cannot take this value so it\u0027s not a real\nproblem.\n\nFor the purposes of defensive coding it wouldn\u0027t be superfluous to check\nthe parameter value, because some functions down the call stack process\nthis value correctly and some not.\n\nFor example, in dispc_ovl_setup_global_alpha it may lead to buffer\noverflow.\n\nAdd check for this value.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37851",
"url": "https://www.suse.com/security/cve/CVE-2025-37851"
},
{
"category": "external",
"summary": "SUSE Bug 1242977 for CVE-2025-37851",
"url": "https://bugzilla.suse.com/1242977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37851"
},
{
"cve": "CVE-2025-37852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create()\n\nAdd error handling to propagate amdgpu_cgs_create_device() failures\nto the caller. When amdgpu_cgs_create_device() fails, release hwmgr\nand return -ENOMEM to prevent null pointer dereference.\n\n[v1]-\u003e[v2]: Change error code from -EINVAL to -ENOMEM. Free hwmgr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37852",
"url": "https://www.suse.com/security/cve/CVE-2025-37852"
},
{
"category": "external",
"summary": "SUSE Bug 1243074 for CVE-2025-37852",
"url": "https://bugzilla.suse.com/1243074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37852"
},
{
"cve": "CVE-2025-37853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: debugfs hang_hws skip GPU with MES\n\ndebugfs hang_hws is used by GPU reset test with HWS, for MES this crash\nthe kernel with NULL pointer access because dqm-\u003epacket_mgr is not setup\nfor MES path.\n\nSkip GPU with MES for now, MES hang_hws debugfs interface will be\nsupported later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37853",
"url": "https://www.suse.com/security/cve/CVE-2025-37853"
},
{
"category": "external",
"summary": "SUSE Bug 1243076 for CVE-2025-37853",
"url": "https://bugzilla.suse.com/1243076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37853"
},
{
"cve": "CVE-2025-37854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix mode1 reset crash issue\n\nIf HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal\nuser space to abort the processes. After process abort exit, user queues\nstill use the GPU to access system memory before h/w is reset while KFD\ncleanup worker free system memory and free VRAM.\n\nThere is use-after-free race bug that KFD allocate and reuse the freed\nsystem memory, and user queue write to the same system memory to corrupt\nthe data structure and cause driver crash.\n\nTo fix this race, KFD cleanup worker terminate user queues, then flush\nreset_domain wq to wait for any GPU ongoing reset complete, and then\nfree outstanding BOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37854",
"url": "https://www.suse.com/security/cve/CVE-2025-37854"
},
{
"category": "external",
"summary": "SUSE Bug 1243082 for CVE-2025-37854",
"url": "https://bugzilla.suse.com/1243082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37854"
},
{
"cve": "CVE-2025-37858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Prevent integer overflow in AG size calculation\n\nThe JFS filesystem calculates allocation group (AG) size using 1 \u003c\u003c\nl2agsize in dbExtendFS(). When l2agsize exceeds 31 (possible with \u003e2TB\naggregates on 32-bit systems), this 32-bit shift operation causes undefined\nbehavior and improper AG sizing.\n\nOn 32-bit architectures:\n- Left-shifting 1 by 32+ bits results in 0 due to integer overflow\n- This creates invalid AG sizes (0 or garbage values) in\nsbi-\u003ebmap-\u003edb_agsize\n- Subsequent block allocations would reference invalid AG structures\n- Could lead to:\n - Filesystem corruption during extend operations\n - Kernel crashes due to invalid memory accesses\n - Security vulnerabilities via malformed on-disk structures\n\nFix by casting to s64 before shifting:\nbmp-\u003edb_agsize = (s64)1 \u003c\u003c l2agsize;\n\nThis ensures 64-bit arithmetic even on 32-bit architectures. The cast\nmatches the data type of db_agsize (s64) and follows similar patterns in\nJFS block calculation code.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37858",
"url": "https://www.suse.com/security/cve/CVE-2025-37858"
},
{
"category": "external",
"summary": "SUSE Bug 1243049 for CVE-2025-37858",
"url": "https://bugzilla.suse.com/1243049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37858"
},
{
"cve": "CVE-2025-37867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Silence oversized kvmalloc() warning\n\nsyzkaller triggered an oversized kvmalloc() warning.\nSilence it by adding __GFP_NOWARN.\n\nsyzkaller log:\n WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node_noprof+0x175/0x180\n CPU: 7 UID: 0 PID: 518 Comm: c_repro Not tainted 6.11.0-rc6+ #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__kvmalloc_node_noprof+0x175/0x180\n RSP: 0018:ffffc90001e67c10 EFLAGS: 00010246\n RAX: 0000000000000100 RBX: 0000000000000400 RCX: ffffffff8149d46b\n RDX: 0000000000000000 RSI: ffff8881030fae80 RDI: 0000000000000002\n RBP: 000000712c800000 R08: 0000000000000100 R09: 0000000000000000\n R10: ffffc90001e67c10 R11: 0030ae0601000000 R12: 0000000000000000\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000\n FS: 00007fde79159740(0000) GS:ffff88813bdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000180 CR3: 0000000105eb4005 CR4: 00000000003706b0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ib_umem_odp_get+0x1f6/0x390\n mlx5_ib_reg_user_mr+0x1e8/0x450\n ib_uverbs_reg_mr+0x28b/0x440\n ib_uverbs_write+0x7d3/0xa30\n vfs_write+0x1ac/0x6c0\n ksys_write+0x134/0x170\n ? __sanitizer_cov_trace_pc+0x1c/0x50\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37867",
"url": "https://www.suse.com/security/cve/CVE-2025-37867"
},
{
"category": "external",
"summary": "SUSE Bug 1242948 for CVE-2025-37867",
"url": "https://bugzilla.suse.com/1242948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37867"
},
{
"cve": "CVE-2025-37870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: prevent hang on link training fail\n\n[Why]\nWhen link training fails, the phy clock will be disabled. However, in\nenable_streams, it is assumed that link training succeeded and the\nmux selects the phy clock, causing a hang when a register write is made.\n\n[How]\nWhen enable_stream is hit, check if link training failed. If it did, fall\nback to the ref clock to avoid a hang and keep the system in a recoverable\nstate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37870",
"url": "https://www.suse.com/security/cve/CVE-2025-37870"
},
{
"category": "external",
"summary": "SUSE Bug 1243056 for CVE-2025-37870",
"url": "https://bugzilla.suse.com/1243056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37870"
},
{
"cve": "CVE-2025-37871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: decrease sc_count directly if fail to queue dl_recall\n\nA deadlock warning occurred when invoking nfs4_put_stid following a failed\ndl_recall queue operation:\n T1 T2\n nfs4_laundromat\n nfs4_get_client_reaplist\n nfs4_anylock_blockers\n__break_lease\n spin_lock // ctx-\u003eflc_lock\n spin_lock // clp-\u003ecl_lock\n nfs4_lockowner_has_blockers\n locks_owner_has_blockers\n spin_lock // flctx-\u003eflc_lock\n nfsd_break_deleg_cb\n nfsd_break_one_deleg\n nfs4_put_stid\n refcount_dec_and_lock\n spin_lock // clp-\u003ecl_lock\n\nWhen a file is opened, an nfs4_delegation is allocated with sc_count\ninitialized to 1, and the file_lease holds a reference to the delegation.\nThe file_lease is then associated with the file through kernel_setlease.\n\nThe disassociation is performed in nfsd4_delegreturn via the following\ncall chain:\nnfsd4_delegreturn --\u003e destroy_delegation --\u003e destroy_unhashed_deleg --\u003e\nnfs4_unlock_deleg_lease --\u003e kernel_setlease --\u003e generic_delete_lease\nThe corresponding sc_count reference will be released after this\ndisassociation.\n\nSince nfsd_break_one_deleg executes while holding the flc_lock, the\ndisassociation process becomes blocked when attempting to acquire flc_lock\nin generic_delete_lease. This means:\n1) sc_count in nfsd_break_one_deleg will not be decremented to 0;\n2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to\nacquire cl_lock;\n3) Consequently, no deadlock condition is created.\n\nGiven that sc_count in nfsd_break_one_deleg remains non-zero, we can\nsafely perform refcount_dec on sc_count directly. This approach\neffectively avoids triggering deadlock warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37871",
"url": "https://www.suse.com/security/cve/CVE-2025-37871"
},
{
"category": "external",
"summary": "SUSE Bug 1242949 for CVE-2025-37871",
"url": "https://bugzilla.suse.com/1242949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37871"
},
{
"cve": "CVE-2025-37873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix missing ring index trim on error path\n\nCommit under Fixes converted tx_prod to be free running but missed\nmasking it on the Tx error path. This crashes on error conditions,\nfor example when DMA mapping fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37873",
"url": "https://www.suse.com/security/cve/CVE-2025-37873"
},
{
"category": "external",
"summary": "SUSE Bug 1242961 for CVE-2025-37873",
"url": "https://bugzilla.suse.com/1242961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37873"
},
{
"cve": "CVE-2025-37875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix PTM cycle trigger logic\n\nWriting to clear the PTM status \u0027valid\u0027 bit while the PTM cycle is\ntriggered results in unreliable PTM operation. To fix this, clear the\nPTM \u0027trigger\u0027 and status after each PTM transaction.\n\nThe issue can be reproduced with the following:\n\n$ sudo phc2sys -R 1000 -O 0 -i tsn0 -m\n\nNote: 1000 Hz (-R 1000) is unrealistically large, but provides a way to\nquickly reproduce the issue.\n\nPHC2SYS exits with:\n\n\"ioctl PTP_OFFSET_PRECISE: Connection timed out\" when the PTM transaction\n fails\n\nThis patch also fixes a hang in igc_probe() when loading the igc\ndriver in the kdump kernel on systems supporting PTM.\n\nThe igc driver running in the base kernel enables PTM trigger in\nigc_probe(). Therefore the driver is always in PTM trigger mode,\nexcept in brief periods when manually triggering a PTM cycle.\n\nWhen a crash occurs, the NIC is reset while PTM trigger is enabled.\nDue to a hardware problem, the NIC is subsequently in a bad busmaster\nstate and doesn\u0027t handle register reads/writes. When running\nigc_probe() in the kdump kernel, the first register access to a NIC\nregister hangs driver probing and ultimately breaks kdump.\n\nWith this patch, igc has PTM trigger disabled most of the time,\nand the trigger is only enabled for very brief (10 - 100 us) periods\nwhen manually triggering a PTM cycle. Chances that a crash occurs\nduring a PTM trigger are not 0, but extremely reduced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37875",
"url": "https://www.suse.com/security/cve/CVE-2025-37875"
},
{
"category": "external",
"summary": "SUSE Bug 1242959 for CVE-2025-37875",
"url": "https://bugzilla.suse.com/1242959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37875"
},
{
"cve": "CVE-2025-37879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37879"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/net: fix improper handling of bogus negative read/write replies\n\nIn p9_client_write() and p9_client_read_once(), if the server\nincorrectly replies with success but a negative write/read count then we\nwould consider written (negative) \u003c= rsize (positive) because both\nvariables were signed.\n\nMake variables unsigned to avoid this problem.\n\nThe reproducer linked below now fails with the following error instead\nof a null pointer deref:\n9pnet: bogus RWRITE count (4294967295 \u003e 3)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37879",
"url": "https://www.suse.com/security/cve/CVE-2025-37879"
},
{
"category": "external",
"summary": "SUSE Bug 1243077 for CVE-2025-37879",
"url": "https://bugzilla.suse.com/1243077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37879"
},
{
"cve": "CVE-2025-37881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()\n\nThe variable d-\u003ename, returned by devm_kasprintf(), could be NULL.\nA pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37881",
"url": "https://www.suse.com/security/cve/CVE-2025-37881"
},
{
"category": "external",
"summary": "SUSE Bug 1242973 for CVE-2025-37881",
"url": "https://bugzilla.suse.com/1242973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37881"
},
{
"cve": "CVE-2025-37886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: make wait_context part of q_info\n\nMake the wait_context a full part of the q_info struct rather\nthan a stack variable that goes away after pdsc_adminq_post()\nis done so that the context is still available after the wait\nloop has given up.\n\nThere was a case where a slow development firmware caused\nthe adminq request to time out, but then later the FW finally\nfinished the request and sent the interrupt. The handler tried\nto complete_all() the completion context that had been created\non the stack in pdsc_adminq_post() but no longer existed.\nThis caused bad pointer usage, kernel crashes, and much wailing\nand gnashing of teeth.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37886",
"url": "https://www.suse.com/security/cve/CVE-2025-37886"
},
{
"category": "external",
"summary": "SUSE Bug 1242944 for CVE-2025-37886",
"url": "https://bugzilla.suse.com/1242944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37886"
},
{
"cve": "CVE-2025-37887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result\n\nIf the FW doesn\u0027t support the PDS_CORE_CMD_FW_CONTROL command\nthe driver might at the least print garbage and at the worst\ncrash when the user runs the \"devlink dev info\" devlink command.\n\nThis happens because the stack variable fw_list is not 0\ninitialized which results in fw_list.num_fw_slots being a\ngarbage value from the stack. Then the driver tries to access\nfw_list.fw_names[i] with i \u003e= ARRAY_SIZE and runs off the end\nof the array.\n\nFix this by initializing the fw_list and by not failing\ncompletely if the devcmd fails because other useful information\nis printed via devlink dev info even if the devcmd fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37887",
"url": "https://www.suse.com/security/cve/CVE-2025-37887"
},
{
"category": "external",
"summary": "SUSE Bug 1242962 for CVE-2025-37887",
"url": "https://bugzilla.suse.com/1242962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37887"
},
{
"cve": "CVE-2025-37889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Consistently treat platform_max as control value\n\nThis reverts commit 9bdd10d57a88 (\"ASoC: ops: Shift tested values in\nsnd_soc_put_volsw() by +min\"), and makes some additional related\nupdates.\n\nThere are two ways the platform_max could be interpreted; the maximum\nregister value, or the maximum value the control can be set to. The\npatch moved from treating the value as a control value to a register\none. When the patch was applied it was technically correct as\nsnd_soc_limit_volume() also used the register interpretation. However,\neven then most of the other usages treated platform_max as a\ncontrol value, and snd_soc_limit_volume() has since been updated to\nalso do so in commit fb9ad24485087 (\"ASoC: ops: add correct range\ncheck for limiting volume\"). That patch however, missed updating\nsnd_soc_put_volsw() back to the control interpretation, and fixing\nsnd_soc_info_volsw_range(). The control interpretation makes more\nsense as limiting is typically done from the machine driver, so it is\nappropriate to use the customer facing representation rather than the\ninternal codec representation. Update all the code to consistently use\nthis interpretation of platform_max.\n\nFinally, also add some comments to the soc_mixer_control struct to\nhopefully avoid further patches switching between the two approaches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37889",
"url": "https://www.suse.com/security/cve/CVE-2025-37889"
},
{
"category": "external",
"summary": "SUSE Bug 1242945 for CVE-2025-37889",
"url": "https://bugzilla.suse.com/1242945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37889"
},
{
"cve": "CVE-2025-37890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], we have a UAF case when an hfsc class\nhas a netem child qdisc. The crux of the issue is that hfsc is assuming\nthat checking for cl-\u003eqdisc-\u003eq.qlen == 0 guarantees that it hasn\u0027t inserted\nthe class in the vttree or eltree (which is not true for the netem\nduplicate case).\n\nThis patch checks the n_active class variable to make sure that the code\nwon\u0027t insert the class in the vttree or eltree twice, catering for the\nreentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37890",
"url": "https://www.suse.com/security/cve/CVE-2025-37890"
},
{
"category": "external",
"summary": "SUSE Bug 1243330 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "external",
"summary": "SUSE Bug 1245791 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1245791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "important"
}
],
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-37891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ump: Fix buffer overflow at UMP SysEx message conversion\n\nThe conversion function from MIDI 1.0 to UMP packet contains an\ninternal buffer to keep the incoming MIDI bytes, and its size is 4, as\nit was supposed to be the max size for a MIDI1 UMP packet data.\nHowever, the implementation overlooked that SysEx is handled in a\ndifferent format, and it can be up to 6 bytes, as found in\ndo_convert_to_ump(). It leads eventually to a buffer overflow, and\nmay corrupt the memory when a longer SysEx message is received.\n\nThe fix is simply to extend the buffer size to 6 to fit with the SysEx\nUMP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37891",
"url": "https://www.suse.com/security/cve/CVE-2025-37891"
},
{
"category": "external",
"summary": "SUSE Bug 1243589 for CVE-2025-37891",
"url": "https://bugzilla.suse.com/1243589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37891"
},
{
"cve": "CVE-2025-37892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: inftlcore: Add error check for inftl_read_oob()\n\nIn INFTL_findwriteunit(), the return value of inftl_read_oob()\nneed to be checked. A proper implementation can be\nfound in INFTL_deleteblock(). The status will be set as\nSECTOR_IGNORE to break from the while-loop correctly\nif the inftl_read_oob() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37892",
"url": "https://www.suse.com/security/cve/CVE-2025-37892"
},
{
"category": "external",
"summary": "SUSE Bug 1243536 for CVE-2025-37892",
"url": "https://bugzilla.suse.com/1243536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37892"
},
{
"cve": "CVE-2025-37897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37897"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: plfxlc: Remove erroneous assert in plfxlc_mac_release\n\nplfxlc_mac_release() asserts that mac-\u003elock is held. This assertion is\nincorrect, because even if it was possible, it would not be the valid\nbehaviour. The function is used when probe fails or after the device is\ndisconnected. In both cases mac-\u003elock can not be held as the driver is\nnot working with the device at the moment. All functions that use mac-\u003elock\nunlock it just after it was held. There is also no need to hold mac-\u003elock\nfor plfxlc_mac_release() itself, as mac data is not affected, except for\nmac-\u003eflags, which is modified atomically.\n\nThis bug leads to the following warning:\n================================================================\nWARNING: CPU: 0 PID: 127 at drivers/net/wireless/purelifi/plfxlc/mac.c:106 plfxlc_mac_release+0x7d/0xa0\nModules linked in:\nCPU: 0 PID: 127 Comm: kworker/0:2 Not tainted 6.1.124-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:plfxlc_mac_release+0x7d/0xa0 drivers/net/wireless/purelifi/plfxlc/mac.c:106\nCall Trace:\n \u003cTASK\u003e\n probe+0x941/0xbd0 drivers/net/wireless/purelifi/plfxlc/usb.c:694\n usb_probe_interface+0x5c0/0xaf0 drivers/usb/core/driver.c:396\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_set_configuration+0x19dd/0x2020 drivers/usb/core/message.c:2165\n usb_generic_driver_probe+0x84/0x140 drivers/usb/core/generic.c:238\n usb_probe_device+0x130/0x260 drivers/usb/core/driver.c:293\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_new_device+0xbdd/0x18f0 drivers/usb/core/hub.c:2620\n hub_port_connect drivers/usb/core/hub.c:5477 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5617 [inline]\n port_event drivers/usb/core/hub.c:5773 [inline]\n hub_event+0x2efe/0x5730 drivers/usb/core/hub.c:5855\n process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292\n worker_thread+0xa47/0x1200 kernel/workqueue.c:2439\n kthread+0x28d/0x320 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n \u003c/TASK\u003e\n================================================================\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37897",
"url": "https://www.suse.com/security/cve/CVE-2025-37897"
},
{
"category": "external",
"summary": "SUSE Bug 1243534 for CVE-2025-37897",
"url": "https://bugzilla.suse.com/1243534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "low"
}
],
"title": "CVE-2025-37897"
},
{
"cve": "CVE-2025-37900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix two issues in iommu_copy_struct_from_user()\n\nIn the review for iommu_copy_struct_to_user() helper, Matt pointed out that\na NULL pointer should be rejected prior to dereferencing it:\nhttps://lore.kernel.org/all/86881827-8E2D-461C-BDA3-FA8FD14C343C@nvidia.com\n\nAnd Alok pointed out a typo at the same time:\nhttps://lore.kernel.org/all/480536af-6830-43ce-a327-adbd13dc3f1d@oracle.com\n\nSince both issues were copied from iommu_copy_struct_from_user(), fix them\nfirst in the current header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37900",
"url": "https://www.suse.com/security/cve/CVE-2025-37900"
},
{
"category": "external",
"summary": "SUSE Bug 1243560 for CVE-2025-37900",
"url": "https://bugzilla.suse.com/1243560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37900"
},
{
"cve": "CVE-2025-37901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs\n\nOn Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not\nhave a corresponding MPM pin and should not be handled inside the MPM\ndriver. The IRQ domain hierarchy is always applied, so it\u0027s required to\nexplicitly disconnect the hierarchy for those. The pinctrl-msm driver marks\nthese with GPIO_NO_WAKE_IRQ. qcom-pdc has a check for this, but\nirq-qcom-mpm is currently missing the check. This is causing crashes when\nsetting up interrupts for non-wake GPIOs:\n\n root@rb1:~# gpiomon -c gpiochip1 10\n irq: IRQ159: trimming hierarchy from :soc@0:interrupt-controller@f200000-1\n Unable to handle kernel paging request at virtual address ffff8000a1dc3820\n Hardware name: Qualcomm Technologies, Inc. Robotics RB1 (DT)\n pc : mpm_set_type+0x80/0xcc\n lr : mpm_set_type+0x5c/0xcc\n Call trace:\n mpm_set_type+0x80/0xcc (P)\n qcom_mpm_set_type+0x64/0x158\n irq_chip_set_type_parent+0x20/0x38\n msm_gpio_irq_set_type+0x50/0x530\n __irq_set_trigger+0x60/0x184\n __setup_irq+0x304/0x6bc\n request_threaded_irq+0xc8/0x19c\n edge_detector_setup+0x260/0x364\n linereq_create+0x420/0x5a8\n gpio_ioctl+0x2d4/0x6c0\n\nFix this by copying the check for GPIO_NO_WAKE_IRQ from qcom-pdc.c, so that\nMPM is removed entirely from the hierarchy for non-wake GPIOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37901",
"url": "https://www.suse.com/security/cve/CVE-2025-37901"
},
{
"category": "external",
"summary": "SUSE Bug 1243559 for CVE-2025-37901",
"url": "https://bugzilla.suse.com/1243559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37901"
},
{
"cve": "CVE-2025-37903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free in hdcp\n\nThe HDCP code in amdgpu_dm_hdcp.c copies pointers to amdgpu_dm_connector\nobjects without incrementing the kref reference counts. When using a\nUSB-C dock, and the dock is unplugged, the corresponding\namdgpu_dm_connector objects are freed, creating dangling pointers in the\nHDCP code. When the dock is plugged back, the dangling pointers are\ndereferenced, resulting in a slab-use-after-free:\n\n[ 66.775837] BUG: KASAN: slab-use-after-free in event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776171] Read of size 4 at addr ffff888127804120 by task kworker/0:1/10\n\n[ 66.776179] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.14.0-rc7-00180-g54505f727a38-dirty #233\n[ 66.776183] Hardware name: HP HP Pavilion Aero Laptop 13-be0xxx/8916, BIOS F.17 12/18/2024\n[ 66.776186] Workqueue: events event_property_validate [amdgpu]\n[ 66.776494] Call Trace:\n[ 66.776496] \u003cTASK\u003e\n[ 66.776497] dump_stack_lvl+0x70/0xa0\n[ 66.776504] print_report+0x175/0x555\n[ 66.776507] ? __virt_addr_valid+0x243/0x450\n[ 66.776510] ? kasan_complete_mode_report_info+0x66/0x1c0\n[ 66.776515] kasan_report+0xeb/0x1c0\n[ 66.776518] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776819] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777121] __asan_report_load4_noabort+0x14/0x20\n[ 66.777124] event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777342] ? __lock_acquire+0x6b40/0x6b40\n[ 66.777347] ? enable_assr+0x250/0x250 [amdgpu]\n[ 66.777571] process_one_work+0x86b/0x1510\n[ 66.777575] ? pwq_dec_nr_in_flight+0xcf0/0xcf0\n[ 66.777578] ? assign_work+0x16b/0x280\n[ 66.777580] ? lock_is_held_type+0xa3/0x130\n[ 66.777583] worker_thread+0x5c0/0xfa0\n[ 66.777587] ? process_one_work+0x1510/0x1510\n[ 66.777588] kthread+0x3a2/0x840\n[ 66.777591] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777594] ? trace_hardirqs_on+0x4f/0x60\n[ 66.777597] ? _raw_spin_unlock_irq+0x27/0x60\n[ 66.777599] ? calculate_sigpending+0x77/0xa0\n[ 66.777602] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777605] ret_from_fork+0x40/0x90\n[ 66.777607] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777609] ret_from_fork_asm+0x11/0x20\n[ 66.777614] \u003c/TASK\u003e\n\n[ 66.777643] Allocated by task 10:\n[ 66.777646] kasan_save_stack+0x39/0x60\n[ 66.777649] kasan_save_track+0x14/0x40\n[ 66.777652] kasan_save_alloc_info+0x37/0x50\n[ 66.777655] __kasan_kmalloc+0xbb/0xc0\n[ 66.777658] __kmalloc_cache_noprof+0x1c8/0x4b0\n[ 66.777661] dm_dp_add_mst_connector+0xdd/0x5c0 [amdgpu]\n[ 66.777880] drm_dp_mst_port_add_connector+0x47e/0x770 [drm_display_helper]\n[ 66.777892] drm_dp_send_link_address+0x1554/0x2bf0 [drm_display_helper]\n[ 66.777901] drm_dp_check_and_send_link_address+0x187/0x1f0 [drm_display_helper]\n[ 66.777909] drm_dp_mst_link_probe_work+0x2b8/0x410 [drm_display_helper]\n[ 66.777917] process_one_work+0x86b/0x1510\n[ 66.777919] worker_thread+0x5c0/0xfa0\n[ 66.777922] kthread+0x3a2/0x840\n[ 66.777925] ret_from_fork+0x40/0x90\n[ 66.777927] ret_from_fork_asm+0x11/0x20\n\n[ 66.777932] Freed by task 1713:\n[ 66.777935] kasan_save_stack+0x39/0x60\n[ 66.777938] kasan_save_track+0x14/0x40\n[ 66.777940] kasan_save_free_info+0x3b/0x60\n[ 66.777944] __kasan_slab_free+0x52/0x70\n[ 66.777946] kfree+0x13f/0x4b0\n[ 66.777949] dm_dp_mst_connector_destroy+0xfa/0x150 [amdgpu]\n[ 66.778179] drm_connector_free+0x7d/0xb0\n[ 66.778184] drm_mode_object_put.part.0+0xee/0x160\n[ 66.778188] drm_mode_object_put+0x37/0x50\n[ 66.778191] drm_atomic_state_default_clear+0x220/0xd60\n[ 66.778194] __drm_atomic_state_free+0x16e/0x2a0\n[ 66.778197] drm_mode_atomic_ioctl+0x15ed/0x2ba0\n[ 66.778200] drm_ioctl_kernel+0x17a/0x310\n[ 66.778203] drm_ioctl+0x584/0xd10\n[ 66.778206] amdgpu_drm_ioctl+0xd2/0x1c0 [amdgpu]\n[ 66.778375] __x64_sys_ioctl+0x139/0x1a0\n[ 66.778378] x64_sys_call+0xee7/0xfb0\n[ 66.778381] \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37903",
"url": "https://www.suse.com/security/cve/CVE-2025-37903"
},
{
"category": "external",
"summary": "SUSE Bug 1243562 for CVE-2025-37903",
"url": "https://bugzilla.suse.com/1243562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37903"
},
{
"cve": "CVE-2025-37905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Balance device refcount when destroying devices\n\nUsing device_find_child() to lookup the proper SCMI device to destroy\ncauses an unbalance in device refcount, since device_find_child() calls an\nimplicit get_device(): this, in turns, inhibits the call of the provided\nrelease methods upon devices destruction.\n\nAs a consequence, one of the structures that is not freed properly upon\ndestruction is the internal struct device_private dev-\u003ep populated by the\ndrivers subsystem core.\n\nKMemleak detects this situation since loading/unloding some SCMI driver\ncauses related devices to be created/destroyed without calling any\ndevice_release method.\n\nunreferenced object 0xffff00000f583800 (size 512):\n comm \"insmod\", pid 227, jiffies 4294912190\n hex dump (first 32 bytes):\n 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........\n ff ff ff ff ff ff ff ff 60 36 1d 8a 00 80 ff ff ........`6......\n backtrace (crc 114e2eed):\n kmemleak_alloc+0xbc/0xd8\n __kmalloc_cache_noprof+0x2dc/0x398\n device_add+0x954/0x12d0\n device_register+0x28/0x40\n __scmi_device_create.part.0+0x1bc/0x380\n scmi_device_create+0x2d0/0x390\n scmi_create_protocol_devices+0x74/0xf8\n scmi_device_request_notifier+0x1f8/0x2a8\n notifier_call_chain+0x110/0x3b0\n blocking_notifier_call_chain+0x70/0xb0\n scmi_driver_register+0x350/0x7f0\n 0xffff80000a3b3038\n do_one_initcall+0x12c/0x730\n do_init_module+0x1dc/0x640\n load_module+0x4b20/0x5b70\n init_module_from_file+0xec/0x158\n\n$ ./scripts/faddr2line ./vmlinux device_add+0x954/0x12d0\ndevice_add+0x954/0x12d0:\nkmalloc_noprof at include/linux/slab.h:901\n(inlined by) kzalloc_noprof at include/linux/slab.h:1037\n(inlined by) device_private_init at drivers/base/core.c:3510\n(inlined by) device_add at drivers/base/core.c:3561\n\nBalance device refcount by issuing a put_device() on devices found via\ndevice_find_child().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37905",
"url": "https://www.suse.com/security/cve/CVE-2025-37905"
},
{
"category": "external",
"summary": "SUSE Bug 1243456 for CVE-2025-37905",
"url": "https://bugzilla.suse.com/1243456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37905"
},
{
"cve": "CVE-2025-37911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix out-of-bound memcpy() during ethtool -w\n\nWhen retrieving the FW coredump using ethtool, it can sometimes cause\nmemory corruption:\n\nBUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nCorrupted memory at 0x000000008f0f30e8 [ ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ] (in kfence-#45):\n__bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nethtool_get_dump_data+0xdc/0x1a0\n__dev_ethtool+0xa1e/0x1af0\ndev_ethtool+0xa8/0x170\ndev_ioctl+0x1b5/0x580\nsock_do_ioctl+0xab/0xf0\nsock_ioctl+0x1ce/0x2e0\n__x64_sys_ioctl+0x87/0xc0\ndo_syscall_64+0x5c/0xf0\nentry_SYSCALL_64_after_hwframe+0x78/0x80\n\n...\n\nThis happens when copying the coredump segment list in\nbnxt_hwrm_dbg_dma_data() with the HWRM_DBG_COREDUMP_LIST FW command.\nThe info-\u003edest_buf buffer is allocated based on the number of coredump\nsegments returned by the FW. The segment list is then DMA\u0027ed by\nthe FW and the length of the DMA is returned by FW. The driver then\ncopies this DMA\u0027ed segment list to info-\u003edest_buf.\n\nIn some cases, this DMA length may exceed the info-\u003edest_buf length\nand cause the above BUG condition. Fix it by capping the copy\nlength to not exceed the length of info-\u003edest_buf. The extra\nDMA data contains no useful information.\n\nThis code path is shared for the HWRM_DBG_COREDUMP_LIST and the\nHWRM_DBG_COREDUMP_RETRIEVE FW commands. The buffering is different\nfor these 2 FW commands. To simplify the logic, we need to move\nthe line to adjust the buffer length for HWRM_DBG_COREDUMP_RETRIEVE\nup, so that the new check to cap the copy length will work for both\ncommands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37911",
"url": "https://www.suse.com/security/cve/CVE-2025-37911"
},
{
"category": "external",
"summary": "SUSE Bug 1243469 for CVE-2025-37911",
"url": "https://bugzilla.suse.com/1243469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37911"
},
{
"cve": "CVE-2025-37912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()\n\nAs mentioned in the commit baeb705fd6a7 (\"ice: always check VF VSI\npointer values\"), we need to perform a null pointer check on the return\nvalue of ice_get_vf_vsi() before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37912",
"url": "https://www.suse.com/security/cve/CVE-2025-37912"
},
{
"category": "external",
"summary": "SUSE Bug 1243470 for CVE-2025-37912",
"url": "https://bugzilla.suse.com/1243470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37912"
},
{
"cve": "CVE-2025-37913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: qfq: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of qfq, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nThis patch checks whether the class was already added to the agg-\u003eactive\nlist (cl_is_active) before doing the addition to cater for the reentrant\ncase.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37913",
"url": "https://www.suse.com/security/cve/CVE-2025-37913"
},
{
"category": "external",
"summary": "SUSE Bug 1243471 for CVE-2025-37913",
"url": "https://bugzilla.suse.com/1243471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37913"
},
{
"cve": "CVE-2025-37914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: ets: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of ets, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether\nthe class was already added to the active_list (cl_is_active) before\ndoing the addition to cater for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37914",
"url": "https://www.suse.com/security/cve/CVE-2025-37914"
},
{
"category": "external",
"summary": "SUSE Bug 1243472 for CVE-2025-37914",
"url": "https://bugzilla.suse.com/1243472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37914"
},
{
"cve": "CVE-2025-37915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: drr: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of drr, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether the\nclass was already added to the active_list (cl_is_active) before adding\nto the list to cover for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37915",
"url": "https://www.suse.com/security/cve/CVE-2025-37915"
},
{
"category": "external",
"summary": "SUSE Bug 1243473 for CVE-2025-37915",
"url": "https://bugzilla.suse.com/1243473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37915"
},
{
"cve": "CVE-2025-37918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: avoid NULL pointer dereference in skb_dequeue()\n\nA NULL pointer dereference can occur in skb_dequeue() when processing a\nQCA firmware crash dump on WCN7851 (0489:e0f3).\n\n[ 93.672166] Bluetooth: hci0: ACL memdump size(589824)\n\n[ 93.672475] BUG: kernel NULL pointer dereference, address: 0000000000000008\n[ 93.672517] Workqueue: hci0 hci_devcd_rx [bluetooth]\n[ 93.672598] RIP: 0010:skb_dequeue+0x50/0x80\n\nThe issue stems from handle_dump_pkt_qca() returning 0 even when a dump\npacket is successfully processed. This is because it incorrectly\nforwards the return value of hci_devcd_init() (which returns 0 on\nsuccess). As a result, the caller (btusb_recv_acl_qca() or\nbtusb_recv_evt_qca()) assumes the packet was not handled and passes it\nto hci_recv_frame(), leading to premature kfree() of the skb.\n\nLater, hci_devcd_rx() attempts to dequeue the same skb from the dump\nqueue, resulting in a NULL pointer dereference.\n\nFix this by:\n1. Making handle_dump_pkt_qca() return 0 on success and negative errno\n on failure, consistent with kernel conventions.\n2. Splitting dump packet detection into separate functions for ACL\n and event packets for better structure and readability.\n\nThis ensures dump packets are properly identified and consumed, avoiding\ndouble handling and preventing NULL pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37918",
"url": "https://www.suse.com/security/cve/CVE-2025-37918"
},
{
"category": "external",
"summary": "SUSE Bug 1243476 for CVE-2025-37918",
"url": "https://bugzilla.suse.com/1243476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37918"
},
{
"cve": "CVE-2025-37925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: reject on-disk inodes of an unsupported type\n\nSyzbot has reported the following BUG:\n\nkernel BUG at fs/inode.c:668!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted 6.12.0-rc4-syzkaller-00085-g4e46774408d9 #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\nRIP: 0010:clear_inode+0x168/0x190\nCode: 4c 89 f7 e8 ba fe e5 ff e9 61 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 7c c1 4c 89 f7 e8 90 ff e5 ff eb b7\n 0b e8 01 5d 7f ff 90 0f 0b e8 f9 5c 7f ff 90 0f 0b e8 f1 5c 7f\nRSP: 0018:ffffc900027dfae8 EFLAGS: 00010093\nRAX: ffffffff82157a87 RBX: 0000000000000001 RCX: ffff888104d4b980\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\nRBP: ffffc900027dfc90 R08: ffffffff82157977 R09: fffff520004fbf38\nR10: dffffc0000000000 R11: fffff520004fbf38 R12: dffffc0000000000\nR13: ffff88811315bc00 R14: ffff88811315bda8 R15: ffff88811315bb80\nFS: 0000000000000000(0000) GS:ffff888135f00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005565222e0578 CR3: 0000000026ef0000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n ? __die_body+0x5f/0xb0\n ? die+0x9e/0xc0\n ? do_trap+0x15a/0x3a0\n ? clear_inode+0x168/0x190\n ? do_error_trap+0x1dc/0x2c0\n ? clear_inode+0x168/0x190\n ? __pfx_do_error_trap+0x10/0x10\n ? report_bug+0x3cd/0x500\n ? handle_invalid_op+0x34/0x40\n ? clear_inode+0x168/0x190\n ? exc_invalid_op+0x38/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? clear_inode+0x57/0x190\n ? clear_inode+0x167/0x190\n ? clear_inode+0x168/0x190\n ? clear_inode+0x167/0x190\n jfs_evict_inode+0xb5/0x440\n ? __pfx_jfs_evict_inode+0x10/0x10\n evict+0x4ea/0x9b0\n ? __pfx_evict+0x10/0x10\n ? iput+0x713/0xa50\n txUpdateMap+0x931/0xb10\n ? __pfx_txUpdateMap+0x10/0x10\n jfs_lazycommit+0x49a/0xb80\n ? _raw_spin_unlock_irqrestore+0x8f/0x140\n ? lockdep_hardirqs_on+0x99/0x150\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_default_wake_function+0x10/0x10\n ? __kthread_parkme+0x169/0x1d0\n ? __pfx_jfs_lazycommit+0x10/0x10\n kthread+0x2f2/0x390\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4d/0x80\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nThis happens when \u0027clear_inode()\u0027 makes an attempt to finalize an underlying\nJFS inode of unknown type. According to JFS layout description from\nhttps://jfs.sourceforge.net/project/pub/jfslayout.pdf, inode types from 5 to\n15 are reserved for future extensions and should not be encountered on a valid\nfilesystem. So add an extra check for valid inode type in \u0027copy_from_dinode()\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37925",
"url": "https://www.suse.com/security/cve/CVE-2025-37925"
},
{
"category": "external",
"summary": "SUSE Bug 1241654 for CVE-2025-37925",
"url": "https://bugzilla.suse.com/1241654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37925"
},
{
"cve": "CVE-2025-37928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-bufio: don\u0027t schedule in atomic context\n\nA BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and\ntry_verify_in_tasklet are enabled.\n[ 129.444685][ T934] BUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2421\n[ 129.444723][ T934] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 934, name: kworker/1:4\n[ 129.444740][ T934] preempt_count: 201, expected: 0\n[ 129.444756][ T934] RCU nest depth: 0, expected: 0\n[ 129.444781][ T934] Preemption disabled at:\n[ 129.444789][ T934] [\u003cffffffd816231900\u003e] shrink_work+0x21c/0x248\n[ 129.445167][ T934] kernel BUG at kernel/sched/walt/walt_debug.c:16!\n[ 129.445183][ T934] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ 129.445204][ T934] Skip md ftrace buffer dump for: 0x1609e0\n[ 129.447348][ T934] CPU: 1 PID: 934 Comm: kworker/1:4 Tainted: G W OE 6.6.56-android15-8-o-g6f82312b30b9-debug #1 1400000003000000474e5500b3187743670464e8\n[ 129.447362][ T934] Hardware name: Qualcomm Technologies, Inc. Parrot QRD, Alpha-M (DT)\n[ 129.447373][ T934] Workqueue: dm_bufio_cache shrink_work\n[ 129.447394][ T934] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 129.447406][ T934] pc : android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug]\n[ 129.447435][ T934] lr : __traceiter_android_rvh_schedule_bug+0x44/0x6c\n[ 129.447451][ T934] sp : ffffffc0843dbc90\n[ 129.447459][ T934] x29: ffffffc0843dbc90 x28: ffffffffffffffff x27: 0000000000000c8b\n[ 129.447479][ T934] x26: 0000000000000040 x25: ffffff804b3d6260 x24: ffffffd816232b68\n[ 129.447497][ T934] x23: ffffff805171c5b4 x22: 0000000000000000 x21: ffffffd816231900\n[ 129.447517][ T934] x20: ffffff80306ba898 x19: 0000000000000000 x18: ffffffc084159030\n[ 129.447535][ T934] x17: 00000000d2b5dd1f x16: 00000000d2b5dd1f x15: ffffffd816720358\n[ 129.447554][ T934] x14: 0000000000000004 x13: ffffff89ef978000 x12: 0000000000000003\n[ 129.447572][ T934] x11: ffffffd817a823c4 x10: 0000000000000202 x9 : 7e779c5735de9400\n[ 129.447591][ T934] x8 : ffffffd81560d004 x7 : 205b5d3938373434 x6 : ffffffd8167397c8\n[ 129.447610][ T934] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffffffc0843db9e0\n[ 129.447629][ T934] x2 : 0000000000002f15 x1 : 0000000000000000 x0 : 0000000000000000\n[ 129.447647][ T934] Call trace:\n[ 129.447655][ T934] android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug 1400000003000000474e550080cce8a8a78606b6]\n[ 129.447681][ T934] __might_resched+0x190/0x1a8\n[ 129.447694][ T934] shrink_work+0x180/0x248\n[ 129.447706][ T934] process_one_work+0x260/0x624\n[ 129.447718][ T934] worker_thread+0x28c/0x454\n[ 129.447729][ T934] kthread+0x118/0x158\n[ 129.447742][ T934] ret_from_fork+0x10/0x20\n[ 129.447761][ T934] Code: ???????? ???????? ???????? d2b5dd1f (d4210000)\n[ 129.447772][ T934] ---[ end trace 0000000000000000 ]---\n\ndm_bufio_lock will call spin_lock_bh when try_verify_in_tasklet\nis enabled, and __scan will be called in atomic context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37928",
"url": "https://www.suse.com/security/cve/CVE-2025-37928"
},
{
"category": "external",
"summary": "SUSE Bug 1243621 for CVE-2025-37928",
"url": "https://bugzilla.suse.com/1243621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37928"
},
{
"cve": "CVE-2025-37929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays\n\nCommit a5951389e58d (\"arm64: errata: Add newer ARM cores to the\nspectre_bhb_loop_affected() lists\") added some additional CPUs to the\nSpectre-BHB workaround, including some new arrays for designs that\nrequire new \u0027k\u0027 values for the workaround to be effective.\n\nUnfortunately, the new arrays omitted the sentinel entry and so\nis_midr_in_range_list() will walk off the end when it doesn\u0027t find a\nmatch. With UBSAN enabled, this leads to a crash during boot when\nis_midr_in_range_list() is inlined (which was more common prior to\nc8c2647e69be (\"arm64: Make _midr_in_range_list() an exported\nfunction\")):\n\n | Internal error: aarch64 BRK: 00000000f2000001 [#1] PREEMPT SMP\n | pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n | pc : spectre_bhb_loop_affected+0x28/0x30\n | lr : is_spectre_bhb_affected+0x170/0x190\n | [...]\n | Call trace:\n | spectre_bhb_loop_affected+0x28/0x30\n | update_cpu_capabilities+0xc0/0x184\n | init_cpu_features+0x188/0x1a4\n | cpuinfo_store_boot_cpu+0x4c/0x60\n | smp_prepare_boot_cpu+0x38/0x54\n | start_kernel+0x8c/0x478\n | __primary_switched+0xc8/0xd4\n | Code: 6b09011f 54000061 52801080 d65f03c0 (d4200020)\n | ---[ end trace 0000000000000000 ]---\n | Kernel panic - not syncing: aarch64 BRK: Fatal exception\n\nAdd the missing sentinel entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37929",
"url": "https://www.suse.com/security/cve/CVE-2025-37929"
},
{
"category": "external",
"summary": "SUSE Bug 1243624 for CVE-2025-37929",
"url": "https://bugzilla.suse.com/1243624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37929"
},
{
"cve": "CVE-2025-37930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()\n\nNouveau is mostly designed in a way that it\u0027s expected that fences only\never get signaled through nouveau_fence_signal(). However, in at least\none other place, nouveau_fence_done(), can signal fences, too. If that\nhappens (race) a signaled fence remains in the pending list for a while,\nuntil it gets removed by nouveau_fence_update().\n\nShould nouveau_fence_context_kill() run in the meantime, this would be\na bug because the function would attempt to set an error code on an\nalready signaled fence.\n\nHave nouveau_fence_context_kill() check for a fence being signaled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37930",
"url": "https://www.suse.com/security/cve/CVE-2025-37930"
},
{
"category": "external",
"summary": "SUSE Bug 1243625 for CVE-2025-37930",
"url": "https://bugzilla.suse.com/1243625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37930"
},
{
"cve": "CVE-2025-37931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: adjust subpage bit start based on sectorsize\n\nWhen running machines with 64k page size and a 16k nodesize we started\nseeing tree log corruption in production. This turned out to be because\nwe were not writing out dirty blocks sometimes, so this in fact affects\nall metadata writes.\n\nWhen writing out a subpage EB we scan the subpage bitmap for a dirty\nrange. If the range isn\u0027t dirty we do\n\n\tbit_start++;\n\nto move onto the next bit. The problem is the bitmap is based on the\nnumber of sectors that an EB has. So in this case, we have a 64k\npagesize, 16k nodesize, but a 4k sectorsize. This means our bitmap is 4\nbits for every node. With a 64k page size we end up with 4 nodes per\npage.\n\nTo make this easier this is how everything looks\n\n[0 16k 32k 48k ] logical address\n[0 4 8 12 ] radix tree offset\n[ 64k page ] folio\n[ 16k eb ][ 16k eb ][ 16k eb ][ 16k eb ] extent buffers\n[ | | | | | | | | | | | | | | | | ] bitmap\n\nNow we use all of our addressing based on fs_info-\u003esectorsize_bits, so\nas you can see the above our 16k eb-\u003estart turns into radix entry 4.\n\nWhen we find a dirty range for our eb, we correctly do bit_start +=\nsectors_per_node, because if we start at bit 0, the next bit for the\nnext eb is 4, to correspond to eb-\u003estart 16k.\n\nHowever if our range is clean, we will do bit_start++, which will now\nput us offset from our radix tree entries.\n\nIn our case, assume that the first time we check the bitmap the block is\nnot dirty, we increment bit_start so now it == 1, and then we loop\naround and check again. This time it is dirty, and we go to find that\nstart using the following equation\n\n\tstart = folio_start + bit_start * fs_info-\u003esectorsize;\n\nso in the case above, eb-\u003estart 0 is now dirty, and we calculate start\nas\n\n\t0 + 1 * fs_info-\u003esectorsize = 4096\n\t4096 \u003e\u003e 12 = 1\n\nNow we\u0027re looking up the radix tree for 1, and we won\u0027t find an eb.\nWhat\u0027s worse is now we\u0027re using bit_start == 1, so we do bit_start +=\nsectors_per_node, which is now 5. If that eb is dirty we will run into\nthe same thing, we will look at an offset that is not populated in the\nradix tree, and now we\u0027re skipping the writeout of dirty extent buffers.\n\nThe best fix for this is to not use sectorsize_bits to address nodes,\nbut that\u0027s a larger change. Since this is a fs corruption problem fix\nit simply by always using sectors_per_node to increment the start bit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37931",
"url": "https://www.suse.com/security/cve/CVE-2025-37931"
},
{
"category": "external",
"summary": "SUSE Bug 1243626 for CVE-2025-37931",
"url": "https://bugzilla.suse.com/1243626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37931"
},
{
"cve": "CVE-2025-37932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_qlen_notify() idempotent\n\nhtb_qlen_notify() always deactivates the HTB class and in fact could\ntrigger a warning if it is already deactivated. Therefore, it is not\nidempotent and not friendly to its callers, like fq_codel_dequeue().\n\nLet\u0027s make it idempotent to ease qdisc_tree_reduce_backlog() callers\u0027\nlife.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37932",
"url": "https://www.suse.com/security/cve/CVE-2025-37932"
},
{
"category": "external",
"summary": "SUSE Bug 1243627 for CVE-2025-37932",
"url": "https://bugzilla.suse.com/1243627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37932"
},
{
"cve": "CVE-2025-37937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds()\n\nIf dib8000_set_dds()\u0027s call to dib8000_read32() returns zero, the result\nis a divide-by-zero. Prevent that from happening.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/media/dvb-frontends/dib8000.o: warning: objtool: dib8000_tune() falls through to next function dib8096p_cfg_DibRx()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37937",
"url": "https://www.suse.com/security/cve/CVE-2025-37937"
},
{
"category": "external",
"summary": "SUSE Bug 1243540 for CVE-2025-37937",
"url": "https://bugzilla.suse.com/1243540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37937"
},
{
"cve": "CVE-2025-37943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi\n\nIn certain cases, hardware might provide packets with a\nlength greater than the maximum native Wi-Fi header length.\nThis can lead to accessing and modifying fields in the header\nwithin the ath12k_dp_rx_h_undecap_nwifi function for\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type and\npotentially resulting in invalid data access and memory corruption.\n\nAdd a sanity check before processing the SKB to prevent invalid\ndata access in the undecap native Wi-Fi function for the\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37943",
"url": "https://www.suse.com/security/cve/CVE-2025-37943"
},
{
"category": "external",
"summary": "SUSE Bug 1243509 for CVE-2025-37943",
"url": "https://bugzilla.suse.com/1243509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37943"
},
{
"cve": "CVE-2025-37944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process\n\nCurrently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry\nto fetch the next entry from the destination ring. This is incorrect because\nath12k_hal_srng_src_get_next_entry is intended for source rings, not destination\nrings. This leads to invalid entry fetches, causing potential data corruption or\ncrashes due to accessing incorrect memory locations. This happens because the\nsource ring and destination ring have different handling mechanisms and using\nthe wrong function results in incorrect pointer arithmetic and ring management.\n\nTo fix this issue, replace the call to ath12k_hal_srng_src_get_next_entry with\nath12k_hal_srng_dst_get_next_entry in ath12k_dp_mon_srng_process. This ensures\nthat the correct function is used for fetching entries from the destination\nring, preventing invalid memory accesses.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37944",
"url": "https://www.suse.com/security/cve/CVE-2025-37944"
},
{
"category": "external",
"summary": "SUSE Bug 1243530 for CVE-2025-37944",
"url": "https://bugzilla.suse.com/1243530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37944"
},
{
"cve": "CVE-2025-37948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Add BHB mitigation to the epilogue for cBPF programs\n\nA malicious BPF program may manipulate the branch history to influence\nwhat the hardware speculates will happen next.\n\nOn exit from a BPF program, emit the BHB mititgation sequence.\n\nThis is only applied for \u0027classic\u0027 cBPF programs that are loaded by\nseccomp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37948",
"url": "https://www.suse.com/security/cve/CVE-2025-37948"
},
{
"category": "external",
"summary": "SUSE Bug 1243649 for CVE-2025-37948",
"url": "https://bugzilla.suse.com/1243649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37948"
},
{
"cve": "CVE-2025-37949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxenbus: Use kref to track req lifetime\n\nMarek reported seeing a NULL pointer fault in the xenbus_thread\ncallstack:\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: e030:__wake_up_common+0x4c/0x180\nCall Trace:\n \u003cTASK\u003e\n __wake_up_common_lock+0x82/0xd0\n process_msg+0x18e/0x2f0\n xenbus_thread+0x165/0x1c0\n\nprocess_msg+0x18e is req-\u003ecb(req). req-\u003ecb is set to xs_wake_up(), a\nthin wrapper around wake_up(), or xenbus_dev_queue_reply(). It seems\nlike it was xs_wake_up() in this case.\n\nIt seems like req may have woken up the xs_wait_for_reply(), which\nkfree()ed the req. When xenbus_thread resumes, it faults on the zero-ed\ndata.\n\nLinux Device Drivers 2nd edition states:\n\"Normally, a wake_up call can cause an immediate reschedule to happen,\nmeaning that other processes might run before wake_up returns.\"\n... which would match the behaviour observed.\n\nChange to keeping two krefs on each request. One for the caller, and\none for xenbus_thread. Each will kref_put() when finished, and the last\nwill free it.\n\nThis use of kref matches the description in\nDocumentation/core-api/kref.rst",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37949",
"url": "https://www.suse.com/security/cve/CVE-2025-37949"
},
{
"category": "external",
"summary": "SUSE Bug 1243541 for CVE-2025-37949",
"url": "https://bugzilla.suse.com/1243541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37949"
},
{
"cve": "CVE-2025-37951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Add job to pending list if the reset was skipped\n\nWhen a CL/CSD job times out, we check if the GPU has made any progress\nsince the last timeout. If so, instead of resetting the hardware, we skip\nthe reset and let the timer get rearmed. This gives long-running jobs a\nchance to complete.\n\nHowever, when `timedout_job()` is called, the job in question is removed\nfrom the pending list, which means it won\u0027t be automatically freed through\n`free_job()`. Consequently, when we skip the reset and keep the job\nrunning, the job won\u0027t be freed when it finally completes.\n\nThis situation leads to a memory leak, as exposed in [1] and [2].\n\nSimilarly to commit 704d3d60fec4 (\"drm/etnaviv: don\u0027t block scheduler when\nGPU is still active\"), this patch ensures the job is put back on the\npending list when extending the timeout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37951",
"url": "https://www.suse.com/security/cve/CVE-2025-37951"
},
{
"category": "external",
"summary": "SUSE Bug 1243659 for CVE-2025-37951",
"url": "https://bugzilla.suse.com/1243659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37951"
},
{
"cve": "CVE-2025-37953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_deactivate() idempotent\n\nAlan reported a NULL pointer dereference in htb_next_rb_node()\nafter we made htb_qlen_notify() idempotent.\n\nIt turns out in the following case it introduced some regression:\n\nhtb_dequeue_tree():\n |-\u003e fq_codel_dequeue()\n |-\u003e qdisc_tree_reduce_backlog()\n |-\u003e htb_qlen_notify()\n |-\u003e htb_deactivate()\n |-\u003e htb_next_rb_node()\n |-\u003e htb_deactivate()\n\nFor htb_next_rb_node(), after calling the 1st htb_deactivate(), the\nclprio[prio]-\u003eptr could be already set to NULL, which means\nhtb_next_rb_node() is vulnerable here.\n\nFor htb_deactivate(), although we checked qlen before calling it, in\ncase of qlen==0 after qdisc_tree_reduce_backlog(), we may call it again\nwhich triggers the warning inside.\n\nTo fix the issues here, we need to:\n\n1) Make htb_deactivate() idempotent, that is, simply return if we\n already call it before.\n2) Make htb_next_rb_node() safe against ptr==NULL.\n\nMany thanks to Alan for testing and for the reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37953",
"url": "https://www.suse.com/security/cve/CVE-2025-37953"
},
{
"category": "external",
"summary": "SUSE Bug 1243543 for CVE-2025-37953",
"url": "https://bugzilla.suse.com/1243543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37953"
},
{
"cve": "CVE-2025-37954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Avoid race in open_cached_dir with lease breaks\n\nA pre-existing valid cfid returned from find_or_create_cached_dir might\nrace with a lease break, meaning open_cached_dir doesn\u0027t consider it\nvalid, and thinks it\u0027s newly-constructed. This leaks a dentry reference\nif the allocation occurs before the queued lease break work runs.\n\nAvoid the race by extending holding the cfid_list_lock across\nfind_or_create_cached_dir and when the result is checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37954",
"url": "https://www.suse.com/security/cve/CVE-2025-37954"
},
{
"category": "external",
"summary": "SUSE Bug 1243664 for CVE-2025-37954",
"url": "https://bugzilla.suse.com/1243664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37954"
},
{
"cve": "CVE-2025-37957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception\n\nPreviously, commit ed129ec9057f (\"KVM: x86: forcibly leave nested mode\non vCPU reset\") addressed an issue where a triple fault occurring in\nnested mode could lead to use-after-free scenarios. However, the commit\ndid not handle the analogous situation for System Management Mode (SMM).\n\nThis omission results in triggering a WARN when KVM forces a vCPU INIT\nafter SHUTDOWN interception while the vCPU is in SMM. This situation was\nreprodused using Syzkaller by:\n\n 1) Creating a KVM VM and vCPU\n 2) Sending a KVM_SMI ioctl to explicitly enter SMM\n 3) Executing invalid instructions causing consecutive exceptions and\n eventually a triple fault\n\nThe issue manifests as follows:\n\n WARNING: CPU: 0 PID: 25506 at arch/x86/kvm/x86.c:12112\n kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Modules linked in:\n CPU: 0 PID: 25506 Comm: syz-executor.0 Not tainted\n 6.1.130-syzkaller-00157-g164fe5dde9b6 #0\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),\n BIOS 1.12.0-1 04/01/2014\n RIP: 0010:kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Call Trace:\n \u003cTASK\u003e\n shutdown_interception+0x66/0xb0 arch/x86/kvm/svm/svm.c:2136\n svm_invoke_exit_handler+0x110/0x530 arch/x86/kvm/svm/svm.c:3395\n svm_handle_exit+0x424/0x920 arch/x86/kvm/svm/svm.c:3457\n vcpu_enter_guest arch/x86/kvm/x86.c:10959 [inline]\n vcpu_run+0x2c43/0x5a90 arch/x86/kvm/x86.c:11062\n kvm_arch_vcpu_ioctl_run+0x50f/0x1cf0 arch/x86/kvm/x86.c:11283\n kvm_vcpu_ioctl+0x570/0xf00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4122\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nArchitecturally, INIT is blocked when the CPU is in SMM, hence KVM\u0027s WARN()\nin kvm_vcpu_reset() to guard against KVM bugs, e.g. to detect improper\nemulation of INIT. SHUTDOWN on SVM is a weird edge case where KVM needs to\ndo _something_ sane with the VMCB, since it\u0027s technically undefined, and\nINIT is the least awful choice given KVM\u0027s ABI.\n\nSo, double down on stuffing INIT on SHUTDOWN, and force the vCPU out of\nSMM to avoid any weirdness (and the WARN).\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.\n\n[sean: massage changelog, make it clear this isn\u0027t architectural behavior]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37957",
"url": "https://www.suse.com/security/cve/CVE-2025-37957"
},
{
"category": "external",
"summary": "SUSE Bug 1243513 for CVE-2025-37957",
"url": "https://bugzilla.suse.com/1243513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37957"
},
{
"cve": "CVE-2025-37958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: fix dereferencing invalid pmd migration entry\n\nWhen migrating a THP, concurrent access to the PMD migration entry during\na deferred split scan can lead to an invalid address access, as\nillustrated below. To prevent this invalid access, it is necessary to\ncheck the PMD migration entry and return early. In this context, there is\nno need to use pmd_to_swp_entry and pfn_swap_entry_to_page to verify the\nequality of the target folio. Since the PMD migration entry is locked, it\ncannot be served as the target.\n\nMailing list discussion and explanation from Hugh Dickins: \"An anon_vma\nlookup points to a location which may contain the folio of interest, but\nmight instead contain another folio: and weeding out those other folios is\nprecisely what the \"folio != pmd_folio((*pmd)\" check (and the \"risk of\nreplacing the wrong folio\" comment a few lines above it) is for.\"\n\nBUG: unable to handle page fault for address: ffffea60001db008\nCPU: 0 UID: 0 PID: 2199114 Comm: tee Not tainted 6.14.0+ #4 NONE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:split_huge_pmd_locked+0x3b5/0x2b60\nCall Trace:\n\u003cTASK\u003e\ntry_to_migrate_one+0x28c/0x3730\nrmap_walk_anon+0x4f6/0x770\nunmap_folio+0x196/0x1f0\nsplit_huge_page_to_list_to_order+0x9f6/0x1560\ndeferred_split_scan+0xac5/0x12a0\nshrinker_debugfs_scan_write+0x376/0x470\nfull_proxy_write+0x15c/0x220\nvfs_write+0x2fc/0xcb0\nksys_write+0x146/0x250\ndo_syscall_64+0x6a/0x120\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe bug is found by syzkaller on an internal kernel, then confirmed on\nupstream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37958",
"url": "https://www.suse.com/security/cve/CVE-2025-37958"
},
{
"category": "external",
"summary": "SUSE Bug 1243539 for CVE-2025-37958",
"url": "https://bugzilla.suse.com/1243539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37958"
},
{
"cve": "CVE-2025-37959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Scrub packet on bpf_redirect_peer\n\nWhen bpf_redirect_peer is used to redirect packets to a device in\nanother network namespace, the skb isn\u0027t scrubbed. That can lead skb\ninformation from one namespace to be \"misused\" in another namespace.\n\nAs one example, this is causing Cilium to drop traffic when using\nbpf_redirect_peer to redirect packets that just went through IPsec\ndecryption to a container namespace. The following pwru trace shows (1)\nthe packet path from the host\u0027s XFRM layer to the container\u0027s XFRM\nlayer where it\u0027s dropped and (2) the number of active skb extensions at\neach function.\n\n NETNS MARK IFACE TUPLE FUNC\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm4_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 gro_cells_receive\n .active_extensions = (__u8)2,\n [...]\n 4026533547 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 skb_do_redirect\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv_core\n .active_extensions = (__u8)2,\n [...]\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 udp_queue_rcv_one_skb\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_policy_check\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 security_xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 kfree_skb_reason(SKB_DROP_REASON_XFRM_POLICY)\n .active_extensions = (__u8)2,\n\nIn this case, there are no XFRM policies in the container\u0027s network\nnamespace so the drop is unexpected. When we decrypt the IPsec packet,\nthe XFRM state used for decryption is set in the skb extensions. This\ninformation is preserved across the netns switch. When we reach the\nXFRM policy check in the container\u0027s netns, __xfrm_policy_check drops\nthe packet with LINUX_MIB_XFRMINNOPOLS because a (container-side) XFRM\npolicy can\u0027t be found that matches the (host-side) XFRM state used for\ndecryption.\n\nThis patch fixes this by scrubbing the packet when using\nbpf_redirect_peer, as is done on typical netns switches via veth\ndevices except skb-\u003emark and skb-\u003etstamp are not zeroed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37959",
"url": "https://www.suse.com/security/cve/CVE-2025-37959"
},
{
"category": "external",
"summary": "SUSE Bug 1243517 for CVE-2025-37959",
"url": "https://bugzilla.suse.com/1243517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37959"
},
{
"cve": "CVE-2025-37960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemblock: Accept allocated memory before use in memblock_double_array()\n\nWhen increasing the array size in memblock_double_array() and the slab\nis not yet available, a call to memblock_find_in_range() is used to\nreserve/allocate memory. However, the range returned may not have been\naccepted, which can result in a crash when booting an SNP guest:\n\n RIP: 0010:memcpy_orig+0x68/0x130\n Code: ...\n RSP: 0000:ffffffff9cc03ce8 EFLAGS: 00010006\n RAX: ff11001ff83e5000 RBX: 0000000000000000 RCX: fffffffffffff000\n RDX: 0000000000000bc0 RSI: ffffffff9dba8860 RDI: ff11001ff83e5c00\n RBP: 0000000000002000 R08: 0000000000000000 R09: 0000000000002000\n R10: 000000207fffe000 R11: 0000040000000000 R12: ffffffff9d06ef78\n R13: ff11001ff83e5000 R14: ffffffff9dba7c60 R15: 0000000000000c00\n memblock_double_array+0xff/0x310\n memblock_add_range+0x1fb/0x2f0\n memblock_reserve+0x4f/0xa0\n memblock_alloc_range_nid+0xac/0x130\n memblock_alloc_internal+0x53/0xc0\n memblock_alloc_try_nid+0x3d/0xa0\n swiotlb_init_remap+0x149/0x2f0\n mem_init+0xb/0xb0\n mm_core_init+0x8f/0x350\n start_kernel+0x17e/0x5d0\n x86_64_start_reservations+0x14/0x30\n x86_64_start_kernel+0x92/0xa0\n secondary_startup_64_no_verify+0x194/0x19b\n\nMitigate this by calling accept_memory() on the memory range returned\nbefore the slab is available.\n\nPrior to v6.12, the accept_memory() interface used a \u0027start\u0027 and \u0027end\u0027\nparameter instead of \u0027start\u0027 and \u0027size\u0027, therefore the accept_memory()\ncall must be adjusted to specify \u0027start + size\u0027 for \u0027end\u0027 when applying\nto kernels prior to v6.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37960",
"url": "https://www.suse.com/security/cve/CVE-2025-37960"
},
{
"category": "external",
"summary": "SUSE Bug 1243519 for CVE-2025-37960",
"url": "https://bugzilla.suse.com/1243519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37960"
},
{
"cve": "CVE-2025-37963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Only mitigate cBPF programs loaded by unprivileged users\n\nSupport for eBPF programs loaded by unprivileged users is typically\ndisabled. This means only cBPF programs need to be mitigated for BHB.\n\nIn addition, only mitigate cBPF programs that were loaded by an\nunprivileged user. Privileged users can also load the same program\nvia eBPF, making the mitigation pointless.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37963",
"url": "https://www.suse.com/security/cve/CVE-2025-37963"
},
{
"category": "external",
"summary": "SUSE Bug 1243660 for CVE-2025-37963",
"url": "https://bugzilla.suse.com/1243660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "low"
}
],
"title": "CVE-2025-37963"
},
{
"cve": "CVE-2025-37969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo\n\nPrevent st_lsm6dsx_read_tagged_fifo from falling in an infinite loop in\ncase pattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37969",
"url": "https://www.suse.com/security/cve/CVE-2025-37969"
},
{
"category": "external",
"summary": "SUSE Bug 1243574 for CVE-2025-37969",
"url": "https://bugzilla.suse.com/1243574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37969"
},
{
"cve": "CVE-2025-37970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo\n\nPrevent st_lsm6dsx_read_fifo from falling in an infinite loop in case\npattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37970",
"url": "https://www.suse.com/security/cve/CVE-2025-37970"
},
{
"category": "external",
"summary": "SUSE Bug 1243575 for CVE-2025-37970",
"url": "https://bugzilla.suse.com/1243575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37970"
},
{
"cve": "CVE-2025-37972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: mtk-pmic-keys - fix possible null pointer dereference\n\nIn mtk_pmic_keys_probe, the regs parameter is only set if the button is\nparsed in the device tree. However, on hardware where the button is left\nfloating, that node will most likely be removed not to enable that\ninput. In that case the code will try to dereference a null pointer.\n\nLet\u0027s use the regs struct instead as it is defined for all supported\nplatforms. Note that it is ok setting the key reg even if that latter is\ndisabled as the interrupt won\u0027t be enabled anyway.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37972",
"url": "https://www.suse.com/security/cve/CVE-2025-37972"
},
{
"category": "external",
"summary": "SUSE Bug 1243573 for CVE-2025-37972",
"url": "https://bugzilla.suse.com/1243573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37972"
},
{
"cve": "CVE-2025-37974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix missing check for zpci_create_device() error return\n\nThe zpci_create_device() function returns an error pointer that needs to\nbe checked before dereferencing it as a struct zpci_dev pointer. Add the\nmissing check in __clp_add() where it was missed when adding the\nscan_list in the fixed commit. Simply not adding the device to the scan\nlist results in the previous behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37974",
"url": "https://www.suse.com/security/cve/CVE-2025-37974"
},
{
"category": "external",
"summary": "SUSE Bug 1243547 for CVE-2025-37974",
"url": "https://bugzilla.suse.com/1243547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37974"
},
{
"cve": "CVE-2025-37978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: integrity: Do not call set_page_dirty_lock()\n\nPlacing multiple protection information buffers inside the same page\ncan lead to oopses because set_page_dirty_lock() can\u0027t be called from\ninterrupt context.\n\nSince a protection information buffer is not backed by a file there is\nno point in setting its page dirty, there is nothing to synchronize.\nDrop the call to set_page_dirty_lock() and remove the last argument to\nbio_integrity_unpin_bvec().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37978",
"url": "https://www.suse.com/security/cve/CVE-2025-37978"
},
{
"category": "external",
"summary": "SUSE Bug 1243516 for CVE-2025-37978",
"url": "https://bugzilla.suse.com/1243516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37978"
},
{
"cve": "CVE-2025-37979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: Fix sc7280 lpass potential buffer overflow\n\nCase values introduced in commit\n5f78e1fb7a3e (\"ASoC: qcom: Add driver support for audioreach solution\")\ncause out of bounds access in arrays of sc7280 driver data (e.g. in case\nof RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()).\n\nRedefine LPASS_MAX_PORTS to consider the maximum possible port id for\nq6dsp as sc7280 driver utilizes some of those values.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37979",
"url": "https://www.suse.com/security/cve/CVE-2025-37979"
},
{
"category": "external",
"summary": "SUSE Bug 1243545 for CVE-2025-37979",
"url": "https://bugzilla.suse.com/1243545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37979"
},
{
"cve": "CVE-2025-37980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix resource leak in blk_register_queue() error path\n\nWhen registering a queue fails after blk_mq_sysfs_register() is\nsuccessful but the function later encounters an error, we need\nto clean up the blk_mq_sysfs resources.\n\nAdd the missing blk_mq_sysfs_unregister() call in the error path\nto properly clean up these resources and prevent a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37980",
"url": "https://www.suse.com/security/cve/CVE-2025-37980"
},
{
"category": "external",
"summary": "SUSE Bug 1243522 for CVE-2025-37980",
"url": "https://bugzilla.suse.com/1243522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37980"
},
{
"cve": "CVE-2025-37982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wl1251: fix memory leak in wl1251_tx_work\n\nThe skb dequeued from tx_queue is lost when wl1251_ps_elp_wakeup fails\nwith a -ETIMEDOUT error. Fix that by queueing the skb back to tx_queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37982",
"url": "https://www.suse.com/security/cve/CVE-2025-37982"
},
{
"category": "external",
"summary": "SUSE Bug 1243524 for CVE-2025-37982",
"url": "https://bugzilla.suse.com/1243524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37982"
},
{
"cve": "CVE-2025-37983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqibfs: fix _another_ leak\n\nfailure to allocate inode =\u003e leaked dentry...\n\nthis one had been there since the initial merge; to be fair,\nif we are that far OOM, the odds of failing at that particular\nallocation are low...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37983",
"url": "https://www.suse.com/security/cve/CVE-2025-37983"
},
{
"category": "external",
"summary": "SUSE Bug 1243567 for CVE-2025-37983",
"url": "https://bugzilla.suse.com/1243567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37983"
},
{
"cve": "CVE-2025-37985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: wdm: close race between wdm_open and wdm_wwan_port_stop\n\nClearing WDM_WWAN_IN_USE must be the last action or\nwe can open a chardev whose URBs are still poisoned",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37985",
"url": "https://www.suse.com/security/cve/CVE-2025-37985"
},
{
"category": "external",
"summary": "SUSE Bug 1243529 for CVE-2025-37985",
"url": "https://bugzilla.suse.com/1243529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37985"
},
{
"cve": "CVE-2025-37986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Invalidate USB device pointers on partner unregistration\n\nTo avoid using invalid USB device pointers after a Type-C partner\ndisconnects, this patch clears the pointers upon partner unregistration.\nThis ensures a clean state for future connections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37986",
"url": "https://www.suse.com/security/cve/CVE-2025-37986"
},
{
"category": "external",
"summary": "SUSE Bug 1243515 for CVE-2025-37986",
"url": "https://bugzilla.suse.com/1243515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37986"
},
{
"cve": "CVE-2025-37989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: leds: fix memory leak\n\nA network restart test on a router led to an out-of-memory condition,\nwhich was traced to a memory leak in the PHY LED trigger code.\n\nThe root cause is misuse of the devm API. The registration function\n(phy_led_triggers_register) is called from phy_attach_direct, not\nphy_probe, and the unregister function (phy_led_triggers_unregister)\nis called from phy_detach, not phy_remove. This means the register and\nunregister functions can be called multiple times for the same PHY\ndevice, but devm-allocated memory is not freed until the driver is\nunbound.\n\nThis also prevents kmemleak from detecting the leak, as the devm API\ninternally stores the allocated pointer.\n\nFix this by replacing devm_kzalloc/devm_kcalloc with standard\nkzalloc/kcalloc, and add the corresponding kfree calls in the unregister\npath.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37989",
"url": "https://www.suse.com/security/cve/CVE-2025-37989"
},
{
"category": "external",
"summary": "SUSE Bug 1243511 for CVE-2025-37989",
"url": "https://bugzilla.suse.com/1243511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37989"
},
{
"cve": "CVE-2025-37990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()\n\nThe function brcmf_usb_dl_writeimage() calls the function\nbrcmf_usb_dl_cmd() but dose not check its return value. The\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized if the\nfunction brcmf_usb_dl_cmd() fails. It is dangerous to use\nuninitialized variables in the conditions.\n\nAdd error handling for brcmf_usb_dl_cmd() to jump to error\nhandling path if the brcmf_usb_dl_cmd() fails and the\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized.\n\nImprove the error message to report more detailed error\ninformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37990",
"url": "https://www.suse.com/security/cve/CVE-2025-37990"
},
{
"category": "external",
"summary": "SUSE Bug 1243528 for CVE-2025-37990",
"url": "https://bugzilla.suse.com/1243528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-37990"
},
{
"cve": "CVE-2025-38104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV\n\nRLCG Register Access is a way for virtual functions to safely access GPU\nregisters in a virtualized environment., including TLB flushes and\nregister reads. When multiple threads or VFs try to access the same\nregisters simultaneously, it can lead to race conditions. By using the\nRLCG interface, the driver can serialize access to the registers. This\nmeans that only one thread can access the registers at a time,\npreventing conflicts and ensuring that operations are performed\ncorrectly. Additionally, when a low-priority task holds a mutex that a\nhigh-priority task needs, ie., If a thread holding a spinlock tries to\nacquire a mutex, it can lead to priority inversion. register access in\namdgpu_virt_rlcg_reg_rw especially in a fast code path is critical.\n\nThe call stack shows that the function amdgpu_virt_rlcg_reg_rw is being\ncalled, which attempts to acquire the mutex. This function is invoked\nfrom amdgpu_sriov_wreg, which in turn is called from\ngmc_v11_0_flush_gpu_tlb.\n\nThe [ BUG: Invalid wait context ] indicates that a thread is trying to\nacquire a mutex while it is in a context that does not allow it to sleep\n(like holding a spinlock).\n\nFixes the below:\n\n[ 253.013423] =============================\n[ 253.013434] [ BUG: Invalid wait context ]\n[ 253.013446] 6.12.0-amdstaging-drm-next-lol-050225 #14 Tainted: G U OE\n[ 253.013464] -----------------------------\n[ 253.013475] kworker/0:1/10 is trying to lock:\n[ 253.013487] ffff9f30542e3cf8 (\u0026adev-\u003evirt.rlcg_reg_lock){+.+.}-{3:3}, at: amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.013815] other info that might help us debug this:\n[ 253.013827] context-{4:4}\n[ 253.013835] 3 locks held by kworker/0:1/10:\n[ 253.013847] #0: ffff9f3040050f58 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x3f5/0x680\n[ 253.013877] #1: ffffb789c008be40 ((work_completion)(\u0026wfc.work)){+.+.}-{0:0}, at: process_one_work+0x1d6/0x680\n[ 253.013905] #2: ffff9f3054281838 (\u0026adev-\u003egmc.invalidate_lock){+.+.}-{2:2}, at: gmc_v11_0_flush_gpu_tlb+0x198/0x4f0 [amdgpu]\n[ 253.014154] stack backtrace:\n[ 253.014164] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G U OE 6.12.0-amdstaging-drm-next-lol-050225 #14\n[ 253.014189] Tainted: [U]=USER, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n[ 253.014203] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/18/2024\n[ 253.014224] Workqueue: events work_for_cpu_fn\n[ 253.014241] Call Trace:\n[ 253.014250] \u003cTASK\u003e\n[ 253.014260] dump_stack_lvl+0x9b/0xf0\n[ 253.014275] dump_stack+0x10/0x20\n[ 253.014287] __lock_acquire+0xa47/0x2810\n[ 253.014303] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014321] lock_acquire+0xd1/0x300\n[ 253.014333] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014562] ? __lock_acquire+0xa6b/0x2810\n[ 253.014578] __mutex_lock+0x85/0xe20\n[ 253.014591] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014782] ? sched_clock_noinstr+0x9/0x10\n[ 253.014795] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014808] ? local_clock_noinstr+0xe/0xc0\n[ 253.014822] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015012] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.015029] mutex_lock_nested+0x1b/0x30\n[ 253.015044] ? mutex_lock_nested+0x1b/0x30\n[ 253.015057] amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015249] amdgpu_sriov_wreg+0xc5/0xd0 [amdgpu]\n[ 253.015435] gmc_v11_0_flush_gpu_tlb+0x44b/0x4f0 [amdgpu]\n[ 253.015667] gfx_v11_0_hw_init+0x499/0x29c0 [amdgpu]\n[ 253.015901] ? __pfx_smu_v13_0_update_pcie_parameters+0x10/0x10 [amdgpu]\n[ 253.016159] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.016173] ? smu_hw_init+0x18d/0x300 [amdgpu]\n[ 253.016403] amdgpu_device_init+0x29ad/0x36a0 [amdgpu]\n[ 253.016614] amdgpu_driver_load_kms+0x1a/0xc0 [amdgpu]\n[ 253.0170\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38104",
"url": "https://www.suse.com/security/cve/CVE-2025-38104"
},
{
"category": "external",
"summary": "SUSE Bug 1241635 for CVE-2025-38104",
"url": "https://bugzilla.suse.com/1241635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-38104"
},
{
"cve": "CVE-2025-38152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Clear table_sz when rproc_shutdown\n\nThere is case as below could trigger kernel dump:\nUse U-Boot to start remote processor(rproc) with resource table\npublished to a fixed address by rproc. After Kernel boots up,\nstop the rproc, load a new firmware which doesn\u0027t have resource table\n,and start rproc.\n\nWhen starting rproc with a firmware not have resource table,\n`memcpy(loaded_table, rproc-\u003ecached_table, rproc-\u003etable_sz)` will\ntrigger dump, because rproc-\u003ecache_table is set to NULL during the last\nstop operation, but rproc-\u003etable_sz is still valid.\n\nThis issue is found on i.MX8MP and i.MX9.\n\nDump as below:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af63000\n[0000000000000000] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in:\nCPU: 2 UID: 0 PID: 1060 Comm: sh Not tainted 6.14.0-rc7-next-20250317-dirty #38\nHardware name: NXP i.MX8MPlus EVK board (DT)\npstate: a0000005 (NzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __pi_memcpy_generic+0x110/0x22c\nlr : rproc_start+0x88/0x1e0\nCall trace:\n __pi_memcpy_generic+0x110/0x22c (P)\n rproc_boot+0x198/0x57c\n state_store+0x40/0x104\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x7c/0x94\n kernfs_fop_write_iter+0x120/0x1cc\n vfs_write+0x240/0x378\n ksys_write+0x70/0x108\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xcc\n el0t_64_sync_handler+0x10c/0x138\n el0t_64_sync+0x198/0x19c\n\nClear rproc-\u003etable_sz to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38152",
"url": "https://www.suse.com/security/cve/CVE-2025-38152"
},
{
"category": "external",
"summary": "SUSE Bug 1241627 for CVE-2025-38152",
"url": "https://bugzilla.suse.com/1241627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-38152"
},
{
"cve": "CVE-2025-38240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38240"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr\n\nThe function mtk_dp_wait_hpd_asserted() may be called before the\n`mtk_dp-\u003edrm_dev` pointer is assigned in mtk_dp_bridge_attach().\nSpecifically it can be called via this callpath:\n - mtk_edp_wait_hpd_asserted\n - [panel probe]\n - dp_aux_ep_probe\n\nUsing \"drm\" level prints anywhere in this callpath causes a NULL\npointer dereference. Change the error message directly in\nmtk_dp_wait_hpd_asserted() to dev_err() to avoid this. Also change the\nerror messages in mtk_dp_parse_capabilities(), which is called by\nmtk_dp_wait_hpd_asserted().\n\nWhile touching these prints, also add the error code to them to make\nfuture debugging easier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38240",
"url": "https://www.suse.com/security/cve/CVE-2025-38240"
},
{
"category": "external",
"summary": "SUSE Bug 1241457 for CVE-2025-38240",
"url": "https://bugzilla.suse.com/1241457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-38240"
},
{
"cve": "CVE-2025-38637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: skbprio: Remove overly strict queue assertions\n\nIn the current implementation, skbprio enqueue/dequeue contains an assertion\nthat fails under certain conditions when SKBPRIO is used as a child qdisc under\nTBF with specific parameters. The failure occurs because TBF sometimes peeks at\npackets in the child qdisc without actually dequeuing them when tokens are\nunavailable.\n\nThis peek operation creates a discrepancy between the parent and child qdisc\nqueue length counters. When TBF later receives a high-priority packet,\nSKBPRIO\u0027s queue length may show a different value than what\u0027s reflected in its\ninternal priority queue tracking, triggering the assertion.\n\nThe fix removes this overly strict assertions in SKBPRIO, they are not\nnecessary at all.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38637",
"url": "https://www.suse.com/security/cve/CVE-2025-38637"
},
{
"category": "external",
"summary": "SUSE Bug 1241657 for CVE-2025-38637",
"url": "https://bugzilla.suse.com/1241657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-38637"
},
{
"cve": "CVE-2025-39735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix slab-out-of-bounds read in ea_get()\n\nDuring the \"size_check\" label in ea_get(), the code checks if the extended\nattribute list (xattr) size matches ea_size. If not, it logs\n\"ea_get: invalid extended attribute\" and calls print_hex_dump().\n\nHere, EALIST_SIZE(ea_buf-\u003exattr) returns 4110417968, which exceeds\nINT_MAX (2,147,483,647). Then ea_size is clamped:\n\n\tint size = clamp_t(int, ea_size, 0, EALIST_SIZE(ea_buf-\u003exattr));\n\nAlthough clamp_t aims to bound ea_size between 0 and 4110417968, the upper\nlimit is treated as an int, causing an overflow above 2^31 - 1. This leads\n\"size\" to wrap around and become negative (-184549328).\n\nThe \"size\" is then passed to print_hex_dump() (called \"len\" in\nprint_hex_dump()), it is passed as type size_t (an unsigned\ntype), this is then stored inside a variable called\n\"int remaining\", which is then assigned to \"int linelen\" which\nis then passed to hex_dump_to_buffer(). In print_hex_dump()\nthe for loop, iterates through 0 to len-1, where len is\n18446744073525002176, calling hex_dump_to_buffer()\non each iteration:\n\n\tfor (i = 0; i \u003c len; i += rowsize) {\n\t\tlinelen = min(remaining, rowsize);\n\t\tremaining -= rowsize;\n\n\t\thex_dump_to_buffer(ptr + i, linelen, rowsize, groupsize,\n\t\t\t\t linebuf, sizeof(linebuf), ascii);\n\n\t\t...\n\t}\n\nThe expected stopping condition (i \u003c len) is effectively broken\nsince len is corrupted and very large. This eventually leads to\nthe \"ptr+i\" being passed to hex_dump_to_buffer() to get closer\nto the end of the actual bounds of \"ptr\", eventually an out of\nbounds access is done in hex_dump_to_buffer() in the following\nfor loop:\n\n\tfor (j = 0; j \u003c len; j++) {\n\t\t\tif (linebuflen \u003c lx + 2)\n\t\t\t\tgoto overflow2;\n\t\t\tch = ptr[j];\n\t\t...\n\t}\n\nTo fix this we should validate \"EALIST_SIZE(ea_buf-\u003exattr)\"\nbefore it is utilised.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39735",
"url": "https://www.suse.com/security/cve/CVE-2025-39735"
},
{
"category": "external",
"summary": "SUSE Bug 1241625 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "external",
"summary": "SUSE Bug 1241699 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "important"
}
],
"title": "CVE-2025-39735"
},
{
"cve": "CVE-2025-40014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq()\n\nIf speed_hz \u003c AMD_SPI_MIN_HZ, amd_set_spi_freq() iterates over the\nentire amd_spi_freq array without breaking out early, causing \u0027i\u0027 to go\nbeyond the array bounds.\n\nFix that by stopping the loop when it gets to the last entry, so the low\nspeed_hz value gets clamped up to AMD_SPI_MIN_HZ.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/spi/spi-amd.o: error: objtool: amd_set_spi_freq() falls through to next function amd_spi_set_opcode()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40014",
"url": "https://www.suse.com/security/cve/CVE-2025-40014"
},
{
"category": "external",
"summary": "SUSE Bug 1241644 for CVE-2025-40014",
"url": "https://bugzilla.suse.com/1241644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-40014"
},
{
"cve": "CVE-2025-40325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: wait barrier before returning discard request with REQ_NOWAIT\n\nraid10_handle_discard should wait barrier before returning a discard bio\nwhich has REQ_NOWAIT. And there is no need to print warning calltrace\nif a discard bio has REQ_NOWAIT flag. Quality engineer usually checks\ndmesg and reports error if dmesg has warning/error calltrace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40325",
"url": "https://www.suse.com/security/cve/CVE-2025-40325"
},
{
"category": "external",
"summary": "SUSE Bug 1241638 for CVE-2025-40325",
"url": "https://bugzilla.suse.com/1241638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.40.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.40.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T14:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-40325"
}
]
}
suse-su-2025:20419-1
Vulnerability from csaf_suse
Published
2025-06-15 13:06
Modified
2025-06-15 13:06
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).
The following non-security bugs were fixed:
- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).
- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).
- ACPICA: Utilities: Fix spelling mistake "Incremement" -> "Increment" (git-fixes).
- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).
- ACPI: HED: Always initialize before evged (stable-fixes).
- ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions" (git-fixes).
- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
- afs: Make it possible to find the volumes that are using a server (git-fixes).
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).
- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).
- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
- ALSA: seq: Improve data consistency at polling (stable-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- arm64: insn: Add support for encoding DSB (git-fixes)
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).
- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).
- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).
- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).
- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).
- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).
- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).
- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).
- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).
- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).
- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).
- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).
- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).
- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).
- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).
- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).
- ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation type (git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).
- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).
- ASoC: tas2764: Enable main IRQs (git-fixes).
- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).
- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).
- ASoC: tas2764: Reinit cache on part reset (git-fixes).
- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).
- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).
- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).
- bus: fsl-mc: fix double-free on mc_dev (git-fixes).
- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).
- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- can: bcm: add missing rcu read protection for procfs content (git-fixes).
- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).
- can: slcan: allow reception of short error messages (git-fixes).
- check-for-config-changes: Fix flag name typo
- cifs: change tcon status when need_reconnect is set on it (git-fixes).
- cifs: reduce warning log level for server not advertising interfaces (git-fixes).
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- crypto: lrw - Only add ecb if it is not already there (git-fixes).
- crypto: lzo - Fix compression buffer overrun (stable-fixes).
- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).
- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).
- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).
- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).
- crypto: qat - add shutdown handler to qat_420xx (git-fixes).
- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).
- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).
- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).
- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).
- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).
- crypto: xts - Only add ecb if it is not already there (git-fixes).
- devlink: fix port new reply cmd type (git-fixes).
- dlm: mask sk_shutdown value (bsc#1228854).
- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).
- dma-buf: insert memory barrier before updating num_fences (git-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).
- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" (git-fixes).
- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).
- dm-integrity: fix a warning on invalid table line (git-fixes).
- Documentation: fix typo in root= kernel parameter description (git-fixes).
- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).
- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).
- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).
- drm: Add valid clones check (stable-fixes).
- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).
- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).
- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).
- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).
- drm/amd/display: Increase block_sequence array size (stable-fixes).
- drm/amd/display: Initial psr_version with correct setting (stable-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).
- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).
- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).
- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).
- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: reset psp->cmd to NULL after releasing the buffer (stable-fixes).
- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).
- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).
- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).
- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).
- drm/ast: Find VBIOS mode from regular display size (stable-fixes).
- drm/ast: Fix comment on modeset lock (git-fixes).
- drm/atomic: clarify the rules around drm_atomic_state->allow_modeset (stable-fixes).
- drm: bridge: adv7511: fill stream capabilities (stable-fixes).
- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).
- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).
- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).
- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).
- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).
- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).
- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).
- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).
- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).
- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).
- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).
- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).
- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).
- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).
- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).
- drm/tegra: Assign plane type before registration (git-fixes).
- drm/tegra: Fix a possible null pointer dereference (git-fixes).
- drm/tegra: rgb: Fix the unbound reference count (git-fixes).
- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).
- drm/v3d: Add clock handling (stable-fixes).
- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
- drm/vc4: tests: Use return instead of assert (git-fixes).
- drm/vkms: Adjust vkms_state->active_planes allocation type (git-fixes).
- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).
- Drop AMDGPU patch that may cause regressions (bsc#1243782)
- exfat: fix potential wrong error return from get_block (git-fixes).
- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).
- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).
- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).
- fbdev/efifb: Remove PM for parent device (bsc#1244261).
- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).
- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).
- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).
- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).
- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).
- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- fpga: altera-cvp: Increase credit timeout (stable-fixes).
- gpiolib: Revert "Do not WARN on gpiod_put() for optional GPIO" (stable-fixes).
- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).
- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).
- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).
- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).
- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).
- hwmon: (dell-smm) Increment the number of fans (stable-fixes).
- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).
- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).
- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).
- i2c: pxa: fix call balance of i2c->clk handling routines (stable-fixes).
- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).
- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).
- i3c: master: svc: Fix missing STOP for master request (stable-fixes).
- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).
- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).
- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).
- iio: filter: admv8818: fix band 4, state 15 (git-fixes).
- iio: filter: admv8818: fix integer overflow (git-fixes).
- iio: filter: admv8818: fix range calculation (git-fixes).
- iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes).
- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).
- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).
- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).
- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).
- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).
- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
- Input: xpad - add more controllers (stable-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
- intel_th: avoid using deprecated page->mapping, index fields (stable-fixes).
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- ipv4: Fix incorrect source address in Record Route option (git-fixes).
- ipv4: fix source address selection with route leak (git-fixes).
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes). Both spellings are actually used
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- ipv6: Align behavior across nexthops during path selection (git-fixes).
- ipv6: Do not consider link down nexthops in path selection (git-fixes).
- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).
- ipv6: Start path selection from the first nexthop (git-fixes).
- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).
- jffs2: check that raw node were preallocated before writing summary (git-fixes).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).
- kernel-obs-qa: Use srchash for dependency as well
- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
- KVM: arm64: Mark some header functions as inline (git-fixes).
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).
- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).
- KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
- KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: aio inherit the ioprio of original request (git-fixes).
- loop: do not require ->write_iter for writable files in loop_configure (git-fixes).
- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).
- md: add a new callback pers->bitmap_sector() (git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md: preserve KABI in struct md_personality v2 (git-fixes).
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
- md/raid1,raid10: do not ignore IO flags (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).
- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).
- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).
- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).
- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).
- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).
- media: cx231xx: set device_caps for 417 (stable-fixes).
- media: cxusb: no longer judge rbuf when the write fails (git-fixes).
- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).
- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).
- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).
- media: imx-jpeg: Cleanup after an allocation error (git-fixes).
- media: imx-jpeg: Drop the first error frames (git-fixes).
- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).
- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).
- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).
- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).
- media: ov5675: suppress probe deferral errors (git-fixes).
- media: ov8856: suppress probe deferral errors (git-fixes).
- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).
- media: rkvdec: Fix frame size enumeration (git-fixes).
- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).
- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).
- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).
- media: uvcvideo: Fix deferred probing error (git-fixes).
- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).
- media: uvcvideo: Return the number of processed controls (git-fixes).
- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).
- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).
- media: venus: Fix probe error handling (git-fixes).
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).
- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).
- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).
- media: vivid: Change the siize of the composing (git-fixes).
- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).
- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).
- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).
- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).
- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).
- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).
- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).
- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).
- neighbour: delete redundant judgment statements (git-fixes).
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- net: do not dump stack on queue timeout (git-fixes).
- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
- net: Handle napi_schedule() calls from non-interrupt (git-fixes).
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).
- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
- net: phy: clear phydev->devlink when the link is deleted (git-fixes).
- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).
- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).
- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).
- netpoll: Ensure clean state on setup failures (git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).
- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).
- net: usb: aqc111: debug info before sanitation (git-fixes).
- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).
- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).
- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (git-fixes).
- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).
- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).
- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
- nvme: multipath: fix return value of nvme_available_path (git-fixes).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).
- nvme: unblock ctrl state transition for firmware update (git-fixes).
- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
- padata: do not leak refcount in reorder_work (git-fixes).
- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).
- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).
- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).
- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: cadence: Fix runtime atomic count underflow (git-fixes).
- PCI/DPC: Initialize aer_err_info before using it (git-fixes).
- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).
- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).
- PCI: Explicitly put devices into D0 when initializing (git-fixes).
- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).
- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).
- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).
- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).
- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).
- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (git-fixes).
- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).
- pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned" (stable-fixes).
- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).
- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).
- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).
- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).
- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).
- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).
- PM: sleep: Print PM debug messages during hibernation (git-fixes).
- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- power: reset: at91-reset: Optimize at91_reset() (git-fixes).
- qibfs: fix _another_ leak (git-fixes)
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- rcu: Introduce rcu_cpu_online() (git-fixes)
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem (git-fixes)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- RDMA/rxe: Fix "trying to register non-static key in rxe_qp_do_cleanup" bug (git-fixes)
- Refresh fixes for cBPF issue (bsc#1242778)
- regulator: ad5398: Add device tree support (stable-fixes).
- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).
- regulator: max20086: Change enable gpio to optional (git-fixes).
- regulator: max20086: fix invalid memory access (git-fixes).
- regulator: max20086: Fix MAX200086 chip id (git-fixes).
- Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first" (stable-fixes).
- Revert "drm/amdgpu: do not allow userspace to create a doorbell BO" (stable-fixes).
- Revert "drm/amd: Keep display off while going into S4" (git-fixes).
- Revert "drm/amd: Stop evicting resources on APUs in suspend" (stable-fixes).
- Revert "rndis_host: Flag RNDIS modems as WWAN devices" (git-fixes).
- Revert "wifi: mt76: mt7996: fill txd by host driver" (stable-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rtc: at91rm9200: drop unused module alias (git-fixes).
- rtc: cpcap: drop unused module alias (git-fixes).
- rtc: da9063: drop unused module alias (git-fixes).
- rtc: ds1307: stop disabling alarms on probe (stable-fixes).
- rtc: Fix offset calculation for .start_secs < 0 (git-fixes).
- rtc: jz4740: drop unused module alias (git-fixes).
- rtc: pm8xxx: drop unused module alias (git-fixes).
- rtc: rv3032: fix EERD location (stable-fixes).
- rtc: s3c: drop unused module alias (git-fixes).
- rtc: sh: assign correct interrupts with DT (git-fixes).
- rtc: stm32: drop unused module alias (git-fixes).
- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).
- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).
- s390/pci: introduce lock to synchronize state of zpci_dev's (jsc#PED-10253 bsc#1244145).
- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).
- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).
- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).
- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).
- s390/pci: Serialize device addition and removal (bsc#1244145).
- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: Improve CDL control (git-fixes).
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).
- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).
- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).
- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).
- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).
- serial: sh-sci: Save and restore more registers (git-fixes).
- serial: sh-sci: Update the suspend/resume support (stable-fixes).
- smb3: fix Open files on server counter going negative (git-fixes).
- smb: client: allow more DFS referrals to be cached (git-fixes).
- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).
- smb: client: do not retry DFS targets on server shutdown (git-fixes).
- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).
- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).
- smb: client: fix DFS interlink failover (git-fixes).
- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- smb: client: fix return value of parse_dfs_referrals() (git-fixes).
- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).
- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).
- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).
- smb: client: improve purging of cached referrals (git-fixes).
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- smb: client: optimize referral walk on failed link targets (git-fixes).
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
- smb: client: parse DNS domain name from domain= option (git-fixes).
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- smb: client: refresh referral without acquiring refpath_lock (git-fixes).
- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).
- smb: client: Use str_yes_no() helper function (git-fixes).
- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).
- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).
- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).
- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).
- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).
- spi: bcm63xx-hsspi: fix shared reset (git-fixes).
- spi: bcm63xx-spi: fix shared reset (git-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- spi-rockchip: Fix register out of bounds access (stable-fixes).
- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
- spi: spi-sun4i: fix early activation (stable-fixes).
- spi: tegra114: Use value to check for invalid delays (git-fixes).
- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).
- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).
- spi: tegra210-quad: remove redundant error handling code (git-fixes).
- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).
- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).
- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).
- thunderbolt: Fix a logic error in wake on connect (git-fixes).
- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).
- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).
- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).
- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).
- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).
- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).
- usb: usbtmc: Fix timeout value in get_stb (git-fixes).
- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).
- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).
- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).
- virtio_console: fix missing byte order handling for cols and rows (git-fixes).
- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).
- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).
- watchdog: exar: Shorten identity name to fit correctly (git-fixes).
- wifi: ath11k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath11k: fix ring-buffer corruption (git-fixes).
- wifi: ath11k: fix rx completion meta data corruption (git-fixes).
- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).
- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).
- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).
- wifi: ath12k: fix cleanup path after mhi init (git-fixes).
- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).
- wifi: ath12k: fix invalid access to memory (git-fixes).
- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).
- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).
- wifi: ath12k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath12k: fix ring-buffer corruption (git-fixes).
- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).
- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).
- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).
- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).
- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).
- wifi: ath9k: return by of_get_mac_address (stable-fixes).
- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).
- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).
- wifi: iwlwifi: fix debug actions order (stable-fixes).
- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).
- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).
- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).
- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).
- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).
- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).
- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).
- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).
- wifi: mt76: mt7996: revise TXS size (stable-fixes).
- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).
- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).
- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).
- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).
- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).
- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).
- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (git-fixes).
- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).
- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).
- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).
- wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet (stable-fixes).
- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).
- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).
- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).
- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).
- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).
- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- xenfs/xensyms: respect hypervisor's "next" indication (git-fixes).
- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
- xhci: split free interrupter into separate remove and free parts (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- xsk: Do not assume metadata is always requested in TX completion (git-fixes).
Patchnames
SUSE-SLE-Micro-6.1-kernel-40
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).\n- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).\n- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).\n- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).\n- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).\n- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1237312).\n- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).\n- CVE-2025-21814: ptp: Ensure info-\u003eenable callback is always set (bsc#1238473).\n- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).\n- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).\n- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).\n- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).\n- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).\n- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).\n- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).\n- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).\n- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).\n- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).\n- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).\n- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).\n- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).\n- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).\n- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).\n- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).\n- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).\n- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).\n- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).\n- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).\n- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).\n- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).\n- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).\n- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).\n- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).\n- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).\n- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).\n- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).\n- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).\n- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).\n- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).\n- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).\n- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).\n- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).\n- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).\n- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).\n- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).\n- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).\n- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).\n- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).\n- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).\n- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).\n- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).\n- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).\n- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).\n- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).\n\nThe following non-security bugs were fixed:\n\n- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).\n- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).\n- ACPICA: Utilities: Fix spelling mistake \"Incremement\" -\u003e \"Increment\" (git-fixes).\n- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).\n- ACPI: HED: Always initialize before evged (stable-fixes).\n- ACPI: OSI: Stop advertising support for \"3.0 _SCP Extensions\" (git-fixes).\n- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).\n- ACPI: PPTT: Fix processor subtable walk (git-fixes).\n- add bug reference for an existing hv_netvsc change (bsc#1243737).\n- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).\n- afs: Make it possible to find the volumes that are using a server (git-fixes).\n- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).\n- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).\n- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).\n- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).\n- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).\n- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).\n- ALSA: seq: Improve data consistency at polling (stable-fixes).\n- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).\n- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).\n- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)\n- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)\n- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)\n- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)\n- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)\n- arm64: insn: Add support for encoding DSB (git-fixes)\n- arm64: proton-pack: Add new CPUs \u0027k\u0027 values for branch mitigation (git-fixes)\n- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)\n- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)\n- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).\n- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).\n- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).\n- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).\n- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).\n- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).\n- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).\n- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).\n- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).\n- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).\n- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).\n- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).\n- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).\n- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).\n- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).\n- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).\n- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).\n- ASoC: SOF: ipc4-pcm: Adjust pipeline_list-\u003epipelines allocation type (git-fixes).\n- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).\n- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).\n- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).\n- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).\n- ASoC: tas2764: Enable main IRQs (git-fixes).\n- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).\n- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).\n- ASoC: tas2764: Reinit cache on part reset (git-fixes).\n- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).\n- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).\n- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).\n- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).\n- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).\n- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).\n- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).\n- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).\n- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).\n- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).\n- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).\n- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).\n- bpf: Scrub packet on bpf_redirect_peer (git-fixes).\n- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).\n- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).\n- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).\n- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).\n- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).\n- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).\n- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).\n- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).\n- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).\n- bus: fsl-mc: fix double-free on mc_dev (git-fixes).\n- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).\n- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).\n- can: bcm: add locking for bcm_op runtime updates (git-fixes).\n- can: bcm: add missing rcu read protection for procfs content (git-fixes).\n- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).\n- can: slcan: allow reception of short error messages (git-fixes).\n- check-for-config-changes: Fix flag name typo\n- cifs: change tcon status when need_reconnect is set on it (git-fixes).\n- cifs: reduce warning log level for server not advertising interfaces (git-fixes).\n- crypto: algif_hash - fix double free in hash_accept (git-fixes).\n- crypto: lrw - Only add ecb if it is not already there (git-fixes).\n- crypto: lzo - Fix compression buffer overrun (stable-fixes).\n- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).\n- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).\n- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).\n- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).\n- crypto: qat - add shutdown handler to qat_420xx (git-fixes).\n- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).\n- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).\n- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).\n- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).\n- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).\n- crypto: xts - Only add ecb if it is not already there (git-fixes).\n- devlink: fix port new reply cmd type (git-fixes).\n- dlm: mask sk_shutdown value (bsc#1228854).\n- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).\n- dma-buf: insert memory barrier before updating num_fences (git-fixes).\n- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).\n- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).\n- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).\n- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).\n- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).\n- dmaengine: idxd: Fix -\u003epoll() return value (git-fixes).\n- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).\n- dmaengine: mediatek: drop unused variable (git-fixes).\n- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).\n- dmaengine: Revert \"dmaengine: dmatest: Fix dmatest waiting less when interrupted\" (git-fixes).\n- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).\n- dmaengine: ti: k3-udma: Add missing locking (git-fixes).\n- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).\n- dm-integrity: fix a warning on invalid table line (git-fixes).\n- Documentation: fix typo in root= kernel parameter description (git-fixes).\n- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).\n- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).\n- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).\n- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).\n- drm: Add valid clones check (stable-fixes).\n- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).\n- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).\n- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).\n- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).\n- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).\n- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).\n- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).\n- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).\n- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).\n- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).\n- drm/amd/display: Increase block_sequence array size (stable-fixes).\n- drm/amd/display: Initial psr_version with correct setting (stable-fixes).\n- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).\n- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).\n- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).\n- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).\n- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).\n- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).\n- drm/amdgpu: fix pm notifier handling (git-fixes).\n- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).\n- drm/amdgpu: reset psp-\u003ecmd to NULL after releasing the buffer (stable-fixes).\n- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).\n- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).\n- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).\n- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).\n- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).\n- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).\n- drm/ast: Find VBIOS mode from regular display size (stable-fixes).\n- drm/ast: Fix comment on modeset lock (git-fixes).\n- drm/atomic: clarify the rules around drm_atomic_state-\u003eallow_modeset (stable-fixes).\n- drm: bridge: adv7511: fill stream capabilities (stable-fixes).\n- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).\n- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).\n- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).\n- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).\n- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).\n- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).\n- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).\n- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).\n- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).\n- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).\n- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).\n- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).\n- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).\n- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).\n- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).\n- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).\n- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).\n- drm/tegra: Assign plane type before registration (git-fixes).\n- drm/tegra: Fix a possible null pointer dereference (git-fixes).\n- drm/tegra: rgb: Fix the unbound reference count (git-fixes).\n- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).\n- drm/v3d: Add clock handling (stable-fixes).\n- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).\n- drm/vc4: tests: Use return instead of assert (git-fixes).\n- drm/vkms: Adjust vkms_state-\u003eactive_planes allocation type (git-fixes).\n- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).\n- Drop AMDGPU patch that may cause regressions (bsc#1243782)\n- exfat: fix potential wrong error return from get_block (git-fixes).\n- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).\n- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).\n- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).\n- fbdev/efifb: Remove PM for parent device (bsc#1244261).\n- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).\n- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).\n- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).\n- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).\n- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).\n- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).\n- fpga: altera-cvp: Increase credit timeout (stable-fixes).\n- gpiolib: Revert \"Do not WARN on gpiod_put() for optional GPIO\" (stable-fixes).\n- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).\n- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).\n- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).\n- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).\n- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).\n- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).\n- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).\n- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).\n- hv_netvsc: Remove rmsg_pgcnt (git-fixes).\n- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).\n- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).\n- hwmon: (dell-smm) Increment the number of fans (stable-fixes).\n- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).\n- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).\n- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).\n- i2c: pxa: fix call balance of i2c-\u003eclk handling routines (stable-fixes).\n- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).\n- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).\n- i3c: master: svc: Fix missing STOP for master request (stable-fixes).\n- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).\n- IB/cm: use rwlock for MAD agent lock (git-fixes)\n- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).\n- idpf: fix offloads support for encapsulated packets (git-fixes).\n- idpf: fix potential memory leak on kcalloc() failure (git-fixes).\n- idpf: protect shutdown from reset (git-fixes).\n- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).\n- igc: fix lock order in igc_ptp_reset (git-fixes).\n- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).\n- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).\n- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).\n- iio: filter: admv8818: fix band 4, state 15 (git-fixes).\n- iio: filter: admv8818: fix integer overflow (git-fixes).\n- iio: filter: admv8818: fix range calculation (git-fixes).\n- iio: filter: admv8818: Support frequencies \u003e= 2^32 (git-fixes).\n- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).\n- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).\n- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).\n- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).\n- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).\n- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).\n- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).\n- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).\n- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).\n- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).\n- Input: xpad - add more controllers (stable-fixes).\n- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).\n- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).\n- intel_th: avoid using deprecated page-\u003emapping, index fields (stable-fixes).\n- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).\n- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).\n- ipv4: Fix incorrect source address in Record Route option (git-fixes).\n- ipv4: fix source address selection with route leak (git-fixes).\n- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).\n- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).\n- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes). Both spellings are actually used\n- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).\n- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).\n- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).\n- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).\n- ipv4/route: avoid unused-but-set-variable warning (git-fixes).\n- ipv6: Align behavior across nexthops during path selection (git-fixes).\n- ipv6: Do not consider link down nexthops in path selection (git-fixes).\n- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).\n- ipv6: Start path selection from the first nexthop (git-fixes).\n- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).\n- jffs2: check that raw node were preallocated before writing summary (git-fixes).\n- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).\n- jiffies: Define secs_to_jiffies() (bsc#1242993).\n- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).\n- kernel-obs-qa: Use srchash for dependency as well\n- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).\n- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).\n- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).\n- KVM: arm64: Mark some header functions as inline (git-fixes).\n- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).\n- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).\n- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).\n- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).\n- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).\n- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).\n- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).\n- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).\n- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).\n- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).\n- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).\n- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).\n- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).\n- KVM: SVM: Drop DEBUGCTL[5:2] from guest\u0027s effective value (git-fixes).\n- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).\n- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).\n- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).\n- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).\n- KVM: x86: Do not take kvm-\u003elock when iterating over vCPUs in suspend notifier (git-fixes).\n- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).\n- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn\u0027t supported by KVM (git-fixes).\n- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).\n- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).\n- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).\n- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).\n- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).\n- KVM: x86/xen: Use guest\u0027s copy of pvclock when starting timer (git-fixes).\n- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).\n- loop: Add sanity check for read/write_iter (git-fixes).\n- loop: aio inherit the ioprio of original request (git-fixes).\n- loop: do not require -\u003ewrite_iter for writable files in loop_configure (git-fixes).\n- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).\n- md: add a new callback pers-\u003ebitmap_sector() (git-fixes).\n- md: ensure resync is prioritized over recovery (git-fixes).\n- md: fix mddev uaf while iterating all_mddevs list (git-fixes).\n- md: preserve KABI in struct md_personality v2 (git-fixes).\n- md/raid10: fix missing discard IO accounting (git-fixes).\n- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).\n- md/raid1: Add check for missing source disk in process_checks() (git-fixes).\n- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).\n- md/raid1,raid10: do not ignore IO flags (git-fixes).\n- md/raid5: implement pers-\u003ebitmap_sector() (git-fixes).\n- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).\n- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).\n- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).\n- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).\n- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).\n- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).\n- media: cx231xx: set device_caps for 417 (stable-fixes).\n- media: cxusb: no longer judge rbuf when the write fails (git-fixes).\n- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).\n- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).\n- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).\n- media: imx-jpeg: Cleanup after an allocation error (git-fixes).\n- media: imx-jpeg: Drop the first error frames (git-fixes).\n- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).\n- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).\n- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).\n- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).\n- media: ov5675: suppress probe deferral errors (git-fixes).\n- media: ov8856: suppress probe deferral errors (git-fixes).\n- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).\n- media: rkvdec: Fix frame size enumeration (git-fixes).\n- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).\n- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).\n- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).\n- media: uvcvideo: Fix deferred probing error (git-fixes).\n- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).\n- media: uvcvideo: Return the number of processed controls (git-fixes).\n- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).\n- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).\n- media: venus: Fix probe error handling (git-fixes).\n- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).\n- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).\n- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).\n- media: vivid: Change the siize of the composing (git-fixes).\n- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).\n- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).\n- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).\n- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).\n- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).\n- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).\n- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).\n- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).\n- mtd: phram: Add the kernel lock down check (bsc#1232649).\n- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).\n- neighbour: delete redundant judgment statements (git-fixes).\n- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).\n- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).\n- netdev: fix repeated netlink messages in queue dump (git-fixes).\n- netdev-genl: avoid empty messages in queue dump (git-fixes).\n- net: do not dump stack on queue timeout (git-fixes).\n- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).\n- net: Handle napi_schedule() calls from non-interrupt (git-fixes).\n- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).\n- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).\n- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).\n- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).\n- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).\n- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).\n- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).\n- netlink: annotate data-races around sk-\u003esk_err (git-fixes).\n- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).\n- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).\n- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).\n- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).\n- net: phy: clear phydev-\u003edevlink when the link is deleted (git-fixes).\n- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).\n- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).\n- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).\n- netpoll: Ensure clean state on setup failures (git-fixes).\n- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).\n- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).\n- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).\n- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).\n- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).\n- net: usb: aqc111: debug info before sanitation (git-fixes).\n- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).\n- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).\n- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).\n- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).\n- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).\n- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn\u0027t up (git-fixes).\n- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).\n- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).\n- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).\n- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).\n- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).\n- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).\n- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).\n- nvme: Add \u0027partial_nid\u0027 quirk (bsc#1241148).\n- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).\n- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).\n- nvme: multipath: fix return value of nvme_available_path (git-fixes).\n- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).\n- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).\n- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).\n- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).\n- nvme: requeue namespace scan on missed AENs (git-fixes).\n- nvme: re-read ANA log page after ns scan completes (git-fixes).\n- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).\n- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).\n- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).\n- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).\n- nvmet-fcloop: add ref counting to lport (git-fixes).\n- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).\n- nvmet-fcloop: replace kref with refcount (git-fixes).\n- nvmet-fc: put ref when assoc-\u003edel_work is already scheduled (git-fixes).\n- nvmet-fc: take tgtport reference only once (git-fixes).\n- nvmet-fc: update tgtport ref per assoc (git-fixes).\n- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).\n- nvme: unblock ctrl state transition for firmware update (git-fixes).\n- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).\n- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).\n- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).\n- padata: do not leak refcount in reorder_work (git-fixes).\n- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).\n- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).\n- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).\n- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).\n- PCI: cadence: Fix runtime atomic count underflow (git-fixes).\n- PCI/DPC: Initialize aer_err_info before using it (git-fixes).\n- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).\n- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).\n- PCI: Explicitly put devices into D0 when initializing (git-fixes).\n- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).\n- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).\n- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).\n- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).\n- phy: Fix error handling in tegra_xusb_port_init (git-fixes).\n- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).\n- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).\n- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).\n- phy: tegra: xusb: remove a stray unlock (git-fixes).\n- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).\n- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).\n- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs \u003e 31 (git-fixes).\n- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).\n- pinctrl: bcm281xx: Use \"unsigned int\" instead of bare \"unsigned\" (stable-fixes).\n- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).\n- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).\n- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).\n- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).\n- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).\n- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).\n- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).\n- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).\n- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).\n- PM: sleep: Print PM debug messages during hibernation (git-fixes).\n- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).\n- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).\n- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).\n- power: reset: at91-reset: Optimize at91_reset() (git-fixes).\n- qibfs: fix _another_ leak (git-fixes)\n- rcu: Break rcu_node_0 --\u003e \u0026rq-\u003e__lock order (git-fixes)\n- rcu: Introduce rcu_cpu_online() (git-fixes)\n- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)\n- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)\n- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)\n- RDMA/core: Fix \"KASAN: slab-use-after-free Read in ib_register_device\" problem (git-fixes)\n- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)\n- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)\n- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)\n- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)\n- RDMA/rxe: Fix \"trying to register non-static key in rxe_qp_do_cleanup\" bug (git-fixes)\n- Refresh fixes for cBPF issue (bsc#1242778)\n- regulator: ad5398: Add device tree support (stable-fixes).\n- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).\n- regulator: max20086: Change enable gpio to optional (git-fixes).\n- regulator: max20086: fix invalid memory access (git-fixes).\n- regulator: max20086: Fix MAX200086 chip id (git-fixes).\n- Revert \"bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first\" (stable-fixes).\n- Revert \"drm/amdgpu: do not allow userspace to create a doorbell BO\" (stable-fixes).\n- Revert \"drm/amd: Keep display off while going into S4\" (git-fixes).\n- Revert \"drm/amd: Stop evicting resources on APUs in suspend\" (stable-fixes).\n- Revert \"rndis_host: Flag RNDIS modems as WWAN devices\" (git-fixes).\n- Revert \"wifi: mt76: mt7996: fill txd by host driver\" (stable-fixes).\n- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN\n- rtc: at91rm9200: drop unused module alias (git-fixes).\n- rtc: cpcap: drop unused module alias (git-fixes).\n- rtc: da9063: drop unused module alias (git-fixes).\n- rtc: ds1307: stop disabling alarms on probe (stable-fixes).\n- rtc: Fix offset calculation for .start_secs \u0026lt; 0 (git-fixes).\n- rtc: jz4740: drop unused module alias (git-fixes).\n- rtc: pm8xxx: drop unused module alias (git-fixes).\n- rtc: rv3032: fix EERD location (stable-fixes).\n- rtc: s3c: drop unused module alias (git-fixes).\n- rtc: sh: assign correct interrupts with DT (git-fixes).\n- rtc: stm32: drop unused module alias (git-fixes).\n- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).\n- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).\n- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).\n- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).\n- s390/pci: introduce lock to synchronize state of zpci_dev\u0027s (jsc#PED-10253 bsc#1244145).\n- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).\n- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).\n- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).\n- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).\n- s390/pci: Serialize device addition and removal (bsc#1244145).\n- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).\n- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).\n- scsi: Improve CDL control (git-fixes).\n- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).\n- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).\n- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).\n- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).\n- scsi: lpfc: Fix spelling mistake \u0027Toplogy\u0027 -\u003e \u0027Topology\u0027 (bsc#1242993).\n- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).\n- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).\n- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).\n- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).\n- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).\n- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).\n- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).\n- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).\n- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).\n- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).\n- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).\n- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).\n- selftests/mm: fix incorrect buffer-\u003emirror size in hmm2 double_map test (bsc#1242203).\n- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).\n- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).\n- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).\n- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).\n- serial: sh-sci: Save and restore more registers (git-fixes).\n- serial: sh-sci: Update the suspend/resume support (stable-fixes).\n- smb3: fix Open files on server counter going negative (git-fixes).\n- smb: client: allow more DFS referrals to be cached (git-fixes).\n- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).\n- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).\n- smb: client: do not retry DFS targets on server shutdown (git-fixes).\n- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).\n- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).\n- smb: client: fix DFS interlink failover (git-fixes).\n- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).\n- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).\n- smb: client: fix potential race in cifs_put_tcon() (git-fixes).\n- smb: client: fix return value of parse_dfs_referrals() (git-fixes).\n- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).\n- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).\n- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).\n- smb: client: improve purging of cached referrals (git-fixes).\n- smb: client: introduce av_for_each_entry() helper (git-fixes).\n- smb: client: optimize referral walk on failed link targets (git-fixes).\n- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).\n- smb: client: parse DNS domain name from domain= option (git-fixes).\n- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).\n- smb: client: refresh referral without acquiring refpath_lock (git-fixes).\n- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).\n- smb: client: Use str_yes_no() helper function (git-fixes).\n- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).\n- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).\n- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).\n- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).\n- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).\n- spi: bcm63xx-hsspi: fix shared reset (git-fixes).\n- spi: bcm63xx-spi: fix shared reset (git-fixes).\n- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).\n- spi-rockchip: Fix register out of bounds access (stable-fixes).\n- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).\n- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).\n- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).\n- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).\n- spi: spi-sun4i: fix early activation (stable-fixes).\n- spi: tegra114: Use value to check for invalid delays (git-fixes).\n- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).\n- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).\n- spi: tegra210-quad: remove redundant error handling code (git-fixes).\n- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).\n- Squashfs: check return result of sb_min_blocksize (git-fixes).\n- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).\n- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).\n- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).\n- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).\n- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).\n- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).\n- thunderbolt: Fix a logic error in wake on connect (git-fixes).\n- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).\n- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).\n- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).\n- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).\n- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).\n- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).\n- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).\n- usb: usbtmc: Fix timeout value in get_stb (git-fixes).\n- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).\n- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).\n- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).\n- virtio_console: fix missing byte order handling for cols and rows (git-fixes).\n- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).\n- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).\n- watchdog: exar: Shorten identity name to fit correctly (git-fixes).\n- wifi: ath11k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath11k: fix ring-buffer corruption (git-fixes).\n- wifi: ath11k: fix rx completion meta data corruption (git-fixes).\n- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).\n- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).\n- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).\n- wifi: ath12k: fix cleanup path after mhi init (git-fixes).\n- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).\n- wifi: ath12k: fix invalid access to memory (git-fixes).\n- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).\n- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).\n- wifi: ath12k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath12k: fix ring-buffer corruption (git-fixes).\n- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).\n- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).\n- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).\n- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).\n- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).\n- wifi: ath9k: return by of_get_mac_address (stable-fixes).\n- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).\n- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).\n- wifi: iwlwifi: fix debug actions order (stable-fixes).\n- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).\n- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).\n- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).\n- wifi: mt76: disable napi on driver removal (git-fixes).\n- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).\n- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).\n- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).\n- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).\n- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).\n- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).\n- wifi: mt76: mt7996: revise TXS size (stable-fixes).\n- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).\n- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).\n- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).\n- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).\n- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).\n- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).\n- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).\n- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: fix the \u0027para\u0027 buffer size to avoid reading out of bounds (git-fixes).\n- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).\n- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).\n- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).\n- wifi: rtw89: add wiphy_lock() to work that isn\u0027t held wiphy_lock() yet (stable-fixes).\n- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).\n- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).\n- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).\n- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).\n- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).\n- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).\n- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).\n- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).\n- x86/xen: move xen_reserve_extra_memory() (git-fixes).\n- xen: Change xen-acpi-processor dom0 dependency (git-fixes).\n- xenfs/xensyms: respect hypervisor\u0027s \"next\" indication (git-fixes).\n- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).\n- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).\n- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).\n- xhci: split free interrupter into separate remove and free parts (git-fixes).\n- xsk: Add truesize to skb_add_rx_frag() (git-fixes).\n- xsk: Do not assume metadata is always requested in TX completion (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-40",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20419-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20419-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520419-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20419-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040396.html"
},
{
"category": "self",
"summary": "SUSE Bug 1220112",
"url": "https://bugzilla.suse.com/1220112"
},
{
"category": "self",
"summary": "SUSE Bug 1223096",
"url": "https://bugzilla.suse.com/1223096"
},
{
"category": "self",
"summary": "SUSE Bug 1226498",
"url": "https://bugzilla.suse.com/1226498"
},
{
"category": "self",
"summary": "SUSE Bug 1228557",
"url": "https://bugzilla.suse.com/1228557"
},
{
"category": "self",
"summary": "SUSE Bug 1228854",
"url": "https://bugzilla.suse.com/1228854"
},
{
"category": "self",
"summary": "SUSE Bug 1229491",
"url": "https://bugzilla.suse.com/1229491"
},
{
"category": "self",
"summary": "SUSE Bug 1230581",
"url": "https://bugzilla.suse.com/1230581"
},
{
"category": "self",
"summary": "SUSE Bug 1231016",
"url": "https://bugzilla.suse.com/1231016"
},
{
"category": "self",
"summary": "SUSE Bug 1232649",
"url": "https://bugzilla.suse.com/1232649"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1233192",
"url": "https://bugzilla.suse.com/1233192"
},
{
"category": "self",
"summary": "SUSE Bug 1234154",
"url": "https://bugzilla.suse.com/1234154"
},
{
"category": "self",
"summary": "SUSE Bug 1235149",
"url": "https://bugzilla.suse.com/1235149"
},
{
"category": "self",
"summary": "SUSE Bug 1235968",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "self",
"summary": "SUSE Bug 1236142",
"url": "https://bugzilla.suse.com/1236142"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238473",
"url": "https://bugzilla.suse.com/1238473"
},
{
"category": "self",
"summary": "SUSE Bug 1238774",
"url": "https://bugzilla.suse.com/1238774"
},
{
"category": "self",
"summary": "SUSE Bug 1238992",
"url": "https://bugzilla.suse.com/1238992"
},
{
"category": "self",
"summary": "SUSE Bug 1239691",
"url": "https://bugzilla.suse.com/1239691"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1240593",
"url": "https://bugzilla.suse.com/1240593"
},
{
"category": "self",
"summary": "SUSE Bug 1240823",
"url": "https://bugzilla.suse.com/1240823"
},
{
"category": "self",
"summary": "SUSE Bug 1240866",
"url": "https://bugzilla.suse.com/1240866"
},
{
"category": "self",
"summary": "SUSE Bug 1240966",
"url": "https://bugzilla.suse.com/1240966"
},
{
"category": "self",
"summary": "SUSE Bug 1241148",
"url": "https://bugzilla.suse.com/1241148"
},
{
"category": "self",
"summary": "SUSE Bug 1241282",
"url": "https://bugzilla.suse.com/1241282"
},
{
"category": "self",
"summary": "SUSE Bug 1241305",
"url": "https://bugzilla.suse.com/1241305"
},
{
"category": "self",
"summary": "SUSE Bug 1241340",
"url": "https://bugzilla.suse.com/1241340"
},
{
"category": "self",
"summary": "SUSE Bug 1241351",
"url": "https://bugzilla.suse.com/1241351"
},
{
"category": "self",
"summary": "SUSE Bug 1241376",
"url": "https://bugzilla.suse.com/1241376"
},
{
"category": "self",
"summary": "SUSE Bug 1241448",
"url": "https://bugzilla.suse.com/1241448"
},
{
"category": "self",
"summary": "SUSE Bug 1241457",
"url": "https://bugzilla.suse.com/1241457"
},
{
"category": "self",
"summary": "SUSE Bug 1241492",
"url": "https://bugzilla.suse.com/1241492"
},
{
"category": "self",
"summary": "SUSE Bug 1241519",
"url": "https://bugzilla.suse.com/1241519"
},
{
"category": "self",
"summary": "SUSE Bug 1241525",
"url": "https://bugzilla.suse.com/1241525"
},
{
"category": "self",
"summary": "SUSE Bug 1241533",
"url": "https://bugzilla.suse.com/1241533"
},
{
"category": "self",
"summary": "SUSE Bug 1241538",
"url": "https://bugzilla.suse.com/1241538"
},
{
"category": "self",
"summary": "SUSE Bug 1241576",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "self",
"summary": "SUSE Bug 1241590",
"url": "https://bugzilla.suse.com/1241590"
},
{
"category": "self",
"summary": "SUSE Bug 1241595",
"url": "https://bugzilla.suse.com/1241595"
},
{
"category": "self",
"summary": "SUSE Bug 1241596",
"url": "https://bugzilla.suse.com/1241596"
},
{
"category": "self",
"summary": "SUSE Bug 1241597",
"url": "https://bugzilla.suse.com/1241597"
},
{
"category": "self",
"summary": "SUSE Bug 1241625",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "self",
"summary": "SUSE Bug 1241627",
"url": "https://bugzilla.suse.com/1241627"
},
{
"category": "self",
"summary": "SUSE Bug 1241635",
"url": "https://bugzilla.suse.com/1241635"
},
{
"category": "self",
"summary": "SUSE Bug 1241638",
"url": "https://bugzilla.suse.com/1241638"
},
{
"category": "self",
"summary": "SUSE Bug 1241644",
"url": "https://bugzilla.suse.com/1241644"
},
{
"category": "self",
"summary": "SUSE Bug 1241654",
"url": "https://bugzilla.suse.com/1241654"
},
{
"category": "self",
"summary": "SUSE Bug 1241657",
"url": "https://bugzilla.suse.com/1241657"
},
{
"category": "self",
"summary": "SUSE Bug 1242012",
"url": "https://bugzilla.suse.com/1242012"
},
{
"category": "self",
"summary": "SUSE Bug 1242035",
"url": "https://bugzilla.suse.com/1242035"
},
{
"category": "self",
"summary": "SUSE Bug 1242044",
"url": "https://bugzilla.suse.com/1242044"
},
{
"category": "self",
"summary": "SUSE Bug 1242163",
"url": "https://bugzilla.suse.com/1242163"
},
{
"category": "self",
"summary": "SUSE Bug 1242203",
"url": "https://bugzilla.suse.com/1242203"
},
{
"category": "self",
"summary": "SUSE Bug 1242343",
"url": "https://bugzilla.suse.com/1242343"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242417",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "self",
"summary": "SUSE Bug 1242501",
"url": "https://bugzilla.suse.com/1242501"
},
{
"category": "self",
"summary": "SUSE Bug 1242502",
"url": "https://bugzilla.suse.com/1242502"
},
{
"category": "self",
"summary": "SUSE Bug 1242506",
"url": "https://bugzilla.suse.com/1242506"
},
{
"category": "self",
"summary": "SUSE Bug 1242507",
"url": "https://bugzilla.suse.com/1242507"
},
{
"category": "self",
"summary": "SUSE Bug 1242509",
"url": "https://bugzilla.suse.com/1242509"
},
{
"category": "self",
"summary": "SUSE Bug 1242510",
"url": "https://bugzilla.suse.com/1242510"
},
{
"category": "self",
"summary": "SUSE Bug 1242512",
"url": "https://bugzilla.suse.com/1242512"
},
{
"category": "self",
"summary": "SUSE Bug 1242513",
"url": "https://bugzilla.suse.com/1242513"
},
{
"category": "self",
"summary": "SUSE Bug 1242514",
"url": "https://bugzilla.suse.com/1242514"
},
{
"category": "self",
"summary": "SUSE Bug 1242520",
"url": "https://bugzilla.suse.com/1242520"
},
{
"category": "self",
"summary": "SUSE Bug 1242523",
"url": "https://bugzilla.suse.com/1242523"
},
{
"category": "self",
"summary": "SUSE Bug 1242524",
"url": "https://bugzilla.suse.com/1242524"
},
{
"category": "self",
"summary": "SUSE Bug 1242529",
"url": "https://bugzilla.suse.com/1242529"
},
{
"category": "self",
"summary": "SUSE Bug 1242530",
"url": "https://bugzilla.suse.com/1242530"
},
{
"category": "self",
"summary": "SUSE Bug 1242531",
"url": "https://bugzilla.suse.com/1242531"
},
{
"category": "self",
"summary": "SUSE Bug 1242532",
"url": "https://bugzilla.suse.com/1242532"
},
{
"category": "self",
"summary": "SUSE Bug 1242559",
"url": "https://bugzilla.suse.com/1242559"
},
{
"category": "self",
"summary": "SUSE Bug 1242563",
"url": "https://bugzilla.suse.com/1242563"
},
{
"category": "self",
"summary": "SUSE Bug 1242564",
"url": "https://bugzilla.suse.com/1242564"
},
{
"category": "self",
"summary": "SUSE Bug 1242565",
"url": "https://bugzilla.suse.com/1242565"
},
{
"category": "self",
"summary": "SUSE Bug 1242566",
"url": "https://bugzilla.suse.com/1242566"
},
{
"category": "self",
"summary": "SUSE Bug 1242567",
"url": "https://bugzilla.suse.com/1242567"
},
{
"category": "self",
"summary": "SUSE Bug 1242568",
"url": "https://bugzilla.suse.com/1242568"
},
{
"category": "self",
"summary": "SUSE Bug 1242569",
"url": "https://bugzilla.suse.com/1242569"
},
{
"category": "self",
"summary": "SUSE Bug 1242574",
"url": "https://bugzilla.suse.com/1242574"
},
{
"category": "self",
"summary": "SUSE Bug 1242575",
"url": "https://bugzilla.suse.com/1242575"
},
{
"category": "self",
"summary": "SUSE Bug 1242578",
"url": "https://bugzilla.suse.com/1242578"
},
{
"category": "self",
"summary": "SUSE Bug 1242584",
"url": "https://bugzilla.suse.com/1242584"
},
{
"category": "self",
"summary": "SUSE Bug 1242585",
"url": "https://bugzilla.suse.com/1242585"
},
{
"category": "self",
"summary": "SUSE Bug 1242587",
"url": "https://bugzilla.suse.com/1242587"
},
{
"category": "self",
"summary": "SUSE Bug 1242591",
"url": "https://bugzilla.suse.com/1242591"
},
{
"category": "self",
"summary": "SUSE Bug 1242709",
"url": "https://bugzilla.suse.com/1242709"
},
{
"category": "self",
"summary": "SUSE Bug 1242727",
"url": "https://bugzilla.suse.com/1242727"
},
{
"category": "self",
"summary": "SUSE Bug 1242758",
"url": "https://bugzilla.suse.com/1242758"
},
{
"category": "self",
"summary": "SUSE Bug 1242760",
"url": "https://bugzilla.suse.com/1242760"
},
{
"category": "self",
"summary": "SUSE Bug 1242761",
"url": "https://bugzilla.suse.com/1242761"
},
{
"category": "self",
"summary": "SUSE Bug 1242762",
"url": "https://bugzilla.suse.com/1242762"
},
{
"category": "self",
"summary": "SUSE Bug 1242763",
"url": "https://bugzilla.suse.com/1242763"
},
{
"category": "self",
"summary": "SUSE Bug 1242764",
"url": "https://bugzilla.suse.com/1242764"
},
{
"category": "self",
"summary": "SUSE Bug 1242766",
"url": "https://bugzilla.suse.com/1242766"
},
{
"category": "self",
"summary": "SUSE Bug 1242770",
"url": "https://bugzilla.suse.com/1242770"
},
{
"category": "self",
"summary": "SUSE Bug 1242778",
"url": "https://bugzilla.suse.com/1242778"
},
{
"category": "self",
"summary": "SUSE Bug 1242781",
"url": "https://bugzilla.suse.com/1242781"
},
{
"category": "self",
"summary": "SUSE Bug 1242782",
"url": "https://bugzilla.suse.com/1242782"
},
{
"category": "self",
"summary": "SUSE Bug 1242785",
"url": "https://bugzilla.suse.com/1242785"
},
{
"category": "self",
"summary": "SUSE Bug 1242786",
"url": "https://bugzilla.suse.com/1242786"
},
{
"category": "self",
"summary": "SUSE Bug 1242792",
"url": "https://bugzilla.suse.com/1242792"
},
{
"category": "self",
"summary": "SUSE Bug 1242849",
"url": "https://bugzilla.suse.com/1242849"
},
{
"category": "self",
"summary": "SUSE Bug 1242852",
"url": "https://bugzilla.suse.com/1242852"
},
{
"category": "self",
"summary": "SUSE Bug 1242854",
"url": "https://bugzilla.suse.com/1242854"
},
{
"category": "self",
"summary": "SUSE Bug 1242856",
"url": "https://bugzilla.suse.com/1242856"
},
{
"category": "self",
"summary": "SUSE Bug 1242859",
"url": "https://bugzilla.suse.com/1242859"
},
{
"category": "self",
"summary": "SUSE Bug 1242860",
"url": "https://bugzilla.suse.com/1242860"
},
{
"category": "self",
"summary": "SUSE Bug 1242861",
"url": "https://bugzilla.suse.com/1242861"
},
{
"category": "self",
"summary": "SUSE Bug 1242866",
"url": "https://bugzilla.suse.com/1242866"
},
{
"category": "self",
"summary": "SUSE Bug 1242867",
"url": "https://bugzilla.suse.com/1242867"
},
{
"category": "self",
"summary": "SUSE Bug 1242868",
"url": "https://bugzilla.suse.com/1242868"
},
{
"category": "self",
"summary": "SUSE Bug 1242871",
"url": "https://bugzilla.suse.com/1242871"
},
{
"category": "self",
"summary": "SUSE Bug 1242873",
"url": "https://bugzilla.suse.com/1242873"
},
{
"category": "self",
"summary": "SUSE Bug 1242875",
"url": "https://bugzilla.suse.com/1242875"
},
{
"category": "self",
"summary": "SUSE Bug 1242906",
"url": "https://bugzilla.suse.com/1242906"
},
{
"category": "self",
"summary": "SUSE Bug 1242908",
"url": "https://bugzilla.suse.com/1242908"
},
{
"category": "self",
"summary": "SUSE Bug 1242924",
"url": "https://bugzilla.suse.com/1242924"
},
{
"category": "self",
"summary": "SUSE Bug 1242930",
"url": "https://bugzilla.suse.com/1242930"
},
{
"category": "self",
"summary": "SUSE Bug 1242944",
"url": "https://bugzilla.suse.com/1242944"
},
{
"category": "self",
"summary": "SUSE Bug 1242945",
"url": "https://bugzilla.suse.com/1242945"
},
{
"category": "self",
"summary": "SUSE Bug 1242948",
"url": "https://bugzilla.suse.com/1242948"
},
{
"category": "self",
"summary": "SUSE Bug 1242949",
"url": "https://bugzilla.suse.com/1242949"
},
{
"category": "self",
"summary": "SUSE Bug 1242951",
"url": "https://bugzilla.suse.com/1242951"
},
{
"category": "self",
"summary": "SUSE Bug 1242953",
"url": "https://bugzilla.suse.com/1242953"
},
{
"category": "self",
"summary": "SUSE Bug 1242955",
"url": "https://bugzilla.suse.com/1242955"
},
{
"category": "self",
"summary": "SUSE Bug 1242957",
"url": "https://bugzilla.suse.com/1242957"
},
{
"category": "self",
"summary": "SUSE Bug 1242959",
"url": "https://bugzilla.suse.com/1242959"
},
{
"category": "self",
"summary": "SUSE Bug 1242961",
"url": "https://bugzilla.suse.com/1242961"
},
{
"category": "self",
"summary": "SUSE Bug 1242962",
"url": "https://bugzilla.suse.com/1242962"
},
{
"category": "self",
"summary": "SUSE Bug 1242973",
"url": "https://bugzilla.suse.com/1242973"
},
{
"category": "self",
"summary": "SUSE Bug 1242974",
"url": "https://bugzilla.suse.com/1242974"
},
{
"category": "self",
"summary": "SUSE Bug 1242977",
"url": "https://bugzilla.suse.com/1242977"
},
{
"category": "self",
"summary": "SUSE Bug 1242990",
"url": "https://bugzilla.suse.com/1242990"
},
{
"category": "self",
"summary": "SUSE Bug 1242993",
"url": "https://bugzilla.suse.com/1242993"
},
{
"category": "self",
"summary": "SUSE Bug 1243000",
"url": "https://bugzilla.suse.com/1243000"
},
{
"category": "self",
"summary": "SUSE Bug 1243006",
"url": "https://bugzilla.suse.com/1243006"
},
{
"category": "self",
"summary": "SUSE Bug 1243011",
"url": "https://bugzilla.suse.com/1243011"
},
{
"category": "self",
"summary": "SUSE Bug 1243015",
"url": "https://bugzilla.suse.com/1243015"
},
{
"category": "self",
"summary": "SUSE Bug 1243044",
"url": "https://bugzilla.suse.com/1243044"
},
{
"category": "self",
"summary": "SUSE Bug 1243049",
"url": "https://bugzilla.suse.com/1243049"
},
{
"category": "self",
"summary": "SUSE Bug 1243056",
"url": "https://bugzilla.suse.com/1243056"
},
{
"category": "self",
"summary": "SUSE Bug 1243074",
"url": "https://bugzilla.suse.com/1243074"
},
{
"category": "self",
"summary": "SUSE Bug 1243076",
"url": "https://bugzilla.suse.com/1243076"
},
{
"category": "self",
"summary": "SUSE Bug 1243077",
"url": "https://bugzilla.suse.com/1243077"
},
{
"category": "self",
"summary": "SUSE Bug 1243082",
"url": "https://bugzilla.suse.com/1243082"
},
{
"category": "self",
"summary": "SUSE Bug 1243090",
"url": "https://bugzilla.suse.com/1243090"
},
{
"category": "self",
"summary": "SUSE Bug 1243330",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243456",
"url": "https://bugzilla.suse.com/1243456"
},
{
"category": "self",
"summary": "SUSE Bug 1243469",
"url": "https://bugzilla.suse.com/1243469"
},
{
"category": "self",
"summary": "SUSE Bug 1243470",
"url": "https://bugzilla.suse.com/1243470"
},
{
"category": "self",
"summary": "SUSE Bug 1243471",
"url": "https://bugzilla.suse.com/1243471"
},
{
"category": "self",
"summary": "SUSE Bug 1243472",
"url": "https://bugzilla.suse.com/1243472"
},
{
"category": "self",
"summary": "SUSE Bug 1243473",
"url": "https://bugzilla.suse.com/1243473"
},
{
"category": "self",
"summary": "SUSE Bug 1243476",
"url": "https://bugzilla.suse.com/1243476"
},
{
"category": "self",
"summary": "SUSE Bug 1243509",
"url": "https://bugzilla.suse.com/1243509"
},
{
"category": "self",
"summary": "SUSE Bug 1243511",
"url": "https://bugzilla.suse.com/1243511"
},
{
"category": "self",
"summary": "SUSE Bug 1243513",
"url": "https://bugzilla.suse.com/1243513"
},
{
"category": "self",
"summary": "SUSE Bug 1243515",
"url": "https://bugzilla.suse.com/1243515"
},
{
"category": "self",
"summary": "SUSE Bug 1243516",
"url": "https://bugzilla.suse.com/1243516"
},
{
"category": "self",
"summary": "SUSE Bug 1243517",
"url": "https://bugzilla.suse.com/1243517"
},
{
"category": "self",
"summary": "SUSE Bug 1243519",
"url": "https://bugzilla.suse.com/1243519"
},
{
"category": "self",
"summary": "SUSE Bug 1243522",
"url": "https://bugzilla.suse.com/1243522"
},
{
"category": "self",
"summary": "SUSE Bug 1243524",
"url": "https://bugzilla.suse.com/1243524"
},
{
"category": "self",
"summary": "SUSE Bug 1243528",
"url": "https://bugzilla.suse.com/1243528"
},
{
"category": "self",
"summary": "SUSE Bug 1243529",
"url": "https://bugzilla.suse.com/1243529"
},
{
"category": "self",
"summary": "SUSE Bug 1243530",
"url": "https://bugzilla.suse.com/1243530"
},
{
"category": "self",
"summary": "SUSE Bug 1243534",
"url": "https://bugzilla.suse.com/1243534"
},
{
"category": "self",
"summary": "SUSE Bug 1243536",
"url": "https://bugzilla.suse.com/1243536"
},
{
"category": "self",
"summary": "SUSE Bug 1243539",
"url": "https://bugzilla.suse.com/1243539"
},
{
"category": "self",
"summary": "SUSE Bug 1243540",
"url": "https://bugzilla.suse.com/1243540"
},
{
"category": "self",
"summary": "SUSE Bug 1243541",
"url": "https://bugzilla.suse.com/1243541"
},
{
"category": "self",
"summary": "SUSE Bug 1243543",
"url": "https://bugzilla.suse.com/1243543"
},
{
"category": "self",
"summary": "SUSE Bug 1243545",
"url": "https://bugzilla.suse.com/1243545"
},
{
"category": "self",
"summary": "SUSE Bug 1243547",
"url": "https://bugzilla.suse.com/1243547"
},
{
"category": "self",
"summary": "SUSE Bug 1243559",
"url": "https://bugzilla.suse.com/1243559"
},
{
"category": "self",
"summary": "SUSE Bug 1243560",
"url": "https://bugzilla.suse.com/1243560"
},
{
"category": "self",
"summary": "SUSE Bug 1243562",
"url": "https://bugzilla.suse.com/1243562"
},
{
"category": "self",
"summary": "SUSE Bug 1243567",
"url": "https://bugzilla.suse.com/1243567"
},
{
"category": "self",
"summary": "SUSE Bug 1243573",
"url": "https://bugzilla.suse.com/1243573"
},
{
"category": "self",
"summary": "SUSE Bug 1243574",
"url": "https://bugzilla.suse.com/1243574"
},
{
"category": "self",
"summary": "SUSE Bug 1243575",
"url": "https://bugzilla.suse.com/1243575"
},
{
"category": "self",
"summary": "SUSE Bug 1243589",
"url": "https://bugzilla.suse.com/1243589"
},
{
"category": "self",
"summary": "SUSE Bug 1243621",
"url": "https://bugzilla.suse.com/1243621"
},
{
"category": "self",
"summary": "SUSE Bug 1243624",
"url": "https://bugzilla.suse.com/1243624"
},
{
"category": "self",
"summary": "SUSE Bug 1243625",
"url": "https://bugzilla.suse.com/1243625"
},
{
"category": "self",
"summary": "SUSE Bug 1243626",
"url": "https://bugzilla.suse.com/1243626"
},
{
"category": "self",
"summary": "SUSE Bug 1243627",
"url": "https://bugzilla.suse.com/1243627"
},
{
"category": "self",
"summary": "SUSE Bug 1243649",
"url": "https://bugzilla.suse.com/1243649"
},
{
"category": "self",
"summary": "SUSE Bug 1243657",
"url": "https://bugzilla.suse.com/1243657"
},
{
"category": "self",
"summary": "SUSE Bug 1243658",
"url": "https://bugzilla.suse.com/1243658"
},
{
"category": "self",
"summary": "SUSE Bug 1243659",
"url": "https://bugzilla.suse.com/1243659"
},
{
"category": "self",
"summary": "SUSE Bug 1243660",
"url": "https://bugzilla.suse.com/1243660"
},
{
"category": "self",
"summary": "SUSE Bug 1243664",
"url": "https://bugzilla.suse.com/1243664"
},
{
"category": "self",
"summary": "SUSE Bug 1243737",
"url": "https://bugzilla.suse.com/1243737"
},
{
"category": "self",
"summary": "SUSE Bug 1243782",
"url": "https://bugzilla.suse.com/1243782"
},
{
"category": "self",
"summary": "SUSE Bug 1243805",
"url": "https://bugzilla.suse.com/1243805"
},
{
"category": "self",
"summary": "SUSE Bug 1243963",
"url": "https://bugzilla.suse.com/1243963"
},
{
"category": "self",
"summary": "SUSE Bug 1244145",
"url": "https://bugzilla.suse.com/1244145"
},
{
"category": "self",
"summary": "SUSE Bug 1244261",
"url": "https://bugzilla.suse.com/1244261"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52888 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53146 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46713 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50223 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53135 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54458 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58098 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58100 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21629 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21648 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21919 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22030 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22056 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22063 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22070 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22089 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22095 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22124 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22126 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23147 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23148 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23150 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23151 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23157 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23158 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23159 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23161 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37740 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37748 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37769 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37771 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37788 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37789 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37800 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37803 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37805 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37809 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37841 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37849 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37851 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37867 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37879 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37897 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37900 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37901 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37903 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37929 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37944 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37949 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37954 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37958 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37974 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37980 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37982 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37983 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37986 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37989 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37990 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38152 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38240 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40325 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40325/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-06-15T13:06:50Z",
"generator": {
"date": "2025-06-15T13:06:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20419-1",
"initial_release_date": "2025-06-15T13:06:50Z",
"revision_history": [
{
"date": "2025-06-15T13:06:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-30.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-30.1.aarch64",
"product_id": "kernel-default-6.4.0-30.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-30.1.21.8.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-30.1.21.8.aarch64",
"product_id": "kernel-default-base-6.4.0-30.1.21.8.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-30.1.aarch64",
"product": {
"name": "kernel-default-devel-6.4.0-30.1.aarch64",
"product_id": "kernel-default-devel-6.4.0-30.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-30.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-30.1.noarch",
"product_id": "kernel-devel-6.4.0-30.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-30.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-30.1.noarch",
"product_id": "kernel-macros-6.4.0-30.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-30.1.noarch",
"product": {
"name": "kernel-source-6.4.0-30.1.noarch",
"product_id": "kernel-source-6.4.0-30.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-30.1.s390x",
"product": {
"name": "kernel-default-6.4.0-30.1.s390x",
"product_id": "kernel-default-6.4.0-30.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-30.1.s390x",
"product": {
"name": "kernel-default-devel-6.4.0-30.1.s390x",
"product_id": "kernel-default-devel-6.4.0-30.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-30.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-30.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-30.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-30.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-30.1.x86_64",
"product_id": "kernel-default-6.4.0-30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-30.1.21.8.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-30.1.21.8.x86_64",
"product_id": "kernel-default-base-6.4.0-30.1.21.8.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-30.1.x86_64",
"product": {
"name": "kernel-default-devel-6.4.0-30.1.x86_64",
"product_id": "kernel-default-devel-6.4.0-30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-30.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-30.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-30.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-30.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-30.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-30.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-30.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x"
},
"product_reference": "kernel-default-6.4.0-30.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-30.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-30.1.21.8.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-30.1.21.8.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-30.1.21.8.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-30.1.21.8.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-30.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-30.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-30.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-30.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-30.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-30.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-30.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-30.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-30.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-30.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64"
},
"product_reference": "kernel-kvmsmall-6.4.0-30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-30.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-30.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-30.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
},
"product_reference": "kernel-source-6.4.0-30.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Only free buffer VA that is not NULL\n\nIn the MediaTek vcodec driver, while mtk_vcodec_mem_free() is mostly\ncalled only when the buffer to free exists, there are some instances\nthat didn\u0027t do the check and triggered warnings in practice.\n\nWe believe those checks were forgotten unintentionally. Add the checks\nback to fix the warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52888",
"url": "https://www.suse.com/security/cve/CVE-2023-52888"
},
{
"category": "external",
"summary": "SUSE Bug 1228557 for CVE-2023-52888",
"url": "https://bugzilla.suse.com/1228557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2023-52888"
},
{
"cve": "CVE-2023-53146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()\n\nIn dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach dw2102_i2c_transfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 950e252cb469\n(\"[media] dw2102: limit messages to buffer size\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53146",
"url": "https://www.suse.com/security/cve/CVE-2023-53146"
},
{
"category": "external",
"summary": "SUSE Bug 1220112 for CVE-2023-53146",
"url": "https://bugzilla.suse.com/1220112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2023-53146"
},
{
"cve": "CVE-2024-43869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix event leak upon exec and file release\n\nThe perf pending task work is never waited upon the matching event\nrelease. In the case of a child event, released via free_event()\ndirectly, this can potentially result in a leaked event, such as in the\nfollowing scenario that doesn\u0027t even require a weak IRQ work\nimplementation to trigger:\n\nschedule()\n prepare_task_switch()\n=======\u003e \u003cNMI\u003e\n perf_event_overflow()\n event-\u003epending_sigtrap = ...\n irq_work_queue(\u0026event-\u003epending_irq)\n\u003c======= \u003c/NMI\u003e\n perf_event_task_sched_out()\n event_sched_out()\n event-\u003epending_sigtrap = 0;\n atomic_long_inc_not_zero(\u0026event-\u003erefcount)\n task_work_add(\u0026event-\u003epending_task)\n finish_lock_switch()\n=======\u003e \u003cIRQ\u003e\n perf_pending_irq()\n //do nothing, rely on pending task work\n\u003c======= \u003c/IRQ\u003e\n\nbegin_new_exec()\n perf_event_exit_task()\n perf_event_exit_event()\n // If is child event\n free_event()\n WARN(atomic_long_cmpxchg(\u0026event-\u003erefcount, 1, 0) != 1)\n // event is leaked\n\nSimilar scenarios can also happen with perf_event_remove_on_exec() or\nsimply against concurrent perf_event_release().\n\nFix this with synchonizing against the possibly remaining pending task\nwork while freeing the event, just like is done with remaining pending\nIRQ work. This means that the pending task callback neither need nor\nshould hold a reference to the event, preventing it from ever beeing\nfreed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43869",
"url": "https://www.suse.com/security/cve/CVE-2024-43869"
},
{
"category": "external",
"summary": "SUSE Bug 1229491 for CVE-2024-43869",
"url": "https://bugzilla.suse.com/1229491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-43869"
},
{
"cve": "CVE-2024-46713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/aux: Fix AUX buffer serialization\n\nOle reported that event-\u003emmap_mutex is strictly insufficient to\nserialize the AUX buffer, add a per RB mutex to fully serialize it.\n\nNote that in the lock order comment the perf_event::mmap_mutex order\nwas already wrong, that is, it nesting under mmap_lock is not new with\nthis patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46713",
"url": "https://www.suse.com/security/cve/CVE-2024-46713"
},
{
"category": "external",
"summary": "SUSE Bug 1230581 for CVE-2024-46713",
"url": "https://bugzilla.suse.com/1230581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-46713"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.com/1232882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-50106"
},
{
"cve": "CVE-2024-50223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50223"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: Fix the potential null pointer dereference in task_numa_work()\n\nWhen running stress-ng-vm-segv test, we found a null pointer dereference\nerror in task_numa_work(). Here is the backtrace:\n\n [323676.066985] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ......\n [323676.067108] CPU: 35 PID: 2694524 Comm: stress-ng-vm-se\n ......\n [323676.067113] pstate: 23401009 (nzCv daif +PAN -UAO +TCO +DIT +SSBS BTYPE=--)\n [323676.067115] pc : vma_migratable+0x1c/0xd0\n [323676.067122] lr : task_numa_work+0x1ec/0x4e0\n [323676.067127] sp : ffff8000ada73d20\n [323676.067128] x29: ffff8000ada73d20 x28: 0000000000000000 x27: 000000003e89f010\n [323676.067130] x26: 0000000000080000 x25: ffff800081b5c0d8 x24: ffff800081b27000\n [323676.067133] x23: 0000000000010000 x22: 0000000104d18cc0 x21: ffff0009f7158000\n [323676.067135] x20: 0000000000000000 x19: 0000000000000000 x18: ffff8000ada73db8\n [323676.067138] x17: 0001400000000000 x16: ffff800080df40b0 x15: 0000000000000035\n [323676.067140] x14: ffff8000ada73cc8 x13: 1fffe0017cc72001 x12: ffff8000ada73cc8\n [323676.067142] x11: ffff80008001160c x10: ffff000be639000c x9 : ffff8000800f4ba4\n [323676.067145] x8 : ffff000810375000 x7 : ffff8000ada73974 x6 : 0000000000000001\n [323676.067147] x5 : 0068000b33e26707 x4 : 0000000000000001 x3 : ffff0009f7158000\n [323676.067149] x2 : 0000000000000041 x1 : 0000000000004400 x0 : 0000000000000000\n [323676.067152] Call trace:\n [323676.067153] vma_migratable+0x1c/0xd0\n [323676.067155] task_numa_work+0x1ec/0x4e0\n [323676.067157] task_work_run+0x78/0xd8\n [323676.067161] do_notify_resume+0x1ec/0x290\n [323676.067163] el0_svc+0x150/0x160\n [323676.067167] el0t_64_sync_handler+0xf8/0x128\n [323676.067170] el0t_64_sync+0x17c/0x180\n [323676.067173] Code: d2888001 910003fd f9000bf3 aa0003f3 (f9401000)\n [323676.067177] SMP: stopping secondary CPUs\n [323676.070184] Starting crashdump kernel...\n\nstress-ng-vm-segv in stress-ng is used to stress test the SIGSEGV error\nhandling function of the system, which tries to cause a SIGSEGV error on\nreturn from unmapping the whole address space of the child process.\n\nNormally this program will not cause kernel crashes. But before the\nmunmap system call returns to user mode, a potential task_numa_work()\nfor numa balancing could be added and executed. In this scenario, since the\nchild process has no vma after munmap, the vma_next() in task_numa_work()\nwill return a null pointer even if the vma iterator restarts from 0.\n\nRecheck the vma pointer before dereferencing it in task_numa_work().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50223",
"url": "https://www.suse.com/security/cve/CVE-2024-50223"
},
{
"category": "external",
"summary": "SUSE Bug 1233192 for CVE-2024-50223",
"url": "https://bugzilla.suse.com/1233192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-50223"
},
{
"cve": "CVE-2024-53135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN\n\nHide KVM\u0027s pt_mode module param behind CONFIG_BROKEN, i.e. disable support\nfor virtualizing Intel PT via guest/host mode unless BROKEN=y. There are\nmyriad bugs in the implementation, some of which are fatal to the guest,\nand others which put the stability and health of the host at risk.\n\nFor guest fatalities, the most glaring issue is that KVM fails to ensure\ntracing is disabled, and *stays* disabled prior to VM-Enter, which is\nnecessary as hardware disallows loading (the guest\u0027s) RTIT_CTL if tracing\nis enabled (enforced via a VMX consistency check). Per the SDM:\n\n If the logical processor is operating with Intel PT enabled (if\n IA32_RTIT_CTL.TraceEn = 1) at the time of VM entry, the \"load\n IA32_RTIT_CTL\" VM-entry control must be 0.\n\nOn the host side, KVM doesn\u0027t validate the guest CPUID configuration\nprovided by userspace, and even worse, uses the guest configuration to\ndecide what MSRs to save/load at VM-Enter and VM-Exit. E.g. configuring\nguest CPUID to enumerate more address ranges than are supported in hardware\nwill result in KVM trying to passthrough, save, and load non-existent MSRs,\nwhich generates a variety of WARNs, ToPA ERRORs in the host, a potential\ndeadlock, etc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53135",
"url": "https://www.suse.com/security/cve/CVE-2024-53135"
},
{
"category": "external",
"summary": "SUSE Bug 1234154 for CVE-2024-53135",
"url": "https://bugzilla.suse.com/1234154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-53135"
},
{
"cve": "CVE-2024-54458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: bsg: Set bsg_queue to NULL after removal\n\nCurrently, this does not cause any issues, but I believe it is necessary to\nset bsg_queue to NULL after removing it to prevent potential use-after-free\n(UAF) access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54458",
"url": "https://www.suse.com/security/cve/CVE-2024-54458"
},
{
"category": "external",
"summary": "SUSE Bug 1238992 for CVE-2024-54458",
"url": "https://bugzilla.suse.com/1238992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-54458"
},
{
"cve": "CVE-2024-58098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: track changes_pkt_data property for global functions\n\nWhen processing calls to certain helpers, verifier invalidates all\npacket pointers in a current state. For example, consider the\nfollowing program:\n\n __attribute__((__noinline__))\n long skb_pull_data(struct __sk_buff *sk, __u32 len)\n {\n return bpf_skb_pull_data(sk, len);\n }\n\n SEC(\"tc\")\n int test_invalidate_checks(struct __sk_buff *sk)\n {\n int *p = (void *)(long)sk-\u003edata;\n if ((void *)(p + 1) \u003e (void *)(long)sk-\u003edata_end) return TCX_DROP;\n skb_pull_data(sk, 0);\n *p = 42;\n return TCX_PASS;\n }\n\nAfter a call to bpf_skb_pull_data() the pointer \u0027p\u0027 can\u0027t be used\nsafely. See function filter.c:bpf_helper_changes_pkt_data() for a list\nof such helpers.\n\nAt the moment verifier invalidates packet pointers when processing\nhelper function calls, and does not traverse global sub-programs when\nprocessing calls to global sub-programs. This means that calls to\nhelpers done from global sub-programs do not invalidate pointers in\nthe caller state. E.g. the program above is unsafe, but is not\nrejected by verifier.\n\nThis commit fixes the omission by computing field\nbpf_subprog_info-\u003echanges_pkt_data for each sub-program before main\nverification pass.\nchanges_pkt_data should be set if:\n- subprogram calls helper for which bpf_helper_changes_pkt_data\n returns true;\n- subprogram calls a global function,\n for which bpf_subprog_info-\u003echanges_pkt_data should be set.\n\nThe verifier.c:check_cfg() pass is modified to compute this\ninformation. The commit relies on depth first instruction traversal\ndone by check_cfg() and absence of recursive function calls:\n- check_cfg() would eventually visit every call to subprogram S in a\n state when S is fully explored;\n- when S is fully explored:\n - every direct helper call within S is explored\n (and thus changes_pkt_data is set if needed);\n - every call to subprogram S1 called by S was visited with S1 fully\n explored (and thus S inherits changes_pkt_data from S1).\n\nThe downside of such approach is that dead code elimination is not\ntaken into account: if a helper call inside global function is dead\nbecause of current configuration, verifier would conservatively assume\nthat the call occurs for the purpose of the changes_pkt_data\ncomputation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58098",
"url": "https://www.suse.com/security/cve/CVE-2024-58098"
},
{
"category": "external",
"summary": "SUSE Bug 1242565 for CVE-2024-58098",
"url": "https://bugzilla.suse.com/1242565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-58098"
},
{
"cve": "CVE-2024-58099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame\n\nAndrew and Nikolay reported connectivity issues with Cilium\u0027s service\nload-balancing in case of vmxnet3.\n\nIf a BPF program for native XDP adds an encapsulation header such as\nIPIP and transmits the packet out the same interface, then in case\nof vmxnet3 a corrupted packet is being sent and subsequently dropped\non the path.\n\nvmxnet3_xdp_xmit_frame() which is called e.g. via vmxnet3_run_xdp()\nthrough vmxnet3_xdp_xmit_back() calculates an incorrect DMA address:\n\n page = virt_to_page(xdpf-\u003edata);\n tbi-\u003edma_addr = page_pool_get_dma_addr(page) +\n VMXNET3_XDP_HEADROOM;\n dma_sync_single_for_device(\u0026adapter-\u003epdev-\u003edev,\n tbi-\u003edma_addr, buf_size,\n DMA_TO_DEVICE);\n\nThe above assumes a fixed offset (VMXNET3_XDP_HEADROOM), but the XDP\nBPF program could have moved xdp-\u003edata. While the passed buf_size is\ncorrect (xdpf-\u003elen), the dma_addr needs to have a dynamic offset which\ncan be calculated as xdpf-\u003edata - (void *)xdpf, that is, xdp-\u003edata -\nxdp-\u003edata_hard_start.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58099",
"url": "https://www.suse.com/security/cve/CVE-2024-58099"
},
{
"category": "external",
"summary": "SUSE Bug 1242035 for CVE-2024-58099",
"url": "https://bugzilla.suse.com/1242035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-58099"
},
{
"cve": "CVE-2024-58100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: check changes_pkt_data property for extension programs\n\nWhen processing calls to global sub-programs, verifier decides whether\nto invalidate all packet pointers in current state depending on the\nchanges_pkt_data property of the global sub-program.\n\nBecause of this, an extension program replacing a global sub-program\nmust be compatible with changes_pkt_data property of the sub-program\nbeing replaced.\n\nThis commit:\n- adds changes_pkt_data flag to struct bpf_prog_aux:\n - this flag is set in check_cfg() for main sub-program;\n - in jit_subprogs() for other sub-programs;\n- modifies bpf_check_attach_btf_id() to check changes_pkt_data flag;\n- moves call to check_attach_btf_id() after the call to check_cfg(),\n because it needs changes_pkt_data flag to be set:\n\n bpf_check:\n ... ...\n - check_attach_btf_id resolve_pseudo_ldimm64\n resolve_pseudo_ldimm64 --\u003e bpf_prog_is_offloaded\n bpf_prog_is_offloaded check_cfg\n check_cfg + check_attach_btf_id\n ... ...\n\nThe following fields are set by check_attach_btf_id():\n- env-\u003eops\n- prog-\u003eaux-\u003eattach_btf_trace\n- prog-\u003eaux-\u003eattach_func_name\n- prog-\u003eaux-\u003eattach_func_proto\n- prog-\u003eaux-\u003edst_trampoline\n- prog-\u003eaux-\u003emod\n- prog-\u003eaux-\u003esaved_dst_attach_type\n- prog-\u003eaux-\u003esaved_dst_prog_type\n- prog-\u003eexpected_attach_type\n\nNeither of these fields are used by resolve_pseudo_ldimm64() or\nbpf_prog_offload_verifier_prep() (for netronome and netdevsim\ndrivers), so the reordering is safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58100",
"url": "https://www.suse.com/security/cve/CVE-2024-58100"
},
{
"category": "external",
"summary": "SUSE Bug 1242564 for CVE-2024-58100",
"url": "https://bugzilla.suse.com/1242564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-58100"
},
{
"cve": "CVE-2024-58237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: consider that tail calls invalidate packet pointers\n\nTail-called programs could execute any of the helpers that invalidate\npacket pointers. Hence, conservatively assume that each tail call\ninvalidates packet pointers.\n\nMaking the change in bpf_helper_changes_pkt_data() automatically makes\nuse of check_cfg() logic that computes \u0027changes_pkt_data\u0027 effect for\nglobal sub-programs, such that the following program could be\nrejected:\n\n int tail_call(struct __sk_buff *sk)\n {\n \tbpf_tail_call_static(sk, \u0026jmp_table, 0);\n \treturn 0;\n }\n\n SEC(\"tc\")\n int not_safe(struct __sk_buff *sk)\n {\n \tint *p = (void *)(long)sk-\u003edata;\n \t... make p valid ...\n \ttail_call(sk);\n \t*p = 42; /* this is unsafe */\n \t...\n }\n\nThe tc_bpf2bpf.c:subprog_tc() needs change: mark it as a function that\ncan invalidate packet pointers. Otherwise, it can\u0027t be freplaced with\ntailcall_freplace.c:entry_freplace() that does a tail call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58237",
"url": "https://www.suse.com/security/cve/CVE-2024-58237"
},
{
"category": "external",
"summary": "SUSE Bug 1242574 for CVE-2024-58237",
"url": "https://bugzilla.suse.com/1242574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2024-58237"
},
{
"cve": "CVE-2025-21629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\n\nThe blamed commit disabled hardware offoad of IPv6 packets with\nextension headers on devices that advertise NETIF_F_IPV6_CSUM,\nbased on the definition of that feature in skbuff.h:\n\n * * - %NETIF_F_IPV6_CSUM\n * - Driver (device) is only able to checksum plain\n * TCP or UDP packets over IPv6. These are specifically\n * unencapsulated packets of the form IPv6|TCP or\n * IPv6|UDP where the Next Header field in the IPv6\n * header is either TCP or UDP. IPv6 extension headers\n * are not supported with this feature. This feature\n * cannot be set in features for a device with\n * NETIF_F_HW_CSUM also set. This feature is being\n * DEPRECATED (see below).\n\nThe change causes skb_warn_bad_offload to fire for BIG TCP\npackets.\n\n[ 496.310233] WARNING: CPU: 13 PID: 23472 at net/core/dev.c:3129 skb_warn_bad_offload+0xc4/0xe0\n\n[ 496.310297] ? skb_warn_bad_offload+0xc4/0xe0\n[ 496.310300] skb_checksum_help+0x129/0x1f0\n[ 496.310303] skb_csum_hwoffload_help+0x150/0x1b0\n[ 496.310306] validate_xmit_skb+0x159/0x270\n[ 496.310309] validate_xmit_skb_list+0x41/0x70\n[ 496.310312] sch_direct_xmit+0x5c/0x250\n[ 496.310317] __qdisc_run+0x388/0x620\n\nBIG TCP introduced an IPV6_TLV_JUMBO IPv6 extension header to\ncommunicate packet length, as this is an IPv6 jumbogram. But, the\nfeature is only enabled on devices that support BIG TCP TSO. The\nheader is only present for PF_PACKET taps like tcpdump, and not\ntransmitted by physical devices.\n\nFor this specific case of extension headers that are not\ntransmitted, return to the situation before the blamed commit\nand support hardware offload.\n\nipv6_has_hopopt_jumbo() tests not only whether this header is present,\nbut also that it is the only extension header before a terminal (L4)\nheader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21629",
"url": "https://www.suse.com/security/cve/CVE-2025-21629"
},
{
"category": "external",
"summary": "SUSE Bug 1235968 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "external",
"summary": "SUSE Bug 1244722 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1244722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "important"
}
],
"title": "CVE-2025-21629"
},
{
"cve": "CVE-2025-21648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\n\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\nresizing hashtable because __GFP_NOWARN is unset. See:\n\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\n\nNote: hashtable resize is only possible from init_netns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21648",
"url": "https://www.suse.com/security/cve/CVE-2025-21648"
},
{
"category": "external",
"summary": "SUSE Bug 1236142 for CVE-2025-21648",
"url": "https://bugzilla.suse.com/1236142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-21648"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: better TEAM_OPTION_TYPE_STRING validation\n\nsyzbot reported following splat [1]\n\nMake sure user-provided data contains one nul byte.\n\n[1]\n BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inline]\n BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714\n string_nocheck lib/vsprintf.c:633 [inline]\n string+0x3ec/0x5f0 lib/vsprintf.c:714\n vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843\n __request_module+0x252/0x9f0 kernel/module/kmod.c:149\n team_mode_get drivers/net/team/team_core.c:480 [inline]\n team_change_mode drivers/net/team/team_core.c:607 [inline]\n team_mode_option_set+0x437/0x970 drivers/net/team/team_core.c:1401\n team_option_set drivers/net/team/team_core.c:375 [inline]\n team_nl_options_set_doit+0x1339/0x1f90 drivers/net/team/team_core.c:2662\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x1214/0x12c0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2543\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:733\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2573\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2627\n __sys_sendmsg net/socket.c:2659 [inline]\n __do_sys_sendmsg net/socket.c:2664 [inline]\n __se_sys_sendmsg net/socket.c:2662 [inline]\n __x64_sys_sendmsg+0x212/0x3c0 net/socket.c:2662\n x64_sys_call+0x2ed6/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21787",
"url": "https://www.suse.com/security/cve/CVE-2025-21787"
},
{
"category": "external",
"summary": "SUSE Bug 1238774 for CVE-2025-21787",
"url": "https://bugzilla.suse.com/1238774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-21787"
},
{
"cve": "CVE-2025-21814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: Ensure info-\u003eenable callback is always set\n\nThe ioctl and sysfs handlers unconditionally call the -\u003eenable callback.\nNot all drivers implement that callback, leading to NULL dereferences.\nExample of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c.\n\nInstead use a dummy callback if no better was specified by the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21814",
"url": "https://www.suse.com/security/cve/CVE-2025-21814"
},
{
"category": "external",
"summary": "SUSE Bug 1238473 for CVE-2025-21814",
"url": "https://bugzilla.suse.com/1238473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-21814"
},
{
"cve": "CVE-2025-21919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Fix potential memory corruption in child_cfs_rq_on_list\n\nchild_cfs_rq_on_list attempts to convert a \u0027prev\u0027 pointer to a cfs_rq.\nThis \u0027prev\u0027 pointer can originate from struct rq\u0027s leaf_cfs_rq_list,\nmaking the conversion invalid and potentially leading to memory\ncorruption. Depending on the relative positions of leaf_cfs_rq_list and\nthe task group (tg) pointer within the struct, this can cause a memory\nfault or access garbage data.\n\nThe issue arises in list_add_leaf_cfs_rq, where both\ncfs_rq-\u003eleaf_cfs_rq_list and rq-\u003eleaf_cfs_rq_list are added to the same\nleaf list. Also, rq-\u003etmp_alone_branch can be set to rq-\u003eleaf_cfs_rq_list.\n\nThis adds a check `if (prev == \u0026rq-\u003eleaf_cfs_rq_list)` after the main\nconditional in child_cfs_rq_on_list. This ensures that the container_of\noperation will convert a correct cfs_rq struct.\n\nThis check is sufficient because only cfs_rqs on the same CPU are added\nto the list, so verifying the \u0027prev\u0027 pointer against the current rq\u0027s list\nhead is enough.\n\nFixes a potential memory corruption issue that due to current struct\nlayout might not be manifesting as a crash but could lead to unpredictable\nbehavior when the layout changes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21919",
"url": "https://www.suse.com/security/cve/CVE-2025-21919"
},
{
"category": "external",
"summary": "SUSE Bug 1240593 for CVE-2025-21919",
"url": "https://bugzilla.suse.com/1240593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-21919"
},
{
"cve": "CVE-2025-21997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix an integer overflow in xp_create_and_assign_umem()\n\nSince the i and pool-\u003echunk_size variables are of type \u0027u32\u0027,\ntheir product can wrap around and then be cast to \u0027u64\u0027.\nThis can lead to two different XDP buffers pointing to the same\nmemory area.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21997",
"url": "https://www.suse.com/security/cve/CVE-2025-21997"
},
{
"category": "external",
"summary": "SUSE Bug 1240823 for CVE-2025-21997",
"url": "https://bugzilla.suse.com/1240823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-21997"
},
{
"cve": "CVE-2025-22005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().\n\nfib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything\nwhen it fails.\n\nCommit 7dd73168e273 (\"ipv6: Always allocate pcpu memory in a fib6_nh\")\nmoved fib_nh_common_init() before alloc_percpu_gfp() within fib6_nh_init()\nbut forgot to add cleanup for fib6_nh-\u003enh_common.nhc_pcpu_rth_output in\ncase it fails to allocate fib6_nh-\u003ert6i_pcpu, resulting in memleak.\n\nLet\u0027s call fib_nh_common_release() and clear nhc_pcpu_rth_output in the\nerror path.\n\nNote that we can remove the fib6_nh_release() call in nh_create_ipv6()\nlater in net-next.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22005",
"url": "https://www.suse.com/security/cve/CVE-2025-22005"
},
{
"category": "external",
"summary": "SUSE Bug 1240866 for CVE-2025-22005",
"url": "https://bugzilla.suse.com/1240866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22005"
},
{
"cve": "CVE-2025-22021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: socket: Lookup orig tuple for IPv6 SNAT\n\nnf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to\nrestore the original 5-tuple in case of SNAT, to be able to find the\nright socket (if any). Then socket_match() can correctly check whether\nthe socket was transparent.\n\nHowever, the IPv6 counterpart (nf_sk_lookup_slow_v6) lacks this\nconntrack lookup, making xt_socket fail to match on the socket when the\npacket was SNATed. Add the same logic to nf_sk_lookup_slow_v6.\n\nIPv6 SNAT is used in Kubernetes clusters for pod-to-world packets, as\npods\u0027 addresses are in the fd00::/8 ULA subnet and need to be replaced\nwith the node\u0027s external address. Cilium leverages Envoy to enforce L7\npolicies, and Envoy uses transparent sockets. Cilium inserts an iptables\nprerouting rule that matches on `-m socket --transparent` and redirects\nthe packets to localhost, but it fails to match SNATed IPv6 packets due\nto that missing conntrack lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22021",
"url": "https://www.suse.com/security/cve/CVE-2025-22021"
},
{
"category": "external",
"summary": "SUSE Bug 1241282 for CVE-2025-22021",
"url": "https://bugzilla.suse.com/1241282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "low"
}
],
"title": "CVE-2025-22021"
},
{
"cve": "CVE-2025-22030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()\n\nCurrently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding\nthe per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_lock\n(through crypto_exit_scomp_ops_async()).\n\nOn the other hand, crypto_alloc_acomp_node() holds the scomp_lock (through\ncrypto_scomp_init_tfm()), and then allocates memory. If the allocation\nresults in reclaim, we may attempt to hold the per-CPU acomp_ctx mutex.\n\nThe above dependencies can cause an ABBA deadlock. For example in the\nfollowing scenario:\n\n(1) Task A running on CPU #1:\n crypto_alloc_acomp_node()\n Holds scomp_lock\n Enters reclaim\n Reads per_cpu_ptr(pool-\u003eacomp_ctx, 1)\n\n(2) Task A is descheduled\n\n(3) CPU #1 goes offline\n zswap_cpu_comp_dead(CPU #1)\n Holds per_cpu_ptr(pool-\u003eacomp_ctx, 1))\n Calls crypto_free_acomp()\n Waits for scomp_lock\n\n(4) Task A running on CPU #2:\n Waits for per_cpu_ptr(pool-\u003eacomp_ctx, 1) // Read on CPU #1\n DEADLOCK\n\nSince there is no requirement to call crypto_free_acomp() with the per-CPU\nacomp_ctx mutex held in zswap_cpu_comp_dead(), move it after the mutex is\nunlocked. Also move the acomp_request_free() and kfree() calls for\nconsistency and to avoid any potential sublte locking dependencies in the\nfuture.\n\nWith this, only setting acomp_ctx fields to NULL occurs with the mutex\nheld. This is similar to how zswap_cpu_comp_prepare() only initializes\nacomp_ctx fields with the mutex held, after performing all allocations\nbefore holding the mutex.\n\nOpportunistically, move the NULL check on acomp_ctx so that it takes place\nbefore the mutex dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22030",
"url": "https://www.suse.com/security/cve/CVE-2025-22030"
},
{
"category": "external",
"summary": "SUSE Bug 1241376 for CVE-2025-22030",
"url": "https://bugzilla.suse.com/1241376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22030"
},
{
"cve": "CVE-2025-22056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_tunnel: fix geneve_opt type confusion addition\n\nWhen handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the\nparsing logic should place every geneve_opt structure one by one\ncompactly. Hence, when deciding the next geneve_opt position, the\npointer addition should be in units of char *.\n\nHowever, the current implementation erroneously does type conversion\nbefore the addition, which will lead to heap out-of-bounds write.\n\n[ 6.989857] ==================================================================\n[ 6.990293] BUG: KASAN: slab-out-of-bounds in nft_tunnel_obj_init+0x977/0xa70\n[ 6.990725] Write of size 124 at addr ffff888005f18974 by task poc/178\n[ 6.991162]\n[ 6.991259] CPU: 0 PID: 178 Comm: poc-oob-write Not tainted 6.1.132 #1\n[ 6.991655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 6.992281] Call Trace:\n[ 6.992423] \u003cTASK\u003e\n[ 6.992586] dump_stack_lvl+0x44/0x5c\n[ 6.992801] print_report+0x184/0x4be\n[ 6.993790] kasan_report+0xc5/0x100\n[ 6.994252] kasan_check_range+0xf3/0x1a0\n[ 6.994486] memcpy+0x38/0x60\n[ 6.994692] nft_tunnel_obj_init+0x977/0xa70\n[ 6.995677] nft_obj_init+0x10c/0x1b0\n[ 6.995891] nf_tables_newobj+0x585/0x950\n[ 6.996922] nfnetlink_rcv_batch+0xdf9/0x1020\n[ 6.998997] nfnetlink_rcv+0x1df/0x220\n[ 6.999537] netlink_unicast+0x395/0x530\n[ 7.000771] netlink_sendmsg+0x3d0/0x6d0\n[ 7.001462] __sock_sendmsg+0x99/0xa0\n[ 7.001707] ____sys_sendmsg+0x409/0x450\n[ 7.002391] ___sys_sendmsg+0xfd/0x170\n[ 7.003145] __sys_sendmsg+0xea/0x170\n[ 7.004359] do_syscall_64+0x5e/0x90\n[ 7.005817] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 7.006127] RIP: 0033:0x7ec756d4e407\n[ 7.006339] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 7.007364] RSP: 002b:00007ffed5d46760 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n[ 7.007827] RAX: ffffffffffffffda RBX: 00007ec756cc4740 RCX: 00007ec756d4e407\n[ 7.008223] RDX: 0000000000000000 RSI: 00007ffed5d467f0 RDI: 0000000000000003\n[ 7.008620] RBP: 00007ffed5d468a0 R08: 0000000000000000 R09: 0000000000000000\n[ 7.009039] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n[ 7.009429] R13: 00007ffed5d478b0 R14: 00007ec756ee5000 R15: 00005cbd4e655cb8\n\nFix this bug with correct pointer addition and conversion in parse\nand dump code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22056",
"url": "https://www.suse.com/security/cve/CVE-2025-22056"
},
{
"category": "external",
"summary": "SUSE Bug 1241525 for CVE-2025-22056",
"url": "https://bugzilla.suse.com/1241525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22056"
},
{
"cve": "CVE-2025-22057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: decrease cached dst counters in dst_release\n\nUpstream fix ac888d58869b (\"net: do not delay dst_entries_add() in\ndst_release()\") moved decrementing the dst count from dst_destroy to\ndst_release to avoid accessing already freed data in case of netns\ndismantle. However in case CONFIG_DST_CACHE is enabled and OvS+tunnels\nare used, this fix is incomplete as the same issue will be seen for\ncached dsts:\n\n Unable to handle kernel paging request at virtual address ffff5aabf6b5c000\n Call trace:\n percpu_counter_add_batch+0x3c/0x160 (P)\n dst_release+0xec/0x108\n dst_cache_destroy+0x68/0xd8\n dst_destroy+0x13c/0x168\n dst_destroy_rcu+0x1c/0xb0\n rcu_do_batch+0x18c/0x7d0\n rcu_core+0x174/0x378\n rcu_core_si+0x18/0x30\n\nFix this by invalidating the cache, and thus decrementing cached dst\ncounters, in dst_release too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22057",
"url": "https://www.suse.com/security/cve/CVE-2025-22057"
},
{
"category": "external",
"summary": "SUSE Bug 1241533 for CVE-2025-22057",
"url": "https://bugzilla.suse.com/1241533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22057"
},
{
"cve": "CVE-2025-22063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets\n\nWhen calling netlbl_conn_setattr(), addr-\u003esa_family is used\nto determine the function behavior. If sk is an IPv4 socket,\nbut the connect function is called with an IPv6 address,\nthe function calipso_sock_setattr() is triggered.\nInside this function, the following code is executed:\n\nsk_fullsock(__sk) ? inet_sk(__sk)-\u003epinet6 : NULL;\n\nSince sk is an IPv4 socket, pinet6 is NULL, leading to a\nnull pointer dereference.\n\nThis patch fixes the issue by checking if inet6_sk(sk)\nreturns a NULL pointer before accessing pinet6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22063",
"url": "https://www.suse.com/security/cve/CVE-2025-22063"
},
{
"category": "external",
"summary": "SUSE Bug 1241351 for CVE-2025-22063",
"url": "https://bugzilla.suse.com/1241351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22063"
},
{
"cve": "CVE-2025-22066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: imx-card: Add NULL check in imx_card_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nimx_card_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22066",
"url": "https://www.suse.com/security/cve/CVE-2025-22066"
},
{
"category": "external",
"summary": "SUSE Bug 1241340 for CVE-2025-22066",
"url": "https://bugzilla.suse.com/1241340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22066"
},
{
"cve": "CVE-2025-22070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: fix NULL pointer dereference on mkdir\n\nWhen a 9p tree was mounted with option \u0027posixacl\u0027, parent directory had a\ndefault ACL set for its subdirectories, e.g.:\n\n setfacl -m default:group:simpsons:rwx parentdir\n\nthen creating a subdirectory crashed 9p client, as v9fs_fid_add() call in\nfunction v9fs_vfs_mkdir_dotl() sets the passed \u0027fid\u0027 pointer to NULL\n(since dafbe689736) even though the subsequent v9fs_set_create_acl() call\nexpects a valid non-NULL \u0027fid\u0027 pointer:\n\n [ 37.273191] BUG: kernel NULL pointer dereference, address: 0000000000000000\n ...\n [ 37.322338] Call Trace:\n [ 37.323043] \u003cTASK\u003e\n [ 37.323621] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434)\n [ 37.324448] ? page_fault_oops (arch/x86/mm/fault.c:714)\n [ 37.325532] ? search_module_extables (kernel/module/main.c:3733)\n [ 37.326742] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.328006] ? search_bpf_extables (kernel/bpf/core.c:804)\n [ 37.329142] ? exc_page_fault (./arch/x86/include/asm/paravirt.h:686 arch/x86/mm/fault.c:1488 arch/x86/mm/fault.c:1538)\n [ 37.330196] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:574)\n [ 37.331330] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.332562] ? v9fs_fid_xattr_get (fs/9p/xattr.c:30) 9p\n [ 37.333824] v9fs_fid_xattr_set (fs/9p/fid.h:23 fs/9p/xattr.c:121) 9p\n [ 37.335077] v9fs_set_acl (fs/9p/acl.c:276) 9p\n [ 37.336112] v9fs_set_create_acl (fs/9p/acl.c:307) 9p\n [ 37.337326] v9fs_vfs_mkdir_dotl (fs/9p/vfs_inode_dotl.c:411) 9p\n [ 37.338590] vfs_mkdir (fs/namei.c:4313)\n [ 37.339535] do_mkdirat (fs/namei.c:4336)\n [ 37.340465] __x64_sys_mkdir (fs/namei.c:4354)\n [ 37.341455] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n [ 37.342447] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by simply swapping the sequence of these two calls in\nv9fs_vfs_mkdir_dotl(), i.e. calling v9fs_set_create_acl() before\nv9fs_fid_add().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22070",
"url": "https://www.suse.com/security/cve/CVE-2025-22070"
},
{
"category": "external",
"summary": "SUSE Bug 1241305 for CVE-2025-22070",
"url": "https://bugzilla.suse.com/1241305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22070"
},
{
"cve": "CVE-2025-22089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Don\u0027t expose hw_counters outside of init net namespace\n\nCommit 467f432a521a (\"RDMA/core: Split port and device counter sysfs\nattributes\") accidentally almost exposed hw counters to non-init net\nnamespaces. It didn\u0027t expose them fully, as an attempt to read any of\nthose counters leads to a crash like this one:\n\n[42021.807566] BUG: kernel NULL pointer dereference, address: 0000000000000028\n[42021.814463] #PF: supervisor read access in kernel mode\n[42021.819549] #PF: error_code(0x0000) - not-present page\n[42021.824636] PGD 0 P4D 0\n[42021.827145] Oops: 0000 [#1] SMP PTI\n[42021.830598] CPU: 82 PID: 2843922 Comm: switchto-defaul Kdump: loaded Tainted: G S W I XXX\n[42021.841697] Hardware name: XXX\n[42021.849619] RIP: 0010:hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.855362] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 49 89 d0 4c 8b 5e 20 48 8b 8f b8 04 00 00 48 81 c7 f0 fa ff ff \u003c48\u003e 8b 41 28 48 29 ce 48 83 c6 d0 48 c1 ee 04 69 d6 ab aa aa aa 48\n[42021.873931] RSP: 0018:ffff97fe90f03da0 EFLAGS: 00010287\n[42021.879108] RAX: ffff9406988a8c60 RBX: ffff940e1072d438 RCX: 0000000000000000\n[42021.886169] RDX: ffff94085f1aa000 RSI: ffff93c6cbbdbcb0 RDI: ffff940c7517aef0\n[42021.893230] RBP: ffff97fe90f03e70 R08: ffff94085f1aa000 R09: 0000000000000000\n[42021.900294] R10: ffff94085f1aa000 R11: ffffffffc0775680 R12: ffffffff87ca2530\n[42021.907355] R13: ffff940651602840 R14: ffff93c6cbbdbcb0 R15: ffff94085f1aa000\n[42021.914418] FS: 00007fda1a3b9700(0000) GS:ffff94453fb80000(0000) knlGS:0000000000000000\n[42021.922423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[42021.928130] CR2: 0000000000000028 CR3: 00000042dcfb8003 CR4: 00000000003726f0\n[42021.935194] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[42021.942257] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[42021.949324] Call Trace:\n[42021.951756] \u003cTASK\u003e\n[42021.953842] [\u003cffffffff86c58674\u003e] ? show_regs+0x64/0x70\n[42021.959030] [\u003cffffffff86c58468\u003e] ? __die+0x78/0xc0\n[42021.963874] [\u003cffffffff86c9ef75\u003e] ? page_fault_oops+0x2b5/0x3b0\n[42021.969749] [\u003cffffffff87674b92\u003e] ? exc_page_fault+0x1a2/0x3c0\n[42021.975549] [\u003cffffffff87801326\u003e] ? asm_exc_page_fault+0x26/0x30\n[42021.981517] [\u003cffffffffc0775680\u003e] ? __pfx_show_hw_stats+0x10/0x10 [ib_core]\n[42021.988482] [\u003cffffffffc077564e\u003e] ? hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.995438] [\u003cffffffff86ac7f8e\u003e] dev_attr_show+0x1e/0x50\n[42022.000803] [\u003cffffffff86a3eeb1\u003e] sysfs_kf_seq_show+0x81/0xe0\n[42022.006508] [\u003cffffffff86a11134\u003e] seq_read_iter+0xf4/0x410\n[42022.011954] [\u003cffffffff869f4b2e\u003e] vfs_read+0x16e/0x2f0\n[42022.017058] [\u003cffffffff869f50ee\u003e] ksys_read+0x6e/0xe0\n[42022.022073] [\u003cffffffff8766f1ca\u003e] do_syscall_64+0x6a/0xa0\n[42022.027441] [\u003cffffffff8780013b\u003e] entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nThe problem can be reproduced using the following steps:\n ip netns add foo\n ip netns exec foo bash\n cat /sys/class/infiniband/mlx4_0/hw_counters/*\n\nThe panic occurs because of casting the device pointer into an\nib_device pointer using container_of() in hw_stat_device_show() is\nwrong and leads to a memory corruption.\n\nHowever the real problem is that hw counters should never been exposed\noutside of the non-init net namespace.\n\nFix this by saving the index of the corresponding attribute group\n(it might be 1 or 2 depending on the presence of driver-specific\nattributes) and zeroing the pointer to hw_counters group for compat\ndevices during the initialization.\n\nWith this fix applied hw_counters are not available in a non-init\nnet namespace:\n find /sys/class/infiniband/mlx4_0/ -name hw_counters\n /sys/class/infiniband/mlx4_0/ports/1/hw_counters\n /sys/class/infiniband/mlx4_0/ports/2/hw_counters\n /sys/class/infiniband/mlx4_0/hw_counters\n\n ip netns add foo\n ip netns exec foo bash\n find /sys/class/infiniband/mlx4_0/ -name hw_counters",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22089",
"url": "https://www.suse.com/security/cve/CVE-2025-22089"
},
{
"category": "external",
"summary": "SUSE Bug 1241538 for CVE-2025-22089",
"url": "https://bugzilla.suse.com/1241538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22089"
},
{
"cve": "CVE-2025-22095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: brcmstb: Fix error path after a call to regulator_bulk_get()\n\nIf the regulator_bulk_get() returns an error and no regulators\nare created, we need to set their number to zero.\n\nIf we don\u0027t do this and the PCIe link up fails, a call to the\nregulator_bulk_free() will result in a kernel panic.\n\nWhile at it, print the error value, as we cannot return an error\nupwards as the kernel will WARN() on an error from add_bus().\n\n[kwilczynski: commit log, use comma in the message to match style with\nother similar messages]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22095",
"url": "https://www.suse.com/security/cve/CVE-2025-22095"
},
{
"category": "external",
"summary": "SUSE Bug 1241519 for CVE-2025-22095",
"url": "https://bugzilla.suse.com/1241519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22095"
},
{
"cve": "CVE-2025-22103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix NULL pointer dereference in l3mdev_l3_rcv\n\nWhen delete l3s ipvlan:\n\n ip link del link eth0 ipvlan1 type ipvlan mode l3s\n\nThis may cause a null pointer dereference:\n\n Call trace:\n ip_rcv_finish+0x48/0xd0\n ip_rcv+0x5c/0x100\n __netif_receive_skb_one_core+0x64/0xb0\n __netif_receive_skb+0x20/0x80\n process_backlog+0xb4/0x204\n napi_poll+0xe8/0x294\n net_rx_action+0xd8/0x22c\n __do_softirq+0x12c/0x354\n\nThis is because l3mdev_l3_rcv() visit dev-\u003el3mdev_ops after\nipvlan_l3s_unregister() assign the dev-\u003el3mdev_ops to NULL. The process\nlike this:\n\n (CPU1) | (CPU2)\n l3mdev_l3_rcv() |\n check dev-\u003epriv_flags: |\n master = skb-\u003edev; |\n |\n | ipvlan_l3s_unregister()\n | set dev-\u003epriv_flags\n | dev-\u003el3mdev_ops = NULL;\n |\n visit master-\u003el3mdev_ops |\n\nTo avoid this by do not set dev-\u003el3mdev_ops when unregister l3s ipvlan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22103",
"url": "https://www.suse.com/security/cve/CVE-2025-22103"
},
{
"category": "external",
"summary": "SUSE Bug 1241448 for CVE-2025-22103",
"url": "https://bugzilla.suse.com/1241448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22103"
},
{
"cve": "CVE-2025-22119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: init wiphy_work before allocating rfkill fails\n\nsyzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1]\n\nAfter rfkill allocation fails, the wiphy release process will be performed,\nwhich will cause cfg80211_dev_free to access the uninitialized wiphy_work\nrelated data.\n\nMove the initialization of wiphy_work to before rfkill initialization to\navoid this issue.\n\n[1]\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn\u0027t initialize this object before use?\nturning off the locking correctness validator.\nCPU: 0 UID: 0 PID: 5935 Comm: syz-executor550 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n assign_lock_key kernel/locking/lockdep.c:983 [inline]\n register_lock_class+0xc39/0x1240 kernel/locking/lockdep.c:1297\n __lock_acquire+0x135/0x3c40 kernel/locking/lockdep.c:5103\n lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162\n cfg80211_dev_free+0x30/0x3d0 net/wireless/core.c:1196\n device_release+0xa1/0x240 drivers/base/core.c:2568\n kobject_cleanup lib/kobject.c:689 [inline]\n kobject_release lib/kobject.c:720 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1e4/0x5a0 lib/kobject.c:737\n put_device+0x1f/0x30 drivers/base/core.c:3774\n wiphy_free net/wireless/core.c:1224 [inline]\n wiphy_new_nm+0x1c1f/0x2160 net/wireless/core.c:562\n ieee80211_alloc_hw_nm+0x1b7a/0x2260 net/mac80211/main.c:835\n mac80211_hwsim_new_radio+0x1d6/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5185\n hwsim_new_radio_nl+0xb42/0x12b0 drivers/net/wireless/virtual/mac80211_hwsim.c:6242\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2533\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1338\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1882\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg net/socket.c:733 [inline]\n ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2573\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2627\n __sys_sendmsg+0x16e/0x220 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n\nClose: https://syzkaller.appspot.com/bug?extid=aaf0488c83d1d5f4f029",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22119",
"url": "https://www.suse.com/security/cve/CVE-2025-22119"
},
{
"category": "external",
"summary": "SUSE Bug 1241576 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "external",
"summary": "SUSE Bug 1241577 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "important"
}
],
"title": "CVE-2025-22119"
},
{
"cve": "CVE-2025-22124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: fix wrong bitmap_limit for clustermd when write sb\n\nIn clustermd, separate write-intent-bitmaps are used for each cluster\nnode:\n\n0 4k 8k 12k\n-------------------------------------------------------------------\n| idle | md super | bm super [0] + bits |\n| bm bits[0, contd] | bm super[1] + bits | bm bits[1, contd] |\n| bm super[2] + bits | bm bits [2, contd] | bm super[3] + bits |\n| bm bits [3, contd] | | |\n\nSo in node 1, pg_index in __write_sb_page() could equal to\nbitmap-\u003estorage.file_pages. Then bitmap_limit will be calculated to\n0. md_super_write() will be called with 0 size.\nThat means the first 4k sb area of node 1 will never be updated\nthrough filemap_write_page().\nThis bug causes hang of mdadm/clustermd_tests/01r1_Grow_resize.\n\nHere use (pg_index % bitmap-\u003estorage.file_pages) to make calculation\nof bitmap_limit correct.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22124",
"url": "https://www.suse.com/security/cve/CVE-2025-22124"
},
{
"category": "external",
"summary": "SUSE Bug 1241595 for CVE-2025-22124",
"url": "https://bugzilla.suse.com/1241595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22124"
},
{
"cve": "CVE-2025-22125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1,raid10: don\u0027t ignore IO flags\n\nIf blk-wbt is enabled by default, it\u0027s found that raid write performance\nis quite bad because all IO are throttled by wbt of underlying disks,\ndue to flag REQ_IDLE is ignored. And turns out this behaviour exist since\nblk-wbt is introduced.\n\nOther than REQ_IDLE, other flags should not be ignored as well, for\nexample REQ_META can be set for filesystems, clearing it can cause priority\nreverse problems; And REQ_NOWAIT should not be cleared as well, because\nio will wait instead of failing directly in underlying disks.\n\nFix those problems by keep IO flags from master bio.\n\nFises: f51d46d0e7cb (\"md: add support for REQ_NOWAIT\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22125",
"url": "https://www.suse.com/security/cve/CVE-2025-22125"
},
{
"category": "external",
"summary": "SUSE Bug 1241596 for CVE-2025-22125",
"url": "https://bugzilla.suse.com/1241596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22125"
},
{
"cve": "CVE-2025-22126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix mddev uaf while iterating all_mddevs list\n\nWhile iterating all_mddevs list from md_notify_reboot() and md_exit(),\nlist_for_each_entry_safe is used, and this can race with deletint the\nnext mddev, causing UAF:\n\nt1:\nspin_lock\n//list_for_each_entry_safe(mddev, n, ...)\n mddev_get(mddev1)\n // assume mddev2 is the next entry\n spin_unlock\n t2:\n //remove mddev2\n ...\n mddev_free\n spin_lock\n list_del\n spin_unlock\n kfree(mddev2)\n mddev_put(mddev1)\n spin_lock\n //continue dereference mddev2-\u003eall_mddevs\n\nThe old helper for_each_mddev() actually grab the reference of mddev2\nwhile holding the lock, to prevent from being freed. This problem can be\nfixed the same way, however, the code will be complex.\n\nHence switch to use list_for_each_entry, in this case mddev_put() can free\nthe mddev1 and it\u0027s not safe as well. Refer to md_seq_show(), also factor\nout a helper mddev_put_locked() to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22126",
"url": "https://www.suse.com/security/cve/CVE-2025-22126"
},
{
"category": "external",
"summary": "SUSE Bug 1241597 for CVE-2025-22126",
"url": "https://bugzilla.suse.com/1241597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22126"
},
{
"cve": "CVE-2025-23140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error\n\nAfter devm_request_irq() fails with error in pci_endpoint_test_request_irq(),\nthe pci_endpoint_test_free_irq_vectors() is called assuming that all IRQs\nhave been released.\n\nHowever, some requested IRQs remain unreleased, so there are still\n/proc/irq/* entries remaining, and this results in WARN() with the\nfollowing message:\n\n remove_proc_entry: removing non-empty directory \u0027irq/30\u0027, leaking at least \u0027pci-endpoint-test.0\u0027\n WARNING: CPU: 0 PID: 202 at fs/proc/generic.c:719 remove_proc_entry +0x190/0x19c\n\nTo solve this issue, set the number of remaining IRQs to test-\u003enum_irqs,\nand release IRQs in advance by calling pci_endpoint_test_release_irq().\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23140",
"url": "https://www.suse.com/security/cve/CVE-2025-23140"
},
{
"category": "external",
"summary": "SUSE Bug 1242763 for CVE-2025-23140",
"url": "https://bugzilla.suse.com/1242763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23140"
},
{
"cve": "CVE-2025-23141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses\n\nAcquire a lock on kvm-\u003esrcu when userspace is getting MP state to handle a\nrather extreme edge case where \"accepting\" APIC events, i.e. processing\npending INIT or SIPI, can trigger accesses to guest memory. If the vCPU\nis in L2 with INIT *and* a TRIPLE_FAULT request pending, then getting MP\nstate will trigger a nested VM-Exit by way of -\u003echeck_nested_events(), and\nemuating the nested VM-Exit can access guest memory.\n\nThe splat was originally hit by syzkaller on a Google-internal kernel, and\nreproduced on an upstream kernel by hacking the triple_fault_event_test\nselftest to stuff a pending INIT, store an MSR on VM-Exit (to generate a\nmemory access on VMX), and do vcpu_mp_state_get() to trigger the scenario.\n\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3-b112d356288b-vmx/pi_lockdep_false_pos-lock #3 Not tainted\n -----------------------------\n include/linux/kvm_host.h:1058 suspicious rcu_dereference_check() usage!\n\n other info that might help us debug this:\n\n rcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by triple_fault_ev/1256:\n #0: ffff88810df5a330 (\u0026vcpu-\u003emutex){+.+.}-{4:4}, at: kvm_vcpu_ioctl+0x8b/0x9a0 [kvm]\n\n stack backtrace:\n CPU: 11 UID: 1000 PID: 1256 Comm: triple_fault_ev Not tainted 6.14.0-rc3-b112d356288b-vmx #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7f/0x90\n lockdep_rcu_suspicious+0x144/0x190\n kvm_vcpu_gfn_to_memslot+0x156/0x180 [kvm]\n kvm_vcpu_read_guest+0x3e/0x90 [kvm]\n read_and_check_msr_entry+0x2e/0x180 [kvm_intel]\n __nested_vmx_vmexit+0x550/0xde0 [kvm_intel]\n kvm_check_nested_events+0x1b/0x30 [kvm]\n kvm_apic_accept_events+0x33/0x100 [kvm]\n kvm_arch_vcpu_ioctl_get_mpstate+0x30/0x1d0 [kvm]\n kvm_vcpu_ioctl+0x33e/0x9a0 [kvm]\n __x64_sys_ioctl+0x8b/0xb0\n do_syscall_64+0x6c/0x170\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23141",
"url": "https://www.suse.com/security/cve/CVE-2025-23141"
},
{
"category": "external",
"summary": "SUSE Bug 1242782 for CVE-2025-23141",
"url": "https://bugzilla.suse.com/1242782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23141"
},
{
"cve": "CVE-2025-23142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: detect and prevent references to a freed transport in sendmsg\n\nsctp_sendmsg() re-uses associations and transports when possible by\ndoing a lookup based on the socket endpoint and the message destination\naddress, and then sctp_sendmsg_to_asoc() sets the selected transport in\nall the message chunks to be sent.\n\nThere\u0027s a possible race condition if another thread triggers the removal\nof that selected transport, for instance, by explicitly unbinding an\naddress with setsockopt(SCTP_SOCKOPT_BINDX_REM), after the chunks have\nbeen set up and before the message is sent. This can happen if the send\nbuffer is full, during the period when the sender thread temporarily\nreleases the socket lock in sctp_wait_for_sndbuf().\n\nThis causes the access to the transport data in\nsctp_outq_select_transport(), when the association outqueue is flushed,\nto result in a use-after-free read.\n\nThis change avoids this scenario by having sctp_transport_free() signal\nthe freeing of the transport, tagging it as \"dead\". In order to do this,\nthe patch restores the \"dead\" bit in struct sctp_transport, which was\nremoved in\ncommit 47faa1e4c50e (\"sctp: remove the dead field of sctp_transport\").\n\nThen, in the scenario where the sender thread has released the socket\nlock in sctp_wait_for_sndbuf(), the bit is checked again after\nre-acquiring the socket lock to detect the deletion. This is done while\nholding a reference to the transport to prevent it from being freed in\nthe process.\n\nIf the transport was deleted while the socket lock was relinquished,\nsctp_sendmsg_to_asoc() will return -EAGAIN to let userspace retry the\nsend.\n\nThe bug was found by a private syzbot instance (see the error report [1]\nand the C reproducer that triggers it [2]).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23142",
"url": "https://www.suse.com/security/cve/CVE-2025-23142"
},
{
"category": "external",
"summary": "SUSE Bug 1242760 for CVE-2025-23142",
"url": "https://bugzilla.suse.com/1242760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23142"
},
{
"cve": "CVE-2025-23144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23144"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbacklight: led_bl: Hold led_access lock when calling led_sysfs_disable()\n\nLockdep detects the following issue on led-backlight removal:\n [ 142.315935] ------------[ cut here ]------------\n [ 142.315954] WARNING: CPU: 2 PID: 292 at drivers/leds/led-core.c:455 led_sysfs_enable+0x54/0x80\n ...\n [ 142.500725] Call trace:\n [ 142.503176] led_sysfs_enable+0x54/0x80 (P)\n [ 142.507370] led_bl_remove+0x80/0xa8 [led_bl]\n [ 142.511742] platform_remove+0x30/0x58\n [ 142.515501] device_remove+0x54/0x90\n ...\n\nIndeed, led_sysfs_enable() has to be called with the led_access\nlock held.\n\nHold the lock when calling led_sysfs_disable().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23144",
"url": "https://www.suse.com/security/cve/CVE-2025-23144"
},
{
"category": "external",
"summary": "SUSE Bug 1242568 for CVE-2025-23144",
"url": "https://bugzilla.suse.com/1242568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23144"
},
{
"cve": "CVE-2025-23146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: ene-kb3930: Fix a potential NULL pointer dereference\n\nThe off_gpios could be NULL. Add missing check in the kb3930_probe().\nThis is similar to the issue fixed in commit b1ba8bcb2d1f\n(\"backlight: hx8357: Fix potential NULL pointer dereference\").\n\nThis was detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23146",
"url": "https://www.suse.com/security/cve/CVE-2025-23146"
},
{
"category": "external",
"summary": "SUSE Bug 1242559 for CVE-2025-23146",
"url": "https://bugzilla.suse.com/1242559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23146"
},
{
"cve": "CVE-2025-23147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: Add NULL pointer check in i3c_master_queue_ibi()\n\nThe I3C master driver may receive an IBI from a target device that has not\nbeen probed yet. In such cases, the master calls `i3c_master_queue_ibi()`\nto queue an IBI work task, leading to \"Unable to handle kernel read from\nunreadable memory\" and resulting in a kernel panic.\n\nTypical IBI handling flow:\n1. The I3C master scans target devices and probes their respective drivers.\n2. The target device driver calls `i3c_device_request_ibi()` to enable IBI\n and assigns `dev-\u003eibi = ibi`.\n3. The I3C master receives an IBI from the target device and calls\n `i3c_master_queue_ibi()` to queue the target device driver\u0027s IBI\n handler task.\n\nHowever, since target device events are asynchronous to the I3C probe\nsequence, step 3 may occur before step 2, causing `dev-\u003eibi` to be `NULL`,\nleading to a kernel panic.\n\nAdd a NULL pointer check in `i3c_master_queue_ibi()` to prevent accessing\nan uninitialized `dev-\u003eibi`, ensuring stability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23147",
"url": "https://www.suse.com/security/cve/CVE-2025-23147"
},
{
"category": "external",
"summary": "SUSE Bug 1242530 for CVE-2025-23147",
"url": "https://bugzilla.suse.com/1242530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23147"
},
{
"cve": "CVE-2025-23148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()\n\nsoc_dev_attr-\u003erevision could be NULL, thus,\na pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23148",
"url": "https://www.suse.com/security/cve/CVE-2025-23148"
},
{
"category": "external",
"summary": "SUSE Bug 1242578 for CVE-2025-23148",
"url": "https://bugzilla.suse.com/1242578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23148"
},
{
"cve": "CVE-2025-23149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: do not start chip while suspended\n\nChecking TPM_CHIP_FLAG_SUSPENDED after the call to tpm_find_get_ops() can\nlead to a spurious tpm_chip_start() call:\n\n[35985.503771] i2c i2c-1: Transfer while suspended\n[35985.503796] WARNING: CPU: 0 PID: 74 at drivers/i2c/i2c-core.h:56 __i2c_transfer+0xbe/0x810\n[35985.503802] Modules linked in:\n[35985.503808] CPU: 0 UID: 0 PID: 74 Comm: hwrng Tainted: G W 6.13.0-next-20250203-00005-gfa0cb5642941 #19 9c3d7f78192f2d38e32010ac9c90fdc71109ef6f\n[35985.503814] Tainted: [W]=WARN\n[35985.503817] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[35985.503819] RIP: 0010:__i2c_transfer+0xbe/0x810\n[35985.503825] Code: 30 01 00 00 4c 89 f7 e8 40 fe d8 ff 48 8b 93 80 01 00 00 48 85 d2 75 03 49 8b 16 48 c7 c7 0a fb 7c a7 48 89 c6 e8 32 ad b0 fe \u003c0f\u003e 0b b8 94 ff ff ff e9 33 04 00 00 be 02 00 00 00 83 fd 02 0f 5\n[35985.503828] RSP: 0018:ffffa106c0333d30 EFLAGS: 00010246\n[35985.503833] RAX: 074ba64aa20f7000 RBX: ffff8aa4c1167120 RCX: 0000000000000000\n[35985.503836] RDX: 0000000000000000 RSI: ffffffffa77ab0e4 RDI: 0000000000000001\n[35985.503838] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\n[35985.503841] R10: 0000000000000004 R11: 00000001000313d5 R12: ffff8aa4c10f1820\n[35985.503843] R13: ffff8aa4c0e243c0 R14: ffff8aa4c1167250 R15: ffff8aa4c1167120\n[35985.503846] FS: 0000000000000000(0000) GS:ffff8aa4eae00000(0000) knlGS:0000000000000000\n[35985.503849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[35985.503852] CR2: 00007fab0aaf1000 CR3: 0000000105328000 CR4: 00000000003506f0\n[35985.503855] Call Trace:\n[35985.503859] \u003cTASK\u003e\n[35985.503863] ? __warn+0xd4/0x260\n[35985.503868] ? __i2c_transfer+0xbe/0x810\n[35985.503874] ? report_bug+0xf3/0x210\n[35985.503882] ? handle_bug+0x63/0xb0\n[35985.503887] ? exc_invalid_op+0x16/0x50\n[35985.503892] ? asm_exc_invalid_op+0x16/0x20\n[35985.503904] ? __i2c_transfer+0xbe/0x810\n[35985.503913] tpm_cr50_i2c_transfer_message+0x24/0xf0\n[35985.503920] tpm_cr50_i2c_read+0x8e/0x120\n[35985.503928] tpm_cr50_request_locality+0x75/0x170\n[35985.503935] tpm_chip_start+0x116/0x160\n[35985.503942] tpm_try_get_ops+0x57/0x90\n[35985.503948] tpm_find_get_ops+0x26/0xd0\n[35985.503955] tpm_get_random+0x2d/0x80\n\nDon\u0027t move forward with tpm_chip_start() inside tpm_try_get_ops(), unless\nTPM_CHIP_FLAG_SUSPENDED is not set. tpm_find_get_ops() will return NULL in\nsuch a failure case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23149",
"url": "https://www.suse.com/security/cve/CVE-2025-23149"
},
{
"category": "external",
"summary": "SUSE Bug 1242758 for CVE-2025-23149",
"url": "https://bugzilla.suse.com/1242758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23149"
},
{
"cve": "CVE-2025-23150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off-by-one error in do_split\n\nSyzkaller detected a use-after-free issue in ext4_insert_dentry that was\ncaused by out-of-bounds access due to incorrect splitting in do_split.\n\nBUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nWrite of size 251 at addr ffff888074572f14 by task syz-executor335/5847\n\nCPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\n ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\n add_dirent_to_buf+0x3d9/0x750 fs/ext4/namei.c:2154\n make_indexed_dir+0xf98/0x1600 fs/ext4/namei.c:2351\n ext4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2455\n ext4_add_nondir+0x8d/0x290 fs/ext4/namei.c:2796\n ext4_symlink+0x920/0xb50 fs/ext4/namei.c:3431\n vfs_symlink+0x137/0x2e0 fs/namei.c:4615\n do_symlinkat+0x222/0x3a0 fs/namei.c:4641\n __do_sys_symlink fs/namei.c:4662 [inline]\n __se_sys_symlink fs/namei.c:4660 [inline]\n __x64_sys_symlink+0x7a/0x90 fs/namei.c:4660\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThe following loop is located right above \u0027if\u0027 statement.\n\nfor (i = count-1; i \u003e= 0; i--) {\n\t/* is more than half of this entry in 2nd half of the block? */\n\tif (size + map[i].size/2 \u003e blocksize/2)\n\t\tbreak;\n\tsize += map[i].size;\n\tmove++;\n}\n\n\u0027i\u0027 in this case could go down to -1, in which case sum of active entries\nwouldn\u0027t exceed half the block size, but previous behaviour would also do\nsplit in half if sum would exceed at the very last block, which in case of\nhaving too many long name files in a single block could lead to\nout-of-bounds access and following use-after-free.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23150",
"url": "https://www.suse.com/security/cve/CVE-2025-23150"
},
{
"category": "external",
"summary": "SUSE Bug 1242513 for CVE-2025-23150",
"url": "https://bugzilla.suse.com/1242513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23150"
},
{
"cve": "CVE-2025-23151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Fix race between unprepare and queue_buf\n\nA client driver may use mhi_unprepare_from_transfer() to quiesce\nincoming data during the client driver\u0027s tear down. The client driver\nmight also be processing data at the same time, resulting in a call to\nmhi_queue_buf() which will invoke mhi_gen_tre(). If mhi_gen_tre() runs\nafter mhi_unprepare_from_transfer() has torn down the channel, a panic\nwill occur due to an invalid dereference leading to a page fault.\n\nThis occurs because mhi_gen_tre() does not verify the channel state\nafter locking it. Fix this by having mhi_gen_tre() confirm the channel\nstate is valid, or return error to avoid accessing deinitialized data.\n\n[mani: added stable tag]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23151",
"url": "https://www.suse.com/security/cve/CVE-2025-23151"
},
{
"category": "external",
"summary": "SUSE Bug 1242512 for CVE-2025-23151",
"url": "https://bugzilla.suse.com/1242512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23151"
},
{
"cve": "CVE-2025-23156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: refactor hfi packet parsing logic\n\nwords_count denotes the number of words in total payload, while data\npoints to payload of various property within it. When words_count\nreaches last word, data can access memory beyond the total payload. This\ncan lead to OOB access. With this patch, the utility api for handling\nindividual properties now returns the size of data consumed. Accordingly\nremaining bytes are calculated before parsing the payload, thereby\neliminates the OOB access possibilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23156",
"url": "https://www.suse.com/security/cve/CVE-2025-23156"
},
{
"category": "external",
"summary": "SUSE Bug 1242569 for CVE-2025-23156",
"url": "https://bugzilla.suse.com/1242569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23156"
},
{
"cve": "CVE-2025-23157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: add check to avoid out of bound access\n\nThere is a possibility that init_codecs is invoked multiple times during\nmanipulated payload from video firmware. In such case, if codecs_count\ncan get incremented to value more than MAX_CODEC_NUM, there can be OOB\naccess. Reset the count so that it always starts from beginning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23157",
"url": "https://www.suse.com/security/cve/CVE-2025-23157"
},
{
"category": "external",
"summary": "SUSE Bug 1242532 for CVE-2025-23157",
"url": "https://bugzilla.suse.com/1242532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23157"
},
{
"cve": "CVE-2025-23158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add check to handle incorrect queue size\n\nqsize represents size of shared queued between driver and video\nfirmware. Firmware can modify this value to an invalid large value. In\nsuch situation, empty_space will be bigger than the space actually\navailable. Since new_wr_idx is not checked, so the following code will\nresult in an OOB write.\n...\nqsize = qhdr-\u003eq_size\n\nif (wr_idx \u003e= rd_idx)\n empty_space = qsize - (wr_idx - rd_idx)\n....\nif (new_wr_idx \u003c qsize) {\n memcpy(wr_ptr, packet, dwords \u003c\u003c 2) --\u003e OOB write\n\nAdd check to ensure qsize is within the allocated size while\nreading and writing packets into the queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23158",
"url": "https://www.suse.com/security/cve/CVE-2025-23158"
},
{
"category": "external",
"summary": "SUSE Bug 1242531 for CVE-2025-23158",
"url": "https://bugzilla.suse.com/1242531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23158"
},
{
"cve": "CVE-2025-23159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add a check to handle OOB in sfr region\n\nsfr-\u003ebuf_size is in shared memory and can be modified by malicious user.\nOOB write is possible when the size is made higher than actual sfr data\nbuffer. Cap the size to allocated size for such cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23159",
"url": "https://www.suse.com/security/cve/CVE-2025-23159"
},
{
"category": "external",
"summary": "SUSE Bug 1242529 for CVE-2025-23159",
"url": "https://bugzilla.suse.com/1242529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23159"
},
{
"cve": "CVE-2025-23160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization\n\nOn Mediatek devices with a system companion processor (SCP) the mtk_scp\nstructure has to be removed explicitly to avoid a resource leak.\nFree the structure in case the allocation of the firmware structure fails\nduring the firmware initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23160",
"url": "https://www.suse.com/security/cve/CVE-2025-23160"
},
{
"category": "external",
"summary": "SUSE Bug 1242507 for CVE-2025-23160",
"url": "https://bugzilla.suse.com/1242507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23160"
},
{
"cve": "CVE-2025-23161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type\n\nThe access to the PCI config space via pci_ops::read and pci_ops::write is\na low-level hardware access. The functions can be accessed with disabled\ninterrupts even on PREEMPT_RT. The pci_lock is a raw_spinlock_t for this\npurpose.\n\nA spinlock_t becomes a sleeping lock on PREEMPT_RT, so it cannot be\nacquired with disabled interrupts. The vmd_dev::cfg_lock is accessed in\nthe same context as the pci_lock.\n\nMake vmd_dev::cfg_lock a raw_spinlock_t type so it can be used with\ninterrupts disabled.\n\nThis was reported as:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n Call Trace:\n rt_spin_lock+0x4e/0x130\n vmd_pci_read+0x8d/0x100 [vmd]\n pci_user_read_config_byte+0x6f/0xe0\n pci_read_config+0xfe/0x290\n sysfs_kf_bin_read+0x68/0x90\n\n[bigeasy: reword commit message]\nTested-off-by: Luis Claudio R. Goncalves \u003clgoncalv@redhat.com\u003e\n[kwilczynski: commit log]\n[bhelgaas: add back report info from\nhttps://lore.kernel.org/lkml/20241218115951.83062-1-ryotkkr98@gmail.com/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23161",
"url": "https://www.suse.com/security/cve/CVE-2025-23161"
},
{
"category": "external",
"summary": "SUSE Bug 1242792 for CVE-2025-23161",
"url": "https://bugzilla.suse.com/1242792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-23161"
},
{
"cve": "CVE-2025-37740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add sanity check for agwidth in dbMount\n\nThe width in dmapctl of the AG is zero, it trigger a divide error when\ncalculating the control page level in dbAllocAG.\n\nTo avoid this issue, add a check for agwidth in dbAllocAG.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37740",
"url": "https://www.suse.com/security/cve/CVE-2025-37740"
},
{
"category": "external",
"summary": "SUSE Bug 1243006 for CVE-2025-37740",
"url": "https://bugzilla.suse.com/1243006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37740"
},
{
"cve": "CVE-2025-37741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Prevent copying of nlink with value 0 from disk inode\n\nsyzbot report a deadlock in diFree. [1]\n\nWhen calling \"ioctl$LOOP_SET_STATUS64\", the offset value passed in is 4,\nwhich does not match the mounted loop device, causing the mapping of the\nmounted loop device to be invalidated.\n\nWhen creating the directory and creating the inode of iag in diReadSpecial(),\nread the page of fixed disk inode (AIT) in raw mode in read_metapage(), the\nmetapage data it returns is corrupted, which causes the nlink value of 0 to be\nassigned to the iag inode when executing copy_from_dinode(), which ultimately\ncauses a deadlock when entering diFree().\n\nTo avoid this, first check the nlink value of dinode before setting iag inode.\n\n[1]\nWARNING: possible recursive locking detected\n6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0 Not tainted\n--------------------------------------------\nsyz-executor301/5309 is trying to acquire lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n\nbut task is already holding lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026(imap-\u003eim_aglock[index]));\n lock(\u0026(imap-\u003eim_aglock[index]));\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n5 locks held by syz-executor301/5309:\n #0: ffff8880422a4420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:515\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:850 [inline]\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: filename_create+0x260/0x540 fs/namei.c:4026\n #2: ffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2460 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocAG+0x4b7/0x1e50 fs/jfs/jfs_imap.c:1669\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2477 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocAG+0x869/0x1e50 fs/jfs/jfs_imap.c:1669\n\nstack backtrace:\nCPU: 0 UID: 0 PID: 5309 Comm: syz-executor301 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_deadlock_bug+0x483/0x620 kernel/locking/lockdep.c:3037\n check_deadlock kernel/locking/lockdep.c:3089 [inline]\n validate_chain+0x15e2/0x5920 kernel/locking/lockdep.c:3891\n __lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5202\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825\n __mutex_lock_common kernel/locking/mutex.c:608 [inline]\n __mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752\n diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n jfs_evict_inode+0x32d/0x440 fs/jfs/inode.c:156\n evict+0x4e8/0x9b0 fs/inode.c:725\n diFreeSpecial fs/jfs/jfs_imap.c:552 [inline]\n duplicateIXtree+0x3c6/0x550 fs/jfs/jfs_imap.c:3022\n diNewIAG fs/jfs/jfs_imap.c:2597 [inline]\n diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n diAllocAG+0x17dc/0x1e50 fs/jfs/jfs_imap.c:1669\n diAlloc+0x1d2/0x1630 fs/jfs/jfs_imap.c:1590\n ialloc+0x8f/0x900 fs/jfs/jfs_inode.c:56\n jfs_mkdir+0x1c5/0xba0 fs/jfs/namei.c:225\n vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257\n do_mkdirat+0x264/0x3a0 fs/namei.c:4280\n __do_sys_mkdirat fs/namei.c:4295 [inline]\n __se_sys_mkdirat fs/namei.c:4293 [inline]\n __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293\n do_syscall_x64 arch/x86/en\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37741",
"url": "https://www.suse.com/security/cve/CVE-2025-37741"
},
{
"category": "external",
"summary": "SUSE Bug 1243015 for CVE-2025-37741",
"url": "https://bugzilla.suse.com/1243015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37741"
},
{
"cve": "CVE-2025-37742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix uninit-value access of imap allocated in the diMount() function\n\nsyzbot reports that hex_dump_to_buffer is using uninit-value:\n\n=====================================================\nBUG: KMSAN: uninit-value in hex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nhex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nprint_hex_dump+0x13d/0x3e0 lib/hexdump.c:276\ndiFree+0x5ba/0x4350 fs/jfs/jfs_imap.c:876\njfs_evict_inode+0x510/0x550 fs/jfs/inode.c:156\nevict+0x723/0xd10 fs/inode.c:796\niput_final fs/inode.c:1946 [inline]\niput+0x97b/0xdb0 fs/inode.c:1972\ntxUpdateMap+0xf3e/0x1150 fs/jfs/jfs_txnmgr.c:2367\ntxLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline]\njfs_lazycommit+0x627/0x11d0 fs/jfs/jfs_txnmgr.c:2733\nkthread+0x6b9/0xef0 kernel/kthread.c:464\nret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:148\nret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nUninit was created at:\nslab_post_alloc_hook mm/slub.c:4121 [inline]\nslab_alloc_node mm/slub.c:4164 [inline]\n__kmalloc_cache_noprof+0x8e3/0xdf0 mm/slub.c:4320\nkmalloc_noprof include/linux/slab.h:901 [inline]\ndiMount+0x61/0x7f0 fs/jfs/jfs_imap.c:105\njfs_mount+0xa8e/0x11d0 fs/jfs/jfs_mount.c:176\njfs_fill_super+0xa47/0x17c0 fs/jfs/super.c:523\nget_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636\nget_tree_bdev+0x37/0x50 fs/super.c:1659\njfs_get_tree+0x34/0x40 fs/jfs/super.c:635\nvfs_get_tree+0xb1/0x5a0 fs/super.c:1814\ndo_new_mount+0x71f/0x15e0 fs/namespace.c:3560\npath_mount+0x742/0x1f10 fs/namespace.c:3887\ndo_mount fs/namespace.c:3900 [inline]\n__do_sys_mount fs/namespace.c:4111 [inline]\n__se_sys_mount+0x71f/0x800 fs/namespace.c:4088\n__x64_sys_mount+0xe4/0x150 fs/namespace.c:4088\nx64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\n=====================================================\n\nThe reason is that imap is not properly initialized after memory\nallocation. It will cause the snprintf() function to write uninitialized\ndata into linebuf within hex_dump_to_buffer().\n\nFix this by using kzalloc instead of kmalloc to clear its content at the\nbeginning in diMount().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37742",
"url": "https://www.suse.com/security/cve/CVE-2025-37742"
},
{
"category": "external",
"summary": "SUSE Bug 1243011 for CVE-2025-37742",
"url": "https://bugzilla.suse.com/1243011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37742"
},
{
"cve": "CVE-2025-37743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Avoid memory leak while enabling statistics\n\nDriver uses monitor destination rings for extended statistics mode and\nstandalone monitor mode. In extended statistics mode, TLVs are parsed from\nthe buffer received from the monitor destination ring and assigned to the\nppdu_info structure to update per-packet statistics. In standalone monitor\nmode, along with per-packet statistics, the packet data (payload) is\ncaptured, and the driver updates per MSDU to mac80211.\n\nWhen the AP interface is enabled, only extended statistics mode is\nactivated. As part of enabling monitor rings for collecting statistics,\nthe driver subscribes to HAL_RX_MPDU_START TLV in the filter\nconfiguration. This TLV is received from the monitor destination ring, and\nkzalloc for the mon_mpdu object occurs, which is not freed, leading to a\nmemory leak. The kzalloc for the mon_mpdu object is only required while\nenabling the standalone monitor interface. This causes a memory leak while\nenabling extended statistics mode in the driver.\n\nFix this memory leak by removing the kzalloc for the mon_mpdu object in\nthe HAL_RX_MPDU_START TLV handling. Additionally, remove the standalone\nmonitor mode handlings in the HAL_MON_BUF_ADDR and HAL_RX_MSDU_END TLVs.\nThese TLV tags will be handled properly when enabling standalone monitor\nmode in the future.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37743",
"url": "https://www.suse.com/security/cve/CVE-2025-37743"
},
{
"category": "external",
"summary": "SUSE Bug 1242163 for CVE-2025-37743",
"url": "https://bugzilla.suse.com/1242163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37743"
},
{
"cve": "CVE-2025-37747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37747",
"url": "https://www.suse.com/security/cve/CVE-2025-37747"
},
{
"category": "external",
"summary": "SUSE Bug 1242520 for CVE-2025-37747",
"url": "https://bugzilla.suse.com/1242520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37747"
},
{
"cve": "CVE-2025-37748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37748"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group\n\nCurrently, mtk_iommu calls during probe iommu_device_register before\nthe hw_list from driver data is initialized. Since iommu probing issue\nfix, it leads to NULL pointer dereference in mtk_iommu_device_group when\nhw_list is accessed with list_first_entry (not null safe).\n\nSo, change the call order to ensure iommu_device_register is called\nafter the driver data are initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37748",
"url": "https://www.suse.com/security/cve/CVE-2025-37748"
},
{
"category": "external",
"summary": "SUSE Bug 1242523 for CVE-2025-37748",
"url": "https://bugzilla.suse.com/1242523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37748"
},
{
"cve": "CVE-2025-37749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ppp: Add bound checking for skb data on ppp_sync_txmung\n\nEnsure we have enough data in linear buffer from skb before accessing\ninitial bytes. This prevents potential out-of-bounds accesses\nwhen processing short packets.\n\nWhen ppp_sync_txmung receives an incoming package with an empty\npayload:\n(remote) gef\u27a4 p *(struct pppoe_hdr *) (skb-\u003ehead + skb-\u003enetwork_header)\n$18 = {\n\ttype = 0x1,\n\tver = 0x1,\n\tcode = 0x0,\n\tsid = 0x2,\n length = 0x0,\n\ttag = 0xffff8880371cdb96\n}\n\nfrom the skb struct (trimmed)\n tail = 0x16,\n end = 0x140,\n head = 0xffff88803346f400 \"4\",\n data = 0xffff88803346f416 \":\\377\",\n truesize = 0x380,\n len = 0x0,\n data_len = 0x0,\n mac_len = 0xe,\n hdr_len = 0x0,\n\nit is not safe to access data[2].\n\n[pabeni@redhat.com: fixed subj typo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37749",
"url": "https://www.suse.com/security/cve/CVE-2025-37749"
},
{
"category": "external",
"summary": "SUSE Bug 1242859 for CVE-2025-37749",
"url": "https://bugzilla.suse.com/1242859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37749"
},
{
"cve": "CVE-2025-37750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in decryption with multichannel\n\nAfter commit f7025d861694 (\"smb: client: allocate crypto only for\nprimary server\") and commit b0abcd65ec54 (\"smb: client: fix UAF in\nasync decryption\"), the channels started reusing AEAD TFM from primary\nchannel to perform synchronous decryption, but that can\u0027t done as\nthere could be multiple cifsd threads (one per channel) simultaneously\naccessing it to perform decryption.\n\nThis fixes the following KASAN splat when running fstest generic/249\nwith \u0027vers=3.1.1,multichannel,max_channels=4,seal\u0027 against Windows\nServer 2022:\n\nBUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xba/0x110\nRead of size 8 at addr ffff8881046c18a0 by task cifsd/986\nCPU: 3 UID: 0 PID: 986 Comm: cifsd Not tainted 6.15.0-rc1 #1\nPREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n print_report+0x156/0x528\n ? gf128mul_4k_lle+0xba/0x110\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? gf128mul_4k_lle+0xba/0x110\n kasan_report+0xdf/0x1a0\n ? gf128mul_4k_lle+0xba/0x110\n gf128mul_4k_lle+0xba/0x110\n ghash_update+0x189/0x210\n shash_ahash_update+0x295/0x370\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_extract_iter_to_sg+0x10/0x10\n ? ___kmalloc_large_node+0x10e/0x180\n ? __asan_memset+0x23/0x50\n crypto_ahash_update+0x3c/0xc0\n gcm_hash_assoc_remain_continue+0x93/0xc0\n crypt_message+0xe09/0xec0 [cifs]\n ? __pfx_crypt_message+0x10/0x10 [cifs]\n ? _raw_spin_unlock+0x23/0x40\n ? __pfx_cifs_readv_from_socket+0x10/0x10 [cifs]\n decrypt_raw_data+0x229/0x380 [cifs]\n ? __pfx_decrypt_raw_data+0x10/0x10 [cifs]\n ? __pfx_cifs_read_iter_from_socket+0x10/0x10 [cifs]\n smb3_receive_transform+0x837/0xc80 [cifs]\n ? __pfx_smb3_receive_transform+0x10/0x10 [cifs]\n ? __pfx___might_resched+0x10/0x10\n ? __pfx_smb3_is_transform_hdr+0x10/0x10 [cifs]\n cifs_demultiplex_thread+0x692/0x1570 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n ? rcu_is_watching+0x20/0x50\n ? rcu_lockdep_current_cpu_online+0x62/0xb0\n ? find_held_lock+0x32/0x90\n ? kvm_sched_clock_read+0x11/0x20\n ? local_clock_noinstr+0xd/0xd0\n ? trace_irq_enable.constprop.0+0xa8/0xe0\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0x1fe/0x380\n ? kthread+0x10f/0x380\n ? __pfx_kthread+0x10/0x10\n ? local_clock_noinstr+0xd/0xd0\n ? ret_from_fork+0x1b/0x60\n ? local_clock+0x15/0x30\n ? lock_release+0x29b/0x390\n ? rcu_is_watching+0x20/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37750",
"url": "https://www.suse.com/security/cve/CVE-2025-37750"
},
{
"category": "external",
"summary": "SUSE Bug 1242510 for CVE-2025-37750",
"url": "https://bugzilla.suse.com/1242510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37750"
},
{
"cve": "CVE-2025-37754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/huc: Fix fence not released on early probe errors\n\nHuC delayed loading fence, introduced with commit 27536e03271da\n(\"drm/i915/huc: track delayed HuC load with a fence\"), is registered with\nobject tracker early on driver probe but unregistered only from driver\nremove, which is not called on early probe errors. Since its memory is\nallocated under devres, then released anyway, it may happen to be\nallocated again to the fence and reused on future driver probes, resulting\nin kernel warnings that taint the kernel:\n\n\u003c4\u003e [309.731371] ------------[ cut here ]------------\n\u003c3\u003e [309.731373] ODEBUG: init destroyed (active state 0) object: ffff88813d7dd2e0 object type: i915_sw_fence hint: sw_fence_dummy_notify+0x0/0x20 [i915]\n\u003c4\u003e [309.731575] WARNING: CPU: 2 PID: 3161 at lib/debugobjects.c:612 debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731693] CPU: 2 UID: 0 PID: 3161 Comm: i915_module_loa Tainted: G U 6.14.0-CI_DRM_16362-gf0fd77956987+ #1\n...\n\u003c4\u003e [309.731700] RIP: 0010:debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731728] Call Trace:\n\u003c4\u003e [309.731730] \u003cTASK\u003e\n...\n\u003c4\u003e [309.731949] __debug_object_init+0x17b/0x1c0\n\u003c4\u003e [309.731957] debug_object_init+0x34/0x50\n\u003c4\u003e [309.732126] __i915_sw_fence_init+0x34/0x60 [i915]\n\u003c4\u003e [309.732256] intel_huc_init_early+0x4b/0x1d0 [i915]\n\u003c4\u003e [309.732468] intel_uc_init_early+0x61/0x680 [i915]\n\u003c4\u003e [309.732667] intel_gt_common_init_early+0x105/0x130 [i915]\n\u003c4\u003e [309.732804] intel_root_gt_init_early+0x63/0x80 [i915]\n\u003c4\u003e [309.732938] i915_driver_probe+0x1fa/0xeb0 [i915]\n\u003c4\u003e [309.733075] i915_pci_probe+0xe6/0x220 [i915]\n\u003c4\u003e [309.733198] local_pci_probe+0x44/0xb0\n\u003c4\u003e [309.733203] pci_device_probe+0xf4/0x270\n\u003c4\u003e [309.733209] really_probe+0xee/0x3c0\n\u003c4\u003e [309.733215] __driver_probe_device+0x8c/0x180\n\u003c4\u003e [309.733219] driver_probe_device+0x24/0xd0\n\u003c4\u003e [309.733223] __driver_attach+0x10f/0x220\n\u003c4\u003e [309.733230] bus_for_each_dev+0x7d/0xe0\n\u003c4\u003e [309.733236] driver_attach+0x1e/0x30\n\u003c4\u003e [309.733239] bus_add_driver+0x151/0x290\n\u003c4\u003e [309.733244] driver_register+0x5e/0x130\n\u003c4\u003e [309.733247] __pci_register_driver+0x7d/0x90\n\u003c4\u003e [309.733251] i915_pci_register_driver+0x23/0x30 [i915]\n\u003c4\u003e [309.733413] i915_init+0x34/0x120 [i915]\n\u003c4\u003e [309.733655] do_one_initcall+0x62/0x3f0\n\u003c4\u003e [309.733667] do_init_module+0x97/0x2a0\n\u003c4\u003e [309.733671] load_module+0x25ff/0x2890\n\u003c4\u003e [309.733688] init_module_from_file+0x97/0xe0\n\u003c4\u003e [309.733701] idempotent_init_module+0x118/0x330\n\u003c4\u003e [309.733711] __x64_sys_finit_module+0x77/0x100\n\u003c4\u003e [309.733715] x64_sys_call+0x1f37/0x2650\n\u003c4\u003e [309.733719] do_syscall_64+0x91/0x180\n\u003c4\u003e [309.733763] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\u003c4\u003e [309.733792] \u003c/TASK\u003e\n...\n\u003c4\u003e [309.733806] ---[ end trace 0000000000000000 ]---\n\nThat scenario is most easily reproducible with\nigt@i915_module_load@reload-with-fault-injection.\n\nFix the issue by moving the cleanup step to driver release path.\n\n(cherry picked from commit 795dbde92fe5c6996a02a5b579481de73035e7bf)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37754",
"url": "https://www.suse.com/security/cve/CVE-2025-37754"
},
{
"category": "external",
"summary": "SUSE Bug 1242524 for CVE-2025-37754",
"url": "https://bugzilla.suse.com/1242524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37754"
},
{
"cve": "CVE-2025-37755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37755"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: handle page_pool_dev_alloc_pages error\n\npage_pool_dev_alloc_pages could return NULL. There was a WARN_ON(!page)\nbut it would still proceed to use the NULL pointer and then crash.\n\nThis is similar to commit 001ba0902046\n(\"net: fec: handle page_pool_dev_alloc_pages error\").\n\nThis is found by our static analysis tool KNighter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37755",
"url": "https://www.suse.com/security/cve/CVE-2025-37755"
},
{
"category": "external",
"summary": "SUSE Bug 1242506 for CVE-2025-37755",
"url": "https://bugzilla.suse.com/1242506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37755"
},
{
"cve": "CVE-2025-37758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()\n\ndevm_ioremap() returns NULL on error. Currently, pxa_ata_probe() does\nnot check for this case, which can result in a NULL pointer dereference.\n\nAdd NULL check after devm_ioremap() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37758",
"url": "https://www.suse.com/security/cve/CVE-2025-37758"
},
{
"category": "external",
"summary": "SUSE Bug 1242514 for CVE-2025-37758",
"url": "https://bugzilla.suse.com/1242514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37758"
},
{
"cve": "CVE-2025-37765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: prime: fix ttm_bo_delayed_delete oops\n\nFix an oops in ttm_bo_delayed_delete which results from dererencing a\ndangling pointer:\n\nOops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [#1] PREEMPT SMP\nCPU: 4 UID: 0 PID: 1082 Comm: kworker/u65:2 Not tainted 6.14.0-rc4-00267-g505460b44513-dirty #216\nHardware name: LENOVO 82N6/LNVNB161216, BIOS GKCN65WW 01/16/2024\nWorkqueue: ttm ttm_bo_delayed_delete [ttm]\nRIP: 0010:dma_resv_iter_first_unlocked+0x55/0x290\nCode: 31 f6 48 c7 c7 00 2b fa aa e8 97 bd 52 ff e8 a2 c1 53 00 5a 85 c0 74 48 e9 88 01 00 00 4c 89 63 20 4d 85 e4 0f 84 30 01 00 00 \u003c41\u003e 8b 44 24 10 c6 43 2c 01 48 89 df 89 43 28 e8 97 fd ff ff 4c 8b\nRSP: 0018:ffffbf9383473d60 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: ffffbf9383473d88 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffbf9383473d78 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 6b6b6b6b6b6b6b6b\nR13: ffffa003bbf78580 R14: ffffa003a6728040 R15: 00000000000383cc\nFS: 0000000000000000(0000) GS:ffffa00991c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000758348024dd0 CR3: 000000012c259000 CR4: 0000000000f50ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x26\n ? die_addr+0x3d/0x70\n ? exc_general_protection+0x159/0x460\n ? asm_exc_general_protection+0x27/0x30\n ? dma_resv_iter_first_unlocked+0x55/0x290\n dma_resv_wait_timeout+0x56/0x100\n ttm_bo_delayed_delete+0x69/0xb0 [ttm]\n process_one_work+0x217/0x5c0\n worker_thread+0x1c8/0x3d0\n ? apply_wqattrs_cleanup.part.0+0xc0/0xc0\n kthread+0x10b/0x240\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork+0x40/0x70\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThe cause of this is:\n\n- drm_prime_gem_destroy calls dma_buf_put(dma_buf) which releases the\n reference to the shared dma_buf. The reference count is 0, so the\n dma_buf is destroyed, which in turn decrements the corresponding\n amdgpu_bo reference count to 0, and the amdgpu_bo is destroyed -\n calling drm_gem_object_release then dma_resv_fini (which destroys the\n reservation object), then finally freeing the amdgpu_bo.\n\n- nouveau_bo obj-\u003ebo.base.resv is now a dangling pointer to the memory\n formerly allocated to the amdgpu_bo.\n\n- nouveau_gem_object_del calls ttm_bo_put(\u0026nvbo-\u003ebo) which calls\n ttm_bo_release, which schedules ttm_bo_delayed_delete.\n\n- ttm_bo_delayed_delete runs and dereferences the dangling resv pointer,\n resulting in a general protection fault.\n\nFix this by moving the drm_prime_gem_destroy call from\nnouveau_gem_object_del to nouveau_bo_del_ttm. This ensures that it will\nbe run after ttm_bo_delayed_delete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37765",
"url": "https://www.suse.com/security/cve/CVE-2025-37765"
},
{
"category": "external",
"summary": "SUSE Bug 1242761 for CVE-2025-37765",
"url": "https://bugzilla.suse.com/1242761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37765"
},
{
"cve": "CVE-2025-37766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37766",
"url": "https://www.suse.com/security/cve/CVE-2025-37766"
},
{
"category": "external",
"summary": "SUSE Bug 1242785 for CVE-2025-37766",
"url": "https://bugzilla.suse.com/1242785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37766"
},
{
"cve": "CVE-2025-37767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37767",
"url": "https://www.suse.com/security/cve/CVE-2025-37767"
},
{
"category": "external",
"summary": "SUSE Bug 1242501 for CVE-2025-37767",
"url": "https://bugzilla.suse.com/1242501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37767"
},
{
"cve": "CVE-2025-37768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37768",
"url": "https://www.suse.com/security/cve/CVE-2025-37768"
},
{
"category": "external",
"summary": "SUSE Bug 1242567 for CVE-2025-37768",
"url": "https://bugzilla.suse.com/1242567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37768"
},
{
"cve": "CVE-2025-37769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm/smu11: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n(cherry picked from commit da7dc714a8f8e1c9fc33c57cd63583779a3bef71)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37769",
"url": "https://www.suse.com/security/cve/CVE-2025-37769"
},
{
"category": "external",
"summary": "SUSE Bug 1242587 for CVE-2025-37769",
"url": "https://bugzilla.suse.com/1242587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37769"
},
{
"cve": "CVE-2025-37770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37770",
"url": "https://www.suse.com/security/cve/CVE-2025-37770"
},
{
"category": "external",
"summary": "SUSE Bug 1242764 for CVE-2025-37770",
"url": "https://bugzilla.suse.com/1242764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37770"
},
{
"cve": "CVE-2025-37771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37771",
"url": "https://www.suse.com/security/cve/CVE-2025-37771"
},
{
"category": "external",
"summary": "SUSE Bug 1242781 for CVE-2025-37771",
"url": "https://bugzilla.suse.com/1242781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37771"
},
{
"cve": "CVE-2025-37772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix workqueue crash in cma_netevent_work_handler\n\nstruct rdma_cm_id has member \"struct work_struct net_work\"\nthat is reused for enqueuing cma_netevent_work_handler()s\nonto cma_wq.\n\nBelow crash[1] can occur if more than one call to\ncma_netevent_callback() occurs in quick succession,\nwhich further enqueues cma_netevent_work_handler()s for the\nsame rdma_cm_id, overwriting any previously queued work-item(s)\nthat was just scheduled to run i.e. there is no guarantee\nthe queued work item may run between two successive calls\nto cma_netevent_callback() and the 2nd INIT_WORK would overwrite\nthe 1st work item (for the same rdma_cm_id), despite grabbing\nid_table_lock during enqueue.\n\nAlso drgn analysis [2] indicates the work item was likely overwritten.\n\nFix this by moving the INIT_WORK() to __rdma_create_id(),\nso that it doesn\u0027t race with any existing queue_work() or\nits worker thread.\n\n[1] Trimmed crash stack:\n=============================================\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nkworker/u256:6 ... 6.12.0-0...\nWorkqueue: cma_netevent_work_handler [rdma_cm] (rdma_cm)\nRIP: 0010:process_one_work+0xba/0x31a\nCall Trace:\n worker_thread+0x266/0x3a0\n kthread+0xcf/0x100\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x1a/0x30\n=============================================\n\n[2] drgn crash analysis:\n\n\u003e\u003e\u003e trace = prog.crashed_thread().stack_trace()\n\u003e\u003e\u003e trace\n(0) crash_setup_regs (./arch/x86/include/asm/kexec.h:111:15)\n(1) __crash_kexec (kernel/crash_core.c:122:4)\n(2) panic (kernel/panic.c:399:3)\n(3) oops_end (arch/x86/kernel/dumpstack.c:382:3)\n...\n(8) process_one_work (kernel/workqueue.c:3168:2)\n(9) process_scheduled_works (kernel/workqueue.c:3310:3)\n(10) worker_thread (kernel/workqueue.c:3391:4)\n(11) kthread (kernel/kthread.c:389:9)\n\nLine workqueue.c:3168 for this kernel version is in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n\n\u003e\u003e\u003e trace[8][\"work\"]\n*(struct work_struct *)0xffff92577d0a21d8 = {\n\t.data = (atomic_long_t){\n\t\t.counter = (s64)536870912, \u003c=== Note\n\t},\n\t.entry = (struct list_head){\n\t\t.next = (struct list_head *)0xffff924d075924c0,\n\t\t.prev = (struct list_head *)0xffff924d075924c0,\n\t},\n\t.func = (work_func_t)cma_netevent_work_handler+0x0 = 0xffffffffc2cec280,\n}\n\nSuspicion is that pwq is NULL:\n\u003e\u003e\u003e trace[8][\"pwq\"]\n(struct pool_workqueue *)\u003cabsent\u003e\n\nIn process_one_work(), pwq is assigned from:\nstruct pool_workqueue *pwq = get_work_pwq(work);\n\nand get_work_pwq() is:\nstatic struct pool_workqueue *get_work_pwq(struct work_struct *work)\n{\n \tunsigned long data = atomic_long_read(\u0026work-\u003edata);\n\n \tif (data \u0026 WORK_STRUCT_PWQ)\n \t\treturn work_struct_pwq(data);\n \telse\n \t\treturn NULL;\n}\n\nWORK_STRUCT_PWQ is 0x4:\n\u003e\u003e\u003e print(repr(prog[\u0027WORK_STRUCT_PWQ\u0027]))\nObject(prog, \u0027enum work_flags\u0027, value=4)\n\nBut work-\u003edata is 536870912 which is 0x20000000.\nSo, get_work_pwq() returns NULL and we crash in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n=============================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37772",
"url": "https://www.suse.com/security/cve/CVE-2025-37772"
},
{
"category": "external",
"summary": "SUSE Bug 1242563 for CVE-2025-37772",
"url": "https://bugzilla.suse.com/1242563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37772"
},
{
"cve": "CVE-2025-37773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtiofs: add filesystem context source name check\n\nIn certain scenarios, for example, during fuzz testing, the source\nname may be NULL, which could lead to a kernel panic. Therefore, an\nextra check for the source name should be added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37773",
"url": "https://www.suse.com/security/cve/CVE-2025-37773"
},
{
"category": "external",
"summary": "SUSE Bug 1242502 for CVE-2025-37773",
"url": "https://bugzilla.suse.com/1242502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37773"
},
{
"cve": "CVE-2025-37780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Prevent the use of too small fid\n\nsyzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1]\n\nThe handle_bytes value passed in by the reproducing program is equal to 12.\nIn handle_to_path(), only 12 bytes of memory are allocated for the structure\nfile_handle-\u003ef_handle member, which causes an out-of-bounds access when\naccessing the member parent_block of the structure isofs_fid in isofs,\nbecause accessing parent_block requires at least 16 bytes of f_handle.\nHere, fh_len is used to indirectly confirm that the value of handle_bytes\nis greater than 3 before accessing parent_block.\n\n[1]\nBUG: KASAN: slab-out-of-bounds in isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\nRead of size 4 at addr ffff0000cc030d94 by task syz-executor215/6466\nCPU: 1 UID: 0 PID: 6466 Comm: syz-executor215 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0x198/0x550 mm/kasan/report.c:521\n kasan_report+0xd8/0x138 mm/kasan/report.c:634\n __asan_report_load4_noabort+0x20/0x2c mm/kasan/report_generic.c:380\n isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\n exportfs_decode_fh_raw+0x2dc/0x608 fs/exportfs/expfs.c:523\n do_handle_to_path+0xa0/0x198 fs/fhandle.c:257\n handle_to_path fs/fhandle.c:385 [inline]\n do_handle_open+0x8cc/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nAllocated by task 6466:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x40/0x50 mm/kasan/generic.c:562\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xac/0xc4 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4294 [inline]\n __kmalloc_noprof+0x32c/0x54c mm/slub.c:4306\n kmalloc_noprof include/linux/slab.h:905 [inline]\n handle_to_path fs/fhandle.c:357 [inline]\n do_handle_open+0x5a4/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37780",
"url": "https://www.suse.com/security/cve/CVE-2025-37780"
},
{
"category": "external",
"summary": "SUSE Bug 1242786 for CVE-2025-37780",
"url": "https://bugzilla.suse.com/1242786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37780"
},
{
"cve": "CVE-2025-37781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: cros-ec-tunnel: defer probe if parent EC is not present\n\nWhen i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent\ndevice will not be found, leading to NULL pointer dereference.\n\nThat can also be reproduced by unbinding the controller driver and then\nloading i2c-cros-ec-tunnel module (or binding the device).\n\n[ 271.991245] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 271.998215] #PF: supervisor read access in kernel mode\n[ 272.003351] #PF: error_code(0x0000) - not-present page\n[ 272.008485] PGD 0 P4D 0\n[ 272.011022] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 272.015207] CPU: 0 UID: 0 PID: 3859 Comm: insmod Tainted: G S 6.15.0-rc1-00004-g44722359ed83 #30 PREEMPT(full) 3c7fb39a552e7d949de2ad921a7d6588d3a4fdc5\n[ 272.030312] Tainted: [S]=CPU_OUT_OF_SPEC\n[ 272.034233] Hardware name: HP Berknip/Berknip, BIOS Google_Berknip.13434.356.0 05/17/2021\n[ 272.042400] RIP: 0010:ec_i2c_probe+0x2b/0x1c0 [i2c_cros_ec_tunnel]\n[ 272.048577] Code: 1f 44 00 00 41 57 41 56 41 55 41 54 53 48 83 ec 10 65 48 8b 05 06 a0 6c e7 48 89 44 24 08 4c 8d 7f 10 48 8b 47 50 4c 8b 60 78 \u003c49\u003e 83 7c 24 58 00 0f 84 2f 01 00 00 48 89 fb be 30 06 00 00 4c 9\n[ 272.067317] RSP: 0018:ffffa32082a03940 EFLAGS: 00010282\n[ 272.072541] RAX: ffff969580b6a810 RBX: ffff969580b68c10 RCX: 0000000000000000\n[ 272.079672] RDX: 0000000000000000 RSI: 0000000000000282 RDI: ffff969580b68c00\n[ 272.086804] RBP: 00000000fffffdfb R08: 0000000000000000 R09: 0000000000000000\n[ 272.093936] R10: 0000000000000000 R11: ffffffffc0600000 R12: 0000000000000000\n[ 272.101067] R13: ffffffffa666fbb8 R14: ffffffffc05b5528 R15: ffff969580b68c10\n[ 272.108198] FS: 00007b930906fc40(0000) GS:ffff969603149000(0000) knlGS:0000000000000000\n[ 272.116282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 272.122024] CR2: 0000000000000058 CR3: 000000012631c000 CR4: 00000000003506f0\n[ 272.129155] Call Trace:\n[ 272.131606] \u003cTASK\u003e\n[ 272.133709] ? acpi_dev_pm_attach+0xdd/0x110\n[ 272.137985] platform_probe+0x69/0xa0\n[ 272.141652] really_probe+0x152/0x310\n[ 272.145318] __driver_probe_device+0x77/0x110\n[ 272.149678] driver_probe_device+0x1e/0x190\n[ 272.153864] __driver_attach+0x10b/0x1e0\n[ 272.157790] ? driver_attach+0x20/0x20\n[ 272.161542] bus_for_each_dev+0x107/0x150\n[ 272.165553] bus_add_driver+0x15d/0x270\n[ 272.169392] driver_register+0x65/0x110\n[ 272.173232] ? cleanup_module+0xa80/0xa80 [i2c_cros_ec_tunnel 3a00532f3f4af4a9eade753f86b0f8dd4e4e5698]\n[ 272.182617] do_one_initcall+0x110/0x350\n[ 272.186543] ? security_kernfs_init_security+0x49/0xd0\n[ 272.191682] ? __kernfs_new_node+0x1b9/0x240\n[ 272.195954] ? security_kernfs_init_security+0x49/0xd0\n[ 272.201093] ? __kernfs_new_node+0x1b9/0x240\n[ 272.205365] ? kernfs_link_sibling+0x105/0x130\n[ 272.209810] ? kernfs_next_descendant_post+0x1c/0xa0\n[ 272.214773] ? kernfs_activate+0x57/0x70\n[ 272.218699] ? kernfs_add_one+0x118/0x160\n[ 272.222710] ? __kernfs_create_file+0x71/0xa0\n[ 272.227069] ? sysfs_add_bin_file_mode_ns+0xd6/0x110\n[ 272.232033] ? internal_create_group+0x453/0x4a0\n[ 272.236651] ? __vunmap_range_noflush+0x214/0x2d0\n[ 272.241355] ? __free_frozen_pages+0x1dc/0x420\n[ 272.245799] ? free_vmap_area_noflush+0x10a/0x1c0\n[ 272.250505] ? load_module+0x1509/0x16f0\n[ 272.254431] do_init_module+0x60/0x230\n[ 272.258181] __se_sys_finit_module+0x27a/0x370\n[ 272.262627] do_syscall_64+0x6a/0xf0\n[ 272.266206] ? do_syscall_64+0x76/0xf0\n[ 272.269956] ? irqentry_exit_to_user_mode+0x79/0x90\n[ 272.274836] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n[ 272.279887] RIP: 0033:0x7b9309168d39\n[ 272.283466] Code: 5b 41 5c 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d af 40 0c 00 f7 d8 64 89 01 8\n[ 272.302210] RSP: 002b:00007fff50f1a288 EFLAGS: 00000246 ORIG_RAX: 000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37781",
"url": "https://www.suse.com/security/cve/CVE-2025-37781"
},
{
"category": "external",
"summary": "SUSE Bug 1242575 for CVE-2025-37781",
"url": "https://bugzilla.suse.com/1242575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37781"
},
{
"cve": "CVE-2025-37782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37782"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37782",
"url": "https://www.suse.com/security/cve/CVE-2025-37782"
},
{
"category": "external",
"summary": "SUSE Bug 1242770 for CVE-2025-37782",
"url": "https://bugzilla.suse.com/1242770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37782"
},
{
"cve": "CVE-2025-37787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered\n\nRussell King reports that a system with mv88e6xxx dereferences a NULL\npointer when unbinding this driver:\nhttps://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/\n\nThe crash seems to be in devlink_region_destroy(), which is not NULL\ntolerant but is given a NULL devlink global region pointer.\n\nAt least on some chips, some devlink regions are conditionally registered\nsince the blamed commit, see mv88e6xxx_setup_devlink_regions_global():\n\n\t\tif (cond \u0026\u0026 !cond(chip))\n\t\t\tcontinue;\n\nThese are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip\ndoes not have an STU or PVT, it should crash like this.\n\nTo fix the issue, avoid unregistering those regions which are NULL, i.e.\nwere skipped at mv88e6xxx_setup_devlink_regions_global() time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37787",
"url": "https://www.suse.com/security/cve/CVE-2025-37787"
},
{
"category": "external",
"summary": "SUSE Bug 1242585 for CVE-2025-37787",
"url": "https://bugzilla.suse.com/1242585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37787"
},
{
"cve": "CVE-2025-37788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path\n\nIn the for loop used to allocate the loc_array and bmap for each port, a\nmemory leak is possible when the allocation for loc_array succeeds,\nbut the allocation for bmap fails. This is because when the control flow\ngoes to the label free_eth_finfo, only the allocations starting from\n(i-1)th iteration are freed.\n\nFix that by freeing the loc_array in the bmap allocation error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37788",
"url": "https://www.suse.com/security/cve/CVE-2025-37788"
},
{
"category": "external",
"summary": "SUSE Bug 1242766 for CVE-2025-37788",
"url": "https://bugzilla.suse.com/1242766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37788"
},
{
"cve": "CVE-2025-37789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix nested key length validation in the set() action\n\nIt\u0027s not safe to access nla_len(ovs_key) if the data is smaller than\nthe netlink header. Check that the attribute is OK first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37789",
"url": "https://www.suse.com/security/cve/CVE-2025-37789"
},
{
"category": "external",
"summary": "SUSE Bug 1242762 for CVE-2025-37789",
"url": "https://bugzilla.suse.com/1242762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37789"
},
{
"cve": "CVE-2025-37790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Set SOCK_RCU_FREE\n\nBind lookup runs under RCU, so ensure that a socket doesn\u0027t go away in\nthe middle of a lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37790",
"url": "https://www.suse.com/security/cve/CVE-2025-37790"
},
{
"category": "external",
"summary": "SUSE Bug 1242509 for CVE-2025-37790",
"url": "https://bugzilla.suse.com/1242509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37790"
},
{
"cve": "CVE-2025-37792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: Prevent potential NULL dereference\n\nThe btrtl_initialize() function checks that rtl_load_file() either\nhad an error or it loaded a zero length file. However, if it loaded\na zero length file then the error code is not set correctly. It\nresults in an error pointer vs NULL bug, followed by a NULL pointer\ndereference. This was detected by Smatch:\n\ndrivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to \u0027ERR_PTR\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37792",
"url": "https://www.suse.com/security/cve/CVE-2025-37792"
},
{
"category": "external",
"summary": "SUSE Bug 1242591 for CVE-2025-37792",
"url": "https://bugzilla.suse.com/1242591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37792"
},
{
"cve": "CVE-2025-37793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\navs_component_probe() does not check for this case, which results in a\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37793",
"url": "https://www.suse.com/security/cve/CVE-2025-37793"
},
{
"category": "external",
"summary": "SUSE Bug 1242584 for CVE-2025-37793",
"url": "https://bugzilla.suse.com/1242584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37793"
},
{
"cve": "CVE-2025-37794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Purge vif txq in ieee80211_do_stop()\n\nAfter ieee80211_do_stop() SKB from vif\u0027s txq could still be processed.\nIndeed another concurrent vif schedule_and_wake_txq call could cause\nthose packets to be dequeued (see ieee80211_handle_wake_tx_queue())\nwithout checking the sdata current state.\n\nBecause vif.drv_priv is now cleared in this function, this could lead to\ndriver crash.\n\nFor example in ath12k, ahvif is store in vif.drv_priv. Thus if\nath12k_mac_op_tx() is called after ieee80211_do_stop(), ahvif-\u003eah can be\nNULL, leading the ath12k_warn(ahvif-\u003eah,...) call in this function to\ntrigger the NULL deref below.\n\n Unable to handle kernel paging request at virtual address dfffffc000000001\n KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n batman_adv: bat0: Interface deactivated: brbh1337\n Mem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n [dfffffc000000001] address between user and kernel address ranges\n Internal error: Oops: 0000000096000004 [#1] SMP\n CPU: 1 UID: 0 PID: 978 Comm: lbd Not tainted 6.13.0-g633f875b8f1e #114\n Hardware name: HW (DT)\n pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k]\n lr : ath12k_mac_op_tx+0x174/0x29b8 [ath12k]\n sp : ffffffc086ace450\n x29: ffffffc086ace450 x28: 0000000000000000 x27: 1ffffff810d59ca4\n x26: ffffff801d05f7c0 x25: 0000000000000000 x24: 000000004000001e\n x23: ffffff8009ce4926 x22: ffffff801f9c0800 x21: ffffff801d05f7f0\n x20: ffffff8034a19f40 x19: 0000000000000000 x18: ffffff801f9c0958\n x17: ffffff800bc0a504 x16: dfffffc000000000 x15: ffffffc086ace4f8\n x14: ffffff801d05f83c x13: 0000000000000000 x12: ffffffb003a0bf03\n x11: 0000000000000000 x10: ffffffb003a0bf02 x9 : ffffff8034a19f40\n x8 : ffffff801d05f818 x7 : 1ffffff0069433dc x6 : ffffff8034a19ee0\n x5 : ffffff801d05f7f0 x4 : 0000000000000000 x3 : 0000000000000001\n x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000008\n Call trace:\n ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k] (P)\n ieee80211_handle_wake_tx_queue+0x16c/0x260\n ieee80211_queue_skb+0xeec/0x1d20\n ieee80211_tx+0x200/0x2c8\n ieee80211_xmit+0x22c/0x338\n __ieee80211_subif_start_xmit+0x7e8/0xc60\n ieee80211_subif_start_xmit+0xc4/0xee0\n __ieee80211_subif_start_xmit_8023.isra.0+0x854/0x17a0\n ieee80211_subif_start_xmit_8023+0x124/0x488\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n br_dev_queue_push_xmit+0x120/0x4a8\n __br_forward+0xe4/0x2b0\n deliver_clone+0x5c/0xd0\n br_flood+0x398/0x580\n br_dev_xmit+0x454/0x9f8\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n ip6_finish_output2+0xc28/0x1b60\n __ip6_finish_output+0x38c/0x638\n ip6_output+0x1b4/0x338\n ip6_local_out+0x7c/0xa8\n ip6_send_skb+0x7c/0x1b0\n ip6_push_pending_frames+0x94/0xd0\n rawv6_sendmsg+0x1a98/0x2898\n inet_sendmsg+0x94/0xe0\n __sys_sendto+0x1e4/0x308\n __arm64_sys_sendto+0xc4/0x140\n do_el0_svc+0x110/0x280\n el0_svc+0x20/0x60\n el0t_64_sync_handler+0x104/0x138\n el0t_64_sync+0x154/0x158\n\nTo avoid that, empty vif\u0027s txq at ieee80211_do_stop() so no packet could\nbe dequeued after ieee80211_do_stop() (new packets cannot be queued\nbecause SDATA_STATE_RUNNING is cleared at this point).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37794",
"url": "https://www.suse.com/security/cve/CVE-2025-37794"
},
{
"category": "external",
"summary": "SUSE Bug 1242566 for CVE-2025-37794",
"url": "https://bugzilla.suse.com/1242566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37794"
},
{
"cve": "CVE-2025-37796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: at76c50x: fix use after free access in at76_disconnect\n\nThe memory pointed to by priv is freed at the end of at76_delete_device\nfunction (using ieee80211_free_hw). But the code then accesses the udev\nfield of the freed object to put the USB device. This may also lead to a\nmemory leak of the usb device. Fix this by using udev from interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37796",
"url": "https://www.suse.com/security/cve/CVE-2025-37796"
},
{
"category": "external",
"summary": "SUSE Bug 1242727 for CVE-2025-37796",
"url": "https://bugzilla.suse.com/1242727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37796"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix potential NULL pointer dereference in dev_uevent()\n\nIf userspace reads \"uevent\" device attribute at the same time as another\nthreads unbinds the device from its driver, change to dev-\u003edriver from a\nvalid pointer to NULL may result in crash. Fix this by using READ_ONCE()\nwhen fetching the pointer, and take bus\u0027 drivers klist lock to make sure\ndriver instance will not disappear while we access it.\n\nUse WRITE_ONCE() when setting the driver pointer to ensure there is no\ntearing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37800",
"url": "https://www.suse.com/security/cve/CVE-2025-37800"
},
{
"category": "external",
"summary": "SUSE Bug 1242849 for CVE-2025-37800",
"url": "https://bugzilla.suse.com/1242849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37800"
},
{
"cve": "CVE-2025-37803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudmabuf: fix a buf size overflow issue during udmabuf creation\n\nby casting size_limit_mb to u64 when calculate pglimit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37803",
"url": "https://www.suse.com/security/cve/CVE-2025-37803"
},
{
"category": "external",
"summary": "SUSE Bug 1242852 for CVE-2025-37803",
"url": "https://bugzilla.suse.com/1242852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37803"
},
{
"cve": "CVE-2025-37804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37804"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37804",
"url": "https://www.suse.com/security/cve/CVE-2025-37804"
},
{
"category": "external",
"summary": "SUSE Bug 1242854 for CVE-2025-37804",
"url": "https://bugzilla.suse.com/1242854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37804"
},
{
"cve": "CVE-2025-37805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsound/virtio: Fix cancel_sync warnings on uninitialized work_structs\n\nBetty reported hitting the following warning:\n\n[ 8.709131][ T221] WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182\n...\n[ 8.713282][ T221] Call trace:\n[ 8.713365][ T221] __flush_work+0x8d0/0x914\n[ 8.713468][ T221] __cancel_work_sync+0xac/0xfc\n[ 8.713570][ T221] cancel_work_sync+0x24/0x34\n[ 8.713667][ T221] virtsnd_remove+0xa8/0xf8 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.713868][ T221] virtsnd_probe+0x48c/0x664 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.714035][ T221] virtio_dev_probe+0x28c/0x390\n[ 8.714139][ T221] really_probe+0x1bc/0x4c8\n...\n\nIt seems we\u0027re hitting the error path in virtsnd_probe(), which\ntriggers a virtsnd_remove() which iterates over the substreams\ncalling cancel_work_sync() on the elapsed_period work_struct.\n\nLooking at the code, from earlier in:\nvirtsnd_probe()-\u003evirtsnd_build_devs()-\u003evirtsnd_pcm_parse_cfg()\n\nWe set snd-\u003ensubstreams, allocate the snd-\u003esubstreams, and if\nwe then hit an error on the info allocation or something in\nvirtsnd_ctl_query_info() fails, we will exit without having\ninitialized the elapsed_period work_struct.\n\nWhen that error path unwinds we then call virtsnd_remove()\nwhich as long as the substreams array is allocated, will iterate\nthrough calling cancel_work_sync() on the uninitialized work\nstruct hitting this warning.\n\nTakashi Iwai suggested this fix, which initializes the substreams\nstructure right after allocation, so that if we hit the error\npaths we avoid trying to cleanup uninitialized data.\n\nNote: I have not yet managed to reproduce the issue myself, so\nthis patch has had limited testing.\n\nFeedback or thoughts would be appreciated!",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37805",
"url": "https://www.suse.com/security/cve/CVE-2025-37805"
},
{
"category": "external",
"summary": "SUSE Bug 1242930 for CVE-2025-37805",
"url": "https://bugzilla.suse.com/1242930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37805"
},
{
"cve": "CVE-2025-37809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Fix NULL pointer access\n\nConcurrent calls to typec_partner_unlink_device can lead to a NULL pointer\ndereference. This patch adds a mutex to protect USB device pointers and\nprevent this issue. The same mutex protects both the device pointers and\nthe partner device registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37809",
"url": "https://www.suse.com/security/cve/CVE-2025-37809"
},
{
"category": "external",
"summary": "SUSE Bug 1242856 for CVE-2025-37809",
"url": "https://bugzilla.suse.com/1242856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37809"
},
{
"cve": "CVE-2025-37810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: check that event count does not exceed event buffer length\n\nThe event count is read from register DWC3_GEVNTCOUNT.\nThere is a check for the count being zero, but not for exceeding the\nevent buffer length.\nCheck that event count does not exceed event buffer length,\navoiding an out-of-bounds access when memcpy\u0027ing the event.\nCrash log:\nUnable to handle kernel paging request at virtual address ffffffc0129be000\npc : __memcpy+0x114/0x180\nlr : dwc3_check_event_buf+0xec/0x348\nx3 : 0000000000000030 x2 : 000000000000dfc4\nx1 : ffffffc0129be000 x0 : ffffff87aad60080\nCall trace:\n__memcpy+0x114/0x180\ndwc3_interrupt+0x24/0x34",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37810",
"url": "https://www.suse.com/security/cve/CVE-2025-37810"
},
{
"category": "external",
"summary": "SUSE Bug 1242906 for CVE-2025-37810",
"url": "https://bugzilla.suse.com/1242906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37810"
},
{
"cve": "CVE-2025-37812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: Fix deadlock when using NCM gadget\n\nThe cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit\n58f2fcb3a845 (\"usb: cdnsp: Fix deadlock issue during using NCM gadget\").\n\nUnder PREEMPT_RT the deadlock can be readily triggered by heavy network\ntraffic, for example using \"iperf --bidir\" over NCM ethernet link.\n\nThe deadlock occurs because the threaded interrupt handler gets\npreempted by a softirq, but both are protected by the same spinlock.\nPrevent deadlock by disabling softirq during threaded irq handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37812",
"url": "https://www.suse.com/security/cve/CVE-2025-37812"
},
{
"category": "external",
"summary": "SUSE Bug 1242908 for CVE-2025-37812",
"url": "https://bugzilla.suse.com/1242908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37812"
},
{
"cve": "CVE-2025-37815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration\n\nResolve kernel panic while accessing IRQ handler associated with the\ngenerated IRQ. This is done by acquiring the spinlock and storing the\ncurrent interrupt state before handling the interrupt request using\ngeneric_handle_irq.\n\nA previous fix patch was submitted where \u0027generic_handle_irq\u0027 was\nreplaced with \u0027handle_nested_irq\u0027. However, this change also causes\nthe kernel panic where after determining which GPIO triggered the\ninterrupt and attempting to call handle_nested_irq with the mapped\nIRQ number, leads to a failure in locating the registered handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37815",
"url": "https://www.suse.com/security/cve/CVE-2025-37815"
},
{
"category": "external",
"summary": "SUSE Bug 1242871 for CVE-2025-37815",
"url": "https://bugzilla.suse.com/1242871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37815"
},
{
"cve": "CVE-2025-37819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()\n\nWith ACPI in place, gicv2m_get_fwnode() is registered with the pci\nsubsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime\nduring a PCI host bridge probe. But, the call back is wrongly marked as\n__init, causing it to be freed, while being registered with the PCI\nsubsystem and could trigger:\n\n Unable to handle kernel paging request at virtual address ffff8000816c0400\n gicv2m_get_fwnode+0x0/0x58 (P)\n pci_set_bus_msi_domain+0x74/0x88\n pci_register_host_bridge+0x194/0x548\n\nThis is easily reproducible on a Juno board with ACPI boot.\n\nRetain the function for later use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37819",
"url": "https://www.suse.com/security/cve/CVE-2025-37819"
},
{
"category": "external",
"summary": "SUSE Bug 1242873 for CVE-2025-37819",
"url": "https://bugzilla.suse.com/1242873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37819"
},
{
"cve": "CVE-2025-37820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen-netfront: handle NULL returned by xdp_convert_buff_to_frame()\n\nThe function xdp_convert_buff_to_frame() may return NULL if it fails\nto correctly convert the XDP buffer into an XDP frame due to memory\nconstraints, internal errors, or invalid data. Failing to check for NULL\nmay lead to a NULL pointer dereference if the result is used later in\nprocessing, potentially causing crashes, data corruption, or undefined\nbehavior.\n\nOn XDP redirect failure, the associated page must be released explicitly\nif it was previously retained via get_page(). Failing to do so may result\nin a memory leak, as the pages reference count is not decremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37820",
"url": "https://www.suse.com/security/cve/CVE-2025-37820"
},
{
"category": "external",
"summary": "SUSE Bug 1242866 for CVE-2025-37820",
"url": "https://bugzilla.suse.com/1242866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37820"
},
{
"cve": "CVE-2025-37823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don\u0027t have a reliable reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37823",
"url": "https://www.suse.com/security/cve/CVE-2025-37823"
},
{
"category": "external",
"summary": "SUSE Bug 1242924 for CVE-2025-37823",
"url": "https://bugzilla.suse.com/1242924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37823"
},
{
"cve": "CVE-2025-37824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix NULL pointer dereference in tipc_mon_reinit_self()\n\nsyzbot reported:\n\ntipc: Node number set to 1055423674\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 3 UID: 0 PID: 6017 Comm: kworker/3:5 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: events tipc_net_finalize_work\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tipc_net_finalize+0x10b/0x180 net/tipc/net.c:140\n process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238\n process_scheduled_works kernel/workqueue.c:3319 [inline]\n worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400\n kthread+0x3c2/0x780 kernel/kthread.c:464\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n...\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\nThere is a racing condition between workqueue created when enabling\nbearer and another thread created when disabling bearer right after\nthat as follow:\n\nenabling_bearer | disabling_bearer\n--------------- | ----------------\ntipc_disc_timeout() |\n{ | bearer_disable()\n ... | {\n schedule_work(\u0026tn-\u003ework); | tipc_mon_delete()\n ... | {\n} | ...\n | write_lock_bh(\u0026mon-\u003elock);\n | mon-\u003eself = NULL;\n | write_unlock_bh(\u0026mon-\u003elock);\n | ...\n | }\ntipc_net_finalize_work() | }\n{ |\n ... |\n tipc_net_finalize() |\n { |\n ... |\n tipc_mon_reinit_self() |\n { |\n ... |\n write_lock_bh(\u0026mon-\u003elock); |\n mon-\u003eself-\u003eaddr = tipc_own_addr(net); |\n write_unlock_bh(\u0026mon-\u003elock); |\n ... \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37824",
"url": "https://www.suse.com/security/cve/CVE-2025-37824"
},
{
"category": "external",
"summary": "SUSE Bug 1242867 for CVE-2025-37824",
"url": "https://bugzilla.suse.com/1242867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37824"
},
{
"cve": "CVE-2025-37829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scpi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37829",
"url": "https://www.suse.com/security/cve/CVE-2025-37829"
},
{
"category": "external",
"summary": "SUSE Bug 1242875 for CVE-2025-37829",
"url": "https://bugzilla.suse.com/1242875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37829"
},
{
"cve": "CVE-2025-37830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scmi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.\n\nAdd NULL check after cpufreq_cpu_get_raw() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37830",
"url": "https://www.suse.com/security/cve/CVE-2025-37830"
},
{
"category": "external",
"summary": "SUSE Bug 1242860 for CVE-2025-37830",
"url": "https://bugzilla.suse.com/1242860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37830"
},
{
"cve": "CVE-2025-37831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. apple_soc_cpufreq_get_rate() does not check\nfor this case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37831",
"url": "https://www.suse.com/security/cve/CVE-2025-37831"
},
{
"category": "external",
"summary": "SUSE Bug 1242861 for CVE-2025-37831",
"url": "https://bugzilla.suse.com/1242861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37831"
},
{
"cve": "CVE-2025-37833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads\n\nFix niu_try_msix() to not cause a fatal trap on sparc systems.\n\nSet PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to\nwork around a bug in the hardware or firmware.\n\nFor each vector entry in the msix table, niu chips will cause a fatal\ntrap if any registers in that entry are read before that entries\u0027\nENTRY_DATA register is written to. Testing indicates writes to other\nregisters are not sufficient to prevent the fatal trap, however the value\ndoes not appear to matter. This only needs to happen once after power up,\nso simply rebooting into a kernel lacking this fix will NOT cause the\ntrap.\n\nNON-RESUMABLE ERROR: Reporting on cpu 64\nNON-RESUMABLE ERROR: TPC [0x00000000005f6900] \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\nNON-RESUMABLE ERROR: RAW [4010000000000016:00000e37f93e32ff:0000000202000080:ffffffffffffffff\nNON-RESUMABLE ERROR: 0000000800000000:0000000000000000:0000000000000000:0000000000000000]\nNON-RESUMABLE ERROR: handle [0x4010000000000016] stick [0x00000e37f93e32ff]\nNON-RESUMABLE ERROR: type [precise nonresumable]\nNON-RESUMABLE ERROR: attrs [0x02000080] \u003c ASI sp-faulted priv \u003e\nNON-RESUMABLE ERROR: raddr [0xffffffffffffffff]\nNON-RESUMABLE ERROR: insn effective address [0x000000c50020000c]\nNON-RESUMABLE ERROR: size [0x8]\nNON-RESUMABLE ERROR: asi [0x00]\nCPU: 64 UID: 0 PID: 745 Comm: kworker/64:1 Not tainted 6.11.5 #63\nWorkqueue: events work_for_cpu_fn\nTSTATE: 0000000011001602 TPC: 00000000005f6900 TNPC: 00000000005f6904 Y: 00000000 Not tainted\nTPC: \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\ng0: 00000000000002e9 g1: 000000000000000c g2: 000000c50020000c g3: 0000000000000100\ng4: ffff8000470307c0 g5: ffff800fec5be000 g6: ffff800047a08000 g7: 0000000000000000\no0: ffff800014feb000 o1: ffff800047a0b620 o2: 0000000000000011 o3: ffff800047a0b620\no4: 0000000000000080 o5: 0000000000000011 sp: ffff800047a0ad51 ret_pc: 00000000005f7128\nRPC: \u003c__pci_enable_msix_range+0x3cc/0x460\u003e\nl0: 000000000000000d l1: 000000000000c01f l2: ffff800014feb0a8 l3: 0000000000000020\nl4: 000000000000c000 l5: 0000000000000001 l6: 0000000020000000 l7: ffff800047a0b734\ni0: ffff800014feb000 i1: ffff800047a0b730 i2: 0000000000000001 i3: 000000000000000d\ni4: 0000000000000000 i5: 0000000000000000 i6: ffff800047a0ae81 i7: 00000000101888b0\nI7: \u003cniu_try_msix.constprop.0+0xc0/0x130 [niu]\u003e\nCall Trace:\n[\u003c00000000101888b0\u003e] niu_try_msix.constprop.0+0xc0/0x130 [niu]\n[\u003c000000001018f840\u003e] niu_get_invariants+0x183c/0x207c [niu]\n[\u003c00000000101902fc\u003e] niu_pci_init_one+0x27c/0x2fc [niu]\n[\u003c00000000005ef3e4\u003e] local_pci_probe+0x28/0x74\n[\u003c0000000000469240\u003e] work_for_cpu_fn+0x8/0x1c\n[\u003c000000000046b008\u003e] process_scheduled_works+0x144/0x210\n[\u003c000000000046b518\u003e] worker_thread+0x13c/0x1c0\n[\u003c00000000004710e0\u003e] kthread+0xb8/0xc8\n[\u003c00000000004060c8\u003e] ret_from_fork+0x1c/0x2c\n[\u003c0000000000000000\u003e] 0x0\nKernel panic - not syncing: Non-resumable error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37833",
"url": "https://www.suse.com/security/cve/CVE-2025-37833"
},
{
"category": "external",
"summary": "SUSE Bug 1242868 for CVE-2025-37833",
"url": "https://bugzilla.suse.com/1242868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37833"
},
{
"cve": "CVE-2025-37836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix reference leak in pci_register_host_bridge()\n\nIf device_register() fails, call put_device() to give up the reference to\navoid a memory leak, per the comment at device_register().\n\nFound by code review.\n\n[bhelgaas: squash Dan Carpenter\u0027s double free fix from\nhttps://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37836",
"url": "https://www.suse.com/security/cve/CVE-2025-37836"
},
{
"category": "external",
"summary": "SUSE Bug 1242957 for CVE-2025-37836",
"url": "https://bugzilla.suse.com/1242957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37836"
},
{
"cve": "CVE-2025-37839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb-\u003es_sequence check\n\nJournal emptiness is not determined by sb-\u003es_sequence == 0 but rather by\nsb-\u003es_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37839",
"url": "https://www.suse.com/security/cve/CVE-2025-37839"
},
{
"category": "external",
"summary": "SUSE Bug 1242990 for CVE-2025-37839",
"url": "https://bugzilla.suse.com/1242990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37839"
},
{
"cve": "CVE-2025-37840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: fix PM resume warning\n\nFixed warning on PM resume as shown below caused due to uninitialized\nstruct nand_operation that checks chip select field :\nWARN_ON(op-\u003ecs \u003e= nanddev_ntargets(\u0026chip-\u003ebase)\n\n[ 14.588522] ------------[ cut here ]------------\n[ 14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8\n[ 14.588553] Modules linked in: bdc udc_core\n[ 14.588579] CPU: 0 UID: 0 PID: 1392 Comm: rtcwake Tainted: G W 6.14.0-rc4-g5394eea10651 #16\n[ 14.588590] Tainted: [W]=WARN\n[ 14.588593] Hardware name: Broadcom STB (Flattened Device Tree)\n[ 14.588598] Call trace:\n[ 14.588604] dump_backtrace from show_stack+0x18/0x1c\n[ 14.588622] r7:00000009 r6:0000008b r5:60000153 r4:c0fa558c\n[ 14.588625] show_stack from dump_stack_lvl+0x70/0x7c\n[ 14.588639] dump_stack_lvl from dump_stack+0x18/0x1c\n[ 14.588653] r5:c08d40b0 r4:c1003cb0\n[ 14.588656] dump_stack from __warn+0x84/0xe4\n[ 14.588668] __warn from warn_slowpath_fmt+0x18c/0x194\n[ 14.588678] r7:c08d40b0 r6:c1003cb0 r5:00000000 r4:00000000\n[ 14.588681] warn_slowpath_fmt from nand_reset_op+0x1e0/0x1f8\n[ 14.588695] r8:70c40dff r7:89705f41 r6:36b4a597 r5:c26c9444 r4:c26b0048\n[ 14.588697] nand_reset_op from brcmnand_resume+0x13c/0x150\n[ 14.588714] r9:00000000 r8:00000000 r7:c24f8010 r6:c228a3f8 r5:c26c94bc r4:c26b0040\n[ 14.588717] brcmnand_resume from platform_pm_resume+0x34/0x54\n[ 14.588735] r5:00000010 r4:c0840a50\n[ 14.588738] platform_pm_resume from dpm_run_callback+0x5c/0x14c\n[ 14.588757] dpm_run_callback from device_resume+0xc0/0x324\n[ 14.588776] r9:c24f8054 r8:c24f80a0 r7:00000000 r6:00000000 r5:00000010 r4:c24f8010\n[ 14.588779] device_resume from dpm_resume+0x130/0x160\n[ 14.588799] r9:c22539e4 r8:00000010 r7:c22bebb0 r6:c24f8010 r5:c22539dc r4:c22539b0\n[ 14.588802] dpm_resume from dpm_resume_end+0x14/0x20\n[ 14.588822] r10:c2204e40 r9:00000000 r8:c228a3fc r7:00000000 r6:00000003 r5:c228a414\n[ 14.588826] r4:00000010\n[ 14.588828] dpm_resume_end from suspend_devices_and_enter+0x274/0x6f8\n[ 14.588848] r5:c228a414 r4:00000000\n[ 14.588851] suspend_devices_and_enter from pm_suspend+0x228/0x2bc\n[ 14.588868] r10:c3502910 r9:c3501f40 r8:00000004 r7:c228a438 r6:c0f95e18 r5:00000000\n[ 14.588871] r4:00000003\n[ 14.588874] pm_suspend from state_store+0x74/0xd0\n[ 14.588889] r7:c228a438 r6:c0f934c8 r5:00000003 r4:00000003\n[ 14.588892] state_store from kobj_attr_store+0x1c/0x28\n[ 14.588913] r9:00000000 r8:00000000 r7:f09f9f08 r6:00000004 r5:c3502900 r4:c0283250\n[ 14.588916] kobj_attr_store from sysfs_kf_write+0x40/0x4c\n[ 14.588936] r5:c3502900 r4:c0d92a48\n[ 14.588939] sysfs_kf_write from kernfs_fop_write_iter+0x104/0x1f0\n[ 14.588956] r5:c3502900 r4:c3501f40\n[ 14.588960] kernfs_fop_write_iter from vfs_write+0x250/0x420\n[ 14.588980] r10:c0e14b48 r9:00000000 r8:c25f5780 r7:00443398 r6:f09f9f68 r5:c34f7f00\n[ 14.588983] r4:c042a88c\n[ 14.588987] vfs_write from ksys_write+0x74/0xe4\n[ 14.589005] r10:00000004 r9:c25f5780 r8:c02002fA0 r7:00000000 r6:00000000 r5:c34f7f00\n[ 14.589008] r4:c34f7f00\n[ 14.589011] ksys_write from sys_write+0x10/0x14\n[ 14.589029] r7:00000004 r6:004421c0 r5:00443398 r4:00000004\n[ 14.589032] sys_write from ret_fast_syscall+0x0/0x5c\n[ 14.589044] Exception stack(0xf09f9fa8 to 0xf09f9ff0)\n[ 14.589050] 9fa0: 00000004 00443398 00000004 00443398 00000004 00000001\n[ 14.589056] 9fc0: 00000004 00443398 004421c0 00000004 b6ecbd58 00000008 bebfbc38 0043eb78\n[ 14.589062] 9fe0: 00440eb0 bebfbaf8 b6de18a0 b6e579e8\n[ 14.589065] ---[ end trace 0000000000000000 ]---\n\nThe fix uses the higher level nand_reset(chip, chipnr); where chipnr = 0, when\ndoing PM resume operation in compliance with the controller support for single\ndie nand chip. Switching from nand_reset_op() to nan\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37840",
"url": "https://www.suse.com/security/cve/CVE-2025-37840"
},
{
"category": "external",
"summary": "SUSE Bug 1242953 for CVE-2025-37840",
"url": "https://bugzilla.suse.com/1242953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37840"
},
{
"cve": "CVE-2025-37841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npm: cpupower: bench: Prevent NULL dereference on malloc failure\n\nIf malloc returns NULL due to low memory, \u0027config\u0027 pointer can be NULL.\nAdd a check to prevent NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37841",
"url": "https://www.suse.com/security/cve/CVE-2025-37841"
},
{
"category": "external",
"summary": "SUSE Bug 1242974 for CVE-2025-37841",
"url": "https://bugzilla.suse.com/1242974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37841"
},
{
"cve": "CVE-2025-37842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fsl-qspi: use devm function instead of driver remove\n\nDriver use devm APIs to manage clk/irq/resources and register the spi\ncontroller, but the legacy remove function will be called first during\ndevice detach and trigger kernel panic. Drop the remove function and use\ndevm_add_action_or_reset() for driver cleanup to ensure the release\nsequence.\n\nTrigger kernel panic on i.MX8MQ by\necho 30bb0000.spi \u003e/sys/bus/platform/drivers/fsl-quadspi/unbind",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37842",
"url": "https://www.suse.com/security/cve/CVE-2025-37842"
},
{
"category": "external",
"summary": "SUSE Bug 1242951 for CVE-2025-37842",
"url": "https://bugzilla.suse.com/1242951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37842"
},
{
"cve": "CVE-2025-37849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Tear down vGIC on failed vCPU creation\n\nIf kvm_arch_vcpu_create() fails to share the vCPU page with the\nhypervisor, we propagate the error back to the ioctl but leave the\nvGIC vCPU data initialised. Note only does this leak the corresponding\nmemory when the vCPU is destroyed but it can also lead to use-after-free\nif the redistributor device handling tries to walk into the vCPU.\n\nAdd the missing cleanup to kvm_arch_vcpu_create(), ensuring that the\nvGIC vCPU structures are destroyed on error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37849",
"url": "https://www.suse.com/security/cve/CVE-2025-37849"
},
{
"category": "external",
"summary": "SUSE Bug 1243000 for CVE-2025-37849",
"url": "https://bugzilla.suse.com/1243000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37849"
},
{
"cve": "CVE-2025-37850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()\n\nWith CONFIG_COMPILE_TEST \u0026\u0026 !CONFIG_HAVE_CLK, pwm_mediatek_config() has a\ndivide-by-zero in the following line:\n\n\tdo_div(resolution, clk_get_rate(pc-\u003eclk_pwms[pwm-\u003ehwpwm]));\n\ndue to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate()\nreturns zero.\n\nThis is presumably just a theoretical problem: COMPILE_TEST overrides\nthe dependency on RALINK which would select COMMON_CLK. Regardless it\u0027s\na good idea to check for the error explicitly to avoid divide-by-zero.\n\nFixes the following warning:\n\n drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section\n\n[ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37850",
"url": "https://www.suse.com/security/cve/CVE-2025-37850"
},
{
"category": "external",
"summary": "SUSE Bug 1242955 for CVE-2025-37850",
"url": "https://bugzilla.suse.com/1242955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37850"
},
{
"cve": "CVE-2025-37851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: Add \u0027plane\u0027 value check\n\nFunction dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB\nof the enum parameter plane.\n\nThe value of this parameter is initialized in dss_init_overlays and in the\ncurrent state of the code it cannot take this value so it\u0027s not a real\nproblem.\n\nFor the purposes of defensive coding it wouldn\u0027t be superfluous to check\nthe parameter value, because some functions down the call stack process\nthis value correctly and some not.\n\nFor example, in dispc_ovl_setup_global_alpha it may lead to buffer\noverflow.\n\nAdd check for this value.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37851",
"url": "https://www.suse.com/security/cve/CVE-2025-37851"
},
{
"category": "external",
"summary": "SUSE Bug 1242977 for CVE-2025-37851",
"url": "https://bugzilla.suse.com/1242977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37851"
},
{
"cve": "CVE-2025-37852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create()\n\nAdd error handling to propagate amdgpu_cgs_create_device() failures\nto the caller. When amdgpu_cgs_create_device() fails, release hwmgr\nand return -ENOMEM to prevent null pointer dereference.\n\n[v1]-\u003e[v2]: Change error code from -EINVAL to -ENOMEM. Free hwmgr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37852",
"url": "https://www.suse.com/security/cve/CVE-2025-37852"
},
{
"category": "external",
"summary": "SUSE Bug 1243074 for CVE-2025-37852",
"url": "https://bugzilla.suse.com/1243074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37852"
},
{
"cve": "CVE-2025-37853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: debugfs hang_hws skip GPU with MES\n\ndebugfs hang_hws is used by GPU reset test with HWS, for MES this crash\nthe kernel with NULL pointer access because dqm-\u003epacket_mgr is not setup\nfor MES path.\n\nSkip GPU with MES for now, MES hang_hws debugfs interface will be\nsupported later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37853",
"url": "https://www.suse.com/security/cve/CVE-2025-37853"
},
{
"category": "external",
"summary": "SUSE Bug 1243076 for CVE-2025-37853",
"url": "https://bugzilla.suse.com/1243076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37853"
},
{
"cve": "CVE-2025-37854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix mode1 reset crash issue\n\nIf HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal\nuser space to abort the processes. After process abort exit, user queues\nstill use the GPU to access system memory before h/w is reset while KFD\ncleanup worker free system memory and free VRAM.\n\nThere is use-after-free race bug that KFD allocate and reuse the freed\nsystem memory, and user queue write to the same system memory to corrupt\nthe data structure and cause driver crash.\n\nTo fix this race, KFD cleanup worker terminate user queues, then flush\nreset_domain wq to wait for any GPU ongoing reset complete, and then\nfree outstanding BOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37854",
"url": "https://www.suse.com/security/cve/CVE-2025-37854"
},
{
"category": "external",
"summary": "SUSE Bug 1243082 for CVE-2025-37854",
"url": "https://bugzilla.suse.com/1243082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37854"
},
{
"cve": "CVE-2025-37858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Prevent integer overflow in AG size calculation\n\nThe JFS filesystem calculates allocation group (AG) size using 1 \u003c\u003c\nl2agsize in dbExtendFS(). When l2agsize exceeds 31 (possible with \u003e2TB\naggregates on 32-bit systems), this 32-bit shift operation causes undefined\nbehavior and improper AG sizing.\n\nOn 32-bit architectures:\n- Left-shifting 1 by 32+ bits results in 0 due to integer overflow\n- This creates invalid AG sizes (0 or garbage values) in\nsbi-\u003ebmap-\u003edb_agsize\n- Subsequent block allocations would reference invalid AG structures\n- Could lead to:\n - Filesystem corruption during extend operations\n - Kernel crashes due to invalid memory accesses\n - Security vulnerabilities via malformed on-disk structures\n\nFix by casting to s64 before shifting:\nbmp-\u003edb_agsize = (s64)1 \u003c\u003c l2agsize;\n\nThis ensures 64-bit arithmetic even on 32-bit architectures. The cast\nmatches the data type of db_agsize (s64) and follows similar patterns in\nJFS block calculation code.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37858",
"url": "https://www.suse.com/security/cve/CVE-2025-37858"
},
{
"category": "external",
"summary": "SUSE Bug 1243049 for CVE-2025-37858",
"url": "https://bugzilla.suse.com/1243049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37858"
},
{
"cve": "CVE-2025-37867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Silence oversized kvmalloc() warning\n\nsyzkaller triggered an oversized kvmalloc() warning.\nSilence it by adding __GFP_NOWARN.\n\nsyzkaller log:\n WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node_noprof+0x175/0x180\n CPU: 7 UID: 0 PID: 518 Comm: c_repro Not tainted 6.11.0-rc6+ #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__kvmalloc_node_noprof+0x175/0x180\n RSP: 0018:ffffc90001e67c10 EFLAGS: 00010246\n RAX: 0000000000000100 RBX: 0000000000000400 RCX: ffffffff8149d46b\n RDX: 0000000000000000 RSI: ffff8881030fae80 RDI: 0000000000000002\n RBP: 000000712c800000 R08: 0000000000000100 R09: 0000000000000000\n R10: ffffc90001e67c10 R11: 0030ae0601000000 R12: 0000000000000000\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000\n FS: 00007fde79159740(0000) GS:ffff88813bdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000180 CR3: 0000000105eb4005 CR4: 00000000003706b0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ib_umem_odp_get+0x1f6/0x390\n mlx5_ib_reg_user_mr+0x1e8/0x450\n ib_uverbs_reg_mr+0x28b/0x440\n ib_uverbs_write+0x7d3/0xa30\n vfs_write+0x1ac/0x6c0\n ksys_write+0x134/0x170\n ? __sanitizer_cov_trace_pc+0x1c/0x50\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37867",
"url": "https://www.suse.com/security/cve/CVE-2025-37867"
},
{
"category": "external",
"summary": "SUSE Bug 1242948 for CVE-2025-37867",
"url": "https://bugzilla.suse.com/1242948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37867"
},
{
"cve": "CVE-2025-37870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: prevent hang on link training fail\n\n[Why]\nWhen link training fails, the phy clock will be disabled. However, in\nenable_streams, it is assumed that link training succeeded and the\nmux selects the phy clock, causing a hang when a register write is made.\n\n[How]\nWhen enable_stream is hit, check if link training failed. If it did, fall\nback to the ref clock to avoid a hang and keep the system in a recoverable\nstate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37870",
"url": "https://www.suse.com/security/cve/CVE-2025-37870"
},
{
"category": "external",
"summary": "SUSE Bug 1243056 for CVE-2025-37870",
"url": "https://bugzilla.suse.com/1243056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37870"
},
{
"cve": "CVE-2025-37871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: decrease sc_count directly if fail to queue dl_recall\n\nA deadlock warning occurred when invoking nfs4_put_stid following a failed\ndl_recall queue operation:\n T1 T2\n nfs4_laundromat\n nfs4_get_client_reaplist\n nfs4_anylock_blockers\n__break_lease\n spin_lock // ctx-\u003eflc_lock\n spin_lock // clp-\u003ecl_lock\n nfs4_lockowner_has_blockers\n locks_owner_has_blockers\n spin_lock // flctx-\u003eflc_lock\n nfsd_break_deleg_cb\n nfsd_break_one_deleg\n nfs4_put_stid\n refcount_dec_and_lock\n spin_lock // clp-\u003ecl_lock\n\nWhen a file is opened, an nfs4_delegation is allocated with sc_count\ninitialized to 1, and the file_lease holds a reference to the delegation.\nThe file_lease is then associated with the file through kernel_setlease.\n\nThe disassociation is performed in nfsd4_delegreturn via the following\ncall chain:\nnfsd4_delegreturn --\u003e destroy_delegation --\u003e destroy_unhashed_deleg --\u003e\nnfs4_unlock_deleg_lease --\u003e kernel_setlease --\u003e generic_delete_lease\nThe corresponding sc_count reference will be released after this\ndisassociation.\n\nSince nfsd_break_one_deleg executes while holding the flc_lock, the\ndisassociation process becomes blocked when attempting to acquire flc_lock\nin generic_delete_lease. This means:\n1) sc_count in nfsd_break_one_deleg will not be decremented to 0;\n2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to\nacquire cl_lock;\n3) Consequently, no deadlock condition is created.\n\nGiven that sc_count in nfsd_break_one_deleg remains non-zero, we can\nsafely perform refcount_dec on sc_count directly. This approach\neffectively avoids triggering deadlock warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37871",
"url": "https://www.suse.com/security/cve/CVE-2025-37871"
},
{
"category": "external",
"summary": "SUSE Bug 1242949 for CVE-2025-37871",
"url": "https://bugzilla.suse.com/1242949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37871"
},
{
"cve": "CVE-2025-37873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix missing ring index trim on error path\n\nCommit under Fixes converted tx_prod to be free running but missed\nmasking it on the Tx error path. This crashes on error conditions,\nfor example when DMA mapping fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37873",
"url": "https://www.suse.com/security/cve/CVE-2025-37873"
},
{
"category": "external",
"summary": "SUSE Bug 1242961 for CVE-2025-37873",
"url": "https://bugzilla.suse.com/1242961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37873"
},
{
"cve": "CVE-2025-37875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix PTM cycle trigger logic\n\nWriting to clear the PTM status \u0027valid\u0027 bit while the PTM cycle is\ntriggered results in unreliable PTM operation. To fix this, clear the\nPTM \u0027trigger\u0027 and status after each PTM transaction.\n\nThe issue can be reproduced with the following:\n\n$ sudo phc2sys -R 1000 -O 0 -i tsn0 -m\n\nNote: 1000 Hz (-R 1000) is unrealistically large, but provides a way to\nquickly reproduce the issue.\n\nPHC2SYS exits with:\n\n\"ioctl PTP_OFFSET_PRECISE: Connection timed out\" when the PTM transaction\n fails\n\nThis patch also fixes a hang in igc_probe() when loading the igc\ndriver in the kdump kernel on systems supporting PTM.\n\nThe igc driver running in the base kernel enables PTM trigger in\nigc_probe(). Therefore the driver is always in PTM trigger mode,\nexcept in brief periods when manually triggering a PTM cycle.\n\nWhen a crash occurs, the NIC is reset while PTM trigger is enabled.\nDue to a hardware problem, the NIC is subsequently in a bad busmaster\nstate and doesn\u0027t handle register reads/writes. When running\nigc_probe() in the kdump kernel, the first register access to a NIC\nregister hangs driver probing and ultimately breaks kdump.\n\nWith this patch, igc has PTM trigger disabled most of the time,\nand the trigger is only enabled for very brief (10 - 100 us) periods\nwhen manually triggering a PTM cycle. Chances that a crash occurs\nduring a PTM trigger are not 0, but extremely reduced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37875",
"url": "https://www.suse.com/security/cve/CVE-2025-37875"
},
{
"category": "external",
"summary": "SUSE Bug 1242959 for CVE-2025-37875",
"url": "https://bugzilla.suse.com/1242959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37875"
},
{
"cve": "CVE-2025-37879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37879"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/net: fix improper handling of bogus negative read/write replies\n\nIn p9_client_write() and p9_client_read_once(), if the server\nincorrectly replies with success but a negative write/read count then we\nwould consider written (negative) \u003c= rsize (positive) because both\nvariables were signed.\n\nMake variables unsigned to avoid this problem.\n\nThe reproducer linked below now fails with the following error instead\nof a null pointer deref:\n9pnet: bogus RWRITE count (4294967295 \u003e 3)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37879",
"url": "https://www.suse.com/security/cve/CVE-2025-37879"
},
{
"category": "external",
"summary": "SUSE Bug 1243077 for CVE-2025-37879",
"url": "https://bugzilla.suse.com/1243077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37879"
},
{
"cve": "CVE-2025-37881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()\n\nThe variable d-\u003ename, returned by devm_kasprintf(), could be NULL.\nA pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37881",
"url": "https://www.suse.com/security/cve/CVE-2025-37881"
},
{
"category": "external",
"summary": "SUSE Bug 1242973 for CVE-2025-37881",
"url": "https://bugzilla.suse.com/1242973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37881"
},
{
"cve": "CVE-2025-37886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: make wait_context part of q_info\n\nMake the wait_context a full part of the q_info struct rather\nthan a stack variable that goes away after pdsc_adminq_post()\nis done so that the context is still available after the wait\nloop has given up.\n\nThere was a case where a slow development firmware caused\nthe adminq request to time out, but then later the FW finally\nfinished the request and sent the interrupt. The handler tried\nto complete_all() the completion context that had been created\non the stack in pdsc_adminq_post() but no longer existed.\nThis caused bad pointer usage, kernel crashes, and much wailing\nand gnashing of teeth.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37886",
"url": "https://www.suse.com/security/cve/CVE-2025-37886"
},
{
"category": "external",
"summary": "SUSE Bug 1242944 for CVE-2025-37886",
"url": "https://bugzilla.suse.com/1242944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37886"
},
{
"cve": "CVE-2025-37887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result\n\nIf the FW doesn\u0027t support the PDS_CORE_CMD_FW_CONTROL command\nthe driver might at the least print garbage and at the worst\ncrash when the user runs the \"devlink dev info\" devlink command.\n\nThis happens because the stack variable fw_list is not 0\ninitialized which results in fw_list.num_fw_slots being a\ngarbage value from the stack. Then the driver tries to access\nfw_list.fw_names[i] with i \u003e= ARRAY_SIZE and runs off the end\nof the array.\n\nFix this by initializing the fw_list and by not failing\ncompletely if the devcmd fails because other useful information\nis printed via devlink dev info even if the devcmd fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37887",
"url": "https://www.suse.com/security/cve/CVE-2025-37887"
},
{
"category": "external",
"summary": "SUSE Bug 1242962 for CVE-2025-37887",
"url": "https://bugzilla.suse.com/1242962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37887"
},
{
"cve": "CVE-2025-37889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Consistently treat platform_max as control value\n\nThis reverts commit 9bdd10d57a88 (\"ASoC: ops: Shift tested values in\nsnd_soc_put_volsw() by +min\"), and makes some additional related\nupdates.\n\nThere are two ways the platform_max could be interpreted; the maximum\nregister value, or the maximum value the control can be set to. The\npatch moved from treating the value as a control value to a register\none. When the patch was applied it was technically correct as\nsnd_soc_limit_volume() also used the register interpretation. However,\neven then most of the other usages treated platform_max as a\ncontrol value, and snd_soc_limit_volume() has since been updated to\nalso do so in commit fb9ad24485087 (\"ASoC: ops: add correct range\ncheck for limiting volume\"). That patch however, missed updating\nsnd_soc_put_volsw() back to the control interpretation, and fixing\nsnd_soc_info_volsw_range(). The control interpretation makes more\nsense as limiting is typically done from the machine driver, so it is\nappropriate to use the customer facing representation rather than the\ninternal codec representation. Update all the code to consistently use\nthis interpretation of platform_max.\n\nFinally, also add some comments to the soc_mixer_control struct to\nhopefully avoid further patches switching between the two approaches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37889",
"url": "https://www.suse.com/security/cve/CVE-2025-37889"
},
{
"category": "external",
"summary": "SUSE Bug 1242945 for CVE-2025-37889",
"url": "https://bugzilla.suse.com/1242945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37889"
},
{
"cve": "CVE-2025-37890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], we have a UAF case when an hfsc class\nhas a netem child qdisc. The crux of the issue is that hfsc is assuming\nthat checking for cl-\u003eqdisc-\u003eq.qlen == 0 guarantees that it hasn\u0027t inserted\nthe class in the vttree or eltree (which is not true for the netem\nduplicate case).\n\nThis patch checks the n_active class variable to make sure that the code\nwon\u0027t insert the class in the vttree or eltree twice, catering for the\nreentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37890",
"url": "https://www.suse.com/security/cve/CVE-2025-37890"
},
{
"category": "external",
"summary": "SUSE Bug 1243330 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "external",
"summary": "SUSE Bug 1245791 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1245791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "important"
}
],
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-37891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ump: Fix buffer overflow at UMP SysEx message conversion\n\nThe conversion function from MIDI 1.0 to UMP packet contains an\ninternal buffer to keep the incoming MIDI bytes, and its size is 4, as\nit was supposed to be the max size for a MIDI1 UMP packet data.\nHowever, the implementation overlooked that SysEx is handled in a\ndifferent format, and it can be up to 6 bytes, as found in\ndo_convert_to_ump(). It leads eventually to a buffer overflow, and\nmay corrupt the memory when a longer SysEx message is received.\n\nThe fix is simply to extend the buffer size to 6 to fit with the SysEx\nUMP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37891",
"url": "https://www.suse.com/security/cve/CVE-2025-37891"
},
{
"category": "external",
"summary": "SUSE Bug 1243589 for CVE-2025-37891",
"url": "https://bugzilla.suse.com/1243589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37891"
},
{
"cve": "CVE-2025-37892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: inftlcore: Add error check for inftl_read_oob()\n\nIn INFTL_findwriteunit(), the return value of inftl_read_oob()\nneed to be checked. A proper implementation can be\nfound in INFTL_deleteblock(). The status will be set as\nSECTOR_IGNORE to break from the while-loop correctly\nif the inftl_read_oob() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37892",
"url": "https://www.suse.com/security/cve/CVE-2025-37892"
},
{
"category": "external",
"summary": "SUSE Bug 1243536 for CVE-2025-37892",
"url": "https://bugzilla.suse.com/1243536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37892"
},
{
"cve": "CVE-2025-37897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37897"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: plfxlc: Remove erroneous assert in plfxlc_mac_release\n\nplfxlc_mac_release() asserts that mac-\u003elock is held. This assertion is\nincorrect, because even if it was possible, it would not be the valid\nbehaviour. The function is used when probe fails or after the device is\ndisconnected. In both cases mac-\u003elock can not be held as the driver is\nnot working with the device at the moment. All functions that use mac-\u003elock\nunlock it just after it was held. There is also no need to hold mac-\u003elock\nfor plfxlc_mac_release() itself, as mac data is not affected, except for\nmac-\u003eflags, which is modified atomically.\n\nThis bug leads to the following warning:\n================================================================\nWARNING: CPU: 0 PID: 127 at drivers/net/wireless/purelifi/plfxlc/mac.c:106 plfxlc_mac_release+0x7d/0xa0\nModules linked in:\nCPU: 0 PID: 127 Comm: kworker/0:2 Not tainted 6.1.124-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:plfxlc_mac_release+0x7d/0xa0 drivers/net/wireless/purelifi/plfxlc/mac.c:106\nCall Trace:\n \u003cTASK\u003e\n probe+0x941/0xbd0 drivers/net/wireless/purelifi/plfxlc/usb.c:694\n usb_probe_interface+0x5c0/0xaf0 drivers/usb/core/driver.c:396\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_set_configuration+0x19dd/0x2020 drivers/usb/core/message.c:2165\n usb_generic_driver_probe+0x84/0x140 drivers/usb/core/generic.c:238\n usb_probe_device+0x130/0x260 drivers/usb/core/driver.c:293\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_new_device+0xbdd/0x18f0 drivers/usb/core/hub.c:2620\n hub_port_connect drivers/usb/core/hub.c:5477 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5617 [inline]\n port_event drivers/usb/core/hub.c:5773 [inline]\n hub_event+0x2efe/0x5730 drivers/usb/core/hub.c:5855\n process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292\n worker_thread+0xa47/0x1200 kernel/workqueue.c:2439\n kthread+0x28d/0x320 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n \u003c/TASK\u003e\n================================================================\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37897",
"url": "https://www.suse.com/security/cve/CVE-2025-37897"
},
{
"category": "external",
"summary": "SUSE Bug 1243534 for CVE-2025-37897",
"url": "https://bugzilla.suse.com/1243534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "low"
}
],
"title": "CVE-2025-37897"
},
{
"cve": "CVE-2025-37900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix two issues in iommu_copy_struct_from_user()\n\nIn the review for iommu_copy_struct_to_user() helper, Matt pointed out that\na NULL pointer should be rejected prior to dereferencing it:\nhttps://lore.kernel.org/all/86881827-8E2D-461C-BDA3-FA8FD14C343C@nvidia.com\n\nAnd Alok pointed out a typo at the same time:\nhttps://lore.kernel.org/all/480536af-6830-43ce-a327-adbd13dc3f1d@oracle.com\n\nSince both issues were copied from iommu_copy_struct_from_user(), fix them\nfirst in the current header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37900",
"url": "https://www.suse.com/security/cve/CVE-2025-37900"
},
{
"category": "external",
"summary": "SUSE Bug 1243560 for CVE-2025-37900",
"url": "https://bugzilla.suse.com/1243560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37900"
},
{
"cve": "CVE-2025-37901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs\n\nOn Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not\nhave a corresponding MPM pin and should not be handled inside the MPM\ndriver. The IRQ domain hierarchy is always applied, so it\u0027s required to\nexplicitly disconnect the hierarchy for those. The pinctrl-msm driver marks\nthese with GPIO_NO_WAKE_IRQ. qcom-pdc has a check for this, but\nirq-qcom-mpm is currently missing the check. This is causing crashes when\nsetting up interrupts for non-wake GPIOs:\n\n root@rb1:~# gpiomon -c gpiochip1 10\n irq: IRQ159: trimming hierarchy from :soc@0:interrupt-controller@f200000-1\n Unable to handle kernel paging request at virtual address ffff8000a1dc3820\n Hardware name: Qualcomm Technologies, Inc. Robotics RB1 (DT)\n pc : mpm_set_type+0x80/0xcc\n lr : mpm_set_type+0x5c/0xcc\n Call trace:\n mpm_set_type+0x80/0xcc (P)\n qcom_mpm_set_type+0x64/0x158\n irq_chip_set_type_parent+0x20/0x38\n msm_gpio_irq_set_type+0x50/0x530\n __irq_set_trigger+0x60/0x184\n __setup_irq+0x304/0x6bc\n request_threaded_irq+0xc8/0x19c\n edge_detector_setup+0x260/0x364\n linereq_create+0x420/0x5a8\n gpio_ioctl+0x2d4/0x6c0\n\nFix this by copying the check for GPIO_NO_WAKE_IRQ from qcom-pdc.c, so that\nMPM is removed entirely from the hierarchy for non-wake GPIOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37901",
"url": "https://www.suse.com/security/cve/CVE-2025-37901"
},
{
"category": "external",
"summary": "SUSE Bug 1243559 for CVE-2025-37901",
"url": "https://bugzilla.suse.com/1243559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37901"
},
{
"cve": "CVE-2025-37903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free in hdcp\n\nThe HDCP code in amdgpu_dm_hdcp.c copies pointers to amdgpu_dm_connector\nobjects without incrementing the kref reference counts. When using a\nUSB-C dock, and the dock is unplugged, the corresponding\namdgpu_dm_connector objects are freed, creating dangling pointers in the\nHDCP code. When the dock is plugged back, the dangling pointers are\ndereferenced, resulting in a slab-use-after-free:\n\n[ 66.775837] BUG: KASAN: slab-use-after-free in event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776171] Read of size 4 at addr ffff888127804120 by task kworker/0:1/10\n\n[ 66.776179] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.14.0-rc7-00180-g54505f727a38-dirty #233\n[ 66.776183] Hardware name: HP HP Pavilion Aero Laptop 13-be0xxx/8916, BIOS F.17 12/18/2024\n[ 66.776186] Workqueue: events event_property_validate [amdgpu]\n[ 66.776494] Call Trace:\n[ 66.776496] \u003cTASK\u003e\n[ 66.776497] dump_stack_lvl+0x70/0xa0\n[ 66.776504] print_report+0x175/0x555\n[ 66.776507] ? __virt_addr_valid+0x243/0x450\n[ 66.776510] ? kasan_complete_mode_report_info+0x66/0x1c0\n[ 66.776515] kasan_report+0xeb/0x1c0\n[ 66.776518] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776819] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777121] __asan_report_load4_noabort+0x14/0x20\n[ 66.777124] event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777342] ? __lock_acquire+0x6b40/0x6b40\n[ 66.777347] ? enable_assr+0x250/0x250 [amdgpu]\n[ 66.777571] process_one_work+0x86b/0x1510\n[ 66.777575] ? pwq_dec_nr_in_flight+0xcf0/0xcf0\n[ 66.777578] ? assign_work+0x16b/0x280\n[ 66.777580] ? lock_is_held_type+0xa3/0x130\n[ 66.777583] worker_thread+0x5c0/0xfa0\n[ 66.777587] ? process_one_work+0x1510/0x1510\n[ 66.777588] kthread+0x3a2/0x840\n[ 66.777591] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777594] ? trace_hardirqs_on+0x4f/0x60\n[ 66.777597] ? _raw_spin_unlock_irq+0x27/0x60\n[ 66.777599] ? calculate_sigpending+0x77/0xa0\n[ 66.777602] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777605] ret_from_fork+0x40/0x90\n[ 66.777607] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777609] ret_from_fork_asm+0x11/0x20\n[ 66.777614] \u003c/TASK\u003e\n\n[ 66.777643] Allocated by task 10:\n[ 66.777646] kasan_save_stack+0x39/0x60\n[ 66.777649] kasan_save_track+0x14/0x40\n[ 66.777652] kasan_save_alloc_info+0x37/0x50\n[ 66.777655] __kasan_kmalloc+0xbb/0xc0\n[ 66.777658] __kmalloc_cache_noprof+0x1c8/0x4b0\n[ 66.777661] dm_dp_add_mst_connector+0xdd/0x5c0 [amdgpu]\n[ 66.777880] drm_dp_mst_port_add_connector+0x47e/0x770 [drm_display_helper]\n[ 66.777892] drm_dp_send_link_address+0x1554/0x2bf0 [drm_display_helper]\n[ 66.777901] drm_dp_check_and_send_link_address+0x187/0x1f0 [drm_display_helper]\n[ 66.777909] drm_dp_mst_link_probe_work+0x2b8/0x410 [drm_display_helper]\n[ 66.777917] process_one_work+0x86b/0x1510\n[ 66.777919] worker_thread+0x5c0/0xfa0\n[ 66.777922] kthread+0x3a2/0x840\n[ 66.777925] ret_from_fork+0x40/0x90\n[ 66.777927] ret_from_fork_asm+0x11/0x20\n\n[ 66.777932] Freed by task 1713:\n[ 66.777935] kasan_save_stack+0x39/0x60\n[ 66.777938] kasan_save_track+0x14/0x40\n[ 66.777940] kasan_save_free_info+0x3b/0x60\n[ 66.777944] __kasan_slab_free+0x52/0x70\n[ 66.777946] kfree+0x13f/0x4b0\n[ 66.777949] dm_dp_mst_connector_destroy+0xfa/0x150 [amdgpu]\n[ 66.778179] drm_connector_free+0x7d/0xb0\n[ 66.778184] drm_mode_object_put.part.0+0xee/0x160\n[ 66.778188] drm_mode_object_put+0x37/0x50\n[ 66.778191] drm_atomic_state_default_clear+0x220/0xd60\n[ 66.778194] __drm_atomic_state_free+0x16e/0x2a0\n[ 66.778197] drm_mode_atomic_ioctl+0x15ed/0x2ba0\n[ 66.778200] drm_ioctl_kernel+0x17a/0x310\n[ 66.778203] drm_ioctl+0x584/0xd10\n[ 66.778206] amdgpu_drm_ioctl+0xd2/0x1c0 [amdgpu]\n[ 66.778375] __x64_sys_ioctl+0x139/0x1a0\n[ 66.778378] x64_sys_call+0xee7/0xfb0\n[ 66.778381] \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37903",
"url": "https://www.suse.com/security/cve/CVE-2025-37903"
},
{
"category": "external",
"summary": "SUSE Bug 1243562 for CVE-2025-37903",
"url": "https://bugzilla.suse.com/1243562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37903"
},
{
"cve": "CVE-2025-37905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Balance device refcount when destroying devices\n\nUsing device_find_child() to lookup the proper SCMI device to destroy\ncauses an unbalance in device refcount, since device_find_child() calls an\nimplicit get_device(): this, in turns, inhibits the call of the provided\nrelease methods upon devices destruction.\n\nAs a consequence, one of the structures that is not freed properly upon\ndestruction is the internal struct device_private dev-\u003ep populated by the\ndrivers subsystem core.\n\nKMemleak detects this situation since loading/unloding some SCMI driver\ncauses related devices to be created/destroyed without calling any\ndevice_release method.\n\nunreferenced object 0xffff00000f583800 (size 512):\n comm \"insmod\", pid 227, jiffies 4294912190\n hex dump (first 32 bytes):\n 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........\n ff ff ff ff ff ff ff ff 60 36 1d 8a 00 80 ff ff ........`6......\n backtrace (crc 114e2eed):\n kmemleak_alloc+0xbc/0xd8\n __kmalloc_cache_noprof+0x2dc/0x398\n device_add+0x954/0x12d0\n device_register+0x28/0x40\n __scmi_device_create.part.0+0x1bc/0x380\n scmi_device_create+0x2d0/0x390\n scmi_create_protocol_devices+0x74/0xf8\n scmi_device_request_notifier+0x1f8/0x2a8\n notifier_call_chain+0x110/0x3b0\n blocking_notifier_call_chain+0x70/0xb0\n scmi_driver_register+0x350/0x7f0\n 0xffff80000a3b3038\n do_one_initcall+0x12c/0x730\n do_init_module+0x1dc/0x640\n load_module+0x4b20/0x5b70\n init_module_from_file+0xec/0x158\n\n$ ./scripts/faddr2line ./vmlinux device_add+0x954/0x12d0\ndevice_add+0x954/0x12d0:\nkmalloc_noprof at include/linux/slab.h:901\n(inlined by) kzalloc_noprof at include/linux/slab.h:1037\n(inlined by) device_private_init at drivers/base/core.c:3510\n(inlined by) device_add at drivers/base/core.c:3561\n\nBalance device refcount by issuing a put_device() on devices found via\ndevice_find_child().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37905",
"url": "https://www.suse.com/security/cve/CVE-2025-37905"
},
{
"category": "external",
"summary": "SUSE Bug 1243456 for CVE-2025-37905",
"url": "https://bugzilla.suse.com/1243456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37905"
},
{
"cve": "CVE-2025-37911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix out-of-bound memcpy() during ethtool -w\n\nWhen retrieving the FW coredump using ethtool, it can sometimes cause\nmemory corruption:\n\nBUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nCorrupted memory at 0x000000008f0f30e8 [ ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ] (in kfence-#45):\n__bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nethtool_get_dump_data+0xdc/0x1a0\n__dev_ethtool+0xa1e/0x1af0\ndev_ethtool+0xa8/0x170\ndev_ioctl+0x1b5/0x580\nsock_do_ioctl+0xab/0xf0\nsock_ioctl+0x1ce/0x2e0\n__x64_sys_ioctl+0x87/0xc0\ndo_syscall_64+0x5c/0xf0\nentry_SYSCALL_64_after_hwframe+0x78/0x80\n\n...\n\nThis happens when copying the coredump segment list in\nbnxt_hwrm_dbg_dma_data() with the HWRM_DBG_COREDUMP_LIST FW command.\nThe info-\u003edest_buf buffer is allocated based on the number of coredump\nsegments returned by the FW. The segment list is then DMA\u0027ed by\nthe FW and the length of the DMA is returned by FW. The driver then\ncopies this DMA\u0027ed segment list to info-\u003edest_buf.\n\nIn some cases, this DMA length may exceed the info-\u003edest_buf length\nand cause the above BUG condition. Fix it by capping the copy\nlength to not exceed the length of info-\u003edest_buf. The extra\nDMA data contains no useful information.\n\nThis code path is shared for the HWRM_DBG_COREDUMP_LIST and the\nHWRM_DBG_COREDUMP_RETRIEVE FW commands. The buffering is different\nfor these 2 FW commands. To simplify the logic, we need to move\nthe line to adjust the buffer length for HWRM_DBG_COREDUMP_RETRIEVE\nup, so that the new check to cap the copy length will work for both\ncommands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37911",
"url": "https://www.suse.com/security/cve/CVE-2025-37911"
},
{
"category": "external",
"summary": "SUSE Bug 1243469 for CVE-2025-37911",
"url": "https://bugzilla.suse.com/1243469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37911"
},
{
"cve": "CVE-2025-37912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()\n\nAs mentioned in the commit baeb705fd6a7 (\"ice: always check VF VSI\npointer values\"), we need to perform a null pointer check on the return\nvalue of ice_get_vf_vsi() before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37912",
"url": "https://www.suse.com/security/cve/CVE-2025-37912"
},
{
"category": "external",
"summary": "SUSE Bug 1243470 for CVE-2025-37912",
"url": "https://bugzilla.suse.com/1243470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37912"
},
{
"cve": "CVE-2025-37913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: qfq: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of qfq, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nThis patch checks whether the class was already added to the agg-\u003eactive\nlist (cl_is_active) before doing the addition to cater for the reentrant\ncase.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37913",
"url": "https://www.suse.com/security/cve/CVE-2025-37913"
},
{
"category": "external",
"summary": "SUSE Bug 1243471 for CVE-2025-37913",
"url": "https://bugzilla.suse.com/1243471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37913"
},
{
"cve": "CVE-2025-37914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: ets: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of ets, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether\nthe class was already added to the active_list (cl_is_active) before\ndoing the addition to cater for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37914",
"url": "https://www.suse.com/security/cve/CVE-2025-37914"
},
{
"category": "external",
"summary": "SUSE Bug 1243472 for CVE-2025-37914",
"url": "https://bugzilla.suse.com/1243472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37914"
},
{
"cve": "CVE-2025-37915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: drr: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of drr, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether the\nclass was already added to the active_list (cl_is_active) before adding\nto the list to cover for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37915",
"url": "https://www.suse.com/security/cve/CVE-2025-37915"
},
{
"category": "external",
"summary": "SUSE Bug 1243473 for CVE-2025-37915",
"url": "https://bugzilla.suse.com/1243473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37915"
},
{
"cve": "CVE-2025-37918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: avoid NULL pointer dereference in skb_dequeue()\n\nA NULL pointer dereference can occur in skb_dequeue() when processing a\nQCA firmware crash dump on WCN7851 (0489:e0f3).\n\n[ 93.672166] Bluetooth: hci0: ACL memdump size(589824)\n\n[ 93.672475] BUG: kernel NULL pointer dereference, address: 0000000000000008\n[ 93.672517] Workqueue: hci0 hci_devcd_rx [bluetooth]\n[ 93.672598] RIP: 0010:skb_dequeue+0x50/0x80\n\nThe issue stems from handle_dump_pkt_qca() returning 0 even when a dump\npacket is successfully processed. This is because it incorrectly\nforwards the return value of hci_devcd_init() (which returns 0 on\nsuccess). As a result, the caller (btusb_recv_acl_qca() or\nbtusb_recv_evt_qca()) assumes the packet was not handled and passes it\nto hci_recv_frame(), leading to premature kfree() of the skb.\n\nLater, hci_devcd_rx() attempts to dequeue the same skb from the dump\nqueue, resulting in a NULL pointer dereference.\n\nFix this by:\n1. Making handle_dump_pkt_qca() return 0 on success and negative errno\n on failure, consistent with kernel conventions.\n2. Splitting dump packet detection into separate functions for ACL\n and event packets for better structure and readability.\n\nThis ensures dump packets are properly identified and consumed, avoiding\ndouble handling and preventing NULL pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37918",
"url": "https://www.suse.com/security/cve/CVE-2025-37918"
},
{
"category": "external",
"summary": "SUSE Bug 1243476 for CVE-2025-37918",
"url": "https://bugzilla.suse.com/1243476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37918"
},
{
"cve": "CVE-2025-37925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: reject on-disk inodes of an unsupported type\n\nSyzbot has reported the following BUG:\n\nkernel BUG at fs/inode.c:668!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted 6.12.0-rc4-syzkaller-00085-g4e46774408d9 #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\nRIP: 0010:clear_inode+0x168/0x190\nCode: 4c 89 f7 e8 ba fe e5 ff e9 61 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 7c c1 4c 89 f7 e8 90 ff e5 ff eb b7\n 0b e8 01 5d 7f ff 90 0f 0b e8 f9 5c 7f ff 90 0f 0b e8 f1 5c 7f\nRSP: 0018:ffffc900027dfae8 EFLAGS: 00010093\nRAX: ffffffff82157a87 RBX: 0000000000000001 RCX: ffff888104d4b980\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\nRBP: ffffc900027dfc90 R08: ffffffff82157977 R09: fffff520004fbf38\nR10: dffffc0000000000 R11: fffff520004fbf38 R12: dffffc0000000000\nR13: ffff88811315bc00 R14: ffff88811315bda8 R15: ffff88811315bb80\nFS: 0000000000000000(0000) GS:ffff888135f00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005565222e0578 CR3: 0000000026ef0000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n ? __die_body+0x5f/0xb0\n ? die+0x9e/0xc0\n ? do_trap+0x15a/0x3a0\n ? clear_inode+0x168/0x190\n ? do_error_trap+0x1dc/0x2c0\n ? clear_inode+0x168/0x190\n ? __pfx_do_error_trap+0x10/0x10\n ? report_bug+0x3cd/0x500\n ? handle_invalid_op+0x34/0x40\n ? clear_inode+0x168/0x190\n ? exc_invalid_op+0x38/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? clear_inode+0x57/0x190\n ? clear_inode+0x167/0x190\n ? clear_inode+0x168/0x190\n ? clear_inode+0x167/0x190\n jfs_evict_inode+0xb5/0x440\n ? __pfx_jfs_evict_inode+0x10/0x10\n evict+0x4ea/0x9b0\n ? __pfx_evict+0x10/0x10\n ? iput+0x713/0xa50\n txUpdateMap+0x931/0xb10\n ? __pfx_txUpdateMap+0x10/0x10\n jfs_lazycommit+0x49a/0xb80\n ? _raw_spin_unlock_irqrestore+0x8f/0x140\n ? lockdep_hardirqs_on+0x99/0x150\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_default_wake_function+0x10/0x10\n ? __kthread_parkme+0x169/0x1d0\n ? __pfx_jfs_lazycommit+0x10/0x10\n kthread+0x2f2/0x390\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4d/0x80\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nThis happens when \u0027clear_inode()\u0027 makes an attempt to finalize an underlying\nJFS inode of unknown type. According to JFS layout description from\nhttps://jfs.sourceforge.net/project/pub/jfslayout.pdf, inode types from 5 to\n15 are reserved for future extensions and should not be encountered on a valid\nfilesystem. So add an extra check for valid inode type in \u0027copy_from_dinode()\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37925",
"url": "https://www.suse.com/security/cve/CVE-2025-37925"
},
{
"category": "external",
"summary": "SUSE Bug 1241654 for CVE-2025-37925",
"url": "https://bugzilla.suse.com/1241654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37925"
},
{
"cve": "CVE-2025-37928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-bufio: don\u0027t schedule in atomic context\n\nA BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and\ntry_verify_in_tasklet are enabled.\n[ 129.444685][ T934] BUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2421\n[ 129.444723][ T934] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 934, name: kworker/1:4\n[ 129.444740][ T934] preempt_count: 201, expected: 0\n[ 129.444756][ T934] RCU nest depth: 0, expected: 0\n[ 129.444781][ T934] Preemption disabled at:\n[ 129.444789][ T934] [\u003cffffffd816231900\u003e] shrink_work+0x21c/0x248\n[ 129.445167][ T934] kernel BUG at kernel/sched/walt/walt_debug.c:16!\n[ 129.445183][ T934] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ 129.445204][ T934] Skip md ftrace buffer dump for: 0x1609e0\n[ 129.447348][ T934] CPU: 1 PID: 934 Comm: kworker/1:4 Tainted: G W OE 6.6.56-android15-8-o-g6f82312b30b9-debug #1 1400000003000000474e5500b3187743670464e8\n[ 129.447362][ T934] Hardware name: Qualcomm Technologies, Inc. Parrot QRD, Alpha-M (DT)\n[ 129.447373][ T934] Workqueue: dm_bufio_cache shrink_work\n[ 129.447394][ T934] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 129.447406][ T934] pc : android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug]\n[ 129.447435][ T934] lr : __traceiter_android_rvh_schedule_bug+0x44/0x6c\n[ 129.447451][ T934] sp : ffffffc0843dbc90\n[ 129.447459][ T934] x29: ffffffc0843dbc90 x28: ffffffffffffffff x27: 0000000000000c8b\n[ 129.447479][ T934] x26: 0000000000000040 x25: ffffff804b3d6260 x24: ffffffd816232b68\n[ 129.447497][ T934] x23: ffffff805171c5b4 x22: 0000000000000000 x21: ffffffd816231900\n[ 129.447517][ T934] x20: ffffff80306ba898 x19: 0000000000000000 x18: ffffffc084159030\n[ 129.447535][ T934] x17: 00000000d2b5dd1f x16: 00000000d2b5dd1f x15: ffffffd816720358\n[ 129.447554][ T934] x14: 0000000000000004 x13: ffffff89ef978000 x12: 0000000000000003\n[ 129.447572][ T934] x11: ffffffd817a823c4 x10: 0000000000000202 x9 : 7e779c5735de9400\n[ 129.447591][ T934] x8 : ffffffd81560d004 x7 : 205b5d3938373434 x6 : ffffffd8167397c8\n[ 129.447610][ T934] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffffffc0843db9e0\n[ 129.447629][ T934] x2 : 0000000000002f15 x1 : 0000000000000000 x0 : 0000000000000000\n[ 129.447647][ T934] Call trace:\n[ 129.447655][ T934] android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug 1400000003000000474e550080cce8a8a78606b6]\n[ 129.447681][ T934] __might_resched+0x190/0x1a8\n[ 129.447694][ T934] shrink_work+0x180/0x248\n[ 129.447706][ T934] process_one_work+0x260/0x624\n[ 129.447718][ T934] worker_thread+0x28c/0x454\n[ 129.447729][ T934] kthread+0x118/0x158\n[ 129.447742][ T934] ret_from_fork+0x10/0x20\n[ 129.447761][ T934] Code: ???????? ???????? ???????? d2b5dd1f (d4210000)\n[ 129.447772][ T934] ---[ end trace 0000000000000000 ]---\n\ndm_bufio_lock will call spin_lock_bh when try_verify_in_tasklet\nis enabled, and __scan will be called in atomic context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37928",
"url": "https://www.suse.com/security/cve/CVE-2025-37928"
},
{
"category": "external",
"summary": "SUSE Bug 1243621 for CVE-2025-37928",
"url": "https://bugzilla.suse.com/1243621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37928"
},
{
"cve": "CVE-2025-37929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays\n\nCommit a5951389e58d (\"arm64: errata: Add newer ARM cores to the\nspectre_bhb_loop_affected() lists\") added some additional CPUs to the\nSpectre-BHB workaround, including some new arrays for designs that\nrequire new \u0027k\u0027 values for the workaround to be effective.\n\nUnfortunately, the new arrays omitted the sentinel entry and so\nis_midr_in_range_list() will walk off the end when it doesn\u0027t find a\nmatch. With UBSAN enabled, this leads to a crash during boot when\nis_midr_in_range_list() is inlined (which was more common prior to\nc8c2647e69be (\"arm64: Make _midr_in_range_list() an exported\nfunction\")):\n\n | Internal error: aarch64 BRK: 00000000f2000001 [#1] PREEMPT SMP\n | pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n | pc : spectre_bhb_loop_affected+0x28/0x30\n | lr : is_spectre_bhb_affected+0x170/0x190\n | [...]\n | Call trace:\n | spectre_bhb_loop_affected+0x28/0x30\n | update_cpu_capabilities+0xc0/0x184\n | init_cpu_features+0x188/0x1a4\n | cpuinfo_store_boot_cpu+0x4c/0x60\n | smp_prepare_boot_cpu+0x38/0x54\n | start_kernel+0x8c/0x478\n | __primary_switched+0xc8/0xd4\n | Code: 6b09011f 54000061 52801080 d65f03c0 (d4200020)\n | ---[ end trace 0000000000000000 ]---\n | Kernel panic - not syncing: aarch64 BRK: Fatal exception\n\nAdd the missing sentinel entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37929",
"url": "https://www.suse.com/security/cve/CVE-2025-37929"
},
{
"category": "external",
"summary": "SUSE Bug 1243624 for CVE-2025-37929",
"url": "https://bugzilla.suse.com/1243624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37929"
},
{
"cve": "CVE-2025-37930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()\n\nNouveau is mostly designed in a way that it\u0027s expected that fences only\never get signaled through nouveau_fence_signal(). However, in at least\none other place, nouveau_fence_done(), can signal fences, too. If that\nhappens (race) a signaled fence remains in the pending list for a while,\nuntil it gets removed by nouveau_fence_update().\n\nShould nouveau_fence_context_kill() run in the meantime, this would be\na bug because the function would attempt to set an error code on an\nalready signaled fence.\n\nHave nouveau_fence_context_kill() check for a fence being signaled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37930",
"url": "https://www.suse.com/security/cve/CVE-2025-37930"
},
{
"category": "external",
"summary": "SUSE Bug 1243625 for CVE-2025-37930",
"url": "https://bugzilla.suse.com/1243625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37930"
},
{
"cve": "CVE-2025-37931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: adjust subpage bit start based on sectorsize\n\nWhen running machines with 64k page size and a 16k nodesize we started\nseeing tree log corruption in production. This turned out to be because\nwe were not writing out dirty blocks sometimes, so this in fact affects\nall metadata writes.\n\nWhen writing out a subpage EB we scan the subpage bitmap for a dirty\nrange. If the range isn\u0027t dirty we do\n\n\tbit_start++;\n\nto move onto the next bit. The problem is the bitmap is based on the\nnumber of sectors that an EB has. So in this case, we have a 64k\npagesize, 16k nodesize, but a 4k sectorsize. This means our bitmap is 4\nbits for every node. With a 64k page size we end up with 4 nodes per\npage.\n\nTo make this easier this is how everything looks\n\n[0 16k 32k 48k ] logical address\n[0 4 8 12 ] radix tree offset\n[ 64k page ] folio\n[ 16k eb ][ 16k eb ][ 16k eb ][ 16k eb ] extent buffers\n[ | | | | | | | | | | | | | | | | ] bitmap\n\nNow we use all of our addressing based on fs_info-\u003esectorsize_bits, so\nas you can see the above our 16k eb-\u003estart turns into radix entry 4.\n\nWhen we find a dirty range for our eb, we correctly do bit_start +=\nsectors_per_node, because if we start at bit 0, the next bit for the\nnext eb is 4, to correspond to eb-\u003estart 16k.\n\nHowever if our range is clean, we will do bit_start++, which will now\nput us offset from our radix tree entries.\n\nIn our case, assume that the first time we check the bitmap the block is\nnot dirty, we increment bit_start so now it == 1, and then we loop\naround and check again. This time it is dirty, and we go to find that\nstart using the following equation\n\n\tstart = folio_start + bit_start * fs_info-\u003esectorsize;\n\nso in the case above, eb-\u003estart 0 is now dirty, and we calculate start\nas\n\n\t0 + 1 * fs_info-\u003esectorsize = 4096\n\t4096 \u003e\u003e 12 = 1\n\nNow we\u0027re looking up the radix tree for 1, and we won\u0027t find an eb.\nWhat\u0027s worse is now we\u0027re using bit_start == 1, so we do bit_start +=\nsectors_per_node, which is now 5. If that eb is dirty we will run into\nthe same thing, we will look at an offset that is not populated in the\nradix tree, and now we\u0027re skipping the writeout of dirty extent buffers.\n\nThe best fix for this is to not use sectorsize_bits to address nodes,\nbut that\u0027s a larger change. Since this is a fs corruption problem fix\nit simply by always using sectors_per_node to increment the start bit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37931",
"url": "https://www.suse.com/security/cve/CVE-2025-37931"
},
{
"category": "external",
"summary": "SUSE Bug 1243626 for CVE-2025-37931",
"url": "https://bugzilla.suse.com/1243626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37931"
},
{
"cve": "CVE-2025-37932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_qlen_notify() idempotent\n\nhtb_qlen_notify() always deactivates the HTB class and in fact could\ntrigger a warning if it is already deactivated. Therefore, it is not\nidempotent and not friendly to its callers, like fq_codel_dequeue().\n\nLet\u0027s make it idempotent to ease qdisc_tree_reduce_backlog() callers\u0027\nlife.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37932",
"url": "https://www.suse.com/security/cve/CVE-2025-37932"
},
{
"category": "external",
"summary": "SUSE Bug 1243627 for CVE-2025-37932",
"url": "https://bugzilla.suse.com/1243627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37932"
},
{
"cve": "CVE-2025-37937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds()\n\nIf dib8000_set_dds()\u0027s call to dib8000_read32() returns zero, the result\nis a divide-by-zero. Prevent that from happening.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/media/dvb-frontends/dib8000.o: warning: objtool: dib8000_tune() falls through to next function dib8096p_cfg_DibRx()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37937",
"url": "https://www.suse.com/security/cve/CVE-2025-37937"
},
{
"category": "external",
"summary": "SUSE Bug 1243540 for CVE-2025-37937",
"url": "https://bugzilla.suse.com/1243540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37937"
},
{
"cve": "CVE-2025-37943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi\n\nIn certain cases, hardware might provide packets with a\nlength greater than the maximum native Wi-Fi header length.\nThis can lead to accessing and modifying fields in the header\nwithin the ath12k_dp_rx_h_undecap_nwifi function for\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type and\npotentially resulting in invalid data access and memory corruption.\n\nAdd a sanity check before processing the SKB to prevent invalid\ndata access in the undecap native Wi-Fi function for the\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37943",
"url": "https://www.suse.com/security/cve/CVE-2025-37943"
},
{
"category": "external",
"summary": "SUSE Bug 1243509 for CVE-2025-37943",
"url": "https://bugzilla.suse.com/1243509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37943"
},
{
"cve": "CVE-2025-37944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process\n\nCurrently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry\nto fetch the next entry from the destination ring. This is incorrect because\nath12k_hal_srng_src_get_next_entry is intended for source rings, not destination\nrings. This leads to invalid entry fetches, causing potential data corruption or\ncrashes due to accessing incorrect memory locations. This happens because the\nsource ring and destination ring have different handling mechanisms and using\nthe wrong function results in incorrect pointer arithmetic and ring management.\n\nTo fix this issue, replace the call to ath12k_hal_srng_src_get_next_entry with\nath12k_hal_srng_dst_get_next_entry in ath12k_dp_mon_srng_process. This ensures\nthat the correct function is used for fetching entries from the destination\nring, preventing invalid memory accesses.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37944",
"url": "https://www.suse.com/security/cve/CVE-2025-37944"
},
{
"category": "external",
"summary": "SUSE Bug 1243530 for CVE-2025-37944",
"url": "https://bugzilla.suse.com/1243530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37944"
},
{
"cve": "CVE-2025-37948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Add BHB mitigation to the epilogue for cBPF programs\n\nA malicious BPF program may manipulate the branch history to influence\nwhat the hardware speculates will happen next.\n\nOn exit from a BPF program, emit the BHB mititgation sequence.\n\nThis is only applied for \u0027classic\u0027 cBPF programs that are loaded by\nseccomp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37948",
"url": "https://www.suse.com/security/cve/CVE-2025-37948"
},
{
"category": "external",
"summary": "SUSE Bug 1243649 for CVE-2025-37948",
"url": "https://bugzilla.suse.com/1243649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37948"
},
{
"cve": "CVE-2025-37949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxenbus: Use kref to track req lifetime\n\nMarek reported seeing a NULL pointer fault in the xenbus_thread\ncallstack:\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: e030:__wake_up_common+0x4c/0x180\nCall Trace:\n \u003cTASK\u003e\n __wake_up_common_lock+0x82/0xd0\n process_msg+0x18e/0x2f0\n xenbus_thread+0x165/0x1c0\n\nprocess_msg+0x18e is req-\u003ecb(req). req-\u003ecb is set to xs_wake_up(), a\nthin wrapper around wake_up(), or xenbus_dev_queue_reply(). It seems\nlike it was xs_wake_up() in this case.\n\nIt seems like req may have woken up the xs_wait_for_reply(), which\nkfree()ed the req. When xenbus_thread resumes, it faults on the zero-ed\ndata.\n\nLinux Device Drivers 2nd edition states:\n\"Normally, a wake_up call can cause an immediate reschedule to happen,\nmeaning that other processes might run before wake_up returns.\"\n... which would match the behaviour observed.\n\nChange to keeping two krefs on each request. One for the caller, and\none for xenbus_thread. Each will kref_put() when finished, and the last\nwill free it.\n\nThis use of kref matches the description in\nDocumentation/core-api/kref.rst",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37949",
"url": "https://www.suse.com/security/cve/CVE-2025-37949"
},
{
"category": "external",
"summary": "SUSE Bug 1243541 for CVE-2025-37949",
"url": "https://bugzilla.suse.com/1243541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37949"
},
{
"cve": "CVE-2025-37951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Add job to pending list if the reset was skipped\n\nWhen a CL/CSD job times out, we check if the GPU has made any progress\nsince the last timeout. If so, instead of resetting the hardware, we skip\nthe reset and let the timer get rearmed. This gives long-running jobs a\nchance to complete.\n\nHowever, when `timedout_job()` is called, the job in question is removed\nfrom the pending list, which means it won\u0027t be automatically freed through\n`free_job()`. Consequently, when we skip the reset and keep the job\nrunning, the job won\u0027t be freed when it finally completes.\n\nThis situation leads to a memory leak, as exposed in [1] and [2].\n\nSimilarly to commit 704d3d60fec4 (\"drm/etnaviv: don\u0027t block scheduler when\nGPU is still active\"), this patch ensures the job is put back on the\npending list when extending the timeout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37951",
"url": "https://www.suse.com/security/cve/CVE-2025-37951"
},
{
"category": "external",
"summary": "SUSE Bug 1243659 for CVE-2025-37951",
"url": "https://bugzilla.suse.com/1243659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37951"
},
{
"cve": "CVE-2025-37953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_deactivate() idempotent\n\nAlan reported a NULL pointer dereference in htb_next_rb_node()\nafter we made htb_qlen_notify() idempotent.\n\nIt turns out in the following case it introduced some regression:\n\nhtb_dequeue_tree():\n |-\u003e fq_codel_dequeue()\n |-\u003e qdisc_tree_reduce_backlog()\n |-\u003e htb_qlen_notify()\n |-\u003e htb_deactivate()\n |-\u003e htb_next_rb_node()\n |-\u003e htb_deactivate()\n\nFor htb_next_rb_node(), after calling the 1st htb_deactivate(), the\nclprio[prio]-\u003eptr could be already set to NULL, which means\nhtb_next_rb_node() is vulnerable here.\n\nFor htb_deactivate(), although we checked qlen before calling it, in\ncase of qlen==0 after qdisc_tree_reduce_backlog(), we may call it again\nwhich triggers the warning inside.\n\nTo fix the issues here, we need to:\n\n1) Make htb_deactivate() idempotent, that is, simply return if we\n already call it before.\n2) Make htb_next_rb_node() safe against ptr==NULL.\n\nMany thanks to Alan for testing and for the reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37953",
"url": "https://www.suse.com/security/cve/CVE-2025-37953"
},
{
"category": "external",
"summary": "SUSE Bug 1243543 for CVE-2025-37953",
"url": "https://bugzilla.suse.com/1243543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37953"
},
{
"cve": "CVE-2025-37954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Avoid race in open_cached_dir with lease breaks\n\nA pre-existing valid cfid returned from find_or_create_cached_dir might\nrace with a lease break, meaning open_cached_dir doesn\u0027t consider it\nvalid, and thinks it\u0027s newly-constructed. This leaks a dentry reference\nif the allocation occurs before the queued lease break work runs.\n\nAvoid the race by extending holding the cfid_list_lock across\nfind_or_create_cached_dir and when the result is checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37954",
"url": "https://www.suse.com/security/cve/CVE-2025-37954"
},
{
"category": "external",
"summary": "SUSE Bug 1243664 for CVE-2025-37954",
"url": "https://bugzilla.suse.com/1243664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37954"
},
{
"cve": "CVE-2025-37957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception\n\nPreviously, commit ed129ec9057f (\"KVM: x86: forcibly leave nested mode\non vCPU reset\") addressed an issue where a triple fault occurring in\nnested mode could lead to use-after-free scenarios. However, the commit\ndid not handle the analogous situation for System Management Mode (SMM).\n\nThis omission results in triggering a WARN when KVM forces a vCPU INIT\nafter SHUTDOWN interception while the vCPU is in SMM. This situation was\nreprodused using Syzkaller by:\n\n 1) Creating a KVM VM and vCPU\n 2) Sending a KVM_SMI ioctl to explicitly enter SMM\n 3) Executing invalid instructions causing consecutive exceptions and\n eventually a triple fault\n\nThe issue manifests as follows:\n\n WARNING: CPU: 0 PID: 25506 at arch/x86/kvm/x86.c:12112\n kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Modules linked in:\n CPU: 0 PID: 25506 Comm: syz-executor.0 Not tainted\n 6.1.130-syzkaller-00157-g164fe5dde9b6 #0\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),\n BIOS 1.12.0-1 04/01/2014\n RIP: 0010:kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Call Trace:\n \u003cTASK\u003e\n shutdown_interception+0x66/0xb0 arch/x86/kvm/svm/svm.c:2136\n svm_invoke_exit_handler+0x110/0x530 arch/x86/kvm/svm/svm.c:3395\n svm_handle_exit+0x424/0x920 arch/x86/kvm/svm/svm.c:3457\n vcpu_enter_guest arch/x86/kvm/x86.c:10959 [inline]\n vcpu_run+0x2c43/0x5a90 arch/x86/kvm/x86.c:11062\n kvm_arch_vcpu_ioctl_run+0x50f/0x1cf0 arch/x86/kvm/x86.c:11283\n kvm_vcpu_ioctl+0x570/0xf00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4122\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nArchitecturally, INIT is blocked when the CPU is in SMM, hence KVM\u0027s WARN()\nin kvm_vcpu_reset() to guard against KVM bugs, e.g. to detect improper\nemulation of INIT. SHUTDOWN on SVM is a weird edge case where KVM needs to\ndo _something_ sane with the VMCB, since it\u0027s technically undefined, and\nINIT is the least awful choice given KVM\u0027s ABI.\n\nSo, double down on stuffing INIT on SHUTDOWN, and force the vCPU out of\nSMM to avoid any weirdness (and the WARN).\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.\n\n[sean: massage changelog, make it clear this isn\u0027t architectural behavior]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37957",
"url": "https://www.suse.com/security/cve/CVE-2025-37957"
},
{
"category": "external",
"summary": "SUSE Bug 1243513 for CVE-2025-37957",
"url": "https://bugzilla.suse.com/1243513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37957"
},
{
"cve": "CVE-2025-37958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: fix dereferencing invalid pmd migration entry\n\nWhen migrating a THP, concurrent access to the PMD migration entry during\na deferred split scan can lead to an invalid address access, as\nillustrated below. To prevent this invalid access, it is necessary to\ncheck the PMD migration entry and return early. In this context, there is\nno need to use pmd_to_swp_entry and pfn_swap_entry_to_page to verify the\nequality of the target folio. Since the PMD migration entry is locked, it\ncannot be served as the target.\n\nMailing list discussion and explanation from Hugh Dickins: \"An anon_vma\nlookup points to a location which may contain the folio of interest, but\nmight instead contain another folio: and weeding out those other folios is\nprecisely what the \"folio != pmd_folio((*pmd)\" check (and the \"risk of\nreplacing the wrong folio\" comment a few lines above it) is for.\"\n\nBUG: unable to handle page fault for address: ffffea60001db008\nCPU: 0 UID: 0 PID: 2199114 Comm: tee Not tainted 6.14.0+ #4 NONE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:split_huge_pmd_locked+0x3b5/0x2b60\nCall Trace:\n\u003cTASK\u003e\ntry_to_migrate_one+0x28c/0x3730\nrmap_walk_anon+0x4f6/0x770\nunmap_folio+0x196/0x1f0\nsplit_huge_page_to_list_to_order+0x9f6/0x1560\ndeferred_split_scan+0xac5/0x12a0\nshrinker_debugfs_scan_write+0x376/0x470\nfull_proxy_write+0x15c/0x220\nvfs_write+0x2fc/0xcb0\nksys_write+0x146/0x250\ndo_syscall_64+0x6a/0x120\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe bug is found by syzkaller on an internal kernel, then confirmed on\nupstream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37958",
"url": "https://www.suse.com/security/cve/CVE-2025-37958"
},
{
"category": "external",
"summary": "SUSE Bug 1243539 for CVE-2025-37958",
"url": "https://bugzilla.suse.com/1243539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37958"
},
{
"cve": "CVE-2025-37959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Scrub packet on bpf_redirect_peer\n\nWhen bpf_redirect_peer is used to redirect packets to a device in\nanother network namespace, the skb isn\u0027t scrubbed. That can lead skb\ninformation from one namespace to be \"misused\" in another namespace.\n\nAs one example, this is causing Cilium to drop traffic when using\nbpf_redirect_peer to redirect packets that just went through IPsec\ndecryption to a container namespace. The following pwru trace shows (1)\nthe packet path from the host\u0027s XFRM layer to the container\u0027s XFRM\nlayer where it\u0027s dropped and (2) the number of active skb extensions at\neach function.\n\n NETNS MARK IFACE TUPLE FUNC\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm4_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 gro_cells_receive\n .active_extensions = (__u8)2,\n [...]\n 4026533547 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 skb_do_redirect\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv_core\n .active_extensions = (__u8)2,\n [...]\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 udp_queue_rcv_one_skb\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_policy_check\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 security_xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 kfree_skb_reason(SKB_DROP_REASON_XFRM_POLICY)\n .active_extensions = (__u8)2,\n\nIn this case, there are no XFRM policies in the container\u0027s network\nnamespace so the drop is unexpected. When we decrypt the IPsec packet,\nthe XFRM state used for decryption is set in the skb extensions. This\ninformation is preserved across the netns switch. When we reach the\nXFRM policy check in the container\u0027s netns, __xfrm_policy_check drops\nthe packet with LINUX_MIB_XFRMINNOPOLS because a (container-side) XFRM\npolicy can\u0027t be found that matches the (host-side) XFRM state used for\ndecryption.\n\nThis patch fixes this by scrubbing the packet when using\nbpf_redirect_peer, as is done on typical netns switches via veth\ndevices except skb-\u003emark and skb-\u003etstamp are not zeroed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37959",
"url": "https://www.suse.com/security/cve/CVE-2025-37959"
},
{
"category": "external",
"summary": "SUSE Bug 1243517 for CVE-2025-37959",
"url": "https://bugzilla.suse.com/1243517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37959"
},
{
"cve": "CVE-2025-37960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemblock: Accept allocated memory before use in memblock_double_array()\n\nWhen increasing the array size in memblock_double_array() and the slab\nis not yet available, a call to memblock_find_in_range() is used to\nreserve/allocate memory. However, the range returned may not have been\naccepted, which can result in a crash when booting an SNP guest:\n\n RIP: 0010:memcpy_orig+0x68/0x130\n Code: ...\n RSP: 0000:ffffffff9cc03ce8 EFLAGS: 00010006\n RAX: ff11001ff83e5000 RBX: 0000000000000000 RCX: fffffffffffff000\n RDX: 0000000000000bc0 RSI: ffffffff9dba8860 RDI: ff11001ff83e5c00\n RBP: 0000000000002000 R08: 0000000000000000 R09: 0000000000002000\n R10: 000000207fffe000 R11: 0000040000000000 R12: ffffffff9d06ef78\n R13: ff11001ff83e5000 R14: ffffffff9dba7c60 R15: 0000000000000c00\n memblock_double_array+0xff/0x310\n memblock_add_range+0x1fb/0x2f0\n memblock_reserve+0x4f/0xa0\n memblock_alloc_range_nid+0xac/0x130\n memblock_alloc_internal+0x53/0xc0\n memblock_alloc_try_nid+0x3d/0xa0\n swiotlb_init_remap+0x149/0x2f0\n mem_init+0xb/0xb0\n mm_core_init+0x8f/0x350\n start_kernel+0x17e/0x5d0\n x86_64_start_reservations+0x14/0x30\n x86_64_start_kernel+0x92/0xa0\n secondary_startup_64_no_verify+0x194/0x19b\n\nMitigate this by calling accept_memory() on the memory range returned\nbefore the slab is available.\n\nPrior to v6.12, the accept_memory() interface used a \u0027start\u0027 and \u0027end\u0027\nparameter instead of \u0027start\u0027 and \u0027size\u0027, therefore the accept_memory()\ncall must be adjusted to specify \u0027start + size\u0027 for \u0027end\u0027 when applying\nto kernels prior to v6.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37960",
"url": "https://www.suse.com/security/cve/CVE-2025-37960"
},
{
"category": "external",
"summary": "SUSE Bug 1243519 for CVE-2025-37960",
"url": "https://bugzilla.suse.com/1243519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37960"
},
{
"cve": "CVE-2025-37963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Only mitigate cBPF programs loaded by unprivileged users\n\nSupport for eBPF programs loaded by unprivileged users is typically\ndisabled. This means only cBPF programs need to be mitigated for BHB.\n\nIn addition, only mitigate cBPF programs that were loaded by an\nunprivileged user. Privileged users can also load the same program\nvia eBPF, making the mitigation pointless.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37963",
"url": "https://www.suse.com/security/cve/CVE-2025-37963"
},
{
"category": "external",
"summary": "SUSE Bug 1243660 for CVE-2025-37963",
"url": "https://bugzilla.suse.com/1243660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "low"
}
],
"title": "CVE-2025-37963"
},
{
"cve": "CVE-2025-37969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo\n\nPrevent st_lsm6dsx_read_tagged_fifo from falling in an infinite loop in\ncase pattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37969",
"url": "https://www.suse.com/security/cve/CVE-2025-37969"
},
{
"category": "external",
"summary": "SUSE Bug 1243574 for CVE-2025-37969",
"url": "https://bugzilla.suse.com/1243574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37969"
},
{
"cve": "CVE-2025-37970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo\n\nPrevent st_lsm6dsx_read_fifo from falling in an infinite loop in case\npattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37970",
"url": "https://www.suse.com/security/cve/CVE-2025-37970"
},
{
"category": "external",
"summary": "SUSE Bug 1243575 for CVE-2025-37970",
"url": "https://bugzilla.suse.com/1243575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37970"
},
{
"cve": "CVE-2025-37972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: mtk-pmic-keys - fix possible null pointer dereference\n\nIn mtk_pmic_keys_probe, the regs parameter is only set if the button is\nparsed in the device tree. However, on hardware where the button is left\nfloating, that node will most likely be removed not to enable that\ninput. In that case the code will try to dereference a null pointer.\n\nLet\u0027s use the regs struct instead as it is defined for all supported\nplatforms. Note that it is ok setting the key reg even if that latter is\ndisabled as the interrupt won\u0027t be enabled anyway.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37972",
"url": "https://www.suse.com/security/cve/CVE-2025-37972"
},
{
"category": "external",
"summary": "SUSE Bug 1243573 for CVE-2025-37972",
"url": "https://bugzilla.suse.com/1243573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37972"
},
{
"cve": "CVE-2025-37974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix missing check for zpci_create_device() error return\n\nThe zpci_create_device() function returns an error pointer that needs to\nbe checked before dereferencing it as a struct zpci_dev pointer. Add the\nmissing check in __clp_add() where it was missed when adding the\nscan_list in the fixed commit. Simply not adding the device to the scan\nlist results in the previous behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37974",
"url": "https://www.suse.com/security/cve/CVE-2025-37974"
},
{
"category": "external",
"summary": "SUSE Bug 1243547 for CVE-2025-37974",
"url": "https://bugzilla.suse.com/1243547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37974"
},
{
"cve": "CVE-2025-37978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: integrity: Do not call set_page_dirty_lock()\n\nPlacing multiple protection information buffers inside the same page\ncan lead to oopses because set_page_dirty_lock() can\u0027t be called from\ninterrupt context.\n\nSince a protection information buffer is not backed by a file there is\nno point in setting its page dirty, there is nothing to synchronize.\nDrop the call to set_page_dirty_lock() and remove the last argument to\nbio_integrity_unpin_bvec().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37978",
"url": "https://www.suse.com/security/cve/CVE-2025-37978"
},
{
"category": "external",
"summary": "SUSE Bug 1243516 for CVE-2025-37978",
"url": "https://bugzilla.suse.com/1243516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37978"
},
{
"cve": "CVE-2025-37979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: Fix sc7280 lpass potential buffer overflow\n\nCase values introduced in commit\n5f78e1fb7a3e (\"ASoC: qcom: Add driver support for audioreach solution\")\ncause out of bounds access in arrays of sc7280 driver data (e.g. in case\nof RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()).\n\nRedefine LPASS_MAX_PORTS to consider the maximum possible port id for\nq6dsp as sc7280 driver utilizes some of those values.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37979",
"url": "https://www.suse.com/security/cve/CVE-2025-37979"
},
{
"category": "external",
"summary": "SUSE Bug 1243545 for CVE-2025-37979",
"url": "https://bugzilla.suse.com/1243545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37979"
},
{
"cve": "CVE-2025-37980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix resource leak in blk_register_queue() error path\n\nWhen registering a queue fails after blk_mq_sysfs_register() is\nsuccessful but the function later encounters an error, we need\nto clean up the blk_mq_sysfs resources.\n\nAdd the missing blk_mq_sysfs_unregister() call in the error path\nto properly clean up these resources and prevent a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37980",
"url": "https://www.suse.com/security/cve/CVE-2025-37980"
},
{
"category": "external",
"summary": "SUSE Bug 1243522 for CVE-2025-37980",
"url": "https://bugzilla.suse.com/1243522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37980"
},
{
"cve": "CVE-2025-37982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wl1251: fix memory leak in wl1251_tx_work\n\nThe skb dequeued from tx_queue is lost when wl1251_ps_elp_wakeup fails\nwith a -ETIMEDOUT error. Fix that by queueing the skb back to tx_queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37982",
"url": "https://www.suse.com/security/cve/CVE-2025-37982"
},
{
"category": "external",
"summary": "SUSE Bug 1243524 for CVE-2025-37982",
"url": "https://bugzilla.suse.com/1243524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37982"
},
{
"cve": "CVE-2025-37983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqibfs: fix _another_ leak\n\nfailure to allocate inode =\u003e leaked dentry...\n\nthis one had been there since the initial merge; to be fair,\nif we are that far OOM, the odds of failing at that particular\nallocation are low...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37983",
"url": "https://www.suse.com/security/cve/CVE-2025-37983"
},
{
"category": "external",
"summary": "SUSE Bug 1243567 for CVE-2025-37983",
"url": "https://bugzilla.suse.com/1243567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37983"
},
{
"cve": "CVE-2025-37985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: wdm: close race between wdm_open and wdm_wwan_port_stop\n\nClearing WDM_WWAN_IN_USE must be the last action or\nwe can open a chardev whose URBs are still poisoned",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37985",
"url": "https://www.suse.com/security/cve/CVE-2025-37985"
},
{
"category": "external",
"summary": "SUSE Bug 1243529 for CVE-2025-37985",
"url": "https://bugzilla.suse.com/1243529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37985"
},
{
"cve": "CVE-2025-37986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Invalidate USB device pointers on partner unregistration\n\nTo avoid using invalid USB device pointers after a Type-C partner\ndisconnects, this patch clears the pointers upon partner unregistration.\nThis ensures a clean state for future connections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37986",
"url": "https://www.suse.com/security/cve/CVE-2025-37986"
},
{
"category": "external",
"summary": "SUSE Bug 1243515 for CVE-2025-37986",
"url": "https://bugzilla.suse.com/1243515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37986"
},
{
"cve": "CVE-2025-37989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: leds: fix memory leak\n\nA network restart test on a router led to an out-of-memory condition,\nwhich was traced to a memory leak in the PHY LED trigger code.\n\nThe root cause is misuse of the devm API. The registration function\n(phy_led_triggers_register) is called from phy_attach_direct, not\nphy_probe, and the unregister function (phy_led_triggers_unregister)\nis called from phy_detach, not phy_remove. This means the register and\nunregister functions can be called multiple times for the same PHY\ndevice, but devm-allocated memory is not freed until the driver is\nunbound.\n\nThis also prevents kmemleak from detecting the leak, as the devm API\ninternally stores the allocated pointer.\n\nFix this by replacing devm_kzalloc/devm_kcalloc with standard\nkzalloc/kcalloc, and add the corresponding kfree calls in the unregister\npath.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37989",
"url": "https://www.suse.com/security/cve/CVE-2025-37989"
},
{
"category": "external",
"summary": "SUSE Bug 1243511 for CVE-2025-37989",
"url": "https://bugzilla.suse.com/1243511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37989"
},
{
"cve": "CVE-2025-37990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()\n\nThe function brcmf_usb_dl_writeimage() calls the function\nbrcmf_usb_dl_cmd() but dose not check its return value. The\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized if the\nfunction brcmf_usb_dl_cmd() fails. It is dangerous to use\nuninitialized variables in the conditions.\n\nAdd error handling for brcmf_usb_dl_cmd() to jump to error\nhandling path if the brcmf_usb_dl_cmd() fails and the\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized.\n\nImprove the error message to report more detailed error\ninformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37990",
"url": "https://www.suse.com/security/cve/CVE-2025-37990"
},
{
"category": "external",
"summary": "SUSE Bug 1243528 for CVE-2025-37990",
"url": "https://bugzilla.suse.com/1243528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-37990"
},
{
"cve": "CVE-2025-38104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV\n\nRLCG Register Access is a way for virtual functions to safely access GPU\nregisters in a virtualized environment., including TLB flushes and\nregister reads. When multiple threads or VFs try to access the same\nregisters simultaneously, it can lead to race conditions. By using the\nRLCG interface, the driver can serialize access to the registers. This\nmeans that only one thread can access the registers at a time,\npreventing conflicts and ensuring that operations are performed\ncorrectly. Additionally, when a low-priority task holds a mutex that a\nhigh-priority task needs, ie., If a thread holding a spinlock tries to\nacquire a mutex, it can lead to priority inversion. register access in\namdgpu_virt_rlcg_reg_rw especially in a fast code path is critical.\n\nThe call stack shows that the function amdgpu_virt_rlcg_reg_rw is being\ncalled, which attempts to acquire the mutex. This function is invoked\nfrom amdgpu_sriov_wreg, which in turn is called from\ngmc_v11_0_flush_gpu_tlb.\n\nThe [ BUG: Invalid wait context ] indicates that a thread is trying to\nacquire a mutex while it is in a context that does not allow it to sleep\n(like holding a spinlock).\n\nFixes the below:\n\n[ 253.013423] =============================\n[ 253.013434] [ BUG: Invalid wait context ]\n[ 253.013446] 6.12.0-amdstaging-drm-next-lol-050225 #14 Tainted: G U OE\n[ 253.013464] -----------------------------\n[ 253.013475] kworker/0:1/10 is trying to lock:\n[ 253.013487] ffff9f30542e3cf8 (\u0026adev-\u003evirt.rlcg_reg_lock){+.+.}-{3:3}, at: amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.013815] other info that might help us debug this:\n[ 253.013827] context-{4:4}\n[ 253.013835] 3 locks held by kworker/0:1/10:\n[ 253.013847] #0: ffff9f3040050f58 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x3f5/0x680\n[ 253.013877] #1: ffffb789c008be40 ((work_completion)(\u0026wfc.work)){+.+.}-{0:0}, at: process_one_work+0x1d6/0x680\n[ 253.013905] #2: ffff9f3054281838 (\u0026adev-\u003egmc.invalidate_lock){+.+.}-{2:2}, at: gmc_v11_0_flush_gpu_tlb+0x198/0x4f0 [amdgpu]\n[ 253.014154] stack backtrace:\n[ 253.014164] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G U OE 6.12.0-amdstaging-drm-next-lol-050225 #14\n[ 253.014189] Tainted: [U]=USER, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n[ 253.014203] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/18/2024\n[ 253.014224] Workqueue: events work_for_cpu_fn\n[ 253.014241] Call Trace:\n[ 253.014250] \u003cTASK\u003e\n[ 253.014260] dump_stack_lvl+0x9b/0xf0\n[ 253.014275] dump_stack+0x10/0x20\n[ 253.014287] __lock_acquire+0xa47/0x2810\n[ 253.014303] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014321] lock_acquire+0xd1/0x300\n[ 253.014333] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014562] ? __lock_acquire+0xa6b/0x2810\n[ 253.014578] __mutex_lock+0x85/0xe20\n[ 253.014591] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014782] ? sched_clock_noinstr+0x9/0x10\n[ 253.014795] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014808] ? local_clock_noinstr+0xe/0xc0\n[ 253.014822] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015012] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.015029] mutex_lock_nested+0x1b/0x30\n[ 253.015044] ? mutex_lock_nested+0x1b/0x30\n[ 253.015057] amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015249] amdgpu_sriov_wreg+0xc5/0xd0 [amdgpu]\n[ 253.015435] gmc_v11_0_flush_gpu_tlb+0x44b/0x4f0 [amdgpu]\n[ 253.015667] gfx_v11_0_hw_init+0x499/0x29c0 [amdgpu]\n[ 253.015901] ? __pfx_smu_v13_0_update_pcie_parameters+0x10/0x10 [amdgpu]\n[ 253.016159] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.016173] ? smu_hw_init+0x18d/0x300 [amdgpu]\n[ 253.016403] amdgpu_device_init+0x29ad/0x36a0 [amdgpu]\n[ 253.016614] amdgpu_driver_load_kms+0x1a/0xc0 [amdgpu]\n[ 253.0170\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38104",
"url": "https://www.suse.com/security/cve/CVE-2025-38104"
},
{
"category": "external",
"summary": "SUSE Bug 1241635 for CVE-2025-38104",
"url": "https://bugzilla.suse.com/1241635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-38104"
},
{
"cve": "CVE-2025-38152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Clear table_sz when rproc_shutdown\n\nThere is case as below could trigger kernel dump:\nUse U-Boot to start remote processor(rproc) with resource table\npublished to a fixed address by rproc. After Kernel boots up,\nstop the rproc, load a new firmware which doesn\u0027t have resource table\n,and start rproc.\n\nWhen starting rproc with a firmware not have resource table,\n`memcpy(loaded_table, rproc-\u003ecached_table, rproc-\u003etable_sz)` will\ntrigger dump, because rproc-\u003ecache_table is set to NULL during the last\nstop operation, but rproc-\u003etable_sz is still valid.\n\nThis issue is found on i.MX8MP and i.MX9.\n\nDump as below:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af63000\n[0000000000000000] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in:\nCPU: 2 UID: 0 PID: 1060 Comm: sh Not tainted 6.14.0-rc7-next-20250317-dirty #38\nHardware name: NXP i.MX8MPlus EVK board (DT)\npstate: a0000005 (NzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __pi_memcpy_generic+0x110/0x22c\nlr : rproc_start+0x88/0x1e0\nCall trace:\n __pi_memcpy_generic+0x110/0x22c (P)\n rproc_boot+0x198/0x57c\n state_store+0x40/0x104\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x7c/0x94\n kernfs_fop_write_iter+0x120/0x1cc\n vfs_write+0x240/0x378\n ksys_write+0x70/0x108\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xcc\n el0t_64_sync_handler+0x10c/0x138\n el0t_64_sync+0x198/0x19c\n\nClear rproc-\u003etable_sz to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38152",
"url": "https://www.suse.com/security/cve/CVE-2025-38152"
},
{
"category": "external",
"summary": "SUSE Bug 1241627 for CVE-2025-38152",
"url": "https://bugzilla.suse.com/1241627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-38152"
},
{
"cve": "CVE-2025-38240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38240"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr\n\nThe function mtk_dp_wait_hpd_asserted() may be called before the\n`mtk_dp-\u003edrm_dev` pointer is assigned in mtk_dp_bridge_attach().\nSpecifically it can be called via this callpath:\n - mtk_edp_wait_hpd_asserted\n - [panel probe]\n - dp_aux_ep_probe\n\nUsing \"drm\" level prints anywhere in this callpath causes a NULL\npointer dereference. Change the error message directly in\nmtk_dp_wait_hpd_asserted() to dev_err() to avoid this. Also change the\nerror messages in mtk_dp_parse_capabilities(), which is called by\nmtk_dp_wait_hpd_asserted().\n\nWhile touching these prints, also add the error code to them to make\nfuture debugging easier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38240",
"url": "https://www.suse.com/security/cve/CVE-2025-38240"
},
{
"category": "external",
"summary": "SUSE Bug 1241457 for CVE-2025-38240",
"url": "https://bugzilla.suse.com/1241457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-38240"
},
{
"cve": "CVE-2025-38637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: skbprio: Remove overly strict queue assertions\n\nIn the current implementation, skbprio enqueue/dequeue contains an assertion\nthat fails under certain conditions when SKBPRIO is used as a child qdisc under\nTBF with specific parameters. The failure occurs because TBF sometimes peeks at\npackets in the child qdisc without actually dequeuing them when tokens are\nunavailable.\n\nThis peek operation creates a discrepancy between the parent and child qdisc\nqueue length counters. When TBF later receives a high-priority packet,\nSKBPRIO\u0027s queue length may show a different value than what\u0027s reflected in its\ninternal priority queue tracking, triggering the assertion.\n\nThe fix removes this overly strict assertions in SKBPRIO, they are not\nnecessary at all.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38637",
"url": "https://www.suse.com/security/cve/CVE-2025-38637"
},
{
"category": "external",
"summary": "SUSE Bug 1241657 for CVE-2025-38637",
"url": "https://bugzilla.suse.com/1241657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-38637"
},
{
"cve": "CVE-2025-39735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix slab-out-of-bounds read in ea_get()\n\nDuring the \"size_check\" label in ea_get(), the code checks if the extended\nattribute list (xattr) size matches ea_size. If not, it logs\n\"ea_get: invalid extended attribute\" and calls print_hex_dump().\n\nHere, EALIST_SIZE(ea_buf-\u003exattr) returns 4110417968, which exceeds\nINT_MAX (2,147,483,647). Then ea_size is clamped:\n\n\tint size = clamp_t(int, ea_size, 0, EALIST_SIZE(ea_buf-\u003exattr));\n\nAlthough clamp_t aims to bound ea_size between 0 and 4110417968, the upper\nlimit is treated as an int, causing an overflow above 2^31 - 1. This leads\n\"size\" to wrap around and become negative (-184549328).\n\nThe \"size\" is then passed to print_hex_dump() (called \"len\" in\nprint_hex_dump()), it is passed as type size_t (an unsigned\ntype), this is then stored inside a variable called\n\"int remaining\", which is then assigned to \"int linelen\" which\nis then passed to hex_dump_to_buffer(). In print_hex_dump()\nthe for loop, iterates through 0 to len-1, where len is\n18446744073525002176, calling hex_dump_to_buffer()\non each iteration:\n\n\tfor (i = 0; i \u003c len; i += rowsize) {\n\t\tlinelen = min(remaining, rowsize);\n\t\tremaining -= rowsize;\n\n\t\thex_dump_to_buffer(ptr + i, linelen, rowsize, groupsize,\n\t\t\t\t linebuf, sizeof(linebuf), ascii);\n\n\t\t...\n\t}\n\nThe expected stopping condition (i \u003c len) is effectively broken\nsince len is corrupted and very large. This eventually leads to\nthe \"ptr+i\" being passed to hex_dump_to_buffer() to get closer\nto the end of the actual bounds of \"ptr\", eventually an out of\nbounds access is done in hex_dump_to_buffer() in the following\nfor loop:\n\n\tfor (j = 0; j \u003c len; j++) {\n\t\t\tif (linebuflen \u003c lx + 2)\n\t\t\t\tgoto overflow2;\n\t\t\tch = ptr[j];\n\t\t...\n\t}\n\nTo fix this we should validate \"EALIST_SIZE(ea_buf-\u003exattr)\"\nbefore it is utilised.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39735",
"url": "https://www.suse.com/security/cve/CVE-2025-39735"
},
{
"category": "external",
"summary": "SUSE Bug 1241625 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "external",
"summary": "SUSE Bug 1241699 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "important"
}
],
"title": "CVE-2025-39735"
},
{
"cve": "CVE-2025-40014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq()\n\nIf speed_hz \u003c AMD_SPI_MIN_HZ, amd_set_spi_freq() iterates over the\nentire amd_spi_freq array without breaking out early, causing \u0027i\u0027 to go\nbeyond the array bounds.\n\nFix that by stopping the loop when it gets to the last entry, so the low\nspeed_hz value gets clamped up to AMD_SPI_MIN_HZ.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/spi/spi-amd.o: error: objtool: amd_set_spi_freq() falls through to next function amd_spi_set_opcode()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40014",
"url": "https://www.suse.com/security/cve/CVE-2025-40014"
},
{
"category": "external",
"summary": "SUSE Bug 1241644 for CVE-2025-40014",
"url": "https://bugzilla.suse.com/1241644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-40014"
},
{
"cve": "CVE-2025-40325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: wait barrier before returning discard request with REQ_NOWAIT\n\nraid10_handle_discard should wait barrier before returning a discard bio\nwhich has REQ_NOWAIT. And there is no need to print warning calltrace\nif a discard bio has REQ_NOWAIT flag. Quality engineer usually checks\ndmesg and reports error if dmesg has warning/error calltrace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40325",
"url": "https://www.suse.com/security/cve/CVE-2025-40325"
},
{
"category": "external",
"summary": "SUSE Bug 1241638 for CVE-2025-40325",
"url": "https://bugzilla.suse.com/1241638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T13:06:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-40325"
}
]
}
suse-su-2025:01972-1
Vulnerability from csaf_suse
Published
2025-06-17 11:37
Modified
2025-06-17 11:37
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).
- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).
- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).
- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).
- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).
- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).
- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22094: powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu' (bsc#1241512).
- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).
- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).
- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).
- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23154: io_uring/net: fix io_req_post_cqe abuse by send bundle (bsc#1242533).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37747: kABI workaround for perf-Fix-hang-while-freeing-sigtrap-event (References: bsc#1242520).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37798: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414).
- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
The following non-security bugs were fixed:
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).
- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).
- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).
- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
- ASoC: Use of_property_read_bool() (stable-fixes).
- ASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction (git-fixes).
- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).
- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).
- Bluetooth: btintel_pcie: Add additional to checks to clear TX/RX paths (git-fixes).
- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).
- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).
- Input: cyttsp5 - fix power control issue on wakeup (git-fixes).
- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).
- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
- Input: xpad - fix two controller table values (git-fixes).
- KVM: PPC: Book3S HV: Fix IRQ map warnings with XICS on pSeries KVM Guest (bsc#1242205 ltc#212592).
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- KVM: SVM: Do not change target vCPU state on AP Creation VMGEXIT error (git-fixes).
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
- KVM: SVM: Refuse to attempt VRMUN if an SEV-ES+ guest had an invalid VMSA (git-fixes).
- KVM: SVM: Save host DR masks on CPUs with DebugSwap (jsc#PED-348).
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
- KVM: arm64: Mark some header functions as inline (git-fixes).
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).
- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
- KVM: x86/mmu: Check and free obsolete roots in kvm_mmu_reload() (git-fixes).
- KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).
- KVM: x86: Check that the high 32bits are clear in kvm_arch_vcpu_ioctl_run() (git-fixes).
- KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
- KVM: x86: block KVM_CAP_SYNC_REGS if guest state is protected (git-fixes).
- Move upstreamed sound patch into sorted section
- Move upstreamed tpm patch into sorted section
- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (git-fixes).
- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- RDMA/core: Fix 'KASAN: slab-use-after-free Read in ib_register_device' problem (git-fixes)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- RDMA/rxe: Fix 'trying to register non-static key in rxe_qp_do_cleanup' bug (git-fixes)
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- Readd patches.kabi/md-md_personality-workaround-v2.patch dropped in merge by accident.
- Refresh fixes for cBPF issue (bsc#1242778)
- Remove debug flavor (bsc#1243919). This is only released in Leap, and we do not have Leap 15.7
- Revert 'drm/amd/display: Hardware cursor changes color when switched to software cursor' (stable-fixes).
- Revert 'drm/amd: Keep display off while going into S4' (git-fixes).
- Revert 'drm/amd: Stop evicting resources on APUs in suspend' (stable-fixes).
- Revert 'rndis_host: Flag RNDIS modems as WWAN devices' (git-fixes).
- Sort ITS patches
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).
- USB: VLI disk crashes if LPM is used (stable-fixes).
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).
- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).
- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).
- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).
- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).
- Update patches.suse/nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch (git-fixes bsc#1235149).
- Update patches.suse/nvme-re-read-ANA-log-page-after-ns-scan-completes.patch (git-fixes bsc#1235149).
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
- afs: Make it possible to find the volumes that are using a server (git-fixes).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (bsc#1242778).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (bsc#1242778).
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- arm64: insn: Add support for encoding DSB (bsc#1242778).
- arm64: insn: Add support for encoding DSB (git-fixes)
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (bsc#1242778).
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- arm64: proton-pack: Expose whether the branchy loop k value (bsc#1242778).
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by firmware (bsc#1242778).
- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).
- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).
- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).
- ata: libata-scsi: Improve CDL control (git-fixes).
- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).
- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
- bnxt_en: Fix ethtool selftest output in one of the failure cases (git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
- bnxt_en: call pci_alloc_irq_vectors() after bnxt_reserve_rings() (git-fixes).
- bnxt_en: fix module unload sequence (git-fixes).
- bnxt_en: improve TX timestamping FIFO configuration (git-fixes).
- bonding: fix incorrect MAC address setting to receive NS messages (git-fixes).
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- bpf: add find_containing_subprog() utility function (bsc#1241590). Both spellings are actually used
- bpf: check changes_pkt_data property for extension programs (bsc#1241590).
- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).
- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).
- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).
- bpf: track changes_pkt_data property for global functions (bsc#1241590).
- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).
- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).
- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- can: bcm: add missing rcu read protection for procfs content (git-fixes).
- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).
- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).
- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).
- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).
- can: slcan: allow reception of short error messages (git-fixes).
- check-for-config-changes: Fix flag name typo
- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).
- cifs: reduce warning log level for server not advertising interfaces (git-fixes).
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).
- cxl/core/regs.c: Skip Memory Space Enable check for RCD and RCH Ports (bsc#1242125).
- devlink: fix port new reply cmd type (git-fixes).
- dm-bufio: do not schedule in atomic context (git-fixes).
- dm-ebs: fix prefetch-vs-suspend race (git-fixes).
- dm-integrity: fix a warning on invalid table line (git-fixes).
- dm-integrity: set ti->error on memory allocation failure (git-fixes).
- dm-verity: fix prefetch-vs-suspend race (git-fixes).
- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).
- dm: always update the array size in realloc_argv on success (git-fixes).
- dm: fix copying after src array boundaries (git-fixes).
- dma-buf: insert memory barrier before updating num_fences (git-fixes).
- dmaengine: Revert 'dmaengine: dmatest: Fix dmatest waiting less when interrupted' (git-fixes).
- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).
- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).
- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
- drm/amd/display: Copy AUX read reply data whenever length > 0 (git-fixes).
- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
- drm/amd/display: Fix invalid context error in dml helper (git-fixes).
- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).
- drm/amd/display: Force full update in gpu reset (stable-fixes).
- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).
- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
- drm/amdgpu/hdp4: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu/hdp5: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu/hdp6: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu/hdp7: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu/vcn: using separate VCN1_AON_SOC offset (stable-fixes).
- drm/amdgpu: Fix offset for HDP remap in nbio v7.11 (stable-fixes).
- drm/amdgpu: Increase KIQ invalidate_tlbs timeout (stable-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: Use the right function for hdp flush (stable-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
- drm/amdgpu: use a dummy owner for sysfs triggered cleaner shaders v4 (stable-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
- drm/fdinfo: Protect against driver unbind (git-fixes).
- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' (git-fixes).
- drm/mipi-dbi: Fix blanking for non-16 bit formats (git-fixes).
- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).
- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).
- drm/tests: shmem: Fix memleak (git-fixes).
- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
- drm/xe/tests/mocs: Hold XE_FORCEWAKE_ALL for LNCF regs (git-fixes).
- drm/xe/tests/mocs: Update xe_force_wake_get() return handling (stable-fixes).
- drm/xe/xe3lpg: Apply Wa_14022293748, Wa_22019794406 (stable-fixes).
- drm/xe: Add page queue multiplier (git-fixes).
- drm/xe: Save CTX_TIMESTAMP mmio value instead of LRC value (git-fixes).
- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).
- ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll() (git-fixes).
- ethtool: ntuple: fix rss + ring_cookie check (git-fixes).
- ethtool: rss: fix hiding unsupported fields in dumps (git-fixes).
- exfat: fix potential wrong error return from get_block (git-fixes).
- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).
- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).
- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).
- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).
- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).
- ext4: goto right label 'out_mmap_sem' in ext4_setattr() (bsc#1242556).
- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).
- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).
- ext4: protect ext4_release_dquot against freezing (bsc#1242335).
- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536).
- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).
- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538).
- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).
- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).
- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528).
- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).
- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).
- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).
- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).
- iio: adc: ad7606: fix serial register access (git-fixes).
- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).
- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).
- iio: adis16201: Correct inclinometer channel resolution (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).
- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).
- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).
- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
- io_uring/sqpoll: Increase task_work submission batch size (bsc#1238585).
- iommu/arm-smmu-v3: Fix pgsize_bit for sva domains (bsc#1243341)
- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- ipv4: Fix incorrect source address in Record Route option (git-fixes).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).
- ipv4: fix source address selection with route leak (git-fixes).
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes).
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
- ipv6: Align behavior across nexthops during path selection (git-fixes).
- ipv6: Do not consider link down nexthops in path selection (git-fixes).
- ipv6: Start path selection from the first nexthop (git-fixes).
- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).
- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).
- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).
- iwlwifi: correct modinfo firmware ucode (bsc#1243020).
- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).
- jbd2: fix off-by-one while erasing journal (bsc#1242344).
- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).
- jbd2: increase IO priority for writing revoke records (bsc#1242332).
- jbd2: increase the journal IO's priority (bsc#1242537).
- jbd2: remove wrong sb->s_sequence check (bsc#1242343).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- kernel-obs-qa: Use srchash for dependency as well
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: aio inherit the ioprio of original request (git-fixes).
- loop: do not require ->write_iter for writable files in loop_configure (git-fixes).
- md/raid1,raid10: do not ignore IO flags (git-fixes).
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- md: add a new callback pers->bitmap_sector() (git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md: preserve KABI in struct md_personality v2 (git-fixes).
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).
- mei: me: add panther lake H DID (stable-fixes).
- mm/readahead: fix large folio support in async readahead (bsc#1242321).
- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).
- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).
- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).
- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).
- mptcp: refine opt_mp_capable determination (git-fixes).
- mptcp: relax check on MPC passive fallback (git-fixes).
- mptcp: strict validation before using mp_opt->hmac (git-fixes).
- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- neighbour: delete redundant judgment statements (git-fixes).
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).
- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
- net/mlx5e: Fix lock order in mlx5e_tx_reporter_ptpsq_unhealthy_recover (git-fixes).
- net/mlx5e: TC, Continue the attr process even if encap entry is invalid (git-fixes).
- net/mlx5e: Use custom tunnel header for vxlan gbp (git-fixes).
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).
- net: Handle napi_schedule() calls from non-interrupt (git-fixes).
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).
- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
- net: do not dump stack on queue timeout (git-fixes).
- net: free_netdev: exit earlier if dummy (bsc#1243215).
- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).
- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).
- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).
- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- netlink: specs: tc: all actions are indexed arrays (git-fixes).
- netlink: specs: tc: fix a couple of attribute names (git-fixes).
- netpoll: Ensure clean state on setup failures (git-fixes).
- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).
- ntb: reduce stack usage in idt_scan_mws (stable-fixes).
- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
- nvme: multipath: fix return value of nvme_available_path (git-fixes).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvme: unblock ctrl state transition for firmware update (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).
- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- octeontx2-pf: Do not reallocate all ntuple filters (git-fixes).
- octeontx2-pf: Fix ethtool support for SDP representors (git-fixes).
- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
- padata: do not leak refcount in reorder_work (git-fixes).
- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)
- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)
- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)
- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).
- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).
- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).
- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- powerpc/pseries/iommu: Fix kmemleak in TCE table userspace view (jsc#PED-10539 git-fixes).
- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- powerpc: Do not use --- in kernel logs (git-fixes).
- qibfs: fix _another_ leak (git-fixes)
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- rcu: Introduce rcu_cpu_online() (git-fixes)
- regulator: max20086: fix invalid memory access (git-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).
- s390/ap: Fix CCA crypto card behavior within protected execution environment (git-fixes bsc#1243817 LTC#213623).
- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
- s390/cpumf: Update CPU Measurement facility extended counter set support (bsc#1243115).
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes).
- s390: Add z17 elf platform (bsc#1243116).
- sched/fair: Fix CPU bandwidth limit bypass during CPU hotplug (BSC#1241319).
- sched/fair: Fix CPU bandwidth limit bypass during CPU hotplug (bsc#1241319).
- sched/topology: Refinement to topology_span_sane speedup (bsc#1242119).
- sched/topology: improve topology_span_sane speed (bsc#1242119).
- sched: Add deprecation warning for users of RT_GROUP_SCHED (jsc#PED-11761 jsc#PED-12405).
- scsi: Improve CDL control (git-fixes).
- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (bsc#1241388 jsc#PED-11258).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: megaraid_sas: Driver version update to 07.734.00.00-rc1 (bsc#1241388 jsc#PED-11258).
- scsi: megaraid_sas: Make most module parameters static (bsc#1241388 jsc#PED-11258).
- scsi: mpi3mr: Add level check to control event logging (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Avoid reply queue full condition (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Check admin reply queue from Watchdog (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Fix pending I/O counter (git-fixes).
- scsi: mpi3mr: Fix spelling mistake 'skiping' -> 'skipping' (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Handling of fault code for insufficient power (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Reset the pending interrupt flag (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Support for Segmented Hardware Trace buffer (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Synchronize access to ioctl data buffer (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Task Abort EH Support (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Update MPI Headers to revision 35 (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Update driver version to 8.12.0.3.50 (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Update driver version to 8.12.1.0.50 (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Update driver version to 8.13.0.5.50 (bsc#1241388 jsc#PED-12372).
- scsi: mpi3mr: Update timestamp only for supervisor IOCs (bsc#1241388 jsc#PED-12372).
- scsi: mpt3sas: Add details to EEDPTagMode error message (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Add support for MCTP Passthrough commands (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Fix buffer overflow in mpt3sas_send_mctp_passthru_req() (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Fix spelling mistake 'receveid' -> 'received' (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Remove unused config functions (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Report driver capability as part of IOCINFO command (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Send a diag reset if target reset fails (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: Update MPI headers to 02.00.62 version (bsc#1241388 jsc#PED-11253).
- scsi: mpt3sas: update driver version to 52.100.00.00 (bsc#1241388 jsc#PED-11253).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).
- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).
- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).
- selftests/bpf: test for changing packet data from global functions (bsc#1241590).
- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).
- soundwire: bus: Fix race on the creation of the IRQ domain (git-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).
- spi: tegra114: Use value to check for invalid delays (git-fixes).
- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).
- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).
- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).
- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).
- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).
- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).
- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).
- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).
- tools/hv: update route parsing in kvp daemon (git-fixes).
- tty: Require CAP_SYS_ADMIN for all usages of TIOCL_SELMOUSEREPORT (git-fixes).
- udf: Fix inode_getblk() return value (bsc#1242313).
- udf: Skip parent dir link count update if corrupted (bsc#1242315).
- udf: Verify inode link counts before performing rename (bsc#1242314).
- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).
- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).
- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).
- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).
- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).
- usb: gadget: f_ecm: Add get_status callback (git-fixes).
- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).
- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).
- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).
- usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func (stable-fixes).
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).
- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).
- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).
- usb: uhci-platform: Make the clock really optional (git-fixes).
- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).
- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).
- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).
- usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running (stable-fixes).
- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).
- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).
- virtio_console: fix missing byte order handling for cols and rows (git-fixes).
- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).
- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).
- wifi: iwlwifi: do not warn if the NIC is gone in resume (git-fixes).
- wifi: iwlwifi: fix the check for the SCRATCH register upon resume (git-fixes).
- wifi: mac80211, cfg80211: miscellaneous spelling fixes (git-fixes).
- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).
- x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes).
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- xenfs/xensyms: respect hypervisor's 'next' indication (git-fixes).
- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).
- xhci: Limit time spent with xHC interrupts disabled during bus resume (stable-fixes).
- xhci: split free interrupter into separate remove and free parts (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- xsk: Do not assume metadata is always requested in TX completion (git-fixes).
Patchnames
SUSE-2025-1972,SUSE-SLE-Module-Live-Patching-15-SP7-2025-1972,SUSE-SLE-Module-RT-15-SP7-2025-1972
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).\n- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).\n- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).\n- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).\n- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).\n- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).\n- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).\n- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1237312).\n- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).\n- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).\n- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).\n- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).\n- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).\n- CVE-2025-21814: ptp: Ensure info-\u003eenable callback is always set (bsc#1238473).\n- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).\n- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).\n- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).\n- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).\n- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).\n- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).\n- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).\n- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).\n- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).\n- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).\n- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).\n- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).\n- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).\n- CVE-2025-22094: powerpc/perf: Fix ref-counting on the PMU \u0027vpa_pmu\u0027 (bsc#1241512).\n- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).\n- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).\n- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).\n- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).\n- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).\n- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).\n- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).\n- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).\n- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).\n- CVE-2025-23154: io_uring/net: fix io_req_post_cqe abuse by send bundle (bsc#1242533).\n- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).\n- CVE-2025-37747: kABI workaround for perf-Fix-hang-while-freeing-sigtrap-event (References: bsc#1242520).\n- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).\n- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).\n- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).\n- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).\n- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).\n- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).\n- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).\n- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).\n- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).\n- CVE-2025-37798: codel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414).\n- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).\n- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).\n- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).\n- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).\n- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).\n- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).\n- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).\n- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).\n- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).\n- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).\n- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).\n- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).\n- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).\n- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).\n- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).\n- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).\n- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).\n- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).\n- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).\n- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).\n- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).\n- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).\n- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).\n\nThe following non-security bugs were fixed:\n\n- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).\n- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).\n- ACPI: PPTT: Fix processor subtable walk (git-fixes).\n- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).\n- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).\n- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).\n- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).\n- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).\n- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).\n- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).\n- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).\n- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).\n- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).\n- ASoC: Use of_property_read_bool() (stable-fixes).\n- ASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction (git-fixes).\n- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).\n- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).\n- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).\n- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).\n- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).\n- Bluetooth: btintel_pcie: Add additional to checks to clear TX/RX paths (git-fixes).\n- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).\n- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).\n- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).\n- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).\n- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).\n- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).\n- IB/cm: use rwlock for MAD agent lock (git-fixes)\n- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).\n- Input: cyttsp5 - fix power control issue on wakeup (git-fixes).\n- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).\n- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).\n- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).\n- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).\n- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).\n- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).\n- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).\n- Input: xpad - fix two controller table values (git-fixes).\n- KVM: PPC: Book3S HV: Fix IRQ map warnings with XICS on pSeries KVM Guest (bsc#1242205 ltc#212592).\n- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).\n- KVM: SVM: Do not change target vCPU state on AP Creation VMGEXIT error (git-fixes).\n- KVM: SVM: Drop DEBUGCTL[5:2] from guest\u0027s effective value (git-fixes).\n- KVM: SVM: Refuse to attempt VRMUN if an SEV-ES+ guest had an invalid VMSA (git-fixes).\n- KVM: SVM: Save host DR masks on CPUs with DebugSwap (jsc#PED-348).\n- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).\n- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).\n- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).\n- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).\n- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).\n- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).\n- KVM: arm64: Mark some header functions as inline (git-fixes).\n- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).\n- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).\n- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).\n- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).\n- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).\n- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).\n- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).\n- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).\n- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).\n- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).\n- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).\n- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).\n- KVM: x86/mmu: Check and free obsolete roots in kvm_mmu_reload() (git-fixes).\n- KVM: x86/xen: Use guest\u0027s copy of pvclock when starting timer (git-fixes).\n- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).\n- KVM: x86: Check that the high 32bits are clear in kvm_arch_vcpu_ioctl_run() (git-fixes).\n- KVM: x86: Do not take kvm-\u003elock when iterating over vCPUs in suspend notifier (git-fixes).\n- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).\n- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn\u0027t supported by KVM (git-fixes).\n- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).\n- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).\n- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).\n- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).\n- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).\n- KVM: x86: block KVM_CAP_SYNC_REGS if guest state is protected (git-fixes).\n- Move upstreamed sound patch into sorted section\n- Move upstreamed tpm patch into sorted section\n- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).\n- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn\u0027t up (git-fixes).\n- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).\n- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).\n- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)\n- RDMA/core: Fix \u0027KASAN: slab-use-after-free Read in ib_register_device\u0027 problem (git-fixes)\n- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)\n- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)\n- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)\n- RDMA/rxe: Fix \u0027trying to register non-static key in rxe_qp_do_cleanup\u0027 bug (git-fixes)\n- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)\n- Readd patches.kabi/md-md_personality-workaround-v2.patch dropped in merge by accident.\n- Refresh fixes for cBPF issue (bsc#1242778)\n- Remove debug flavor (bsc#1243919). This is only released in Leap, and we do not have Leap 15.7\n- Revert \u0027drm/amd/display: Hardware cursor changes color when switched to software cursor\u0027 (stable-fixes).\n- Revert \u0027drm/amd: Keep display off while going into S4\u0027 (git-fixes).\n- Revert \u0027drm/amd: Stop evicting resources on APUs in suspend\u0027 (stable-fixes).\n- Revert \u0027rndis_host: Flag RNDIS modems as WWAN devices\u0027 (git-fixes).\n- Sort ITS patches\n- Squashfs: check return result of sb_min_blocksize (git-fixes).\n- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).\n- USB: VLI disk crashes if LPM is used (stable-fixes).\n- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).\n- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).\n- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).\n- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).\n- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).\n- Update patches.suse/nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch (git-fixes bsc#1235149).\n- Update patches.suse/nvme-re-read-ANA-log-page-after-ns-scan-completes.patch (git-fixes bsc#1235149).\n- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).\n- add bug reference for an existing hv_netvsc change (bsc#1243737).\n- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).\n- afs: Make it possible to find the volumes that are using a server (git-fixes).\n- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (bsc#1242778).\n- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)\n- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (bsc#1242778).\n- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)\n- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)\n- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)\n- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)\n- arm64: insn: Add support for encoding DSB (bsc#1242778).\n- arm64: insn: Add support for encoding DSB (git-fixes)\n- arm64: proton-pack: Add new CPUs \u0027k\u0027 values for branch mitigation (bsc#1242778).\n- arm64: proton-pack: Add new CPUs \u0027k\u0027 values for branch mitigation (git-fixes)\n- arm64: proton-pack: Expose whether the branchy loop k value (bsc#1242778).\n- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)\n- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)\n- arm64: proton-pack: Expose whether the platform is mitigated by firmware (bsc#1242778).\n- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).\n- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).\n- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).\n- ata: libata-scsi: Improve CDL control (git-fixes).\n- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).\n- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).\n- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).\n- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).\n- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).\n- bnxt_en: Fix ethtool selftest output in one of the failure cases (git-fixes).\n- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).\n- bnxt_en: call pci_alloc_irq_vectors() after bnxt_reserve_rings() (git-fixes).\n- bnxt_en: fix module unload sequence (git-fixes).\n- bnxt_en: improve TX timestamping FIFO configuration (git-fixes).\n- bonding: fix incorrect MAC address setting to receive NS messages (git-fixes).\n- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).\n- bpf: Scrub packet on bpf_redirect_peer (git-fixes).\n- bpf: add find_containing_subprog() utility function (bsc#1241590). Both spellings are actually used\n- bpf: check changes_pkt_data property for extension programs (bsc#1241590).\n- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).\n- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).\n- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).\n- bpf: track changes_pkt_data property for global functions (bsc#1241590).\n- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).\n- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).\n- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).\n- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).\n- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).\n- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).\n- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).\n- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).\n- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).\n- can: bcm: add locking for bcm_op runtime updates (git-fixes).\n- can: bcm: add missing rcu read protection for procfs content (git-fixes).\n- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).\n- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).\n- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).\n- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).\n- can: slcan: allow reception of short error messages (git-fixes).\n- check-for-config-changes: Fix flag name typo\n- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).\n- cifs: reduce warning log level for server not advertising interfaces (git-fixes).\n- crypto: algif_hash - fix double free in hash_accept (git-fixes).\n- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).\n- cxl/core/regs.c: Skip Memory Space Enable check for RCD and RCH Ports (bsc#1242125).\n- devlink: fix port new reply cmd type (git-fixes).\n- dm-bufio: do not schedule in atomic context (git-fixes).\n- dm-ebs: fix prefetch-vs-suspend race (git-fixes).\n- dm-integrity: fix a warning on invalid table line (git-fixes).\n- dm-integrity: set ti-\u003eerror on memory allocation failure (git-fixes).\n- dm-verity: fix prefetch-vs-suspend race (git-fixes).\n- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).\n- dm: always update the array size in realloc_argv on success (git-fixes).\n- dm: fix copying after src array boundaries (git-fixes).\n- dma-buf: insert memory barrier before updating num_fences (git-fixes).\n- dmaengine: Revert \u0027dmaengine: dmatest: Fix dmatest waiting less when interrupted\u0027 (git-fixes).\n- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).\n- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).\n- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).\n- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).\n- dmaengine: idxd: Fix -\u003epoll() return value (git-fixes).\n- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).\n- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).\n- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).\n- dmaengine: mediatek: drop unused variable (git-fixes).\n- dmaengine: ti: k3-udma: Add missing locking (git-fixes).\n- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).\n- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).\n- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).\n- drm/amd/display: Copy AUX read reply data whenever length \u003e 0 (git-fixes).\n- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).\n- drm/amd/display: Fix invalid context error in dml helper (git-fixes).\n- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).\n- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).\n- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).\n- drm/amd/display: Force full update in gpu reset (stable-fixes).\n- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).\n- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).\n- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).\n- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).\n- drm/amdgpu/hdp4: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu/hdp5: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu/hdp6: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu/hdp7: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu/vcn: using separate VCN1_AON_SOC offset (stable-fixes).\n- drm/amdgpu: Fix offset for HDP remap in nbio v7.11 (stable-fixes).\n- drm/amdgpu: Increase KIQ invalidate_tlbs timeout (stable-fixes).\n- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).\n- drm/amdgpu: Use the right function for hdp flush (stable-fixes).\n- drm/amdgpu: fix pm notifier handling (git-fixes).\n- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).\n- drm/amdgpu: use a dummy owner for sysfs triggered cleaner shaders v4 (stable-fixes).\n- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).\n- drm/fdinfo: Protect against driver unbind (git-fixes).\n- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions\u0027 (git-fixes).\n- drm/mipi-dbi: Fix blanking for non-16 bit formats (git-fixes).\n- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).\n- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).\n- drm/tests: shmem: Fix memleak (git-fixes).\n- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).\n- drm/xe/tests/mocs: Hold XE_FORCEWAKE_ALL for LNCF regs (git-fixes).\n- drm/xe/tests/mocs: Update xe_force_wake_get() return handling (stable-fixes).\n- drm/xe/xe3lpg: Apply Wa_14022293748, Wa_22019794406 (stable-fixes).\n- drm/xe: Add page queue multiplier (git-fixes).\n- drm/xe: Save CTX_TIMESTAMP mmio value instead of LRC value (git-fixes).\n- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).\n- ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll() (git-fixes).\n- ethtool: ntuple: fix rss + ring_cookie check (git-fixes).\n- ethtool: rss: fix hiding unsupported fields in dumps (git-fixes).\n- exfat: fix potential wrong error return from get_block (git-fixes).\n- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).\n- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).\n- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).\n- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).\n- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).\n- ext4: goto right label \u0027out_mmap_sem\u0027 in ext4_setattr() (bsc#1242556).\n- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).\n- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).\n- ext4: protect ext4_release_dquot against freezing (bsc#1242335).\n- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536).\n- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).\n- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538).\n- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).\n- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).\n- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528).\n- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).\n- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).\n- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).\n- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).\n- hv_netvsc: Remove rmsg_pgcnt (git-fixes).\n- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).\n- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).\n- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).\n- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).\n- idpf: fix offloads support for encapsulated packets (git-fixes).\n- idpf: fix potential memory leak on kcalloc() failure (git-fixes).\n- idpf: protect shutdown from reset (git-fixes).\n- igc: fix lock order in igc_ptp_reset (git-fixes).\n- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).\n- iio: adc: ad7606: fix serial register access (git-fixes).\n- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).\n- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).\n- iio: adis16201: Correct inclinometer channel resolution (git-fixes).\n- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).\n- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).\n- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).\n- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).\n- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).\n- io_uring/sqpoll: Increase task_work submission batch size (bsc#1238585).\n- iommu/arm-smmu-v3: Fix pgsize_bit for sva domains (bsc#1243341)\n- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).\n- ipv4/route: avoid unused-but-set-variable warning (git-fixes).\n- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).\n- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).\n- ipv4: Fix incorrect source address in Record Route option (git-fixes).\n- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).\n- ipv4: fix source address selection with route leak (git-fixes).\n- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).\n- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).\n- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes).\n- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).\n- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).\n- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).\n- ipv6: Align behavior across nexthops during path selection (git-fixes).\n- ipv6: Do not consider link down nexthops in path selection (git-fixes).\n- ipv6: Start path selection from the first nexthop (git-fixes).\n- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).\n- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).\n- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).\n- iwlwifi: correct modinfo firmware ucode (bsc#1243020).\n- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).\n- jbd2: fix off-by-one while erasing journal (bsc#1242344).\n- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).\n- jbd2: increase IO priority for writing revoke records (bsc#1242332).\n- jbd2: increase the journal IO\u0027s priority (bsc#1242537).\n- jbd2: remove wrong sb-\u003es_sequence check (bsc#1242343).\n- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).\n- jiffies: Define secs_to_jiffies() (bsc#1242993).\n- kernel-obs-qa: Use srchash for dependency as well\n- loop: Add sanity check for read/write_iter (git-fixes).\n- loop: aio inherit the ioprio of original request (git-fixes).\n- loop: do not require -\u003ewrite_iter for writable files in loop_configure (git-fixes).\n- md/raid1,raid10: do not ignore IO flags (git-fixes).\n- md/raid10: fix missing discard IO accounting (git-fixes).\n- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).\n- md/raid1: Add check for missing source disk in process_checks() (git-fixes).\n- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).\n- md/raid5: implement pers-\u003ebitmap_sector() (git-fixes).\n- md: add a new callback pers-\u003ebitmap_sector() (git-fixes).\n- md: ensure resync is prioritized over recovery (git-fixes).\n- md: fix mddev uaf while iterating all_mddevs list (git-fixes).\n- md: preserve KABI in struct md_personality v2 (git-fixes).\n- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).\n- mei: me: add panther lake H DID (stable-fixes).\n- mm/readahead: fix large folio support in async readahead (bsc#1242321).\n- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).\n- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).\n- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).\n- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).\n- mptcp: refine opt_mp_capable determination (git-fixes).\n- mptcp: relax check on MPC passive fallback (git-fixes).\n- mptcp: strict validation before using mp_opt-\u003ehmac (git-fixes).\n- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).\n- mtd: phram: Add the kernel lock down check (bsc#1232649).\n- neighbour: delete redundant judgment statements (git-fixes).\n- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).\n- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).\n- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).\n- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).\n- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).\n- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).\n- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).\n- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).\n- net/mlx5e: Fix lock order in mlx5e_tx_reporter_ptpsq_unhealthy_recover (git-fixes).\n- net/mlx5e: TC, Continue the attr process even if encap entry is invalid (git-fixes).\n- net/mlx5e: Use custom tunnel header for vxlan gbp (git-fixes).\n- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).\n- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).\n- net: Handle napi_schedule() calls from non-interrupt (git-fixes).\n- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).\n- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).\n- net: do not dump stack on queue timeout (git-fixes).\n- net: free_netdev: exit earlier if dummy (bsc#1243215).\n- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).\n- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).\n- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).\n- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).\n- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).\n- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).\n- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).\n- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).\n- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).\n- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).\n- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).\n- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).\n- netdev-genl: avoid empty messages in queue dump (git-fixes).\n- netdev: fix repeated netlink messages in queue dump (git-fixes).\n- netlink: annotate data-races around sk-\u003esk_err (git-fixes).\n- netlink: specs: tc: all actions are indexed arrays (git-fixes).\n- netlink: specs: tc: fix a couple of attribute names (git-fixes).\n- netpoll: Ensure clean state on setup failures (git-fixes).\n- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).\n- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).\n- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).\n- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).\n- ntb: reduce stack usage in idt_scan_mws (stable-fixes).\n- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).\n- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).\n- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).\n- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).\n- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).\n- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).\n- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).\n- nvme: Add \u0027partial_nid\u0027 quirk (bsc#1241148).\n- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).\n- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).\n- nvme: multipath: fix return value of nvme_available_path (git-fixes).\n- nvme: re-read ANA log page after ns scan completes (git-fixes).\n- nvme: requeue namespace scan on missed AENs (git-fixes).\n- nvme: unblock ctrl state transition for firmware update (git-fixes).\n- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).\n- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).\n- nvmet-fc: put ref when assoc-\u003edel_work is already scheduled (git-fixes).\n- nvmet-fc: take tgtport reference only once (git-fixes).\n- nvmet-fc: update tgtport ref per assoc (git-fixes).\n- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).\n- nvmet-fcloop: add ref counting to lport (git-fixes).\n- nvmet-fcloop: replace kref with refcount (git-fixes).\n- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).\n- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).\n- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).\n- octeontx2-pf: Do not reallocate all ntuple filters (git-fixes).\n- octeontx2-pf: Fix ethtool support for SDP representors (git-fixes).\n- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).\n- padata: do not leak refcount in reorder_work (git-fixes).\n- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)\n- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)\n- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)\n- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)\n- phy: Fix error handling in tegra_xusb_port_init (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).\n- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).\n- phy: tegra: xusb: remove a stray unlock (git-fixes).\n- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).\n- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).\n- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).\n- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).\n- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).\n- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).\n- powerpc/pseries/iommu: Fix kmemleak in TCE table userspace view (jsc#PED-10539 git-fixes).\n- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).\n- powerpc: Do not use --- in kernel logs (git-fixes).\n- qibfs: fix _another_ leak (git-fixes)\n- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)\n- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)\n- rcu: Break rcu_node_0 --\u003e \u0026rq-\u003e__lock order (git-fixes)\n- rcu: Introduce rcu_cpu_online() (git-fixes)\n- regulator: max20086: fix invalid memory access (git-fixes).\n- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN\n- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).\n- s390/ap: Fix CCA crypto card behavior within protected execution environment (git-fixes bsc#1243817 LTC#213623).\n- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).\n- s390/cpumf: Update CPU Measurement facility extended counter set support (bsc#1243115).\n- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes).\n- s390: Add z17 elf platform (bsc#1243116).\n- sched/fair: Fix CPU bandwidth limit bypass during CPU hotplug (BSC#1241319).\n- sched/fair: Fix CPU bandwidth limit bypass during CPU hotplug (bsc#1241319).\n- sched/topology: Refinement to topology_span_sane speedup (bsc#1242119).\n- sched/topology: improve topology_span_sane speed (bsc#1242119).\n- sched: Add deprecation warning for users of RT_GROUP_SCHED (jsc#PED-11761 jsc#PED-12405).\n- scsi: Improve CDL control (git-fixes).\n- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).\n- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).\n- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).\n- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).\n- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).\n- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).\n- scsi: lpfc: Fix spelling mistake \u0027Toplogy\u0027 -\u003e \u0027Topology\u0027 (bsc#1242993).\n- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).\n- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).\n- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).\n- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).\n- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).\n- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (bsc#1241388 jsc#PED-11258).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).\n- scsi: megaraid_sas: Driver version update to 07.734.00.00-rc1 (bsc#1241388 jsc#PED-11258).\n- scsi: megaraid_sas: Make most module parameters static (bsc#1241388 jsc#PED-11258).\n- scsi: mpi3mr: Add level check to control event logging (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Avoid reply queue full condition (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Check admin reply queue from Watchdog (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Fix pending I/O counter (git-fixes).\n- scsi: mpi3mr: Fix spelling mistake \u0027skiping\u0027 -\u003e \u0027skipping\u0027 (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Handling of fault code for insufficient power (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Reset the pending interrupt flag (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Support for Segmented Hardware Trace buffer (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Synchronize access to ioctl data buffer (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Task Abort EH Support (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Update MPI Headers to revision 35 (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Update driver version to 8.12.0.3.50 (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Update driver version to 8.12.1.0.50 (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Update driver version to 8.13.0.5.50 (bsc#1241388 jsc#PED-12372).\n- scsi: mpi3mr: Update timestamp only for supervisor IOCs (bsc#1241388 jsc#PED-12372).\n- scsi: mpt3sas: Add details to EEDPTagMode error message (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Add support for MCTP Passthrough commands (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Fix buffer overflow in mpt3sas_send_mctp_passthru_req() (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Fix spelling mistake \u0027receveid\u0027 -\u003e \u0027received\u0027 (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Remove unused config functions (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Report driver capability as part of IOCINFO command (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Send a diag reset if target reset fails (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: Update MPI headers to 02.00.62 version (bsc#1241388 jsc#PED-11253).\n- scsi: mpt3sas: update driver version to 52.100.00.00 (bsc#1241388 jsc#PED-11253).\n- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).\n- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).\n- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).\n- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).\n- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).\n- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).\n- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).\n- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).\n- selftests/bpf: test for changing packet data from global functions (bsc#1241590).\n- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).\n- selftests/mm: fix incorrect buffer-\u003emirror size in hmm2 double_map test (bsc#1242203).\n- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).\n- soundwire: bus: Fix race on the creation of the IRQ domain (git-fixes).\n- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).\n- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).\n- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).\n- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).\n- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).\n- spi: tegra114: Use value to check for invalid delays (git-fixes).\n- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).\n- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).\n- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).\n- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).\n- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).\n- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).\n- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).\n- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).\n- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).\n- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).\n- tools/hv: update route parsing in kvp daemon (git-fixes).\n- tty: Require CAP_SYS_ADMIN for all usages of TIOCL_SELMOUSEREPORT (git-fixes).\n- udf: Fix inode_getblk() return value (bsc#1242313).\n- udf: Skip parent dir link count update if corrupted (bsc#1242315).\n- udf: Verify inode link counts before performing rename (bsc#1242314).\n- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).\n- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).\n- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).\n- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).\n- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).\n- usb: gadget: f_ecm: Add get_status callback (git-fixes).\n- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).\n- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).\n- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).\n- usb: host: xhci-plat: mvebu: use -\u003equirks instead of -\u003einit_quirk() func (stable-fixes).\n- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).\n- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).\n- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).\n- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).\n- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).\n- usb: uhci-platform: Make the clock really optional (git-fixes).\n- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).\n- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).\n- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).\n- usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running (stable-fixes).\n- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).\n- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).\n- virtio_console: fix missing byte order handling for cols and rows (git-fixes).\n- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).\n- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).\n- wifi: iwlwifi: do not warn if the NIC is gone in resume (git-fixes).\n- wifi: iwlwifi: fix the check for the SCRATCH register upon resume (git-fixes).\n- wifi: mac80211, cfg80211: miscellaneous spelling fixes (git-fixes).\n- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).\n- wifi: mt76: disable napi on driver removal (git-fixes).\n- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).\n- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).\n- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).\n- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).\n- x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes).\n- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).\n- x86/xen: move xen_reserve_extra_memory() (git-fixes).\n- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).\n- xen: Change xen-acpi-processor dom0 dependency (git-fixes).\n- xenfs/xensyms: respect hypervisor\u0027s \u0027next\u0027 indication (git-fixes).\n- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).\n- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).\n- xhci: Limit time spent with xHC interrupts disabled during bus resume (stable-fixes).\n- xhci: split free interrupter into separate remove and free parts (git-fixes).\n- xsk: Add truesize to skb_add_rx_frag() (git-fixes).\n- xsk: Do not assume metadata is always requested in TX completion (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1972,SUSE-SLE-Module-Live-Patching-15-SP7-2025-1972,SUSE-SLE-Module-RT-15-SP7-2025-1972",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01972-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01972-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501972-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01972-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040321.html"
},
{
"category": "self",
"summary": "SUSE Bug 1223096",
"url": "https://bugzilla.suse.com/1223096"
},
{
"category": "self",
"summary": "SUSE Bug 1223809",
"url": "https://bugzilla.suse.com/1223809"
},
{
"category": "self",
"summary": "SUSE Bug 1224013",
"url": "https://bugzilla.suse.com/1224013"
},
{
"category": "self",
"summary": "SUSE Bug 1224597",
"url": "https://bugzilla.suse.com/1224597"
},
{
"category": "self",
"summary": "SUSE Bug 1224757",
"url": "https://bugzilla.suse.com/1224757"
},
{
"category": "self",
"summary": "SUSE Bug 1230581",
"url": "https://bugzilla.suse.com/1230581"
},
{
"category": "self",
"summary": "SUSE Bug 1230764",
"url": "https://bugzilla.suse.com/1230764"
},
{
"category": "self",
"summary": "SUSE Bug 1231016",
"url": "https://bugzilla.suse.com/1231016"
},
{
"category": "self",
"summary": "SUSE Bug 1231103",
"url": "https://bugzilla.suse.com/1231103"
},
{
"category": "self",
"summary": "SUSE Bug 1232493",
"url": "https://bugzilla.suse.com/1232493"
},
{
"category": "self",
"summary": "SUSE Bug 1232649",
"url": "https://bugzilla.suse.com/1232649"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1233192",
"url": "https://bugzilla.suse.com/1233192"
},
{
"category": "self",
"summary": "SUSE Bug 1235149",
"url": "https://bugzilla.suse.com/1235149"
},
{
"category": "self",
"summary": "SUSE Bug 1235501",
"url": "https://bugzilla.suse.com/1235501"
},
{
"category": "self",
"summary": "SUSE Bug 1235526",
"url": "https://bugzilla.suse.com/1235526"
},
{
"category": "self",
"summary": "SUSE Bug 1236142",
"url": "https://bugzilla.suse.com/1236142"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1236704",
"url": "https://bugzilla.suse.com/1236704"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1238473",
"url": "https://bugzilla.suse.com/1238473"
},
{
"category": "self",
"summary": "SUSE Bug 1238527",
"url": "https://bugzilla.suse.com/1238527"
},
{
"category": "self",
"summary": "SUSE Bug 1238585",
"url": "https://bugzilla.suse.com/1238585"
},
{
"category": "self",
"summary": "SUSE Bug 1238714",
"url": "https://bugzilla.suse.com/1238714"
},
{
"category": "self",
"summary": "SUSE Bug 1238737",
"url": "https://bugzilla.suse.com/1238737"
},
{
"category": "self",
"summary": "SUSE Bug 1238745",
"url": "https://bugzilla.suse.com/1238745"
},
{
"category": "self",
"summary": "SUSE Bug 1238774",
"url": "https://bugzilla.suse.com/1238774"
},
{
"category": "self",
"summary": "SUSE Bug 1238862",
"url": "https://bugzilla.suse.com/1238862"
},
{
"category": "self",
"summary": "SUSE Bug 1238961",
"url": "https://bugzilla.suse.com/1238961"
},
{
"category": "self",
"summary": "SUSE Bug 1238983",
"url": "https://bugzilla.suse.com/1238983"
},
{
"category": "self",
"summary": "SUSE Bug 1238992",
"url": "https://bugzilla.suse.com/1238992"
},
{
"category": "self",
"summary": "SUSE Bug 1239079",
"url": "https://bugzilla.suse.com/1239079"
},
{
"category": "self",
"summary": "SUSE Bug 1239476",
"url": "https://bugzilla.suse.com/1239476"
},
{
"category": "self",
"summary": "SUSE Bug 1239487",
"url": "https://bugzilla.suse.com/1239487"
},
{
"category": "self",
"summary": "SUSE Bug 1239691",
"url": "https://bugzilla.suse.com/1239691"
},
{
"category": "self",
"summary": "SUSE Bug 1240557",
"url": "https://bugzilla.suse.com/1240557"
},
{
"category": "self",
"summary": "SUSE Bug 1240593",
"url": "https://bugzilla.suse.com/1240593"
},
{
"category": "self",
"summary": "SUSE Bug 1240655",
"url": "https://bugzilla.suse.com/1240655"
},
{
"category": "self",
"summary": "SUSE Bug 1240711",
"url": "https://bugzilla.suse.com/1240711"
},
{
"category": "self",
"summary": "SUSE Bug 1240717",
"url": "https://bugzilla.suse.com/1240717"
},
{
"category": "self",
"summary": "SUSE Bug 1240740",
"url": "https://bugzilla.suse.com/1240740"
},
{
"category": "self",
"summary": "SUSE Bug 1240966",
"url": "https://bugzilla.suse.com/1240966"
},
{
"category": "self",
"summary": "SUSE Bug 1241148",
"url": "https://bugzilla.suse.com/1241148"
},
{
"category": "self",
"summary": "SUSE Bug 1241266",
"url": "https://bugzilla.suse.com/1241266"
},
{
"category": "self",
"summary": "SUSE Bug 1241282",
"url": "https://bugzilla.suse.com/1241282"
},
{
"category": "self",
"summary": "SUSE Bug 1241305",
"url": "https://bugzilla.suse.com/1241305"
},
{
"category": "self",
"summary": "SUSE Bug 1241319",
"url": "https://bugzilla.suse.com/1241319"
},
{
"category": "self",
"summary": "SUSE Bug 1241332",
"url": "https://bugzilla.suse.com/1241332"
},
{
"category": "self",
"summary": "SUSE Bug 1241333",
"url": "https://bugzilla.suse.com/1241333"
},
{
"category": "self",
"summary": "SUSE Bug 1241341",
"url": "https://bugzilla.suse.com/1241341"
},
{
"category": "self",
"summary": "SUSE Bug 1241343",
"url": "https://bugzilla.suse.com/1241343"
},
{
"category": "self",
"summary": "SUSE Bug 1241344",
"url": "https://bugzilla.suse.com/1241344"
},
{
"category": "self",
"summary": "SUSE Bug 1241347",
"url": "https://bugzilla.suse.com/1241347"
},
{
"category": "self",
"summary": "SUSE Bug 1241351",
"url": "https://bugzilla.suse.com/1241351"
},
{
"category": "self",
"summary": "SUSE Bug 1241357",
"url": "https://bugzilla.suse.com/1241357"
},
{
"category": "self",
"summary": "SUSE Bug 1241361",
"url": "https://bugzilla.suse.com/1241361"
},
{
"category": "self",
"summary": "SUSE Bug 1241369",
"url": "https://bugzilla.suse.com/1241369"
},
{
"category": "self",
"summary": "SUSE Bug 1241376",
"url": "https://bugzilla.suse.com/1241376"
},
{
"category": "self",
"summary": "SUSE Bug 1241388",
"url": "https://bugzilla.suse.com/1241388"
},
{
"category": "self",
"summary": "SUSE Bug 1241402",
"url": "https://bugzilla.suse.com/1241402"
},
{
"category": "self",
"summary": "SUSE Bug 1241412",
"url": "https://bugzilla.suse.com/1241412"
},
{
"category": "self",
"summary": "SUSE Bug 1241413",
"url": "https://bugzilla.suse.com/1241413"
},
{
"category": "self",
"summary": "SUSE Bug 1241419",
"url": "https://bugzilla.suse.com/1241419"
},
{
"category": "self",
"summary": "SUSE Bug 1241424",
"url": "https://bugzilla.suse.com/1241424"
},
{
"category": "self",
"summary": "SUSE Bug 1241436",
"url": "https://bugzilla.suse.com/1241436"
},
{
"category": "self",
"summary": "SUSE Bug 1241441",
"url": "https://bugzilla.suse.com/1241441"
},
{
"category": "self",
"summary": "SUSE Bug 1241442",
"url": "https://bugzilla.suse.com/1241442"
},
{
"category": "self",
"summary": "SUSE Bug 1241443",
"url": "https://bugzilla.suse.com/1241443"
},
{
"category": "self",
"summary": "SUSE Bug 1241448",
"url": "https://bugzilla.suse.com/1241448"
},
{
"category": "self",
"summary": "SUSE Bug 1241456",
"url": "https://bugzilla.suse.com/1241456"
},
{
"category": "self",
"summary": "SUSE Bug 1241458",
"url": "https://bugzilla.suse.com/1241458"
},
{
"category": "self",
"summary": "SUSE Bug 1241459",
"url": "https://bugzilla.suse.com/1241459"
},
{
"category": "self",
"summary": "SUSE Bug 1241492",
"url": "https://bugzilla.suse.com/1241492"
},
{
"category": "self",
"summary": "SUSE Bug 1241512",
"url": "https://bugzilla.suse.com/1241512"
},
{
"category": "self",
"summary": "SUSE Bug 1241525",
"url": "https://bugzilla.suse.com/1241525"
},
{
"category": "self",
"summary": "SUSE Bug 1241528",
"url": "https://bugzilla.suse.com/1241528"
},
{
"category": "self",
"summary": "SUSE Bug 1241533",
"url": "https://bugzilla.suse.com/1241533"
},
{
"category": "self",
"summary": "SUSE Bug 1241535",
"url": "https://bugzilla.suse.com/1241535"
},
{
"category": "self",
"summary": "SUSE Bug 1241541",
"url": "https://bugzilla.suse.com/1241541"
},
{
"category": "self",
"summary": "SUSE Bug 1241545",
"url": "https://bugzilla.suse.com/1241545"
},
{
"category": "self",
"summary": "SUSE Bug 1241550",
"url": "https://bugzilla.suse.com/1241550"
},
{
"category": "self",
"summary": "SUSE Bug 1241573",
"url": "https://bugzilla.suse.com/1241573"
},
{
"category": "self",
"summary": "SUSE Bug 1241574",
"url": "https://bugzilla.suse.com/1241574"
},
{
"category": "self",
"summary": "SUSE Bug 1241575",
"url": "https://bugzilla.suse.com/1241575"
},
{
"category": "self",
"summary": "SUSE Bug 1241581",
"url": "https://bugzilla.suse.com/1241581"
},
{
"category": "self",
"summary": "SUSE Bug 1241590",
"url": "https://bugzilla.suse.com/1241590"
},
{
"category": "self",
"summary": "SUSE Bug 1241596",
"url": "https://bugzilla.suse.com/1241596"
},
{
"category": "self",
"summary": "SUSE Bug 1241597",
"url": "https://bugzilla.suse.com/1241597"
},
{
"category": "self",
"summary": "SUSE Bug 1241598",
"url": "https://bugzilla.suse.com/1241598"
},
{
"category": "self",
"summary": "SUSE Bug 1241599",
"url": "https://bugzilla.suse.com/1241599"
},
{
"category": "self",
"summary": "SUSE Bug 1241601",
"url": "https://bugzilla.suse.com/1241601"
},
{
"category": "self",
"summary": "SUSE Bug 1241627",
"url": "https://bugzilla.suse.com/1241627"
},
{
"category": "self",
"summary": "SUSE Bug 1241628",
"url": "https://bugzilla.suse.com/1241628"
},
{
"category": "self",
"summary": "SUSE Bug 1241638",
"url": "https://bugzilla.suse.com/1241638"
},
{
"category": "self",
"summary": "SUSE Bug 1241648",
"url": "https://bugzilla.suse.com/1241648"
},
{
"category": "self",
"summary": "SUSE Bug 1241657",
"url": "https://bugzilla.suse.com/1241657"
},
{
"category": "self",
"summary": "SUSE Bug 1242006",
"url": "https://bugzilla.suse.com/1242006"
},
{
"category": "self",
"summary": "SUSE Bug 1242012",
"url": "https://bugzilla.suse.com/1242012"
},
{
"category": "self",
"summary": "SUSE Bug 1242119",
"url": "https://bugzilla.suse.com/1242119"
},
{
"category": "self",
"summary": "SUSE Bug 1242125",
"url": "https://bugzilla.suse.com/1242125"
},
{
"category": "self",
"summary": "SUSE Bug 1242172",
"url": "https://bugzilla.suse.com/1242172"
},
{
"category": "self",
"summary": "SUSE Bug 1242203",
"url": "https://bugzilla.suse.com/1242203"
},
{
"category": "self",
"summary": "SUSE Bug 1242205",
"url": "https://bugzilla.suse.com/1242205"
},
{
"category": "self",
"summary": "SUSE Bug 1242283",
"url": "https://bugzilla.suse.com/1242283"
},
{
"category": "self",
"summary": "SUSE Bug 1242307",
"url": "https://bugzilla.suse.com/1242307"
},
{
"category": "self",
"summary": "SUSE Bug 1242313",
"url": "https://bugzilla.suse.com/1242313"
},
{
"category": "self",
"summary": "SUSE Bug 1242314",
"url": "https://bugzilla.suse.com/1242314"
},
{
"category": "self",
"summary": "SUSE Bug 1242315",
"url": "https://bugzilla.suse.com/1242315"
},
{
"category": "self",
"summary": "SUSE Bug 1242321",
"url": "https://bugzilla.suse.com/1242321"
},
{
"category": "self",
"summary": "SUSE Bug 1242326",
"url": "https://bugzilla.suse.com/1242326"
},
{
"category": "self",
"summary": "SUSE Bug 1242327",
"url": "https://bugzilla.suse.com/1242327"
},
{
"category": "self",
"summary": "SUSE Bug 1242328",
"url": "https://bugzilla.suse.com/1242328"
},
{
"category": "self",
"summary": "SUSE Bug 1242332",
"url": "https://bugzilla.suse.com/1242332"
},
{
"category": "self",
"summary": "SUSE Bug 1242333",
"url": "https://bugzilla.suse.com/1242333"
},
{
"category": "self",
"summary": "SUSE Bug 1242335",
"url": "https://bugzilla.suse.com/1242335"
},
{
"category": "self",
"summary": "SUSE Bug 1242336",
"url": "https://bugzilla.suse.com/1242336"
},
{
"category": "self",
"summary": "SUSE Bug 1242342",
"url": "https://bugzilla.suse.com/1242342"
},
{
"category": "self",
"summary": "SUSE Bug 1242343",
"url": "https://bugzilla.suse.com/1242343"
},
{
"category": "self",
"summary": "SUSE Bug 1242344",
"url": "https://bugzilla.suse.com/1242344"
},
{
"category": "self",
"summary": "SUSE Bug 1242345",
"url": "https://bugzilla.suse.com/1242345"
},
{
"category": "self",
"summary": "SUSE Bug 1242346",
"url": "https://bugzilla.suse.com/1242346"
},
{
"category": "self",
"summary": "SUSE Bug 1242347",
"url": "https://bugzilla.suse.com/1242347"
},
{
"category": "self",
"summary": "SUSE Bug 1242348",
"url": "https://bugzilla.suse.com/1242348"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242417",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "self",
"summary": "SUSE Bug 1242502",
"url": "https://bugzilla.suse.com/1242502"
},
{
"category": "self",
"summary": "SUSE Bug 1242506",
"url": "https://bugzilla.suse.com/1242506"
},
{
"category": "self",
"summary": "SUSE Bug 1242507",
"url": "https://bugzilla.suse.com/1242507"
},
{
"category": "self",
"summary": "SUSE Bug 1242509",
"url": "https://bugzilla.suse.com/1242509"
},
{
"category": "self",
"summary": "SUSE Bug 1242510",
"url": "https://bugzilla.suse.com/1242510"
},
{
"category": "self",
"summary": "SUSE Bug 1242513",
"url": "https://bugzilla.suse.com/1242513"
},
{
"category": "self",
"summary": "SUSE Bug 1242520",
"url": "https://bugzilla.suse.com/1242520"
},
{
"category": "self",
"summary": "SUSE Bug 1242523",
"url": "https://bugzilla.suse.com/1242523"
},
{
"category": "self",
"summary": "SUSE Bug 1242526",
"url": "https://bugzilla.suse.com/1242526"
},
{
"category": "self",
"summary": "SUSE Bug 1242528",
"url": "https://bugzilla.suse.com/1242528"
},
{
"category": "self",
"summary": "SUSE Bug 1242533",
"url": "https://bugzilla.suse.com/1242533"
},
{
"category": "self",
"summary": "SUSE Bug 1242534",
"url": "https://bugzilla.suse.com/1242534"
},
{
"category": "self",
"summary": "SUSE Bug 1242535",
"url": "https://bugzilla.suse.com/1242535"
},
{
"category": "self",
"summary": "SUSE Bug 1242536",
"url": "https://bugzilla.suse.com/1242536"
},
{
"category": "self",
"summary": "SUSE Bug 1242537",
"url": "https://bugzilla.suse.com/1242537"
},
{
"category": "self",
"summary": "SUSE Bug 1242538",
"url": "https://bugzilla.suse.com/1242538"
},
{
"category": "self",
"summary": "SUSE Bug 1242539",
"url": "https://bugzilla.suse.com/1242539"
},
{
"category": "self",
"summary": "SUSE Bug 1242540",
"url": "https://bugzilla.suse.com/1242540"
},
{
"category": "self",
"summary": "SUSE Bug 1242546",
"url": "https://bugzilla.suse.com/1242546"
},
{
"category": "self",
"summary": "SUSE Bug 1242556",
"url": "https://bugzilla.suse.com/1242556"
},
{
"category": "self",
"summary": "SUSE Bug 1242585",
"url": "https://bugzilla.suse.com/1242585"
},
{
"category": "self",
"summary": "SUSE Bug 1242596",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "self",
"summary": "SUSE Bug 1242710",
"url": "https://bugzilla.suse.com/1242710"
},
{
"category": "self",
"summary": "SUSE Bug 1242762",
"url": "https://bugzilla.suse.com/1242762"
},
{
"category": "self",
"summary": "SUSE Bug 1242763",
"url": "https://bugzilla.suse.com/1242763"
},
{
"category": "self",
"summary": "SUSE Bug 1242778",
"url": "https://bugzilla.suse.com/1242778"
},
{
"category": "self",
"summary": "SUSE Bug 1242786",
"url": "https://bugzilla.suse.com/1242786"
},
{
"category": "self",
"summary": "SUSE Bug 1242831",
"url": "https://bugzilla.suse.com/1242831"
},
{
"category": "self",
"summary": "SUSE Bug 1242852",
"url": "https://bugzilla.suse.com/1242852"
},
{
"category": "self",
"summary": "SUSE Bug 1242854",
"url": "https://bugzilla.suse.com/1242854"
},
{
"category": "self",
"summary": "SUSE Bug 1242856",
"url": "https://bugzilla.suse.com/1242856"
},
{
"category": "self",
"summary": "SUSE Bug 1242859",
"url": "https://bugzilla.suse.com/1242859"
},
{
"category": "self",
"summary": "SUSE Bug 1242860",
"url": "https://bugzilla.suse.com/1242860"
},
{
"category": "self",
"summary": "SUSE Bug 1242861",
"url": "https://bugzilla.suse.com/1242861"
},
{
"category": "self",
"summary": "SUSE Bug 1242866",
"url": "https://bugzilla.suse.com/1242866"
},
{
"category": "self",
"summary": "SUSE Bug 1242867",
"url": "https://bugzilla.suse.com/1242867"
},
{
"category": "self",
"summary": "SUSE Bug 1242868",
"url": "https://bugzilla.suse.com/1242868"
},
{
"category": "self",
"summary": "SUSE Bug 1242875",
"url": "https://bugzilla.suse.com/1242875"
},
{
"category": "self",
"summary": "SUSE Bug 1242924",
"url": "https://bugzilla.suse.com/1242924"
},
{
"category": "self",
"summary": "SUSE Bug 1242944",
"url": "https://bugzilla.suse.com/1242944"
},
{
"category": "self",
"summary": "SUSE Bug 1242951",
"url": "https://bugzilla.suse.com/1242951"
},
{
"category": "self",
"summary": "SUSE Bug 1242962",
"url": "https://bugzilla.suse.com/1242962"
},
{
"category": "self",
"summary": "SUSE Bug 1242985",
"url": "https://bugzilla.suse.com/1242985"
},
{
"category": "self",
"summary": "SUSE Bug 1242993",
"url": "https://bugzilla.suse.com/1242993"
},
{
"category": "self",
"summary": "SUSE Bug 1243020",
"url": "https://bugzilla.suse.com/1243020"
},
{
"category": "self",
"summary": "SUSE Bug 1243044",
"url": "https://bugzilla.suse.com/1243044"
},
{
"category": "self",
"summary": "SUSE Bug 1243056",
"url": "https://bugzilla.suse.com/1243056"
},
{
"category": "self",
"summary": "SUSE Bug 1243077",
"url": "https://bugzilla.suse.com/1243077"
},
{
"category": "self",
"summary": "SUSE Bug 1243090",
"url": "https://bugzilla.suse.com/1243090"
},
{
"category": "self",
"summary": "SUSE Bug 1243115",
"url": "https://bugzilla.suse.com/1243115"
},
{
"category": "self",
"summary": "SUSE Bug 1243116",
"url": "https://bugzilla.suse.com/1243116"
},
{
"category": "self",
"summary": "SUSE Bug 1243215",
"url": "https://bugzilla.suse.com/1243215"
},
{
"category": "self",
"summary": "SUSE Bug 1243341",
"url": "https://bugzilla.suse.com/1243341"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243513",
"url": "https://bugzilla.suse.com/1243513"
},
{
"category": "self",
"summary": "SUSE Bug 1243519",
"url": "https://bugzilla.suse.com/1243519"
},
{
"category": "self",
"summary": "SUSE Bug 1243539",
"url": "https://bugzilla.suse.com/1243539"
},
{
"category": "self",
"summary": "SUSE Bug 1243541",
"url": "https://bugzilla.suse.com/1243541"
},
{
"category": "self",
"summary": "SUSE Bug 1243547",
"url": "https://bugzilla.suse.com/1243547"
},
{
"category": "self",
"summary": "SUSE Bug 1243657",
"url": "https://bugzilla.suse.com/1243657"
},
{
"category": "self",
"summary": "SUSE Bug 1243658",
"url": "https://bugzilla.suse.com/1243658"
},
{
"category": "self",
"summary": "SUSE Bug 1243737",
"url": "https://bugzilla.suse.com/1243737"
},
{
"category": "self",
"summary": "SUSE Bug 1243805",
"url": "https://bugzilla.suse.com/1243805"
},
{
"category": "self",
"summary": "SUSE Bug 1243817",
"url": "https://bugzilla.suse.com/1243817"
},
{
"category": "self",
"summary": "SUSE Bug 1243919",
"url": "https://bugzilla.suse.com/1243919"
},
{
"category": "self",
"summary": "SUSE Bug 1243963",
"url": "https://bugzilla.suse.com/1243963"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53034 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27018 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27415 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35840 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46713 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46763 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46865 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50223 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54458 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56641 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56702 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57998 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58001 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58070 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58093 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58094 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58095 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58096 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58096/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58097 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21648 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21683 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21707 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21919 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21929 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21962 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21964 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22018 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22025 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22027 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22030 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22033 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22033/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22044 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22050 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22050/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22056 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22058 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22062 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22063 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22064 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22064/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22070 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22075 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22085 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22086 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22088 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22091 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22091/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22093 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22094 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22097 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22102 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22102/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22107 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22107/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22108 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22109 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22112 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22116 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22116/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22126 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22128 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22128/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23129 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23131 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23134 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23136 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23138 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23145 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23150 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23154 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37748 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37789 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37799 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37803 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37809 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37879 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37949 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37958 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37974 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38152 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40325 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40325/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-06-17T11:37:43Z",
"generator": {
"date": "2025-06-17T11:37:43Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01972-1",
"initial_release_date": "2025-06-17T11:37:43Z",
"revision_history": [
{
"date": "2025-06-17T11:37:43Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-150700.7.3.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"product_id": "kernel-source-rt-6.4.0-150700.7.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"product_id": "cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"product": {
"name": "dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"product_id": "dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"product_id": "gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-6.4.0-150700.7.3.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-150700.7.3.1.x86_64",
"product_id": "kernel-rt-6.4.0-150700.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"product": {
"name": "kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"product_id": "kernel-rt-devel-6.4.0-150700.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-6.4.0-150700.7.3.1.x86_64",
"product": {
"name": "kernel-rt-extra-6.4.0-150700.7.3.1.x86_64",
"product_id": "kernel-rt-extra-6.4.0-150700.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-6.4.0-150700.7.3.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-6.4.0-150700.7.3.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-6.4.0-150700.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-6.4.0-150700.7.3.1.x86_64",
"product": {
"name": "kernel-rt-optional-6.4.0-150700.7.3.1.x86_64",
"product_id": "kernel-rt-optional-6.4.0-150700.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-vdso-6.4.0-150700.7.3.1.x86_64",
"product": {
"name": "kernel-rt-vdso-6.4.0-150700.7.3.1.x86_64",
"product_id": "kernel-rt-vdso-6.4.0-150700.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"product": {
"name": "kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"product_id": "kernel-rt_debug-6.4.0-150700.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"product_id": "kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-vdso-6.4.0-150700.7.3.1.x86_64",
"product": {
"name": "kernel-rt_debug-vdso-6.4.0-150700.7.3.1.x86_64",
"product_id": "kernel-rt_debug-vdso-6.4.0-150700.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"product": {
"name": "kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"product_id": "kernel-syms-rt-6.4.0-150700.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"product_id": "kselftests-kmp-rt-6.4.0-150700.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"product_id": "ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"product_id": "reiserfs-kmp-rt-6.4.0-150700.7.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP7",
"product": {
"name": "SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64"
},
"product_reference": "dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-150700.7.3.1.noarch as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-150700.7.3.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-150700.7.3.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-150700.7.3.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-6.4.0-150700.7.3.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64"
},
"product_reference": "kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-150700.7.3.1.noarch as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-6.4.0-150700.7.3.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64"
},
"product_reference": "kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans\n\nThere is a kernel API ntb_mw_clear_trans() would pass 0 to both addr and\nsize. This would make xlate_pos negative.\n\n[ 23.734156] switchtec switchtec0: MW 0: part 0 addr 0x0000000000000000 size 0x0000000000000000\n[ 23.734158] ================================================================================\n[ 23.734172] UBSAN: shift-out-of-bounds in drivers/ntb/hw/mscc/ntb_hw_switchtec.c:293:7\n[ 23.734418] shift exponent -1 is negative\n\nEnsuring xlate_pos is a positive or zero before BIT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53034",
"url": "https://www.suse.com/security/cve/CVE-2023-53034"
},
{
"category": "external",
"summary": "SUSE Bug 1241341 for CVE-2023-53034",
"url": "https://bugzilla.suse.com/1241341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2023-53034"
},
{
"cve": "CVE-2024-27018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: br_netfilter: skip conntrack input hook for promisc packets\n\nFor historical reasons, when bridge device is in promisc mode, packets\nthat are directed to the taps follow bridge input hook path. This patch\nadds a workaround to reset conntrack for these packets.\n\nJianbo Liu reports warning splats in their test infrastructure where\ncloned packets reach the br_netfilter input hook to confirm the\nconntrack object.\n\nScratch one bit from BR_INPUT_SKB_CB to annotate that this packet has\nreached the input hook because it is passed up to the bridge device to\nreach the taps.\n\n[ 57.571874] WARNING: CPU: 1 PID: 0 at net/bridge/br_netfilter_hooks.c:616 br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.572749] Modules linked in: xt_MASQUERADE nf_conntrack_netlink nfnetlink iptable_nat xt_addrtype xt_conntrack nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_isc si ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core mlx5ctl mlx5_core\n[ 57.575158] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.8.0+ #19\n[ 57.575700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 57.576662] RIP: 0010:br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.577195] Code: fe ff ff 41 bd 04 00 00 00 be 04 00 00 00 e9 4a ff ff ff be 04 00 00 00 48 89 ef e8 f3 a9 3c e1 66 83 ad b4 00 00 00 04 eb 91 \u003c0f\u003e 0b e9 f1 fe ff ff 0f 0b e9 df fe ff ff 48 89 df e8 b3 53 47 e1\n[ 57.578722] RSP: 0018:ffff88885f845a08 EFLAGS: 00010202\n[ 57.579207] RAX: 0000000000000002 RBX: ffff88812dfe8000 RCX: 0000000000000000\n[ 57.579830] RDX: ffff88885f845a60 RSI: ffff8881022dc300 RDI: 0000000000000000\n[ 57.580454] RBP: ffff88885f845a60 R08: 0000000000000001 R09: 0000000000000003\n[ 57.581076] R10: 00000000ffff1300 R11: 0000000000000002 R12: 0000000000000000\n[ 57.581695] R13: ffff8881047ffe00 R14: ffff888108dbee00 R15: ffff88814519b800\n[ 57.582313] FS: 0000000000000000(0000) GS:ffff88885f840000(0000) knlGS:0000000000000000\n[ 57.583040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 57.583564] CR2: 000000c4206aa000 CR3: 0000000103847001 CR4: 0000000000370eb0\n[ 57.584194] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[ 57.584820] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[ 57.585440] Call Trace:\n[ 57.585721] \u003cIRQ\u003e\n[ 57.585976] ? __warn+0x7d/0x130\n[ 57.586323] ? br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.586811] ? report_bug+0xf1/0x1c0\n[ 57.587177] ? handle_bug+0x3f/0x70\n[ 57.587539] ? exc_invalid_op+0x13/0x60\n[ 57.587929] ? asm_exc_invalid_op+0x16/0x20\n[ 57.588336] ? br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.588825] nf_hook_slow+0x3d/0xd0\n[ 57.589188] ? br_handle_vlan+0x4b/0x110\n[ 57.589579] br_pass_frame_up+0xfc/0x150\n[ 57.589970] ? br_port_flags_change+0x40/0x40\n[ 57.590396] br_handle_frame_finish+0x346/0x5e0\n[ 57.590837] ? ipt_do_table+0x32e/0x430\n[ 57.591221] ? br_handle_local_finish+0x20/0x20\n[ 57.591656] br_nf_hook_thresh+0x4b/0xf0 [br_netfilter]\n[ 57.592286] ? br_handle_local_finish+0x20/0x20\n[ 57.592802] br_nf_pre_routing_finish+0x178/0x480 [br_netfilter]\n[ 57.593348] ? br_handle_local_finish+0x20/0x20\n[ 57.593782] ? nf_nat_ipv4_pre_routing+0x25/0x60 [nf_nat]\n[ 57.594279] br_nf_pre_routing+0x24c/0x550 [br_netfilter]\n[ 57.594780] ? br_nf_hook_thresh+0xf0/0xf0 [br_netfilter]\n[ 57.595280] br_handle_frame+0x1f3/0x3d0\n[ 57.595676] ? br_handle_local_finish+0x20/0x20\n[ 57.596118] ? br_handle_frame_finish+0x5e0/0x5e0\n[ 57.596566] __netif_receive_skb_core+0x25b/0xfc0\n[ 57.597017] ? __napi_build_skb+0x37/0x40\n[ 57.597418] __netif_receive_skb_list_core+0xfb/0x220",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27018",
"url": "https://www.suse.com/security/cve/CVE-2024-27018"
},
{
"category": "external",
"summary": "SUSE Bug 1223809 for CVE-2024-27018",
"url": "https://bugzilla.suse.com/1223809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-27018"
},
{
"cve": "CVE-2024-27415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27415"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: bridge: confirm multicast packets before passing them up the stack\n\nconntrack nf_confirm logic cannot handle cloned skbs referencing\nthe same nf_conn entry, which will happen for multicast (broadcast)\nframes on bridges.\n\n Example:\n macvlan0\n |\n br0\n / \\\n ethX ethY\n\n ethX (or Y) receives a L2 multicast or broadcast packet containing\n an IP packet, flow is not yet in conntrack table.\n\n 1. skb passes through bridge and fake-ip (br_netfilter)Prerouting.\n -\u003e skb-\u003e_nfct now references a unconfirmed entry\n 2. skb is broad/mcast packet. bridge now passes clones out on each bridge\n interface.\n 3. skb gets passed up the stack.\n 4. In macvlan case, macvlan driver retains clone(s) of the mcast skb\n and schedules a work queue to send them out on the lower devices.\n\n The clone skb-\u003e_nfct is not a copy, it is the same entry as the\n original skb. The macvlan rx handler then returns RX_HANDLER_PASS.\n 5. Normal conntrack hooks (in NF_INET_LOCAL_IN) confirm the orig skb.\n\nThe Macvlan broadcast worker and normal confirm path will race.\n\nThis race will not happen if step 2 already confirmed a clone. In that\ncase later steps perform skb_clone() with skb-\u003e_nfct already confirmed (in\nhash table). This works fine.\n\nBut such confirmation won\u0027t happen when eb/ip/nftables rules dropped the\npackets before they reached the nf_confirm step in postrouting.\n\nPablo points out that nf_conntrack_bridge doesn\u0027t allow use of stateful\nnat, so we can safely discard the nf_conn entry and let inet call\nconntrack again.\n\nThis doesn\u0027t work for bridge netfilter: skb could have a nat\ntransformation. Also bridge nf prevents re-invocation of inet prerouting\nvia \u0027sabotage_in\u0027 hook.\n\nWork around this problem by explicit confirmation of the entry at LOCAL_IN\ntime, before upper layer has a chance to clone the unconfirmed entry.\n\nThe downside is that this disables NAT and conntrack helpers.\n\nAlternative fix would be to add locking to all code parts that deal with\nunconfirmed packets, but even if that could be done in a sane way this\nopens up other problems, for example:\n\n-m physdev --physdev-out eth0 -j SNAT --snat-to 1.2.3.4\n-m physdev --physdev-out eth1 -j SNAT --snat-to 1.2.3.5\n\nFor multicast case, only one of such conflicting mappings will be\ncreated, conntrack only handles 1:1 NAT mappings.\n\nUsers should set create a setup that explicitly marks such traffic\nNOTRACK (conntrack bypass) to avoid this, but we cannot auto-bypass\nthem, ruleset might have accept rules for untracked traffic already,\nso user-visible behaviour would change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27415",
"url": "https://www.suse.com/security/cve/CVE-2024-27415"
},
{
"category": "external",
"summary": "SUSE Bug 1224757 for CVE-2024-27415",
"url": "https://bugzilla.suse.com/1224757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-27415"
},
{
"cve": "CVE-2024-28956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28956"
}
],
"notes": [
{
"category": "general",
"text": "Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28956",
"url": "https://www.suse.com/security/cve/CVE-2024-28956"
},
{
"category": "external",
"summary": "SUSE Bug 1242006 for CVE-2024-28956",
"url": "https://bugzilla.suse.com/1242006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-28956"
},
{
"cve": "CVE-2024-35840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()\n\nsubflow_finish_connect() uses four fields (backup, join_id, thmac, none)\nthat may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set\nin mptcp_parse_option()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35840",
"url": "https://www.suse.com/security/cve/CVE-2024-35840"
},
{
"category": "external",
"summary": "SUSE Bug 1224597 for CVE-2024-35840",
"url": "https://bugzilla.suse.com/1224597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-35840"
},
{
"cve": "CVE-2024-46713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/aux: Fix AUX buffer serialization\n\nOle reported that event-\u003emmap_mutex is strictly insufficient to\nserialize the AUX buffer, add a per RB mutex to fully serialize it.\n\nNote that in the lock order comment the perf_event::mmap_mutex order\nwas already wrong, that is, it nesting under mmap_lock is not new with\nthis patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46713",
"url": "https://www.suse.com/security/cve/CVE-2024-46713"
},
{
"category": "external",
"summary": "SUSE Bug 1230581 for CVE-2024-46713",
"url": "https://bugzilla.suse.com/1230581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-46713"
},
{
"cve": "CVE-2024-46763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfou: Fix null-ptr-deref in GRO.\n\nWe observed a null-ptr-deref in fou_gro_receive() while shutting down\na host. [0]\n\nThe NULL pointer is sk-\u003esk_user_data, and the offset 8 is of protocol\nin struct fou.\n\nWhen fou_release() is called due to netns dismantle or explicit tunnel\nteardown, udp_tunnel_sock_release() sets NULL to sk-\u003esk_user_data.\nThen, the tunnel socket is destroyed after a single RCU grace period.\n\nSo, in-flight udp4_gro_receive() could find the socket and execute the\nFOU GRO handler, where sk-\u003esk_user_data could be NULL.\n\nLet\u0027s use rcu_dereference_sk_user_data() in fou_from_sock() and add NULL\nchecks in FOU GRO handlers.\n\n[0]:\nBUG: kernel NULL pointer dereference, address: 0000000000000008\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 80000001032f4067 P4D 80000001032f4067 PUD 103240067 PMD 0\nSMP PTI\nCPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.10.216-204.855.amzn2.x86_64 #1\nHardware name: Amazon EC2 c5.large/, BIOS 1.0 10/16/2017\nRIP: 0010:fou_gro_receive (net/ipv4/fou.c:233) [fou]\nCode: 41 5f c3 cc cc cc cc e8 e7 2e 69 f4 0f 1f 80 00 00 00 00 0f 1f 44 00 00 49 89 f8 41 54 48 89 f7 48 89 d6 49 8b 80 88 02 00 00 \u003c0f\u003e b6 48 08 0f b7 42 4a 66 25 fd fd 80 cc 02 66 89 42 4a 0f b6 42\nRSP: 0018:ffffa330c0003d08 EFLAGS: 00010297\nRAX: 0000000000000000 RBX: ffff93d9e3a6b900 RCX: 0000000000000010\nRDX: ffff93d9e3a6b900 RSI: ffff93d9e3a6b900 RDI: ffff93dac2e24d08\nRBP: ffff93d9e3a6b900 R08: ffff93dacbce6400 R09: 0000000000000002\nR10: 0000000000000000 R11: ffffffffb5f369b0 R12: ffff93dacbce6400\nR13: ffff93dac2e24d08 R14: 0000000000000000 R15: ffffffffb4edd1c0\nFS: 0000000000000000(0000) GS:ffff93daee800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 0000000102140001 CR4: 00000000007706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cIRQ\u003e\n ? show_trace_log_lvl (arch/x86/kernel/dumpstack.c:259)\n ? __die_body.cold (arch/x86/kernel/dumpstack.c:478 arch/x86/kernel/dumpstack.c:420)\n ? no_context (arch/x86/mm/fault.c:752)\n ? exc_page_fault (arch/x86/include/asm/irqflags.h:49 arch/x86/include/asm/irqflags.h:89 arch/x86/mm/fault.c:1435 arch/x86/mm/fault.c:1483)\n ? asm_exc_page_fault (arch/x86/include/asm/idtentry.h:571)\n ? fou_gro_receive (net/ipv4/fou.c:233) [fou]\n udp_gro_receive (include/linux/netdevice.h:2552 net/ipv4/udp_offload.c:559)\n udp4_gro_receive (net/ipv4/udp_offload.c:604)\n inet_gro_receive (net/ipv4/af_inet.c:1549 (discriminator 7))\n dev_gro_receive (net/core/dev.c:6035 (discriminator 4))\n napi_gro_receive (net/core/dev.c:6170)\n ena_clean_rx_irq (drivers/amazon/net/ena/ena_netdev.c:1558) [ena]\n ena_io_poll (drivers/amazon/net/ena/ena_netdev.c:1742) [ena]\n napi_poll (net/core/dev.c:6847)\n net_rx_action (net/core/dev.c:6917)\n __do_softirq (arch/x86/include/asm/jump_label.h:25 include/linux/jump_label.h:200 include/trace/events/irq.h:142 kernel/softirq.c:299)\n asm_call_irq_on_stack (arch/x86/entry/entry_64.S:809)\n\u003c/IRQ\u003e\n do_softirq_own_stack (arch/x86/include/asm/irq_stack.h:27 arch/x86/include/asm/irq_stack.h:77 arch/x86/kernel/irq_64.c:77)\n irq_exit_rcu (kernel/softirq.c:393 kernel/softirq.c:423 kernel/softirq.c:435)\n common_interrupt (arch/x86/kernel/irq.c:239)\n asm_common_interrupt (arch/x86/include/asm/idtentry.h:626)\nRIP: 0010:acpi_idle_do_entry (arch/x86/include/asm/irqflags.h:49 arch/x86/include/asm/irqflags.h:89 drivers/acpi/processor_idle.c:114 drivers/acpi/processor_idle.c:575)\nCode: 8b 15 d1 3c c4 02 ed c3 cc cc cc cc 65 48 8b 04 25 40 ef 01 00 48 8b 00 a8 08 75 eb 0f 1f 44 00 00 0f 00 2d d5 09 55 00 fb f4 \u003cfa\u003e c3 cc cc cc cc e9 be fc ff ff 66 66 2e 0f 1f 84 00 00 00 00 00\nRSP: 0018:ffffffffb5603e58 EFLAGS: 00000246\nRAX: 0000000000004000 RBX: ffff93dac0929c00 RCX: ffff93daee833900\nRDX: ffff93daee800000 RSI: ffff93d\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46763",
"url": "https://www.suse.com/security/cve/CVE-2024-46763"
},
{
"category": "external",
"summary": "SUSE Bug 1230764 for CVE-2024-46763",
"url": "https://bugzilla.suse.com/1230764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-46763"
},
{
"cve": "CVE-2024-46865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfou: fix initialization of grc\n\nThe grc must be initialize first. There can be a condition where if\nfou is NULL, goto out will be executed and grc would be used\nuninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46865",
"url": "https://www.suse.com/security/cve/CVE-2024-46865"
},
{
"category": "external",
"summary": "SUSE Bug 1231103 for CVE-2024-46865",
"url": "https://bugzilla.suse.com/1231103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-46865"
},
{
"cve": "CVE-2024-50083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix mptcp DSS corruption due to large pmtu xmit\n\nSyzkaller was able to trigger a DSS corruption:\n\n TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 5227 at net/mptcp/protocol.c:695 __mptcp_move_skbs_from_subflow+0x20a9/0x21f0 net/mptcp/protocol.c:695\n Modules linked in:\n CPU: 0 UID: 0 PID: 5227 Comm: syz-executor350 Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\n RIP: 0010:__mptcp_move_skbs_from_subflow+0x20a9/0x21f0 net/mptcp/protocol.c:695\n Code: 0f b6 dc 31 ff 89 de e8 b5 dd ea f5 89 d8 48 81 c4 50 01 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 98 da ea f5 90 \u003c0f\u003e 0b 90 e9 47 ff ff ff e8 8a da ea f5 90 0f 0b 90 e9 99 e0 ff ff\n RSP: 0018:ffffc90000006db8 EFLAGS: 00010246\n RAX: ffffffff8ba9df18 RBX: 00000000000055f0 RCX: ffff888030023c00\n RDX: 0000000000000100 RSI: 00000000000081e5 RDI: 00000000000055f0\n RBP: 1ffff110062bf1ae R08: ffffffff8ba9cf12 R09: 1ffff110062bf1b8\n R10: dffffc0000000000 R11: ffffed10062bf1b9 R12: 0000000000000000\n R13: dffffc0000000000 R14: 00000000700cec61 R15: 00000000000081e5\n FS: 000055556679c380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020287000 CR3: 0000000077892000 CR4: 00000000003506f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cIRQ\u003e\n move_skbs_to_msk net/mptcp/protocol.c:811 [inline]\n mptcp_data_ready+0x29c/0xa90 net/mptcp/protocol.c:854\n subflow_data_ready+0x34a/0x920 net/mptcp/subflow.c:1490\n tcp_data_queue+0x20fd/0x76c0 net/ipv4/tcp_input.c:5283\n tcp_rcv_established+0xfba/0x2020 net/ipv4/tcp_input.c:6237\n tcp_v4_do_rcv+0x96d/0xc70 net/ipv4/tcp_ipv4.c:1915\n tcp_v4_rcv+0x2dc0/0x37f0 net/ipv4/tcp_ipv4.c:2350\n ip_protocol_deliver_rcu+0x22e/0x440 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n __netif_receive_skb_one_core net/core/dev.c:5662 [inline]\n __netif_receive_skb+0x2bf/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6107\n __napi_poll+0xcb/0x490 net/core/dev.c:6771\n napi_poll net/core/dev.c:6840 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6962\n handle_softirqs+0x2c5/0x980 kernel/softirq.c:554\n do_softirq+0x11b/0x1e0 kernel/softirq.c:455\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:382\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x1764/0x3e80 net/core/dev.c:4451\n dev_queue_xmit include/linux/netdevice.h:3094 [inline]\n neigh_hh_output include/net/neighbour.h:526 [inline]\n neigh_output include/net/neighbour.h:540 [inline]\n ip_finish_output2+0xd41/0x1390 net/ipv4/ip_output.c:236\n ip_local_out net/ipv4/ip_output.c:130 [inline]\n __ip_queue_xmit+0x118c/0x1b80 net/ipv4/ip_output.c:536\n __tcp_transmit_skb+0x2544/0x3b30 net/ipv4/tcp_output.c:1466\n tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline]\n tcp_mtu_probe net/ipv4/tcp_output.c:2547 [inline]\n tcp_write_xmit+0x641d/0x6bf0 net/ipv4/tcp_output.c:2752\n __tcp_push_pending_frames+0x9b/0x360 net/ipv4/tcp_output.c:3015\n tcp_push_pending_frames include/net/tcp.h:2107 [inline]\n tcp_data_snd_check net/ipv4/tcp_input.c:5714 [inline]\n tcp_rcv_established+0x1026/0x2020 net/ipv4/tcp_input.c:6239\n tcp_v4_do_rcv+0x96d/0xc70 net/ipv4/tcp_ipv4.c:1915\n sk_backlog_rcv include/net/sock.h:1113 [inline]\n __release_sock+0x214/0x350 net/core/sock.c:3072\n release_sock+0x61/0x1f0 net/core/sock.c:3626\n mptcp_push_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50083",
"url": "https://www.suse.com/security/cve/CVE-2024-50083"
},
{
"category": "external",
"summary": "SUSE Bug 1232493 for CVE-2024-50083",
"url": "https://bugzilla.suse.com/1232493"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-50083"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.com/1232882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-50106"
},
{
"cve": "CVE-2024-50223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50223"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: Fix the potential null pointer dereference in task_numa_work()\n\nWhen running stress-ng-vm-segv test, we found a null pointer dereference\nerror in task_numa_work(). Here is the backtrace:\n\n [323676.066985] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ......\n [323676.067108] CPU: 35 PID: 2694524 Comm: stress-ng-vm-se\n ......\n [323676.067113] pstate: 23401009 (nzCv daif +PAN -UAO +TCO +DIT +SSBS BTYPE=--)\n [323676.067115] pc : vma_migratable+0x1c/0xd0\n [323676.067122] lr : task_numa_work+0x1ec/0x4e0\n [323676.067127] sp : ffff8000ada73d20\n [323676.067128] x29: ffff8000ada73d20 x28: 0000000000000000 x27: 000000003e89f010\n [323676.067130] x26: 0000000000080000 x25: ffff800081b5c0d8 x24: ffff800081b27000\n [323676.067133] x23: 0000000000010000 x22: 0000000104d18cc0 x21: ffff0009f7158000\n [323676.067135] x20: 0000000000000000 x19: 0000000000000000 x18: ffff8000ada73db8\n [323676.067138] x17: 0001400000000000 x16: ffff800080df40b0 x15: 0000000000000035\n [323676.067140] x14: ffff8000ada73cc8 x13: 1fffe0017cc72001 x12: ffff8000ada73cc8\n [323676.067142] x11: ffff80008001160c x10: ffff000be639000c x9 : ffff8000800f4ba4\n [323676.067145] x8 : ffff000810375000 x7 : ffff8000ada73974 x6 : 0000000000000001\n [323676.067147] x5 : 0068000b33e26707 x4 : 0000000000000001 x3 : ffff0009f7158000\n [323676.067149] x2 : 0000000000000041 x1 : 0000000000004400 x0 : 0000000000000000\n [323676.067152] Call trace:\n [323676.067153] vma_migratable+0x1c/0xd0\n [323676.067155] task_numa_work+0x1ec/0x4e0\n [323676.067157] task_work_run+0x78/0xd8\n [323676.067161] do_notify_resume+0x1ec/0x290\n [323676.067163] el0_svc+0x150/0x160\n [323676.067167] el0t_64_sync_handler+0xf8/0x128\n [323676.067170] el0t_64_sync+0x17c/0x180\n [323676.067173] Code: d2888001 910003fd f9000bf3 aa0003f3 (f9401000)\n [323676.067177] SMP: stopping secondary CPUs\n [323676.070184] Starting crashdump kernel...\n\nstress-ng-vm-segv in stress-ng is used to stress test the SIGSEGV error\nhandling function of the system, which tries to cause a SIGSEGV error on\nreturn from unmapping the whole address space of the child process.\n\nNormally this program will not cause kernel crashes. But before the\nmunmap system call returns to user mode, a potential task_numa_work()\nfor numa balancing could be added and executed. In this scenario, since the\nchild process has no vma after munmap, the vma_next() in task_numa_work()\nwill return a null pointer even if the vma iterator restarts from 0.\n\nRecheck the vma pointer before dereferencing it in task_numa_work().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50223",
"url": "https://www.suse.com/security/cve/CVE-2024-50223"
},
{
"category": "external",
"summary": "SUSE Bug 1233192 for CVE-2024-50223",
"url": "https://bugzilla.suse.com/1233192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-50223"
},
{
"cve": "CVE-2024-54458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: bsg: Set bsg_queue to NULL after removal\n\nCurrently, this does not cause any issues, but I believe it is necessary to\nset bsg_queue to NULL after removing it to prevent potential use-after-free\n(UAF) access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54458",
"url": "https://www.suse.com/security/cve/CVE-2024-54458"
},
{
"category": "external",
"summary": "SUSE Bug 1238992 for CVE-2024-54458",
"url": "https://bugzilla.suse.com/1238992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-54458"
},
{
"cve": "CVE-2024-56641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56641"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: initialize close_work early to avoid warning\n\nWe encountered a warning that close_work was canceled before\ninitialization.\n\n WARNING: CPU: 7 PID: 111103 at kernel/workqueue.c:3047 __flush_work+0x19e/0x1b0\n Workqueue: events smc_lgr_terminate_work [smc]\n RIP: 0010:__flush_work+0x19e/0x1b0\n Call Trace:\n ? __wake_up_common+0x7a/0x190\n ? work_busy+0x80/0x80\n __cancel_work_timer+0xe3/0x160\n smc_close_cancel_work+0x1a/0x70 [smc]\n smc_close_active_abort+0x207/0x360 [smc]\n __smc_lgr_terminate.part.38+0xc8/0x180 [smc]\n process_one_work+0x19e/0x340\n worker_thread+0x30/0x370\n ? process_one_work+0x340/0x340\n kthread+0x117/0x130\n ? __kthread_cancel_work+0x50/0x50\n ret_from_fork+0x22/0x30\n\nThis is because when smc_close_cancel_work is triggered, e.g. the RDMA\ndriver is rmmod and the LGR is terminated, the conn-\u003eclose_work is\nflushed before initialization, resulting in WARN_ON(!work-\u003efunc).\n\n__smc_lgr_terminate | smc_connect_{rdma|ism}\n-------------------------------------------------------------\n | smc_conn_create\n\t\t\t\t| \\- smc_lgr_register_conn\nfor conn in lgr-\u003econns_all |\n\\- smc_conn_kill |\n \\- smc_close_active_abort |\n \\- smc_close_cancel_work |\n \\- cancel_work_sync |\n \\- __flush_work |\n\t (close_work) |\n\t | smc_close_init\n\t | \\- INIT_WORK(\u0026close_work)\n\nSo fix this by initializing close_work before establishing the\nconnection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56641",
"url": "https://www.suse.com/security/cve/CVE-2024-56641"
},
{
"category": "external",
"summary": "SUSE Bug 1235526 for CVE-2024-56641",
"url": "https://bugzilla.suse.com/1235526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-56641"
},
{
"cve": "CVE-2024-56702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Mark raw_tp arguments with PTR_MAYBE_NULL\n\nArguments to a raw tracepoint are tagged as trusted, which carries the\nsemantics that the pointer will be non-NULL. However, in certain cases,\na raw tracepoint argument may end up being NULL. More context about this\nissue is available in [0].\n\nThus, there is a discrepancy between the reality, that raw_tp arguments\ncan actually be NULL, and the verifier\u0027s knowledge, that they are never\nNULL, causing explicit NULL checks to be deleted, and accesses to such\npointers potentially crashing the kernel.\n\nTo fix this, mark raw_tp arguments as PTR_MAYBE_NULL, and then special\ncase the dereference and pointer arithmetic to permit it, and allow\npassing them into helpers/kfuncs; these exceptions are made for raw_tp\nprograms only. Ensure that we don\u0027t do this when ref_obj_id \u003e 0, as in\nthat case this is an acquired object and doesn\u0027t need such adjustment.\n\nThe reason we do mask_raw_tp_trusted_reg logic is because other will\nrecheck in places whether the register is a trusted_reg, and then\nconsider our register as untrusted when detecting the presence of the\nPTR_MAYBE_NULL flag.\n\nTo allow safe dereference, we enable PROBE_MEM marking when we see loads\ninto trusted pointers with PTR_MAYBE_NULL.\n\nWhile trusted raw_tp arguments can also be passed into helpers or kfuncs\nwhere such broken assumption may cause issues, a future patch set will\ntackle their case separately, as PTR_TO_BTF_ID (without PTR_TRUSTED) can\nalready be passed into helpers and causes similar problems. Thus, they\nare left alone for now.\n\nIt is possible that these checks also permit passing non-raw_tp args\nthat are trusted PTR_TO_BTF_ID with null marking. In such a case,\nallowing dereference when pointer is NULL expands allowed behavior, so\nwon\u0027t regress existing programs, and the case of passing these into\nhelpers is the same as above and will be dealt with later.\n\nAlso update the failure case in tp_btf_nullable selftest to capture the\nnew behavior, as the verifier will no longer cause an error when\ndirectly dereference a raw tracepoint argument marked as __nullable.\n\n [0]: https://lore.kernel.org/bpf/ZrCZS6nisraEqehw@jlelli-thinkpadt14gen4.remote.csb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56702",
"url": "https://www.suse.com/security/cve/CVE-2024-56702"
},
{
"category": "external",
"summary": "SUSE Bug 1235501 for CVE-2024-56702",
"url": "https://bugzilla.suse.com/1235501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-56702"
},
{
"cve": "CVE-2024-57998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nOPP: add index check to assert to avoid buffer overflow in _read_freq()\n\nPass the freq index to the assert function to make sure\nwe do not read a freq out of the opp-\u003erates[] table when called\nfrom the indexed variants:\ndev_pm_opp_find_freq_exact_indexed() or\ndev_pm_opp_find_freq_ceil/floor_indexed().\n\nAdd a secondary parameter to the assert function, unused\nfor assert_single_clk() then add assert_clk_index() which\nwill check for the clock index when called from the _indexed()\nfind functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57998",
"url": "https://www.suse.com/security/cve/CVE-2024-57998"
},
{
"category": "external",
"summary": "SUSE Bug 1238527 for CVE-2024-57998",
"url": "https://bugzilla.suse.com/1238527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-57998"
},
{
"cve": "CVE-2024-58001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: handle a symlink read error correctly\n\nPatch series \"Convert ocfs2 to use folios\".\n\nMark did a conversion of ocfs2 to use folios and sent it to me as a\ngiant patch for review ;-)\n\nSo I\u0027ve redone it as individual patches, and credited Mark for the patches\nwhere his code is substantially the same. It\u0027s not a bad way to do it;\nhis patch had some bugs and my patches had some bugs. Hopefully all our\nbugs were different from each other. And hopefully Mark likes all the\nchanges I made to his code!\n\n\nThis patch (of 23):\n\nIf we can\u0027t read the buffer, be sure to unlock the page before returning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58001",
"url": "https://www.suse.com/security/cve/CVE-2024-58001"
},
{
"category": "external",
"summary": "SUSE Bug 1239079 for CVE-2024-58001",
"url": "https://bugzilla.suse.com/1239079"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "low"
}
],
"title": "CVE-2024-58001"
},
{
"cve": "CVE-2024-58070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT\n\nIn PREEMPT_RT, kmalloc(GFP_ATOMIC) is still not safe in non preemptible\ncontext. bpf_mem_alloc must be used in PREEMPT_RT. This patch is\nto enforce bpf_mem_alloc in the bpf_local_storage when CONFIG_PREEMPT_RT\nis enabled.\n\n[ 35.118559] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 35.118566] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1832, name: test_progs\n[ 35.118569] preempt_count: 1, expected: 0\n[ 35.118571] RCU nest depth: 1, expected: 1\n[ 35.118577] INFO: lockdep is turned off.\n ...\n[ 35.118647] __might_resched+0x433/0x5b0\n[ 35.118677] rt_spin_lock+0xc3/0x290\n[ 35.118700] ___slab_alloc+0x72/0xc40\n[ 35.118723] __kmalloc_noprof+0x13f/0x4e0\n[ 35.118732] bpf_map_kzalloc+0xe5/0x220\n[ 35.118740] bpf_selem_alloc+0x1d2/0x7b0\n[ 35.118755] bpf_local_storage_update+0x2fa/0x8b0\n[ 35.118784] bpf_sk_storage_get_tracing+0x15a/0x1d0\n[ 35.118791] bpf_prog_9a118d86fca78ebb_trace_inet_sock_set_state+0x44/0x66\n[ 35.118795] bpf_trace_run3+0x222/0x400\n[ 35.118820] __bpf_trace_inet_sock_set_state+0x11/0x20\n[ 35.118824] trace_inet_sock_set_state+0x112/0x130\n[ 35.118830] inet_sk_state_store+0x41/0x90\n[ 35.118836] tcp_set_state+0x3b3/0x640\n\nThere is no need to adjust the gfp_flags passing to the\nbpf_mem_cache_alloc_flags() which only honors the GFP_KERNEL.\nThe verifier has ensured GFP_KERNEL is passed only in sleepable context.\n\nIt has been an old issue since the first introduction of the\nbpf_local_storage ~5 years ago, so this patch targets the bpf-next.\n\nbpf_mem_alloc is needed to solve it, so the Fixes tag is set\nto the commit when bpf_mem_alloc was first used in the bpf_local_storage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58070",
"url": "https://www.suse.com/security/cve/CVE-2024-58070"
},
{
"category": "external",
"summary": "SUSE Bug 1238983 for CVE-2024-58070",
"url": "https://bugzilla.suse.com/1238983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-58070"
},
{
"cve": "CVE-2024-58093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/ASPM: Fix link state exit during switch upstream function removal\n\nBefore 456d8aa37d0f (\"PCI/ASPM: Disable ASPM on MFD function removal to\navoid use-after-free\"), we would free the ASPM link only after the last\nfunction on the bus pertaining to the given link was removed.\n\nThat was too late. If function 0 is removed before sibling function,\nlink-\u003edownstream would point to free\u0027d memory after.\n\nAfter above change, we freed the ASPM parent link state upon any function\nremoval on the bus pertaining to a given link.\n\nThat is too early. If the link is to a PCIe switch with MFD on the upstream\nport, then removing functions other than 0 first would free a link which\nstill remains parent_link to the remaining downstream ports.\n\nThe resulting GPFs are especially frequent during hot-unplug, because\npciehp removes devices on the link bus in reverse order.\n\nOn that switch, function 0 is the virtual P2P bridge to the internal bus.\nFree exactly when function 0 is removed -- before the parent link is\nobsolete, but after all subordinate links are gone.\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58093",
"url": "https://www.suse.com/security/cve/CVE-2024-58093"
},
{
"category": "external",
"summary": "SUSE Bug 1241347 for CVE-2024-58093",
"url": "https://bugzilla.suse.com/1241347"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-58093"
},
{
"cve": "CVE-2024-58094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add check read-only before truncation in jfs_truncate_nolock()\n\nAdded a check for \"read-only\" mode in the `jfs_truncate_nolock`\nfunction to avoid errors related to writing to a read-only\nfilesystem.\n\nCall stack:\n\nblock_write_begin() {\n jfs_write_failed() {\n jfs_truncate() {\n jfs_truncate_nolock() {\n txEnd() {\n ...\n log = JFS_SBI(tblk-\u003esb)-\u003elog;\n // (log == NULL)\n\nIf the `isReadOnly(ip)` condition is triggered in\n`jfs_truncate_nolock`, the function execution will stop, and no\nfurther data modification will occur. Instead, the `xtTruncate`\nfunction will be called with the \"COMMIT_WMAP\" flag, preventing\nmodifications in \"read-only\" mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58094",
"url": "https://www.suse.com/security/cve/CVE-2024-58094"
},
{
"category": "external",
"summary": "SUSE Bug 1241443 for CVE-2024-58094",
"url": "https://bugzilla.suse.com/1241443"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-58094"
},
{
"cve": "CVE-2024-58095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add check read-only before txBeginAnon() call\n\nAdded a read-only check before calling `txBeginAnon` in `extAlloc`\nand `extRecord`. This prevents modification attempts on a read-only\nmounted filesystem, avoiding potential errors or crashes.\n\nCall trace:\n txBeginAnon+0xac/0x154\n extAlloc+0xe8/0xdec fs/jfs/jfs_extent.c:78\n jfs_get_block+0x340/0xb98 fs/jfs/inode.c:248\n __block_write_begin_int+0x580/0x166c fs/buffer.c:2128\n __block_write_begin fs/buffer.c:2177 [inline]\n block_write_begin+0x98/0x11c fs/buffer.c:2236\n jfs_write_begin+0x44/0x88 fs/jfs/inode.c:299",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58095",
"url": "https://www.suse.com/security/cve/CVE-2024-58095"
},
{
"category": "external",
"summary": "SUSE Bug 1241442 for CVE-2024-58095",
"url": "https://bugzilla.suse.com/1241442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-58095"
},
{
"cve": "CVE-2024-58096",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58096"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: add srng-\u003elock for ath11k_hal_srng_* in monitor mode\n\nath11k_hal_srng_* should be used with srng-\u003elock to protect srng data.\n\nFor ath11k_dp_rx_mon_dest_process() and ath11k_dp_full_mon_process_rx(),\nthey use ath11k_hal_srng_* for many times but never call srng-\u003elock.\n\nSo when running (full) monitor mode, warning will occur:\nRIP: 0010:ath11k_hal_srng_dst_peek+0x18/0x30 [ath11k]\nCall Trace:\n ? ath11k_hal_srng_dst_peek+0x18/0x30 [ath11k]\n ath11k_dp_rx_process_mon_status+0xc45/0x1190 [ath11k]\n ? idr_alloc_u32+0x97/0xd0\n ath11k_dp_rx_process_mon_rings+0x32a/0x550 [ath11k]\n ath11k_dp_service_srng+0x289/0x5a0 [ath11k]\n ath11k_pcic_ext_grp_napi_poll+0x30/0xd0 [ath11k]\n __napi_poll+0x30/0x1f0\n net_rx_action+0x198/0x320\n __do_softirq+0xdd/0x319\n\nSo add srng-\u003elock for them to avoid such warnings.\n\nInorder to fetch the srng-\u003elock, should change srng\u0027s definition from\n\u0027void\u0027 to \u0027struct hal_srng\u0027. And initialize them elsewhere to prevent\none line of code from being too long. This is consistent with other ring\nprocess functions, such as ath11k_dp_process_rx().\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30\nTested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58096",
"url": "https://www.suse.com/security/cve/CVE-2024-58096"
},
{
"category": "external",
"summary": "SUSE Bug 1241344 for CVE-2024-58096",
"url": "https://bugzilla.suse.com/1241344"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-58096"
},
{
"cve": "CVE-2024-58097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix RCU stall while reaping monitor destination ring\n\nWhile processing the monitor destination ring, MSDUs are reaped from the\nlink descriptor based on the corresponding buf_id.\n\nHowever, sometimes the driver cannot obtain a valid buffer corresponding\nto the buf_id received from the hardware. This causes an infinite loop\nin the destination processing, resulting in a kernel crash.\n\nkernel log:\nath11k_pci 0000:58:00.0: data msdu_pop: invalid buf_id 309\nath11k_pci 0000:58:00.0: data dp_rx_monitor_link_desc_return failed\nath11k_pci 0000:58:00.0: data msdu_pop: invalid buf_id 309\nath11k_pci 0000:58:00.0: data dp_rx_monitor_link_desc_return failed\n\nFix this by skipping the problematic buf_id and reaping the next entry,\nreplacing the break with the next MSDU processing.\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30\nTested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58097",
"url": "https://www.suse.com/security/cve/CVE-2024-58097"
},
{
"category": "external",
"summary": "SUSE Bug 1241343 for CVE-2024-58097",
"url": "https://bugzilla.suse.com/1241343"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2024-58097"
},
{
"cve": "CVE-2025-21648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\n\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\nresizing hashtable because __GFP_NOWARN is unset. See:\n\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\n\nNote: hashtable resize is only possible from init_netns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21648",
"url": "https://www.suse.com/security/cve/CVE-2025-21648"
},
{
"category": "external",
"summary": "SUSE Bug 1236142 for CVE-2025-21648",
"url": "https://bugzilla.suse.com/1236142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-21648"
},
{
"cve": "CVE-2025-21683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix bpf_sk_select_reuseport() memory leak\n\nAs pointed out in the original comment, lookup in sockmap can return a TCP\nESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUSEPORT_EBPF\nset before it was ESTABLISHED. In other words, a non-NULL sk_reuseport_cb\ndoes not imply a non-refcounted socket.\n\nDrop sk\u0027s reference in both error paths.\n\nunreferenced object 0xffff888101911800 (size 2048):\n comm \"test_progs\", pid 44109, jiffies 4297131437\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 80 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 9336483b):\n __kmalloc_noprof+0x3bf/0x560\n __reuseport_alloc+0x1d/0x40\n reuseport_alloc+0xca/0x150\n reuseport_attach_prog+0x87/0x140\n sk_reuseport_attach_bpf+0xc8/0x100\n sk_setsockopt+0x1181/0x1990\n do_sock_setsockopt+0x12b/0x160\n __sys_setsockopt+0x7b/0xc0\n __x64_sys_setsockopt+0x1b/0x30\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21683",
"url": "https://www.suse.com/security/cve/CVE-2025-21683"
},
{
"category": "external",
"summary": "SUSE Bug 1236704 for CVE-2025-21683",
"url": "https://bugzilla.suse.com/1236704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "low"
}
],
"title": "CVE-2025-21683"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21707"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: consolidate suboption status\n\nMPTCP maintains the received sub-options status is the bitmask carrying\nthe received suboptions and in several bitfields carrying per suboption\nadditional info.\n\nZeroing the bitmask before parsing is not enough to ensure a consistent\nstatus, and the MPTCP code has to additionally clear some bitfiled\ndepending on the actually parsed suboption.\n\nThe above schema is fragile, and syzbot managed to trigger a path where\na relevant bitfield is not cleared/initialized:\n\n BUG: KMSAN: uninit-value in __mptcp_expand_seq net/mptcp/options.c:1030 [inline]\n BUG: KMSAN: uninit-value in mptcp_expand_seq net/mptcp/protocol.h:864 [inline]\n BUG: KMSAN: uninit-value in ack_update_msk net/mptcp/options.c:1060 [inline]\n BUG: KMSAN: uninit-value in mptcp_incoming_options+0x2036/0x3d30 net/mptcp/options.c:1209\n __mptcp_expand_seq net/mptcp/options.c:1030 [inline]\n mptcp_expand_seq net/mptcp/protocol.h:864 [inline]\n ack_update_msk net/mptcp/options.c:1060 [inline]\n mptcp_incoming_options+0x2036/0x3d30 net/mptcp/options.c:1209\n tcp_data_queue+0xb4/0x7be0 net/ipv4/tcp_input.c:5233\n tcp_rcv_established+0x1061/0x2510 net/ipv4/tcp_input.c:6264\n tcp_v4_do_rcv+0x7f3/0x11a0 net/ipv4/tcp_ipv4.c:1916\n tcp_v4_rcv+0x51df/0x5750 net/ipv4/tcp_ipv4.c:2351\n ip_protocol_deliver_rcu+0x2a3/0x13d0 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:460 [inline]\n ip_rcv_finish+0x4a2/0x520 net/ipv4/ip_input.c:447\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_rcv+0xcd/0x380 net/ipv4/ip_input.c:567\n __netif_receive_skb_one_core net/core/dev.c:5704 [inline]\n __netif_receive_skb+0x319/0xa00 net/core/dev.c:5817\n process_backlog+0x4ad/0xa50 net/core/dev.c:6149\n __napi_poll+0xe7/0x980 net/core/dev.c:6902\n napi_poll net/core/dev.c:6971 [inline]\n net_rx_action+0xa5a/0x19b0 net/core/dev.c:7093\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4493\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_hh_output include/net/neighbour.h:523 [inline]\n neigh_output include/net/neighbour.h:537 [inline]\n ip_finish_output2+0x187c/0x1b70 net/ipv4/ip_output.c:236\n __ip_finish_output+0x287/0x810\n ip_finish_output+0x4b/0x600 net/ipv4/ip_output.c:324\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip_output+0x15f/0x3f0 net/ipv4/ip_output.c:434\n dst_output include/net/dst.h:450 [inline]\n ip_local_out net/ipv4/ip_output.c:130 [inline]\n __ip_queue_xmit+0x1f2a/0x20d0 net/ipv4/ip_output.c:536\n ip_queue_xmit+0x60/0x80 net/ipv4/ip_output.c:550\n __tcp_transmit_skb+0x3cea/0x4900 net/ipv4/tcp_output.c:1468\n tcp_transmit_skb net/ipv4/tcp_output.c:1486 [inline]\n tcp_write_xmit+0x3b90/0x9070 net/ipv4/tcp_output.c:2829\n __tcp_push_pending_frames+0xc4/0x380 net/ipv4/tcp_output.c:3012\n tcp_send_fin+0x9f6/0xf50 net/ipv4/tcp_output.c:3618\n __tcp_close+0x140c/0x1550 net/ipv4/tcp.c:3130\n __mptcp_close_ssk+0x74e/0x16f0 net/mptcp/protocol.c:2496\n mptcp_close_ssk+0x26b/0x2c0 net/mptcp/protocol.c:2550\n mptcp_pm_nl_rm_addr_or_subflow+0x635/0xd10 net/mptcp/pm_netlink.c:889\n mptcp_pm_nl_rm_subflow_received net/mptcp/pm_netlink.c:924 [inline]\n mptcp_pm_flush_addrs_and_subflows net/mptcp/pm_netlink.c:1688 [inline]\n mptcp_nl_flush_addrs_list net/mptcp/pm_netlink.c:1709 [inline]\n mptcp_pm_nl_flush_addrs_doit+0xe10/0x1630 net/mptcp/pm_netlink.c:1750\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21707",
"url": "https://www.suse.com/security/cve/CVE-2025-21707"
},
{
"category": "external",
"summary": "SUSE Bug 1238862 for CVE-2025-21707",
"url": "https://bugzilla.suse.com/1238862"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-21707"
},
{
"cve": "CVE-2025-21758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: add RCU protection to mld_newpack()\n\nmld_newpack() can be called without RTNL or RCU being held.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21758",
"url": "https://www.suse.com/security/cve/CVE-2025-21758"
},
{
"category": "external",
"summary": "SUSE Bug 1238737 for CVE-2025-21758",
"url": "https://bugzilla.suse.com/1238737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-21758"
},
{
"cve": "CVE-2025-21768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels\n\nSome lwtunnels have a dst cache for post-transformation dst.\nIf the packet destination did not change we may end up recording\na reference to the lwtunnel in its own cache, and the lwtunnel\nstate will never be freed.\n\nDiscovered by the ioam6.sh test, kmemleak was recently fixed\nto catch per-cpu memory leaks. I\u0027m not sure if rpl and seg6\ncan actually hit this, but in principle I don\u0027t see why not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21768",
"url": "https://www.suse.com/security/cve/CVE-2025-21768"
},
{
"category": "external",
"summary": "SUSE Bug 1238714 for CVE-2025-21768",
"url": "https://bugzilla.suse.com/1238714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-21768"
},
{
"cve": "CVE-2025-21787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: better TEAM_OPTION_TYPE_STRING validation\n\nsyzbot reported following splat [1]\n\nMake sure user-provided data contains one nul byte.\n\n[1]\n BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inline]\n BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714\n string_nocheck lib/vsprintf.c:633 [inline]\n string+0x3ec/0x5f0 lib/vsprintf.c:714\n vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843\n __request_module+0x252/0x9f0 kernel/module/kmod.c:149\n team_mode_get drivers/net/team/team_core.c:480 [inline]\n team_change_mode drivers/net/team/team_core.c:607 [inline]\n team_mode_option_set+0x437/0x970 drivers/net/team/team_core.c:1401\n team_option_set drivers/net/team/team_core.c:375 [inline]\n team_nl_options_set_doit+0x1339/0x1f90 drivers/net/team/team_core.c:2662\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x1214/0x12c0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2543\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:733\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2573\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2627\n __sys_sendmsg net/socket.c:2659 [inline]\n __do_sys_sendmsg net/socket.c:2664 [inline]\n __se_sys_sendmsg net/socket.c:2662 [inline]\n __x64_sys_sendmsg+0x212/0x3c0 net/socket.c:2662\n x64_sys_call+0x2ed6/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21787",
"url": "https://www.suse.com/security/cve/CVE-2025-21787"
},
{
"category": "external",
"summary": "SUSE Bug 1238774 for CVE-2025-21787",
"url": "https://bugzilla.suse.com/1238774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-21787"
},
{
"cve": "CVE-2025-21792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt\n\nIf an AX25 device is bound to a socket by setting the SO_BINDTODEVICE\nsocket option, a refcount leak will occur in ax25_release().\n\nCommit 9fd75b66b8f6 (\"ax25: Fix refcount leaks caused by ax25_cb_del()\")\nadded decrement of device refcounts in ax25_release(). In order for that\nto work correctly the refcounts must already be incremented when the\ndevice is bound to the socket. An AX25 device can be bound to a socket\nby either calling ax25_bind() or setting SO_BINDTODEVICE socket option.\nIn both cases the refcounts should be incremented, but in fact it is done\nonly in ax25_bind().\n\nThis bug leads to the following issue reported by Syzkaller:\n\n================================================================\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 1 PID: 5932 at lib/refcount.c:31 refcount_warn_saturate+0x1ed/0x210 lib/refcount.c:31\nModules linked in:\nCPU: 1 UID: 0 PID: 5932 Comm: syz-executor424 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:refcount_warn_saturate+0x1ed/0x210 lib/refcount.c:31\nCall Trace:\n \u003cTASK\u003e\n __refcount_dec include/linux/refcount.h:336 [inline]\n refcount_dec include/linux/refcount.h:351 [inline]\n ref_tracker_free+0x710/0x820 lib/ref_tracker.c:236\n netdev_tracker_free include/linux/netdevice.h:4156 [inline]\n netdev_put include/linux/netdevice.h:4173 [inline]\n netdev_put include/linux/netdevice.h:4169 [inline]\n ax25_release+0x33f/0xa10 net/ax25/af_ax25.c:1069\n __sock_release+0xb0/0x270 net/socket.c:640\n sock_close+0x1c/0x30 net/socket.c:1408\n ...\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n ...\n \u003c/TASK\u003e\n================================================================\n\nFix the implementation of ax25_setsockopt() by adding increment of\nrefcounts for the new device bound, and decrement of refcounts for\nthe old unbound device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21792",
"url": "https://www.suse.com/security/cve/CVE-2025-21792"
},
{
"category": "external",
"summary": "SUSE Bug 1238745 for CVE-2025-21792",
"url": "https://bugzilla.suse.com/1238745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-21792"
},
{
"cve": "CVE-2025-21814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: Ensure info-\u003eenable callback is always set\n\nThe ioctl and sysfs handlers unconditionally call the -\u003eenable callback.\nNot all drivers implement that callback, leading to NULL dereferences.\nExample of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c.\n\nInstead use a dummy callback if no better was specified by the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21814",
"url": "https://www.suse.com/security/cve/CVE-2025-21814"
},
{
"category": "external",
"summary": "SUSE Bug 1238473 for CVE-2025-21814",
"url": "https://bugzilla.suse.com/1238473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-21814"
},
{
"cve": "CVE-2025-21852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Add rx_skb of kfree_skb to raw_tp_null_args[].\n\nYan Zhai reported a BPF prog could trigger a null-ptr-deref [0]\nin trace_kfree_skb if the prog does not check if rx_sk is NULL.\n\nCommit c53795d48ee8 (\"net: add rx_sk to trace_kfree_skb\") added\nrx_sk to trace_kfree_skb, but rx_sk is optional and could be NULL.\n\nLet\u0027s add kfree_skb to raw_tp_null_args[] to let the BPF verifier\nvalidate such a prog and prevent the issue.\n\nNow we fail to load such a prog:\n\n libbpf: prog \u0027drop\u0027: -- BEGIN PROG LOAD LOG --\n 0: R1=ctx() R10=fp0\n ; int BPF_PROG(drop, struct sk_buff *skb, void *location, @ kfree_skb_sk_null.bpf.c:21\n 0: (79) r3 = *(u64 *)(r1 +24)\n func \u0027kfree_skb\u0027 arg3 has btf_id 5253 type STRUCT \u0027sock\u0027\n 1: R1=ctx() R3_w=trusted_ptr_or_null_sock(id=1)\n ; bpf_printk(\"sk: %d, %d\\n\", sk, sk-\u003e__sk_common.skc_family); @ kfree_skb_sk_null.bpf.c:24\n 1: (69) r4 = *(u16 *)(r3 +16)\n R3 invalid mem access \u0027trusted_ptr_or_null_\u0027\n processed 2 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0\n -- END PROG LOAD LOG --\n\nNote this fix requires commit 838a10bd2ebf (\"bpf: Augment raw_tp\narguments with PTR_MAYBE_NULL\").\n\n[0]:\nBUG: kernel NULL pointer dereference, address: 0000000000000010\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 0 P4D 0\nPREEMPT SMP\nRIP: 0010:bpf_prog_5e21a6db8fcff1aa_drop+0x10/0x2d\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x1f/0x60\n ? page_fault_oops+0x148/0x420\n ? search_bpf_extables+0x5b/0x70\n ? fixup_exception+0x27/0x2c0\n ? exc_page_fault+0x75/0x170\n ? asm_exc_page_fault+0x22/0x30\n ? bpf_prog_5e21a6db8fcff1aa_drop+0x10/0x2d\n bpf_trace_run4+0x68/0xd0\n ? unix_stream_connect+0x1f4/0x6f0\n sk_skb_reason_drop+0x90/0x120\n unix_stream_connect+0x1f4/0x6f0\n __sys_connect+0x7f/0xb0\n __x64_sys_connect+0x14/0x20\n do_syscall_64+0x47/0xc30\n entry_SYSCALL_64_after_hwframe+0x4b/0x53",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21852",
"url": "https://www.suse.com/security/cve/CVE-2025-21852"
},
{
"category": "external",
"summary": "SUSE Bug 1239487 for CVE-2025-21852",
"url": "https://bugzilla.suse.com/1239487"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-21852"
},
{
"cve": "CVE-2025-21853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: avoid holding freeze_mutex during mmap operation\n\nWe use map-\u003efreeze_mutex to prevent races between map_freeze() and\nmemory mapping BPF map contents with writable permissions. The way we\nnaively do this means we\u0027ll hold freeze_mutex for entire duration of all\nthe mm and VMA manipulations, which is completely unnecessary. This can\npotentially also lead to deadlocks, as reported by syzbot in [0].\n\nSo, instead, hold freeze_mutex only during writeability checks, bump\n(proactively) \"write active\" count for the map, unlock the mutex and\nproceed with mmap logic. And only if something went wrong during mmap\nlogic, then undo that \"write active\" counter increment.\n\n [0] https://lore.kernel.org/bpf/678dcbc9.050a0220.303755.0066.GAE@google.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21853",
"url": "https://www.suse.com/security/cve/CVE-2025-21853"
},
{
"category": "external",
"summary": "SUSE Bug 1239476 for CVE-2025-21853",
"url": "https://bugzilla.suse.com/1239476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-21853"
},
{
"cve": "CVE-2025-21919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Fix potential memory corruption in child_cfs_rq_on_list\n\nchild_cfs_rq_on_list attempts to convert a \u0027prev\u0027 pointer to a cfs_rq.\nThis \u0027prev\u0027 pointer can originate from struct rq\u0027s leaf_cfs_rq_list,\nmaking the conversion invalid and potentially leading to memory\ncorruption. Depending on the relative positions of leaf_cfs_rq_list and\nthe task group (tg) pointer within the struct, this can cause a memory\nfault or access garbage data.\n\nThe issue arises in list_add_leaf_cfs_rq, where both\ncfs_rq-\u003eleaf_cfs_rq_list and rq-\u003eleaf_cfs_rq_list are added to the same\nleaf list. Also, rq-\u003etmp_alone_branch can be set to rq-\u003eleaf_cfs_rq_list.\n\nThis adds a check `if (prev == \u0026rq-\u003eleaf_cfs_rq_list)` after the main\nconditional in child_cfs_rq_on_list. This ensures that the container_of\noperation will convert a correct cfs_rq struct.\n\nThis check is sufficient because only cfs_rqs on the same CPU are added\nto the list, so verifying the \u0027prev\u0027 pointer against the current rq\u0027s list\nhead is enough.\n\nFixes a potential memory corruption issue that due to current struct\nlayout might not be manifesting as a crash but could lead to unpredictable\nbehavior when the layout changes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21919",
"url": "https://www.suse.com/security/cve/CVE-2025-21919"
},
{
"category": "external",
"summary": "SUSE Bug 1240593 for CVE-2025-21919",
"url": "https://bugzilla.suse.com/1240593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-21919"
},
{
"cve": "CVE-2025-21929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove()\n\nDuring the `rmmod` operation for the `intel_ishtp_hid` driver, a\nuse-after-free issue can occur in the hid_ishtp_cl_remove() function.\nThe function hid_ishtp_cl_deinit() is called before ishtp_hid_remove(),\nwhich can lead to accessing freed memory or resources during the\nremoval process.\n\nCall Trace:\n ? ishtp_cl_send+0x168/0x220 [intel_ishtp]\n ? hid_output_report+0xe3/0x150 [hid]\n hid_ishtp_set_feature+0xb5/0x120 [intel_ishtp_hid]\n ishtp_hid_request+0x7b/0xb0 [intel_ishtp_hid]\n hid_hw_request+0x1f/0x40 [hid]\n sensor_hub_set_feature+0x11f/0x190 [hid_sensor_hub]\n _hid_sensor_power_state+0x147/0x1e0 [hid_sensor_trigger]\n hid_sensor_runtime_resume+0x22/0x30 [hid_sensor_trigger]\n sensor_hub_remove+0xa8/0xe0 [hid_sensor_hub]\n hid_device_remove+0x49/0xb0 [hid]\n hid_destroy_device+0x6f/0x90 [hid]\n ishtp_hid_remove+0x42/0x70 [intel_ishtp_hid]\n hid_ishtp_cl_remove+0x6b/0xb0 [intel_ishtp_hid]\n ishtp_cl_device_remove+0x4a/0x60 [intel_ishtp]\n ...\n\nAdditionally, ishtp_hid_remove() is a HID level power off, which should\noccur before the ISHTP level disconnect.\n\nThis patch resolves the issue by reordering the calls in\nhid_ishtp_cl_remove(). The function ishtp_hid_remove() is now\ncalled before hid_ishtp_cl_deinit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21929",
"url": "https://www.suse.com/security/cve/CVE-2025-21929"
},
{
"category": "external",
"summary": "SUSE Bug 1240711 for CVE-2025-21929",
"url": "https://bugzilla.suse.com/1240711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-21929"
},
{
"cve": "CVE-2025-21962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21962"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing closetimeo mount option\n\nUser-provided mount parameter closetimeo of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21962",
"url": "https://www.suse.com/security/cve/CVE-2025-21962"
},
{
"category": "external",
"summary": "SUSE Bug 1240655 for CVE-2025-21962",
"url": "https://bugzilla.suse.com/1240655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-21962"
},
{
"cve": "CVE-2025-21963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing acdirmax mount option\n\nUser-provided mount parameter acdirmax of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21963",
"url": "https://www.suse.com/security/cve/CVE-2025-21963"
},
{
"category": "external",
"summary": "SUSE Bug 1240717 for CVE-2025-21963",
"url": "https://bugzilla.suse.com/1240717"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-21963"
},
{
"cve": "CVE-2025-21964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing acregmax mount option\n\nUser-provided mount parameter acregmax of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21964",
"url": "https://www.suse.com/security/cve/CVE-2025-21964"
},
{
"category": "external",
"summary": "SUSE Bug 1240740 for CVE-2025-21964",
"url": "https://bugzilla.suse.com/1240740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-21964"
},
{
"cve": "CVE-2025-22018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Fix NULL pointer dereference\n\nWhen MPOA_cache_impos_rcvd() receives the msg, it can trigger\nNull Pointer Dereference Vulnerability if both entry and\nholding_time are NULL. Because there is only for the situation\nwhere entry is NULL and holding_time exists, it can be passed\nwhen both entry and holding_time are NULL. If these are NULL,\nthe entry will be passd to eg_cache_put() as parameter and\nit is referenced by entry-\u003euse code in it.\n\nkasan log:\n\n[ 3.316691] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006:I\n[ 3.317568] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\n[ 3.318188] CPU: 3 UID: 0 PID: 79 Comm: ex Not tainted 6.14.0-rc2 #102\n[ 3.318601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n[ 3.319298] RIP: 0010:eg_cache_remove_entry+0xa5/0x470\n[ 3.319677] Code: c1 f7 6e fd 48 c7 c7 00 7e 38 b2 e8 95 64 54 fd 48 c7 c7 40 7e 38 b2 48 89 ee e80\n[ 3.321220] RSP: 0018:ffff88800583f8a8 EFLAGS: 00010006\n[ 3.321596] RAX: 0000000000000006 RBX: ffff888005989000 RCX: ffffffffaecc2d8e\n[ 3.322112] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000030\n[ 3.322643] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff6558b88\n[ 3.323181] R10: 0000000000000003 R11: 203a207972746e65 R12: 1ffff11000b07f15\n[ 3.323707] R13: dffffc0000000000 R14: ffff888005989000 R15: ffff888005989068\n[ 3.324185] FS: 000000001b6313c0(0000) GS:ffff88806d380000(0000) knlGS:0000000000000000\n[ 3.325042] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 3.325545] CR2: 00000000004b4b40 CR3: 000000000248e000 CR4: 00000000000006f0\n[ 3.326430] Call Trace:\n[ 3.326725] \u003cTASK\u003e\n[ 3.326927] ? die_addr+0x3c/0xa0\n[ 3.327330] ? exc_general_protection+0x161/0x2a0\n[ 3.327662] ? asm_exc_general_protection+0x26/0x30\n[ 3.328214] ? vprintk_emit+0x15e/0x420\n[ 3.328543] ? eg_cache_remove_entry+0xa5/0x470\n[ 3.328910] ? eg_cache_remove_entry+0x9a/0x470\n[ 3.329294] ? __pfx_eg_cache_remove_entry+0x10/0x10\n[ 3.329664] ? console_unlock+0x107/0x1d0\n[ 3.329946] ? __pfx_console_unlock+0x10/0x10\n[ 3.330283] ? do_syscall_64+0xa6/0x1a0\n[ 3.330584] ? entry_SYSCALL_64_after_hwframe+0x47/0x7f\n[ 3.331090] ? __pfx_prb_read_valid+0x10/0x10\n[ 3.331395] ? down_trylock+0x52/0x80\n[ 3.331703] ? vprintk_emit+0x15e/0x420\n[ 3.331986] ? __pfx_vprintk_emit+0x10/0x10\n[ 3.332279] ? down_trylock+0x52/0x80\n[ 3.332527] ? _printk+0xbf/0x100\n[ 3.332762] ? __pfx__printk+0x10/0x10\n[ 3.333007] ? _raw_write_lock_irq+0x81/0xe0\n[ 3.333284] ? __pfx__raw_write_lock_irq+0x10/0x10\n[ 3.333614] msg_from_mpoad+0x1185/0x2750\n[ 3.333893] ? __build_skb_around+0x27b/0x3a0\n[ 3.334183] ? __pfx_msg_from_mpoad+0x10/0x10\n[ 3.334501] ? __alloc_skb+0x1c0/0x310\n[ 3.334809] ? __pfx___alloc_skb+0x10/0x10\n[ 3.335283] ? _raw_spin_lock+0xe0/0xe0\n[ 3.335632] ? finish_wait+0x8d/0x1e0\n[ 3.335975] vcc_sendmsg+0x684/0xba0\n[ 3.336250] ? __pfx_vcc_sendmsg+0x10/0x10\n[ 3.336587] ? __pfx_autoremove_wake_function+0x10/0x10\n[ 3.337056] ? fdget+0x176/0x3e0\n[ 3.337348] __sys_sendto+0x4a2/0x510\n[ 3.337663] ? __pfx___sys_sendto+0x10/0x10\n[ 3.337969] ? ioctl_has_perm.constprop.0.isra.0+0x284/0x400\n[ 3.338364] ? sock_ioctl+0x1bb/0x5a0\n[ 3.338653] ? __rseq_handle_notify_resume+0x825/0xd20\n[ 3.339017] ? __pfx_sock_ioctl+0x10/0x10\n[ 3.339316] ? __pfx___rseq_handle_notify_resume+0x10/0x10\n[ 3.339727] ? selinux_file_ioctl+0xa4/0x260\n[ 3.340166] __x64_sys_sendto+0xe0/0x1c0\n[ 3.340526] ? syscall_exit_to_user_mode+0x123/0x140\n[ 3.340898] do_syscall_64+0xa6/0x1a0\n[ 3.341170] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 3.341533] RIP: 0033:0x44a380\n[ 3.341757] Code: 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c00\n[ \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22018",
"url": "https://www.suse.com/security/cve/CVE-2025-22018"
},
{
"category": "external",
"summary": "SUSE Bug 1241266 for CVE-2025-22018",
"url": "https://bugzilla.suse.com/1241266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22018"
},
{
"cve": "CVE-2025-22021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: socket: Lookup orig tuple for IPv6 SNAT\n\nnf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to\nrestore the original 5-tuple in case of SNAT, to be able to find the\nright socket (if any). Then socket_match() can correctly check whether\nthe socket was transparent.\n\nHowever, the IPv6 counterpart (nf_sk_lookup_slow_v6) lacks this\nconntrack lookup, making xt_socket fail to match on the socket when the\npacket was SNATed. Add the same logic to nf_sk_lookup_slow_v6.\n\nIPv6 SNAT is used in Kubernetes clusters for pod-to-world packets, as\npods\u0027 addresses are in the fd00::/8 ULA subnet and need to be replaced\nwith the node\u0027s external address. Cilium leverages Envoy to enforce L7\npolicies, and Envoy uses transparent sockets. Cilium inserts an iptables\nprerouting rule that matches on `-m socket --transparent` and redirects\nthe packets to localhost, but it fails to match SNATed IPv6 packets due\nto that missing conntrack lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22021",
"url": "https://www.suse.com/security/cve/CVE-2025-22021"
},
{
"category": "external",
"summary": "SUSE Bug 1241282 for CVE-2025-22021",
"url": "https://bugzilla.suse.com/1241282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "low"
}
],
"title": "CVE-2025-22021"
},
{
"cve": "CVE-2025-22025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22025"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: put dl_stid if fail to queue dl_recall\n\nBefore calling nfsd4_run_cb to queue dl_recall to the callback_wq, we\nincrement the reference count of dl_stid.\nWe expect that after the corresponding work_struct is processed, the\nreference count of dl_stid will be decremented through the callback\nfunction nfsd4_cb_recall_release.\nHowever, if the call to nfsd4_run_cb fails, the incremented reference\ncount of dl_stid will not be decremented correspondingly, leading to the\nfollowing nfs4_stid leak:\nunreferenced object 0xffff88812067b578 (size 344):\n comm \"nfsd\", pid 2761, jiffies 4295044002 (age 5541.241s)\n hex dump (first 32 bytes):\n 01 00 00 00 6b 6b 6b 6b b8 02 c0 e2 81 88 ff ff ....kkkk........\n 00 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 ad 4e ad de .kkkkkkk.....N..\n backtrace:\n kmem_cache_alloc+0x4b9/0x700\n nfsd4_process_open1+0x34/0x300\n nfsd4_open+0x2d1/0x9d0\n nfsd4_proc_compound+0x7a2/0xe30\n nfsd_dispatch+0x241/0x3e0\n svc_process_common+0x5d3/0xcc0\n svc_process+0x2a3/0x320\n nfsd+0x180/0x2e0\n kthread+0x199/0x1d0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\nunreferenced object 0xffff8881499f4d28 (size 368):\n comm \"nfsd\", pid 2761, jiffies 4295044005 (age 5541.239s)\n hex dump (first 32 bytes):\n 01 00 00 00 00 00 00 00 30 4d 9f 49 81 88 ff ff ........0M.I....\n 30 4d 9f 49 81 88 ff ff 20 00 00 00 01 00 00 00 0M.I.... .......\n backtrace:\n kmem_cache_alloc+0x4b9/0x700\n nfs4_alloc_stid+0x29/0x210\n alloc_init_deleg+0x92/0x2e0\n nfs4_set_delegation+0x284/0xc00\n nfs4_open_delegation+0x216/0x3f0\n nfsd4_process_open2+0x2b3/0xee0\n nfsd4_open+0x770/0x9d0\n nfsd4_proc_compound+0x7a2/0xe30\n nfsd_dispatch+0x241/0x3e0\n svc_process_common+0x5d3/0xcc0\n svc_process+0x2a3/0x320\n nfsd+0x180/0x2e0\n kthread+0x199/0x1d0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\nFix it by checking the result of nfsd4_run_cb and call nfs4_put_stid if\nfail to queue dl_recall.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22025",
"url": "https://www.suse.com/security/cve/CVE-2025-22025"
},
{
"category": "external",
"summary": "SUSE Bug 1241361 for CVE-2025-22025",
"url": "https://bugzilla.suse.com/1241361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22025"
},
{
"cve": "CVE-2025-22027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22027"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: streamzap: fix race between device disconnection and urb callback\n\nSyzkaller has reported a general protection fault at function\nir_raw_event_store_with_filter(). This crash is caused by a NULL pointer\ndereference of dev-\u003eraw pointer, even though it is checked for NULL in\nthe same function, which means there is a race condition. It occurs due\nto the incorrect order of actions in the streamzap_disconnect() function:\nrc_unregister_device() is called before usb_kill_urb(). The dev-\u003eraw\npointer is freed and set to NULL in rc_unregister_device(), and only\nafter that usb_kill_urb() waits for in-progress requests to finish.\n\nIf rc_unregister_device() is called while streamzap_callback() handler is\nnot finished, this can lead to accessing freed resources. Thus\nrc_unregister_device() should be called after usb_kill_urb().\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22027",
"url": "https://www.suse.com/security/cve/CVE-2025-22027"
},
{
"category": "external",
"summary": "SUSE Bug 1241369 for CVE-2025-22027",
"url": "https://bugzilla.suse.com/1241369"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22027"
},
{
"cve": "CVE-2025-22030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()\n\nCurrently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding\nthe per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_lock\n(through crypto_exit_scomp_ops_async()).\n\nOn the other hand, crypto_alloc_acomp_node() holds the scomp_lock (through\ncrypto_scomp_init_tfm()), and then allocates memory. If the allocation\nresults in reclaim, we may attempt to hold the per-CPU acomp_ctx mutex.\n\nThe above dependencies can cause an ABBA deadlock. For example in the\nfollowing scenario:\n\n(1) Task A running on CPU #1:\n crypto_alloc_acomp_node()\n Holds scomp_lock\n Enters reclaim\n Reads per_cpu_ptr(pool-\u003eacomp_ctx, 1)\n\n(2) Task A is descheduled\n\n(3) CPU #1 goes offline\n zswap_cpu_comp_dead(CPU #1)\n Holds per_cpu_ptr(pool-\u003eacomp_ctx, 1))\n Calls crypto_free_acomp()\n Waits for scomp_lock\n\n(4) Task A running on CPU #2:\n Waits for per_cpu_ptr(pool-\u003eacomp_ctx, 1) // Read on CPU #1\n DEADLOCK\n\nSince there is no requirement to call crypto_free_acomp() with the per-CPU\nacomp_ctx mutex held in zswap_cpu_comp_dead(), move it after the mutex is\nunlocked. Also move the acomp_request_free() and kfree() calls for\nconsistency and to avoid any potential sublte locking dependencies in the\nfuture.\n\nWith this, only setting acomp_ctx fields to NULL occurs with the mutex\nheld. This is similar to how zswap_cpu_comp_prepare() only initializes\nacomp_ctx fields with the mutex held, after performing all allocations\nbefore holding the mutex.\n\nOpportunistically, move the NULL check on acomp_ctx so that it takes place\nbefore the mutex dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22030",
"url": "https://www.suse.com/security/cve/CVE-2025-22030"
},
{
"category": "external",
"summary": "SUSE Bug 1241376 for CVE-2025-22030",
"url": "https://bugzilla.suse.com/1241376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22030"
},
{
"cve": "CVE-2025-22033",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22033"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: Don\u0027t call NULL in do_compat_alignment_fixup()\n\ndo_alignment_t32_to_handler() only fixes up alignment faults for\nspecific instructions; it returns NULL otherwise (e.g. LDREX). When\nthat\u0027s the case, signal to the caller that it needs to proceed with the\nregular alignment fault handling (i.e. SIGBUS). Without this patch, the\nkernel panics:\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n Mem abort info:\n ESR = 0x0000000086000006\n EC = 0x21: IABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x06: level 2 translation fault\n user pgtable: 4k pages, 48-bit VAs, pgdp=00000800164aa000\n [0000000000000000] pgd=0800081fdbd22003, p4d=0800081fdbd22003, pud=08000815d51c6003, pmd=0000000000000000\n Internal error: Oops: 0000000086000006 [#1] SMP\n Modules linked in: cfg80211 rfkill xt_nat xt_tcpudp xt_conntrack nft_chain_nat xt_MASQUERADE nf_nat nf_conntrack_netlink nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xfrm_user xfrm_algo xt_addrtype nft_compat br_netfilter veth nvme_fa\u003e\n libcrc32c crc32c_generic raid0 multipath linear dm_mod dax raid1 md_mod xhci_pci nvme xhci_hcd nvme_core t10_pi usbcore igb crc64_rocksoft crc64 crc_t10dif crct10dif_generic crct10dif_ce crct10dif_common usb_common i2c_algo_bit i2c\u003e\n CPU: 2 PID: 3932954 Comm: WPEWebProcess Not tainted 6.1.0-31-arm64 #1 Debian 6.1.128-1\n Hardware name: GIGABYTE MP32-AR1-00/MP32-AR1-00, BIOS F18v (SCP: 1.08.20211002) 12/01/2021\n pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : 0x0\n lr : do_compat_alignment_fixup+0xd8/0x3dc\n sp : ffff80000f973dd0\n x29: ffff80000f973dd0 x28: ffff081b42526180 x27: 0000000000000000\n x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\n x23: 0000000000000004 x22: 0000000000000000 x21: 0000000000000001\n x20: 00000000e8551f00 x19: ffff80000f973eb0 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000 x9 : ffffaebc949bc488\n x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n x5 : 0000000000400000 x4 : 0000fffffffffffe x3 : 0000000000000000\n x2 : ffff80000f973eb0 x1 : 00000000e8551f00 x0 : 0000000000000001\n Call trace:\n 0x0\n do_alignment_fault+0x40/0x50\n do_mem_abort+0x4c/0xa0\n el0_da+0x48/0xf0\n el0t_32_sync_handler+0x110/0x140\n el0t_32_sync+0x190/0x194\n Code: bad PC value\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22033",
"url": "https://www.suse.com/security/cve/CVE-2025-22033"
},
{
"category": "external",
"summary": "SUSE Bug 1241436 for CVE-2025-22033",
"url": "https://bugzilla.suse.com/1241436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22033"
},
{
"cve": "CVE-2025-22044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacpi: nfit: fix narrowing conversion in acpi_nfit_ctl\n\nSyzkaller has reported a warning in to_nfit_bus_uuid(): \"only secondary\nbus families can be translated\". This warning is emited if the argument\nis equal to NVDIMM_BUS_FAMILY_NFIT == 0. Function acpi_nfit_ctl() first\nverifies that a user-provided value call_pkg-\u003end_family of type u64 is\nnot equal to 0. Then the value is converted to int, and only after that\nis compared to NVDIMM_BUS_FAMILY_MAX. This can lead to passing an invalid\nargument to acpi_nfit_ctl(), if call_pkg-\u003end_family is non-zero, while\nthe lower 32 bits are zero.\n\nFurthermore, it is best to return EINVAL immediately upon seeing the\ninvalid user input. The WARNING is insufficient to prevent further\nundefined behavior based on other invalid user input.\n\nAll checks of the input value should be applied to the original variable\ncall_pkg-\u003end_family.\n\n[iweiny: update commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22044",
"url": "https://www.suse.com/security/cve/CVE-2025-22044"
},
{
"category": "external",
"summary": "SUSE Bug 1241424 for CVE-2025-22044",
"url": "https://bugzilla.suse.com/1241424"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22044"
},
{
"cve": "CVE-2025-22050",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22050"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet:fix NPE during rx_complete\n\nMissing usbnet_going_away Check in Critical Path.\nThe usb_submit_urb function lacks a usbnet_going_away\nvalidation, whereas __usbnet_queue_skb includes this check.\n\nThis inconsistency creates a race condition where:\nA URB request may succeed, but the corresponding SKB data\nfails to be queued.\n\nSubsequent processes:\n(e.g., rx_complete \u2192 defer_bh \u2192 __skb_unlink(skb, list))\nattempt to access skb-\u003enext, triggering a NULL pointer\ndereference (Kernel Panic).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22050",
"url": "https://www.suse.com/security/cve/CVE-2025-22050"
},
{
"category": "external",
"summary": "SUSE Bug 1241441 for CVE-2025-22050",
"url": "https://bugzilla.suse.com/1241441"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22050"
},
{
"cve": "CVE-2025-22056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_tunnel: fix geneve_opt type confusion addition\n\nWhen handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the\nparsing logic should place every geneve_opt structure one by one\ncompactly. Hence, when deciding the next geneve_opt position, the\npointer addition should be in units of char *.\n\nHowever, the current implementation erroneously does type conversion\nbefore the addition, which will lead to heap out-of-bounds write.\n\n[ 6.989857] ==================================================================\n[ 6.990293] BUG: KASAN: slab-out-of-bounds in nft_tunnel_obj_init+0x977/0xa70\n[ 6.990725] Write of size 124 at addr ffff888005f18974 by task poc/178\n[ 6.991162]\n[ 6.991259] CPU: 0 PID: 178 Comm: poc-oob-write Not tainted 6.1.132 #1\n[ 6.991655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 6.992281] Call Trace:\n[ 6.992423] \u003cTASK\u003e\n[ 6.992586] dump_stack_lvl+0x44/0x5c\n[ 6.992801] print_report+0x184/0x4be\n[ 6.993790] kasan_report+0xc5/0x100\n[ 6.994252] kasan_check_range+0xf3/0x1a0\n[ 6.994486] memcpy+0x38/0x60\n[ 6.994692] nft_tunnel_obj_init+0x977/0xa70\n[ 6.995677] nft_obj_init+0x10c/0x1b0\n[ 6.995891] nf_tables_newobj+0x585/0x950\n[ 6.996922] nfnetlink_rcv_batch+0xdf9/0x1020\n[ 6.998997] nfnetlink_rcv+0x1df/0x220\n[ 6.999537] netlink_unicast+0x395/0x530\n[ 7.000771] netlink_sendmsg+0x3d0/0x6d0\n[ 7.001462] __sock_sendmsg+0x99/0xa0\n[ 7.001707] ____sys_sendmsg+0x409/0x450\n[ 7.002391] ___sys_sendmsg+0xfd/0x170\n[ 7.003145] __sys_sendmsg+0xea/0x170\n[ 7.004359] do_syscall_64+0x5e/0x90\n[ 7.005817] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 7.006127] RIP: 0033:0x7ec756d4e407\n[ 7.006339] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 7.007364] RSP: 002b:00007ffed5d46760 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n[ 7.007827] RAX: ffffffffffffffda RBX: 00007ec756cc4740 RCX: 00007ec756d4e407\n[ 7.008223] RDX: 0000000000000000 RSI: 00007ffed5d467f0 RDI: 0000000000000003\n[ 7.008620] RBP: 00007ffed5d468a0 R08: 0000000000000000 R09: 0000000000000000\n[ 7.009039] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n[ 7.009429] R13: 00007ffed5d478b0 R14: 00007ec756ee5000 R15: 00005cbd4e655cb8\n\nFix this bug with correct pointer addition and conversion in parse\nand dump code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22056",
"url": "https://www.suse.com/security/cve/CVE-2025-22056"
},
{
"category": "external",
"summary": "SUSE Bug 1241525 for CVE-2025-22056",
"url": "https://bugzilla.suse.com/1241525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22056"
},
{
"cve": "CVE-2025-22057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: decrease cached dst counters in dst_release\n\nUpstream fix ac888d58869b (\"net: do not delay dst_entries_add() in\ndst_release()\") moved decrementing the dst count from dst_destroy to\ndst_release to avoid accessing already freed data in case of netns\ndismantle. However in case CONFIG_DST_CACHE is enabled and OvS+tunnels\nare used, this fix is incomplete as the same issue will be seen for\ncached dsts:\n\n Unable to handle kernel paging request at virtual address ffff5aabf6b5c000\n Call trace:\n percpu_counter_add_batch+0x3c/0x160 (P)\n dst_release+0xec/0x108\n dst_cache_destroy+0x68/0xd8\n dst_destroy+0x13c/0x168\n dst_destroy_rcu+0x1c/0xb0\n rcu_do_batch+0x18c/0x7d0\n rcu_core+0x174/0x378\n rcu_core_si+0x18/0x30\n\nFix this by invalidating the cache, and thus decrementing cached dst\ncounters, in dst_release too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22057",
"url": "https://www.suse.com/security/cve/CVE-2025-22057"
},
{
"category": "external",
"summary": "SUSE Bug 1241533 for CVE-2025-22057",
"url": "https://bugzilla.suse.com/1241533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22057"
},
{
"cve": "CVE-2025-22058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Fix memory accounting leak.\n\nMatt Dowling reported a weird UDP memory usage issue.\n\nUnder normal operation, the UDP memory usage reported in /proc/net/sockstat\nremains close to zero. However, it occasionally spiked to 524,288 pages\nand never dropped. Moreover, the value doubled when the application was\nterminated. Finally, it caused intermittent packet drops.\n\nWe can reproduce the issue with the script below [0]:\n\n 1. /proc/net/sockstat reports 0 pages\n\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 1 mem 0\n\n 2. Run the script till the report reaches 524,288\n\n # python3 test.py \u0026 sleep 5\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 3 mem 524288 \u003c-- (INT_MAX + 1) \u003e\u003e PAGE_SHIFT\n\n 3. Kill the socket and confirm the number never drops\n\n # pkill python3 \u0026\u0026 sleep 5\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 1 mem 524288\n\n 4. (necessary since v6.0) Trigger proto_memory_pcpu_drain()\n\n # python3 test.py \u0026 sleep 1 \u0026\u0026 pkill python3\n\n 5. The number doubles\n\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 1 mem 1048577\n\nThe application set INT_MAX to SO_RCVBUF, which triggered an integer\noverflow in udp_rmem_release().\n\nWhen a socket is close()d, udp_destruct_common() purges its receive\nqueue and sums up skb-\u003etruesize in the queue. This total is calculated\nand stored in a local unsigned integer variable.\n\nThe total size is then passed to udp_rmem_release() to adjust memory\naccounting. However, because the function takes a signed integer\nargument, the total size can wrap around, causing an overflow.\n\nThen, the released amount is calculated as follows:\n\n 1) Add size to sk-\u003esk_forward_alloc.\n 2) Round down sk-\u003esk_forward_alloc to the nearest lower multiple of\n PAGE_SIZE and assign it to amount.\n 3) Subtract amount from sk-\u003esk_forward_alloc.\n 4) Pass amount \u003e\u003e PAGE_SHIFT to __sk_mem_reduce_allocated().\n\nWhen the issue occurred, the total in udp_destruct_common() was 2147484480\n(INT_MAX + 833), which was cast to -2147482816 in udp_rmem_release().\n\nAt 1) sk-\u003esk_forward_alloc is changed from 3264 to -2147479552, and\n2) sets -2147479552 to amount. 3) reverts the wraparound, so we don\u0027t\nsee a warning in inet_sock_destruct(). However, udp_memory_allocated\nends up doubling at 4).\n\nSince commit 3cd3399dd7a8 (\"net: implement per-cpu reserves for\nmemory_allocated\"), memory usage no longer doubles immediately after\na socket is close()d because __sk_mem_reduce_allocated() caches the\namount in udp_memory_per_cpu_fw_alloc. However, the next time a UDP\nsocket receives a packet, the subtraction takes effect, causing UDP\nmemory usage to double.\n\nThis issue makes further memory allocation fail once the socket\u0027s\nsk-\u003esk_rmem_alloc exceeds net.ipv4.udp_rmem_min, resulting in packet\ndrops.\n\nTo prevent this issue, let\u0027s use unsigned int for the calculation and\ncall sk_forward_alloc_add() only once for the small delta.\n\nNote that first_packet_length() also potentially has the same problem.\n\n[0]:\nfrom socket import *\n\nSO_RCVBUFFORCE = 33\nINT_MAX = (2 ** 31) - 1\n\ns = socket(AF_INET, SOCK_DGRAM)\ns.bind((\u0027\u0027, 0))\ns.setsockopt(SOL_SOCKET, SO_RCVBUFFORCE, INT_MAX)\n\nc = socket(AF_INET, SOCK_DGRAM)\nc.connect(s.getsockname())\n\ndata = b\u0027a\u0027 * 100\n\nwhile True:\n c.send(data)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22058",
"url": "https://www.suse.com/security/cve/CVE-2025-22058"
},
{
"category": "external",
"summary": "SUSE Bug 1241332 for CVE-2025-22058",
"url": "https://bugzilla.suse.com/1241332"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22058"
},
{
"cve": "CVE-2025-22062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: add mutual exclusion in proc_sctp_do_udp_port()\n\nWe must serialize calls to sctp_udp_sock_stop() and sctp_udp_sock_start()\nor risk a crash as syzbot reported:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000000d: 0000 [#1] SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f]\nCPU: 1 UID: 0 PID: 6551 Comm: syz.1.44 Not tainted 6.14.0-syzkaller-g7f2ff7b62617 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\n RIP: 0010:kernel_sock_shutdown+0x47/0x70 net/socket.c:3653\nCall Trace:\n \u003cTASK\u003e\n udp_tunnel_sock_release+0x68/0x80 net/ipv4/udp_tunnel_core.c:181\n sctp_udp_sock_stop+0x71/0x160 net/sctp/protocol.c:930\n proc_sctp_do_udp_port+0x264/0x450 net/sctp/sysctl.c:553\n proc_sys_call_handler+0x3d0/0x5b0 fs/proc/proc_sysctl.c:601\n iter_file_splice_write+0x91c/0x1150 fs/splice.c:738\n do_splice_from fs/splice.c:935 [inline]\n direct_splice_actor+0x18f/0x6c0 fs/splice.c:1158\n splice_direct_to_actor+0x342/0xa30 fs/splice.c:1102\n do_splice_direct_actor fs/splice.c:1201 [inline]\n do_splice_direct+0x174/0x240 fs/splice.c:1227\n do_sendfile+0xafd/0xe50 fs/read_write.c:1368\n __do_sys_sendfile64 fs/read_write.c:1429 [inline]\n __se_sys_sendfile64 fs/read_write.c:1415 [inline]\n __x64_sys_sendfile64+0x1d8/0x220 fs/read_write.c:1415\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22062",
"url": "https://www.suse.com/security/cve/CVE-2025-22062"
},
{
"category": "external",
"summary": "SUSE Bug 1241412 for CVE-2025-22062",
"url": "https://bugzilla.suse.com/1241412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22062"
},
{
"cve": "CVE-2025-22063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets\n\nWhen calling netlbl_conn_setattr(), addr-\u003esa_family is used\nto determine the function behavior. If sk is an IPv4 socket,\nbut the connect function is called with an IPv6 address,\nthe function calipso_sock_setattr() is triggered.\nInside this function, the following code is executed:\n\nsk_fullsock(__sk) ? inet_sk(__sk)-\u003epinet6 : NULL;\n\nSince sk is an IPv4 socket, pinet6 is NULL, leading to a\nnull pointer dereference.\n\nThis patch fixes the issue by checking if inet6_sk(sk)\nreturns a NULL pointer before accessing pinet6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22063",
"url": "https://www.suse.com/security/cve/CVE-2025-22063"
},
{
"category": "external",
"summary": "SUSE Bug 1241351 for CVE-2025-22063",
"url": "https://bugzilla.suse.com/1241351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22063"
},
{
"cve": "CVE-2025-22064",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22064"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t unregister hook when table is dormant\n\nWhen nf_tables_updchain encounters an error, hook registration needs to\nbe rolled back.\n\nThis should only be done if the hook has been registered, which won\u0027t\nhappen when the table is flagged as dormant (inactive).\n\nJust move the assignment into the registration block.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22064",
"url": "https://www.suse.com/security/cve/CVE-2025-22064"
},
{
"category": "external",
"summary": "SUSE Bug 1241413 for CVE-2025-22064",
"url": "https://bugzilla.suse.com/1241413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22064"
},
{
"cve": "CVE-2025-22065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix adapter NULL pointer dereference on reboot\n\nWith SRIOV enabled, idpf ends up calling into idpf_remove() twice.\nFirst via idpf_shutdown() and then again when idpf_remove() calls into\nsriov_disable(), because the VF devices use the idpf driver, hence the\nsame remove routine. When that happens, it is possible for the adapter\nto be NULL from the first call to idpf_remove(), leading to a NULL\npointer dereference.\n\necho 1 \u003e /sys/class/net/\u003cnetif\u003e/device/sriov_numvfs\nreboot\n\nBUG: kernel NULL pointer dereference, address: 0000000000000020\n...\nRIP: 0010:idpf_remove+0x22/0x1f0 [idpf]\n...\n? idpf_remove+0x22/0x1f0 [idpf]\n? idpf_remove+0x1e4/0x1f0 [idpf]\npci_device_remove+0x3f/0xb0\ndevice_release_driver_internal+0x19f/0x200\npci_stop_bus_device+0x6d/0x90\npci_stop_and_remove_bus_device+0x12/0x20\npci_iov_remove_virtfn+0xbe/0x120\nsriov_disable+0x34/0xe0\nidpf_sriov_configure+0x58/0x140 [idpf]\nidpf_remove+0x1b9/0x1f0 [idpf]\nidpf_shutdown+0x12/0x30 [idpf]\npci_device_shutdown+0x35/0x60\ndevice_shutdown+0x156/0x200\n...\n\nReplace the direct idpf_remove() call in idpf_shutdown() with\nidpf_vc_core_deinit() and idpf_deinit_dflt_mbx(), which perform\nthe bulk of the cleanup, such as stopping the init task, freeing IRQs,\ndestroying the vports and freeing the mailbox. This avoids the calls to\nsriov_disable() in addition to a small netdev cleanup, and destroying\nworkqueues, which don\u0027t seem to be required on shutdown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22065",
"url": "https://www.suse.com/security/cve/CVE-2025-22065"
},
{
"category": "external",
"summary": "SUSE Bug 1241333 for CVE-2025-22065",
"url": "https://bugzilla.suse.com/1241333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22065"
},
{
"cve": "CVE-2025-22070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: fix NULL pointer dereference on mkdir\n\nWhen a 9p tree was mounted with option \u0027posixacl\u0027, parent directory had a\ndefault ACL set for its subdirectories, e.g.:\n\n setfacl -m default:group:simpsons:rwx parentdir\n\nthen creating a subdirectory crashed 9p client, as v9fs_fid_add() call in\nfunction v9fs_vfs_mkdir_dotl() sets the passed \u0027fid\u0027 pointer to NULL\n(since dafbe689736) even though the subsequent v9fs_set_create_acl() call\nexpects a valid non-NULL \u0027fid\u0027 pointer:\n\n [ 37.273191] BUG: kernel NULL pointer dereference, address: 0000000000000000\n ...\n [ 37.322338] Call Trace:\n [ 37.323043] \u003cTASK\u003e\n [ 37.323621] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434)\n [ 37.324448] ? page_fault_oops (arch/x86/mm/fault.c:714)\n [ 37.325532] ? search_module_extables (kernel/module/main.c:3733)\n [ 37.326742] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.328006] ? search_bpf_extables (kernel/bpf/core.c:804)\n [ 37.329142] ? exc_page_fault (./arch/x86/include/asm/paravirt.h:686 arch/x86/mm/fault.c:1488 arch/x86/mm/fault.c:1538)\n [ 37.330196] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:574)\n [ 37.331330] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.332562] ? v9fs_fid_xattr_get (fs/9p/xattr.c:30) 9p\n [ 37.333824] v9fs_fid_xattr_set (fs/9p/fid.h:23 fs/9p/xattr.c:121) 9p\n [ 37.335077] v9fs_set_acl (fs/9p/acl.c:276) 9p\n [ 37.336112] v9fs_set_create_acl (fs/9p/acl.c:307) 9p\n [ 37.337326] v9fs_vfs_mkdir_dotl (fs/9p/vfs_inode_dotl.c:411) 9p\n [ 37.338590] vfs_mkdir (fs/namei.c:4313)\n [ 37.339535] do_mkdirat (fs/namei.c:4336)\n [ 37.340465] __x64_sys_mkdir (fs/namei.c:4354)\n [ 37.341455] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n [ 37.342447] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by simply swapping the sequence of these two calls in\nv9fs_vfs_mkdir_dotl(), i.e. calling v9fs_set_create_acl() before\nv9fs_fid_add().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22070",
"url": "https://www.suse.com/security/cve/CVE-2025-22070"
},
{
"category": "external",
"summary": "SUSE Bug 1241305 for CVE-2025-22070",
"url": "https://bugzilla.suse.com/1241305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22070"
},
{
"cve": "CVE-2025-22075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: Allocate vfinfo size for VF GUIDs when supported\n\nCommit 30aad41721e0 (\"net/core: Add support for getting VF GUIDs\")\nadded support for getting VF port and node GUIDs in netlink ifinfo\nmessages, but their size was not taken into consideration in the\nfunction that allocates the netlink message, causing the following\nwarning when a netlink message is filled with many VF port and node\nGUIDs:\n # echo 64 \u003e /sys/bus/pci/devices/0000\\:08\\:00.0/sriov_numvfs\n # ip link show dev ib0\n RTNETLINK answers: Message too long\n Cannot send link get request: Message too long\n\nKernel warning:\n\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 1930 at net/core/rtnetlink.c:4151 rtnl_getlink+0x586/0x5a0\n Modules linked in: xt_conntrack xt_MASQUERADE nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter overlay mlx5_ib macsec mlx5_core tls rpcrdma rdma_ucm ib_uverbs ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm iw_cm ib_ipoib fuse ib_cm ib_core\n CPU: 2 UID: 0 PID: 1930 Comm: ip Not tainted 6.14.0-rc2+ #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:rtnl_getlink+0x586/0x5a0\n Code: cb 82 e8 3d af 0a 00 4d 85 ff 0f 84 08 ff ff ff 4c 89 ff 41 be ea ff ff ff e8 66 63 5b ff 49 c7 07 80 4f cb 82 e9 36 fc ff ff \u003c0f\u003e 0b e9 16 fe ff ff e8 de a0 56 00 66 66 2e 0f 1f 84 00 00 00 00\n RSP: 0018:ffff888113557348 EFLAGS: 00010246\n RAX: 00000000ffffffa6 RBX: ffff88817e87aa34 RCX: dffffc0000000000\n RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffff88817e87afb8\n RBP: 0000000000000009 R08: ffffffff821f44aa R09: 0000000000000000\n R10: ffff8881260f79a8 R11: ffff88817e87af00 R12: ffff88817e87aa00\n R13: ffffffff8563d300 R14: 00000000ffffffa6 R15: 00000000ffffffff\n FS: 00007f63a5dbf280(0000) GS:ffff88881ee00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f63a5ba4493 CR3: 00000001700fe002 CR4: 0000000000772eb0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0xa5/0x230\n ? rtnl_getlink+0x586/0x5a0\n ? report_bug+0x22d/0x240\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x14/0x50\n ? asm_exc_invalid_op+0x16/0x20\n ? skb_trim+0x6a/0x80\n ? rtnl_getlink+0x586/0x5a0\n ? __pfx_rtnl_getlink+0x10/0x10\n ? rtnetlink_rcv_msg+0x1e5/0x860\n ? __pfx___mutex_lock+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? __pfx_lock_acquire+0x10/0x10\n ? stack_trace_save+0x90/0xd0\n ? filter_irq_stacks+0x1d/0x70\n ? kasan_save_stack+0x30/0x40\n ? kasan_save_stack+0x20/0x40\n ? kasan_save_track+0x10/0x30\n rtnetlink_rcv_msg+0x21c/0x860\n ? entry_SYSCALL_64_after_hwframe+0x76/0x7e\n ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n ? arch_stack_walk+0x9e/0xf0\n ? rcu_is_watching+0x34/0x60\n ? lock_acquire+0xd5/0x410\n ? rcu_is_watching+0x34/0x60\n netlink_rcv_skb+0xe0/0x210\n ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n ? __pfx_netlink_rcv_skb+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? __pfx___netlink_lookup+0x10/0x10\n ? lock_release+0x62/0x200\n ? netlink_deliver_tap+0xfd/0x290\n ? rcu_is_watching+0x34/0x60\n ? lock_release+0x62/0x200\n ? netlink_deliver_tap+0x95/0x290\n netlink_unicast+0x31f/0x480\n ? __pfx_netlink_unicast+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? lock_acquire+0xd5/0x410\n netlink_sendmsg+0x369/0x660\n ? lock_release+0x62/0x200\n ? __pfx_netlink_sendmsg+0x10/0x10\n ? import_ubuf+0xb9/0xf0\n ? __import_iovec+0x254/0x2b0\n ? lock_release+0x62/0x200\n ? __pfx_netlink_sendmsg+0x10/0x10\n ____sys_sendmsg+0x559/0x5a0\n ? __pfx_____sys_sendmsg+0x10/0x10\n ? __pfx_copy_msghdr_from_user+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? do_read_fault+0x213/0x4a0\n ? rcu_is_watching+0x34/0x60\n ___sys_sendmsg+0xe4/0x150\n ? __pfx____sys_sendmsg+0x10/0x10\n ? do_fault+0x2cc/0x6f0\n ? handle_pte_fault+0x2e3/0x3d0\n ? __pfx_handle_pte_fault+0x10/0x10\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22075",
"url": "https://www.suse.com/security/cve/CVE-2025-22075"
},
{
"category": "external",
"summary": "SUSE Bug 1241402 for CVE-2025-22075",
"url": "https://bugzilla.suse.com/1241402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22075"
},
{
"cve": "CVE-2025-22085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Fix use-after-free when rename device name\n\nSyzbot reported a slab-use-after-free with the following call trace:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in nla_put+0xd3/0x150 lib/nlattr.c:1099\nRead of size 5 at addr ffff888140ea1c60 by task syz.0.988/10025\n\nCPU: 0 UID: 0 PID: 10025 Comm: syz.0.988\nNot tainted 6.14.0-rc4-syzkaller-00859-gf77f12010f67 #0\nHardware name: Google Compute Engine, BIOS Google 02/12/2025\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0x16e/0x5b0 mm/kasan/report.c:521\n kasan_report+0x143/0x180 mm/kasan/report.c:634\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105\n nla_put+0xd3/0x150 lib/nlattr.c:1099\n nla_put_string include/net/netlink.h:1621 [inline]\n fill_nldev_handle+0x16e/0x200 drivers/infiniband/core/nldev.c:265\n rdma_nl_notify_event+0x561/0xef0 drivers/infiniband/core/nldev.c:2857\n ib_device_notify_register+0x22/0x230 drivers/infiniband/core/device.c:1344\n ib_register_device+0x1292/0x1460 drivers/infiniband/core/device.c:1460\n rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540\n rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550\n rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212\n nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795\n rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline]\n rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259\n netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339\n netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1883\n sock_sendmsg_nosec net/socket.c:709 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:724\n ____sys_sendmsg+0x53a/0x860 net/socket.c:2564\n ___sys_sendmsg net/socket.c:2618 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2650\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f42d1b8d169\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 ...\nRSP: 002b:00007f42d2960038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f42d1da6320 RCX: 00007f42d1b8d169\nRDX: 0000000000000000 RSI: 00004000000002c0 RDI: 000000000000000c\nRBP: 00007f42d1c0e2a0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007f42d1da6320 R15: 00007ffe399344a8\n \u003c/TASK\u003e\n\nAllocated by task 10025:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4294 [inline]\n __kmalloc_node_track_caller_noprof+0x28b/0x4c0 mm/slub.c:4313\n __kmemdup_nul mm/util.c:61 [inline]\n kstrdup+0x42/0x100 mm/util.c:81\n kobject_set_name_vargs+0x61/0x120 lib/kobject.c:274\n dev_set_name+0xd5/0x120 drivers/base/core.c:3468\n assign_name drivers/infiniband/core/device.c:1202 [inline]\n ib_register_device+0x178/0x1460 drivers/infiniband/core/device.c:1384\n rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540\n rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550\n rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212\n nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795\n rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline]\n rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259\n netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339\n netlink_sendmsg+0x8de/0xcb0 net\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22085",
"url": "https://www.suse.com/security/cve/CVE-2025-22085"
},
{
"category": "external",
"summary": "SUSE Bug 1241419 for CVE-2025-22085",
"url": "https://bugzilla.suse.com/1241419"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22085"
},
{
"cve": "CVE-2025-22086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow\n\nWhen cur_qp isn\u0027t NULL, in order to avoid fetching the QP from\nthe radix tree again we check if the next cqe QP is identical to\nthe one we already have.\n\nThe bug however is that we are checking if the QP is identical by\nchecking the QP number inside the CQE against the QP number inside the\nmlx5_ib_qp, but that\u0027s wrong since the QP number from the CQE is from\nFW so it should be matched against mlx5_core_qp which is our FW QP\nnumber.\n\nOtherwise we could use the wrong QP when handling a CQE which could\ncause the kernel trace below.\n\nThis issue is mainly noticeable over QPs 0 \u0026 1, since for now they are\nthe only QPs in our driver whereas the QP number inside mlx5_ib_qp\ndoesn\u0027t match the QP number inside mlx5_core_qp.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000012\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP\n CPU: 0 UID: 0 PID: 7927 Comm: kworker/u62:1 Not tainted 6.14.0-rc3+ #189\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n Workqueue: ib-comp-unb-wq ib_cq_poll_work [ib_core]\n RIP: 0010:mlx5_ib_poll_cq+0x4c7/0xd90 [mlx5_ib]\n Code: 03 00 00 8d 58 ff 21 cb 66 39 d3 74 39 48 c7 c7 3c 89 6e a0 0f b7 db e8 b7 d2 b3 e0 49 8b 86 60 03 00 00 48 c7 c7 4a 89 6e a0 \u003c0f\u003e b7 5c 98 02 e8 9f d2 b3 e0 41 0f b7 86 78 03 00 00 83 e8 01 21\n RSP: 0018:ffff88810511bd60 EFLAGS: 00010046\n RAX: 0000000000000010 RBX: 0000000000000000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff88885fa1b3c0 RDI: ffffffffa06e894a\n RBP: 00000000000000b0 R08: 0000000000000000 R09: ffff88810511bc10\n R10: 0000000000000001 R11: 0000000000000001 R12: ffff88810d593000\n R13: ffff88810e579108 R14: ffff888105146000 R15: 00000000000000b0\n FS: 0000000000000000(0000) GS:ffff88885fa00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000012 CR3: 00000001077e6001 CR4: 0000000000370eb0\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x150/0x3e0\n ? exc_page_fault+0x74/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? mlx5_ib_poll_cq+0x4c7/0xd90 [mlx5_ib]\n __ib_process_cq+0x5a/0x150 [ib_core]\n ib_cq_poll_work+0x31/0x90 [ib_core]\n process_one_work+0x169/0x320\n worker_thread+0x288/0x3a0\n ? work_busy+0xb0/0xb0\n kthread+0xd7/0x1f0\n ? kthreads_online_cpu+0x130/0x130\n ? kthreads_online_cpu+0x130/0x130\n ret_from_fork+0x2d/0x50\n ? kthreads_online_cpu+0x130/0x130\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22086",
"url": "https://www.suse.com/security/cve/CVE-2025-22086"
},
{
"category": "external",
"summary": "SUSE Bug 1241458 for CVE-2025-22086",
"url": "https://bugzilla.suse.com/1241458"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22086"
},
{
"cve": "CVE-2025-22088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/erdma: Prevent use-after-free in erdma_accept_newconn()\n\nAfter the erdma_cep_put(new_cep) being called, new_cep will be freed,\nand the following dereference will cause a UAF problem. Fix this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22088",
"url": "https://www.suse.com/security/cve/CVE-2025-22088"
},
{
"category": "external",
"summary": "SUSE Bug 1241528 for CVE-2025-22088",
"url": "https://bugzilla.suse.com/1241528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22088"
},
{
"cve": "CVE-2025-22091",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22091"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix page_size variable overflow\n\nChange all variables storing mlx5_umem_mkc_find_best_pgsz() result to\nunsigned long to support values larger than 31 and avoid overflow.\n\nFor example: If we try to register 4GB of memory that is contiguous in\nphysical memory, the driver will optimize the page_size and try to use\nan mkey with 4GB entity size. The \u0027unsigned int\u0027 page_size variable will\noverflow to \u00270\u0027 and we\u0027ll hit the WARN_ON() in alloc_cacheable_mr().\n\nWARNING: CPU: 2 PID: 1203 at drivers/infiniband/hw/mlx5/mr.c:1124 alloc_cacheable_mr+0x22/0x580 [mlx5_ib]\nModules linked in: mlx5_ib mlx5_core bonding ip6_gre ip6_tunnel tunnel6 ip_gre gre rdma_rxe rdma_ucm ib_uverbs ib_ipoib ib_umad rpcrdma ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm fuse ib_core [last unloaded: mlx5_core]\nCPU: 2 UID: 70878 PID: 1203 Comm: rdma_resource_l Tainted: G W 6.14.0-rc4-dirty #43\nTainted: [W]=WARN\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:alloc_cacheable_mr+0x22/0x580 [mlx5_ib]\nCode: 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 41 52 53 48 83 ec 30 f6 46 28 04 4c 8b 77 08 75 21 \u003c0f\u003e 0b 49 c7 c2 ea ff ff ff 48 8d 65 d0 4c 89 d0 5b 41 5a 41 5c 41\nRSP: 0018:ffffc900006ffac8 EFLAGS: 00010246\nRAX: 0000000004c0d0d0 RBX: ffff888217a22000 RCX: 0000000000100001\nRDX: 00007fb7ac480000 RSI: ffff8882037b1240 RDI: ffff8882046f0600\nRBP: ffffc900006ffb28 R08: 0000000000000001 R09: 0000000000000000\nR10: 00000000000007e0 R11: ffffea0008011d40 R12: ffff8882037b1240\nR13: ffff8882046f0600 R14: ffff888217a22000 R15: ffffc900006ffe00\nFS: 00007fb7ed013340(0000) GS:ffff88885fd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fb7ed1d8000 CR3: 00000001fd8f6006 CR4: 0000000000772eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __warn+0x81/0x130\n ? alloc_cacheable_mr+0x22/0x580 [mlx5_ib]\n ? report_bug+0xfc/0x1e0\n ? handle_bug+0x55/0x90\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? alloc_cacheable_mr+0x22/0x580 [mlx5_ib]\n create_real_mr+0x54/0x150 [mlx5_ib]\n ib_uverbs_reg_mr+0x17f/0x2a0 [ib_uverbs]\n ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0xca/0x140 [ib_uverbs]\n ib_uverbs_run_method+0x6d0/0x780 [ib_uverbs]\n ? __pfx_ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0x10/0x10 [ib_uverbs]\n ib_uverbs_cmd_verbs+0x19b/0x360 [ib_uverbs]\n ? walk_system_ram_range+0x79/0xd0\n ? ___pte_offset_map+0x1b/0x110\n ? __pte_offset_map_lock+0x80/0x100\n ib_uverbs_ioctl+0xac/0x110 [ib_uverbs]\n __x64_sys_ioctl+0x94/0xb0\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7fb7ecf0737b\nCode: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 7d 2a 0f 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffdbe03ecc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffdbe03edb8 RCX: 00007fb7ecf0737b\nRDX: 00007ffdbe03eda0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffdbe03ed80 R08: 00007fb7ecc84010 R09: 00007ffdbe03eed4\nR10: 0000000000000009 R11: 0000000000000246 R12: 00007ffdbe03eed4\nR13: 000000000000000c R14: 000000000000000c R15: 00007fb7ecc84150\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22091",
"url": "https://www.suse.com/security/cve/CVE-2025-22091"
},
{
"category": "external",
"summary": "SUSE Bug 1241535 for CVE-2025-22091",
"url": "https://bugzilla.suse.com/1241535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22091"
},
{
"cve": "CVE-2025-22093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: avoid NPD when ASIC does not support DMUB\n\nctx-\u003edmub_srv will de NULL if the ASIC does not support DMUB, which is\ntested in dm_dmub_sw_init.\n\nHowever, it will be dereferenced in dmub_hw_lock_mgr_cmd if\nshould_use_dmub_lock returns true.\n\nThis has been the case since dmub support has been added for PSR1.\n\nFix this by checking for dmub_srv in should_use_dmub_lock.\n\n[ 37.440832] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 37.447808] #PF: supervisor read access in kernel mode\n[ 37.452959] #PF: error_code(0x0000) - not-present page\n[ 37.458112] PGD 0 P4D 0\n[ 37.460662] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 37.465553] CPU: 2 UID: 1000 PID: 1745 Comm: DrmThread Not tainted 6.14.0-rc1-00003-gd62e938120f0 #23 99720e1cb1e0fc4773b8513150932a07de3c6e88\n[ 37.478324] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[ 37.487103] RIP: 0010:dmub_hw_lock_mgr_cmd+0x77/0xb0\n[ 37.492074] Code: 44 24 0e 00 00 00 00 48 c7 04 24 45 00 00 0c 40 88 74 24 0d 0f b6 02 88 44 24 0c 8b 01 89 44 24 08 85 f6 75 05 c6 44 24 0e 01 \u003c48\u003e 8b 7f 58 48 89 e6 ba 01 00 00 00 e8 08 3c 2a 00 65 48 8b 04 5\n[ 37.510822] RSP: 0018:ffff969442853300 EFLAGS: 00010202\n[ 37.516052] RAX: 0000000000000000 RBX: ffff92db03000000 RCX: ffff969442853358\n[ 37.523185] RDX: ffff969442853368 RSI: 0000000000000001 RDI: 0000000000000000\n[ 37.530322] RBP: 0000000000000001 R08: 00000000000004a7 R09: 00000000000004a5\n[ 37.537453] R10: 0000000000000476 R11: 0000000000000062 R12: ffff92db0ade8000\n[ 37.544589] R13: ffff92da01180ae0 R14: ffff92da011802a8 R15: ffff92db03000000\n[ 37.551725] FS: 0000784a9cdfc6c0(0000) GS:ffff92db2af00000(0000) knlGS:0000000000000000\n[ 37.559814] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 37.565562] CR2: 0000000000000058 CR3: 0000000112b1c000 CR4: 00000000003506f0\n[ 37.572697] Call Trace:\n[ 37.575152] \u003cTASK\u003e\n[ 37.577258] ? __die_body+0x66/0xb0\n[ 37.580756] ? page_fault_oops+0x3e7/0x4a0\n[ 37.584861] ? exc_page_fault+0x3e/0xe0\n[ 37.588706] ? exc_page_fault+0x5c/0xe0\n[ 37.592550] ? asm_exc_page_fault+0x22/0x30\n[ 37.596742] ? dmub_hw_lock_mgr_cmd+0x77/0xb0\n[ 37.601107] dcn10_cursor_lock+0x1e1/0x240\n[ 37.605211] program_cursor_attributes+0x81/0x190\n[ 37.609923] commit_planes_for_stream+0x998/0x1ef0\n[ 37.614722] update_planes_and_stream_v2+0x41e/0x5c0\n[ 37.619703] dc_update_planes_and_stream+0x78/0x140\n[ 37.624588] amdgpu_dm_atomic_commit_tail+0x4362/0x49f0\n[ 37.629832] ? srso_return_thunk+0x5/0x5f\n[ 37.633847] ? mark_held_locks+0x6d/0xd0\n[ 37.637774] ? _raw_spin_unlock_irq+0x24/0x50\n[ 37.642135] ? srso_return_thunk+0x5/0x5f\n[ 37.646148] ? lockdep_hardirqs_on+0x95/0x150\n[ 37.650510] ? srso_return_thunk+0x5/0x5f\n[ 37.654522] ? _raw_spin_unlock_irq+0x2f/0x50\n[ 37.658883] ? srso_return_thunk+0x5/0x5f\n[ 37.662897] ? wait_for_common+0x186/0x1c0\n[ 37.666998] ? srso_return_thunk+0x5/0x5f\n[ 37.671009] ? drm_crtc_next_vblank_start+0xc3/0x170\n[ 37.675983] commit_tail+0xf5/0x1c0\n[ 37.679478] drm_atomic_helper_commit+0x2a2/0x2b0\n[ 37.684186] drm_atomic_commit+0xd6/0x100\n[ 37.688199] ? __cfi___drm_printfn_info+0x10/0x10\n[ 37.692911] drm_atomic_helper_update_plane+0xe5/0x130\n[ 37.698054] drm_mode_cursor_common+0x501/0x670\n[ 37.702600] ? __cfi_drm_mode_cursor_ioctl+0x10/0x10\n[ 37.707572] drm_mode_cursor_ioctl+0x48/0x70\n[ 37.711851] drm_ioctl_kernel+0xf2/0x150\n[ 37.715781] drm_ioctl+0x363/0x590\n[ 37.719189] ? __cfi_drm_mode_cursor_ioctl+0x10/0x10\n[ 37.724165] amdgpu_drm_ioctl+0x41/0x80\n[ 37.728013] __se_sys_ioctl+0x7f/0xd0\n[ 37.731685] do_syscall_64+0x87/0x100\n[ 37.735355] ? vma_end_read+0x12/0xe0\n[ 37.739024] ? srso_return_thunk+0x5/0x5f\n[ 37.743041] ? find_held_lock+0x47/0xf0\n[ 37.746884] ? vma_end_read+0x12/0xe0\n[ 37.750552] ? srso_return_thunk+0x5/0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22093",
"url": "https://www.suse.com/security/cve/CVE-2025-22093"
},
{
"category": "external",
"summary": "SUSE Bug 1241545 for CVE-2025-22093",
"url": "https://bugzilla.suse.com/1241545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22093"
},
{
"cve": "CVE-2025-22094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/perf: Fix ref-counting on the PMU \u0027vpa_pmu\u0027\n\nCommit 176cda0619b6 (\"powerpc/perf: Add perf interface to expose vpa\ncounters\") introduced \u0027vpa_pmu\u0027 to expose Book3s-HV nested APIv2 provided\nL1\u003c-\u003eL2 context switch latency counters to L1 user-space via\nperf-events. However the newly introduced PMU named \u0027vpa_pmu\u0027 doesn\u0027t\nassign ownership of the PMU to the module \u0027vpa_pmu\u0027. Consequently the\nmodule \u0027vpa_pmu\u0027 can be unloaded while one of the perf-events are still\nactive, which can lead to kernel oops and panic of the form below on a\nPseries-LPAR:\n\nBUG: Kernel NULL pointer dereference on read at 0x00000058\n\u003csnip\u003e\n NIP [c000000000506cb8] event_sched_out+0x40/0x258\n LR [c00000000050e8a4] __perf_remove_from_context+0x7c/0x2b0\n Call Trace:\n [c00000025fc3fc30] [c00000025f8457a8] 0xc00000025f8457a8 (unreliable)\n [c00000025fc3fc80] [fffffffffffffee0] 0xfffffffffffffee0\n [c00000025fc3fcd0] [c000000000501e70] event_function+0xa8/0x120\n\u003csnip\u003e\n Kernel panic - not syncing: Aiee, killing interrupt handler!\n\nFix this by adding the module ownership to \u0027vpa_pmu\u0027 so that the module\n\u0027vpa_pmu\u0027 is ref-counted and prevented from being unloaded when perf-events\nare initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22094",
"url": "https://www.suse.com/security/cve/CVE-2025-22094"
},
{
"category": "external",
"summary": "SUSE Bug 1241512 for CVE-2025-22094",
"url": "https://bugzilla.suse.com/1241512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22094"
},
{
"cve": "CVE-2025-22097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vkms: Fix use after free and double free on init error\n\nIf the driver initialization fails, the vkms_exit() function might\naccess an uninitialized or freed default_config pointer and it might\ndouble free it.\n\nFix both possible errors by initializing default_config only when the\ndriver initialization succeeded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22097",
"url": "https://www.suse.com/security/cve/CVE-2025-22097"
},
{
"category": "external",
"summary": "SUSE Bug 1241541 for CVE-2025-22097",
"url": "https://bugzilla.suse.com/1241541"
},
{
"category": "external",
"summary": "SUSE Bug 1241542 for CVE-2025-22097",
"url": "https://bugzilla.suse.com/1241542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "important"
}
],
"title": "CVE-2025-22097"
},
{
"cve": "CVE-2025-22102",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22102"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Fix kernel panic during FW release\n\nThis fixes a kernel panic seen during release FW in a stress test\nscenario where WLAN and BT FW download occurs simultaneously, and due to\na HW bug, chip sends out only 1 bootloader signatures.\n\nWhen driver receives the bootloader signature, it enters FW download\nmode, but since no consequtive bootloader signatures seen, FW file is\nnot requested.\n\nAfter 60 seconds, when FW download times out, release_firmware causes a\nkernel panic.\n\n[ 2601.949184] Unable to handle kernel paging request at virtual address 0000312e6f006573\n[ 2601.992076] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000111802000\n[ 2601.992080] [0000312e6f006573] pgd=0000000000000000, p4d=0000000000000000\n[ 2601.992087] Internal error: Oops: 0000000096000021 [#1] PREEMPT SMP\n[ 2601.992091] Modules linked in: algif_hash algif_skcipher af_alg btnxpuart(O) pciexxx(O) mlan(O) overlay fsl_jr_uio caam_jr caamkeyblob_desc caamhash_desc caamalg_desc crypto_engine authenc libdes crct10dif_ce polyval_ce snd_soc_fsl_easrc snd_soc_fsl_asoc_card imx8_media_dev(C) snd_soc_fsl_micfil polyval_generic snd_soc_fsl_xcvr snd_soc_fsl_sai snd_soc_imx_audmux snd_soc_fsl_asrc snd_soc_imx_card snd_soc_imx_hdmi snd_soc_fsl_aud2htx snd_soc_fsl_utils imx_pcm_dma dw_hdmi_cec flexcan can_dev\n[ 2602.001825] CPU: 2 PID: 20060 Comm: hciconfig Tainted: G C O 6.6.23-lts-next-06236-gb586a521770e #1\n[ 2602.010182] Hardware name: NXP i.MX8MPlus EVK board (DT)\n[ 2602.010185] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 2602.010191] pc : _raw_spin_lock+0x34/0x68\n[ 2602.010201] lr : free_fw_priv+0x20/0xfc\n[ 2602.020561] sp : ffff800089363b30\n[ 2602.020563] x29: ffff800089363b30 x28: ffff0000d0eb5880 x27: 0000000000000000\n[ 2602.020570] x26: 0000000000000000 x25: ffff0000d728b330 x24: 0000000000000000\n[ 2602.020577] x23: ffff0000dc856f38\n[ 2602.033797] x22: ffff800089363b70 x21: ffff0000dc856000\n[ 2602.033802] x20: ff00312e6f006573 x19: ffff0000d0d9ea80 x18: 0000000000000000\n[ 2602.033809] x17: 0000000000000000 x16: 0000000000000000 x15: 0000aaaad80dd480\n[ 2602.083320] x14: 0000000000000000 x13: 00000000000001b9 x12: 0000000000000002\n[ 2602.083326] x11: 0000000000000000 x10: 0000000000000a60 x9 : ffff800089363a30\n[ 2602.083333] x8 : ffff0001793d75c0 x7 : ffff0000d6dbc400 x6 : 0000000000000000\n[ 2602.083339] x5 : 00000000410fd030 x4 : 0000000000000000 x3 : 0000000000000001\n[ 2602.083346] x2 : 0000000000000000 x1 : 0000000000000001 x0 : ff00312e6f006573\n[ 2602.083354] Call trace:\n[ 2602.083356] _raw_spin_lock+0x34/0x68\n[ 2602.083364] release_firmware+0x48/0x6c\n[ 2602.083370] nxp_setup+0x3c4/0x540 [btnxpuart]\n[ 2602.083383] hci_dev_open_sync+0xf0/0xa34\n[ 2602.083391] hci_dev_open+0xd8/0x178\n[ 2602.083399] hci_sock_ioctl+0x3b0/0x590\n[ 2602.083405] sock_do_ioctl+0x60/0x118\n[ 2602.083413] sock_ioctl+0x2f4/0x374\n[ 2602.091430] __arm64_sys_ioctl+0xac/0xf0\n[ 2602.091437] invoke_syscall+0x48/0x110\n[ 2602.091445] el0_svc_common.constprop.0+0xc0/0xe0\n[ 2602.091452] do_el0_svc+0x1c/0x28\n[ 2602.091457] el0_svc+0x40/0xe4\n[ 2602.091465] el0t_64_sync_handler+0x120/0x12c\n[ 2602.091470] el0t_64_sync+0x190/0x194",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22102",
"url": "https://www.suse.com/security/cve/CVE-2025-22102"
},
{
"category": "external",
"summary": "SUSE Bug 1241456 for CVE-2025-22102",
"url": "https://bugzilla.suse.com/1241456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22102"
},
{
"cve": "CVE-2025-22103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix NULL pointer dereference in l3mdev_l3_rcv\n\nWhen delete l3s ipvlan:\n\n ip link del link eth0 ipvlan1 type ipvlan mode l3s\n\nThis may cause a null pointer dereference:\n\n Call trace:\n ip_rcv_finish+0x48/0xd0\n ip_rcv+0x5c/0x100\n __netif_receive_skb_one_core+0x64/0xb0\n __netif_receive_skb+0x20/0x80\n process_backlog+0xb4/0x204\n napi_poll+0xe8/0x294\n net_rx_action+0xd8/0x22c\n __do_softirq+0x12c/0x354\n\nThis is because l3mdev_l3_rcv() visit dev-\u003el3mdev_ops after\nipvlan_l3s_unregister() assign the dev-\u003el3mdev_ops to NULL. The process\nlike this:\n\n (CPU1) | (CPU2)\n l3mdev_l3_rcv() |\n check dev-\u003epriv_flags: |\n master = skb-\u003edev; |\n |\n | ipvlan_l3s_unregister()\n | set dev-\u003epriv_flags\n | dev-\u003el3mdev_ops = NULL;\n |\n visit master-\u003el3mdev_ops |\n\nTo avoid this by do not set dev-\u003el3mdev_ops when unregister l3s ipvlan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22103",
"url": "https://www.suse.com/security/cve/CVE-2025-22103"
},
{
"category": "external",
"summary": "SUSE Bug 1241448 for CVE-2025-22103",
"url": "https://bugzilla.suse.com/1241448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22103"
},
{
"cve": "CVE-2025-22104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Use kernel helpers for hex dumps\n\nPreviously, when the driver was printing hex dumps, the buffer was cast\nto an 8 byte long and printed using string formatters. If the buffer\nsize was not a multiple of 8 then a read buffer overflow was possible.\n\nTherefore, create a new ibmvnic function that loops over a buffer and\ncalls hex_dump_to_buffer instead.\n\nThis patch address KASAN reports like the one below:\n ibmvnic 30000003 env3: Login Buffer:\n ibmvnic 30000003 env3: 01000000af000000\n \u003c...\u003e\n ibmvnic 30000003 env3: 2e6d62692e736261\n ibmvnic 30000003 env3: 65050003006d6f63\n ==================================================================\n BUG: KASAN: slab-out-of-bounds in ibmvnic_login+0xacc/0xffc [ibmvnic]\n Read of size 8 at addr c0000001331a9aa8 by task ip/17681\n \u003c...\u003e\n Allocated by task 17681:\n \u003c...\u003e\n ibmvnic_login+0x2f0/0xffc [ibmvnic]\n ibmvnic_open+0x148/0x308 [ibmvnic]\n __dev_open+0x1ac/0x304\n \u003c...\u003e\n The buggy address is located 168 bytes inside of\n allocated 175-byte region [c0000001331a9a00, c0000001331a9aaf)\n \u003c...\u003e\n =================================================================\n ibmvnic 30000003 env3: 000000000033766e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22104",
"url": "https://www.suse.com/security/cve/CVE-2025-22104"
},
{
"category": "external",
"summary": "SUSE Bug 1241550 for CVE-2025-22104",
"url": "https://bugzilla.suse.com/1241550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22104"
},
{
"cve": "CVE-2025-22107",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22107"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry()\n\nThere are actually 2 problems:\n- deleting the last element doesn\u0027t require the memmove of elements\n [i + 1, end) over it. Actually, element i+1 is out of bounds.\n- The memmove itself should move size - i - 1 elements, because the last\n element is out of bounds.\n\nThe out-of-bounds element still remains out of bounds after being\naccessed, so the problem is only that we touch it, not that it becomes\nin active use. But I suppose it can lead to issues if the out-of-bounds\nelement is part of an unmapped page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22107",
"url": "https://www.suse.com/security/cve/CVE-2025-22107"
},
{
"category": "external",
"summary": "SUSE Bug 1241575 for CVE-2025-22107",
"url": "https://bugzilla.suse.com/1241575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22107"
},
{
"cve": "CVE-2025-22108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22108"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Mask the bd_cnt field in the TX BD properly\n\nThe bd_cnt field in the TX BD specifies the total number of BDs for\nthe TX packet. The bd_cnt field has 5 bits and the maximum number\nsupported is 32 with the value 0.\n\nCONFIG_MAX_SKB_FRAGS can be modified and the total number of SKB\nfragments can approach or exceed the maximum supported by the chip.\nAdd a macro to properly mask the bd_cnt field so that the value 32\nwill be properly masked and set to 0 in the bd_cnd field.\n\nWithout this patch, the out-of-range bd_cnt value will corrupt the\nTX BD and may cause TX timeout.\n\nThe next patch will check for values exceeding 32.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22108",
"url": "https://www.suse.com/security/cve/CVE-2025-22108"
},
{
"category": "external",
"summary": "SUSE Bug 1241574 for CVE-2025-22108",
"url": "https://bugzilla.suse.com/1241574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22108"
},
{
"cve": "CVE-2025-22109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22109"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Remove broken autobind\n\nBinding AX25 socket by using the autobind feature leads to memory leaks\nin ax25_connect() and also refcount leaks in ax25_release(). Memory\nleak was detected with kmemleak:\n\n================================================================\nunreferenced object 0xffff8880253cd680 (size 96):\nbacktrace:\n__kmalloc_node_track_caller_noprof (./include/linux/kmemleak.h:43)\nkmemdup_noprof (mm/util.c:136)\nax25_rt_autobind (net/ax25/ax25_route.c:428)\nax25_connect (net/ax25/af_ax25.c:1282)\n__sys_connect_file (net/socket.c:2045)\n__sys_connect (net/socket.c:2064)\n__x64_sys_connect (net/socket.c:2067)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n================================================================\n\nWhen socket is bound, refcounts must be incremented the way it is done\nin ax25_bind() and ax25_setsockopt() (SO_BINDTODEVICE). In case of\nautobind, the refcounts are not incremented.\n\nThis bug leads to the following issue reported by Syzkaller:\n\n================================================================\nax25_connect(): syz-executor318 uses autobind, please contact jreuter@yaina.de\n------------[ cut here ]------------\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 0 PID: 5317 at lib/refcount.c:31 refcount_warn_saturate+0xfa/0x1d0 lib/refcount.c:31\nModules linked in:\nCPU: 0 UID: 0 PID: 5317 Comm: syz-executor318 Not tainted 6.14.0-rc4-syzkaller-00278-gece144f151ac #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xfa/0x1d0 lib/refcount.c:31\n...\nCall Trace:\n \u003cTASK\u003e\n __refcount_dec include/linux/refcount.h:336 [inline]\n refcount_dec include/linux/refcount.h:351 [inline]\n ref_tracker_free+0x6af/0x7e0 lib/ref_tracker.c:236\n netdev_tracker_free include/linux/netdevice.h:4302 [inline]\n netdev_put include/linux/netdevice.h:4319 [inline]\n ax25_release+0x368/0x960 net/ax25/af_ax25.c:1080\n __sock_release net/socket.c:647 [inline]\n sock_close+0xbc/0x240 net/socket.c:1398\n __fput+0x3e9/0x9f0 fs/file_table.c:464\n __do_sys_close fs/open.c:1580 [inline]\n __se_sys_close fs/open.c:1565 [inline]\n __x64_sys_close+0x7f/0x110 fs/open.c:1565\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n ...\n \u003c/TASK\u003e\n================================================================\n\nConsidering the issues above and the comments left in the code that say:\n\"check if we can remove this feature. It is broken.\"; \"autobinding in this\nmay or may not work\"; - it is better to completely remove this feature than\nto fix it because it is broken and leads to various kinds of memory bugs.\n\nNow calling connect() without first binding socket will result in an\nerror (-EINVAL). Userspace software that relies on the autobind feature\nmight get broken. However, this feature does not seem widely used with\nthis specific driver as it was not reliable at any point of time, and it\nis already broken anyway. E.g. ax25-tools and ax25-apps packages for\npopular distributions do not use the autobind feature for AF_AX25.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22109",
"url": "https://www.suse.com/security/cve/CVE-2025-22109"
},
{
"category": "external",
"summary": "SUSE Bug 1241573 for CVE-2025-22109",
"url": "https://bugzilla.suse.com/1241573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22109"
},
{
"cve": "CVE-2025-22112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix out-of-range access of vnic_info array\n\nThe bnxt_queue_{start | stop}() access vnic_info as much as allocated,\nwhich indicates bp-\u003enr_vnics.\nSo, it should not reach bp-\u003evnic_info[bp-\u003enr_vnics].",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22112",
"url": "https://www.suse.com/security/cve/CVE-2025-22112"
},
{
"category": "external",
"summary": "SUSE Bug 1241581 for CVE-2025-22112",
"url": "https://bugzilla.suse.com/1241581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22112"
},
{
"cve": "CVE-2025-22116",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22116"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: check error for register_netdev() on init\n\nCurrent init logic ignores the error code from register_netdev(),\nwhich will cause WARN_ON() on attempt to unregister it, if there was one,\nand there is no info for the user that the creation of the netdev failed.\n\nWARNING: CPU: 89 PID: 6902 at net/core/dev.c:11512 unregister_netdevice_many_notify+0x211/0x1a10\n...\n[ 3707.563641] unregister_netdev+0x1c/0x30\n[ 3707.563656] idpf_vport_dealloc+0x5cf/0xce0 [idpf]\n[ 3707.563684] idpf_deinit_task+0xef/0x160 [idpf]\n[ 3707.563712] idpf_vc_core_deinit+0x84/0x320 [idpf]\n[ 3707.563739] idpf_remove+0xbf/0x780 [idpf]\n[ 3707.563769] pci_device_remove+0xab/0x1e0\n[ 3707.563786] device_release_driver_internal+0x371/0x530\n[ 3707.563803] driver_detach+0xbf/0x180\n[ 3707.563816] bus_remove_driver+0x11b/0x2a0\n[ 3707.563829] pci_unregister_driver+0x2a/0x250\n\nIntroduce an error check and log the vport number and error code.\nOn removal make sure to check VPORT_REG_NETDEV flag prior to calling\nunregister and free on the netdev.\n\nAdd local variables for idx, vport_config and netdev for readability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22116",
"url": "https://www.suse.com/security/cve/CVE-2025-22116"
},
{
"category": "external",
"summary": "SUSE Bug 1241459 for CVE-2025-22116",
"url": "https://bugzilla.suse.com/1241459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22116"
},
{
"cve": "CVE-2025-22125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1,raid10: don\u0027t ignore IO flags\n\nIf blk-wbt is enabled by default, it\u0027s found that raid write performance\nis quite bad because all IO are throttled by wbt of underlying disks,\ndue to flag REQ_IDLE is ignored. And turns out this behaviour exist since\nblk-wbt is introduced.\n\nOther than REQ_IDLE, other flags should not be ignored as well, for\nexample REQ_META can be set for filesystems, clearing it can cause priority\nreverse problems; And REQ_NOWAIT should not be cleared as well, because\nio will wait instead of failing directly in underlying disks.\n\nFix those problems by keep IO flags from master bio.\n\nFises: f51d46d0e7cb (\"md: add support for REQ_NOWAIT\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22125",
"url": "https://www.suse.com/security/cve/CVE-2025-22125"
},
{
"category": "external",
"summary": "SUSE Bug 1241596 for CVE-2025-22125",
"url": "https://bugzilla.suse.com/1241596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22125"
},
{
"cve": "CVE-2025-22126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix mddev uaf while iterating all_mddevs list\n\nWhile iterating all_mddevs list from md_notify_reboot() and md_exit(),\nlist_for_each_entry_safe is used, and this can race with deletint the\nnext mddev, causing UAF:\n\nt1:\nspin_lock\n//list_for_each_entry_safe(mddev, n, ...)\n mddev_get(mddev1)\n // assume mddev2 is the next entry\n spin_unlock\n t2:\n //remove mddev2\n ...\n mddev_free\n spin_lock\n list_del\n spin_unlock\n kfree(mddev2)\n mddev_put(mddev1)\n spin_lock\n //continue dereference mddev2-\u003eall_mddevs\n\nThe old helper for_each_mddev() actually grab the reference of mddev2\nwhile holding the lock, to prevent from being freed. This problem can be\nfixed the same way, however, the code will be complex.\n\nHence switch to use list_for_each_entry, in this case mddev_put() can free\nthe mddev1 and it\u0027s not safe as well. Refer to md_seq_show(), also factor\nout a helper mddev_put_locked() to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22126",
"url": "https://www.suse.com/security/cve/CVE-2025-22126"
},
{
"category": "external",
"summary": "SUSE Bug 1241597 for CVE-2025-22126",
"url": "https://bugzilla.suse.com/1241597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22126"
},
{
"cve": "CVE-2025-22128",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22128"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path\n\nIf a shared IRQ is used by the driver due to platform limitation, then the\nIRQ affinity hint is set right after the allocation of IRQ vectors in\nath12k_pci_msi_alloc(). This does no harm unless one of the functions\nrequesting the IRQ fails and attempt to free the IRQ.\n\nThis may end up with a warning from the IRQ core that is expecting the\naffinity hint to be cleared before freeing the IRQ:\n\nkernel/irq/manage.c:\n\n\t/* make sure affinity_hint is cleaned up */\n\tif (WARN_ON_ONCE(desc-\u003eaffinity_hint))\n\t\tdesc-\u003eaffinity_hint = NULL;\n\nSo to fix this issue, clear the IRQ affinity hint before calling\nath12k_pci_free_irq() in the error path. The affinity will be cleared once\nagain further down the error path due to code organization, but that does\nno harm.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22128",
"url": "https://www.suse.com/security/cve/CVE-2025-22128"
},
{
"category": "external",
"summary": "SUSE Bug 1241598 for CVE-2025-22128",
"url": "https://bugzilla.suse.com/1241598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-22128"
},
{
"cve": "CVE-2025-23129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23129"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path\n\nIf a shared IRQ is used by the driver due to platform limitation, then the\nIRQ affinity hint is set right after the allocation of IRQ vectors in\nath11k_pci_alloc_msi(). This does no harm unless one of the functions\nrequesting the IRQ fails and attempt to free the IRQ. This results in the\nbelow warning:\n\nWARNING: CPU: 7 PID: 349 at kernel/irq/manage.c:1929 free_irq+0x278/0x29c\nCall trace:\n free_irq+0x278/0x29c\n ath11k_pcic_free_irq+0x70/0x10c [ath11k]\n ath11k_pci_probe+0x800/0x820 [ath11k_pci]\n local_pci_probe+0x40/0xbc\n\nThe warning is due to not clearing the affinity hint before freeing the\nIRQs.\n\nSo to fix this issue, clear the IRQ affinity hint before calling\nath11k_pcic_free_irq() in the error path. The affinity will be cleared once\nagain further down the error path due to code organization, but that does\nno harm.\n\nTested-on: QCA6390 hw2.0 PCI WLAN.HST.1.0.1-05266-QCAHSTSWPLZ_V2_TO_X86-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23129",
"url": "https://www.suse.com/security/cve/CVE-2025-23129"
},
{
"category": "external",
"summary": "SUSE Bug 1241599 for CVE-2025-23129",
"url": "https://bugzilla.suse.com/1241599"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-23129"
},
{
"cve": "CVE-2025-23131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndlm: prevent NPD when writing a positive value to event_done\n\ndo_uevent returns the value written to event_done. In case it is a\npositive value, new_lockspace would undo all the work, and lockspace\nwould not be set. __dlm_new_lockspace, however, would treat that\npositive value as a success due to commit 8511a2728ab8 (\"dlm: fix use\ncount with multiple joins\").\n\nDown the line, device_create_lockspace would pass that NULL lockspace to\ndlm_find_lockspace_local, leading to a NULL pointer dereference.\n\nTreating such positive values as successes prevents the problem. Given\nthis has been broken for so long, this is unlikely to break userspace\nexpectations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23131",
"url": "https://www.suse.com/security/cve/CVE-2025-23131"
},
{
"category": "external",
"summary": "SUSE Bug 1241601 for CVE-2025-23131",
"url": "https://bugzilla.suse.com/1241601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-23131"
},
{
"cve": "CVE-2025-23134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23134"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: timer: Don\u0027t take register_mutex with copy_from/to_user()\n\nThe infamous mmap_lock taken in copy_from/to_user() can be often\nproblematic when it\u0027s called inside another mutex, as they might lead\nto deadlocks.\n\nIn the case of ALSA timer code, the bad pattern is with\nguard(mutex)(\u0026register_mutex) that covers copy_from/to_user() -- which\nwas mistakenly introduced at converting to guard(), and it had been\ncarefully worked around in the past.\n\nThis patch fixes those pieces simply by moving copy_from/to_user() out\nof the register mutex lock again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23134",
"url": "https://www.suse.com/security/cve/CVE-2025-23134"
},
{
"category": "external",
"summary": "SUSE Bug 1241628 for CVE-2025-23134",
"url": "https://bugzilla.suse.com/1241628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-23134"
},
{
"cve": "CVE-2025-23136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23136"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: int340x: Add NULL check for adev\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL.\nThis is similar to the commit cd2fd6eab480\n(\"platform/x86: int3472: Check for adev == NULL\").\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in int3402_thermal_probe().\n\nNote, under the same directory, int3400_thermal_probe() has such a\ncheck.\n\n[ rjw: Subject edit, added Fixes: ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23136",
"url": "https://www.suse.com/security/cve/CVE-2025-23136"
},
{
"category": "external",
"summary": "SUSE Bug 1241357 for CVE-2025-23136",
"url": "https://bugzilla.suse.com/1241357"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-23136"
},
{
"cve": "CVE-2025-23138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatch_queue: fix pipe accounting mismatch\n\nCurrently, watch_queue_set_size() modifies the pipe buffers charged to\nuser-\u003epipe_bufs without updating the pipe-\u003enr_accounted on the pipe\nitself, due to the if (!pipe_has_watch_queue()) test in\npipe_resize_ring(). This means that when the pipe is ultimately freed,\nwe decrement user-\u003epipe_bufs by something other than what than we had\ncharged to it, potentially leading to an underflow. This in turn can\ncause subsequent too_many_pipe_buffers_soft() tests to fail with -EPERM.\n\nTo remedy this, explicitly account for the pipe usage in\nwatch_queue_set_size() to match the number set via account_pipe_buffers()\n\n(It\u0027s unclear why watch_queue_set_size() does not update nr_accounted;\nit may be due to intentional overprovisioning in watch_queue_set_size()?)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23138",
"url": "https://www.suse.com/security/cve/CVE-2025-23138"
},
{
"category": "external",
"summary": "SUSE Bug 1241648 for CVE-2025-23138",
"url": "https://bugzilla.suse.com/1241648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-23138"
},
{
"cve": "CVE-2025-23140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error\n\nAfter devm_request_irq() fails with error in pci_endpoint_test_request_irq(),\nthe pci_endpoint_test_free_irq_vectors() is called assuming that all IRQs\nhave been released.\n\nHowever, some requested IRQs remain unreleased, so there are still\n/proc/irq/* entries remaining, and this results in WARN() with the\nfollowing message:\n\n remove_proc_entry: removing non-empty directory \u0027irq/30\u0027, leaking at least \u0027pci-endpoint-test.0\u0027\n WARNING: CPU: 0 PID: 202 at fs/proc/generic.c:719 remove_proc_entry +0x190/0x19c\n\nTo solve this issue, set the number of remaining IRQs to test-\u003enum_irqs,\nand release IRQs in advance by calling pci_endpoint_test_release_irq().\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23140",
"url": "https://www.suse.com/security/cve/CVE-2025-23140"
},
{
"category": "external",
"summary": "SUSE Bug 1242763 for CVE-2025-23140",
"url": "https://bugzilla.suse.com/1242763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-23140"
},
{
"cve": "CVE-2025-23145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix NULL pointer in can_accept_new_subflow\n\nWhen testing valkey benchmark tool with MPTCP, the kernel panics in\n\u0027mptcp_can_accept_new_subflow\u0027 because subflow_req-\u003emsk is NULL.\n\nCall trace:\n\n mptcp_can_accept_new_subflow (./net/mptcp/subflow.c:63 (discriminator 4)) (P)\n subflow_syn_recv_sock (./net/mptcp/subflow.c:854)\n tcp_check_req (./net/ipv4/tcp_minisocks.c:863)\n tcp_v4_rcv (./net/ipv4/tcp_ipv4.c:2268)\n ip_protocol_deliver_rcu (./net/ipv4/ip_input.c:207)\n ip_local_deliver_finish (./net/ipv4/ip_input.c:234)\n ip_local_deliver (./net/ipv4/ip_input.c:254)\n ip_rcv_finish (./net/ipv4/ip_input.c:449)\n ...\n\nAccording to the debug log, the same req received two SYN-ACK in a very\nshort time, very likely because the client retransmits the syn ack due\nto multiple reasons.\n\nEven if the packets are transmitted with a relevant time interval, they\ncan be processed by the server on different CPUs concurrently). The\n\u0027subflow_req-\u003emsk\u0027 ownership is transferred to the subflow the first,\nand there will be a risk of a null pointer dereference here.\n\nThis patch fixes this issue by moving the \u0027subflow_req-\u003emsk\u0027 under the\n`own_req == true` conditional.\n\nNote that the !msk check in subflow_hmac_valid() can be dropped, because\nthe same check already exists under the own_req mpj branch where the\ncode has been moved to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23145",
"url": "https://www.suse.com/security/cve/CVE-2025-23145"
},
{
"category": "external",
"summary": "SUSE Bug 1242596 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "external",
"summary": "SUSE Bug 1242882 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "important"
}
],
"title": "CVE-2025-23145"
},
{
"cve": "CVE-2025-23150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off-by-one error in do_split\n\nSyzkaller detected a use-after-free issue in ext4_insert_dentry that was\ncaused by out-of-bounds access due to incorrect splitting in do_split.\n\nBUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nWrite of size 251 at addr ffff888074572f14 by task syz-executor335/5847\n\nCPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\n ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\n add_dirent_to_buf+0x3d9/0x750 fs/ext4/namei.c:2154\n make_indexed_dir+0xf98/0x1600 fs/ext4/namei.c:2351\n ext4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2455\n ext4_add_nondir+0x8d/0x290 fs/ext4/namei.c:2796\n ext4_symlink+0x920/0xb50 fs/ext4/namei.c:3431\n vfs_symlink+0x137/0x2e0 fs/namei.c:4615\n do_symlinkat+0x222/0x3a0 fs/namei.c:4641\n __do_sys_symlink fs/namei.c:4662 [inline]\n __se_sys_symlink fs/namei.c:4660 [inline]\n __x64_sys_symlink+0x7a/0x90 fs/namei.c:4660\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThe following loop is located right above \u0027if\u0027 statement.\n\nfor (i = count-1; i \u003e= 0; i--) {\n\t/* is more than half of this entry in 2nd half of the block? */\n\tif (size + map[i].size/2 \u003e blocksize/2)\n\t\tbreak;\n\tsize += map[i].size;\n\tmove++;\n}\n\n\u0027i\u0027 in this case could go down to -1, in which case sum of active entries\nwouldn\u0027t exceed half the block size, but previous behaviour would also do\nsplit in half if sum would exceed at the very last block, which in case of\nhaving too many long name files in a single block could lead to\nout-of-bounds access and following use-after-free.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23150",
"url": "https://www.suse.com/security/cve/CVE-2025-23150"
},
{
"category": "external",
"summary": "SUSE Bug 1242513 for CVE-2025-23150",
"url": "https://bugzilla.suse.com/1242513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-23150"
},
{
"cve": "CVE-2025-23154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23154"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/net: fix io_req_post_cqe abuse by send bundle\n\n[ 114.987980][ T5313] WARNING: CPU: 6 PID: 5313 at io_uring/io_uring.c:872 io_req_post_cqe+0x12e/0x4f0\n[ 114.991597][ T5313] RIP: 0010:io_req_post_cqe+0x12e/0x4f0\n[ 115.001880][ T5313] Call Trace:\n[ 115.002222][ T5313] \u003cTASK\u003e\n[ 115.007813][ T5313] io_send+0x4fe/0x10f0\n[ 115.009317][ T5313] io_issue_sqe+0x1a6/0x1740\n[ 115.012094][ T5313] io_wq_submit_work+0x38b/0xed0\n[ 115.013223][ T5313] io_worker_handle_work+0x62a/0x1600\n[ 115.013876][ T5313] io_wq_worker+0x34f/0xdf0\n\nAs the comment states, io_req_post_cqe() should only be used by\nmultishot requests, i.e. REQ_F_APOLL_MULTISHOT, which bundled sends are\nnot. Add a flag signifying whether a request wants to post multiple\nCQEs. Eventually REQ_F_APOLL_MULTISHOT should imply the new flag, but\nthat\u0027s left out for simplicity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23154",
"url": "https://www.suse.com/security/cve/CVE-2025-23154"
},
{
"category": "external",
"summary": "SUSE Bug 1242533 for CVE-2025-23154",
"url": "https://bugzilla.suse.com/1242533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-23154"
},
{
"cve": "CVE-2025-23160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization\n\nOn Mediatek devices with a system companion processor (SCP) the mtk_scp\nstructure has to be removed explicitly to avoid a resource leak.\nFree the structure in case the allocation of the firmware structure fails\nduring the firmware initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23160",
"url": "https://www.suse.com/security/cve/CVE-2025-23160"
},
{
"category": "external",
"summary": "SUSE Bug 1242507 for CVE-2025-23160",
"url": "https://bugzilla.suse.com/1242507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-23160"
},
{
"cve": "CVE-2025-37747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37747",
"url": "https://www.suse.com/security/cve/CVE-2025-37747"
},
{
"category": "external",
"summary": "SUSE Bug 1242520 for CVE-2025-37747",
"url": "https://bugzilla.suse.com/1242520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37747"
},
{
"cve": "CVE-2025-37748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37748"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group\n\nCurrently, mtk_iommu calls during probe iommu_device_register before\nthe hw_list from driver data is initialized. Since iommu probing issue\nfix, it leads to NULL pointer dereference in mtk_iommu_device_group when\nhw_list is accessed with list_first_entry (not null safe).\n\nSo, change the call order to ensure iommu_device_register is called\nafter the driver data are initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37748",
"url": "https://www.suse.com/security/cve/CVE-2025-37748"
},
{
"category": "external",
"summary": "SUSE Bug 1242523 for CVE-2025-37748",
"url": "https://bugzilla.suse.com/1242523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37748"
},
{
"cve": "CVE-2025-37749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ppp: Add bound checking for skb data on ppp_sync_txmung\n\nEnsure we have enough data in linear buffer from skb before accessing\ninitial bytes. This prevents potential out-of-bounds accesses\nwhen processing short packets.\n\nWhen ppp_sync_txmung receives an incoming package with an empty\npayload:\n(remote) gef\u27a4 p *(struct pppoe_hdr *) (skb-\u003ehead + skb-\u003enetwork_header)\n$18 = {\n\ttype = 0x1,\n\tver = 0x1,\n\tcode = 0x0,\n\tsid = 0x2,\n length = 0x0,\n\ttag = 0xffff8880371cdb96\n}\n\nfrom the skb struct (trimmed)\n tail = 0x16,\n end = 0x140,\n head = 0xffff88803346f400 \"4\",\n data = 0xffff88803346f416 \":\\377\",\n truesize = 0x380,\n len = 0x0,\n data_len = 0x0,\n mac_len = 0xe,\n hdr_len = 0x0,\n\nit is not safe to access data[2].\n\n[pabeni@redhat.com: fixed subj typo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37749",
"url": "https://www.suse.com/security/cve/CVE-2025-37749"
},
{
"category": "external",
"summary": "SUSE Bug 1242859 for CVE-2025-37749",
"url": "https://bugzilla.suse.com/1242859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37749"
},
{
"cve": "CVE-2025-37750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in decryption with multichannel\n\nAfter commit f7025d861694 (\"smb: client: allocate crypto only for\nprimary server\") and commit b0abcd65ec54 (\"smb: client: fix UAF in\nasync decryption\"), the channels started reusing AEAD TFM from primary\nchannel to perform synchronous decryption, but that can\u0027t done as\nthere could be multiple cifsd threads (one per channel) simultaneously\naccessing it to perform decryption.\n\nThis fixes the following KASAN splat when running fstest generic/249\nwith \u0027vers=3.1.1,multichannel,max_channels=4,seal\u0027 against Windows\nServer 2022:\n\nBUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xba/0x110\nRead of size 8 at addr ffff8881046c18a0 by task cifsd/986\nCPU: 3 UID: 0 PID: 986 Comm: cifsd Not tainted 6.15.0-rc1 #1\nPREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n print_report+0x156/0x528\n ? gf128mul_4k_lle+0xba/0x110\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? gf128mul_4k_lle+0xba/0x110\n kasan_report+0xdf/0x1a0\n ? gf128mul_4k_lle+0xba/0x110\n gf128mul_4k_lle+0xba/0x110\n ghash_update+0x189/0x210\n shash_ahash_update+0x295/0x370\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_extract_iter_to_sg+0x10/0x10\n ? ___kmalloc_large_node+0x10e/0x180\n ? __asan_memset+0x23/0x50\n crypto_ahash_update+0x3c/0xc0\n gcm_hash_assoc_remain_continue+0x93/0xc0\n crypt_message+0xe09/0xec0 [cifs]\n ? __pfx_crypt_message+0x10/0x10 [cifs]\n ? _raw_spin_unlock+0x23/0x40\n ? __pfx_cifs_readv_from_socket+0x10/0x10 [cifs]\n decrypt_raw_data+0x229/0x380 [cifs]\n ? __pfx_decrypt_raw_data+0x10/0x10 [cifs]\n ? __pfx_cifs_read_iter_from_socket+0x10/0x10 [cifs]\n smb3_receive_transform+0x837/0xc80 [cifs]\n ? __pfx_smb3_receive_transform+0x10/0x10 [cifs]\n ? __pfx___might_resched+0x10/0x10\n ? __pfx_smb3_is_transform_hdr+0x10/0x10 [cifs]\n cifs_demultiplex_thread+0x692/0x1570 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n ? rcu_is_watching+0x20/0x50\n ? rcu_lockdep_current_cpu_online+0x62/0xb0\n ? find_held_lock+0x32/0x90\n ? kvm_sched_clock_read+0x11/0x20\n ? local_clock_noinstr+0xd/0xd0\n ? trace_irq_enable.constprop.0+0xa8/0xe0\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0x1fe/0x380\n ? kthread+0x10f/0x380\n ? __pfx_kthread+0x10/0x10\n ? local_clock_noinstr+0xd/0xd0\n ? ret_from_fork+0x1b/0x60\n ? local_clock+0x15/0x30\n ? lock_release+0x29b/0x390\n ? rcu_is_watching+0x20/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37750",
"url": "https://www.suse.com/security/cve/CVE-2025-37750"
},
{
"category": "external",
"summary": "SUSE Bug 1242510 for CVE-2025-37750",
"url": "https://bugzilla.suse.com/1242510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37750"
},
{
"cve": "CVE-2025-37755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37755"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: handle page_pool_dev_alloc_pages error\n\npage_pool_dev_alloc_pages could return NULL. There was a WARN_ON(!page)\nbut it would still proceed to use the NULL pointer and then crash.\n\nThis is similar to commit 001ba0902046\n(\"net: fec: handle page_pool_dev_alloc_pages error\").\n\nThis is found by our static analysis tool KNighter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37755",
"url": "https://www.suse.com/security/cve/CVE-2025-37755"
},
{
"category": "external",
"summary": "SUSE Bug 1242506 for CVE-2025-37755",
"url": "https://bugzilla.suse.com/1242506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37755"
},
{
"cve": "CVE-2025-37773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtiofs: add filesystem context source name check\n\nIn certain scenarios, for example, during fuzz testing, the source\nname may be NULL, which could lead to a kernel panic. Therefore, an\nextra check for the source name should be added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37773",
"url": "https://www.suse.com/security/cve/CVE-2025-37773"
},
{
"category": "external",
"summary": "SUSE Bug 1242502 for CVE-2025-37773",
"url": "https://bugzilla.suse.com/1242502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37773"
},
{
"cve": "CVE-2025-37780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Prevent the use of too small fid\n\nsyzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1]\n\nThe handle_bytes value passed in by the reproducing program is equal to 12.\nIn handle_to_path(), only 12 bytes of memory are allocated for the structure\nfile_handle-\u003ef_handle member, which causes an out-of-bounds access when\naccessing the member parent_block of the structure isofs_fid in isofs,\nbecause accessing parent_block requires at least 16 bytes of f_handle.\nHere, fh_len is used to indirectly confirm that the value of handle_bytes\nis greater than 3 before accessing parent_block.\n\n[1]\nBUG: KASAN: slab-out-of-bounds in isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\nRead of size 4 at addr ffff0000cc030d94 by task syz-executor215/6466\nCPU: 1 UID: 0 PID: 6466 Comm: syz-executor215 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0x198/0x550 mm/kasan/report.c:521\n kasan_report+0xd8/0x138 mm/kasan/report.c:634\n __asan_report_load4_noabort+0x20/0x2c mm/kasan/report_generic.c:380\n isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\n exportfs_decode_fh_raw+0x2dc/0x608 fs/exportfs/expfs.c:523\n do_handle_to_path+0xa0/0x198 fs/fhandle.c:257\n handle_to_path fs/fhandle.c:385 [inline]\n do_handle_open+0x8cc/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nAllocated by task 6466:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x40/0x50 mm/kasan/generic.c:562\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xac/0xc4 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4294 [inline]\n __kmalloc_noprof+0x32c/0x54c mm/slub.c:4306\n kmalloc_noprof include/linux/slab.h:905 [inline]\n handle_to_path fs/fhandle.c:357 [inline]\n do_handle_open+0x5a4/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37780",
"url": "https://www.suse.com/security/cve/CVE-2025-37780"
},
{
"category": "external",
"summary": "SUSE Bug 1242786 for CVE-2025-37780",
"url": "https://bugzilla.suse.com/1242786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37780"
},
{
"cve": "CVE-2025-37787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered\n\nRussell King reports that a system with mv88e6xxx dereferences a NULL\npointer when unbinding this driver:\nhttps://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/\n\nThe crash seems to be in devlink_region_destroy(), which is not NULL\ntolerant but is given a NULL devlink global region pointer.\n\nAt least on some chips, some devlink regions are conditionally registered\nsince the blamed commit, see mv88e6xxx_setup_devlink_regions_global():\n\n\t\tif (cond \u0026\u0026 !cond(chip))\n\t\t\tcontinue;\n\nThese are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip\ndoes not have an STU or PVT, it should crash like this.\n\nTo fix the issue, avoid unregistering those regions which are NULL, i.e.\nwere skipped at mv88e6xxx_setup_devlink_regions_global() time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37787",
"url": "https://www.suse.com/security/cve/CVE-2025-37787"
},
{
"category": "external",
"summary": "SUSE Bug 1242585 for CVE-2025-37787",
"url": "https://bugzilla.suse.com/1242585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37787"
},
{
"cve": "CVE-2025-37789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix nested key length validation in the set() action\n\nIt\u0027s not safe to access nla_len(ovs_key) if the data is smaller than\nthe netlink header. Check that the attribute is OK first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37789",
"url": "https://www.suse.com/security/cve/CVE-2025-37789"
},
{
"category": "external",
"summary": "SUSE Bug 1242762 for CVE-2025-37789",
"url": "https://bugzilla.suse.com/1242762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37789"
},
{
"cve": "CVE-2025-37790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Set SOCK_RCU_FREE\n\nBind lookup runs under RCU, so ensure that a socket doesn\u0027t go away in\nthe middle of a lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37790",
"url": "https://www.suse.com/security/cve/CVE-2025-37790"
},
{
"category": "external",
"summary": "SUSE Bug 1242509 for CVE-2025-37790",
"url": "https://bugzilla.suse.com/1242509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37790"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37799"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp\n\nvmxnet3 driver\u0027s XDP handling is buggy for packet sizes using ring0 (that\nis, packet sizes between 128 - 3k bytes).\n\nWe noticed MTU-related connectivity issues with Cilium\u0027s service load-\nbalancing in case of vmxnet3 as NIC underneath. A simple curl to a HTTP\nbackend service where the XDP LB was doing IPIP encap led to overly large\npacket sizes but only for *some* of the packets (e.g. HTTP GET request)\nwhile others (e.g. the prior TCP 3WHS) looked completely fine on the wire.\n\nIn fact, the pcap recording on the backend node actually revealed that the\nnode with the XDP LB was leaking uninitialized kernel data onto the wire\nfor the affected packets, for example, while the packets should have been\n152 bytes their actual size was 1482 bytes, so the remainder after 152 bytes\nwas padded with whatever other data was in that page at the time (e.g. we\nsaw user/payload data from prior processed packets).\n\nWe only noticed this through an MTU issue, e.g. when the XDP LB node and\nthe backend node both had the same MTU (e.g. 1500) then the curl request\ngot dropped on the backend node\u0027s NIC given the packet was too large even\nthough the IPIP-encapped packet normally would never even come close to\nthe MTU limit. Lowering the MTU on the XDP LB (e.g. 1480) allowed to let\nthe curl request succeed (which also indicates that the kernel ignored the\npadding, and thus the issue wasn\u0027t very user-visible).\n\nCommit e127ce7699c1 (\"vmxnet3: Fix missing reserved tailroom\") was too eager\nto also switch xdp_prepare_buff() from rcd-\u003elen to rbi-\u003elen. It really needs\nto stick to rcd-\u003elen which is the actual packet length from the descriptor.\nThe latter we also feed into vmxnet3_process_xdp_small(), by the way, and\nit indicates the correct length needed to initialize the xdp-\u003e{data,data_end}\nparts. For e127ce7699c1 (\"vmxnet3: Fix missing reserved tailroom\") the\nrelevant part was adapting xdp_init_buff() to address the warning given the\nxdp_data_hard_end() depends on xdp-\u003eframe_sz. With that fixed, traffic on\nthe wire looks good again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37799",
"url": "https://www.suse.com/security/cve/CVE-2025-37799"
},
{
"category": "external",
"summary": "SUSE Bug 1242283 for CVE-2025-37799",
"url": "https://bugzilla.suse.com/1242283"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37799"
},
{
"cve": "CVE-2025-37803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudmabuf: fix a buf size overflow issue during udmabuf creation\n\nby casting size_limit_mb to u64 when calculate pglimit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37803",
"url": "https://www.suse.com/security/cve/CVE-2025-37803"
},
{
"category": "external",
"summary": "SUSE Bug 1242852 for CVE-2025-37803",
"url": "https://bugzilla.suse.com/1242852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37803"
},
{
"cve": "CVE-2025-37804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37804"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37804",
"url": "https://www.suse.com/security/cve/CVE-2025-37804"
},
{
"category": "external",
"summary": "SUSE Bug 1242854 for CVE-2025-37804",
"url": "https://bugzilla.suse.com/1242854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37804"
},
{
"cve": "CVE-2025-37809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Fix NULL pointer access\n\nConcurrent calls to typec_partner_unlink_device can lead to a NULL pointer\ndereference. This patch adds a mutex to protect USB device pointers and\nprevent this issue. The same mutex protects both the device pointers and\nthe partner device registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37809",
"url": "https://www.suse.com/security/cve/CVE-2025-37809"
},
{
"category": "external",
"summary": "SUSE Bug 1242856 for CVE-2025-37809",
"url": "https://bugzilla.suse.com/1242856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37809"
},
{
"cve": "CVE-2025-37820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen-netfront: handle NULL returned by xdp_convert_buff_to_frame()\n\nThe function xdp_convert_buff_to_frame() may return NULL if it fails\nto correctly convert the XDP buffer into an XDP frame due to memory\nconstraints, internal errors, or invalid data. Failing to check for NULL\nmay lead to a NULL pointer dereference if the result is used later in\nprocessing, potentially causing crashes, data corruption, or undefined\nbehavior.\n\nOn XDP redirect failure, the associated page must be released explicitly\nif it was previously retained via get_page(). Failing to do so may result\nin a memory leak, as the pages reference count is not decremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37820",
"url": "https://www.suse.com/security/cve/CVE-2025-37820"
},
{
"category": "external",
"summary": "SUSE Bug 1242866 for CVE-2025-37820",
"url": "https://bugzilla.suse.com/1242866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37820"
},
{
"cve": "CVE-2025-37823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don\u0027t have a reliable reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37823",
"url": "https://www.suse.com/security/cve/CVE-2025-37823"
},
{
"category": "external",
"summary": "SUSE Bug 1242924 for CVE-2025-37823",
"url": "https://bugzilla.suse.com/1242924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37823"
},
{
"cve": "CVE-2025-37824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix NULL pointer dereference in tipc_mon_reinit_self()\n\nsyzbot reported:\n\ntipc: Node number set to 1055423674\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 3 UID: 0 PID: 6017 Comm: kworker/3:5 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: events tipc_net_finalize_work\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tipc_net_finalize+0x10b/0x180 net/tipc/net.c:140\n process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238\n process_scheduled_works kernel/workqueue.c:3319 [inline]\n worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400\n kthread+0x3c2/0x780 kernel/kthread.c:464\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n...\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\nThere is a racing condition between workqueue created when enabling\nbearer and another thread created when disabling bearer right after\nthat as follow:\n\nenabling_bearer | disabling_bearer\n--------------- | ----------------\ntipc_disc_timeout() |\n{ | bearer_disable()\n ... | {\n schedule_work(\u0026tn-\u003ework); | tipc_mon_delete()\n ... | {\n} | ...\n | write_lock_bh(\u0026mon-\u003elock);\n | mon-\u003eself = NULL;\n | write_unlock_bh(\u0026mon-\u003elock);\n | ...\n | }\ntipc_net_finalize_work() | }\n{ |\n ... |\n tipc_net_finalize() |\n { |\n ... |\n tipc_mon_reinit_self() |\n { |\n ... |\n write_lock_bh(\u0026mon-\u003elock); |\n mon-\u003eself-\u003eaddr = tipc_own_addr(net); |\n write_unlock_bh(\u0026mon-\u003elock); |\n ... \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37824",
"url": "https://www.suse.com/security/cve/CVE-2025-37824"
},
{
"category": "external",
"summary": "SUSE Bug 1242867 for CVE-2025-37824",
"url": "https://bugzilla.suse.com/1242867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37824"
},
{
"cve": "CVE-2025-37829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scpi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37829",
"url": "https://www.suse.com/security/cve/CVE-2025-37829"
},
{
"category": "external",
"summary": "SUSE Bug 1242875 for CVE-2025-37829",
"url": "https://bugzilla.suse.com/1242875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37829"
},
{
"cve": "CVE-2025-37830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scmi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.\n\nAdd NULL check after cpufreq_cpu_get_raw() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37830",
"url": "https://www.suse.com/security/cve/CVE-2025-37830"
},
{
"category": "external",
"summary": "SUSE Bug 1242860 for CVE-2025-37830",
"url": "https://bugzilla.suse.com/1242860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37830"
},
{
"cve": "CVE-2025-37831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. apple_soc_cpufreq_get_rate() does not check\nfor this case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37831",
"url": "https://www.suse.com/security/cve/CVE-2025-37831"
},
{
"category": "external",
"summary": "SUSE Bug 1242861 for CVE-2025-37831",
"url": "https://bugzilla.suse.com/1242861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37831"
},
{
"cve": "CVE-2025-37833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads\n\nFix niu_try_msix() to not cause a fatal trap on sparc systems.\n\nSet PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to\nwork around a bug in the hardware or firmware.\n\nFor each vector entry in the msix table, niu chips will cause a fatal\ntrap if any registers in that entry are read before that entries\u0027\nENTRY_DATA register is written to. Testing indicates writes to other\nregisters are not sufficient to prevent the fatal trap, however the value\ndoes not appear to matter. This only needs to happen once after power up,\nso simply rebooting into a kernel lacking this fix will NOT cause the\ntrap.\n\nNON-RESUMABLE ERROR: Reporting on cpu 64\nNON-RESUMABLE ERROR: TPC [0x00000000005f6900] \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\nNON-RESUMABLE ERROR: RAW [4010000000000016:00000e37f93e32ff:0000000202000080:ffffffffffffffff\nNON-RESUMABLE ERROR: 0000000800000000:0000000000000000:0000000000000000:0000000000000000]\nNON-RESUMABLE ERROR: handle [0x4010000000000016] stick [0x00000e37f93e32ff]\nNON-RESUMABLE ERROR: type [precise nonresumable]\nNON-RESUMABLE ERROR: attrs [0x02000080] \u003c ASI sp-faulted priv \u003e\nNON-RESUMABLE ERROR: raddr [0xffffffffffffffff]\nNON-RESUMABLE ERROR: insn effective address [0x000000c50020000c]\nNON-RESUMABLE ERROR: size [0x8]\nNON-RESUMABLE ERROR: asi [0x00]\nCPU: 64 UID: 0 PID: 745 Comm: kworker/64:1 Not tainted 6.11.5 #63\nWorkqueue: events work_for_cpu_fn\nTSTATE: 0000000011001602 TPC: 00000000005f6900 TNPC: 00000000005f6904 Y: 00000000 Not tainted\nTPC: \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\ng0: 00000000000002e9 g1: 000000000000000c g2: 000000c50020000c g3: 0000000000000100\ng4: ffff8000470307c0 g5: ffff800fec5be000 g6: ffff800047a08000 g7: 0000000000000000\no0: ffff800014feb000 o1: ffff800047a0b620 o2: 0000000000000011 o3: ffff800047a0b620\no4: 0000000000000080 o5: 0000000000000011 sp: ffff800047a0ad51 ret_pc: 00000000005f7128\nRPC: \u003c__pci_enable_msix_range+0x3cc/0x460\u003e\nl0: 000000000000000d l1: 000000000000c01f l2: ffff800014feb0a8 l3: 0000000000000020\nl4: 000000000000c000 l5: 0000000000000001 l6: 0000000020000000 l7: ffff800047a0b734\ni0: ffff800014feb000 i1: ffff800047a0b730 i2: 0000000000000001 i3: 000000000000000d\ni4: 0000000000000000 i5: 0000000000000000 i6: ffff800047a0ae81 i7: 00000000101888b0\nI7: \u003cniu_try_msix.constprop.0+0xc0/0x130 [niu]\u003e\nCall Trace:\n[\u003c00000000101888b0\u003e] niu_try_msix.constprop.0+0xc0/0x130 [niu]\n[\u003c000000001018f840\u003e] niu_get_invariants+0x183c/0x207c [niu]\n[\u003c00000000101902fc\u003e] niu_pci_init_one+0x27c/0x2fc [niu]\n[\u003c00000000005ef3e4\u003e] local_pci_probe+0x28/0x74\n[\u003c0000000000469240\u003e] work_for_cpu_fn+0x8/0x1c\n[\u003c000000000046b008\u003e] process_scheduled_works+0x144/0x210\n[\u003c000000000046b518\u003e] worker_thread+0x13c/0x1c0\n[\u003c00000000004710e0\u003e] kthread+0xb8/0xc8\n[\u003c00000000004060c8\u003e] ret_from_fork+0x1c/0x2c\n[\u003c0000000000000000\u003e] 0x0\nKernel panic - not syncing: Non-resumable error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37833",
"url": "https://www.suse.com/security/cve/CVE-2025-37833"
},
{
"category": "external",
"summary": "SUSE Bug 1242868 for CVE-2025-37833",
"url": "https://bugzilla.suse.com/1242868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37833"
},
{
"cve": "CVE-2025-37842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fsl-qspi: use devm function instead of driver remove\n\nDriver use devm APIs to manage clk/irq/resources and register the spi\ncontroller, but the legacy remove function will be called first during\ndevice detach and trigger kernel panic. Drop the remove function and use\ndevm_add_action_or_reset() for driver cleanup to ensure the release\nsequence.\n\nTrigger kernel panic on i.MX8MQ by\necho 30bb0000.spi \u003e/sys/bus/platform/drivers/fsl-quadspi/unbind",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37842",
"url": "https://www.suse.com/security/cve/CVE-2025-37842"
},
{
"category": "external",
"summary": "SUSE Bug 1242951 for CVE-2025-37842",
"url": "https://bugzilla.suse.com/1242951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37842"
},
{
"cve": "CVE-2025-37870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: prevent hang on link training fail\n\n[Why]\nWhen link training fails, the phy clock will be disabled. However, in\nenable_streams, it is assumed that link training succeeded and the\nmux selects the phy clock, causing a hang when a register write is made.\n\n[How]\nWhen enable_stream is hit, check if link training failed. If it did, fall\nback to the ref clock to avoid a hang and keep the system in a recoverable\nstate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37870",
"url": "https://www.suse.com/security/cve/CVE-2025-37870"
},
{
"category": "external",
"summary": "SUSE Bug 1243056 for CVE-2025-37870",
"url": "https://bugzilla.suse.com/1243056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37870"
},
{
"cve": "CVE-2025-37879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37879"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/net: fix improper handling of bogus negative read/write replies\n\nIn p9_client_write() and p9_client_read_once(), if the server\nincorrectly replies with success but a negative write/read count then we\nwould consider written (negative) \u003c= rsize (positive) because both\nvariables were signed.\n\nMake variables unsigned to avoid this problem.\n\nThe reproducer linked below now fails with the following error instead\nof a null pointer deref:\n9pnet: bogus RWRITE count (4294967295 \u003e 3)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37879",
"url": "https://www.suse.com/security/cve/CVE-2025-37879"
},
{
"category": "external",
"summary": "SUSE Bug 1243077 for CVE-2025-37879",
"url": "https://bugzilla.suse.com/1243077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37879"
},
{
"cve": "CVE-2025-37886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: make wait_context part of q_info\n\nMake the wait_context a full part of the q_info struct rather\nthan a stack variable that goes away after pdsc_adminq_post()\nis done so that the context is still available after the wait\nloop has given up.\n\nThere was a case where a slow development firmware caused\nthe adminq request to time out, but then later the FW finally\nfinished the request and sent the interrupt. The handler tried\nto complete_all() the completion context that had been created\non the stack in pdsc_adminq_post() but no longer existed.\nThis caused bad pointer usage, kernel crashes, and much wailing\nand gnashing of teeth.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37886",
"url": "https://www.suse.com/security/cve/CVE-2025-37886"
},
{
"category": "external",
"summary": "SUSE Bug 1242944 for CVE-2025-37886",
"url": "https://bugzilla.suse.com/1242944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37886"
},
{
"cve": "CVE-2025-37887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result\n\nIf the FW doesn\u0027t support the PDS_CORE_CMD_FW_CONTROL command\nthe driver might at the least print garbage and at the worst\ncrash when the user runs the \"devlink dev info\" devlink command.\n\nThis happens because the stack variable fw_list is not 0\ninitialized which results in fw_list.num_fw_slots being a\ngarbage value from the stack. Then the driver tries to access\nfw_list.fw_names[i] with i \u003e= ARRAY_SIZE and runs off the end\nof the array.\n\nFix this by initializing the fw_list and by not failing\ncompletely if the devcmd fails because other useful information\nis printed via devlink dev info even if the devcmd fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37887",
"url": "https://www.suse.com/security/cve/CVE-2025-37887"
},
{
"category": "external",
"summary": "SUSE Bug 1242962 for CVE-2025-37887",
"url": "https://bugzilla.suse.com/1242962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37887"
},
{
"cve": "CVE-2025-37949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxenbus: Use kref to track req lifetime\n\nMarek reported seeing a NULL pointer fault in the xenbus_thread\ncallstack:\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: e030:__wake_up_common+0x4c/0x180\nCall Trace:\n \u003cTASK\u003e\n __wake_up_common_lock+0x82/0xd0\n process_msg+0x18e/0x2f0\n xenbus_thread+0x165/0x1c0\n\nprocess_msg+0x18e is req-\u003ecb(req). req-\u003ecb is set to xs_wake_up(), a\nthin wrapper around wake_up(), or xenbus_dev_queue_reply(). It seems\nlike it was xs_wake_up() in this case.\n\nIt seems like req may have woken up the xs_wait_for_reply(), which\nkfree()ed the req. When xenbus_thread resumes, it faults on the zero-ed\ndata.\n\nLinux Device Drivers 2nd edition states:\n\"Normally, a wake_up call can cause an immediate reschedule to happen,\nmeaning that other processes might run before wake_up returns.\"\n... which would match the behaviour observed.\n\nChange to keeping two krefs on each request. One for the caller, and\none for xenbus_thread. Each will kref_put() when finished, and the last\nwill free it.\n\nThis use of kref matches the description in\nDocumentation/core-api/kref.rst",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37949",
"url": "https://www.suse.com/security/cve/CVE-2025-37949"
},
{
"category": "external",
"summary": "SUSE Bug 1243541 for CVE-2025-37949",
"url": "https://bugzilla.suse.com/1243541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37949"
},
{
"cve": "CVE-2025-37957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception\n\nPreviously, commit ed129ec9057f (\"KVM: x86: forcibly leave nested mode\non vCPU reset\") addressed an issue where a triple fault occurring in\nnested mode could lead to use-after-free scenarios. However, the commit\ndid not handle the analogous situation for System Management Mode (SMM).\n\nThis omission results in triggering a WARN when KVM forces a vCPU INIT\nafter SHUTDOWN interception while the vCPU is in SMM. This situation was\nreprodused using Syzkaller by:\n\n 1) Creating a KVM VM and vCPU\n 2) Sending a KVM_SMI ioctl to explicitly enter SMM\n 3) Executing invalid instructions causing consecutive exceptions and\n eventually a triple fault\n\nThe issue manifests as follows:\n\n WARNING: CPU: 0 PID: 25506 at arch/x86/kvm/x86.c:12112\n kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Modules linked in:\n CPU: 0 PID: 25506 Comm: syz-executor.0 Not tainted\n 6.1.130-syzkaller-00157-g164fe5dde9b6 #0\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),\n BIOS 1.12.0-1 04/01/2014\n RIP: 0010:kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Call Trace:\n \u003cTASK\u003e\n shutdown_interception+0x66/0xb0 arch/x86/kvm/svm/svm.c:2136\n svm_invoke_exit_handler+0x110/0x530 arch/x86/kvm/svm/svm.c:3395\n svm_handle_exit+0x424/0x920 arch/x86/kvm/svm/svm.c:3457\n vcpu_enter_guest arch/x86/kvm/x86.c:10959 [inline]\n vcpu_run+0x2c43/0x5a90 arch/x86/kvm/x86.c:11062\n kvm_arch_vcpu_ioctl_run+0x50f/0x1cf0 arch/x86/kvm/x86.c:11283\n kvm_vcpu_ioctl+0x570/0xf00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4122\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nArchitecturally, INIT is blocked when the CPU is in SMM, hence KVM\u0027s WARN()\nin kvm_vcpu_reset() to guard against KVM bugs, e.g. to detect improper\nemulation of INIT. SHUTDOWN on SVM is a weird edge case where KVM needs to\ndo _something_ sane with the VMCB, since it\u0027s technically undefined, and\nINIT is the least awful choice given KVM\u0027s ABI.\n\nSo, double down on stuffing INIT on SHUTDOWN, and force the vCPU out of\nSMM to avoid any weirdness (and the WARN).\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.\n\n[sean: massage changelog, make it clear this isn\u0027t architectural behavior]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37957",
"url": "https://www.suse.com/security/cve/CVE-2025-37957"
},
{
"category": "external",
"summary": "SUSE Bug 1243513 for CVE-2025-37957",
"url": "https://bugzilla.suse.com/1243513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37957"
},
{
"cve": "CVE-2025-37958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: fix dereferencing invalid pmd migration entry\n\nWhen migrating a THP, concurrent access to the PMD migration entry during\na deferred split scan can lead to an invalid address access, as\nillustrated below. To prevent this invalid access, it is necessary to\ncheck the PMD migration entry and return early. In this context, there is\nno need to use pmd_to_swp_entry and pfn_swap_entry_to_page to verify the\nequality of the target folio. Since the PMD migration entry is locked, it\ncannot be served as the target.\n\nMailing list discussion and explanation from Hugh Dickins: \"An anon_vma\nlookup points to a location which may contain the folio of interest, but\nmight instead contain another folio: and weeding out those other folios is\nprecisely what the \"folio != pmd_folio((*pmd)\" check (and the \"risk of\nreplacing the wrong folio\" comment a few lines above it) is for.\"\n\nBUG: unable to handle page fault for address: ffffea60001db008\nCPU: 0 UID: 0 PID: 2199114 Comm: tee Not tainted 6.14.0+ #4 NONE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:split_huge_pmd_locked+0x3b5/0x2b60\nCall Trace:\n\u003cTASK\u003e\ntry_to_migrate_one+0x28c/0x3730\nrmap_walk_anon+0x4f6/0x770\nunmap_folio+0x196/0x1f0\nsplit_huge_page_to_list_to_order+0x9f6/0x1560\ndeferred_split_scan+0xac5/0x12a0\nshrinker_debugfs_scan_write+0x376/0x470\nfull_proxy_write+0x15c/0x220\nvfs_write+0x2fc/0xcb0\nksys_write+0x146/0x250\ndo_syscall_64+0x6a/0x120\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe bug is found by syzkaller on an internal kernel, then confirmed on\nupstream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37958",
"url": "https://www.suse.com/security/cve/CVE-2025-37958"
},
{
"category": "external",
"summary": "SUSE Bug 1243539 for CVE-2025-37958",
"url": "https://bugzilla.suse.com/1243539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37958"
},
{
"cve": "CVE-2025-37960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemblock: Accept allocated memory before use in memblock_double_array()\n\nWhen increasing the array size in memblock_double_array() and the slab\nis not yet available, a call to memblock_find_in_range() is used to\nreserve/allocate memory. However, the range returned may not have been\naccepted, which can result in a crash when booting an SNP guest:\n\n RIP: 0010:memcpy_orig+0x68/0x130\n Code: ...\n RSP: 0000:ffffffff9cc03ce8 EFLAGS: 00010006\n RAX: ff11001ff83e5000 RBX: 0000000000000000 RCX: fffffffffffff000\n RDX: 0000000000000bc0 RSI: ffffffff9dba8860 RDI: ff11001ff83e5c00\n RBP: 0000000000002000 R08: 0000000000000000 R09: 0000000000002000\n R10: 000000207fffe000 R11: 0000040000000000 R12: ffffffff9d06ef78\n R13: ff11001ff83e5000 R14: ffffffff9dba7c60 R15: 0000000000000c00\n memblock_double_array+0xff/0x310\n memblock_add_range+0x1fb/0x2f0\n memblock_reserve+0x4f/0xa0\n memblock_alloc_range_nid+0xac/0x130\n memblock_alloc_internal+0x53/0xc0\n memblock_alloc_try_nid+0x3d/0xa0\n swiotlb_init_remap+0x149/0x2f0\n mem_init+0xb/0xb0\n mm_core_init+0x8f/0x350\n start_kernel+0x17e/0x5d0\n x86_64_start_reservations+0x14/0x30\n x86_64_start_kernel+0x92/0xa0\n secondary_startup_64_no_verify+0x194/0x19b\n\nMitigate this by calling accept_memory() on the memory range returned\nbefore the slab is available.\n\nPrior to v6.12, the accept_memory() interface used a \u0027start\u0027 and \u0027end\u0027\nparameter instead of \u0027start\u0027 and \u0027size\u0027, therefore the accept_memory()\ncall must be adjusted to specify \u0027start + size\u0027 for \u0027end\u0027 when applying\nto kernels prior to v6.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37960",
"url": "https://www.suse.com/security/cve/CVE-2025-37960"
},
{
"category": "external",
"summary": "SUSE Bug 1243519 for CVE-2025-37960",
"url": "https://bugzilla.suse.com/1243519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37960"
},
{
"cve": "CVE-2025-37974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix missing check for zpci_create_device() error return\n\nThe zpci_create_device() function returns an error pointer that needs to\nbe checked before dereferencing it as a struct zpci_dev pointer. Add the\nmissing check in __clp_add() where it was missed when adding the\nscan_list in the fixed commit. Simply not adding the device to the scan\nlist results in the previous behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37974",
"url": "https://www.suse.com/security/cve/CVE-2025-37974"
},
{
"category": "external",
"summary": "SUSE Bug 1243547 for CVE-2025-37974",
"url": "https://bugzilla.suse.com/1243547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-37974"
},
{
"cve": "CVE-2025-38152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Clear table_sz when rproc_shutdown\n\nThere is case as below could trigger kernel dump:\nUse U-Boot to start remote processor(rproc) with resource table\npublished to a fixed address by rproc. After Kernel boots up,\nstop the rproc, load a new firmware which doesn\u0027t have resource table\n,and start rproc.\n\nWhen starting rproc with a firmware not have resource table,\n`memcpy(loaded_table, rproc-\u003ecached_table, rproc-\u003etable_sz)` will\ntrigger dump, because rproc-\u003ecache_table is set to NULL during the last\nstop operation, but rproc-\u003etable_sz is still valid.\n\nThis issue is found on i.MX8MP and i.MX9.\n\nDump as below:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af63000\n[0000000000000000] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in:\nCPU: 2 UID: 0 PID: 1060 Comm: sh Not tainted 6.14.0-rc7-next-20250317-dirty #38\nHardware name: NXP i.MX8MPlus EVK board (DT)\npstate: a0000005 (NzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __pi_memcpy_generic+0x110/0x22c\nlr : rproc_start+0x88/0x1e0\nCall trace:\n __pi_memcpy_generic+0x110/0x22c (P)\n rproc_boot+0x198/0x57c\n state_store+0x40/0x104\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x7c/0x94\n kernfs_fop_write_iter+0x120/0x1cc\n vfs_write+0x240/0x378\n ksys_write+0x70/0x108\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xcc\n el0t_64_sync_handler+0x10c/0x138\n el0t_64_sync+0x198/0x19c\n\nClear rproc-\u003etable_sz to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38152",
"url": "https://www.suse.com/security/cve/CVE-2025-38152"
},
{
"category": "external",
"summary": "SUSE Bug 1241627 for CVE-2025-38152",
"url": "https://bugzilla.suse.com/1241627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-38152"
},
{
"cve": "CVE-2025-38637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: skbprio: Remove overly strict queue assertions\n\nIn the current implementation, skbprio enqueue/dequeue contains an assertion\nthat fails under certain conditions when SKBPRIO is used as a child qdisc under\nTBF with specific parameters. The failure occurs because TBF sometimes peeks at\npackets in the child qdisc without actually dequeuing them when tokens are\nunavailable.\n\nThis peek operation creates a discrepancy between the parent and child qdisc\nqueue length counters. When TBF later receives a high-priority packet,\nSKBPRIO\u0027s queue length may show a different value than what\u0027s reflected in its\ninternal priority queue tracking, triggering the assertion.\n\nThe fix removes this overly strict assertions in SKBPRIO, they are not\nnecessary at all.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38637",
"url": "https://www.suse.com/security/cve/CVE-2025-38637"
},
{
"category": "external",
"summary": "SUSE Bug 1241657 for CVE-2025-38637",
"url": "https://bugzilla.suse.com/1241657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-38637"
},
{
"cve": "CVE-2025-40325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: wait barrier before returning discard request with REQ_NOWAIT\n\nraid10_handle_discard should wait barrier before returning a discard bio\nwhich has REQ_NOWAIT. And there is no need to print warning calltrace\nif a discard bio has REQ_NOWAIT flag. Quality engineer usually checks\ndmesg and reports error if dmesg has warning/error calltrace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40325",
"url": "https://www.suse.com/security/cve/CVE-2025-40325"
},
{
"category": "external",
"summary": "SUSE Bug 1241638 for CVE-2025-40325",
"url": "https://bugzilla.suse.com/1241638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_3-rt-1-150700.1.3.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt_debug-devel-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.3.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.3.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T11:37:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-40325"
}
]
}
suse-su-2025:20421-1
Vulnerability from csaf_suse
Published
2025-06-16 15:33
Modified
2025-06-16 15:33
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21868: kABI workaround for adding an header (bsc#1240180).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-21938: mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr (bsc#1240723).
- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related
to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).
- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).
- CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946).
- CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982).
- CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37874: net: ngbe: fix memory leak in ngbe_probe() error path (bsc#1242940).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475).
- CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628).
- CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value (bsc#1243537).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572).
- CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542).
- CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
The following non-security bugs were fixed:
- ACPI: HED: Always initialize before evged (stable-fixes).
- ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions" (git-fixes).
- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- ACPICA: Utilities: Fix spelling mistake "Incremement" -> "Increment" (git-fixes).
- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).
- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).
- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
- ALSA: seq: Improve data consistency at polling (stable-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).
- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).
- ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation type (git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).
- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).
- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).
- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).
- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).
- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).
- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).
- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).
- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).
- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).
- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).
- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).
- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).
- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).
- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).
- ASoC: tas2764: Enable main IRQs (git-fixes).
- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).
- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).
- ASoC: tas2764: Reinit cache on part reset (git-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).
- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).
- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).
- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).
- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).
- Documentation: fix typo in root= kernel parameter description (git-fixes).
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).
- Drop AMDGPU patch that may cause regressions (bsc#1243782)
- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).
- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).
- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).
- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
- Input: xpad - add more controllers (stable-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
- KVM: arm64: Mark some header functions as inline (git-fixes).
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).
- KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199).
- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
- KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).
- KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
- Move upstreamed patches into sorted section
- Move upstreamed tpm patch into sorted section
- NFS: Do not allow waiting for exiting tasks (git-fixes).
- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (git-fixes).
- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
- NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes).
- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
- NFSv4: Treat ENETUNREACH errors as fatal for state recovery (git-fixes).
- PCI/DPC: Initialize aer_err_info before using it (git-fixes).
- PCI: Explicitly put devices into D0 when initializing (git-fixes).
- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).
- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).
- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).
- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).
- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: cadence: Fix runtime atomic count underflow (git-fixes).
- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).
- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).
- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).
- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).
- PM: sleep: Print PM debug messages during hibernation (git-fixes).
- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem (git-fixes)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- RDMA/rxe: Fix "trying to register non-static key in rxe_qp_do_cleanup" bug (git-fixes)
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- Refresh fixes for cBPF issue (bsc#1242778)
- Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first" (stable-fixes).
- Revert "drm/amd: Keep display off while going into S4" (git-fixes).
- Revert "drm/amd: Stop evicting resources on APUs in suspend" (stable-fixes).
- Revert "drm/amdgpu: do not allow userspace to create a doorbell BO" (stable-fixes).
- Revert "rndis_host: Flag RNDIS modems as WWAN devices" (git-fixes).
- Revert "wifi: mt76: mt7996: fill txd by host driver" (stable-fixes).
- SUNRPC: Do not allow waiting for exiting tasks (git-fixes).
- SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes).
- SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git-fixes).
- SUNRPC: rpcbind should never reset the port to the value '0' (git-fixes).
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).
- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
- afs: Make it possible to find the volumes that are using a server (git-fixes).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- arm64: insn: Add support for encoding DSB (git-fixes)
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).
- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).
- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).
- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).
- bus: fsl-mc: fix double-free on mc_dev (git-fixes).
- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- can: bcm: add missing rcu read protection for procfs content (git-fixes).
- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).
- can: slcan: allow reception of short error messages (git-fixes).
- check-for-config-changes: Fix flag name typo
- cifs: change tcon status when need_reconnect is set on it (git-fixes).
- cifs: reduce warning log level for server not advertising interfaces (git-fixes).
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- crypto: lrw - Only add ecb if it is not already there (git-fixes).
- crypto: lzo - Fix compression buffer overrun (stable-fixes).
- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).
- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).
- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).
- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).
- crypto: qat - add shutdown handler to qat_420xx (git-fixes).
- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).
- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).
- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).
- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).
- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).
- crypto: xts - Only add ecb if it is not already there (git-fixes).
- devlink: fix port new reply cmd type (git-fixes).
- dlm: mask sk_shutdown value (bsc#1228854).
- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).
- dm-integrity: fix a warning on invalid table line (git-fixes).
- dma-buf: insert memory barrier before updating num_fences (git-fixes).
- dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" (git-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).
- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).
- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).
- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).
- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).
- drm/amd/display: Increase block_sequence array size (stable-fixes).
- drm/amd/display: Initial psr_version with correct setting (stable-fixes).
- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).
- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).
- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).
- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).
- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).
- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).
- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- drm/amdgpu: reset psp->cmd to NULL after releasing the buffer (stable-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).
- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).
- drm/ast: Find VBIOS mode from regular display size (stable-fixes).
- drm/ast: Fix comment on modeset lock (git-fixes).
- drm/atomic: clarify the rules around drm_atomic_state->allow_modeset (stable-fixes).
- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).
- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).
- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).
- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).
- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).
- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).
- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).
- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).
- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).
- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).
- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).
- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).
- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).
- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).
- drm/tegra: Assign plane type before registration (git-fixes).
- drm/tegra: Fix a possible null pointer dereference (git-fixes).
- drm/tegra: rgb: Fix the unbound reference count (git-fixes).
- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).
- drm/v3d: Add clock handling (stable-fixes).
- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
- drm/vc4: tests: Use return instead of assert (git-fixes).
- drm/vkms: Adjust vkms_state->active_planes allocation type (git-fixes).
- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).
- drm: Add valid clones check (stable-fixes).
- drm: bridge: adv7511: fill stream capabilities (stable-fixes).
- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).
- exfat: fix potential wrong error return from get_block (git-fixes).
- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).
- fbdev/efifb: Remove PM for parent device (bsc#1244261).
- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).
- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).
- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).
- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).
- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).
- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).
- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).
- fpga: altera-cvp: Increase credit timeout (stable-fixes).
- fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes).
- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).
- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).
- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).
- gpiolib: Revert "Do not WARN on gpiod_put() for optional GPIO" (stable-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).
- hwmon: (dell-smm) Increment the number of fans (stable-fixes).
- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).
- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).
- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).
- i2c: pxa: fix call balance of i2c->clk handling routines (stable-fixes).
- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).
- i2c: tegra: check msg length in SMBUS block read (bsc#1242086)
- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).
- i3c: master: svc: Fix missing STOP for master request (stable-fixes).
- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).
- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).
- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).
- iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes).
- iio: filter: admv8818: fix band 4, state 15 (git-fixes).
- iio: filter: admv8818: fix integer overflow (git-fixes).
- iio: filter: admv8818: fix range calculation (git-fixes).
- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).
- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).
- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).
- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
- intel_th: avoid using deprecated page->mapping, index fields (stable-fixes).
- iommu: Protect against overflow in iommu_pgsize() (git-fixes).
- ip6mr: fix tables suspicious RCU usage (git-fixes).
- ip_tunnel: annotate data-races around t->parms.link (git-fixes).
- ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes).
- ipmr: fix tables suspicious RCU usage (git-fixes).
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- ipv4: Convert ip_route_input() to dscp_t (git-fixes).
- ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes).
- ipv4: Fix incorrect source address in Record Route option (git-fixes).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).
- ipv4: fix source address selection with route leak (git-fixes).
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes). Both spellings are actually used
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
- ipv6: Align behavior across nexthops during path selection (git-fixes).
- ipv6: Do not consider link down nexthops in path selection (git-fixes).
- ipv6: Start path selection from the first nexthop (git-fixes).
- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).
- ipv6: save dontfrag in cork (git-fixes).
- ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes).
- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).
- jffs2: check that raw node were preallocated before writing summary (git-fixes).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).
- kABI: ipv6: save dontfrag in cork (git-fixes).
- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: aio inherit the ioprio of original request (git-fixes).
- loop: do not require ->write_iter for writable files in loop_configure (git-fixes).
- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).
- md/raid1,raid10: do not ignore IO flags (git-fixes).
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- md: add a new callback pers->bitmap_sector() (git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md: preserve KABI in struct md_personality v2 (git-fixes).
- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).
- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).
- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).
- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).
- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).
- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).
- media: cx231xx: set device_caps for 417 (stable-fixes).
- media: cxusb: no longer judge rbuf when the write fails (git-fixes).
- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).
- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).
- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).
- media: imx-jpeg: Cleanup after an allocation error (git-fixes).
- media: imx-jpeg: Drop the first error frames (git-fixes).
- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).
- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).
- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).
- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).
- media: ov5675: suppress probe deferral errors (git-fixes).
- media: ov8856: suppress probe deferral errors (git-fixes).
- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).
- media: rkvdec: Fix frame size enumeration (git-fixes).
- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).
- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).
- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).
- media: uvcvideo: Fix deferred probing error (git-fixes).
- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).
- media: uvcvideo: Return the number of processed controls (git-fixes).
- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).
- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).
- media: venus: Fix probe error handling (git-fixes).
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).
- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).
- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).
- media: vivid: Change the siize of the composing (git-fixes).
- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).
- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).
- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).
- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).
- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).
- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).
- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).
- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).
- neighbour: Do not let neigh_forced_gc() disable preemption for long (git-fixes).
- neighbour: delete redundant judgment statements (git-fixes).
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).
- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
- net/neighbor: clear error in case strict check is not set (git-fixes).
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).
- net: Handle napi_schedule() calls from non-interrupt (git-fixes).
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).
- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes).
- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
- net: add rcu safety to rtnl_prop_list_size() (git-fixes).
- net: do not dump stack on queue timeout (git-fixes).
- net: fix udp gso skb_segment after pull from frag_list (git-fixes).
- net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes).
- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
- net: ipv4: fix a memleak in ip_setup_cork (git-fixes).
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- net: linkwatch: use system_unbound_wq (git-fixes).
- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
- net: page_pool: fix warning code (git-fixes).
- net: phy: clear phydev->devlink when the link is deleted (git-fixes).
- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).
- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).
- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).
- net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes).
- net: sched: consistently use rcu_replace_pointer() in taprio_change() (git-fixes).
- net: sched: em_text: fix possible memory leak in em_text_destroy() (git-fixes).
- net: sched: fix erspan_opt settings in cls_flower (git-fixes).
- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).
- net: usb: aqc111: debug info before sanitation (git-fixes).
- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).
- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).
- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)
- netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- netpoll: Ensure clean state on setup failures (git-fixes).
- netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes).
- netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).
- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).
- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).
- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
- nvme: multipath: fix return value of nvme_available_path (git-fixes).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvme: unblock ctrl state transition for firmware update (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).
- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
- orangefs: Do not truncate file size (git-fixes).
- pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes).
- padata: do not leak refcount in reorder_work (git-fixes).
- page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes).
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).
- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).
- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).
- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).
- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).
- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (git-fixes).
- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).
- pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned" (stable-fixes).
- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).
- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).
- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).
- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).
- power: reset: at91-reset: Optimize at91_reset() (git-fixes).
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199).
- pstore: Change kmsg_bytes storage size to u32 (git-fixes).
- qibfs: fix _another_ leak (git-fixes)
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- rcu: Introduce rcu_cpu_online() (git-fixes)
- regulator: ad5398: Add device tree support (stable-fixes).
- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).
- regulator: max20086: Change enable gpio to optional (git-fixes).
- regulator: max20086: Fix MAX200086 chip id (git-fixes).
- regulator: max20086: fix invalid memory access (git-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rtc: Fix offset calculation for .start_secs < 0 (git-fixes).
- rtc: at91rm9200: drop unused module alias (git-fixes).
- rtc: cpcap: drop unused module alias (git-fixes).
- rtc: da9063: drop unused module alias (git-fixes).
- rtc: ds1307: stop disabling alarms on probe (stable-fixes).
- rtc: jz4740: drop unused module alias (git-fixes).
- rtc: pm8xxx: drop unused module alias (git-fixes).
- rtc: rv3032: fix EERD location (stable-fixes).
- rtc: s3c: drop unused module alias (git-fixes).
- rtc: sh: assign correct interrupts with DT (git-fixes).
- rtc: stm32: drop unused module alias (git-fixes).
- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).
- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).
- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).
- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).
- s390/pci: Serialize device addition and removal (bsc#1244145).
- s390/pci: introduce lock to synchronize state of zpci_dev's (jsc#PED-10253 bsc#1244145).
- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).
- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).
- scsi: Improve CDL control (git-fixes).
- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).
- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).
- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).
- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).
- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).
- serial: sh-sci: Save and restore more registers (git-fixes).
- serial: sh-sci: Update the suspend/resume support (stable-fixes).
- smb3: fix Open files on server counter going negative (git-fixes).
- smb: client: Use str_yes_no() helper function (git-fixes).
- smb: client: allow more DFS referrals to be cached (git-fixes).
- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).
- smb: client: do not retry DFS targets on server shutdown (git-fixes).
- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).
- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).
- smb: client: fix DFS interlink failover (git-fixes).
- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- smb: client: fix return value of parse_dfs_referrals() (git-fixes).
- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).
- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).
- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).
- smb: client: improve purging of cached referrals (git-fixes).
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- smb: client: optimize referral walk on failed link targets (git-fixes).
- smb: client: parse DNS domain name from domain= option (git-fixes).
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- smb: client: refresh referral without acquiring refpath_lock (git-fixes).
- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).
- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).
- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).
- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).
- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).
- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).
- spi-rockchip: Fix register out of bounds access (stable-fixes).
- spi: bcm63xx-hsspi: fix shared reset (git-fixes).
- spi: bcm63xx-spi: fix shared reset (git-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
- spi: spi-sun4i: fix early activation (stable-fixes).
- spi: tegra114: Use value to check for invalid delays (git-fixes).
- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).
- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).
- spi: tegra210-quad: remove redundant error handling code (git-fixes).
- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).
- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (git-fixes).
- tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (git-fixes).
- tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes).
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).
- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
- tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).
- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).
- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).
- thunderbolt: Fix a logic error in wake on connect (git-fixes).
- udp: annotate data-races around up->pending (git-fixes).
- udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (git-fixes).
- udp: fix receiving fraglist GSO packets (git-fixes).
- udp: preserve the connected status if only UDP cmsg (git-fixes).
- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).
- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).
- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).
- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).
- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).
- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).
- usb: usbtmc: Fix timeout value in get_stb (git-fixes).
- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).
- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).
- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).
- virtio_console: fix missing byte order handling for cols and rows (git-fixes).
- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).
- watchdog: exar: Shorten identity name to fit correctly (git-fixes).
- wifi: ath11k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath11k: fix ring-buffer corruption (git-fixes).
- wifi: ath11k: fix rx completion meta data corruption (git-fixes).
- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).
- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).
- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).
- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).
- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).
- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).
- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).
- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).
- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).
- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).
- wifi: ath12k: fix cleanup path after mhi init (git-fixes).
- wifi: ath12k: fix invalid access to memory (git-fixes).
- wifi: ath12k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath12k: fix ring-buffer corruption (git-fixes).
- wifi: ath9k: return by of_get_mac_address (stable-fixes).
- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).
- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).
- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).
- wifi: iwlwifi: fix debug actions order (stable-fixes).
- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).
- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).
- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).
- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).
- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).
- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).
- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).
- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).
- wifi: mt76: mt7996: revise TXS size (stable-fixes).
- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).
- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).
- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).
- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).
- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).
- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (git-fixes).
- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).
- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).
- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).
- wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet (stable-fixes).
- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).
- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).
- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in
mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).
- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).
- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).
- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- xenfs/xensyms: respect hypervisor's "next" indication (git-fixes).
- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
- xhci: split free interrupter into separate remove and free parts (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- xsk: Do not assume metadata is always requested in TX completion (git-fixes).
- xsk: always clear DMA mapping information when unmapping the pool (git-fixes).
Patchnames
SUSE-SLE-Micro-6.1-kernel-42
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).\n- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).\n- CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728).\n- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).\n- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).\n- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).\n- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1237312).\n- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).\n- CVE-2025-21814: ptp: Ensure info-\u003eenable callback is always set (bsc#1238473).\n- CVE-2025-21868: kABI workaround for adding an header (bsc#1240180).\n- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).\n- CVE-2025-21938: mptcp: fix \u0027scheduling while atomic\u0027 in mptcp_pm_nl_append_new_local_addr (bsc#1240723).\n- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).\n- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).\n- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).\n- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).\n- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).\n- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).\n- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).\n- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).\n- CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617).\n- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).\n- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).\n- CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573).\n- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related\n to the scp device in FW initialization (bsc#1242507).\n- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).\n- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).\n- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).\n- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).\n- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).\n- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).\n- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).\n- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).\n- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).\n- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).\n- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).\n- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).\n- CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850).\n- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).\n- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).\n- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).\n- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).\n- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).\n- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).\n- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).\n- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).\n- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).\n- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).\n- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).\n- CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946).\n- CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982).\n- CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954).\n- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).\n- CVE-2025-37874: net: ngbe: fix memory leak in ngbe_probe() error path (bsc#1242940).\n- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).\n- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).\n- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).\n- CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475).\n- CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628).\n- CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU\u0027s value (bsc#1243537).\n- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).\n- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).\n- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).\n- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).\n- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).\n- CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572).\n- CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571).\n- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).\n- CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542).\n- CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836).\n- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).\n- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).\n\nThe following non-security bugs were fixed:\n\n- ACPI: HED: Always initialize before evged (stable-fixes).\n- ACPI: OSI: Stop advertising support for \"3.0 _SCP Extensions\" (git-fixes).\n- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).\n- ACPI: PPTT: Fix processor subtable walk (git-fixes).\n- ACPICA: Utilities: Fix spelling mistake \"Incremement\" -\u003e \"Increment\" (git-fixes).\n- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).\n- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).\n- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).\n- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).\n- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).\n- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).\n- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).\n- ALSA: seq: Improve data consistency at polling (stable-fixes).\n- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).\n- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).\n- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).\n- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).\n- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).\n- ASoC: SOF: ipc4-pcm: Adjust pipeline_list-\u003epipelines allocation type (git-fixes).\n- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).\n- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).\n- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).\n- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).\n- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).\n- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).\n- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).\n- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).\n- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).\n- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).\n- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).\n- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).\n- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).\n- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).\n- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).\n- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).\n- ASoC: tas2764: Enable main IRQs (git-fixes).\n- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).\n- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).\n- ASoC: tas2764: Reinit cache on part reset (git-fixes).\n- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).\n- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).\n- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).\n- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).\n- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).\n- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).\n- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).\n- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).\n- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).\n- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).\n- Documentation: fix typo in root= kernel parameter description (git-fixes).\n- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).\n- Drop AMDGPU patch that may cause regressions (bsc#1243782)\n- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).\n- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).\n- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).\n- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).\n- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).\n- IB/cm: use rwlock for MAD agent lock (git-fixes)\n- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).\n- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).\n- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).\n- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).\n- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).\n- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).\n- Input: xpad - add more controllers (stable-fixes).\n- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).\n- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).\n- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).\n- KVM: SVM: Drop DEBUGCTL[5:2] from guest\u0027s effective value (git-fixes).\n- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).\n- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).\n- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).\n- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).\n- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).\n- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).\n- KVM: arm64: Mark some header functions as inline (git-fixes).\n- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).\n- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).\n- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).\n- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).\n- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).\n- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).\n- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).\n- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).\n- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).\n- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).\n- KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199).\n- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).\n- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).\n- KVM: x86/xen: Use guest\u0027s copy of pvclock when starting timer (git-fixes).\n- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).\n- KVM: x86: Do not take kvm-\u003elock when iterating over vCPUs in suspend notifier (git-fixes).\n- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).\n- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn\u0027t supported by KVM (git-fixes).\n- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).\n- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).\n- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).\n- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).\n- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).\n- Move upstreamed patches into sorted section\n- Move upstreamed tpm patch into sorted section\n- NFS: Do not allow waiting for exiting tasks (git-fixes).\n- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).\n- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).\n- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn\u0027t up (git-fixes).\n- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).\n- NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes).\n- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).\n- NFSv4: Treat ENETUNREACH errors as fatal for state recovery (git-fixes).\n- PCI/DPC: Initialize aer_err_info before using it (git-fixes).\n- PCI: Explicitly put devices into D0 when initializing (git-fixes).\n- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).\n- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).\n- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).\n- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).\n- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).\n- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).\n- PCI: cadence: Fix runtime atomic count underflow (git-fixes).\n- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).\n- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).\n- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).\n- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).\n- PM: sleep: Print PM debug messages during hibernation (git-fixes).\n- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).\n- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)\n- RDMA/core: Fix \"KASAN: slab-use-after-free Read in ib_register_device\" problem (git-fixes)\n- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)\n- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)\n- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)\n- RDMA/rxe: Fix \"trying to register non-static key in rxe_qp_do_cleanup\" bug (git-fixes)\n- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)\n- Refresh fixes for cBPF issue (bsc#1242778)\n- Revert \"bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first\" (stable-fixes).\n- Revert \"drm/amd: Keep display off while going into S4\" (git-fixes).\n- Revert \"drm/amd: Stop evicting resources on APUs in suspend\" (stable-fixes).\n- Revert \"drm/amdgpu: do not allow userspace to create a doorbell BO\" (stable-fixes).\n- Revert \"rndis_host: Flag RNDIS modems as WWAN devices\" (git-fixes).\n- Revert \"wifi: mt76: mt7996: fill txd by host driver\" (stable-fixes).\n- SUNRPC: Do not allow waiting for exiting tasks (git-fixes).\n- SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes).\n- SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git-fixes).\n- SUNRPC: rpcbind should never reset the port to the value \u00270\u0027 (git-fixes).\n- Squashfs: check return result of sb_min_blocksize (git-fixes).\n- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).\n- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).\n- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).\n- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).\n- add bug reference for an existing hv_netvsc change (bsc#1243737).\n- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).\n- afs: Make it possible to find the volumes that are using a server (git-fixes).\n- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)\n- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)\n- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)\n- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)\n- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)\n- arm64: insn: Add support for encoding DSB (git-fixes)\n- arm64: proton-pack: Add new CPUs \u0027k\u0027 values for branch mitigation (git-fixes)\n- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)\n- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)\n- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).\n- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).\n- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).\n- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).\n- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).\n- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).\n- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).\n- bpf: Scrub packet on bpf_redirect_peer (git-fixes).\n- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).\n- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).\n- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).\n- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).\n- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).\n- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).\n- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).\n- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).\n- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).\n- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).\n- bus: fsl-mc: fix double-free on mc_dev (git-fixes).\n- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).\n- can: bcm: add locking for bcm_op runtime updates (git-fixes).\n- can: bcm: add missing rcu read protection for procfs content (git-fixes).\n- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).\n- can: slcan: allow reception of short error messages (git-fixes).\n- check-for-config-changes: Fix flag name typo\n- cifs: change tcon status when need_reconnect is set on it (git-fixes).\n- cifs: reduce warning log level for server not advertising interfaces (git-fixes).\n- crypto: algif_hash - fix double free in hash_accept (git-fixes).\n- crypto: lrw - Only add ecb if it is not already there (git-fixes).\n- crypto: lzo - Fix compression buffer overrun (stable-fixes).\n- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).\n- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).\n- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).\n- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).\n- crypto: qat - add shutdown handler to qat_420xx (git-fixes).\n- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).\n- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).\n- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).\n- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).\n- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).\n- crypto: xts - Only add ecb if it is not already there (git-fixes).\n- devlink: fix port new reply cmd type (git-fixes).\n- dlm: mask sk_shutdown value (bsc#1228854).\n- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).\n- dm-integrity: fix a warning on invalid table line (git-fixes).\n- dma-buf: insert memory barrier before updating num_fences (git-fixes).\n- dmaengine: Revert \"dmaengine: dmatest: Fix dmatest waiting less when interrupted\" (git-fixes).\n- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).\n- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).\n- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).\n- dmaengine: idxd: Fix -\u003epoll() return value (git-fixes).\n- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).\n- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).\n- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).\n- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).\n- dmaengine: mediatek: drop unused variable (git-fixes).\n- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).\n- dmaengine: ti: k3-udma: Add missing locking (git-fixes).\n- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).\n- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).\n- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).\n- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).\n- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).\n- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).\n- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).\n- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).\n- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).\n- drm/amd/display: Increase block_sequence array size (stable-fixes).\n- drm/amd/display: Initial psr_version with correct setting (stable-fixes).\n- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).\n- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).\n- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).\n- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).\n- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).\n- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).\n- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).\n- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).\n- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).\n- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).\n- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).\n- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).\n- drm/amdgpu: fix pm notifier handling (git-fixes).\n- drm/amdgpu: reset psp-\u003ecmd to NULL after releasing the buffer (stable-fixes).\n- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).\n- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).\n- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).\n- drm/ast: Find VBIOS mode from regular display size (stable-fixes).\n- drm/ast: Fix comment on modeset lock (git-fixes).\n- drm/atomic: clarify the rules around drm_atomic_state-\u003eallow_modeset (stable-fixes).\n- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).\n- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).\n- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).\n- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).\n- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).\n- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).\n- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).\n- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).\n- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).\n- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).\n- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).\n- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).\n- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).\n- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).\n- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).\n- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).\n- drm/tegra: Assign plane type before registration (git-fixes).\n- drm/tegra: Fix a possible null pointer dereference (git-fixes).\n- drm/tegra: rgb: Fix the unbound reference count (git-fixes).\n- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).\n- drm/v3d: Add clock handling (stable-fixes).\n- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).\n- drm/vc4: tests: Use return instead of assert (git-fixes).\n- drm/vkms: Adjust vkms_state-\u003eactive_planes allocation type (git-fixes).\n- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).\n- drm: Add valid clones check (stable-fixes).\n- drm: bridge: adv7511: fill stream capabilities (stable-fixes).\n- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).\n- exfat: fix potential wrong error return from get_block (git-fixes).\n- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).\n- fbdev/efifb: Remove PM for parent device (bsc#1244261).\n- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).\n- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).\n- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).\n- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).\n- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).\n- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).\n- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).\n- fpga: altera-cvp: Increase credit timeout (stable-fixes).\n- fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes).\n- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).\n- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).\n- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).\n- gpiolib: Revert \"Do not WARN on gpiod_put() for optional GPIO\" (stable-fixes).\n- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).\n- hv_netvsc: Remove rmsg_pgcnt (git-fixes).\n- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).\n- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).\n- hwmon: (dell-smm) Increment the number of fans (stable-fixes).\n- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).\n- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).\n- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).\n- i2c: pxa: fix call balance of i2c-\u003eclk handling routines (stable-fixes).\n- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).\n- i2c: tegra: check msg length in SMBUS block read (bsc#1242086)\n- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).\n- i3c: master: svc: Fix missing STOP for master request (stable-fixes).\n- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).\n- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).\n- idpf: fix offloads support for encapsulated packets (git-fixes).\n- idpf: fix potential memory leak on kcalloc() failure (git-fixes).\n- idpf: protect shutdown from reset (git-fixes).\n- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).\n- igc: fix lock order in igc_ptp_reset (git-fixes).\n- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).\n- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).\n- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).\n- iio: filter: admv8818: Support frequencies \u003e= 2^32 (git-fixes).\n- iio: filter: admv8818: fix band 4, state 15 (git-fixes).\n- iio: filter: admv8818: fix integer overflow (git-fixes).\n- iio: filter: admv8818: fix range calculation (git-fixes).\n- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).\n- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).\n- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).\n- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).\n- intel_th: avoid using deprecated page-\u003emapping, index fields (stable-fixes).\n- iommu: Protect against overflow in iommu_pgsize() (git-fixes).\n- ip6mr: fix tables suspicious RCU usage (git-fixes).\n- ip_tunnel: annotate data-races around t-\u003eparms.link (git-fixes).\n- ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes).\n- ipmr: fix tables suspicious RCU usage (git-fixes).\n- ipv4/route: avoid unused-but-set-variable warning (git-fixes).\n- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).\n- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).\n- ipv4: Convert ip_route_input() to dscp_t (git-fixes).\n- ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes).\n- ipv4: Fix incorrect source address in Record Route option (git-fixes).\n- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).\n- ipv4: fix source address selection with route leak (git-fixes).\n- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).\n- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).\n- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes). Both spellings are actually used\n- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).\n- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).\n- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).\n- ipv6: Align behavior across nexthops during path selection (git-fixes).\n- ipv6: Do not consider link down nexthops in path selection (git-fixes).\n- ipv6: Start path selection from the first nexthop (git-fixes).\n- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).\n- ipv6: save dontfrag in cork (git-fixes).\n- ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes).\n- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).\n- jffs2: check that raw node were preallocated before writing summary (git-fixes).\n- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).\n- jiffies: Define secs_to_jiffies() (bsc#1242993).\n- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).\n- kABI: ipv6: save dontfrag in cork (git-fixes).\n- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).\n- loop: Add sanity check for read/write_iter (git-fixes).\n- loop: aio inherit the ioprio of original request (git-fixes).\n- loop: do not require -\u003ewrite_iter for writable files in loop_configure (git-fixes).\n- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).\n- md/raid1,raid10: do not ignore IO flags (git-fixes).\n- md/raid10: fix missing discard IO accounting (git-fixes).\n- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).\n- md/raid1: Add check for missing source disk in process_checks() (git-fixes).\n- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).\n- md/raid5: implement pers-\u003ebitmap_sector() (git-fixes).\n- md: add a new callback pers-\u003ebitmap_sector() (git-fixes).\n- md: ensure resync is prioritized over recovery (git-fixes).\n- md: fix mddev uaf while iterating all_mddevs list (git-fixes).\n- md: preserve KABI in struct md_personality v2 (git-fixes).\n- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).\n- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).\n- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).\n- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).\n- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).\n- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).\n- media: cx231xx: set device_caps for 417 (stable-fixes).\n- media: cxusb: no longer judge rbuf when the write fails (git-fixes).\n- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).\n- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).\n- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).\n- media: imx-jpeg: Cleanup after an allocation error (git-fixes).\n- media: imx-jpeg: Drop the first error frames (git-fixes).\n- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).\n- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).\n- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).\n- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).\n- media: ov5675: suppress probe deferral errors (git-fixes).\n- media: ov8856: suppress probe deferral errors (git-fixes).\n- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).\n- media: rkvdec: Fix frame size enumeration (git-fixes).\n- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).\n- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).\n- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).\n- media: uvcvideo: Fix deferred probing error (git-fixes).\n- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).\n- media: uvcvideo: Return the number of processed controls (git-fixes).\n- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).\n- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).\n- media: venus: Fix probe error handling (git-fixes).\n- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).\n- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).\n- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).\n- media: vivid: Change the siize of the composing (git-fixes).\n- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).\n- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).\n- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).\n- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).\n- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).\n- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).\n- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).\n- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).\n- mtd: phram: Add the kernel lock down check (bsc#1232649).\n- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).\n- neighbour: Do not let neigh_forced_gc() disable preemption for long (git-fixes).\n- neighbour: delete redundant judgment statements (git-fixes).\n- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).\n- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).\n- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).\n- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).\n- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).\n- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).\n- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).\n- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).\n- net/neighbor: clear error in case strict check is not set (git-fixes).\n- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).\n- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).\n- net: Handle napi_schedule() calls from non-interrupt (git-fixes).\n- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).\n- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes).\n- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).\n- net: add rcu safety to rtnl_prop_list_size() (git-fixes).\n- net: do not dump stack on queue timeout (git-fixes).\n- net: fix udp gso skb_segment after pull from frag_list (git-fixes).\n- net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes).\n- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).\n- net: ipv4: fix a memleak in ip_setup_cork (git-fixes).\n- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).\n- net: linkwatch: use system_unbound_wq (git-fixes).\n- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).\n- net: page_pool: fix warning code (git-fixes).\n- net: phy: clear phydev-\u003edevlink when the link is deleted (git-fixes).\n- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).\n- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).\n- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).\n- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).\n- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).\n- net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes).\n- net: sched: consistently use rcu_replace_pointer() in taprio_change() (git-fixes).\n- net: sched: em_text: fix possible memory leak in em_text_destroy() (git-fixes).\n- net: sched: fix erspan_opt settings in cls_flower (git-fixes).\n- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).\n- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).\n- net: usb: aqc111: debug info before sanitation (git-fixes).\n- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).\n- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).\n- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)\n- netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).\n- netdev-genl: avoid empty messages in queue dump (git-fixes).\n- netdev: fix repeated netlink messages in queue dump (git-fixes).\n- netlink: annotate data-races around sk-\u003esk_err (git-fixes).\n- netpoll: Ensure clean state on setup failures (git-fixes).\n- netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes).\n- netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).\n- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).\n- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).\n- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).\n- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).\n- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).\n- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).\n- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).\n- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).\n- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).\n- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).\n- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).\n- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).\n- nvme: Add \u0027partial_nid\u0027 quirk (bsc#1241148).\n- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).\n- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).\n- nvme: multipath: fix return value of nvme_available_path (git-fixes).\n- nvme: re-read ANA log page after ns scan completes (git-fixes).\n- nvme: requeue namespace scan on missed AENs (git-fixes).\n- nvme: unblock ctrl state transition for firmware update (git-fixes).\n- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).\n- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).\n- nvmet-fc: put ref when assoc-\u003edel_work is already scheduled (git-fixes).\n- nvmet-fc: take tgtport reference only once (git-fixes).\n- nvmet-fc: update tgtport ref per assoc (git-fixes).\n- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).\n- nvmet-fcloop: add ref counting to lport (git-fixes).\n- nvmet-fcloop: replace kref with refcount (git-fixes).\n- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).\n- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).\n- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).\n- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).\n- orangefs: Do not truncate file size (git-fixes).\n- pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes).\n- padata: do not leak refcount in reorder_work (git-fixes).\n- page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes).\n- phy: Fix error handling in tegra_xusb_port_init (git-fixes).\n- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).\n- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).\n- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).\n- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).\n- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).\n- phy: tegra: xusb: remove a stray unlock (git-fixes).\n- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).\n- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).\n- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs \u003e 31 (git-fixes).\n- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).\n- pinctrl: bcm281xx: Use \"unsigned int\" instead of bare \"unsigned\" (stable-fixes).\n- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).\n- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).\n- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).\n- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).\n- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes).\n- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).\n- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).\n- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes).\n- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).\n- power: reset: at91-reset: Optimize at91_reset() (git-fixes).\n- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).\n- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).\n- powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199).\n- pstore: Change kmsg_bytes storage size to u32 (git-fixes).\n- qibfs: fix _another_ leak (git-fixes)\n- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)\n- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)\n- rcu: Break rcu_node_0 --\u003e \u0026rq-\u003e__lock order (git-fixes)\n- rcu: Introduce rcu_cpu_online() (git-fixes)\n- regulator: ad5398: Add device tree support (stable-fixes).\n- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).\n- regulator: max20086: Change enable gpio to optional (git-fixes).\n- regulator: max20086: Fix MAX200086 chip id (git-fixes).\n- regulator: max20086: fix invalid memory access (git-fixes).\n- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN\n- rtc: Fix offset calculation for .start_secs \u0026lt; 0 (git-fixes).\n- rtc: at91rm9200: drop unused module alias (git-fixes).\n- rtc: cpcap: drop unused module alias (git-fixes).\n- rtc: da9063: drop unused module alias (git-fixes).\n- rtc: ds1307: stop disabling alarms on probe (stable-fixes).\n- rtc: jz4740: drop unused module alias (git-fixes).\n- rtc: pm8xxx: drop unused module alias (git-fixes).\n- rtc: rv3032: fix EERD location (stable-fixes).\n- rtc: s3c: drop unused module alias (git-fixes).\n- rtc: sh: assign correct interrupts with DT (git-fixes).\n- rtc: stm32: drop unused module alias (git-fixes).\n- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).\n- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).\n- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).\n- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).\n- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).\n- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).\n- s390/pci: Serialize device addition and removal (bsc#1244145).\n- s390/pci: introduce lock to synchronize state of zpci_dev\u0027s (jsc#PED-10253 bsc#1244145).\n- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).\n- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).\n- scsi: Improve CDL control (git-fixes).\n- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).\n- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).\n- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).\n- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).\n- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).\n- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).\n- scsi: lpfc: Fix spelling mistake \u0027Toplogy\u0027 -\u003e \u0027Topology\u0027 (bsc#1242993).\n- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).\n- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).\n- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).\n- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).\n- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).\n- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).\n- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).\n- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).\n- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).\n- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).\n- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).\n- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).\n- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).\n- selftests/mm: fix incorrect buffer-\u003emirror size in hmm2 double_map test (bsc#1242203).\n- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).\n- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).\n- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).\n- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).\n- serial: sh-sci: Save and restore more registers (git-fixes).\n- serial: sh-sci: Update the suspend/resume support (stable-fixes).\n- smb3: fix Open files on server counter going negative (git-fixes).\n- smb: client: Use str_yes_no() helper function (git-fixes).\n- smb: client: allow more DFS referrals to be cached (git-fixes).\n- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).\n- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).\n- smb: client: do not retry DFS targets on server shutdown (git-fixes).\n- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).\n- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).\n- smb: client: fix DFS interlink failover (git-fixes).\n- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).\n- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).\n- smb: client: fix potential race in cifs_put_tcon() (git-fixes).\n- smb: client: fix return value of parse_dfs_referrals() (git-fixes).\n- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).\n- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).\n- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).\n- smb: client: improve purging of cached referrals (git-fixes).\n- smb: client: introduce av_for_each_entry() helper (git-fixes).\n- smb: client: optimize referral walk on failed link targets (git-fixes).\n- smb: client: parse DNS domain name from domain= option (git-fixes).\n- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).\n- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).\n- smb: client: refresh referral without acquiring refpath_lock (git-fixes).\n- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).\n- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).\n- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).\n- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).\n- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).\n- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).\n- spi-rockchip: Fix register out of bounds access (stable-fixes).\n- spi: bcm63xx-hsspi: fix shared reset (git-fixes).\n- spi: bcm63xx-spi: fix shared reset (git-fixes).\n- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).\n- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).\n- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).\n- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).\n- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).\n- spi: spi-sun4i: fix early activation (stable-fixes).\n- spi: tegra114: Use value to check for invalid delays (git-fixes).\n- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).\n- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).\n- spi: tegra210-quad: remove redundant error handling code (git-fixes).\n- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).\n- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).\n- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (git-fixes).\n- tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).\n- tcp/dccp: complete lockless accesses to sk-\u003esk_max_ack_backlog (git-fixes).\n- tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes).\n- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).\n- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).\n- tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).\n- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).\n- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).\n- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).\n- thunderbolt: Fix a logic error in wake on connect (git-fixes).\n- udp: annotate data-races around up-\u003epending (git-fixes).\n- udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (git-fixes).\n- udp: fix receiving fraglist GSO packets (git-fixes).\n- udp: preserve the connected status if only UDP cmsg (git-fixes).\n- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).\n- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).\n- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).\n- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).\n- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).\n- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).\n- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).\n- usb: usbtmc: Fix timeout value in get_stb (git-fixes).\n- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).\n- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).\n- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).\n- virtio_console: fix missing byte order handling for cols and rows (git-fixes).\n- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).\n- watchdog: exar: Shorten identity name to fit correctly (git-fixes).\n- wifi: ath11k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath11k: fix ring-buffer corruption (git-fixes).\n- wifi: ath11k: fix rx completion meta data corruption (git-fixes).\n- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).\n- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).\n- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).\n- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).\n- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).\n- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).\n- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).\n- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).\n- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).\n- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).\n- wifi: ath12k: fix cleanup path after mhi init (git-fixes).\n- wifi: ath12k: fix invalid access to memory (git-fixes).\n- wifi: ath12k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath12k: fix ring-buffer corruption (git-fixes).\n- wifi: ath9k: return by of_get_mac_address (stable-fixes).\n- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).\n- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).\n- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).\n- wifi: iwlwifi: fix debug actions order (stable-fixes).\n- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).\n- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).\n- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).\n- wifi: mt76: disable napi on driver removal (git-fixes).\n- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).\n- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).\n- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).\n- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).\n- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).\n- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).\n- wifi: mt76: mt7996: revise TXS size (stable-fixes).\n- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).\n- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).\n- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).\n- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).\n- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).\n- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).\n- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).\n- wifi: rtw88: fix the \u0027para\u0027 buffer size to avoid reading out of bounds (git-fixes).\n- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).\n- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).\n- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).\n- wifi: rtw89: add wiphy_lock() to work that isn\u0027t held wiphy_lock() yet (stable-fixes).\n- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).\n- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).\n- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in\n mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).\n- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).\n- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).\n- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).\n- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).\n- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).\n- x86/xen: move xen_reserve_extra_memory() (git-fixes).\n- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).\n- xen: Change xen-acpi-processor dom0 dependency (git-fixes).\n- xenfs/xensyms: respect hypervisor\u0027s \"next\" indication (git-fixes).\n- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).\n- xhci: split free interrupter into separate remove and free parts (git-fixes).\n- xsk: Add truesize to skb_add_rx_frag() (git-fixes).\n- xsk: Do not assume metadata is always requested in TX completion (git-fixes).\n- xsk: always clear DMA mapping information when unmapping the pool (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-42",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20421-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20421-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520421-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20421-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040394.html"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1220112",
"url": "https://bugzilla.suse.com/1220112"
},
{
"category": "self",
"summary": "SUSE Bug 1223096",
"url": "https://bugzilla.suse.com/1223096"
},
{
"category": "self",
"summary": "SUSE Bug 1226498",
"url": "https://bugzilla.suse.com/1226498"
},
{
"category": "self",
"summary": "SUSE Bug 1228557",
"url": "https://bugzilla.suse.com/1228557"
},
{
"category": "self",
"summary": "SUSE Bug 1228854",
"url": "https://bugzilla.suse.com/1228854"
},
{
"category": "self",
"summary": "SUSE Bug 1229491",
"url": "https://bugzilla.suse.com/1229491"
},
{
"category": "self",
"summary": "SUSE Bug 1230581",
"url": "https://bugzilla.suse.com/1230581"
},
{
"category": "self",
"summary": "SUSE Bug 1231016",
"url": "https://bugzilla.suse.com/1231016"
},
{
"category": "self",
"summary": "SUSE Bug 1232504",
"url": "https://bugzilla.suse.com/1232504"
},
{
"category": "self",
"summary": "SUSE Bug 1232649",
"url": "https://bugzilla.suse.com/1232649"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1233192",
"url": "https://bugzilla.suse.com/1233192"
},
{
"category": "self",
"summary": "SUSE Bug 1234154",
"url": "https://bugzilla.suse.com/1234154"
},
{
"category": "self",
"summary": "SUSE Bug 1235149",
"url": "https://bugzilla.suse.com/1235149"
},
{
"category": "self",
"summary": "SUSE Bug 1235728",
"url": "https://bugzilla.suse.com/1235728"
},
{
"category": "self",
"summary": "SUSE Bug 1235968",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "self",
"summary": "SUSE Bug 1236142",
"url": "https://bugzilla.suse.com/1236142"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238473",
"url": "https://bugzilla.suse.com/1238473"
},
{
"category": "self",
"summary": "SUSE Bug 1238774",
"url": "https://bugzilla.suse.com/1238774"
},
{
"category": "self",
"summary": "SUSE Bug 1238992",
"url": "https://bugzilla.suse.com/1238992"
},
{
"category": "self",
"summary": "SUSE Bug 1239691",
"url": "https://bugzilla.suse.com/1239691"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1240180",
"url": "https://bugzilla.suse.com/1240180"
},
{
"category": "self",
"summary": "SUSE Bug 1240593",
"url": "https://bugzilla.suse.com/1240593"
},
{
"category": "self",
"summary": "SUSE Bug 1240723",
"url": "https://bugzilla.suse.com/1240723"
},
{
"category": "self",
"summary": "SUSE Bug 1240823",
"url": "https://bugzilla.suse.com/1240823"
},
{
"category": "self",
"summary": "SUSE Bug 1240866",
"url": "https://bugzilla.suse.com/1240866"
},
{
"category": "self",
"summary": "SUSE Bug 1240966",
"url": "https://bugzilla.suse.com/1240966"
},
{
"category": "self",
"summary": "SUSE Bug 1241148",
"url": "https://bugzilla.suse.com/1241148"
},
{
"category": "self",
"summary": "SUSE Bug 1241282",
"url": "https://bugzilla.suse.com/1241282"
},
{
"category": "self",
"summary": "SUSE Bug 1241305",
"url": "https://bugzilla.suse.com/1241305"
},
{
"category": "self",
"summary": "SUSE Bug 1241340",
"url": "https://bugzilla.suse.com/1241340"
},
{
"category": "self",
"summary": "SUSE Bug 1241351",
"url": "https://bugzilla.suse.com/1241351"
},
{
"category": "self",
"summary": "SUSE Bug 1241376",
"url": "https://bugzilla.suse.com/1241376"
},
{
"category": "self",
"summary": "SUSE Bug 1241448",
"url": "https://bugzilla.suse.com/1241448"
},
{
"category": "self",
"summary": "SUSE Bug 1241457",
"url": "https://bugzilla.suse.com/1241457"
},
{
"category": "self",
"summary": "SUSE Bug 1241492",
"url": "https://bugzilla.suse.com/1241492"
},
{
"category": "self",
"summary": "SUSE Bug 1241519",
"url": "https://bugzilla.suse.com/1241519"
},
{
"category": "self",
"summary": "SUSE Bug 1241525",
"url": "https://bugzilla.suse.com/1241525"
},
{
"category": "self",
"summary": "SUSE Bug 1241533",
"url": "https://bugzilla.suse.com/1241533"
},
{
"category": "self",
"summary": "SUSE Bug 1241538",
"url": "https://bugzilla.suse.com/1241538"
},
{
"category": "self",
"summary": "SUSE Bug 1241576",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "self",
"summary": "SUSE Bug 1241590",
"url": "https://bugzilla.suse.com/1241590"
},
{
"category": "self",
"summary": "SUSE Bug 1241595",
"url": "https://bugzilla.suse.com/1241595"
},
{
"category": "self",
"summary": "SUSE Bug 1241596",
"url": "https://bugzilla.suse.com/1241596"
},
{
"category": "self",
"summary": "SUSE Bug 1241597",
"url": "https://bugzilla.suse.com/1241597"
},
{
"category": "self",
"summary": "SUSE Bug 1241617",
"url": "https://bugzilla.suse.com/1241617"
},
{
"category": "self",
"summary": "SUSE Bug 1241625",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "self",
"summary": "SUSE Bug 1241627",
"url": "https://bugzilla.suse.com/1241627"
},
{
"category": "self",
"summary": "SUSE Bug 1241635",
"url": "https://bugzilla.suse.com/1241635"
},
{
"category": "self",
"summary": "SUSE Bug 1241638",
"url": "https://bugzilla.suse.com/1241638"
},
{
"category": "self",
"summary": "SUSE Bug 1241644",
"url": "https://bugzilla.suse.com/1241644"
},
{
"category": "self",
"summary": "SUSE Bug 1241654",
"url": "https://bugzilla.suse.com/1241654"
},
{
"category": "self",
"summary": "SUSE Bug 1241657",
"url": "https://bugzilla.suse.com/1241657"
},
{
"category": "self",
"summary": "SUSE Bug 1242012",
"url": "https://bugzilla.suse.com/1242012"
},
{
"category": "self",
"summary": "SUSE Bug 1242035",
"url": "https://bugzilla.suse.com/1242035"
},
{
"category": "self",
"summary": "SUSE Bug 1242044",
"url": "https://bugzilla.suse.com/1242044"
},
{
"category": "self",
"summary": "SUSE Bug 1242086",
"url": "https://bugzilla.suse.com/1242086"
},
{
"category": "self",
"summary": "SUSE Bug 1242163",
"url": "https://bugzilla.suse.com/1242163"
},
{
"category": "self",
"summary": "SUSE Bug 1242203",
"url": "https://bugzilla.suse.com/1242203"
},
{
"category": "self",
"summary": "SUSE Bug 1242343",
"url": "https://bugzilla.suse.com/1242343"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242417",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "self",
"summary": "SUSE Bug 1242501",
"url": "https://bugzilla.suse.com/1242501"
},
{
"category": "self",
"summary": "SUSE Bug 1242502",
"url": "https://bugzilla.suse.com/1242502"
},
{
"category": "self",
"summary": "SUSE Bug 1242504",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "self",
"summary": "SUSE Bug 1242506",
"url": "https://bugzilla.suse.com/1242506"
},
{
"category": "self",
"summary": "SUSE Bug 1242507",
"url": "https://bugzilla.suse.com/1242507"
},
{
"category": "self",
"summary": "SUSE Bug 1242509",
"url": "https://bugzilla.suse.com/1242509"
},
{
"category": "self",
"summary": "SUSE Bug 1242510",
"url": "https://bugzilla.suse.com/1242510"
},
{
"category": "self",
"summary": "SUSE Bug 1242512",
"url": "https://bugzilla.suse.com/1242512"
},
{
"category": "self",
"summary": "SUSE Bug 1242513",
"url": "https://bugzilla.suse.com/1242513"
},
{
"category": "self",
"summary": "SUSE Bug 1242514",
"url": "https://bugzilla.suse.com/1242514"
},
{
"category": "self",
"summary": "SUSE Bug 1242520",
"url": "https://bugzilla.suse.com/1242520"
},
{
"category": "self",
"summary": "SUSE Bug 1242523",
"url": "https://bugzilla.suse.com/1242523"
},
{
"category": "self",
"summary": "SUSE Bug 1242524",
"url": "https://bugzilla.suse.com/1242524"
},
{
"category": "self",
"summary": "SUSE Bug 1242529",
"url": "https://bugzilla.suse.com/1242529"
},
{
"category": "self",
"summary": "SUSE Bug 1242530",
"url": "https://bugzilla.suse.com/1242530"
},
{
"category": "self",
"summary": "SUSE Bug 1242531",
"url": "https://bugzilla.suse.com/1242531"
},
{
"category": "self",
"summary": "SUSE Bug 1242532",
"url": "https://bugzilla.suse.com/1242532"
},
{
"category": "self",
"summary": "SUSE Bug 1242559",
"url": "https://bugzilla.suse.com/1242559"
},
{
"category": "self",
"summary": "SUSE Bug 1242563",
"url": "https://bugzilla.suse.com/1242563"
},
{
"category": "self",
"summary": "SUSE Bug 1242564",
"url": "https://bugzilla.suse.com/1242564"
},
{
"category": "self",
"summary": "SUSE Bug 1242565",
"url": "https://bugzilla.suse.com/1242565"
},
{
"category": "self",
"summary": "SUSE Bug 1242566",
"url": "https://bugzilla.suse.com/1242566"
},
{
"category": "self",
"summary": "SUSE Bug 1242567",
"url": "https://bugzilla.suse.com/1242567"
},
{
"category": "self",
"summary": "SUSE Bug 1242568",
"url": "https://bugzilla.suse.com/1242568"
},
{
"category": "self",
"summary": "SUSE Bug 1242569",
"url": "https://bugzilla.suse.com/1242569"
},
{
"category": "self",
"summary": "SUSE Bug 1242573",
"url": "https://bugzilla.suse.com/1242573"
},
{
"category": "self",
"summary": "SUSE Bug 1242574",
"url": "https://bugzilla.suse.com/1242574"
},
{
"category": "self",
"summary": "SUSE Bug 1242575",
"url": "https://bugzilla.suse.com/1242575"
},
{
"category": "self",
"summary": "SUSE Bug 1242578",
"url": "https://bugzilla.suse.com/1242578"
},
{
"category": "self",
"summary": "SUSE Bug 1242584",
"url": "https://bugzilla.suse.com/1242584"
},
{
"category": "self",
"summary": "SUSE Bug 1242585",
"url": "https://bugzilla.suse.com/1242585"
},
{
"category": "self",
"summary": "SUSE Bug 1242587",
"url": "https://bugzilla.suse.com/1242587"
},
{
"category": "self",
"summary": "SUSE Bug 1242591",
"url": "https://bugzilla.suse.com/1242591"
},
{
"category": "self",
"summary": "SUSE Bug 1242709",
"url": "https://bugzilla.suse.com/1242709"
},
{
"category": "self",
"summary": "SUSE Bug 1242727",
"url": "https://bugzilla.suse.com/1242727"
},
{
"category": "self",
"summary": "SUSE Bug 1242758",
"url": "https://bugzilla.suse.com/1242758"
},
{
"category": "self",
"summary": "SUSE Bug 1242760",
"url": "https://bugzilla.suse.com/1242760"
},
{
"category": "self",
"summary": "SUSE Bug 1242761",
"url": "https://bugzilla.suse.com/1242761"
},
{
"category": "self",
"summary": "SUSE Bug 1242762",
"url": "https://bugzilla.suse.com/1242762"
},
{
"category": "self",
"summary": "SUSE Bug 1242763",
"url": "https://bugzilla.suse.com/1242763"
},
{
"category": "self",
"summary": "SUSE Bug 1242764",
"url": "https://bugzilla.suse.com/1242764"
},
{
"category": "self",
"summary": "SUSE Bug 1242766",
"url": "https://bugzilla.suse.com/1242766"
},
{
"category": "self",
"summary": "SUSE Bug 1242770",
"url": "https://bugzilla.suse.com/1242770"
},
{
"category": "self",
"summary": "SUSE Bug 1242778",
"url": "https://bugzilla.suse.com/1242778"
},
{
"category": "self",
"summary": "SUSE Bug 1242781",
"url": "https://bugzilla.suse.com/1242781"
},
{
"category": "self",
"summary": "SUSE Bug 1242782",
"url": "https://bugzilla.suse.com/1242782"
},
{
"category": "self",
"summary": "SUSE Bug 1242785",
"url": "https://bugzilla.suse.com/1242785"
},
{
"category": "self",
"summary": "SUSE Bug 1242786",
"url": "https://bugzilla.suse.com/1242786"
},
{
"category": "self",
"summary": "SUSE Bug 1242792",
"url": "https://bugzilla.suse.com/1242792"
},
{
"category": "self",
"summary": "SUSE Bug 1242846",
"url": "https://bugzilla.suse.com/1242846"
},
{
"category": "self",
"summary": "SUSE Bug 1242849",
"url": "https://bugzilla.suse.com/1242849"
},
{
"category": "self",
"summary": "SUSE Bug 1242850",
"url": "https://bugzilla.suse.com/1242850"
},
{
"category": "self",
"summary": "SUSE Bug 1242852",
"url": "https://bugzilla.suse.com/1242852"
},
{
"category": "self",
"summary": "SUSE Bug 1242854",
"url": "https://bugzilla.suse.com/1242854"
},
{
"category": "self",
"summary": "SUSE Bug 1242856",
"url": "https://bugzilla.suse.com/1242856"
},
{
"category": "self",
"summary": "SUSE Bug 1242859",
"url": "https://bugzilla.suse.com/1242859"
},
{
"category": "self",
"summary": "SUSE Bug 1242860",
"url": "https://bugzilla.suse.com/1242860"
},
{
"category": "self",
"summary": "SUSE Bug 1242861",
"url": "https://bugzilla.suse.com/1242861"
},
{
"category": "self",
"summary": "SUSE Bug 1242866",
"url": "https://bugzilla.suse.com/1242866"
},
{
"category": "self",
"summary": "SUSE Bug 1242867",
"url": "https://bugzilla.suse.com/1242867"
},
{
"category": "self",
"summary": "SUSE Bug 1242868",
"url": "https://bugzilla.suse.com/1242868"
},
{
"category": "self",
"summary": "SUSE Bug 1242871",
"url": "https://bugzilla.suse.com/1242871"
},
{
"category": "self",
"summary": "SUSE Bug 1242873",
"url": "https://bugzilla.suse.com/1242873"
},
{
"category": "self",
"summary": "SUSE Bug 1242875",
"url": "https://bugzilla.suse.com/1242875"
},
{
"category": "self",
"summary": "SUSE Bug 1242906",
"url": "https://bugzilla.suse.com/1242906"
},
{
"category": "self",
"summary": "SUSE Bug 1242908",
"url": "https://bugzilla.suse.com/1242908"
},
{
"category": "self",
"summary": "SUSE Bug 1242924",
"url": "https://bugzilla.suse.com/1242924"
},
{
"category": "self",
"summary": "SUSE Bug 1242930",
"url": "https://bugzilla.suse.com/1242930"
},
{
"category": "self",
"summary": "SUSE Bug 1242940",
"url": "https://bugzilla.suse.com/1242940"
},
{
"category": "self",
"summary": "SUSE Bug 1242944",
"url": "https://bugzilla.suse.com/1242944"
},
{
"category": "self",
"summary": "SUSE Bug 1242945",
"url": "https://bugzilla.suse.com/1242945"
},
{
"category": "self",
"summary": "SUSE Bug 1242946",
"url": "https://bugzilla.suse.com/1242946"
},
{
"category": "self",
"summary": "SUSE Bug 1242948",
"url": "https://bugzilla.suse.com/1242948"
},
{
"category": "self",
"summary": "SUSE Bug 1242949",
"url": "https://bugzilla.suse.com/1242949"
},
{
"category": "self",
"summary": "SUSE Bug 1242951",
"url": "https://bugzilla.suse.com/1242951"
},
{
"category": "self",
"summary": "SUSE Bug 1242953",
"url": "https://bugzilla.suse.com/1242953"
},
{
"category": "self",
"summary": "SUSE Bug 1242954",
"url": "https://bugzilla.suse.com/1242954"
},
{
"category": "self",
"summary": "SUSE Bug 1242955",
"url": "https://bugzilla.suse.com/1242955"
},
{
"category": "self",
"summary": "SUSE Bug 1242957",
"url": "https://bugzilla.suse.com/1242957"
},
{
"category": "self",
"summary": "SUSE Bug 1242959",
"url": "https://bugzilla.suse.com/1242959"
},
{
"category": "self",
"summary": "SUSE Bug 1242961",
"url": "https://bugzilla.suse.com/1242961"
},
{
"category": "self",
"summary": "SUSE Bug 1242962",
"url": "https://bugzilla.suse.com/1242962"
},
{
"category": "self",
"summary": "SUSE Bug 1242973",
"url": "https://bugzilla.suse.com/1242973"
},
{
"category": "self",
"summary": "SUSE Bug 1242974",
"url": "https://bugzilla.suse.com/1242974"
},
{
"category": "self",
"summary": "SUSE Bug 1242977",
"url": "https://bugzilla.suse.com/1242977"
},
{
"category": "self",
"summary": "SUSE Bug 1242982",
"url": "https://bugzilla.suse.com/1242982"
},
{
"category": "self",
"summary": "SUSE Bug 1242990",
"url": "https://bugzilla.suse.com/1242990"
},
{
"category": "self",
"summary": "SUSE Bug 1242993",
"url": "https://bugzilla.suse.com/1242993"
},
{
"category": "self",
"summary": "SUSE Bug 1243000",
"url": "https://bugzilla.suse.com/1243000"
},
{
"category": "self",
"summary": "SUSE Bug 1243006",
"url": "https://bugzilla.suse.com/1243006"
},
{
"category": "self",
"summary": "SUSE Bug 1243011",
"url": "https://bugzilla.suse.com/1243011"
},
{
"category": "self",
"summary": "SUSE Bug 1243015",
"url": "https://bugzilla.suse.com/1243015"
},
{
"category": "self",
"summary": "SUSE Bug 1243044",
"url": "https://bugzilla.suse.com/1243044"
},
{
"category": "self",
"summary": "SUSE Bug 1243049",
"url": "https://bugzilla.suse.com/1243049"
},
{
"category": "self",
"summary": "SUSE Bug 1243056",
"url": "https://bugzilla.suse.com/1243056"
},
{
"category": "self",
"summary": "SUSE Bug 1243074",
"url": "https://bugzilla.suse.com/1243074"
},
{
"category": "self",
"summary": "SUSE Bug 1243076",
"url": "https://bugzilla.suse.com/1243076"
},
{
"category": "self",
"summary": "SUSE Bug 1243077",
"url": "https://bugzilla.suse.com/1243077"
},
{
"category": "self",
"summary": "SUSE Bug 1243082",
"url": "https://bugzilla.suse.com/1243082"
},
{
"category": "self",
"summary": "SUSE Bug 1243090",
"url": "https://bugzilla.suse.com/1243090"
},
{
"category": "self",
"summary": "SUSE Bug 1243330",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243456",
"url": "https://bugzilla.suse.com/1243456"
},
{
"category": "self",
"summary": "SUSE Bug 1243469",
"url": "https://bugzilla.suse.com/1243469"
},
{
"category": "self",
"summary": "SUSE Bug 1243470",
"url": "https://bugzilla.suse.com/1243470"
},
{
"category": "self",
"summary": "SUSE Bug 1243471",
"url": "https://bugzilla.suse.com/1243471"
},
{
"category": "self",
"summary": "SUSE Bug 1243472",
"url": "https://bugzilla.suse.com/1243472"
},
{
"category": "self",
"summary": "SUSE Bug 1243473",
"url": "https://bugzilla.suse.com/1243473"
},
{
"category": "self",
"summary": "SUSE Bug 1243475",
"url": "https://bugzilla.suse.com/1243475"
},
{
"category": "self",
"summary": "SUSE Bug 1243476",
"url": "https://bugzilla.suse.com/1243476"
},
{
"category": "self",
"summary": "SUSE Bug 1243509",
"url": "https://bugzilla.suse.com/1243509"
},
{
"category": "self",
"summary": "SUSE Bug 1243511",
"url": "https://bugzilla.suse.com/1243511"
},
{
"category": "self",
"summary": "SUSE Bug 1243513",
"url": "https://bugzilla.suse.com/1243513"
},
{
"category": "self",
"summary": "SUSE Bug 1243515",
"url": "https://bugzilla.suse.com/1243515"
},
{
"category": "self",
"summary": "SUSE Bug 1243516",
"url": "https://bugzilla.suse.com/1243516"
},
{
"category": "self",
"summary": "SUSE Bug 1243517",
"url": "https://bugzilla.suse.com/1243517"
},
{
"category": "self",
"summary": "SUSE Bug 1243519",
"url": "https://bugzilla.suse.com/1243519"
},
{
"category": "self",
"summary": "SUSE Bug 1243522",
"url": "https://bugzilla.suse.com/1243522"
},
{
"category": "self",
"summary": "SUSE Bug 1243524",
"url": "https://bugzilla.suse.com/1243524"
},
{
"category": "self",
"summary": "SUSE Bug 1243528",
"url": "https://bugzilla.suse.com/1243528"
},
{
"category": "self",
"summary": "SUSE Bug 1243529",
"url": "https://bugzilla.suse.com/1243529"
},
{
"category": "self",
"summary": "SUSE Bug 1243530",
"url": "https://bugzilla.suse.com/1243530"
},
{
"category": "self",
"summary": "SUSE Bug 1243534",
"url": "https://bugzilla.suse.com/1243534"
},
{
"category": "self",
"summary": "SUSE Bug 1243536",
"url": "https://bugzilla.suse.com/1243536"
},
{
"category": "self",
"summary": "SUSE Bug 1243537",
"url": "https://bugzilla.suse.com/1243537"
},
{
"category": "self",
"summary": "SUSE Bug 1243539",
"url": "https://bugzilla.suse.com/1243539"
},
{
"category": "self",
"summary": "SUSE Bug 1243540",
"url": "https://bugzilla.suse.com/1243540"
},
{
"category": "self",
"summary": "SUSE Bug 1243541",
"url": "https://bugzilla.suse.com/1243541"
},
{
"category": "self",
"summary": "SUSE Bug 1243542",
"url": "https://bugzilla.suse.com/1243542"
},
{
"category": "self",
"summary": "SUSE Bug 1243543",
"url": "https://bugzilla.suse.com/1243543"
},
{
"category": "self",
"summary": "SUSE Bug 1243545",
"url": "https://bugzilla.suse.com/1243545"
},
{
"category": "self",
"summary": "SUSE Bug 1243547",
"url": "https://bugzilla.suse.com/1243547"
},
{
"category": "self",
"summary": "SUSE Bug 1243559",
"url": "https://bugzilla.suse.com/1243559"
},
{
"category": "self",
"summary": "SUSE Bug 1243560",
"url": "https://bugzilla.suse.com/1243560"
},
{
"category": "self",
"summary": "SUSE Bug 1243562",
"url": "https://bugzilla.suse.com/1243562"
},
{
"category": "self",
"summary": "SUSE Bug 1243567",
"url": "https://bugzilla.suse.com/1243567"
},
{
"category": "self",
"summary": "SUSE Bug 1243571",
"url": "https://bugzilla.suse.com/1243571"
},
{
"category": "self",
"summary": "SUSE Bug 1243572",
"url": "https://bugzilla.suse.com/1243572"
},
{
"category": "self",
"summary": "SUSE Bug 1243573",
"url": "https://bugzilla.suse.com/1243573"
},
{
"category": "self",
"summary": "SUSE Bug 1243574",
"url": "https://bugzilla.suse.com/1243574"
},
{
"category": "self",
"summary": "SUSE Bug 1243575",
"url": "https://bugzilla.suse.com/1243575"
},
{
"category": "self",
"summary": "SUSE Bug 1243589",
"url": "https://bugzilla.suse.com/1243589"
},
{
"category": "self",
"summary": "SUSE Bug 1243621",
"url": "https://bugzilla.suse.com/1243621"
},
{
"category": "self",
"summary": "SUSE Bug 1243624",
"url": "https://bugzilla.suse.com/1243624"
},
{
"category": "self",
"summary": "SUSE Bug 1243625",
"url": "https://bugzilla.suse.com/1243625"
},
{
"category": "self",
"summary": "SUSE Bug 1243626",
"url": "https://bugzilla.suse.com/1243626"
},
{
"category": "self",
"summary": "SUSE Bug 1243627",
"url": "https://bugzilla.suse.com/1243627"
},
{
"category": "self",
"summary": "SUSE Bug 1243628",
"url": "https://bugzilla.suse.com/1243628"
},
{
"category": "self",
"summary": "SUSE Bug 1243649",
"url": "https://bugzilla.suse.com/1243649"
},
{
"category": "self",
"summary": "SUSE Bug 1243657",
"url": "https://bugzilla.suse.com/1243657"
},
{
"category": "self",
"summary": "SUSE Bug 1243658",
"url": "https://bugzilla.suse.com/1243658"
},
{
"category": "self",
"summary": "SUSE Bug 1243659",
"url": "https://bugzilla.suse.com/1243659"
},
{
"category": "self",
"summary": "SUSE Bug 1243660",
"url": "https://bugzilla.suse.com/1243660"
},
{
"category": "self",
"summary": "SUSE Bug 1243664",
"url": "https://bugzilla.suse.com/1243664"
},
{
"category": "self",
"summary": "SUSE Bug 1243737",
"url": "https://bugzilla.suse.com/1243737"
},
{
"category": "self",
"summary": "SUSE Bug 1243782",
"url": "https://bugzilla.suse.com/1243782"
},
{
"category": "self",
"summary": "SUSE Bug 1243805",
"url": "https://bugzilla.suse.com/1243805"
},
{
"category": "self",
"summary": "SUSE Bug 1243836",
"url": "https://bugzilla.suse.com/1243836"
},
{
"category": "self",
"summary": "SUSE Bug 1243963",
"url": "https://bugzilla.suse.com/1243963"
},
{
"category": "self",
"summary": "SUSE Bug 1244145",
"url": "https://bugzilla.suse.com/1244145"
},
{
"category": "self",
"summary": "SUSE Bug 1244261",
"url": "https://bugzilla.suse.com/1244261"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52888 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53146 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46713 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49568 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50223 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53135 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54458 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58098 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58100 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21629 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21648 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21919 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21938 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22030 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22056 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22063 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22070 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22089 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22095 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22113 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22113/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22124 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22126 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23147 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23148 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23150 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23151 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23155 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23157 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23158 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23159 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23161 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37740 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37748 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37769 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37771 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37788 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37789 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37800 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37801 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37803 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37805 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37809 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37841 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37849 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37851 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37867 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37874 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37879 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37897 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37900 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37901 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37903 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37917 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37929 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37933 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37936 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37944 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37949 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37954 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37958 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37967 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37968 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37974 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37980 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37982 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37983 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37986 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37987 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37989 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37990 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37998 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38152 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38240 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40325 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40325/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-06-16T15:33:59Z",
"generator": {
"date": "2025-06-16T15:33:59Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20421-1",
"initial_release_date": "2025-06-16T15:33:59Z",
"revision_history": [
{
"date": "2025-06-16T15:33:59Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-6.4.0-33.1.aarch64",
"product": {
"name": "kernel-rt-6.4.0-33.1.aarch64",
"product_id": "kernel-rt-6.4.0-33.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-33.1.aarch64",
"product": {
"name": "kernel-rt-devel-6.4.0-33.1.aarch64",
"product_id": "kernel-rt-devel-6.4.0-33.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-33.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-33.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-33.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-33.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-33.1.noarch",
"product_id": "kernel-source-rt-6.4.0-33.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-6.4.0-33.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-33.1.x86_64",
"product_id": "kernel-rt-6.4.0-33.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-33.1.x86_64",
"product": {
"name": "kernel-rt-devel-6.4.0-33.1.x86_64",
"product_id": "kernel-rt-devel-6.4.0-33.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-33.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-33.1.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-33.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-33.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-33.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-33.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64"
},
"product_reference": "kernel-rt-6.4.0-33.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-33.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-33.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64"
},
"product_reference": "kernel-rt-devel-6.4.0-33.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-33.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-6.4.0-33.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-6.4.0-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-33.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-33.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Only free buffer VA that is not NULL\n\nIn the MediaTek vcodec driver, while mtk_vcodec_mem_free() is mostly\ncalled only when the buffer to free exists, there are some instances\nthat didn\u0027t do the check and triggered warnings in practice.\n\nWe believe those checks were forgotten unintentionally. Add the checks\nback to fix the warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52888",
"url": "https://www.suse.com/security/cve/CVE-2023-52888"
},
{
"category": "external",
"summary": "SUSE Bug 1228557 for CVE-2023-52888",
"url": "https://bugzilla.suse.com/1228557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2023-52888"
},
{
"cve": "CVE-2023-53146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()\n\nIn dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach dw2102_i2c_transfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 950e252cb469\n(\"[media] dw2102: limit messages to buffer size\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53146",
"url": "https://www.suse.com/security/cve/CVE-2023-53146"
},
{
"category": "external",
"summary": "SUSE Bug 1220112 for CVE-2023-53146",
"url": "https://bugzilla.suse.com/1220112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2023-53146"
},
{
"cve": "CVE-2024-43869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix event leak upon exec and file release\n\nThe perf pending task work is never waited upon the matching event\nrelease. In the case of a child event, released via free_event()\ndirectly, this can potentially result in a leaked event, such as in the\nfollowing scenario that doesn\u0027t even require a weak IRQ work\nimplementation to trigger:\n\nschedule()\n prepare_task_switch()\n=======\u003e \u003cNMI\u003e\n perf_event_overflow()\n event-\u003epending_sigtrap = ...\n irq_work_queue(\u0026event-\u003epending_irq)\n\u003c======= \u003c/NMI\u003e\n perf_event_task_sched_out()\n event_sched_out()\n event-\u003epending_sigtrap = 0;\n atomic_long_inc_not_zero(\u0026event-\u003erefcount)\n task_work_add(\u0026event-\u003epending_task)\n finish_lock_switch()\n=======\u003e \u003cIRQ\u003e\n perf_pending_irq()\n //do nothing, rely on pending task work\n\u003c======= \u003c/IRQ\u003e\n\nbegin_new_exec()\n perf_event_exit_task()\n perf_event_exit_event()\n // If is child event\n free_event()\n WARN(atomic_long_cmpxchg(\u0026event-\u003erefcount, 1, 0) != 1)\n // event is leaked\n\nSimilar scenarios can also happen with perf_event_remove_on_exec() or\nsimply against concurrent perf_event_release().\n\nFix this with synchonizing against the possibly remaining pending task\nwork while freeing the event, just like is done with remaining pending\nIRQ work. This means that the pending task callback neither need nor\nshould hold a reference to the event, preventing it from ever beeing\nfreed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43869",
"url": "https://www.suse.com/security/cve/CVE-2024-43869"
},
{
"category": "external",
"summary": "SUSE Bug 1229491 for CVE-2024-43869",
"url": "https://bugzilla.suse.com/1229491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-43869"
},
{
"cve": "CVE-2024-46713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/aux: Fix AUX buffer serialization\n\nOle reported that event-\u003emmap_mutex is strictly insufficient to\nserialize the AUX buffer, add a per RB mutex to fully serialize it.\n\nNote that in the lock order comment the perf_event::mmap_mutex order\nwas already wrong, that is, it nesting under mmap_lock is not new with\nthis patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46713",
"url": "https://www.suse.com/security/cve/CVE-2024-46713"
},
{
"category": "external",
"summary": "SUSE Bug 1230581 for CVE-2024-46713",
"url": "https://bugzilla.suse.com/1230581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-46713"
},
{
"cve": "CVE-2024-49568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the fields v2_ext_offset/\neid_cnt/ism_gid_cnt in proposal msg are from the remote client\nand can not be fully trusted. Especially the field v2_ext_offset,\nonce exceed the max value, there has the chance to access wrong\naddress, and crash may happen.\n\nThis patch checks the fields v2_ext_offset/eid_cnt/ism_gid_cnt\nbefore using them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49568",
"url": "https://www.suse.com/security/cve/CVE-2024-49568"
},
{
"category": "external",
"summary": "SUSE Bug 1235728 for CVE-2024-49568",
"url": "https://bugzilla.suse.com/1235728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-49568"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.com/1232882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-50106"
},
{
"cve": "CVE-2024-50223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50223"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: Fix the potential null pointer dereference in task_numa_work()\n\nWhen running stress-ng-vm-segv test, we found a null pointer dereference\nerror in task_numa_work(). Here is the backtrace:\n\n [323676.066985] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ......\n [323676.067108] CPU: 35 PID: 2694524 Comm: stress-ng-vm-se\n ......\n [323676.067113] pstate: 23401009 (nzCv daif +PAN -UAO +TCO +DIT +SSBS BTYPE=--)\n [323676.067115] pc : vma_migratable+0x1c/0xd0\n [323676.067122] lr : task_numa_work+0x1ec/0x4e0\n [323676.067127] sp : ffff8000ada73d20\n [323676.067128] x29: ffff8000ada73d20 x28: 0000000000000000 x27: 000000003e89f010\n [323676.067130] x26: 0000000000080000 x25: ffff800081b5c0d8 x24: ffff800081b27000\n [323676.067133] x23: 0000000000010000 x22: 0000000104d18cc0 x21: ffff0009f7158000\n [323676.067135] x20: 0000000000000000 x19: 0000000000000000 x18: ffff8000ada73db8\n [323676.067138] x17: 0001400000000000 x16: ffff800080df40b0 x15: 0000000000000035\n [323676.067140] x14: ffff8000ada73cc8 x13: 1fffe0017cc72001 x12: ffff8000ada73cc8\n [323676.067142] x11: ffff80008001160c x10: ffff000be639000c x9 : ffff8000800f4ba4\n [323676.067145] x8 : ffff000810375000 x7 : ffff8000ada73974 x6 : 0000000000000001\n [323676.067147] x5 : 0068000b33e26707 x4 : 0000000000000001 x3 : ffff0009f7158000\n [323676.067149] x2 : 0000000000000041 x1 : 0000000000004400 x0 : 0000000000000000\n [323676.067152] Call trace:\n [323676.067153] vma_migratable+0x1c/0xd0\n [323676.067155] task_numa_work+0x1ec/0x4e0\n [323676.067157] task_work_run+0x78/0xd8\n [323676.067161] do_notify_resume+0x1ec/0x290\n [323676.067163] el0_svc+0x150/0x160\n [323676.067167] el0t_64_sync_handler+0xf8/0x128\n [323676.067170] el0t_64_sync+0x17c/0x180\n [323676.067173] Code: d2888001 910003fd f9000bf3 aa0003f3 (f9401000)\n [323676.067177] SMP: stopping secondary CPUs\n [323676.070184] Starting crashdump kernel...\n\nstress-ng-vm-segv in stress-ng is used to stress test the SIGSEGV error\nhandling function of the system, which tries to cause a SIGSEGV error on\nreturn from unmapping the whole address space of the child process.\n\nNormally this program will not cause kernel crashes. But before the\nmunmap system call returns to user mode, a potential task_numa_work()\nfor numa balancing could be added and executed. In this scenario, since the\nchild process has no vma after munmap, the vma_next() in task_numa_work()\nwill return a null pointer even if the vma iterator restarts from 0.\n\nRecheck the vma pointer before dereferencing it in task_numa_work().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50223",
"url": "https://www.suse.com/security/cve/CVE-2024-50223"
},
{
"category": "external",
"summary": "SUSE Bug 1233192 for CVE-2024-50223",
"url": "https://bugzilla.suse.com/1233192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-50223"
},
{
"cve": "CVE-2024-53135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN\n\nHide KVM\u0027s pt_mode module param behind CONFIG_BROKEN, i.e. disable support\nfor virtualizing Intel PT via guest/host mode unless BROKEN=y. There are\nmyriad bugs in the implementation, some of which are fatal to the guest,\nand others which put the stability and health of the host at risk.\n\nFor guest fatalities, the most glaring issue is that KVM fails to ensure\ntracing is disabled, and *stays* disabled prior to VM-Enter, which is\nnecessary as hardware disallows loading (the guest\u0027s) RTIT_CTL if tracing\nis enabled (enforced via a VMX consistency check). Per the SDM:\n\n If the logical processor is operating with Intel PT enabled (if\n IA32_RTIT_CTL.TraceEn = 1) at the time of VM entry, the \"load\n IA32_RTIT_CTL\" VM-entry control must be 0.\n\nOn the host side, KVM doesn\u0027t validate the guest CPUID configuration\nprovided by userspace, and even worse, uses the guest configuration to\ndecide what MSRs to save/load at VM-Enter and VM-Exit. E.g. configuring\nguest CPUID to enumerate more address ranges than are supported in hardware\nwill result in KVM trying to passthrough, save, and load non-existent MSRs,\nwhich generates a variety of WARNs, ToPA ERRORs in the host, a potential\ndeadlock, etc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53135",
"url": "https://www.suse.com/security/cve/CVE-2024-53135"
},
{
"category": "external",
"summary": "SUSE Bug 1234154 for CVE-2024-53135",
"url": "https://bugzilla.suse.com/1234154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-53135"
},
{
"cve": "CVE-2024-54458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: bsg: Set bsg_queue to NULL after removal\n\nCurrently, this does not cause any issues, but I believe it is necessary to\nset bsg_queue to NULL after removing it to prevent potential use-after-free\n(UAF) access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54458",
"url": "https://www.suse.com/security/cve/CVE-2024-54458"
},
{
"category": "external",
"summary": "SUSE Bug 1238992 for CVE-2024-54458",
"url": "https://bugzilla.suse.com/1238992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-54458"
},
{
"cve": "CVE-2024-58098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: track changes_pkt_data property for global functions\n\nWhen processing calls to certain helpers, verifier invalidates all\npacket pointers in a current state. For example, consider the\nfollowing program:\n\n __attribute__((__noinline__))\n long skb_pull_data(struct __sk_buff *sk, __u32 len)\n {\n return bpf_skb_pull_data(sk, len);\n }\n\n SEC(\"tc\")\n int test_invalidate_checks(struct __sk_buff *sk)\n {\n int *p = (void *)(long)sk-\u003edata;\n if ((void *)(p + 1) \u003e (void *)(long)sk-\u003edata_end) return TCX_DROP;\n skb_pull_data(sk, 0);\n *p = 42;\n return TCX_PASS;\n }\n\nAfter a call to bpf_skb_pull_data() the pointer \u0027p\u0027 can\u0027t be used\nsafely. See function filter.c:bpf_helper_changes_pkt_data() for a list\nof such helpers.\n\nAt the moment verifier invalidates packet pointers when processing\nhelper function calls, and does not traverse global sub-programs when\nprocessing calls to global sub-programs. This means that calls to\nhelpers done from global sub-programs do not invalidate pointers in\nthe caller state. E.g. the program above is unsafe, but is not\nrejected by verifier.\n\nThis commit fixes the omission by computing field\nbpf_subprog_info-\u003echanges_pkt_data for each sub-program before main\nverification pass.\nchanges_pkt_data should be set if:\n- subprogram calls helper for which bpf_helper_changes_pkt_data\n returns true;\n- subprogram calls a global function,\n for which bpf_subprog_info-\u003echanges_pkt_data should be set.\n\nThe verifier.c:check_cfg() pass is modified to compute this\ninformation. The commit relies on depth first instruction traversal\ndone by check_cfg() and absence of recursive function calls:\n- check_cfg() would eventually visit every call to subprogram S in a\n state when S is fully explored;\n- when S is fully explored:\n - every direct helper call within S is explored\n (and thus changes_pkt_data is set if needed);\n - every call to subprogram S1 called by S was visited with S1 fully\n explored (and thus S inherits changes_pkt_data from S1).\n\nThe downside of such approach is that dead code elimination is not\ntaken into account: if a helper call inside global function is dead\nbecause of current configuration, verifier would conservatively assume\nthat the call occurs for the purpose of the changes_pkt_data\ncomputation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58098",
"url": "https://www.suse.com/security/cve/CVE-2024-58098"
},
{
"category": "external",
"summary": "SUSE Bug 1242565 for CVE-2024-58098",
"url": "https://bugzilla.suse.com/1242565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-58098"
},
{
"cve": "CVE-2024-58099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame\n\nAndrew and Nikolay reported connectivity issues with Cilium\u0027s service\nload-balancing in case of vmxnet3.\n\nIf a BPF program for native XDP adds an encapsulation header such as\nIPIP and transmits the packet out the same interface, then in case\nof vmxnet3 a corrupted packet is being sent and subsequently dropped\non the path.\n\nvmxnet3_xdp_xmit_frame() which is called e.g. via vmxnet3_run_xdp()\nthrough vmxnet3_xdp_xmit_back() calculates an incorrect DMA address:\n\n page = virt_to_page(xdpf-\u003edata);\n tbi-\u003edma_addr = page_pool_get_dma_addr(page) +\n VMXNET3_XDP_HEADROOM;\n dma_sync_single_for_device(\u0026adapter-\u003epdev-\u003edev,\n tbi-\u003edma_addr, buf_size,\n DMA_TO_DEVICE);\n\nThe above assumes a fixed offset (VMXNET3_XDP_HEADROOM), but the XDP\nBPF program could have moved xdp-\u003edata. While the passed buf_size is\ncorrect (xdpf-\u003elen), the dma_addr needs to have a dynamic offset which\ncan be calculated as xdpf-\u003edata - (void *)xdpf, that is, xdp-\u003edata -\nxdp-\u003edata_hard_start.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58099",
"url": "https://www.suse.com/security/cve/CVE-2024-58099"
},
{
"category": "external",
"summary": "SUSE Bug 1242035 for CVE-2024-58099",
"url": "https://bugzilla.suse.com/1242035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-58099"
},
{
"cve": "CVE-2024-58100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: check changes_pkt_data property for extension programs\n\nWhen processing calls to global sub-programs, verifier decides whether\nto invalidate all packet pointers in current state depending on the\nchanges_pkt_data property of the global sub-program.\n\nBecause of this, an extension program replacing a global sub-program\nmust be compatible with changes_pkt_data property of the sub-program\nbeing replaced.\n\nThis commit:\n- adds changes_pkt_data flag to struct bpf_prog_aux:\n - this flag is set in check_cfg() for main sub-program;\n - in jit_subprogs() for other sub-programs;\n- modifies bpf_check_attach_btf_id() to check changes_pkt_data flag;\n- moves call to check_attach_btf_id() after the call to check_cfg(),\n because it needs changes_pkt_data flag to be set:\n\n bpf_check:\n ... ...\n - check_attach_btf_id resolve_pseudo_ldimm64\n resolve_pseudo_ldimm64 --\u003e bpf_prog_is_offloaded\n bpf_prog_is_offloaded check_cfg\n check_cfg + check_attach_btf_id\n ... ...\n\nThe following fields are set by check_attach_btf_id():\n- env-\u003eops\n- prog-\u003eaux-\u003eattach_btf_trace\n- prog-\u003eaux-\u003eattach_func_name\n- prog-\u003eaux-\u003eattach_func_proto\n- prog-\u003eaux-\u003edst_trampoline\n- prog-\u003eaux-\u003emod\n- prog-\u003eaux-\u003esaved_dst_attach_type\n- prog-\u003eaux-\u003esaved_dst_prog_type\n- prog-\u003eexpected_attach_type\n\nNeither of these fields are used by resolve_pseudo_ldimm64() or\nbpf_prog_offload_verifier_prep() (for netronome and netdevsim\ndrivers), so the reordering is safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58100",
"url": "https://www.suse.com/security/cve/CVE-2024-58100"
},
{
"category": "external",
"summary": "SUSE Bug 1242564 for CVE-2024-58100",
"url": "https://bugzilla.suse.com/1242564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-58100"
},
{
"cve": "CVE-2024-58237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: consider that tail calls invalidate packet pointers\n\nTail-called programs could execute any of the helpers that invalidate\npacket pointers. Hence, conservatively assume that each tail call\ninvalidates packet pointers.\n\nMaking the change in bpf_helper_changes_pkt_data() automatically makes\nuse of check_cfg() logic that computes \u0027changes_pkt_data\u0027 effect for\nglobal sub-programs, such that the following program could be\nrejected:\n\n int tail_call(struct __sk_buff *sk)\n {\n \tbpf_tail_call_static(sk, \u0026jmp_table, 0);\n \treturn 0;\n }\n\n SEC(\"tc\")\n int not_safe(struct __sk_buff *sk)\n {\n \tint *p = (void *)(long)sk-\u003edata;\n \t... make p valid ...\n \ttail_call(sk);\n \t*p = 42; /* this is unsafe */\n \t...\n }\n\nThe tc_bpf2bpf.c:subprog_tc() needs change: mark it as a function that\ncan invalidate packet pointers. Otherwise, it can\u0027t be freplaced with\ntailcall_freplace.c:entry_freplace() that does a tail call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58237",
"url": "https://www.suse.com/security/cve/CVE-2024-58237"
},
{
"category": "external",
"summary": "SUSE Bug 1242574 for CVE-2024-58237",
"url": "https://bugzilla.suse.com/1242574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2024-58237"
},
{
"cve": "CVE-2025-21629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\n\nThe blamed commit disabled hardware offoad of IPv6 packets with\nextension headers on devices that advertise NETIF_F_IPV6_CSUM,\nbased on the definition of that feature in skbuff.h:\n\n * * - %NETIF_F_IPV6_CSUM\n * - Driver (device) is only able to checksum plain\n * TCP or UDP packets over IPv6. These are specifically\n * unencapsulated packets of the form IPv6|TCP or\n * IPv6|UDP where the Next Header field in the IPv6\n * header is either TCP or UDP. IPv6 extension headers\n * are not supported with this feature. This feature\n * cannot be set in features for a device with\n * NETIF_F_HW_CSUM also set. This feature is being\n * DEPRECATED (see below).\n\nThe change causes skb_warn_bad_offload to fire for BIG TCP\npackets.\n\n[ 496.310233] WARNING: CPU: 13 PID: 23472 at net/core/dev.c:3129 skb_warn_bad_offload+0xc4/0xe0\n\n[ 496.310297] ? skb_warn_bad_offload+0xc4/0xe0\n[ 496.310300] skb_checksum_help+0x129/0x1f0\n[ 496.310303] skb_csum_hwoffload_help+0x150/0x1b0\n[ 496.310306] validate_xmit_skb+0x159/0x270\n[ 496.310309] validate_xmit_skb_list+0x41/0x70\n[ 496.310312] sch_direct_xmit+0x5c/0x250\n[ 496.310317] __qdisc_run+0x388/0x620\n\nBIG TCP introduced an IPV6_TLV_JUMBO IPv6 extension header to\ncommunicate packet length, as this is an IPv6 jumbogram. But, the\nfeature is only enabled on devices that support BIG TCP TSO. The\nheader is only present for PF_PACKET taps like tcpdump, and not\ntransmitted by physical devices.\n\nFor this specific case of extension headers that are not\ntransmitted, return to the situation before the blamed commit\nand support hardware offload.\n\nipv6_has_hopopt_jumbo() tests not only whether this header is present,\nbut also that it is the only extension header before a terminal (L4)\nheader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21629",
"url": "https://www.suse.com/security/cve/CVE-2025-21629"
},
{
"category": "external",
"summary": "SUSE Bug 1235968 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "external",
"summary": "SUSE Bug 1244722 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1244722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "important"
}
],
"title": "CVE-2025-21629"
},
{
"cve": "CVE-2025-21648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\n\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\nresizing hashtable because __GFP_NOWARN is unset. See:\n\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\n\nNote: hashtable resize is only possible from init_netns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21648",
"url": "https://www.suse.com/security/cve/CVE-2025-21648"
},
{
"category": "external",
"summary": "SUSE Bug 1236142 for CVE-2025-21648",
"url": "https://bugzilla.suse.com/1236142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-21648"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: better TEAM_OPTION_TYPE_STRING validation\n\nsyzbot reported following splat [1]\n\nMake sure user-provided data contains one nul byte.\n\n[1]\n BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inline]\n BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714\n string_nocheck lib/vsprintf.c:633 [inline]\n string+0x3ec/0x5f0 lib/vsprintf.c:714\n vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843\n __request_module+0x252/0x9f0 kernel/module/kmod.c:149\n team_mode_get drivers/net/team/team_core.c:480 [inline]\n team_change_mode drivers/net/team/team_core.c:607 [inline]\n team_mode_option_set+0x437/0x970 drivers/net/team/team_core.c:1401\n team_option_set drivers/net/team/team_core.c:375 [inline]\n team_nl_options_set_doit+0x1339/0x1f90 drivers/net/team/team_core.c:2662\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x1214/0x12c0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2543\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:733\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2573\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2627\n __sys_sendmsg net/socket.c:2659 [inline]\n __do_sys_sendmsg net/socket.c:2664 [inline]\n __se_sys_sendmsg net/socket.c:2662 [inline]\n __x64_sys_sendmsg+0x212/0x3c0 net/socket.c:2662\n x64_sys_call+0x2ed6/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21787",
"url": "https://www.suse.com/security/cve/CVE-2025-21787"
},
{
"category": "external",
"summary": "SUSE Bug 1238774 for CVE-2025-21787",
"url": "https://bugzilla.suse.com/1238774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-21787"
},
{
"cve": "CVE-2025-21814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: Ensure info-\u003eenable callback is always set\n\nThe ioctl and sysfs handlers unconditionally call the -\u003eenable callback.\nNot all drivers implement that callback, leading to NULL dereferences.\nExample of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c.\n\nInstead use a dummy callback if no better was specified by the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21814",
"url": "https://www.suse.com/security/cve/CVE-2025-21814"
},
{
"category": "external",
"summary": "SUSE Bug 1238473 for CVE-2025-21814",
"url": "https://bugzilla.suse.com/1238473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-21814"
},
{
"cve": "CVE-2025-21868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: allow small head cache usage with large MAX_SKB_FRAGS values\n\nSabrina reported the following splat:\n\n WARNING: CPU: 0 PID: 1 at net/core/dev.c:6935 netif_napi_add_weight_locked+0x8f2/0xba0\n Modules linked in:\n CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.14.0-rc1-net-00092-g011b03359038 #996\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:netif_napi_add_weight_locked+0x8f2/0xba0\n Code: e8 c3 e6 6a fe 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc c7 44 24 10 ff ff ff ff e9 8f fb ff ff e8 9e e6 6a fe \u003c0f\u003e 0b e9 d3 fe ff ff e8 92 e6 6a fe 48 8b 04 24 be ff ff ff ff 48\n RSP: 0000:ffffc9000001fc60 EFLAGS: 00010293\n RAX: 0000000000000000 RBX: ffff88806ce48128 RCX: 1ffff11001664b9e\n RDX: ffff888008f00040 RSI: ffffffff8317ca42 RDI: ffff88800b325cb6\n RBP: ffff88800b325c40 R08: 0000000000000001 R09: ffffed100167502c\n R10: ffff88800b3a8163 R11: 0000000000000000 R12: ffff88800ac1c168\n R13: ffff88800ac1c168 R14: ffff88800ac1c168 R15: 0000000000000007\n FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffff888008201000 CR3: 0000000004c94001 CR4: 0000000000370ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n gro_cells_init+0x1ba/0x270\n xfrm_input_init+0x4b/0x2a0\n xfrm_init+0x38/0x50\n ip_rt_init+0x2d7/0x350\n ip_init+0xf/0x20\n inet_init+0x406/0x590\n do_one_initcall+0x9d/0x2e0\n do_initcalls+0x23b/0x280\n kernel_init_freeable+0x445/0x490\n kernel_init+0x20/0x1d0\n ret_from_fork+0x46/0x80\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n irq event stamp: 584330\n hardirqs last enabled at (584338): [\u003cffffffff8168bf87\u003e] __up_console_sem+0x77/0xb0\n hardirqs last disabled at (584345): [\u003cffffffff8168bf6c\u003e] __up_console_sem+0x5c/0xb0\n softirqs last enabled at (583242): [\u003cffffffff833ee96d\u003e] netlink_insert+0x14d/0x470\n softirqs last disabled at (583754): [\u003cffffffff8317c8cd\u003e] netif_napi_add_weight_locked+0x77d/0xba0\n\non kernel built with MAX_SKB_FRAGS=45, where SKB_WITH_OVERHEAD(1024)\nis smaller than GRO_MAX_HEAD.\n\nSuch built additionally contains the revert of the single page frag cache\nso that napi_get_frags() ends up using the page frag allocator, triggering\nthe splat.\n\nNote that the underlying issue is independent from the mentioned\nrevert; address it ensuring that the small head cache will fit either TCP\nand GRO allocation and updating napi_alloc_skb() and __netdev_alloc_skb()\nto select kmalloc() usage for any allocation fitting such cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21868",
"url": "https://www.suse.com/security/cve/CVE-2025-21868"
},
{
"category": "external",
"summary": "SUSE Bug 1240180 for CVE-2025-21868",
"url": "https://bugzilla.suse.com/1240180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-21868"
},
{
"cve": "CVE-2025-21919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Fix potential memory corruption in child_cfs_rq_on_list\n\nchild_cfs_rq_on_list attempts to convert a \u0027prev\u0027 pointer to a cfs_rq.\nThis \u0027prev\u0027 pointer can originate from struct rq\u0027s leaf_cfs_rq_list,\nmaking the conversion invalid and potentially leading to memory\ncorruption. Depending on the relative positions of leaf_cfs_rq_list and\nthe task group (tg) pointer within the struct, this can cause a memory\nfault or access garbage data.\n\nThe issue arises in list_add_leaf_cfs_rq, where both\ncfs_rq-\u003eleaf_cfs_rq_list and rq-\u003eleaf_cfs_rq_list are added to the same\nleaf list. Also, rq-\u003etmp_alone_branch can be set to rq-\u003eleaf_cfs_rq_list.\n\nThis adds a check `if (prev == \u0026rq-\u003eleaf_cfs_rq_list)` after the main\nconditional in child_cfs_rq_on_list. This ensures that the container_of\noperation will convert a correct cfs_rq struct.\n\nThis check is sufficient because only cfs_rqs on the same CPU are added\nto the list, so verifying the \u0027prev\u0027 pointer against the current rq\u0027s list\nhead is enough.\n\nFixes a potential memory corruption issue that due to current struct\nlayout might not be manifesting as a crash but could lead to unpredictable\nbehavior when the layout changes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21919",
"url": "https://www.suse.com/security/cve/CVE-2025-21919"
},
{
"category": "external",
"summary": "SUSE Bug 1240593 for CVE-2025-21919",
"url": "https://bugzilla.suse.com/1240593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-21919"
},
{
"cve": "CVE-2025-21938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix \u0027scheduling while atomic\u0027 in mptcp_pm_nl_append_new_local_addr\n\nIf multiple connection requests attempt to create an implicit mptcp\nendpoint in parallel, more than one caller may end up in\nmptcp_pm_nl_append_new_local_addr because none found the address in\nlocal_addr_list during their call to mptcp_pm_nl_get_local_id. In this\ncase, the concurrent new_local_addr calls may delete the address entry\ncreated by the previous caller. These deletes use synchronize_rcu, but\nthis is not permitted in some of the contexts where this function may be\ncalled. During packet recv, the caller may be in a rcu read critical\nsection and have preemption disabled.\n\nAn example stack:\n\n BUG: scheduling while atomic: swapper/2/0/0x00000302\n\n Call Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:117 (discriminator 1))\n dump_stack (lib/dump_stack.c:124)\n __schedule_bug (kernel/sched/core.c:5943)\n schedule_debug.constprop.0 (arch/x86/include/asm/preempt.h:33 kernel/sched/core.c:5970)\n __schedule (arch/x86/include/asm/jump_label.h:27 include/linux/jump_label.h:207 kernel/sched/features.h:29 kernel/sched/core.c:6621)\n schedule (arch/x86/include/asm/preempt.h:84 kernel/sched/core.c:6804 kernel/sched/core.c:6818)\n schedule_timeout (kernel/time/timer.c:2160)\n wait_for_completion (kernel/sched/completion.c:96 kernel/sched/completion.c:116 kernel/sched/completion.c:127 kernel/sched/completion.c:148)\n __wait_rcu_gp (include/linux/rcupdate.h:311 kernel/rcu/update.c:444)\n synchronize_rcu (kernel/rcu/tree.c:3609)\n mptcp_pm_nl_append_new_local_addr (net/mptcp/pm_netlink.c:966 net/mptcp/pm_netlink.c:1061)\n mptcp_pm_nl_get_local_id (net/mptcp/pm_netlink.c:1164)\n mptcp_pm_get_local_id (net/mptcp/pm.c:420)\n subflow_check_req (net/mptcp/subflow.c:98 net/mptcp/subflow.c:213)\n subflow_v4_route_req (net/mptcp/subflow.c:305)\n tcp_conn_request (net/ipv4/tcp_input.c:7216)\n subflow_v4_conn_request (net/mptcp/subflow.c:651)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6709)\n tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1934)\n tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2334)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205 (discriminator 1))\n ip_local_deliver_finish (include/linux/rcupdate.h:813 net/ipv4/ip_input.c:234)\n ip_local_deliver (include/linux/netfilter.h:314 include/linux/netfilter.h:308 net/ipv4/ip_input.c:254)\n ip_sublist_rcv_finish (include/net/dst.h:461 net/ipv4/ip_input.c:580)\n ip_sublist_rcv (net/ipv4/ip_input.c:640)\n ip_list_rcv (net/ipv4/ip_input.c:675)\n __netif_receive_skb_list_core (net/core/dev.c:5583 net/core/dev.c:5631)\n netif_receive_skb_list_internal (net/core/dev.c:5685 net/core/dev.c:5774)\n napi_complete_done (include/linux/list.h:37 include/net/gro.h:449 include/net/gro.h:444 net/core/dev.c:6114)\n igb_poll (drivers/net/ethernet/intel/igb/igb_main.c:8244) igb\n __napi_poll (net/core/dev.c:6582)\n net_rx_action (net/core/dev.c:6653 net/core/dev.c:6787)\n handle_softirqs (kernel/softirq.c:553)\n __irq_exit_rcu (kernel/softirq.c:588 kernel/softirq.c:427 kernel/softirq.c:636)\n irq_exit_rcu (kernel/softirq.c:651)\n common_interrupt (arch/x86/kernel/irq.c:247 (discriminator 14))\n \u003c/IRQ\u003e\n\nThis problem seems particularly prevalent if the user advertises an\nendpoint that has a different external vs internal address. In the case\nwhere the external address is advertised and multiple connections\nalready exist, multiple subflow SYNs arrive in parallel which tends to\ntrigger the race during creation of the first local_addr_list entries\nwhich have the internal address instead.\n\nFix by skipping the replacement of an existing implicit local address if\ncalled via mptcp_pm_nl_get_local_id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21938",
"url": "https://www.suse.com/security/cve/CVE-2025-21938"
},
{
"category": "external",
"summary": "SUSE Bug 1240723 for CVE-2025-21938",
"url": "https://bugzilla.suse.com/1240723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-21938"
},
{
"cve": "CVE-2025-21997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix an integer overflow in xp_create_and_assign_umem()\n\nSince the i and pool-\u003echunk_size variables are of type \u0027u32\u0027,\ntheir product can wrap around and then be cast to \u0027u64\u0027.\nThis can lead to two different XDP buffers pointing to the same\nmemory area.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21997",
"url": "https://www.suse.com/security/cve/CVE-2025-21997"
},
{
"category": "external",
"summary": "SUSE Bug 1240823 for CVE-2025-21997",
"url": "https://bugzilla.suse.com/1240823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-21997"
},
{
"cve": "CVE-2025-22005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().\n\nfib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything\nwhen it fails.\n\nCommit 7dd73168e273 (\"ipv6: Always allocate pcpu memory in a fib6_nh\")\nmoved fib_nh_common_init() before alloc_percpu_gfp() within fib6_nh_init()\nbut forgot to add cleanup for fib6_nh-\u003enh_common.nhc_pcpu_rth_output in\ncase it fails to allocate fib6_nh-\u003ert6i_pcpu, resulting in memleak.\n\nLet\u0027s call fib_nh_common_release() and clear nhc_pcpu_rth_output in the\nerror path.\n\nNote that we can remove the fib6_nh_release() call in nh_create_ipv6()\nlater in net-next.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22005",
"url": "https://www.suse.com/security/cve/CVE-2025-22005"
},
{
"category": "external",
"summary": "SUSE Bug 1240866 for CVE-2025-22005",
"url": "https://bugzilla.suse.com/1240866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22005"
},
{
"cve": "CVE-2025-22021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: socket: Lookup orig tuple for IPv6 SNAT\n\nnf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to\nrestore the original 5-tuple in case of SNAT, to be able to find the\nright socket (if any). Then socket_match() can correctly check whether\nthe socket was transparent.\n\nHowever, the IPv6 counterpart (nf_sk_lookup_slow_v6) lacks this\nconntrack lookup, making xt_socket fail to match on the socket when the\npacket was SNATed. Add the same logic to nf_sk_lookup_slow_v6.\n\nIPv6 SNAT is used in Kubernetes clusters for pod-to-world packets, as\npods\u0027 addresses are in the fd00::/8 ULA subnet and need to be replaced\nwith the node\u0027s external address. Cilium leverages Envoy to enforce L7\npolicies, and Envoy uses transparent sockets. Cilium inserts an iptables\nprerouting rule that matches on `-m socket --transparent` and redirects\nthe packets to localhost, but it fails to match SNATed IPv6 packets due\nto that missing conntrack lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22021",
"url": "https://www.suse.com/security/cve/CVE-2025-22021"
},
{
"category": "external",
"summary": "SUSE Bug 1241282 for CVE-2025-22021",
"url": "https://bugzilla.suse.com/1241282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "low"
}
],
"title": "CVE-2025-22021"
},
{
"cve": "CVE-2025-22030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()\n\nCurrently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding\nthe per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_lock\n(through crypto_exit_scomp_ops_async()).\n\nOn the other hand, crypto_alloc_acomp_node() holds the scomp_lock (through\ncrypto_scomp_init_tfm()), and then allocates memory. If the allocation\nresults in reclaim, we may attempt to hold the per-CPU acomp_ctx mutex.\n\nThe above dependencies can cause an ABBA deadlock. For example in the\nfollowing scenario:\n\n(1) Task A running on CPU #1:\n crypto_alloc_acomp_node()\n Holds scomp_lock\n Enters reclaim\n Reads per_cpu_ptr(pool-\u003eacomp_ctx, 1)\n\n(2) Task A is descheduled\n\n(3) CPU #1 goes offline\n zswap_cpu_comp_dead(CPU #1)\n Holds per_cpu_ptr(pool-\u003eacomp_ctx, 1))\n Calls crypto_free_acomp()\n Waits for scomp_lock\n\n(4) Task A running on CPU #2:\n Waits for per_cpu_ptr(pool-\u003eacomp_ctx, 1) // Read on CPU #1\n DEADLOCK\n\nSince there is no requirement to call crypto_free_acomp() with the per-CPU\nacomp_ctx mutex held in zswap_cpu_comp_dead(), move it after the mutex is\nunlocked. Also move the acomp_request_free() and kfree() calls for\nconsistency and to avoid any potential sublte locking dependencies in the\nfuture.\n\nWith this, only setting acomp_ctx fields to NULL occurs with the mutex\nheld. This is similar to how zswap_cpu_comp_prepare() only initializes\nacomp_ctx fields with the mutex held, after performing all allocations\nbefore holding the mutex.\n\nOpportunistically, move the NULL check on acomp_ctx so that it takes place\nbefore the mutex dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22030",
"url": "https://www.suse.com/security/cve/CVE-2025-22030"
},
{
"category": "external",
"summary": "SUSE Bug 1241376 for CVE-2025-22030",
"url": "https://bugzilla.suse.com/1241376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22030"
},
{
"cve": "CVE-2025-22056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_tunnel: fix geneve_opt type confusion addition\n\nWhen handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the\nparsing logic should place every geneve_opt structure one by one\ncompactly. Hence, when deciding the next geneve_opt position, the\npointer addition should be in units of char *.\n\nHowever, the current implementation erroneously does type conversion\nbefore the addition, which will lead to heap out-of-bounds write.\n\n[ 6.989857] ==================================================================\n[ 6.990293] BUG: KASAN: slab-out-of-bounds in nft_tunnel_obj_init+0x977/0xa70\n[ 6.990725] Write of size 124 at addr ffff888005f18974 by task poc/178\n[ 6.991162]\n[ 6.991259] CPU: 0 PID: 178 Comm: poc-oob-write Not tainted 6.1.132 #1\n[ 6.991655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 6.992281] Call Trace:\n[ 6.992423] \u003cTASK\u003e\n[ 6.992586] dump_stack_lvl+0x44/0x5c\n[ 6.992801] print_report+0x184/0x4be\n[ 6.993790] kasan_report+0xc5/0x100\n[ 6.994252] kasan_check_range+0xf3/0x1a0\n[ 6.994486] memcpy+0x38/0x60\n[ 6.994692] nft_tunnel_obj_init+0x977/0xa70\n[ 6.995677] nft_obj_init+0x10c/0x1b0\n[ 6.995891] nf_tables_newobj+0x585/0x950\n[ 6.996922] nfnetlink_rcv_batch+0xdf9/0x1020\n[ 6.998997] nfnetlink_rcv+0x1df/0x220\n[ 6.999537] netlink_unicast+0x395/0x530\n[ 7.000771] netlink_sendmsg+0x3d0/0x6d0\n[ 7.001462] __sock_sendmsg+0x99/0xa0\n[ 7.001707] ____sys_sendmsg+0x409/0x450\n[ 7.002391] ___sys_sendmsg+0xfd/0x170\n[ 7.003145] __sys_sendmsg+0xea/0x170\n[ 7.004359] do_syscall_64+0x5e/0x90\n[ 7.005817] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 7.006127] RIP: 0033:0x7ec756d4e407\n[ 7.006339] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 7.007364] RSP: 002b:00007ffed5d46760 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n[ 7.007827] RAX: ffffffffffffffda RBX: 00007ec756cc4740 RCX: 00007ec756d4e407\n[ 7.008223] RDX: 0000000000000000 RSI: 00007ffed5d467f0 RDI: 0000000000000003\n[ 7.008620] RBP: 00007ffed5d468a0 R08: 0000000000000000 R09: 0000000000000000\n[ 7.009039] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n[ 7.009429] R13: 00007ffed5d478b0 R14: 00007ec756ee5000 R15: 00005cbd4e655cb8\n\nFix this bug with correct pointer addition and conversion in parse\nand dump code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22056",
"url": "https://www.suse.com/security/cve/CVE-2025-22056"
},
{
"category": "external",
"summary": "SUSE Bug 1241525 for CVE-2025-22056",
"url": "https://bugzilla.suse.com/1241525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22056"
},
{
"cve": "CVE-2025-22057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: decrease cached dst counters in dst_release\n\nUpstream fix ac888d58869b (\"net: do not delay dst_entries_add() in\ndst_release()\") moved decrementing the dst count from dst_destroy to\ndst_release to avoid accessing already freed data in case of netns\ndismantle. However in case CONFIG_DST_CACHE is enabled and OvS+tunnels\nare used, this fix is incomplete as the same issue will be seen for\ncached dsts:\n\n Unable to handle kernel paging request at virtual address ffff5aabf6b5c000\n Call trace:\n percpu_counter_add_batch+0x3c/0x160 (P)\n dst_release+0xec/0x108\n dst_cache_destroy+0x68/0xd8\n dst_destroy+0x13c/0x168\n dst_destroy_rcu+0x1c/0xb0\n rcu_do_batch+0x18c/0x7d0\n rcu_core+0x174/0x378\n rcu_core_si+0x18/0x30\n\nFix this by invalidating the cache, and thus decrementing cached dst\ncounters, in dst_release too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22057",
"url": "https://www.suse.com/security/cve/CVE-2025-22057"
},
{
"category": "external",
"summary": "SUSE Bug 1241533 for CVE-2025-22057",
"url": "https://bugzilla.suse.com/1241533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22057"
},
{
"cve": "CVE-2025-22063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets\n\nWhen calling netlbl_conn_setattr(), addr-\u003esa_family is used\nto determine the function behavior. If sk is an IPv4 socket,\nbut the connect function is called with an IPv6 address,\nthe function calipso_sock_setattr() is triggered.\nInside this function, the following code is executed:\n\nsk_fullsock(__sk) ? inet_sk(__sk)-\u003epinet6 : NULL;\n\nSince sk is an IPv4 socket, pinet6 is NULL, leading to a\nnull pointer dereference.\n\nThis patch fixes the issue by checking if inet6_sk(sk)\nreturns a NULL pointer before accessing pinet6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22063",
"url": "https://www.suse.com/security/cve/CVE-2025-22063"
},
{
"category": "external",
"summary": "SUSE Bug 1241351 for CVE-2025-22063",
"url": "https://bugzilla.suse.com/1241351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22063"
},
{
"cve": "CVE-2025-22066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: imx-card: Add NULL check in imx_card_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nimx_card_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22066",
"url": "https://www.suse.com/security/cve/CVE-2025-22066"
},
{
"category": "external",
"summary": "SUSE Bug 1241340 for CVE-2025-22066",
"url": "https://bugzilla.suse.com/1241340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22066"
},
{
"cve": "CVE-2025-22070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: fix NULL pointer dereference on mkdir\n\nWhen a 9p tree was mounted with option \u0027posixacl\u0027, parent directory had a\ndefault ACL set for its subdirectories, e.g.:\n\n setfacl -m default:group:simpsons:rwx parentdir\n\nthen creating a subdirectory crashed 9p client, as v9fs_fid_add() call in\nfunction v9fs_vfs_mkdir_dotl() sets the passed \u0027fid\u0027 pointer to NULL\n(since dafbe689736) even though the subsequent v9fs_set_create_acl() call\nexpects a valid non-NULL \u0027fid\u0027 pointer:\n\n [ 37.273191] BUG: kernel NULL pointer dereference, address: 0000000000000000\n ...\n [ 37.322338] Call Trace:\n [ 37.323043] \u003cTASK\u003e\n [ 37.323621] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434)\n [ 37.324448] ? page_fault_oops (arch/x86/mm/fault.c:714)\n [ 37.325532] ? search_module_extables (kernel/module/main.c:3733)\n [ 37.326742] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.328006] ? search_bpf_extables (kernel/bpf/core.c:804)\n [ 37.329142] ? exc_page_fault (./arch/x86/include/asm/paravirt.h:686 arch/x86/mm/fault.c:1488 arch/x86/mm/fault.c:1538)\n [ 37.330196] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:574)\n [ 37.331330] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.332562] ? v9fs_fid_xattr_get (fs/9p/xattr.c:30) 9p\n [ 37.333824] v9fs_fid_xattr_set (fs/9p/fid.h:23 fs/9p/xattr.c:121) 9p\n [ 37.335077] v9fs_set_acl (fs/9p/acl.c:276) 9p\n [ 37.336112] v9fs_set_create_acl (fs/9p/acl.c:307) 9p\n [ 37.337326] v9fs_vfs_mkdir_dotl (fs/9p/vfs_inode_dotl.c:411) 9p\n [ 37.338590] vfs_mkdir (fs/namei.c:4313)\n [ 37.339535] do_mkdirat (fs/namei.c:4336)\n [ 37.340465] __x64_sys_mkdir (fs/namei.c:4354)\n [ 37.341455] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n [ 37.342447] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by simply swapping the sequence of these two calls in\nv9fs_vfs_mkdir_dotl(), i.e. calling v9fs_set_create_acl() before\nv9fs_fid_add().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22070",
"url": "https://www.suse.com/security/cve/CVE-2025-22070"
},
{
"category": "external",
"summary": "SUSE Bug 1241305 for CVE-2025-22070",
"url": "https://bugzilla.suse.com/1241305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22070"
},
{
"cve": "CVE-2025-22089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Don\u0027t expose hw_counters outside of init net namespace\n\nCommit 467f432a521a (\"RDMA/core: Split port and device counter sysfs\nattributes\") accidentally almost exposed hw counters to non-init net\nnamespaces. It didn\u0027t expose them fully, as an attempt to read any of\nthose counters leads to a crash like this one:\n\n[42021.807566] BUG: kernel NULL pointer dereference, address: 0000000000000028\n[42021.814463] #PF: supervisor read access in kernel mode\n[42021.819549] #PF: error_code(0x0000) - not-present page\n[42021.824636] PGD 0 P4D 0\n[42021.827145] Oops: 0000 [#1] SMP PTI\n[42021.830598] CPU: 82 PID: 2843922 Comm: switchto-defaul Kdump: loaded Tainted: G S W I XXX\n[42021.841697] Hardware name: XXX\n[42021.849619] RIP: 0010:hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.855362] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 49 89 d0 4c 8b 5e 20 48 8b 8f b8 04 00 00 48 81 c7 f0 fa ff ff \u003c48\u003e 8b 41 28 48 29 ce 48 83 c6 d0 48 c1 ee 04 69 d6 ab aa aa aa 48\n[42021.873931] RSP: 0018:ffff97fe90f03da0 EFLAGS: 00010287\n[42021.879108] RAX: ffff9406988a8c60 RBX: ffff940e1072d438 RCX: 0000000000000000\n[42021.886169] RDX: ffff94085f1aa000 RSI: ffff93c6cbbdbcb0 RDI: ffff940c7517aef0\n[42021.893230] RBP: ffff97fe90f03e70 R08: ffff94085f1aa000 R09: 0000000000000000\n[42021.900294] R10: ffff94085f1aa000 R11: ffffffffc0775680 R12: ffffffff87ca2530\n[42021.907355] R13: ffff940651602840 R14: ffff93c6cbbdbcb0 R15: ffff94085f1aa000\n[42021.914418] FS: 00007fda1a3b9700(0000) GS:ffff94453fb80000(0000) knlGS:0000000000000000\n[42021.922423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[42021.928130] CR2: 0000000000000028 CR3: 00000042dcfb8003 CR4: 00000000003726f0\n[42021.935194] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[42021.942257] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[42021.949324] Call Trace:\n[42021.951756] \u003cTASK\u003e\n[42021.953842] [\u003cffffffff86c58674\u003e] ? show_regs+0x64/0x70\n[42021.959030] [\u003cffffffff86c58468\u003e] ? __die+0x78/0xc0\n[42021.963874] [\u003cffffffff86c9ef75\u003e] ? page_fault_oops+0x2b5/0x3b0\n[42021.969749] [\u003cffffffff87674b92\u003e] ? exc_page_fault+0x1a2/0x3c0\n[42021.975549] [\u003cffffffff87801326\u003e] ? asm_exc_page_fault+0x26/0x30\n[42021.981517] [\u003cffffffffc0775680\u003e] ? __pfx_show_hw_stats+0x10/0x10 [ib_core]\n[42021.988482] [\u003cffffffffc077564e\u003e] ? hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.995438] [\u003cffffffff86ac7f8e\u003e] dev_attr_show+0x1e/0x50\n[42022.000803] [\u003cffffffff86a3eeb1\u003e] sysfs_kf_seq_show+0x81/0xe0\n[42022.006508] [\u003cffffffff86a11134\u003e] seq_read_iter+0xf4/0x410\n[42022.011954] [\u003cffffffff869f4b2e\u003e] vfs_read+0x16e/0x2f0\n[42022.017058] [\u003cffffffff869f50ee\u003e] ksys_read+0x6e/0xe0\n[42022.022073] [\u003cffffffff8766f1ca\u003e] do_syscall_64+0x6a/0xa0\n[42022.027441] [\u003cffffffff8780013b\u003e] entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nThe problem can be reproduced using the following steps:\n ip netns add foo\n ip netns exec foo bash\n cat /sys/class/infiniband/mlx4_0/hw_counters/*\n\nThe panic occurs because of casting the device pointer into an\nib_device pointer using container_of() in hw_stat_device_show() is\nwrong and leads to a memory corruption.\n\nHowever the real problem is that hw counters should never been exposed\noutside of the non-init net namespace.\n\nFix this by saving the index of the corresponding attribute group\n(it might be 1 or 2 depending on the presence of driver-specific\nattributes) and zeroing the pointer to hw_counters group for compat\ndevices during the initialization.\n\nWith this fix applied hw_counters are not available in a non-init\nnet namespace:\n find /sys/class/infiniband/mlx4_0/ -name hw_counters\n /sys/class/infiniband/mlx4_0/ports/1/hw_counters\n /sys/class/infiniband/mlx4_0/ports/2/hw_counters\n /sys/class/infiniband/mlx4_0/hw_counters\n\n ip netns add foo\n ip netns exec foo bash\n find /sys/class/infiniband/mlx4_0/ -name hw_counters",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22089",
"url": "https://www.suse.com/security/cve/CVE-2025-22089"
},
{
"category": "external",
"summary": "SUSE Bug 1241538 for CVE-2025-22089",
"url": "https://bugzilla.suse.com/1241538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22089"
},
{
"cve": "CVE-2025-22095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: brcmstb: Fix error path after a call to regulator_bulk_get()\n\nIf the regulator_bulk_get() returns an error and no regulators\nare created, we need to set their number to zero.\n\nIf we don\u0027t do this and the PCIe link up fails, a call to the\nregulator_bulk_free() will result in a kernel panic.\n\nWhile at it, print the error value, as we cannot return an error\nupwards as the kernel will WARN() on an error from add_bus().\n\n[kwilczynski: commit log, use comma in the message to match style with\nother similar messages]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22095",
"url": "https://www.suse.com/security/cve/CVE-2025-22095"
},
{
"category": "external",
"summary": "SUSE Bug 1241519 for CVE-2025-22095",
"url": "https://bugzilla.suse.com/1241519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22095"
},
{
"cve": "CVE-2025-22103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix NULL pointer dereference in l3mdev_l3_rcv\n\nWhen delete l3s ipvlan:\n\n ip link del link eth0 ipvlan1 type ipvlan mode l3s\n\nThis may cause a null pointer dereference:\n\n Call trace:\n ip_rcv_finish+0x48/0xd0\n ip_rcv+0x5c/0x100\n __netif_receive_skb_one_core+0x64/0xb0\n __netif_receive_skb+0x20/0x80\n process_backlog+0xb4/0x204\n napi_poll+0xe8/0x294\n net_rx_action+0xd8/0x22c\n __do_softirq+0x12c/0x354\n\nThis is because l3mdev_l3_rcv() visit dev-\u003el3mdev_ops after\nipvlan_l3s_unregister() assign the dev-\u003el3mdev_ops to NULL. The process\nlike this:\n\n (CPU1) | (CPU2)\n l3mdev_l3_rcv() |\n check dev-\u003epriv_flags: |\n master = skb-\u003edev; |\n |\n | ipvlan_l3s_unregister()\n | set dev-\u003epriv_flags\n | dev-\u003el3mdev_ops = NULL;\n |\n visit master-\u003el3mdev_ops |\n\nTo avoid this by do not set dev-\u003el3mdev_ops when unregister l3s ipvlan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22103",
"url": "https://www.suse.com/security/cve/CVE-2025-22103"
},
{
"category": "external",
"summary": "SUSE Bug 1241448 for CVE-2025-22103",
"url": "https://bugzilla.suse.com/1241448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22103"
},
{
"cve": "CVE-2025-22113",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22113"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid journaling sb update on error if journal is destroying\n\nPresently we always BUG_ON if trying to start a transaction on a journal marked\nwith JBD2_UNMOUNT, since this should never happen. However, while ltp running\nstress tests, it was observed that in case of some error handling paths, it is\npossible for update_super_work to start a transaction after the journal is\ndestroyed eg:\n\n(umount)\next4_kill_sb\n kill_block_super\n generic_shutdown_super\n sync_filesystem /* commits all txns */\n evict_inodes\n /* might start a new txn */\n ext4_put_super\n\tflush_work(\u0026sbi-\u003es_sb_upd_work) /* flush the workqueue */\n jbd2_journal_destroy\n journal_kill_thread\n journal-\u003ej_flags |= JBD2_UNMOUNT;\n jbd2_journal_commit_transaction\n jbd2_journal_get_descriptor_buffer\n jbd2_journal_bmap\n ext4_journal_bmap\n ext4_map_blocks\n ...\n ext4_inode_error\n ext4_handle_error\n schedule_work(\u0026sbi-\u003es_sb_upd_work)\n\n /* work queue kicks in */\n update_super_work\n jbd2_journal_start\n start_this_handle\n BUG_ON(journal-\u003ej_flags \u0026\n JBD2_UNMOUNT)\n\nHence, introduce a new mount flag to indicate journal is destroying and only do\na journaled (and deferred) update of sb if this flag is not set. Otherwise, just\nfallback to an un-journaled commit.\n\nFurther, in the journal destroy path, we have the following sequence:\n\n 1. Set mount flag indicating journal is destroying\n 2. force a commit and wait for it\n 3. flush pending sb updates\n\nThis sequence is important as it ensures that, after this point, there is no sb\nupdate that might be journaled so it is safe to update the sb outside the\njournal. (To avoid race discussed in 2d01ddc86606)\n\nAlso, we don\u0027t need a similar check in ext4_grp_locked_error since it is only\ncalled from mballoc and AFAICT it would be always valid to schedule work here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22113",
"url": "https://www.suse.com/security/cve/CVE-2025-22113"
},
{
"category": "external",
"summary": "SUSE Bug 1241617 for CVE-2025-22113",
"url": "https://bugzilla.suse.com/1241617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22113"
},
{
"cve": "CVE-2025-22119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: init wiphy_work before allocating rfkill fails\n\nsyzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1]\n\nAfter rfkill allocation fails, the wiphy release process will be performed,\nwhich will cause cfg80211_dev_free to access the uninitialized wiphy_work\nrelated data.\n\nMove the initialization of wiphy_work to before rfkill initialization to\navoid this issue.\n\n[1]\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn\u0027t initialize this object before use?\nturning off the locking correctness validator.\nCPU: 0 UID: 0 PID: 5935 Comm: syz-executor550 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n assign_lock_key kernel/locking/lockdep.c:983 [inline]\n register_lock_class+0xc39/0x1240 kernel/locking/lockdep.c:1297\n __lock_acquire+0x135/0x3c40 kernel/locking/lockdep.c:5103\n lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162\n cfg80211_dev_free+0x30/0x3d0 net/wireless/core.c:1196\n device_release+0xa1/0x240 drivers/base/core.c:2568\n kobject_cleanup lib/kobject.c:689 [inline]\n kobject_release lib/kobject.c:720 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1e4/0x5a0 lib/kobject.c:737\n put_device+0x1f/0x30 drivers/base/core.c:3774\n wiphy_free net/wireless/core.c:1224 [inline]\n wiphy_new_nm+0x1c1f/0x2160 net/wireless/core.c:562\n ieee80211_alloc_hw_nm+0x1b7a/0x2260 net/mac80211/main.c:835\n mac80211_hwsim_new_radio+0x1d6/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5185\n hwsim_new_radio_nl+0xb42/0x12b0 drivers/net/wireless/virtual/mac80211_hwsim.c:6242\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2533\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1338\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1882\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg net/socket.c:733 [inline]\n ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2573\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2627\n __sys_sendmsg+0x16e/0x220 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n\nClose: https://syzkaller.appspot.com/bug?extid=aaf0488c83d1d5f4f029",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22119",
"url": "https://www.suse.com/security/cve/CVE-2025-22119"
},
{
"category": "external",
"summary": "SUSE Bug 1241576 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "external",
"summary": "SUSE Bug 1241577 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "important"
}
],
"title": "CVE-2025-22119"
},
{
"cve": "CVE-2025-22124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: fix wrong bitmap_limit for clustermd when write sb\n\nIn clustermd, separate write-intent-bitmaps are used for each cluster\nnode:\n\n0 4k 8k 12k\n-------------------------------------------------------------------\n| idle | md super | bm super [0] + bits |\n| bm bits[0, contd] | bm super[1] + bits | bm bits[1, contd] |\n| bm super[2] + bits | bm bits [2, contd] | bm super[3] + bits |\n| bm bits [3, contd] | | |\n\nSo in node 1, pg_index in __write_sb_page() could equal to\nbitmap-\u003estorage.file_pages. Then bitmap_limit will be calculated to\n0. md_super_write() will be called with 0 size.\nThat means the first 4k sb area of node 1 will never be updated\nthrough filemap_write_page().\nThis bug causes hang of mdadm/clustermd_tests/01r1_Grow_resize.\n\nHere use (pg_index % bitmap-\u003estorage.file_pages) to make calculation\nof bitmap_limit correct.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22124",
"url": "https://www.suse.com/security/cve/CVE-2025-22124"
},
{
"category": "external",
"summary": "SUSE Bug 1241595 for CVE-2025-22124",
"url": "https://bugzilla.suse.com/1241595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22124"
},
{
"cve": "CVE-2025-22125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1,raid10: don\u0027t ignore IO flags\n\nIf blk-wbt is enabled by default, it\u0027s found that raid write performance\nis quite bad because all IO are throttled by wbt of underlying disks,\ndue to flag REQ_IDLE is ignored. And turns out this behaviour exist since\nblk-wbt is introduced.\n\nOther than REQ_IDLE, other flags should not be ignored as well, for\nexample REQ_META can be set for filesystems, clearing it can cause priority\nreverse problems; And REQ_NOWAIT should not be cleared as well, because\nio will wait instead of failing directly in underlying disks.\n\nFix those problems by keep IO flags from master bio.\n\nFises: f51d46d0e7cb (\"md: add support for REQ_NOWAIT\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22125",
"url": "https://www.suse.com/security/cve/CVE-2025-22125"
},
{
"category": "external",
"summary": "SUSE Bug 1241596 for CVE-2025-22125",
"url": "https://bugzilla.suse.com/1241596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22125"
},
{
"cve": "CVE-2025-22126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix mddev uaf while iterating all_mddevs list\n\nWhile iterating all_mddevs list from md_notify_reboot() and md_exit(),\nlist_for_each_entry_safe is used, and this can race with deletint the\nnext mddev, causing UAF:\n\nt1:\nspin_lock\n//list_for_each_entry_safe(mddev, n, ...)\n mddev_get(mddev1)\n // assume mddev2 is the next entry\n spin_unlock\n t2:\n //remove mddev2\n ...\n mddev_free\n spin_lock\n list_del\n spin_unlock\n kfree(mddev2)\n mddev_put(mddev1)\n spin_lock\n //continue dereference mddev2-\u003eall_mddevs\n\nThe old helper for_each_mddev() actually grab the reference of mddev2\nwhile holding the lock, to prevent from being freed. This problem can be\nfixed the same way, however, the code will be complex.\n\nHence switch to use list_for_each_entry, in this case mddev_put() can free\nthe mddev1 and it\u0027s not safe as well. Refer to md_seq_show(), also factor\nout a helper mddev_put_locked() to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22126",
"url": "https://www.suse.com/security/cve/CVE-2025-22126"
},
{
"category": "external",
"summary": "SUSE Bug 1241597 for CVE-2025-22126",
"url": "https://bugzilla.suse.com/1241597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-22126"
},
{
"cve": "CVE-2025-23140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error\n\nAfter devm_request_irq() fails with error in pci_endpoint_test_request_irq(),\nthe pci_endpoint_test_free_irq_vectors() is called assuming that all IRQs\nhave been released.\n\nHowever, some requested IRQs remain unreleased, so there are still\n/proc/irq/* entries remaining, and this results in WARN() with the\nfollowing message:\n\n remove_proc_entry: removing non-empty directory \u0027irq/30\u0027, leaking at least \u0027pci-endpoint-test.0\u0027\n WARNING: CPU: 0 PID: 202 at fs/proc/generic.c:719 remove_proc_entry +0x190/0x19c\n\nTo solve this issue, set the number of remaining IRQs to test-\u003enum_irqs,\nand release IRQs in advance by calling pci_endpoint_test_release_irq().\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23140",
"url": "https://www.suse.com/security/cve/CVE-2025-23140"
},
{
"category": "external",
"summary": "SUSE Bug 1242763 for CVE-2025-23140",
"url": "https://bugzilla.suse.com/1242763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23140"
},
{
"cve": "CVE-2025-23141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses\n\nAcquire a lock on kvm-\u003esrcu when userspace is getting MP state to handle a\nrather extreme edge case where \"accepting\" APIC events, i.e. processing\npending INIT or SIPI, can trigger accesses to guest memory. If the vCPU\nis in L2 with INIT *and* a TRIPLE_FAULT request pending, then getting MP\nstate will trigger a nested VM-Exit by way of -\u003echeck_nested_events(), and\nemuating the nested VM-Exit can access guest memory.\n\nThe splat was originally hit by syzkaller on a Google-internal kernel, and\nreproduced on an upstream kernel by hacking the triple_fault_event_test\nselftest to stuff a pending INIT, store an MSR on VM-Exit (to generate a\nmemory access on VMX), and do vcpu_mp_state_get() to trigger the scenario.\n\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3-b112d356288b-vmx/pi_lockdep_false_pos-lock #3 Not tainted\n -----------------------------\n include/linux/kvm_host.h:1058 suspicious rcu_dereference_check() usage!\n\n other info that might help us debug this:\n\n rcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by triple_fault_ev/1256:\n #0: ffff88810df5a330 (\u0026vcpu-\u003emutex){+.+.}-{4:4}, at: kvm_vcpu_ioctl+0x8b/0x9a0 [kvm]\n\n stack backtrace:\n CPU: 11 UID: 1000 PID: 1256 Comm: triple_fault_ev Not tainted 6.14.0-rc3-b112d356288b-vmx #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7f/0x90\n lockdep_rcu_suspicious+0x144/0x190\n kvm_vcpu_gfn_to_memslot+0x156/0x180 [kvm]\n kvm_vcpu_read_guest+0x3e/0x90 [kvm]\n read_and_check_msr_entry+0x2e/0x180 [kvm_intel]\n __nested_vmx_vmexit+0x550/0xde0 [kvm_intel]\n kvm_check_nested_events+0x1b/0x30 [kvm]\n kvm_apic_accept_events+0x33/0x100 [kvm]\n kvm_arch_vcpu_ioctl_get_mpstate+0x30/0x1d0 [kvm]\n kvm_vcpu_ioctl+0x33e/0x9a0 [kvm]\n __x64_sys_ioctl+0x8b/0xb0\n do_syscall_64+0x6c/0x170\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23141",
"url": "https://www.suse.com/security/cve/CVE-2025-23141"
},
{
"category": "external",
"summary": "SUSE Bug 1242782 for CVE-2025-23141",
"url": "https://bugzilla.suse.com/1242782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23141"
},
{
"cve": "CVE-2025-23142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: detect and prevent references to a freed transport in sendmsg\n\nsctp_sendmsg() re-uses associations and transports when possible by\ndoing a lookup based on the socket endpoint and the message destination\naddress, and then sctp_sendmsg_to_asoc() sets the selected transport in\nall the message chunks to be sent.\n\nThere\u0027s a possible race condition if another thread triggers the removal\nof that selected transport, for instance, by explicitly unbinding an\naddress with setsockopt(SCTP_SOCKOPT_BINDX_REM), after the chunks have\nbeen set up and before the message is sent. This can happen if the send\nbuffer is full, during the period when the sender thread temporarily\nreleases the socket lock in sctp_wait_for_sndbuf().\n\nThis causes the access to the transport data in\nsctp_outq_select_transport(), when the association outqueue is flushed,\nto result in a use-after-free read.\n\nThis change avoids this scenario by having sctp_transport_free() signal\nthe freeing of the transport, tagging it as \"dead\". In order to do this,\nthe patch restores the \"dead\" bit in struct sctp_transport, which was\nremoved in\ncommit 47faa1e4c50e (\"sctp: remove the dead field of sctp_transport\").\n\nThen, in the scenario where the sender thread has released the socket\nlock in sctp_wait_for_sndbuf(), the bit is checked again after\nre-acquiring the socket lock to detect the deletion. This is done while\nholding a reference to the transport to prevent it from being freed in\nthe process.\n\nIf the transport was deleted while the socket lock was relinquished,\nsctp_sendmsg_to_asoc() will return -EAGAIN to let userspace retry the\nsend.\n\nThe bug was found by a private syzbot instance (see the error report [1]\nand the C reproducer that triggers it [2]).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23142",
"url": "https://www.suse.com/security/cve/CVE-2025-23142"
},
{
"category": "external",
"summary": "SUSE Bug 1242760 for CVE-2025-23142",
"url": "https://bugzilla.suse.com/1242760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23142"
},
{
"cve": "CVE-2025-23144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23144"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbacklight: led_bl: Hold led_access lock when calling led_sysfs_disable()\n\nLockdep detects the following issue on led-backlight removal:\n [ 142.315935] ------------[ cut here ]------------\n [ 142.315954] WARNING: CPU: 2 PID: 292 at drivers/leds/led-core.c:455 led_sysfs_enable+0x54/0x80\n ...\n [ 142.500725] Call trace:\n [ 142.503176] led_sysfs_enable+0x54/0x80 (P)\n [ 142.507370] led_bl_remove+0x80/0xa8 [led_bl]\n [ 142.511742] platform_remove+0x30/0x58\n [ 142.515501] device_remove+0x54/0x90\n ...\n\nIndeed, led_sysfs_enable() has to be called with the led_access\nlock held.\n\nHold the lock when calling led_sysfs_disable().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23144",
"url": "https://www.suse.com/security/cve/CVE-2025-23144"
},
{
"category": "external",
"summary": "SUSE Bug 1242568 for CVE-2025-23144",
"url": "https://bugzilla.suse.com/1242568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23144"
},
{
"cve": "CVE-2025-23146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: ene-kb3930: Fix a potential NULL pointer dereference\n\nThe off_gpios could be NULL. Add missing check in the kb3930_probe().\nThis is similar to the issue fixed in commit b1ba8bcb2d1f\n(\"backlight: hx8357: Fix potential NULL pointer dereference\").\n\nThis was detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23146",
"url": "https://www.suse.com/security/cve/CVE-2025-23146"
},
{
"category": "external",
"summary": "SUSE Bug 1242559 for CVE-2025-23146",
"url": "https://bugzilla.suse.com/1242559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23146"
},
{
"cve": "CVE-2025-23147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: Add NULL pointer check in i3c_master_queue_ibi()\n\nThe I3C master driver may receive an IBI from a target device that has not\nbeen probed yet. In such cases, the master calls `i3c_master_queue_ibi()`\nto queue an IBI work task, leading to \"Unable to handle kernel read from\nunreadable memory\" and resulting in a kernel panic.\n\nTypical IBI handling flow:\n1. The I3C master scans target devices and probes their respective drivers.\n2. The target device driver calls `i3c_device_request_ibi()` to enable IBI\n and assigns `dev-\u003eibi = ibi`.\n3. The I3C master receives an IBI from the target device and calls\n `i3c_master_queue_ibi()` to queue the target device driver\u0027s IBI\n handler task.\n\nHowever, since target device events are asynchronous to the I3C probe\nsequence, step 3 may occur before step 2, causing `dev-\u003eibi` to be `NULL`,\nleading to a kernel panic.\n\nAdd a NULL pointer check in `i3c_master_queue_ibi()` to prevent accessing\nan uninitialized `dev-\u003eibi`, ensuring stability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23147",
"url": "https://www.suse.com/security/cve/CVE-2025-23147"
},
{
"category": "external",
"summary": "SUSE Bug 1242530 for CVE-2025-23147",
"url": "https://bugzilla.suse.com/1242530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23147"
},
{
"cve": "CVE-2025-23148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()\n\nsoc_dev_attr-\u003erevision could be NULL, thus,\na pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23148",
"url": "https://www.suse.com/security/cve/CVE-2025-23148"
},
{
"category": "external",
"summary": "SUSE Bug 1242578 for CVE-2025-23148",
"url": "https://bugzilla.suse.com/1242578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23148"
},
{
"cve": "CVE-2025-23149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: do not start chip while suspended\n\nChecking TPM_CHIP_FLAG_SUSPENDED after the call to tpm_find_get_ops() can\nlead to a spurious tpm_chip_start() call:\n\n[35985.503771] i2c i2c-1: Transfer while suspended\n[35985.503796] WARNING: CPU: 0 PID: 74 at drivers/i2c/i2c-core.h:56 __i2c_transfer+0xbe/0x810\n[35985.503802] Modules linked in:\n[35985.503808] CPU: 0 UID: 0 PID: 74 Comm: hwrng Tainted: G W 6.13.0-next-20250203-00005-gfa0cb5642941 #19 9c3d7f78192f2d38e32010ac9c90fdc71109ef6f\n[35985.503814] Tainted: [W]=WARN\n[35985.503817] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[35985.503819] RIP: 0010:__i2c_transfer+0xbe/0x810\n[35985.503825] Code: 30 01 00 00 4c 89 f7 e8 40 fe d8 ff 48 8b 93 80 01 00 00 48 85 d2 75 03 49 8b 16 48 c7 c7 0a fb 7c a7 48 89 c6 e8 32 ad b0 fe \u003c0f\u003e 0b b8 94 ff ff ff e9 33 04 00 00 be 02 00 00 00 83 fd 02 0f 5\n[35985.503828] RSP: 0018:ffffa106c0333d30 EFLAGS: 00010246\n[35985.503833] RAX: 074ba64aa20f7000 RBX: ffff8aa4c1167120 RCX: 0000000000000000\n[35985.503836] RDX: 0000000000000000 RSI: ffffffffa77ab0e4 RDI: 0000000000000001\n[35985.503838] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\n[35985.503841] R10: 0000000000000004 R11: 00000001000313d5 R12: ffff8aa4c10f1820\n[35985.503843] R13: ffff8aa4c0e243c0 R14: ffff8aa4c1167250 R15: ffff8aa4c1167120\n[35985.503846] FS: 0000000000000000(0000) GS:ffff8aa4eae00000(0000) knlGS:0000000000000000\n[35985.503849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[35985.503852] CR2: 00007fab0aaf1000 CR3: 0000000105328000 CR4: 00000000003506f0\n[35985.503855] Call Trace:\n[35985.503859] \u003cTASK\u003e\n[35985.503863] ? __warn+0xd4/0x260\n[35985.503868] ? __i2c_transfer+0xbe/0x810\n[35985.503874] ? report_bug+0xf3/0x210\n[35985.503882] ? handle_bug+0x63/0xb0\n[35985.503887] ? exc_invalid_op+0x16/0x50\n[35985.503892] ? asm_exc_invalid_op+0x16/0x20\n[35985.503904] ? __i2c_transfer+0xbe/0x810\n[35985.503913] tpm_cr50_i2c_transfer_message+0x24/0xf0\n[35985.503920] tpm_cr50_i2c_read+0x8e/0x120\n[35985.503928] tpm_cr50_request_locality+0x75/0x170\n[35985.503935] tpm_chip_start+0x116/0x160\n[35985.503942] tpm_try_get_ops+0x57/0x90\n[35985.503948] tpm_find_get_ops+0x26/0xd0\n[35985.503955] tpm_get_random+0x2d/0x80\n\nDon\u0027t move forward with tpm_chip_start() inside tpm_try_get_ops(), unless\nTPM_CHIP_FLAG_SUSPENDED is not set. tpm_find_get_ops() will return NULL in\nsuch a failure case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23149",
"url": "https://www.suse.com/security/cve/CVE-2025-23149"
},
{
"category": "external",
"summary": "SUSE Bug 1242758 for CVE-2025-23149",
"url": "https://bugzilla.suse.com/1242758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23149"
},
{
"cve": "CVE-2025-23150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off-by-one error in do_split\n\nSyzkaller detected a use-after-free issue in ext4_insert_dentry that was\ncaused by out-of-bounds access due to incorrect splitting in do_split.\n\nBUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nWrite of size 251 at addr ffff888074572f14 by task syz-executor335/5847\n\nCPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\n ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\n add_dirent_to_buf+0x3d9/0x750 fs/ext4/namei.c:2154\n make_indexed_dir+0xf98/0x1600 fs/ext4/namei.c:2351\n ext4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2455\n ext4_add_nondir+0x8d/0x290 fs/ext4/namei.c:2796\n ext4_symlink+0x920/0xb50 fs/ext4/namei.c:3431\n vfs_symlink+0x137/0x2e0 fs/namei.c:4615\n do_symlinkat+0x222/0x3a0 fs/namei.c:4641\n __do_sys_symlink fs/namei.c:4662 [inline]\n __se_sys_symlink fs/namei.c:4660 [inline]\n __x64_sys_symlink+0x7a/0x90 fs/namei.c:4660\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThe following loop is located right above \u0027if\u0027 statement.\n\nfor (i = count-1; i \u003e= 0; i--) {\n\t/* is more than half of this entry in 2nd half of the block? */\n\tif (size + map[i].size/2 \u003e blocksize/2)\n\t\tbreak;\n\tsize += map[i].size;\n\tmove++;\n}\n\n\u0027i\u0027 in this case could go down to -1, in which case sum of active entries\nwouldn\u0027t exceed half the block size, but previous behaviour would also do\nsplit in half if sum would exceed at the very last block, which in case of\nhaving too many long name files in a single block could lead to\nout-of-bounds access and following use-after-free.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23150",
"url": "https://www.suse.com/security/cve/CVE-2025-23150"
},
{
"category": "external",
"summary": "SUSE Bug 1242513 for CVE-2025-23150",
"url": "https://bugzilla.suse.com/1242513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23150"
},
{
"cve": "CVE-2025-23151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Fix race between unprepare and queue_buf\n\nA client driver may use mhi_unprepare_from_transfer() to quiesce\nincoming data during the client driver\u0027s tear down. The client driver\nmight also be processing data at the same time, resulting in a call to\nmhi_queue_buf() which will invoke mhi_gen_tre(). If mhi_gen_tre() runs\nafter mhi_unprepare_from_transfer() has torn down the channel, a panic\nwill occur due to an invalid dereference leading to a page fault.\n\nThis occurs because mhi_gen_tre() does not verify the channel state\nafter locking it. Fix this by having mhi_gen_tre() confirm the channel\nstate is valid, or return error to avoid accessing deinitialized data.\n\n[mani: added stable tag]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23151",
"url": "https://www.suse.com/security/cve/CVE-2025-23151"
},
{
"category": "external",
"summary": "SUSE Bug 1242512 for CVE-2025-23151",
"url": "https://bugzilla.suse.com/1242512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23151"
},
{
"cve": "CVE-2025-23155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23155"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: Fix accessing freed irq affinity_hint\n\nThe cpumask should not be a local variable, since its pointer is saved\nto irq_desc and may be accessed from procfs.\nTo fix it, use the persistent mask cpumask_of(cpu#).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23155",
"url": "https://www.suse.com/security/cve/CVE-2025-23155"
},
{
"category": "external",
"summary": "SUSE Bug 1242573 for CVE-2025-23155",
"url": "https://bugzilla.suse.com/1242573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23155"
},
{
"cve": "CVE-2025-23156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: refactor hfi packet parsing logic\n\nwords_count denotes the number of words in total payload, while data\npoints to payload of various property within it. When words_count\nreaches last word, data can access memory beyond the total payload. This\ncan lead to OOB access. With this patch, the utility api for handling\nindividual properties now returns the size of data consumed. Accordingly\nremaining bytes are calculated before parsing the payload, thereby\neliminates the OOB access possibilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23156",
"url": "https://www.suse.com/security/cve/CVE-2025-23156"
},
{
"category": "external",
"summary": "SUSE Bug 1242569 for CVE-2025-23156",
"url": "https://bugzilla.suse.com/1242569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23156"
},
{
"cve": "CVE-2025-23157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: add check to avoid out of bound access\n\nThere is a possibility that init_codecs is invoked multiple times during\nmanipulated payload from video firmware. In such case, if codecs_count\ncan get incremented to value more than MAX_CODEC_NUM, there can be OOB\naccess. Reset the count so that it always starts from beginning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23157",
"url": "https://www.suse.com/security/cve/CVE-2025-23157"
},
{
"category": "external",
"summary": "SUSE Bug 1242532 for CVE-2025-23157",
"url": "https://bugzilla.suse.com/1242532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23157"
},
{
"cve": "CVE-2025-23158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add check to handle incorrect queue size\n\nqsize represents size of shared queued between driver and video\nfirmware. Firmware can modify this value to an invalid large value. In\nsuch situation, empty_space will be bigger than the space actually\navailable. Since new_wr_idx is not checked, so the following code will\nresult in an OOB write.\n...\nqsize = qhdr-\u003eq_size\n\nif (wr_idx \u003e= rd_idx)\n empty_space = qsize - (wr_idx - rd_idx)\n....\nif (new_wr_idx \u003c qsize) {\n memcpy(wr_ptr, packet, dwords \u003c\u003c 2) --\u003e OOB write\n\nAdd check to ensure qsize is within the allocated size while\nreading and writing packets into the queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23158",
"url": "https://www.suse.com/security/cve/CVE-2025-23158"
},
{
"category": "external",
"summary": "SUSE Bug 1242531 for CVE-2025-23158",
"url": "https://bugzilla.suse.com/1242531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23158"
},
{
"cve": "CVE-2025-23159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add a check to handle OOB in sfr region\n\nsfr-\u003ebuf_size is in shared memory and can be modified by malicious user.\nOOB write is possible when the size is made higher than actual sfr data\nbuffer. Cap the size to allocated size for such cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23159",
"url": "https://www.suse.com/security/cve/CVE-2025-23159"
},
{
"category": "external",
"summary": "SUSE Bug 1242529 for CVE-2025-23159",
"url": "https://bugzilla.suse.com/1242529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23159"
},
{
"cve": "CVE-2025-23160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization\n\nOn Mediatek devices with a system companion processor (SCP) the mtk_scp\nstructure has to be removed explicitly to avoid a resource leak.\nFree the structure in case the allocation of the firmware structure fails\nduring the firmware initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23160",
"url": "https://www.suse.com/security/cve/CVE-2025-23160"
},
{
"category": "external",
"summary": "SUSE Bug 1242507 for CVE-2025-23160",
"url": "https://bugzilla.suse.com/1242507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23160"
},
{
"cve": "CVE-2025-23161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type\n\nThe access to the PCI config space via pci_ops::read and pci_ops::write is\na low-level hardware access. The functions can be accessed with disabled\ninterrupts even on PREEMPT_RT. The pci_lock is a raw_spinlock_t for this\npurpose.\n\nA spinlock_t becomes a sleeping lock on PREEMPT_RT, so it cannot be\nacquired with disabled interrupts. The vmd_dev::cfg_lock is accessed in\nthe same context as the pci_lock.\n\nMake vmd_dev::cfg_lock a raw_spinlock_t type so it can be used with\ninterrupts disabled.\n\nThis was reported as:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n Call Trace:\n rt_spin_lock+0x4e/0x130\n vmd_pci_read+0x8d/0x100 [vmd]\n pci_user_read_config_byte+0x6f/0xe0\n pci_read_config+0xfe/0x290\n sysfs_kf_bin_read+0x68/0x90\n\n[bigeasy: reword commit message]\nTested-off-by: Luis Claudio R. Goncalves \u003clgoncalv@redhat.com\u003e\n[kwilczynski: commit log]\n[bhelgaas: add back report info from\nhttps://lore.kernel.org/lkml/20241218115951.83062-1-ryotkkr98@gmail.com/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23161",
"url": "https://www.suse.com/security/cve/CVE-2025-23161"
},
{
"category": "external",
"summary": "SUSE Bug 1242792 for CVE-2025-23161",
"url": "https://bugzilla.suse.com/1242792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-23161"
},
{
"cve": "CVE-2025-37738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: ignore xattrs past end\n\nOnce inside \u0027ext4_xattr_inode_dec_ref_all\u0027 we should\nignore xattrs entries past the \u0027end\u0027 entry.\n\nThis fixes the following KASAN reported issue:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\nRead of size 4 at addr ffff888012c120c4 by task repro/2065\n\nCPU: 1 UID: 0 PID: 2065 Comm: repro Not tainted 6.13.0-rc2+ #11\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x1fd/0x300\n ? tcp_gro_dev_warn+0x260/0x260\n ? _printk+0xc0/0x100\n ? read_lock_is_recursive+0x10/0x10\n ? irq_work_queue+0x72/0xf0\n ? __virt_addr_valid+0x17b/0x4b0\n print_address_description+0x78/0x390\n print_report+0x107/0x1f0\n ? __virt_addr_valid+0x17b/0x4b0\n ? __virt_addr_valid+0x3ff/0x4b0\n ? __phys_addr+0xb5/0x160\n ? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n kasan_report+0xcc/0x100\n ? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n ? ext4_xattr_delete_inode+0xd30/0xd30\n ? __ext4_journal_ensure_credits+0x5f0/0x5f0\n ? __ext4_journal_ensure_credits+0x2b/0x5f0\n ? inode_update_timestamps+0x410/0x410\n ext4_xattr_delete_inode+0xb64/0xd30\n ? ext4_truncate+0xb70/0xdc0\n ? ext4_expand_extra_isize_ea+0x1d20/0x1d20\n ? __ext4_mark_inode_dirty+0x670/0x670\n ? ext4_journal_check_start+0x16f/0x240\n ? ext4_inode_is_fast_symlink+0x2f2/0x3a0\n ext4_evict_inode+0xc8c/0xff0\n ? ext4_inode_is_fast_symlink+0x3a0/0x3a0\n ? do_raw_spin_unlock+0x53/0x8a0\n ? ext4_inode_is_fast_symlink+0x3a0/0x3a0\n evict+0x4ac/0x950\n ? proc_nr_inodes+0x310/0x310\n ? trace_ext4_drop_inode+0xa2/0x220\n ? _raw_spin_unlock+0x1a/0x30\n ? iput+0x4cb/0x7e0\n do_unlinkat+0x495/0x7c0\n ? try_break_deleg+0x120/0x120\n ? 0xffffffff81000000\n ? __check_object_size+0x15a/0x210\n ? strncpy_from_user+0x13e/0x250\n ? getname_flags+0x1dc/0x530\n __x64_sys_unlinkat+0xc8/0xf0\n do_syscall_64+0x65/0x110\n entry_SYSCALL_64_after_hwframe+0x67/0x6f\nRIP: 0033:0x434ffd\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 8\nRSP: 002b:00007ffc50fa7b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000107\nRAX: ffffffffffffffda RBX: 00007ffc50fa7e18 RCX: 0000000000434ffd\nRDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000005\nRBP: 00007ffc50fa7be0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001\nR13: 00007ffc50fa7e08 R14: 00000000004bbf30 R15: 0000000000000001\n \u003c/TASK\u003e\n\nThe buggy address belongs to the object at ffff888012c12000\n which belongs to the cache filp of size 360\nThe buggy address is located 196 bytes inside of\n freed 360-byte region [ffff888012c12000, ffff888012c12168)\n\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12c12\nhead: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0\nflags: 0x40(head|node=0|zone=0)\npage_type: f5(slab)\nraw: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nraw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nhead: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000001 ffffea00004b0481 ffffffffffffffff 0000000000000000\nhead: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888012c11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888012c12000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n\u003e ffff888012c12080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888012c12100: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc\n ffff888012c12180: fc fc fc fc fc fc fc fc fc\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37738",
"url": "https://www.suse.com/security/cve/CVE-2025-37738"
},
{
"category": "external",
"summary": "SUSE Bug 1242846 for CVE-2025-37738",
"url": "https://bugzilla.suse.com/1242846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37738"
},
{
"cve": "CVE-2025-37740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add sanity check for agwidth in dbMount\n\nThe width in dmapctl of the AG is zero, it trigger a divide error when\ncalculating the control page level in dbAllocAG.\n\nTo avoid this issue, add a check for agwidth in dbAllocAG.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37740",
"url": "https://www.suse.com/security/cve/CVE-2025-37740"
},
{
"category": "external",
"summary": "SUSE Bug 1243006 for CVE-2025-37740",
"url": "https://bugzilla.suse.com/1243006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37740"
},
{
"cve": "CVE-2025-37741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Prevent copying of nlink with value 0 from disk inode\n\nsyzbot report a deadlock in diFree. [1]\n\nWhen calling \"ioctl$LOOP_SET_STATUS64\", the offset value passed in is 4,\nwhich does not match the mounted loop device, causing the mapping of the\nmounted loop device to be invalidated.\n\nWhen creating the directory and creating the inode of iag in diReadSpecial(),\nread the page of fixed disk inode (AIT) in raw mode in read_metapage(), the\nmetapage data it returns is corrupted, which causes the nlink value of 0 to be\nassigned to the iag inode when executing copy_from_dinode(), which ultimately\ncauses a deadlock when entering diFree().\n\nTo avoid this, first check the nlink value of dinode before setting iag inode.\n\n[1]\nWARNING: possible recursive locking detected\n6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0 Not tainted\n--------------------------------------------\nsyz-executor301/5309 is trying to acquire lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n\nbut task is already holding lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026(imap-\u003eim_aglock[index]));\n lock(\u0026(imap-\u003eim_aglock[index]));\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n5 locks held by syz-executor301/5309:\n #0: ffff8880422a4420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:515\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:850 [inline]\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: filename_create+0x260/0x540 fs/namei.c:4026\n #2: ffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2460 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocAG+0x4b7/0x1e50 fs/jfs/jfs_imap.c:1669\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2477 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocAG+0x869/0x1e50 fs/jfs/jfs_imap.c:1669\n\nstack backtrace:\nCPU: 0 UID: 0 PID: 5309 Comm: syz-executor301 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_deadlock_bug+0x483/0x620 kernel/locking/lockdep.c:3037\n check_deadlock kernel/locking/lockdep.c:3089 [inline]\n validate_chain+0x15e2/0x5920 kernel/locking/lockdep.c:3891\n __lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5202\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825\n __mutex_lock_common kernel/locking/mutex.c:608 [inline]\n __mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752\n diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n jfs_evict_inode+0x32d/0x440 fs/jfs/inode.c:156\n evict+0x4e8/0x9b0 fs/inode.c:725\n diFreeSpecial fs/jfs/jfs_imap.c:552 [inline]\n duplicateIXtree+0x3c6/0x550 fs/jfs/jfs_imap.c:3022\n diNewIAG fs/jfs/jfs_imap.c:2597 [inline]\n diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n diAllocAG+0x17dc/0x1e50 fs/jfs/jfs_imap.c:1669\n diAlloc+0x1d2/0x1630 fs/jfs/jfs_imap.c:1590\n ialloc+0x8f/0x900 fs/jfs/jfs_inode.c:56\n jfs_mkdir+0x1c5/0xba0 fs/jfs/namei.c:225\n vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257\n do_mkdirat+0x264/0x3a0 fs/namei.c:4280\n __do_sys_mkdirat fs/namei.c:4295 [inline]\n __se_sys_mkdirat fs/namei.c:4293 [inline]\n __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293\n do_syscall_x64 arch/x86/en\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37741",
"url": "https://www.suse.com/security/cve/CVE-2025-37741"
},
{
"category": "external",
"summary": "SUSE Bug 1243015 for CVE-2025-37741",
"url": "https://bugzilla.suse.com/1243015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37741"
},
{
"cve": "CVE-2025-37742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix uninit-value access of imap allocated in the diMount() function\n\nsyzbot reports that hex_dump_to_buffer is using uninit-value:\n\n=====================================================\nBUG: KMSAN: uninit-value in hex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nhex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nprint_hex_dump+0x13d/0x3e0 lib/hexdump.c:276\ndiFree+0x5ba/0x4350 fs/jfs/jfs_imap.c:876\njfs_evict_inode+0x510/0x550 fs/jfs/inode.c:156\nevict+0x723/0xd10 fs/inode.c:796\niput_final fs/inode.c:1946 [inline]\niput+0x97b/0xdb0 fs/inode.c:1972\ntxUpdateMap+0xf3e/0x1150 fs/jfs/jfs_txnmgr.c:2367\ntxLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline]\njfs_lazycommit+0x627/0x11d0 fs/jfs/jfs_txnmgr.c:2733\nkthread+0x6b9/0xef0 kernel/kthread.c:464\nret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:148\nret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nUninit was created at:\nslab_post_alloc_hook mm/slub.c:4121 [inline]\nslab_alloc_node mm/slub.c:4164 [inline]\n__kmalloc_cache_noprof+0x8e3/0xdf0 mm/slub.c:4320\nkmalloc_noprof include/linux/slab.h:901 [inline]\ndiMount+0x61/0x7f0 fs/jfs/jfs_imap.c:105\njfs_mount+0xa8e/0x11d0 fs/jfs/jfs_mount.c:176\njfs_fill_super+0xa47/0x17c0 fs/jfs/super.c:523\nget_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636\nget_tree_bdev+0x37/0x50 fs/super.c:1659\njfs_get_tree+0x34/0x40 fs/jfs/super.c:635\nvfs_get_tree+0xb1/0x5a0 fs/super.c:1814\ndo_new_mount+0x71f/0x15e0 fs/namespace.c:3560\npath_mount+0x742/0x1f10 fs/namespace.c:3887\ndo_mount fs/namespace.c:3900 [inline]\n__do_sys_mount fs/namespace.c:4111 [inline]\n__se_sys_mount+0x71f/0x800 fs/namespace.c:4088\n__x64_sys_mount+0xe4/0x150 fs/namespace.c:4088\nx64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\n=====================================================\n\nThe reason is that imap is not properly initialized after memory\nallocation. It will cause the snprintf() function to write uninitialized\ndata into linebuf within hex_dump_to_buffer().\n\nFix this by using kzalloc instead of kmalloc to clear its content at the\nbeginning in diMount().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37742",
"url": "https://www.suse.com/security/cve/CVE-2025-37742"
},
{
"category": "external",
"summary": "SUSE Bug 1243011 for CVE-2025-37742",
"url": "https://bugzilla.suse.com/1243011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37742"
},
{
"cve": "CVE-2025-37743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Avoid memory leak while enabling statistics\n\nDriver uses monitor destination rings for extended statistics mode and\nstandalone monitor mode. In extended statistics mode, TLVs are parsed from\nthe buffer received from the monitor destination ring and assigned to the\nppdu_info structure to update per-packet statistics. In standalone monitor\nmode, along with per-packet statistics, the packet data (payload) is\ncaptured, and the driver updates per MSDU to mac80211.\n\nWhen the AP interface is enabled, only extended statistics mode is\nactivated. As part of enabling monitor rings for collecting statistics,\nthe driver subscribes to HAL_RX_MPDU_START TLV in the filter\nconfiguration. This TLV is received from the monitor destination ring, and\nkzalloc for the mon_mpdu object occurs, which is not freed, leading to a\nmemory leak. The kzalloc for the mon_mpdu object is only required while\nenabling the standalone monitor interface. This causes a memory leak while\nenabling extended statistics mode in the driver.\n\nFix this memory leak by removing the kzalloc for the mon_mpdu object in\nthe HAL_RX_MPDU_START TLV handling. Additionally, remove the standalone\nmonitor mode handlings in the HAL_MON_BUF_ADDR and HAL_RX_MSDU_END TLVs.\nThese TLV tags will be handled properly when enabling standalone monitor\nmode in the future.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37743",
"url": "https://www.suse.com/security/cve/CVE-2025-37743"
},
{
"category": "external",
"summary": "SUSE Bug 1242163 for CVE-2025-37743",
"url": "https://bugzilla.suse.com/1242163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37743"
},
{
"cve": "CVE-2025-37747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37747",
"url": "https://www.suse.com/security/cve/CVE-2025-37747"
},
{
"category": "external",
"summary": "SUSE Bug 1242520 for CVE-2025-37747",
"url": "https://bugzilla.suse.com/1242520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37747"
},
{
"cve": "CVE-2025-37748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37748"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group\n\nCurrently, mtk_iommu calls during probe iommu_device_register before\nthe hw_list from driver data is initialized. Since iommu probing issue\nfix, it leads to NULL pointer dereference in mtk_iommu_device_group when\nhw_list is accessed with list_first_entry (not null safe).\n\nSo, change the call order to ensure iommu_device_register is called\nafter the driver data are initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37748",
"url": "https://www.suse.com/security/cve/CVE-2025-37748"
},
{
"category": "external",
"summary": "SUSE Bug 1242523 for CVE-2025-37748",
"url": "https://bugzilla.suse.com/1242523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37748"
},
{
"cve": "CVE-2025-37749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ppp: Add bound checking for skb data on ppp_sync_txmung\n\nEnsure we have enough data in linear buffer from skb before accessing\ninitial bytes. This prevents potential out-of-bounds accesses\nwhen processing short packets.\n\nWhen ppp_sync_txmung receives an incoming package with an empty\npayload:\n(remote) gef\u27a4 p *(struct pppoe_hdr *) (skb-\u003ehead + skb-\u003enetwork_header)\n$18 = {\n\ttype = 0x1,\n\tver = 0x1,\n\tcode = 0x0,\n\tsid = 0x2,\n length = 0x0,\n\ttag = 0xffff8880371cdb96\n}\n\nfrom the skb struct (trimmed)\n tail = 0x16,\n end = 0x140,\n head = 0xffff88803346f400 \"4\",\n data = 0xffff88803346f416 \":\\377\",\n truesize = 0x380,\n len = 0x0,\n data_len = 0x0,\n mac_len = 0xe,\n hdr_len = 0x0,\n\nit is not safe to access data[2].\n\n[pabeni@redhat.com: fixed subj typo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37749",
"url": "https://www.suse.com/security/cve/CVE-2025-37749"
},
{
"category": "external",
"summary": "SUSE Bug 1242859 for CVE-2025-37749",
"url": "https://bugzilla.suse.com/1242859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37749"
},
{
"cve": "CVE-2025-37750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in decryption with multichannel\n\nAfter commit f7025d861694 (\"smb: client: allocate crypto only for\nprimary server\") and commit b0abcd65ec54 (\"smb: client: fix UAF in\nasync decryption\"), the channels started reusing AEAD TFM from primary\nchannel to perform synchronous decryption, but that can\u0027t done as\nthere could be multiple cifsd threads (one per channel) simultaneously\naccessing it to perform decryption.\n\nThis fixes the following KASAN splat when running fstest generic/249\nwith \u0027vers=3.1.1,multichannel,max_channels=4,seal\u0027 against Windows\nServer 2022:\n\nBUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xba/0x110\nRead of size 8 at addr ffff8881046c18a0 by task cifsd/986\nCPU: 3 UID: 0 PID: 986 Comm: cifsd Not tainted 6.15.0-rc1 #1\nPREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n print_report+0x156/0x528\n ? gf128mul_4k_lle+0xba/0x110\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? gf128mul_4k_lle+0xba/0x110\n kasan_report+0xdf/0x1a0\n ? gf128mul_4k_lle+0xba/0x110\n gf128mul_4k_lle+0xba/0x110\n ghash_update+0x189/0x210\n shash_ahash_update+0x295/0x370\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_extract_iter_to_sg+0x10/0x10\n ? ___kmalloc_large_node+0x10e/0x180\n ? __asan_memset+0x23/0x50\n crypto_ahash_update+0x3c/0xc0\n gcm_hash_assoc_remain_continue+0x93/0xc0\n crypt_message+0xe09/0xec0 [cifs]\n ? __pfx_crypt_message+0x10/0x10 [cifs]\n ? _raw_spin_unlock+0x23/0x40\n ? __pfx_cifs_readv_from_socket+0x10/0x10 [cifs]\n decrypt_raw_data+0x229/0x380 [cifs]\n ? __pfx_decrypt_raw_data+0x10/0x10 [cifs]\n ? __pfx_cifs_read_iter_from_socket+0x10/0x10 [cifs]\n smb3_receive_transform+0x837/0xc80 [cifs]\n ? __pfx_smb3_receive_transform+0x10/0x10 [cifs]\n ? __pfx___might_resched+0x10/0x10\n ? __pfx_smb3_is_transform_hdr+0x10/0x10 [cifs]\n cifs_demultiplex_thread+0x692/0x1570 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n ? rcu_is_watching+0x20/0x50\n ? rcu_lockdep_current_cpu_online+0x62/0xb0\n ? find_held_lock+0x32/0x90\n ? kvm_sched_clock_read+0x11/0x20\n ? local_clock_noinstr+0xd/0xd0\n ? trace_irq_enable.constprop.0+0xa8/0xe0\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0x1fe/0x380\n ? kthread+0x10f/0x380\n ? __pfx_kthread+0x10/0x10\n ? local_clock_noinstr+0xd/0xd0\n ? ret_from_fork+0x1b/0x60\n ? local_clock+0x15/0x30\n ? lock_release+0x29b/0x390\n ? rcu_is_watching+0x20/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37750",
"url": "https://www.suse.com/security/cve/CVE-2025-37750"
},
{
"category": "external",
"summary": "SUSE Bug 1242510 for CVE-2025-37750",
"url": "https://bugzilla.suse.com/1242510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37750"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "important"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/huc: Fix fence not released on early probe errors\n\nHuC delayed loading fence, introduced with commit 27536e03271da\n(\"drm/i915/huc: track delayed HuC load with a fence\"), is registered with\nobject tracker early on driver probe but unregistered only from driver\nremove, which is not called on early probe errors. Since its memory is\nallocated under devres, then released anyway, it may happen to be\nallocated again to the fence and reused on future driver probes, resulting\nin kernel warnings that taint the kernel:\n\n\u003c4\u003e [309.731371] ------------[ cut here ]------------\n\u003c3\u003e [309.731373] ODEBUG: init destroyed (active state 0) object: ffff88813d7dd2e0 object type: i915_sw_fence hint: sw_fence_dummy_notify+0x0/0x20 [i915]\n\u003c4\u003e [309.731575] WARNING: CPU: 2 PID: 3161 at lib/debugobjects.c:612 debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731693] CPU: 2 UID: 0 PID: 3161 Comm: i915_module_loa Tainted: G U 6.14.0-CI_DRM_16362-gf0fd77956987+ #1\n...\n\u003c4\u003e [309.731700] RIP: 0010:debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731728] Call Trace:\n\u003c4\u003e [309.731730] \u003cTASK\u003e\n...\n\u003c4\u003e [309.731949] __debug_object_init+0x17b/0x1c0\n\u003c4\u003e [309.731957] debug_object_init+0x34/0x50\n\u003c4\u003e [309.732126] __i915_sw_fence_init+0x34/0x60 [i915]\n\u003c4\u003e [309.732256] intel_huc_init_early+0x4b/0x1d0 [i915]\n\u003c4\u003e [309.732468] intel_uc_init_early+0x61/0x680 [i915]\n\u003c4\u003e [309.732667] intel_gt_common_init_early+0x105/0x130 [i915]\n\u003c4\u003e [309.732804] intel_root_gt_init_early+0x63/0x80 [i915]\n\u003c4\u003e [309.732938] i915_driver_probe+0x1fa/0xeb0 [i915]\n\u003c4\u003e [309.733075] i915_pci_probe+0xe6/0x220 [i915]\n\u003c4\u003e [309.733198] local_pci_probe+0x44/0xb0\n\u003c4\u003e [309.733203] pci_device_probe+0xf4/0x270\n\u003c4\u003e [309.733209] really_probe+0xee/0x3c0\n\u003c4\u003e [309.733215] __driver_probe_device+0x8c/0x180\n\u003c4\u003e [309.733219] driver_probe_device+0x24/0xd0\n\u003c4\u003e [309.733223] __driver_attach+0x10f/0x220\n\u003c4\u003e [309.733230] bus_for_each_dev+0x7d/0xe0\n\u003c4\u003e [309.733236] driver_attach+0x1e/0x30\n\u003c4\u003e [309.733239] bus_add_driver+0x151/0x290\n\u003c4\u003e [309.733244] driver_register+0x5e/0x130\n\u003c4\u003e [309.733247] __pci_register_driver+0x7d/0x90\n\u003c4\u003e [309.733251] i915_pci_register_driver+0x23/0x30 [i915]\n\u003c4\u003e [309.733413] i915_init+0x34/0x120 [i915]\n\u003c4\u003e [309.733655] do_one_initcall+0x62/0x3f0\n\u003c4\u003e [309.733667] do_init_module+0x97/0x2a0\n\u003c4\u003e [309.733671] load_module+0x25ff/0x2890\n\u003c4\u003e [309.733688] init_module_from_file+0x97/0xe0\n\u003c4\u003e [309.733701] idempotent_init_module+0x118/0x330\n\u003c4\u003e [309.733711] __x64_sys_finit_module+0x77/0x100\n\u003c4\u003e [309.733715] x64_sys_call+0x1f37/0x2650\n\u003c4\u003e [309.733719] do_syscall_64+0x91/0x180\n\u003c4\u003e [309.733763] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\u003c4\u003e [309.733792] \u003c/TASK\u003e\n...\n\u003c4\u003e [309.733806] ---[ end trace 0000000000000000 ]---\n\nThat scenario is most easily reproducible with\nigt@i915_module_load@reload-with-fault-injection.\n\nFix the issue by moving the cleanup step to driver release path.\n\n(cherry picked from commit 795dbde92fe5c6996a02a5b579481de73035e7bf)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37754",
"url": "https://www.suse.com/security/cve/CVE-2025-37754"
},
{
"category": "external",
"summary": "SUSE Bug 1242524 for CVE-2025-37754",
"url": "https://bugzilla.suse.com/1242524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37754"
},
{
"cve": "CVE-2025-37755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37755"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: handle page_pool_dev_alloc_pages error\n\npage_pool_dev_alloc_pages could return NULL. There was a WARN_ON(!page)\nbut it would still proceed to use the NULL pointer and then crash.\n\nThis is similar to commit 001ba0902046\n(\"net: fec: handle page_pool_dev_alloc_pages error\").\n\nThis is found by our static analysis tool KNighter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37755",
"url": "https://www.suse.com/security/cve/CVE-2025-37755"
},
{
"category": "external",
"summary": "SUSE Bug 1242506 for CVE-2025-37755",
"url": "https://bugzilla.suse.com/1242506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37755"
},
{
"cve": "CVE-2025-37758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()\n\ndevm_ioremap() returns NULL on error. Currently, pxa_ata_probe() does\nnot check for this case, which can result in a NULL pointer dereference.\n\nAdd NULL check after devm_ioremap() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37758",
"url": "https://www.suse.com/security/cve/CVE-2025-37758"
},
{
"category": "external",
"summary": "SUSE Bug 1242514 for CVE-2025-37758",
"url": "https://bugzilla.suse.com/1242514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37758"
},
{
"cve": "CVE-2025-37765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: prime: fix ttm_bo_delayed_delete oops\n\nFix an oops in ttm_bo_delayed_delete which results from dererencing a\ndangling pointer:\n\nOops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [#1] PREEMPT SMP\nCPU: 4 UID: 0 PID: 1082 Comm: kworker/u65:2 Not tainted 6.14.0-rc4-00267-g505460b44513-dirty #216\nHardware name: LENOVO 82N6/LNVNB161216, BIOS GKCN65WW 01/16/2024\nWorkqueue: ttm ttm_bo_delayed_delete [ttm]\nRIP: 0010:dma_resv_iter_first_unlocked+0x55/0x290\nCode: 31 f6 48 c7 c7 00 2b fa aa e8 97 bd 52 ff e8 a2 c1 53 00 5a 85 c0 74 48 e9 88 01 00 00 4c 89 63 20 4d 85 e4 0f 84 30 01 00 00 \u003c41\u003e 8b 44 24 10 c6 43 2c 01 48 89 df 89 43 28 e8 97 fd ff ff 4c 8b\nRSP: 0018:ffffbf9383473d60 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: ffffbf9383473d88 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffbf9383473d78 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 6b6b6b6b6b6b6b6b\nR13: ffffa003bbf78580 R14: ffffa003a6728040 R15: 00000000000383cc\nFS: 0000000000000000(0000) GS:ffffa00991c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000758348024dd0 CR3: 000000012c259000 CR4: 0000000000f50ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x26\n ? die_addr+0x3d/0x70\n ? exc_general_protection+0x159/0x460\n ? asm_exc_general_protection+0x27/0x30\n ? dma_resv_iter_first_unlocked+0x55/0x290\n dma_resv_wait_timeout+0x56/0x100\n ttm_bo_delayed_delete+0x69/0xb0 [ttm]\n process_one_work+0x217/0x5c0\n worker_thread+0x1c8/0x3d0\n ? apply_wqattrs_cleanup.part.0+0xc0/0xc0\n kthread+0x10b/0x240\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork+0x40/0x70\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThe cause of this is:\n\n- drm_prime_gem_destroy calls dma_buf_put(dma_buf) which releases the\n reference to the shared dma_buf. The reference count is 0, so the\n dma_buf is destroyed, which in turn decrements the corresponding\n amdgpu_bo reference count to 0, and the amdgpu_bo is destroyed -\n calling drm_gem_object_release then dma_resv_fini (which destroys the\n reservation object), then finally freeing the amdgpu_bo.\n\n- nouveau_bo obj-\u003ebo.base.resv is now a dangling pointer to the memory\n formerly allocated to the amdgpu_bo.\n\n- nouveau_gem_object_del calls ttm_bo_put(\u0026nvbo-\u003ebo) which calls\n ttm_bo_release, which schedules ttm_bo_delayed_delete.\n\n- ttm_bo_delayed_delete runs and dereferences the dangling resv pointer,\n resulting in a general protection fault.\n\nFix this by moving the drm_prime_gem_destroy call from\nnouveau_gem_object_del to nouveau_bo_del_ttm. This ensures that it will\nbe run after ttm_bo_delayed_delete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37765",
"url": "https://www.suse.com/security/cve/CVE-2025-37765"
},
{
"category": "external",
"summary": "SUSE Bug 1242761 for CVE-2025-37765",
"url": "https://bugzilla.suse.com/1242761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37765"
},
{
"cve": "CVE-2025-37766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37766",
"url": "https://www.suse.com/security/cve/CVE-2025-37766"
},
{
"category": "external",
"summary": "SUSE Bug 1242785 for CVE-2025-37766",
"url": "https://bugzilla.suse.com/1242785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37766"
},
{
"cve": "CVE-2025-37767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37767",
"url": "https://www.suse.com/security/cve/CVE-2025-37767"
},
{
"category": "external",
"summary": "SUSE Bug 1242501 for CVE-2025-37767",
"url": "https://bugzilla.suse.com/1242501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37767"
},
{
"cve": "CVE-2025-37768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37768",
"url": "https://www.suse.com/security/cve/CVE-2025-37768"
},
{
"category": "external",
"summary": "SUSE Bug 1242567 for CVE-2025-37768",
"url": "https://bugzilla.suse.com/1242567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37768"
},
{
"cve": "CVE-2025-37769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm/smu11: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n(cherry picked from commit da7dc714a8f8e1c9fc33c57cd63583779a3bef71)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37769",
"url": "https://www.suse.com/security/cve/CVE-2025-37769"
},
{
"category": "external",
"summary": "SUSE Bug 1242587 for CVE-2025-37769",
"url": "https://bugzilla.suse.com/1242587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37769"
},
{
"cve": "CVE-2025-37770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37770",
"url": "https://www.suse.com/security/cve/CVE-2025-37770"
},
{
"category": "external",
"summary": "SUSE Bug 1242764 for CVE-2025-37770",
"url": "https://bugzilla.suse.com/1242764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37770"
},
{
"cve": "CVE-2025-37771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37771",
"url": "https://www.suse.com/security/cve/CVE-2025-37771"
},
{
"category": "external",
"summary": "SUSE Bug 1242781 for CVE-2025-37771",
"url": "https://bugzilla.suse.com/1242781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37771"
},
{
"cve": "CVE-2025-37772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix workqueue crash in cma_netevent_work_handler\n\nstruct rdma_cm_id has member \"struct work_struct net_work\"\nthat is reused for enqueuing cma_netevent_work_handler()s\nonto cma_wq.\n\nBelow crash[1] can occur if more than one call to\ncma_netevent_callback() occurs in quick succession,\nwhich further enqueues cma_netevent_work_handler()s for the\nsame rdma_cm_id, overwriting any previously queued work-item(s)\nthat was just scheduled to run i.e. there is no guarantee\nthe queued work item may run between two successive calls\nto cma_netevent_callback() and the 2nd INIT_WORK would overwrite\nthe 1st work item (for the same rdma_cm_id), despite grabbing\nid_table_lock during enqueue.\n\nAlso drgn analysis [2] indicates the work item was likely overwritten.\n\nFix this by moving the INIT_WORK() to __rdma_create_id(),\nso that it doesn\u0027t race with any existing queue_work() or\nits worker thread.\n\n[1] Trimmed crash stack:\n=============================================\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nkworker/u256:6 ... 6.12.0-0...\nWorkqueue: cma_netevent_work_handler [rdma_cm] (rdma_cm)\nRIP: 0010:process_one_work+0xba/0x31a\nCall Trace:\n worker_thread+0x266/0x3a0\n kthread+0xcf/0x100\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x1a/0x30\n=============================================\n\n[2] drgn crash analysis:\n\n\u003e\u003e\u003e trace = prog.crashed_thread().stack_trace()\n\u003e\u003e\u003e trace\n(0) crash_setup_regs (./arch/x86/include/asm/kexec.h:111:15)\n(1) __crash_kexec (kernel/crash_core.c:122:4)\n(2) panic (kernel/panic.c:399:3)\n(3) oops_end (arch/x86/kernel/dumpstack.c:382:3)\n...\n(8) process_one_work (kernel/workqueue.c:3168:2)\n(9) process_scheduled_works (kernel/workqueue.c:3310:3)\n(10) worker_thread (kernel/workqueue.c:3391:4)\n(11) kthread (kernel/kthread.c:389:9)\n\nLine workqueue.c:3168 for this kernel version is in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n\n\u003e\u003e\u003e trace[8][\"work\"]\n*(struct work_struct *)0xffff92577d0a21d8 = {\n\t.data = (atomic_long_t){\n\t\t.counter = (s64)536870912, \u003c=== Note\n\t},\n\t.entry = (struct list_head){\n\t\t.next = (struct list_head *)0xffff924d075924c0,\n\t\t.prev = (struct list_head *)0xffff924d075924c0,\n\t},\n\t.func = (work_func_t)cma_netevent_work_handler+0x0 = 0xffffffffc2cec280,\n}\n\nSuspicion is that pwq is NULL:\n\u003e\u003e\u003e trace[8][\"pwq\"]\n(struct pool_workqueue *)\u003cabsent\u003e\n\nIn process_one_work(), pwq is assigned from:\nstruct pool_workqueue *pwq = get_work_pwq(work);\n\nand get_work_pwq() is:\nstatic struct pool_workqueue *get_work_pwq(struct work_struct *work)\n{\n \tunsigned long data = atomic_long_read(\u0026work-\u003edata);\n\n \tif (data \u0026 WORK_STRUCT_PWQ)\n \t\treturn work_struct_pwq(data);\n \telse\n \t\treturn NULL;\n}\n\nWORK_STRUCT_PWQ is 0x4:\n\u003e\u003e\u003e print(repr(prog[\u0027WORK_STRUCT_PWQ\u0027]))\nObject(prog, \u0027enum work_flags\u0027, value=4)\n\nBut work-\u003edata is 536870912 which is 0x20000000.\nSo, get_work_pwq() returns NULL and we crash in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n=============================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37772",
"url": "https://www.suse.com/security/cve/CVE-2025-37772"
},
{
"category": "external",
"summary": "SUSE Bug 1242563 for CVE-2025-37772",
"url": "https://bugzilla.suse.com/1242563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37772"
},
{
"cve": "CVE-2025-37773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtiofs: add filesystem context source name check\n\nIn certain scenarios, for example, during fuzz testing, the source\nname may be NULL, which could lead to a kernel panic. Therefore, an\nextra check for the source name should be added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37773",
"url": "https://www.suse.com/security/cve/CVE-2025-37773"
},
{
"category": "external",
"summary": "SUSE Bug 1242502 for CVE-2025-37773",
"url": "https://bugzilla.suse.com/1242502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37773"
},
{
"cve": "CVE-2025-37780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Prevent the use of too small fid\n\nsyzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1]\n\nThe handle_bytes value passed in by the reproducing program is equal to 12.\nIn handle_to_path(), only 12 bytes of memory are allocated for the structure\nfile_handle-\u003ef_handle member, which causes an out-of-bounds access when\naccessing the member parent_block of the structure isofs_fid in isofs,\nbecause accessing parent_block requires at least 16 bytes of f_handle.\nHere, fh_len is used to indirectly confirm that the value of handle_bytes\nis greater than 3 before accessing parent_block.\n\n[1]\nBUG: KASAN: slab-out-of-bounds in isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\nRead of size 4 at addr ffff0000cc030d94 by task syz-executor215/6466\nCPU: 1 UID: 0 PID: 6466 Comm: syz-executor215 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0x198/0x550 mm/kasan/report.c:521\n kasan_report+0xd8/0x138 mm/kasan/report.c:634\n __asan_report_load4_noabort+0x20/0x2c mm/kasan/report_generic.c:380\n isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\n exportfs_decode_fh_raw+0x2dc/0x608 fs/exportfs/expfs.c:523\n do_handle_to_path+0xa0/0x198 fs/fhandle.c:257\n handle_to_path fs/fhandle.c:385 [inline]\n do_handle_open+0x8cc/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nAllocated by task 6466:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x40/0x50 mm/kasan/generic.c:562\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xac/0xc4 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4294 [inline]\n __kmalloc_noprof+0x32c/0x54c mm/slub.c:4306\n kmalloc_noprof include/linux/slab.h:905 [inline]\n handle_to_path fs/fhandle.c:357 [inline]\n do_handle_open+0x5a4/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37780",
"url": "https://www.suse.com/security/cve/CVE-2025-37780"
},
{
"category": "external",
"summary": "SUSE Bug 1242786 for CVE-2025-37780",
"url": "https://bugzilla.suse.com/1242786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37780"
},
{
"cve": "CVE-2025-37781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: cros-ec-tunnel: defer probe if parent EC is not present\n\nWhen i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent\ndevice will not be found, leading to NULL pointer dereference.\n\nThat can also be reproduced by unbinding the controller driver and then\nloading i2c-cros-ec-tunnel module (or binding the device).\n\n[ 271.991245] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 271.998215] #PF: supervisor read access in kernel mode\n[ 272.003351] #PF: error_code(0x0000) - not-present page\n[ 272.008485] PGD 0 P4D 0\n[ 272.011022] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 272.015207] CPU: 0 UID: 0 PID: 3859 Comm: insmod Tainted: G S 6.15.0-rc1-00004-g44722359ed83 #30 PREEMPT(full) 3c7fb39a552e7d949de2ad921a7d6588d3a4fdc5\n[ 272.030312] Tainted: [S]=CPU_OUT_OF_SPEC\n[ 272.034233] Hardware name: HP Berknip/Berknip, BIOS Google_Berknip.13434.356.0 05/17/2021\n[ 272.042400] RIP: 0010:ec_i2c_probe+0x2b/0x1c0 [i2c_cros_ec_tunnel]\n[ 272.048577] Code: 1f 44 00 00 41 57 41 56 41 55 41 54 53 48 83 ec 10 65 48 8b 05 06 a0 6c e7 48 89 44 24 08 4c 8d 7f 10 48 8b 47 50 4c 8b 60 78 \u003c49\u003e 83 7c 24 58 00 0f 84 2f 01 00 00 48 89 fb be 30 06 00 00 4c 9\n[ 272.067317] RSP: 0018:ffffa32082a03940 EFLAGS: 00010282\n[ 272.072541] RAX: ffff969580b6a810 RBX: ffff969580b68c10 RCX: 0000000000000000\n[ 272.079672] RDX: 0000000000000000 RSI: 0000000000000282 RDI: ffff969580b68c00\n[ 272.086804] RBP: 00000000fffffdfb R08: 0000000000000000 R09: 0000000000000000\n[ 272.093936] R10: 0000000000000000 R11: ffffffffc0600000 R12: 0000000000000000\n[ 272.101067] R13: ffffffffa666fbb8 R14: ffffffffc05b5528 R15: ffff969580b68c10\n[ 272.108198] FS: 00007b930906fc40(0000) GS:ffff969603149000(0000) knlGS:0000000000000000\n[ 272.116282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 272.122024] CR2: 0000000000000058 CR3: 000000012631c000 CR4: 00000000003506f0\n[ 272.129155] Call Trace:\n[ 272.131606] \u003cTASK\u003e\n[ 272.133709] ? acpi_dev_pm_attach+0xdd/0x110\n[ 272.137985] platform_probe+0x69/0xa0\n[ 272.141652] really_probe+0x152/0x310\n[ 272.145318] __driver_probe_device+0x77/0x110\n[ 272.149678] driver_probe_device+0x1e/0x190\n[ 272.153864] __driver_attach+0x10b/0x1e0\n[ 272.157790] ? driver_attach+0x20/0x20\n[ 272.161542] bus_for_each_dev+0x107/0x150\n[ 272.165553] bus_add_driver+0x15d/0x270\n[ 272.169392] driver_register+0x65/0x110\n[ 272.173232] ? cleanup_module+0xa80/0xa80 [i2c_cros_ec_tunnel 3a00532f3f4af4a9eade753f86b0f8dd4e4e5698]\n[ 272.182617] do_one_initcall+0x110/0x350\n[ 272.186543] ? security_kernfs_init_security+0x49/0xd0\n[ 272.191682] ? __kernfs_new_node+0x1b9/0x240\n[ 272.195954] ? security_kernfs_init_security+0x49/0xd0\n[ 272.201093] ? __kernfs_new_node+0x1b9/0x240\n[ 272.205365] ? kernfs_link_sibling+0x105/0x130\n[ 272.209810] ? kernfs_next_descendant_post+0x1c/0xa0\n[ 272.214773] ? kernfs_activate+0x57/0x70\n[ 272.218699] ? kernfs_add_one+0x118/0x160\n[ 272.222710] ? __kernfs_create_file+0x71/0xa0\n[ 272.227069] ? sysfs_add_bin_file_mode_ns+0xd6/0x110\n[ 272.232033] ? internal_create_group+0x453/0x4a0\n[ 272.236651] ? __vunmap_range_noflush+0x214/0x2d0\n[ 272.241355] ? __free_frozen_pages+0x1dc/0x420\n[ 272.245799] ? free_vmap_area_noflush+0x10a/0x1c0\n[ 272.250505] ? load_module+0x1509/0x16f0\n[ 272.254431] do_init_module+0x60/0x230\n[ 272.258181] __se_sys_finit_module+0x27a/0x370\n[ 272.262627] do_syscall_64+0x6a/0xf0\n[ 272.266206] ? do_syscall_64+0x76/0xf0\n[ 272.269956] ? irqentry_exit_to_user_mode+0x79/0x90\n[ 272.274836] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n[ 272.279887] RIP: 0033:0x7b9309168d39\n[ 272.283466] Code: 5b 41 5c 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d af 40 0c 00 f7 d8 64 89 01 8\n[ 272.302210] RSP: 002b:00007fff50f1a288 EFLAGS: 00000246 ORIG_RAX: 000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37781",
"url": "https://www.suse.com/security/cve/CVE-2025-37781"
},
{
"category": "external",
"summary": "SUSE Bug 1242575 for CVE-2025-37781",
"url": "https://bugzilla.suse.com/1242575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37781"
},
{
"cve": "CVE-2025-37782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37782"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37782",
"url": "https://www.suse.com/security/cve/CVE-2025-37782"
},
{
"category": "external",
"summary": "SUSE Bug 1242770 for CVE-2025-37782",
"url": "https://bugzilla.suse.com/1242770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37782"
},
{
"cve": "CVE-2025-37787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered\n\nRussell King reports that a system with mv88e6xxx dereferences a NULL\npointer when unbinding this driver:\nhttps://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/\n\nThe crash seems to be in devlink_region_destroy(), which is not NULL\ntolerant but is given a NULL devlink global region pointer.\n\nAt least on some chips, some devlink regions are conditionally registered\nsince the blamed commit, see mv88e6xxx_setup_devlink_regions_global():\n\n\t\tif (cond \u0026\u0026 !cond(chip))\n\t\t\tcontinue;\n\nThese are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip\ndoes not have an STU or PVT, it should crash like this.\n\nTo fix the issue, avoid unregistering those regions which are NULL, i.e.\nwere skipped at mv88e6xxx_setup_devlink_regions_global() time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37787",
"url": "https://www.suse.com/security/cve/CVE-2025-37787"
},
{
"category": "external",
"summary": "SUSE Bug 1242585 for CVE-2025-37787",
"url": "https://bugzilla.suse.com/1242585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37787"
},
{
"cve": "CVE-2025-37788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path\n\nIn the for loop used to allocate the loc_array and bmap for each port, a\nmemory leak is possible when the allocation for loc_array succeeds,\nbut the allocation for bmap fails. This is because when the control flow\ngoes to the label free_eth_finfo, only the allocations starting from\n(i-1)th iteration are freed.\n\nFix that by freeing the loc_array in the bmap allocation error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37788",
"url": "https://www.suse.com/security/cve/CVE-2025-37788"
},
{
"category": "external",
"summary": "SUSE Bug 1242766 for CVE-2025-37788",
"url": "https://bugzilla.suse.com/1242766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37788"
},
{
"cve": "CVE-2025-37789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix nested key length validation in the set() action\n\nIt\u0027s not safe to access nla_len(ovs_key) if the data is smaller than\nthe netlink header. Check that the attribute is OK first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37789",
"url": "https://www.suse.com/security/cve/CVE-2025-37789"
},
{
"category": "external",
"summary": "SUSE Bug 1242762 for CVE-2025-37789",
"url": "https://bugzilla.suse.com/1242762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37789"
},
{
"cve": "CVE-2025-37790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Set SOCK_RCU_FREE\n\nBind lookup runs under RCU, so ensure that a socket doesn\u0027t go away in\nthe middle of a lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37790",
"url": "https://www.suse.com/security/cve/CVE-2025-37790"
},
{
"category": "external",
"summary": "SUSE Bug 1242509 for CVE-2025-37790",
"url": "https://bugzilla.suse.com/1242509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37790"
},
{
"cve": "CVE-2025-37792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: Prevent potential NULL dereference\n\nThe btrtl_initialize() function checks that rtl_load_file() either\nhad an error or it loaded a zero length file. However, if it loaded\na zero length file then the error code is not set correctly. It\nresults in an error pointer vs NULL bug, followed by a NULL pointer\ndereference. This was detected by Smatch:\n\ndrivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to \u0027ERR_PTR\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37792",
"url": "https://www.suse.com/security/cve/CVE-2025-37792"
},
{
"category": "external",
"summary": "SUSE Bug 1242591 for CVE-2025-37792",
"url": "https://bugzilla.suse.com/1242591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37792"
},
{
"cve": "CVE-2025-37793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\navs_component_probe() does not check for this case, which results in a\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37793",
"url": "https://www.suse.com/security/cve/CVE-2025-37793"
},
{
"category": "external",
"summary": "SUSE Bug 1242584 for CVE-2025-37793",
"url": "https://bugzilla.suse.com/1242584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37793"
},
{
"cve": "CVE-2025-37794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Purge vif txq in ieee80211_do_stop()\n\nAfter ieee80211_do_stop() SKB from vif\u0027s txq could still be processed.\nIndeed another concurrent vif schedule_and_wake_txq call could cause\nthose packets to be dequeued (see ieee80211_handle_wake_tx_queue())\nwithout checking the sdata current state.\n\nBecause vif.drv_priv is now cleared in this function, this could lead to\ndriver crash.\n\nFor example in ath12k, ahvif is store in vif.drv_priv. Thus if\nath12k_mac_op_tx() is called after ieee80211_do_stop(), ahvif-\u003eah can be\nNULL, leading the ath12k_warn(ahvif-\u003eah,...) call in this function to\ntrigger the NULL deref below.\n\n Unable to handle kernel paging request at virtual address dfffffc000000001\n KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n batman_adv: bat0: Interface deactivated: brbh1337\n Mem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n [dfffffc000000001] address between user and kernel address ranges\n Internal error: Oops: 0000000096000004 [#1] SMP\n CPU: 1 UID: 0 PID: 978 Comm: lbd Not tainted 6.13.0-g633f875b8f1e #114\n Hardware name: HW (DT)\n pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k]\n lr : ath12k_mac_op_tx+0x174/0x29b8 [ath12k]\n sp : ffffffc086ace450\n x29: ffffffc086ace450 x28: 0000000000000000 x27: 1ffffff810d59ca4\n x26: ffffff801d05f7c0 x25: 0000000000000000 x24: 000000004000001e\n x23: ffffff8009ce4926 x22: ffffff801f9c0800 x21: ffffff801d05f7f0\n x20: ffffff8034a19f40 x19: 0000000000000000 x18: ffffff801f9c0958\n x17: ffffff800bc0a504 x16: dfffffc000000000 x15: ffffffc086ace4f8\n x14: ffffff801d05f83c x13: 0000000000000000 x12: ffffffb003a0bf03\n x11: 0000000000000000 x10: ffffffb003a0bf02 x9 : ffffff8034a19f40\n x8 : ffffff801d05f818 x7 : 1ffffff0069433dc x6 : ffffff8034a19ee0\n x5 : ffffff801d05f7f0 x4 : 0000000000000000 x3 : 0000000000000001\n x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000008\n Call trace:\n ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k] (P)\n ieee80211_handle_wake_tx_queue+0x16c/0x260\n ieee80211_queue_skb+0xeec/0x1d20\n ieee80211_tx+0x200/0x2c8\n ieee80211_xmit+0x22c/0x338\n __ieee80211_subif_start_xmit+0x7e8/0xc60\n ieee80211_subif_start_xmit+0xc4/0xee0\n __ieee80211_subif_start_xmit_8023.isra.0+0x854/0x17a0\n ieee80211_subif_start_xmit_8023+0x124/0x488\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n br_dev_queue_push_xmit+0x120/0x4a8\n __br_forward+0xe4/0x2b0\n deliver_clone+0x5c/0xd0\n br_flood+0x398/0x580\n br_dev_xmit+0x454/0x9f8\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n ip6_finish_output2+0xc28/0x1b60\n __ip6_finish_output+0x38c/0x638\n ip6_output+0x1b4/0x338\n ip6_local_out+0x7c/0xa8\n ip6_send_skb+0x7c/0x1b0\n ip6_push_pending_frames+0x94/0xd0\n rawv6_sendmsg+0x1a98/0x2898\n inet_sendmsg+0x94/0xe0\n __sys_sendto+0x1e4/0x308\n __arm64_sys_sendto+0xc4/0x140\n do_el0_svc+0x110/0x280\n el0_svc+0x20/0x60\n el0t_64_sync_handler+0x104/0x138\n el0t_64_sync+0x154/0x158\n\nTo avoid that, empty vif\u0027s txq at ieee80211_do_stop() so no packet could\nbe dequeued after ieee80211_do_stop() (new packets cannot be queued\nbecause SDATA_STATE_RUNNING is cleared at this point).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37794",
"url": "https://www.suse.com/security/cve/CVE-2025-37794"
},
{
"category": "external",
"summary": "SUSE Bug 1242566 for CVE-2025-37794",
"url": "https://bugzilla.suse.com/1242566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37794"
},
{
"cve": "CVE-2025-37796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: at76c50x: fix use after free access in at76_disconnect\n\nThe memory pointed to by priv is freed at the end of at76_delete_device\nfunction (using ieee80211_free_hw). But the code then accesses the udev\nfield of the freed object to put the USB device. This may also lead to a\nmemory leak of the usb device. Fix this by using udev from interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37796",
"url": "https://www.suse.com/security/cve/CVE-2025-37796"
},
{
"category": "external",
"summary": "SUSE Bug 1242727 for CVE-2025-37796",
"url": "https://bugzilla.suse.com/1242727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37796"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix potential NULL pointer dereference in dev_uevent()\n\nIf userspace reads \"uevent\" device attribute at the same time as another\nthreads unbinds the device from its driver, change to dev-\u003edriver from a\nvalid pointer to NULL may result in crash. Fix this by using READ_ONCE()\nwhen fetching the pointer, and take bus\u0027 drivers klist lock to make sure\ndriver instance will not disappear while we access it.\n\nUse WRITE_ONCE() when setting the driver pointer to ensure there is no\ntearing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37800",
"url": "https://www.suse.com/security/cve/CVE-2025-37800"
},
{
"category": "external",
"summary": "SUSE Bug 1242849 for CVE-2025-37800",
"url": "https://bugzilla.suse.com/1242849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37800"
},
{
"cve": "CVE-2025-37801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37801"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-imx: Add check for spi_imx_setupxfer()\n\nAdd check for the return value of spi_imx_setupxfer().\nspi_imx-\u003erx and spi_imx-\u003etx function pointer can be NULL when\nspi_imx_setupxfer() return error, and make NULL pointer dereference.\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n Call trace:\n 0x0\n spi_imx_pio_transfer+0x50/0xd8\n spi_imx_transfer_one+0x18c/0x858\n spi_transfer_one_message+0x43c/0x790\n __spi_pump_transfer_message+0x238/0x5d4\n __spi_sync+0x2b0/0x454\n spi_write_then_read+0x11c/0x200",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37801",
"url": "https://www.suse.com/security/cve/CVE-2025-37801"
},
{
"category": "external",
"summary": "SUSE Bug 1242850 for CVE-2025-37801",
"url": "https://bugzilla.suse.com/1242850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37801"
},
{
"cve": "CVE-2025-37803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudmabuf: fix a buf size overflow issue during udmabuf creation\n\nby casting size_limit_mb to u64 when calculate pglimit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37803",
"url": "https://www.suse.com/security/cve/CVE-2025-37803"
},
{
"category": "external",
"summary": "SUSE Bug 1242852 for CVE-2025-37803",
"url": "https://bugzilla.suse.com/1242852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37803"
},
{
"cve": "CVE-2025-37804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37804"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37804",
"url": "https://www.suse.com/security/cve/CVE-2025-37804"
},
{
"category": "external",
"summary": "SUSE Bug 1242854 for CVE-2025-37804",
"url": "https://bugzilla.suse.com/1242854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37804"
},
{
"cve": "CVE-2025-37805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsound/virtio: Fix cancel_sync warnings on uninitialized work_structs\n\nBetty reported hitting the following warning:\n\n[ 8.709131][ T221] WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182\n...\n[ 8.713282][ T221] Call trace:\n[ 8.713365][ T221] __flush_work+0x8d0/0x914\n[ 8.713468][ T221] __cancel_work_sync+0xac/0xfc\n[ 8.713570][ T221] cancel_work_sync+0x24/0x34\n[ 8.713667][ T221] virtsnd_remove+0xa8/0xf8 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.713868][ T221] virtsnd_probe+0x48c/0x664 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.714035][ T221] virtio_dev_probe+0x28c/0x390\n[ 8.714139][ T221] really_probe+0x1bc/0x4c8\n...\n\nIt seems we\u0027re hitting the error path in virtsnd_probe(), which\ntriggers a virtsnd_remove() which iterates over the substreams\ncalling cancel_work_sync() on the elapsed_period work_struct.\n\nLooking at the code, from earlier in:\nvirtsnd_probe()-\u003evirtsnd_build_devs()-\u003evirtsnd_pcm_parse_cfg()\n\nWe set snd-\u003ensubstreams, allocate the snd-\u003esubstreams, and if\nwe then hit an error on the info allocation or something in\nvirtsnd_ctl_query_info() fails, we will exit without having\ninitialized the elapsed_period work_struct.\n\nWhen that error path unwinds we then call virtsnd_remove()\nwhich as long as the substreams array is allocated, will iterate\nthrough calling cancel_work_sync() on the uninitialized work\nstruct hitting this warning.\n\nTakashi Iwai suggested this fix, which initializes the substreams\nstructure right after allocation, so that if we hit the error\npaths we avoid trying to cleanup uninitialized data.\n\nNote: I have not yet managed to reproduce the issue myself, so\nthis patch has had limited testing.\n\nFeedback or thoughts would be appreciated!",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37805",
"url": "https://www.suse.com/security/cve/CVE-2025-37805"
},
{
"category": "external",
"summary": "SUSE Bug 1242930 for CVE-2025-37805",
"url": "https://bugzilla.suse.com/1242930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37805"
},
{
"cve": "CVE-2025-37809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Fix NULL pointer access\n\nConcurrent calls to typec_partner_unlink_device can lead to a NULL pointer\ndereference. This patch adds a mutex to protect USB device pointers and\nprevent this issue. The same mutex protects both the device pointers and\nthe partner device registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37809",
"url": "https://www.suse.com/security/cve/CVE-2025-37809"
},
{
"category": "external",
"summary": "SUSE Bug 1242856 for CVE-2025-37809",
"url": "https://bugzilla.suse.com/1242856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37809"
},
{
"cve": "CVE-2025-37810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: check that event count does not exceed event buffer length\n\nThe event count is read from register DWC3_GEVNTCOUNT.\nThere is a check for the count being zero, but not for exceeding the\nevent buffer length.\nCheck that event count does not exceed event buffer length,\navoiding an out-of-bounds access when memcpy\u0027ing the event.\nCrash log:\nUnable to handle kernel paging request at virtual address ffffffc0129be000\npc : __memcpy+0x114/0x180\nlr : dwc3_check_event_buf+0xec/0x348\nx3 : 0000000000000030 x2 : 000000000000dfc4\nx1 : ffffffc0129be000 x0 : ffffff87aad60080\nCall trace:\n__memcpy+0x114/0x180\ndwc3_interrupt+0x24/0x34",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37810",
"url": "https://www.suse.com/security/cve/CVE-2025-37810"
},
{
"category": "external",
"summary": "SUSE Bug 1242906 for CVE-2025-37810",
"url": "https://bugzilla.suse.com/1242906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37810"
},
{
"cve": "CVE-2025-37812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: Fix deadlock when using NCM gadget\n\nThe cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit\n58f2fcb3a845 (\"usb: cdnsp: Fix deadlock issue during using NCM gadget\").\n\nUnder PREEMPT_RT the deadlock can be readily triggered by heavy network\ntraffic, for example using \"iperf --bidir\" over NCM ethernet link.\n\nThe deadlock occurs because the threaded interrupt handler gets\npreempted by a softirq, but both are protected by the same spinlock.\nPrevent deadlock by disabling softirq during threaded irq handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37812",
"url": "https://www.suse.com/security/cve/CVE-2025-37812"
},
{
"category": "external",
"summary": "SUSE Bug 1242908 for CVE-2025-37812",
"url": "https://bugzilla.suse.com/1242908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37812"
},
{
"cve": "CVE-2025-37815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration\n\nResolve kernel panic while accessing IRQ handler associated with the\ngenerated IRQ. This is done by acquiring the spinlock and storing the\ncurrent interrupt state before handling the interrupt request using\ngeneric_handle_irq.\n\nA previous fix patch was submitted where \u0027generic_handle_irq\u0027 was\nreplaced with \u0027handle_nested_irq\u0027. However, this change also causes\nthe kernel panic where after determining which GPIO triggered the\ninterrupt and attempting to call handle_nested_irq with the mapped\nIRQ number, leads to a failure in locating the registered handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37815",
"url": "https://www.suse.com/security/cve/CVE-2025-37815"
},
{
"category": "external",
"summary": "SUSE Bug 1242871 for CVE-2025-37815",
"url": "https://bugzilla.suse.com/1242871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37815"
},
{
"cve": "CVE-2025-37819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()\n\nWith ACPI in place, gicv2m_get_fwnode() is registered with the pci\nsubsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime\nduring a PCI host bridge probe. But, the call back is wrongly marked as\n__init, causing it to be freed, while being registered with the PCI\nsubsystem and could trigger:\n\n Unable to handle kernel paging request at virtual address ffff8000816c0400\n gicv2m_get_fwnode+0x0/0x58 (P)\n pci_set_bus_msi_domain+0x74/0x88\n pci_register_host_bridge+0x194/0x548\n\nThis is easily reproducible on a Juno board with ACPI boot.\n\nRetain the function for later use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37819",
"url": "https://www.suse.com/security/cve/CVE-2025-37819"
},
{
"category": "external",
"summary": "SUSE Bug 1242873 for CVE-2025-37819",
"url": "https://bugzilla.suse.com/1242873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37819"
},
{
"cve": "CVE-2025-37820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen-netfront: handle NULL returned by xdp_convert_buff_to_frame()\n\nThe function xdp_convert_buff_to_frame() may return NULL if it fails\nto correctly convert the XDP buffer into an XDP frame due to memory\nconstraints, internal errors, or invalid data. Failing to check for NULL\nmay lead to a NULL pointer dereference if the result is used later in\nprocessing, potentially causing crashes, data corruption, or undefined\nbehavior.\n\nOn XDP redirect failure, the associated page must be released explicitly\nif it was previously retained via get_page(). Failing to do so may result\nin a memory leak, as the pages reference count is not decremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37820",
"url": "https://www.suse.com/security/cve/CVE-2025-37820"
},
{
"category": "external",
"summary": "SUSE Bug 1242866 for CVE-2025-37820",
"url": "https://bugzilla.suse.com/1242866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37820"
},
{
"cve": "CVE-2025-37823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don\u0027t have a reliable reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37823",
"url": "https://www.suse.com/security/cve/CVE-2025-37823"
},
{
"category": "external",
"summary": "SUSE Bug 1242924 for CVE-2025-37823",
"url": "https://bugzilla.suse.com/1242924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37823"
},
{
"cve": "CVE-2025-37824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix NULL pointer dereference in tipc_mon_reinit_self()\n\nsyzbot reported:\n\ntipc: Node number set to 1055423674\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 3 UID: 0 PID: 6017 Comm: kworker/3:5 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: events tipc_net_finalize_work\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tipc_net_finalize+0x10b/0x180 net/tipc/net.c:140\n process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238\n process_scheduled_works kernel/workqueue.c:3319 [inline]\n worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400\n kthread+0x3c2/0x780 kernel/kthread.c:464\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n...\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\nThere is a racing condition between workqueue created when enabling\nbearer and another thread created when disabling bearer right after\nthat as follow:\n\nenabling_bearer | disabling_bearer\n--------------- | ----------------\ntipc_disc_timeout() |\n{ | bearer_disable()\n ... | {\n schedule_work(\u0026tn-\u003ework); | tipc_mon_delete()\n ... | {\n} | ...\n | write_lock_bh(\u0026mon-\u003elock);\n | mon-\u003eself = NULL;\n | write_unlock_bh(\u0026mon-\u003elock);\n | ...\n | }\ntipc_net_finalize_work() | }\n{ |\n ... |\n tipc_net_finalize() |\n { |\n ... |\n tipc_mon_reinit_self() |\n { |\n ... |\n write_lock_bh(\u0026mon-\u003elock); |\n mon-\u003eself-\u003eaddr = tipc_own_addr(net); |\n write_unlock_bh(\u0026mon-\u003elock); |\n ... \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37824",
"url": "https://www.suse.com/security/cve/CVE-2025-37824"
},
{
"category": "external",
"summary": "SUSE Bug 1242867 for CVE-2025-37824",
"url": "https://bugzilla.suse.com/1242867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37824"
},
{
"cve": "CVE-2025-37829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scpi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37829",
"url": "https://www.suse.com/security/cve/CVE-2025-37829"
},
{
"category": "external",
"summary": "SUSE Bug 1242875 for CVE-2025-37829",
"url": "https://bugzilla.suse.com/1242875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37829"
},
{
"cve": "CVE-2025-37830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scmi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.\n\nAdd NULL check after cpufreq_cpu_get_raw() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37830",
"url": "https://www.suse.com/security/cve/CVE-2025-37830"
},
{
"category": "external",
"summary": "SUSE Bug 1242860 for CVE-2025-37830",
"url": "https://bugzilla.suse.com/1242860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37830"
},
{
"cve": "CVE-2025-37831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. apple_soc_cpufreq_get_rate() does not check\nfor this case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37831",
"url": "https://www.suse.com/security/cve/CVE-2025-37831"
},
{
"category": "external",
"summary": "SUSE Bug 1242861 for CVE-2025-37831",
"url": "https://bugzilla.suse.com/1242861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37831"
},
{
"cve": "CVE-2025-37833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads\n\nFix niu_try_msix() to not cause a fatal trap on sparc systems.\n\nSet PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to\nwork around a bug in the hardware or firmware.\n\nFor each vector entry in the msix table, niu chips will cause a fatal\ntrap if any registers in that entry are read before that entries\u0027\nENTRY_DATA register is written to. Testing indicates writes to other\nregisters are not sufficient to prevent the fatal trap, however the value\ndoes not appear to matter. This only needs to happen once after power up,\nso simply rebooting into a kernel lacking this fix will NOT cause the\ntrap.\n\nNON-RESUMABLE ERROR: Reporting on cpu 64\nNON-RESUMABLE ERROR: TPC [0x00000000005f6900] \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\nNON-RESUMABLE ERROR: RAW [4010000000000016:00000e37f93e32ff:0000000202000080:ffffffffffffffff\nNON-RESUMABLE ERROR: 0000000800000000:0000000000000000:0000000000000000:0000000000000000]\nNON-RESUMABLE ERROR: handle [0x4010000000000016] stick [0x00000e37f93e32ff]\nNON-RESUMABLE ERROR: type [precise nonresumable]\nNON-RESUMABLE ERROR: attrs [0x02000080] \u003c ASI sp-faulted priv \u003e\nNON-RESUMABLE ERROR: raddr [0xffffffffffffffff]\nNON-RESUMABLE ERROR: insn effective address [0x000000c50020000c]\nNON-RESUMABLE ERROR: size [0x8]\nNON-RESUMABLE ERROR: asi [0x00]\nCPU: 64 UID: 0 PID: 745 Comm: kworker/64:1 Not tainted 6.11.5 #63\nWorkqueue: events work_for_cpu_fn\nTSTATE: 0000000011001602 TPC: 00000000005f6900 TNPC: 00000000005f6904 Y: 00000000 Not tainted\nTPC: \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\ng0: 00000000000002e9 g1: 000000000000000c g2: 000000c50020000c g3: 0000000000000100\ng4: ffff8000470307c0 g5: ffff800fec5be000 g6: ffff800047a08000 g7: 0000000000000000\no0: ffff800014feb000 o1: ffff800047a0b620 o2: 0000000000000011 o3: ffff800047a0b620\no4: 0000000000000080 o5: 0000000000000011 sp: ffff800047a0ad51 ret_pc: 00000000005f7128\nRPC: \u003c__pci_enable_msix_range+0x3cc/0x460\u003e\nl0: 000000000000000d l1: 000000000000c01f l2: ffff800014feb0a8 l3: 0000000000000020\nl4: 000000000000c000 l5: 0000000000000001 l6: 0000000020000000 l7: ffff800047a0b734\ni0: ffff800014feb000 i1: ffff800047a0b730 i2: 0000000000000001 i3: 000000000000000d\ni4: 0000000000000000 i5: 0000000000000000 i6: ffff800047a0ae81 i7: 00000000101888b0\nI7: \u003cniu_try_msix.constprop.0+0xc0/0x130 [niu]\u003e\nCall Trace:\n[\u003c00000000101888b0\u003e] niu_try_msix.constprop.0+0xc0/0x130 [niu]\n[\u003c000000001018f840\u003e] niu_get_invariants+0x183c/0x207c [niu]\n[\u003c00000000101902fc\u003e] niu_pci_init_one+0x27c/0x2fc [niu]\n[\u003c00000000005ef3e4\u003e] local_pci_probe+0x28/0x74\n[\u003c0000000000469240\u003e] work_for_cpu_fn+0x8/0x1c\n[\u003c000000000046b008\u003e] process_scheduled_works+0x144/0x210\n[\u003c000000000046b518\u003e] worker_thread+0x13c/0x1c0\n[\u003c00000000004710e0\u003e] kthread+0xb8/0xc8\n[\u003c00000000004060c8\u003e] ret_from_fork+0x1c/0x2c\n[\u003c0000000000000000\u003e] 0x0\nKernel panic - not syncing: Non-resumable error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37833",
"url": "https://www.suse.com/security/cve/CVE-2025-37833"
},
{
"category": "external",
"summary": "SUSE Bug 1242868 for CVE-2025-37833",
"url": "https://bugzilla.suse.com/1242868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37833"
},
{
"cve": "CVE-2025-37836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix reference leak in pci_register_host_bridge()\n\nIf device_register() fails, call put_device() to give up the reference to\navoid a memory leak, per the comment at device_register().\n\nFound by code review.\n\n[bhelgaas: squash Dan Carpenter\u0027s double free fix from\nhttps://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37836",
"url": "https://www.suse.com/security/cve/CVE-2025-37836"
},
{
"category": "external",
"summary": "SUSE Bug 1242957 for CVE-2025-37836",
"url": "https://bugzilla.suse.com/1242957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37836"
},
{
"cve": "CVE-2025-37839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb-\u003es_sequence check\n\nJournal emptiness is not determined by sb-\u003es_sequence == 0 but rather by\nsb-\u003es_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37839",
"url": "https://www.suse.com/security/cve/CVE-2025-37839"
},
{
"category": "external",
"summary": "SUSE Bug 1242990 for CVE-2025-37839",
"url": "https://bugzilla.suse.com/1242990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37839"
},
{
"cve": "CVE-2025-37840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: fix PM resume warning\n\nFixed warning on PM resume as shown below caused due to uninitialized\nstruct nand_operation that checks chip select field :\nWARN_ON(op-\u003ecs \u003e= nanddev_ntargets(\u0026chip-\u003ebase)\n\n[ 14.588522] ------------[ cut here ]------------\n[ 14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8\n[ 14.588553] Modules linked in: bdc udc_core\n[ 14.588579] CPU: 0 UID: 0 PID: 1392 Comm: rtcwake Tainted: G W 6.14.0-rc4-g5394eea10651 #16\n[ 14.588590] Tainted: [W]=WARN\n[ 14.588593] Hardware name: Broadcom STB (Flattened Device Tree)\n[ 14.588598] Call trace:\n[ 14.588604] dump_backtrace from show_stack+0x18/0x1c\n[ 14.588622] r7:00000009 r6:0000008b r5:60000153 r4:c0fa558c\n[ 14.588625] show_stack from dump_stack_lvl+0x70/0x7c\n[ 14.588639] dump_stack_lvl from dump_stack+0x18/0x1c\n[ 14.588653] r5:c08d40b0 r4:c1003cb0\n[ 14.588656] dump_stack from __warn+0x84/0xe4\n[ 14.588668] __warn from warn_slowpath_fmt+0x18c/0x194\n[ 14.588678] r7:c08d40b0 r6:c1003cb0 r5:00000000 r4:00000000\n[ 14.588681] warn_slowpath_fmt from nand_reset_op+0x1e0/0x1f8\n[ 14.588695] r8:70c40dff r7:89705f41 r6:36b4a597 r5:c26c9444 r4:c26b0048\n[ 14.588697] nand_reset_op from brcmnand_resume+0x13c/0x150\n[ 14.588714] r9:00000000 r8:00000000 r7:c24f8010 r6:c228a3f8 r5:c26c94bc r4:c26b0040\n[ 14.588717] brcmnand_resume from platform_pm_resume+0x34/0x54\n[ 14.588735] r5:00000010 r4:c0840a50\n[ 14.588738] platform_pm_resume from dpm_run_callback+0x5c/0x14c\n[ 14.588757] dpm_run_callback from device_resume+0xc0/0x324\n[ 14.588776] r9:c24f8054 r8:c24f80a0 r7:00000000 r6:00000000 r5:00000010 r4:c24f8010\n[ 14.588779] device_resume from dpm_resume+0x130/0x160\n[ 14.588799] r9:c22539e4 r8:00000010 r7:c22bebb0 r6:c24f8010 r5:c22539dc r4:c22539b0\n[ 14.588802] dpm_resume from dpm_resume_end+0x14/0x20\n[ 14.588822] r10:c2204e40 r9:00000000 r8:c228a3fc r7:00000000 r6:00000003 r5:c228a414\n[ 14.588826] r4:00000010\n[ 14.588828] dpm_resume_end from suspend_devices_and_enter+0x274/0x6f8\n[ 14.588848] r5:c228a414 r4:00000000\n[ 14.588851] suspend_devices_and_enter from pm_suspend+0x228/0x2bc\n[ 14.588868] r10:c3502910 r9:c3501f40 r8:00000004 r7:c228a438 r6:c0f95e18 r5:00000000\n[ 14.588871] r4:00000003\n[ 14.588874] pm_suspend from state_store+0x74/0xd0\n[ 14.588889] r7:c228a438 r6:c0f934c8 r5:00000003 r4:00000003\n[ 14.588892] state_store from kobj_attr_store+0x1c/0x28\n[ 14.588913] r9:00000000 r8:00000000 r7:f09f9f08 r6:00000004 r5:c3502900 r4:c0283250\n[ 14.588916] kobj_attr_store from sysfs_kf_write+0x40/0x4c\n[ 14.588936] r5:c3502900 r4:c0d92a48\n[ 14.588939] sysfs_kf_write from kernfs_fop_write_iter+0x104/0x1f0\n[ 14.588956] r5:c3502900 r4:c3501f40\n[ 14.588960] kernfs_fop_write_iter from vfs_write+0x250/0x420\n[ 14.588980] r10:c0e14b48 r9:00000000 r8:c25f5780 r7:00443398 r6:f09f9f68 r5:c34f7f00\n[ 14.588983] r4:c042a88c\n[ 14.588987] vfs_write from ksys_write+0x74/0xe4\n[ 14.589005] r10:00000004 r9:c25f5780 r8:c02002fA0 r7:00000000 r6:00000000 r5:c34f7f00\n[ 14.589008] r4:c34f7f00\n[ 14.589011] ksys_write from sys_write+0x10/0x14\n[ 14.589029] r7:00000004 r6:004421c0 r5:00443398 r4:00000004\n[ 14.589032] sys_write from ret_fast_syscall+0x0/0x5c\n[ 14.589044] Exception stack(0xf09f9fa8 to 0xf09f9ff0)\n[ 14.589050] 9fa0: 00000004 00443398 00000004 00443398 00000004 00000001\n[ 14.589056] 9fc0: 00000004 00443398 004421c0 00000004 b6ecbd58 00000008 bebfbc38 0043eb78\n[ 14.589062] 9fe0: 00440eb0 bebfbaf8 b6de18a0 b6e579e8\n[ 14.589065] ---[ end trace 0000000000000000 ]---\n\nThe fix uses the higher level nand_reset(chip, chipnr); where chipnr = 0, when\ndoing PM resume operation in compliance with the controller support for single\ndie nand chip. Switching from nand_reset_op() to nan\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37840",
"url": "https://www.suse.com/security/cve/CVE-2025-37840"
},
{
"category": "external",
"summary": "SUSE Bug 1242953 for CVE-2025-37840",
"url": "https://bugzilla.suse.com/1242953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37840"
},
{
"cve": "CVE-2025-37841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npm: cpupower: bench: Prevent NULL dereference on malloc failure\n\nIf malloc returns NULL due to low memory, \u0027config\u0027 pointer can be NULL.\nAdd a check to prevent NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37841",
"url": "https://www.suse.com/security/cve/CVE-2025-37841"
},
{
"category": "external",
"summary": "SUSE Bug 1242974 for CVE-2025-37841",
"url": "https://bugzilla.suse.com/1242974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37841"
},
{
"cve": "CVE-2025-37842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fsl-qspi: use devm function instead of driver remove\n\nDriver use devm APIs to manage clk/irq/resources and register the spi\ncontroller, but the legacy remove function will be called first during\ndevice detach and trigger kernel panic. Drop the remove function and use\ndevm_add_action_or_reset() for driver cleanup to ensure the release\nsequence.\n\nTrigger kernel panic on i.MX8MQ by\necho 30bb0000.spi \u003e/sys/bus/platform/drivers/fsl-quadspi/unbind",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37842",
"url": "https://www.suse.com/security/cve/CVE-2025-37842"
},
{
"category": "external",
"summary": "SUSE Bug 1242951 for CVE-2025-37842",
"url": "https://bugzilla.suse.com/1242951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37842"
},
{
"cve": "CVE-2025-37844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: avoid NULL pointer dereference in dbg call\n\ncifs_server_dbg() implies server to be non-NULL so\nmove call under condition to avoid NULL pointer dereference.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37844",
"url": "https://www.suse.com/security/cve/CVE-2025-37844"
},
{
"category": "external",
"summary": "SUSE Bug 1242946 for CVE-2025-37844",
"url": "https://bugzilla.suse.com/1242946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37844"
},
{
"cve": "CVE-2025-37849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Tear down vGIC on failed vCPU creation\n\nIf kvm_arch_vcpu_create() fails to share the vCPU page with the\nhypervisor, we propagate the error back to the ioctl but leave the\nvGIC vCPU data initialised. Note only does this leak the corresponding\nmemory when the vCPU is destroyed but it can also lead to use-after-free\nif the redistributor device handling tries to walk into the vCPU.\n\nAdd the missing cleanup to kvm_arch_vcpu_create(), ensuring that the\nvGIC vCPU structures are destroyed on error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37849",
"url": "https://www.suse.com/security/cve/CVE-2025-37849"
},
{
"category": "external",
"summary": "SUSE Bug 1243000 for CVE-2025-37849",
"url": "https://bugzilla.suse.com/1243000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37849"
},
{
"cve": "CVE-2025-37850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()\n\nWith CONFIG_COMPILE_TEST \u0026\u0026 !CONFIG_HAVE_CLK, pwm_mediatek_config() has a\ndivide-by-zero in the following line:\n\n\tdo_div(resolution, clk_get_rate(pc-\u003eclk_pwms[pwm-\u003ehwpwm]));\n\ndue to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate()\nreturns zero.\n\nThis is presumably just a theoretical problem: COMPILE_TEST overrides\nthe dependency on RALINK which would select COMMON_CLK. Regardless it\u0027s\na good idea to check for the error explicitly to avoid divide-by-zero.\n\nFixes the following warning:\n\n drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section\n\n[ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37850",
"url": "https://www.suse.com/security/cve/CVE-2025-37850"
},
{
"category": "external",
"summary": "SUSE Bug 1242955 for CVE-2025-37850",
"url": "https://bugzilla.suse.com/1242955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37850"
},
{
"cve": "CVE-2025-37851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: Add \u0027plane\u0027 value check\n\nFunction dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB\nof the enum parameter plane.\n\nThe value of this parameter is initialized in dss_init_overlays and in the\ncurrent state of the code it cannot take this value so it\u0027s not a real\nproblem.\n\nFor the purposes of defensive coding it wouldn\u0027t be superfluous to check\nthe parameter value, because some functions down the call stack process\nthis value correctly and some not.\n\nFor example, in dispc_ovl_setup_global_alpha it may lead to buffer\noverflow.\n\nAdd check for this value.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37851",
"url": "https://www.suse.com/security/cve/CVE-2025-37851"
},
{
"category": "external",
"summary": "SUSE Bug 1242977 for CVE-2025-37851",
"url": "https://bugzilla.suse.com/1242977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37851"
},
{
"cve": "CVE-2025-37852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create()\n\nAdd error handling to propagate amdgpu_cgs_create_device() failures\nto the caller. When amdgpu_cgs_create_device() fails, release hwmgr\nand return -ENOMEM to prevent null pointer dereference.\n\n[v1]-\u003e[v2]: Change error code from -EINVAL to -ENOMEM. Free hwmgr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37852",
"url": "https://www.suse.com/security/cve/CVE-2025-37852"
},
{
"category": "external",
"summary": "SUSE Bug 1243074 for CVE-2025-37852",
"url": "https://bugzilla.suse.com/1243074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37852"
},
{
"cve": "CVE-2025-37853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: debugfs hang_hws skip GPU with MES\n\ndebugfs hang_hws is used by GPU reset test with HWS, for MES this crash\nthe kernel with NULL pointer access because dqm-\u003epacket_mgr is not setup\nfor MES path.\n\nSkip GPU with MES for now, MES hang_hws debugfs interface will be\nsupported later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37853",
"url": "https://www.suse.com/security/cve/CVE-2025-37853"
},
{
"category": "external",
"summary": "SUSE Bug 1243076 for CVE-2025-37853",
"url": "https://bugzilla.suse.com/1243076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37853"
},
{
"cve": "CVE-2025-37854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix mode1 reset crash issue\n\nIf HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal\nuser space to abort the processes. After process abort exit, user queues\nstill use the GPU to access system memory before h/w is reset while KFD\ncleanup worker free system memory and free VRAM.\n\nThere is use-after-free race bug that KFD allocate and reuse the freed\nsystem memory, and user queue write to the same system memory to corrupt\nthe data structure and cause driver crash.\n\nTo fix this race, KFD cleanup worker terminate user queues, then flush\nreset_domain wq to wait for any GPU ongoing reset complete, and then\nfree outstanding BOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37854",
"url": "https://www.suse.com/security/cve/CVE-2025-37854"
},
{
"category": "external",
"summary": "SUSE Bug 1243082 for CVE-2025-37854",
"url": "https://bugzilla.suse.com/1243082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37854"
},
{
"cve": "CVE-2025-37858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Prevent integer overflow in AG size calculation\n\nThe JFS filesystem calculates allocation group (AG) size using 1 \u003c\u003c\nl2agsize in dbExtendFS(). When l2agsize exceeds 31 (possible with \u003e2TB\naggregates on 32-bit systems), this 32-bit shift operation causes undefined\nbehavior and improper AG sizing.\n\nOn 32-bit architectures:\n- Left-shifting 1 by 32+ bits results in 0 due to integer overflow\n- This creates invalid AG sizes (0 or garbage values) in\nsbi-\u003ebmap-\u003edb_agsize\n- Subsequent block allocations would reference invalid AG structures\n- Could lead to:\n - Filesystem corruption during extend operations\n - Kernel crashes due to invalid memory accesses\n - Security vulnerabilities via malformed on-disk structures\n\nFix by casting to s64 before shifting:\nbmp-\u003edb_agsize = (s64)1 \u003c\u003c l2agsize;\n\nThis ensures 64-bit arithmetic even on 32-bit architectures. The cast\nmatches the data type of db_agsize (s64) and follows similar patterns in\nJFS block calculation code.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37858",
"url": "https://www.suse.com/security/cve/CVE-2025-37858"
},
{
"category": "external",
"summary": "SUSE Bug 1243049 for CVE-2025-37858",
"url": "https://bugzilla.suse.com/1243049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37858"
},
{
"cve": "CVE-2025-37862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: pidff: Fix null pointer dereference in pidff_find_fields\n\nThis function triggered a null pointer dereference if used to search for\na report that isn\u0027t implemented on the device. This happened both for\noptional and required reports alike.\n\nThe same logic was applied to pidff_find_special_field and although\npidff_init_fields should return an error earlier if one of the required\nreports is missing, future modifications could change this logic and\nresurface this possible null pointer dereference again.\n\nLKML bug report:\nhttps://lore.kernel.org/all/CAL-gK7f5=R0nrrQdPtaZZr1fd-cdAMbDMuZ_NLA8vM0SX+nGSw@mail.gmail.com",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37862",
"url": "https://www.suse.com/security/cve/CVE-2025-37862"
},
{
"category": "external",
"summary": "SUSE Bug 1242982 for CVE-2025-37862",
"url": "https://bugzilla.suse.com/1242982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37862"
},
{
"cve": "CVE-2025-37865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported\n\nRussell King reports that on the ZII dev rev B, deleting a bridge VLAN\nfrom a user port fails with -ENOENT:\nhttps://lore.kernel.org/netdev/Z_lQXNP0s5-IiJzd@shell.armlinux.org.uk/\n\nThis comes from mv88e6xxx_port_vlan_leave() -\u003e mv88e6xxx_mst_put(),\nwhich tries to find an MST entry in \u0026chip-\u003emsts associated with the SID,\nbut fails and returns -ENOENT as such.\n\nBut we know that this chip does not support MST at all, so that is not\nsurprising. The question is why does the guard in mv88e6xxx_mst_put()\nnot exit early:\n\n\tif (!sid)\n\t\treturn 0;\n\nAnd the answer seems to be simple: the sid comes from vlan.sid which\nsupposedly was previously populated by mv88e6xxx_vtu_get().\nBut some chip-\u003einfo-\u003eops-\u003evtu_getnext() implementations do not populate\nvlan.sid, for example see mv88e6185_g1_vtu_getnext(). In that case,\nlater in mv88e6xxx_port_vlan_leave() we are using a garbage sid which is\njust residual stack memory.\n\nTesting for sid == 0 covers all cases of a non-bridge VLAN or a bridge\nVLAN mapped to the default MSTI. For some chips, SID 0 is valid and\ninstalled by mv88e6xxx_stu_setup(). A chip which does not support the\nSTU would implicitly only support mapping all VLANs to the default MSTI,\nso although SID 0 is not valid, it would be sufficient, if we were to\nzero-initialize the vlan structure, to fix the bug, due to the\ncoincidence that a test for vlan.sid == 0 already exists and leads to\nthe same (correct) behavior.\n\nAnother option which would be sufficient would be to add a test for\nmv88e6xxx_has_stu() inside mv88e6xxx_mst_put(), symmetric to the one\nwhich already exists in mv88e6xxx_mst_get(). But that placement means\nthe caller will have to dereference vlan.sid, which means it will access\nuninitialized memory, which is not nice even if it ignores it later.\n\nSo we end up making both modifications, in order to not rely just on the\nsid == 0 coincidence, but also to avoid having uninitialized structure\nfields which might get temporarily accessed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37865",
"url": "https://www.suse.com/security/cve/CVE-2025-37865"
},
{
"category": "external",
"summary": "SUSE Bug 1242954 for CVE-2025-37865",
"url": "https://bugzilla.suse.com/1242954"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37865"
},
{
"cve": "CVE-2025-37867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Silence oversized kvmalloc() warning\n\nsyzkaller triggered an oversized kvmalloc() warning.\nSilence it by adding __GFP_NOWARN.\n\nsyzkaller log:\n WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node_noprof+0x175/0x180\n CPU: 7 UID: 0 PID: 518 Comm: c_repro Not tainted 6.11.0-rc6+ #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__kvmalloc_node_noprof+0x175/0x180\n RSP: 0018:ffffc90001e67c10 EFLAGS: 00010246\n RAX: 0000000000000100 RBX: 0000000000000400 RCX: ffffffff8149d46b\n RDX: 0000000000000000 RSI: ffff8881030fae80 RDI: 0000000000000002\n RBP: 000000712c800000 R08: 0000000000000100 R09: 0000000000000000\n R10: ffffc90001e67c10 R11: 0030ae0601000000 R12: 0000000000000000\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000\n FS: 00007fde79159740(0000) GS:ffff88813bdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000180 CR3: 0000000105eb4005 CR4: 00000000003706b0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ib_umem_odp_get+0x1f6/0x390\n mlx5_ib_reg_user_mr+0x1e8/0x450\n ib_uverbs_reg_mr+0x28b/0x440\n ib_uverbs_write+0x7d3/0xa30\n vfs_write+0x1ac/0x6c0\n ksys_write+0x134/0x170\n ? __sanitizer_cov_trace_pc+0x1c/0x50\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37867",
"url": "https://www.suse.com/security/cve/CVE-2025-37867"
},
{
"category": "external",
"summary": "SUSE Bug 1242948 for CVE-2025-37867",
"url": "https://bugzilla.suse.com/1242948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37867"
},
{
"cve": "CVE-2025-37870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: prevent hang on link training fail\n\n[Why]\nWhen link training fails, the phy clock will be disabled. However, in\nenable_streams, it is assumed that link training succeeded and the\nmux selects the phy clock, causing a hang when a register write is made.\n\n[How]\nWhen enable_stream is hit, check if link training failed. If it did, fall\nback to the ref clock to avoid a hang and keep the system in a recoverable\nstate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37870",
"url": "https://www.suse.com/security/cve/CVE-2025-37870"
},
{
"category": "external",
"summary": "SUSE Bug 1243056 for CVE-2025-37870",
"url": "https://bugzilla.suse.com/1243056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37870"
},
{
"cve": "CVE-2025-37871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: decrease sc_count directly if fail to queue dl_recall\n\nA deadlock warning occurred when invoking nfs4_put_stid following a failed\ndl_recall queue operation:\n T1 T2\n nfs4_laundromat\n nfs4_get_client_reaplist\n nfs4_anylock_blockers\n__break_lease\n spin_lock // ctx-\u003eflc_lock\n spin_lock // clp-\u003ecl_lock\n nfs4_lockowner_has_blockers\n locks_owner_has_blockers\n spin_lock // flctx-\u003eflc_lock\n nfsd_break_deleg_cb\n nfsd_break_one_deleg\n nfs4_put_stid\n refcount_dec_and_lock\n spin_lock // clp-\u003ecl_lock\n\nWhen a file is opened, an nfs4_delegation is allocated with sc_count\ninitialized to 1, and the file_lease holds a reference to the delegation.\nThe file_lease is then associated with the file through kernel_setlease.\n\nThe disassociation is performed in nfsd4_delegreturn via the following\ncall chain:\nnfsd4_delegreturn --\u003e destroy_delegation --\u003e destroy_unhashed_deleg --\u003e\nnfs4_unlock_deleg_lease --\u003e kernel_setlease --\u003e generic_delete_lease\nThe corresponding sc_count reference will be released after this\ndisassociation.\n\nSince nfsd_break_one_deleg executes while holding the flc_lock, the\ndisassociation process becomes blocked when attempting to acquire flc_lock\nin generic_delete_lease. This means:\n1) sc_count in nfsd_break_one_deleg will not be decremented to 0;\n2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to\nacquire cl_lock;\n3) Consequently, no deadlock condition is created.\n\nGiven that sc_count in nfsd_break_one_deleg remains non-zero, we can\nsafely perform refcount_dec on sc_count directly. This approach\neffectively avoids triggering deadlock warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37871",
"url": "https://www.suse.com/security/cve/CVE-2025-37871"
},
{
"category": "external",
"summary": "SUSE Bug 1242949 for CVE-2025-37871",
"url": "https://bugzilla.suse.com/1242949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37871"
},
{
"cve": "CVE-2025-37873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix missing ring index trim on error path\n\nCommit under Fixes converted tx_prod to be free running but missed\nmasking it on the Tx error path. This crashes on error conditions,\nfor example when DMA mapping fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37873",
"url": "https://www.suse.com/security/cve/CVE-2025-37873"
},
{
"category": "external",
"summary": "SUSE Bug 1242961 for CVE-2025-37873",
"url": "https://bugzilla.suse.com/1242961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37873"
},
{
"cve": "CVE-2025-37874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37874"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ngbe: fix memory leak in ngbe_probe() error path\n\nWhen ngbe_sw_init() is called, memory is allocated for wx-\u003erss_key\nin wx_init_rss_key(). However, in ngbe_probe() function, the subsequent\nerror paths after ngbe_sw_init() don\u0027t free the rss_key. Fix that by\nfreeing it in error path along with wx-\u003emac_table.\n\nAlso change the label to which execution jumps when ngbe_sw_init()\nfails, because otherwise, it could lead to a double free for rss_key,\nwhen the mac_table allocation fails in wx_sw_init().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37874",
"url": "https://www.suse.com/security/cve/CVE-2025-37874"
},
{
"category": "external",
"summary": "SUSE Bug 1242940 for CVE-2025-37874",
"url": "https://bugzilla.suse.com/1242940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37874"
},
{
"cve": "CVE-2025-37875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix PTM cycle trigger logic\n\nWriting to clear the PTM status \u0027valid\u0027 bit while the PTM cycle is\ntriggered results in unreliable PTM operation. To fix this, clear the\nPTM \u0027trigger\u0027 and status after each PTM transaction.\n\nThe issue can be reproduced with the following:\n\n$ sudo phc2sys -R 1000 -O 0 -i tsn0 -m\n\nNote: 1000 Hz (-R 1000) is unrealistically large, but provides a way to\nquickly reproduce the issue.\n\nPHC2SYS exits with:\n\n\"ioctl PTP_OFFSET_PRECISE: Connection timed out\" when the PTM transaction\n fails\n\nThis patch also fixes a hang in igc_probe() when loading the igc\ndriver in the kdump kernel on systems supporting PTM.\n\nThe igc driver running in the base kernel enables PTM trigger in\nigc_probe(). Therefore the driver is always in PTM trigger mode,\nexcept in brief periods when manually triggering a PTM cycle.\n\nWhen a crash occurs, the NIC is reset while PTM trigger is enabled.\nDue to a hardware problem, the NIC is subsequently in a bad busmaster\nstate and doesn\u0027t handle register reads/writes. When running\nigc_probe() in the kdump kernel, the first register access to a NIC\nregister hangs driver probing and ultimately breaks kdump.\n\nWith this patch, igc has PTM trigger disabled most of the time,\nand the trigger is only enabled for very brief (10 - 100 us) periods\nwhen manually triggering a PTM cycle. Chances that a crash occurs\nduring a PTM trigger are not 0, but extremely reduced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37875",
"url": "https://www.suse.com/security/cve/CVE-2025-37875"
},
{
"category": "external",
"summary": "SUSE Bug 1242959 for CVE-2025-37875",
"url": "https://bugzilla.suse.com/1242959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37875"
},
{
"cve": "CVE-2025-37879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37879"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/net: fix improper handling of bogus negative read/write replies\n\nIn p9_client_write() and p9_client_read_once(), if the server\nincorrectly replies with success but a negative write/read count then we\nwould consider written (negative) \u003c= rsize (positive) because both\nvariables were signed.\n\nMake variables unsigned to avoid this problem.\n\nThe reproducer linked below now fails with the following error instead\nof a null pointer deref:\n9pnet: bogus RWRITE count (4294967295 \u003e 3)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37879",
"url": "https://www.suse.com/security/cve/CVE-2025-37879"
},
{
"category": "external",
"summary": "SUSE Bug 1243077 for CVE-2025-37879",
"url": "https://bugzilla.suse.com/1243077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37879"
},
{
"cve": "CVE-2025-37881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()\n\nThe variable d-\u003ename, returned by devm_kasprintf(), could be NULL.\nA pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37881",
"url": "https://www.suse.com/security/cve/CVE-2025-37881"
},
{
"category": "external",
"summary": "SUSE Bug 1242973 for CVE-2025-37881",
"url": "https://bugzilla.suse.com/1242973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37881"
},
{
"cve": "CVE-2025-37886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: make wait_context part of q_info\n\nMake the wait_context a full part of the q_info struct rather\nthan a stack variable that goes away after pdsc_adminq_post()\nis done so that the context is still available after the wait\nloop has given up.\n\nThere was a case where a slow development firmware caused\nthe adminq request to time out, but then later the FW finally\nfinished the request and sent the interrupt. The handler tried\nto complete_all() the completion context that had been created\non the stack in pdsc_adminq_post() but no longer existed.\nThis caused bad pointer usage, kernel crashes, and much wailing\nand gnashing of teeth.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37886",
"url": "https://www.suse.com/security/cve/CVE-2025-37886"
},
{
"category": "external",
"summary": "SUSE Bug 1242944 for CVE-2025-37886",
"url": "https://bugzilla.suse.com/1242944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37886"
},
{
"cve": "CVE-2025-37887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result\n\nIf the FW doesn\u0027t support the PDS_CORE_CMD_FW_CONTROL command\nthe driver might at the least print garbage and at the worst\ncrash when the user runs the \"devlink dev info\" devlink command.\n\nThis happens because the stack variable fw_list is not 0\ninitialized which results in fw_list.num_fw_slots being a\ngarbage value from the stack. Then the driver tries to access\nfw_list.fw_names[i] with i \u003e= ARRAY_SIZE and runs off the end\nof the array.\n\nFix this by initializing the fw_list and by not failing\ncompletely if the devcmd fails because other useful information\nis printed via devlink dev info even if the devcmd fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37887",
"url": "https://www.suse.com/security/cve/CVE-2025-37887"
},
{
"category": "external",
"summary": "SUSE Bug 1242962 for CVE-2025-37887",
"url": "https://bugzilla.suse.com/1242962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37887"
},
{
"cve": "CVE-2025-37889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Consistently treat platform_max as control value\n\nThis reverts commit 9bdd10d57a88 (\"ASoC: ops: Shift tested values in\nsnd_soc_put_volsw() by +min\"), and makes some additional related\nupdates.\n\nThere are two ways the platform_max could be interpreted; the maximum\nregister value, or the maximum value the control can be set to. The\npatch moved from treating the value as a control value to a register\none. When the patch was applied it was technically correct as\nsnd_soc_limit_volume() also used the register interpretation. However,\neven then most of the other usages treated platform_max as a\ncontrol value, and snd_soc_limit_volume() has since been updated to\nalso do so in commit fb9ad24485087 (\"ASoC: ops: add correct range\ncheck for limiting volume\"). That patch however, missed updating\nsnd_soc_put_volsw() back to the control interpretation, and fixing\nsnd_soc_info_volsw_range(). The control interpretation makes more\nsense as limiting is typically done from the machine driver, so it is\nappropriate to use the customer facing representation rather than the\ninternal codec representation. Update all the code to consistently use\nthis interpretation of platform_max.\n\nFinally, also add some comments to the soc_mixer_control struct to\nhopefully avoid further patches switching between the two approaches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37889",
"url": "https://www.suse.com/security/cve/CVE-2025-37889"
},
{
"category": "external",
"summary": "SUSE Bug 1242945 for CVE-2025-37889",
"url": "https://bugzilla.suse.com/1242945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37889"
},
{
"cve": "CVE-2025-37890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], we have a UAF case when an hfsc class\nhas a netem child qdisc. The crux of the issue is that hfsc is assuming\nthat checking for cl-\u003eqdisc-\u003eq.qlen == 0 guarantees that it hasn\u0027t inserted\nthe class in the vttree or eltree (which is not true for the netem\nduplicate case).\n\nThis patch checks the n_active class variable to make sure that the code\nwon\u0027t insert the class in the vttree or eltree twice, catering for the\nreentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37890",
"url": "https://www.suse.com/security/cve/CVE-2025-37890"
},
{
"category": "external",
"summary": "SUSE Bug 1243330 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "external",
"summary": "SUSE Bug 1245791 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1245791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "important"
}
],
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-37891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ump: Fix buffer overflow at UMP SysEx message conversion\n\nThe conversion function from MIDI 1.0 to UMP packet contains an\ninternal buffer to keep the incoming MIDI bytes, and its size is 4, as\nit was supposed to be the max size for a MIDI1 UMP packet data.\nHowever, the implementation overlooked that SysEx is handled in a\ndifferent format, and it can be up to 6 bytes, as found in\ndo_convert_to_ump(). It leads eventually to a buffer overflow, and\nmay corrupt the memory when a longer SysEx message is received.\n\nThe fix is simply to extend the buffer size to 6 to fit with the SysEx\nUMP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37891",
"url": "https://www.suse.com/security/cve/CVE-2025-37891"
},
{
"category": "external",
"summary": "SUSE Bug 1243589 for CVE-2025-37891",
"url": "https://bugzilla.suse.com/1243589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37891"
},
{
"cve": "CVE-2025-37892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: inftlcore: Add error check for inftl_read_oob()\n\nIn INFTL_findwriteunit(), the return value of inftl_read_oob()\nneed to be checked. A proper implementation can be\nfound in INFTL_deleteblock(). The status will be set as\nSECTOR_IGNORE to break from the while-loop correctly\nif the inftl_read_oob() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37892",
"url": "https://www.suse.com/security/cve/CVE-2025-37892"
},
{
"category": "external",
"summary": "SUSE Bug 1243536 for CVE-2025-37892",
"url": "https://bugzilla.suse.com/1243536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37892"
},
{
"cve": "CVE-2025-37897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37897"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: plfxlc: Remove erroneous assert in plfxlc_mac_release\n\nplfxlc_mac_release() asserts that mac-\u003elock is held. This assertion is\nincorrect, because even if it was possible, it would not be the valid\nbehaviour. The function is used when probe fails or after the device is\ndisconnected. In both cases mac-\u003elock can not be held as the driver is\nnot working with the device at the moment. All functions that use mac-\u003elock\nunlock it just after it was held. There is also no need to hold mac-\u003elock\nfor plfxlc_mac_release() itself, as mac data is not affected, except for\nmac-\u003eflags, which is modified atomically.\n\nThis bug leads to the following warning:\n================================================================\nWARNING: CPU: 0 PID: 127 at drivers/net/wireless/purelifi/plfxlc/mac.c:106 plfxlc_mac_release+0x7d/0xa0\nModules linked in:\nCPU: 0 PID: 127 Comm: kworker/0:2 Not tainted 6.1.124-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:plfxlc_mac_release+0x7d/0xa0 drivers/net/wireless/purelifi/plfxlc/mac.c:106\nCall Trace:\n \u003cTASK\u003e\n probe+0x941/0xbd0 drivers/net/wireless/purelifi/plfxlc/usb.c:694\n usb_probe_interface+0x5c0/0xaf0 drivers/usb/core/driver.c:396\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_set_configuration+0x19dd/0x2020 drivers/usb/core/message.c:2165\n usb_generic_driver_probe+0x84/0x140 drivers/usb/core/generic.c:238\n usb_probe_device+0x130/0x260 drivers/usb/core/driver.c:293\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_new_device+0xbdd/0x18f0 drivers/usb/core/hub.c:2620\n hub_port_connect drivers/usb/core/hub.c:5477 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5617 [inline]\n port_event drivers/usb/core/hub.c:5773 [inline]\n hub_event+0x2efe/0x5730 drivers/usb/core/hub.c:5855\n process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292\n worker_thread+0xa47/0x1200 kernel/workqueue.c:2439\n kthread+0x28d/0x320 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n \u003c/TASK\u003e\n================================================================\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37897",
"url": "https://www.suse.com/security/cve/CVE-2025-37897"
},
{
"category": "external",
"summary": "SUSE Bug 1243534 for CVE-2025-37897",
"url": "https://bugzilla.suse.com/1243534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "low"
}
],
"title": "CVE-2025-37897"
},
{
"cve": "CVE-2025-37900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix two issues in iommu_copy_struct_from_user()\n\nIn the review for iommu_copy_struct_to_user() helper, Matt pointed out that\na NULL pointer should be rejected prior to dereferencing it:\nhttps://lore.kernel.org/all/86881827-8E2D-461C-BDA3-FA8FD14C343C@nvidia.com\n\nAnd Alok pointed out a typo at the same time:\nhttps://lore.kernel.org/all/480536af-6830-43ce-a327-adbd13dc3f1d@oracle.com\n\nSince both issues were copied from iommu_copy_struct_from_user(), fix them\nfirst in the current header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37900",
"url": "https://www.suse.com/security/cve/CVE-2025-37900"
},
{
"category": "external",
"summary": "SUSE Bug 1243560 for CVE-2025-37900",
"url": "https://bugzilla.suse.com/1243560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37900"
},
{
"cve": "CVE-2025-37901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs\n\nOn Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not\nhave a corresponding MPM pin and should not be handled inside the MPM\ndriver. The IRQ domain hierarchy is always applied, so it\u0027s required to\nexplicitly disconnect the hierarchy for those. The pinctrl-msm driver marks\nthese with GPIO_NO_WAKE_IRQ. qcom-pdc has a check for this, but\nirq-qcom-mpm is currently missing the check. This is causing crashes when\nsetting up interrupts for non-wake GPIOs:\n\n root@rb1:~# gpiomon -c gpiochip1 10\n irq: IRQ159: trimming hierarchy from :soc@0:interrupt-controller@f200000-1\n Unable to handle kernel paging request at virtual address ffff8000a1dc3820\n Hardware name: Qualcomm Technologies, Inc. Robotics RB1 (DT)\n pc : mpm_set_type+0x80/0xcc\n lr : mpm_set_type+0x5c/0xcc\n Call trace:\n mpm_set_type+0x80/0xcc (P)\n qcom_mpm_set_type+0x64/0x158\n irq_chip_set_type_parent+0x20/0x38\n msm_gpio_irq_set_type+0x50/0x530\n __irq_set_trigger+0x60/0x184\n __setup_irq+0x304/0x6bc\n request_threaded_irq+0xc8/0x19c\n edge_detector_setup+0x260/0x364\n linereq_create+0x420/0x5a8\n gpio_ioctl+0x2d4/0x6c0\n\nFix this by copying the check for GPIO_NO_WAKE_IRQ from qcom-pdc.c, so that\nMPM is removed entirely from the hierarchy for non-wake GPIOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37901",
"url": "https://www.suse.com/security/cve/CVE-2025-37901"
},
{
"category": "external",
"summary": "SUSE Bug 1243559 for CVE-2025-37901",
"url": "https://bugzilla.suse.com/1243559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37901"
},
{
"cve": "CVE-2025-37903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free in hdcp\n\nThe HDCP code in amdgpu_dm_hdcp.c copies pointers to amdgpu_dm_connector\nobjects without incrementing the kref reference counts. When using a\nUSB-C dock, and the dock is unplugged, the corresponding\namdgpu_dm_connector objects are freed, creating dangling pointers in the\nHDCP code. When the dock is plugged back, the dangling pointers are\ndereferenced, resulting in a slab-use-after-free:\n\n[ 66.775837] BUG: KASAN: slab-use-after-free in event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776171] Read of size 4 at addr ffff888127804120 by task kworker/0:1/10\n\n[ 66.776179] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.14.0-rc7-00180-g54505f727a38-dirty #233\n[ 66.776183] Hardware name: HP HP Pavilion Aero Laptop 13-be0xxx/8916, BIOS F.17 12/18/2024\n[ 66.776186] Workqueue: events event_property_validate [amdgpu]\n[ 66.776494] Call Trace:\n[ 66.776496] \u003cTASK\u003e\n[ 66.776497] dump_stack_lvl+0x70/0xa0\n[ 66.776504] print_report+0x175/0x555\n[ 66.776507] ? __virt_addr_valid+0x243/0x450\n[ 66.776510] ? kasan_complete_mode_report_info+0x66/0x1c0\n[ 66.776515] kasan_report+0xeb/0x1c0\n[ 66.776518] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776819] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777121] __asan_report_load4_noabort+0x14/0x20\n[ 66.777124] event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777342] ? __lock_acquire+0x6b40/0x6b40\n[ 66.777347] ? enable_assr+0x250/0x250 [amdgpu]\n[ 66.777571] process_one_work+0x86b/0x1510\n[ 66.777575] ? pwq_dec_nr_in_flight+0xcf0/0xcf0\n[ 66.777578] ? assign_work+0x16b/0x280\n[ 66.777580] ? lock_is_held_type+0xa3/0x130\n[ 66.777583] worker_thread+0x5c0/0xfa0\n[ 66.777587] ? process_one_work+0x1510/0x1510\n[ 66.777588] kthread+0x3a2/0x840\n[ 66.777591] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777594] ? trace_hardirqs_on+0x4f/0x60\n[ 66.777597] ? _raw_spin_unlock_irq+0x27/0x60\n[ 66.777599] ? calculate_sigpending+0x77/0xa0\n[ 66.777602] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777605] ret_from_fork+0x40/0x90\n[ 66.777607] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777609] ret_from_fork_asm+0x11/0x20\n[ 66.777614] \u003c/TASK\u003e\n\n[ 66.777643] Allocated by task 10:\n[ 66.777646] kasan_save_stack+0x39/0x60\n[ 66.777649] kasan_save_track+0x14/0x40\n[ 66.777652] kasan_save_alloc_info+0x37/0x50\n[ 66.777655] __kasan_kmalloc+0xbb/0xc0\n[ 66.777658] __kmalloc_cache_noprof+0x1c8/0x4b0\n[ 66.777661] dm_dp_add_mst_connector+0xdd/0x5c0 [amdgpu]\n[ 66.777880] drm_dp_mst_port_add_connector+0x47e/0x770 [drm_display_helper]\n[ 66.777892] drm_dp_send_link_address+0x1554/0x2bf0 [drm_display_helper]\n[ 66.777901] drm_dp_check_and_send_link_address+0x187/0x1f0 [drm_display_helper]\n[ 66.777909] drm_dp_mst_link_probe_work+0x2b8/0x410 [drm_display_helper]\n[ 66.777917] process_one_work+0x86b/0x1510\n[ 66.777919] worker_thread+0x5c0/0xfa0\n[ 66.777922] kthread+0x3a2/0x840\n[ 66.777925] ret_from_fork+0x40/0x90\n[ 66.777927] ret_from_fork_asm+0x11/0x20\n\n[ 66.777932] Freed by task 1713:\n[ 66.777935] kasan_save_stack+0x39/0x60\n[ 66.777938] kasan_save_track+0x14/0x40\n[ 66.777940] kasan_save_free_info+0x3b/0x60\n[ 66.777944] __kasan_slab_free+0x52/0x70\n[ 66.777946] kfree+0x13f/0x4b0\n[ 66.777949] dm_dp_mst_connector_destroy+0xfa/0x150 [amdgpu]\n[ 66.778179] drm_connector_free+0x7d/0xb0\n[ 66.778184] drm_mode_object_put.part.0+0xee/0x160\n[ 66.778188] drm_mode_object_put+0x37/0x50\n[ 66.778191] drm_atomic_state_default_clear+0x220/0xd60\n[ 66.778194] __drm_atomic_state_free+0x16e/0x2a0\n[ 66.778197] drm_mode_atomic_ioctl+0x15ed/0x2ba0\n[ 66.778200] drm_ioctl_kernel+0x17a/0x310\n[ 66.778203] drm_ioctl+0x584/0xd10\n[ 66.778206] amdgpu_drm_ioctl+0xd2/0x1c0 [amdgpu]\n[ 66.778375] __x64_sys_ioctl+0x139/0x1a0\n[ 66.778378] x64_sys_call+0xee7/0xfb0\n[ 66.778381] \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37903",
"url": "https://www.suse.com/security/cve/CVE-2025-37903"
},
{
"category": "external",
"summary": "SUSE Bug 1243562 for CVE-2025-37903",
"url": "https://bugzilla.suse.com/1243562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37903"
},
{
"cve": "CVE-2025-37905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Balance device refcount when destroying devices\n\nUsing device_find_child() to lookup the proper SCMI device to destroy\ncauses an unbalance in device refcount, since device_find_child() calls an\nimplicit get_device(): this, in turns, inhibits the call of the provided\nrelease methods upon devices destruction.\n\nAs a consequence, one of the structures that is not freed properly upon\ndestruction is the internal struct device_private dev-\u003ep populated by the\ndrivers subsystem core.\n\nKMemleak detects this situation since loading/unloding some SCMI driver\ncauses related devices to be created/destroyed without calling any\ndevice_release method.\n\nunreferenced object 0xffff00000f583800 (size 512):\n comm \"insmod\", pid 227, jiffies 4294912190\n hex dump (first 32 bytes):\n 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........\n ff ff ff ff ff ff ff ff 60 36 1d 8a 00 80 ff ff ........`6......\n backtrace (crc 114e2eed):\n kmemleak_alloc+0xbc/0xd8\n __kmalloc_cache_noprof+0x2dc/0x398\n device_add+0x954/0x12d0\n device_register+0x28/0x40\n __scmi_device_create.part.0+0x1bc/0x380\n scmi_device_create+0x2d0/0x390\n scmi_create_protocol_devices+0x74/0xf8\n scmi_device_request_notifier+0x1f8/0x2a8\n notifier_call_chain+0x110/0x3b0\n blocking_notifier_call_chain+0x70/0xb0\n scmi_driver_register+0x350/0x7f0\n 0xffff80000a3b3038\n do_one_initcall+0x12c/0x730\n do_init_module+0x1dc/0x640\n load_module+0x4b20/0x5b70\n init_module_from_file+0xec/0x158\n\n$ ./scripts/faddr2line ./vmlinux device_add+0x954/0x12d0\ndevice_add+0x954/0x12d0:\nkmalloc_noprof at include/linux/slab.h:901\n(inlined by) kzalloc_noprof at include/linux/slab.h:1037\n(inlined by) device_private_init at drivers/base/core.c:3510\n(inlined by) device_add at drivers/base/core.c:3561\n\nBalance device refcount by issuing a put_device() on devices found via\ndevice_find_child().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37905",
"url": "https://www.suse.com/security/cve/CVE-2025-37905"
},
{
"category": "external",
"summary": "SUSE Bug 1243456 for CVE-2025-37905",
"url": "https://bugzilla.suse.com/1243456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37905"
},
{
"cve": "CVE-2025-37911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix out-of-bound memcpy() during ethtool -w\n\nWhen retrieving the FW coredump using ethtool, it can sometimes cause\nmemory corruption:\n\nBUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nCorrupted memory at 0x000000008f0f30e8 [ ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ] (in kfence-#45):\n__bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nethtool_get_dump_data+0xdc/0x1a0\n__dev_ethtool+0xa1e/0x1af0\ndev_ethtool+0xa8/0x170\ndev_ioctl+0x1b5/0x580\nsock_do_ioctl+0xab/0xf0\nsock_ioctl+0x1ce/0x2e0\n__x64_sys_ioctl+0x87/0xc0\ndo_syscall_64+0x5c/0xf0\nentry_SYSCALL_64_after_hwframe+0x78/0x80\n\n...\n\nThis happens when copying the coredump segment list in\nbnxt_hwrm_dbg_dma_data() with the HWRM_DBG_COREDUMP_LIST FW command.\nThe info-\u003edest_buf buffer is allocated based on the number of coredump\nsegments returned by the FW. The segment list is then DMA\u0027ed by\nthe FW and the length of the DMA is returned by FW. The driver then\ncopies this DMA\u0027ed segment list to info-\u003edest_buf.\n\nIn some cases, this DMA length may exceed the info-\u003edest_buf length\nand cause the above BUG condition. Fix it by capping the copy\nlength to not exceed the length of info-\u003edest_buf. The extra\nDMA data contains no useful information.\n\nThis code path is shared for the HWRM_DBG_COREDUMP_LIST and the\nHWRM_DBG_COREDUMP_RETRIEVE FW commands. The buffering is different\nfor these 2 FW commands. To simplify the logic, we need to move\nthe line to adjust the buffer length for HWRM_DBG_COREDUMP_RETRIEVE\nup, so that the new check to cap the copy length will work for both\ncommands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37911",
"url": "https://www.suse.com/security/cve/CVE-2025-37911"
},
{
"category": "external",
"summary": "SUSE Bug 1243469 for CVE-2025-37911",
"url": "https://bugzilla.suse.com/1243469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37911"
},
{
"cve": "CVE-2025-37912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()\n\nAs mentioned in the commit baeb705fd6a7 (\"ice: always check VF VSI\npointer values\"), we need to perform a null pointer check on the return\nvalue of ice_get_vf_vsi() before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37912",
"url": "https://www.suse.com/security/cve/CVE-2025-37912"
},
{
"category": "external",
"summary": "SUSE Bug 1243470 for CVE-2025-37912",
"url": "https://bugzilla.suse.com/1243470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37912"
},
{
"cve": "CVE-2025-37913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: qfq: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of qfq, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nThis patch checks whether the class was already added to the agg-\u003eactive\nlist (cl_is_active) before doing the addition to cater for the reentrant\ncase.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37913",
"url": "https://www.suse.com/security/cve/CVE-2025-37913"
},
{
"category": "external",
"summary": "SUSE Bug 1243471 for CVE-2025-37913",
"url": "https://bugzilla.suse.com/1243471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37913"
},
{
"cve": "CVE-2025-37914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: ets: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of ets, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether\nthe class was already added to the active_list (cl_is_active) before\ndoing the addition to cater for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37914",
"url": "https://www.suse.com/security/cve/CVE-2025-37914"
},
{
"category": "external",
"summary": "SUSE Bug 1243472 for CVE-2025-37914",
"url": "https://bugzilla.suse.com/1243472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37914"
},
{
"cve": "CVE-2025-37915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: drr: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of drr, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether the\nclass was already added to the active_list (cl_is_active) before adding\nto the list to cover for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37915",
"url": "https://www.suse.com/security/cve/CVE-2025-37915"
},
{
"category": "external",
"summary": "SUSE Bug 1243473 for CVE-2025-37915",
"url": "https://bugzilla.suse.com/1243473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37915"
},
{
"cve": "CVE-2025-37917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll\n\nUse spin_lock_irqsave and spin_unlock_irqrestore instead of spin_lock\nand spin_unlock in mtk_star_emac driver to avoid spinlock recursion\noccurrence that can happen when enabling the DMA interrupts again in\nrx/tx poll.\n\n```\nBUG: spinlock recursion on CPU#0, swapper/0/0\n lock: 0xffff00000db9cf20, .magic: dead4ead, .owner: swapper/0/0,\n .owner_cpu: 0\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted\n 6.15.0-rc2-next-20250417-00001-gf6a27738686c-dirty #28 PREEMPT\nHardware name: MediaTek MT8365 Open Platform EVK (DT)\nCall trace:\n show_stack+0x18/0x24 (C)\n dump_stack_lvl+0x60/0x80\n dump_stack+0x18/0x24\n spin_dump+0x78/0x88\n do_raw_spin_lock+0x11c/0x120\n _raw_spin_lock+0x20/0x2c\n mtk_star_handle_irq+0xc0/0x22c [mtk_star_emac]\n __handle_irq_event_percpu+0x48/0x140\n handle_irq_event+0x4c/0xb0\n handle_fasteoi_irq+0xa0/0x1bc\n handle_irq_desc+0x34/0x58\n generic_handle_domain_irq+0x1c/0x28\n gic_handle_irq+0x4c/0x120\n do_interrupt_handler+0x50/0x84\n el1_interrupt+0x34/0x68\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x6c/0x70\n regmap_mmio_read32le+0xc/0x20 (P)\n _regmap_bus_reg_read+0x6c/0xac\n _regmap_read+0x60/0xdc\n regmap_read+0x4c/0x80\n mtk_star_rx_poll+0x2f4/0x39c [mtk_star_emac]\n __napi_poll+0x38/0x188\n net_rx_action+0x164/0x2c0\n handle_softirqs+0x100/0x244\n __do_softirq+0x14/0x20\n ____do_softirq+0x10/0x20\n call_on_irq_stack+0x24/0x64\n do_softirq_own_stack+0x1c/0x40\n __irq_exit_rcu+0xd4/0x10c\n irq_exit_rcu+0x10/0x1c\n el1_interrupt+0x38/0x68\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x6c/0x70\n cpuidle_enter_state+0xac/0x320 (P)\n cpuidle_enter+0x38/0x50\n do_idle+0x1e4/0x260\n cpu_startup_entry+0x34/0x3c\n rest_init+0xdc/0xe0\n console_on_rootfs+0x0/0x6c\n __primary_switched+0x88/0x90\n```",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37917",
"url": "https://www.suse.com/security/cve/CVE-2025-37917"
},
{
"category": "external",
"summary": "SUSE Bug 1243475 for CVE-2025-37917",
"url": "https://bugzilla.suse.com/1243475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37917"
},
{
"cve": "CVE-2025-37918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: avoid NULL pointer dereference in skb_dequeue()\n\nA NULL pointer dereference can occur in skb_dequeue() when processing a\nQCA firmware crash dump on WCN7851 (0489:e0f3).\n\n[ 93.672166] Bluetooth: hci0: ACL memdump size(589824)\n\n[ 93.672475] BUG: kernel NULL pointer dereference, address: 0000000000000008\n[ 93.672517] Workqueue: hci0 hci_devcd_rx [bluetooth]\n[ 93.672598] RIP: 0010:skb_dequeue+0x50/0x80\n\nThe issue stems from handle_dump_pkt_qca() returning 0 even when a dump\npacket is successfully processed. This is because it incorrectly\nforwards the return value of hci_devcd_init() (which returns 0 on\nsuccess). As a result, the caller (btusb_recv_acl_qca() or\nbtusb_recv_evt_qca()) assumes the packet was not handled and passes it\nto hci_recv_frame(), leading to premature kfree() of the skb.\n\nLater, hci_devcd_rx() attempts to dequeue the same skb from the dump\nqueue, resulting in a NULL pointer dereference.\n\nFix this by:\n1. Making handle_dump_pkt_qca() return 0 on success and negative errno\n on failure, consistent with kernel conventions.\n2. Splitting dump packet detection into separate functions for ACL\n and event packets for better structure and readability.\n\nThis ensures dump packets are properly identified and consumed, avoiding\ndouble handling and preventing NULL pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37918",
"url": "https://www.suse.com/security/cve/CVE-2025-37918"
},
{
"category": "external",
"summary": "SUSE Bug 1243476 for CVE-2025-37918",
"url": "https://bugzilla.suse.com/1243476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37918"
},
{
"cve": "CVE-2025-37925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: reject on-disk inodes of an unsupported type\n\nSyzbot has reported the following BUG:\n\nkernel BUG at fs/inode.c:668!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted 6.12.0-rc4-syzkaller-00085-g4e46774408d9 #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\nRIP: 0010:clear_inode+0x168/0x190\nCode: 4c 89 f7 e8 ba fe e5 ff e9 61 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 7c c1 4c 89 f7 e8 90 ff e5 ff eb b7\n 0b e8 01 5d 7f ff 90 0f 0b e8 f9 5c 7f ff 90 0f 0b e8 f1 5c 7f\nRSP: 0018:ffffc900027dfae8 EFLAGS: 00010093\nRAX: ffffffff82157a87 RBX: 0000000000000001 RCX: ffff888104d4b980\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\nRBP: ffffc900027dfc90 R08: ffffffff82157977 R09: fffff520004fbf38\nR10: dffffc0000000000 R11: fffff520004fbf38 R12: dffffc0000000000\nR13: ffff88811315bc00 R14: ffff88811315bda8 R15: ffff88811315bb80\nFS: 0000000000000000(0000) GS:ffff888135f00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005565222e0578 CR3: 0000000026ef0000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n ? __die_body+0x5f/0xb0\n ? die+0x9e/0xc0\n ? do_trap+0x15a/0x3a0\n ? clear_inode+0x168/0x190\n ? do_error_trap+0x1dc/0x2c0\n ? clear_inode+0x168/0x190\n ? __pfx_do_error_trap+0x10/0x10\n ? report_bug+0x3cd/0x500\n ? handle_invalid_op+0x34/0x40\n ? clear_inode+0x168/0x190\n ? exc_invalid_op+0x38/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? clear_inode+0x57/0x190\n ? clear_inode+0x167/0x190\n ? clear_inode+0x168/0x190\n ? clear_inode+0x167/0x190\n jfs_evict_inode+0xb5/0x440\n ? __pfx_jfs_evict_inode+0x10/0x10\n evict+0x4ea/0x9b0\n ? __pfx_evict+0x10/0x10\n ? iput+0x713/0xa50\n txUpdateMap+0x931/0xb10\n ? __pfx_txUpdateMap+0x10/0x10\n jfs_lazycommit+0x49a/0xb80\n ? _raw_spin_unlock_irqrestore+0x8f/0x140\n ? lockdep_hardirqs_on+0x99/0x150\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_default_wake_function+0x10/0x10\n ? __kthread_parkme+0x169/0x1d0\n ? __pfx_jfs_lazycommit+0x10/0x10\n kthread+0x2f2/0x390\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4d/0x80\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nThis happens when \u0027clear_inode()\u0027 makes an attempt to finalize an underlying\nJFS inode of unknown type. According to JFS layout description from\nhttps://jfs.sourceforge.net/project/pub/jfslayout.pdf, inode types from 5 to\n15 are reserved for future extensions and should not be encountered on a valid\nfilesystem. So add an extra check for valid inode type in \u0027copy_from_dinode()\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37925",
"url": "https://www.suse.com/security/cve/CVE-2025-37925"
},
{
"category": "external",
"summary": "SUSE Bug 1241654 for CVE-2025-37925",
"url": "https://bugzilla.suse.com/1241654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37925"
},
{
"cve": "CVE-2025-37928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-bufio: don\u0027t schedule in atomic context\n\nA BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and\ntry_verify_in_tasklet are enabled.\n[ 129.444685][ T934] BUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2421\n[ 129.444723][ T934] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 934, name: kworker/1:4\n[ 129.444740][ T934] preempt_count: 201, expected: 0\n[ 129.444756][ T934] RCU nest depth: 0, expected: 0\n[ 129.444781][ T934] Preemption disabled at:\n[ 129.444789][ T934] [\u003cffffffd816231900\u003e] shrink_work+0x21c/0x248\n[ 129.445167][ T934] kernel BUG at kernel/sched/walt/walt_debug.c:16!\n[ 129.445183][ T934] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ 129.445204][ T934] Skip md ftrace buffer dump for: 0x1609e0\n[ 129.447348][ T934] CPU: 1 PID: 934 Comm: kworker/1:4 Tainted: G W OE 6.6.56-android15-8-o-g6f82312b30b9-debug #1 1400000003000000474e5500b3187743670464e8\n[ 129.447362][ T934] Hardware name: Qualcomm Technologies, Inc. Parrot QRD, Alpha-M (DT)\n[ 129.447373][ T934] Workqueue: dm_bufio_cache shrink_work\n[ 129.447394][ T934] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 129.447406][ T934] pc : android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug]\n[ 129.447435][ T934] lr : __traceiter_android_rvh_schedule_bug+0x44/0x6c\n[ 129.447451][ T934] sp : ffffffc0843dbc90\n[ 129.447459][ T934] x29: ffffffc0843dbc90 x28: ffffffffffffffff x27: 0000000000000c8b\n[ 129.447479][ T934] x26: 0000000000000040 x25: ffffff804b3d6260 x24: ffffffd816232b68\n[ 129.447497][ T934] x23: ffffff805171c5b4 x22: 0000000000000000 x21: ffffffd816231900\n[ 129.447517][ T934] x20: ffffff80306ba898 x19: 0000000000000000 x18: ffffffc084159030\n[ 129.447535][ T934] x17: 00000000d2b5dd1f x16: 00000000d2b5dd1f x15: ffffffd816720358\n[ 129.447554][ T934] x14: 0000000000000004 x13: ffffff89ef978000 x12: 0000000000000003\n[ 129.447572][ T934] x11: ffffffd817a823c4 x10: 0000000000000202 x9 : 7e779c5735de9400\n[ 129.447591][ T934] x8 : ffffffd81560d004 x7 : 205b5d3938373434 x6 : ffffffd8167397c8\n[ 129.447610][ T934] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffffffc0843db9e0\n[ 129.447629][ T934] x2 : 0000000000002f15 x1 : 0000000000000000 x0 : 0000000000000000\n[ 129.447647][ T934] Call trace:\n[ 129.447655][ T934] android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug 1400000003000000474e550080cce8a8a78606b6]\n[ 129.447681][ T934] __might_resched+0x190/0x1a8\n[ 129.447694][ T934] shrink_work+0x180/0x248\n[ 129.447706][ T934] process_one_work+0x260/0x624\n[ 129.447718][ T934] worker_thread+0x28c/0x454\n[ 129.447729][ T934] kthread+0x118/0x158\n[ 129.447742][ T934] ret_from_fork+0x10/0x20\n[ 129.447761][ T934] Code: ???????? ???????? ???????? d2b5dd1f (d4210000)\n[ 129.447772][ T934] ---[ end trace 0000000000000000 ]---\n\ndm_bufio_lock will call spin_lock_bh when try_verify_in_tasklet\nis enabled, and __scan will be called in atomic context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37928",
"url": "https://www.suse.com/security/cve/CVE-2025-37928"
},
{
"category": "external",
"summary": "SUSE Bug 1243621 for CVE-2025-37928",
"url": "https://bugzilla.suse.com/1243621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37928"
},
{
"cve": "CVE-2025-37929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays\n\nCommit a5951389e58d (\"arm64: errata: Add newer ARM cores to the\nspectre_bhb_loop_affected() lists\") added some additional CPUs to the\nSpectre-BHB workaround, including some new arrays for designs that\nrequire new \u0027k\u0027 values for the workaround to be effective.\n\nUnfortunately, the new arrays omitted the sentinel entry and so\nis_midr_in_range_list() will walk off the end when it doesn\u0027t find a\nmatch. With UBSAN enabled, this leads to a crash during boot when\nis_midr_in_range_list() is inlined (which was more common prior to\nc8c2647e69be (\"arm64: Make _midr_in_range_list() an exported\nfunction\")):\n\n | Internal error: aarch64 BRK: 00000000f2000001 [#1] PREEMPT SMP\n | pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n | pc : spectre_bhb_loop_affected+0x28/0x30\n | lr : is_spectre_bhb_affected+0x170/0x190\n | [...]\n | Call trace:\n | spectre_bhb_loop_affected+0x28/0x30\n | update_cpu_capabilities+0xc0/0x184\n | init_cpu_features+0x188/0x1a4\n | cpuinfo_store_boot_cpu+0x4c/0x60\n | smp_prepare_boot_cpu+0x38/0x54\n | start_kernel+0x8c/0x478\n | __primary_switched+0xc8/0xd4\n | Code: 6b09011f 54000061 52801080 d65f03c0 (d4200020)\n | ---[ end trace 0000000000000000 ]---\n | Kernel panic - not syncing: aarch64 BRK: Fatal exception\n\nAdd the missing sentinel entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37929",
"url": "https://www.suse.com/security/cve/CVE-2025-37929"
},
{
"category": "external",
"summary": "SUSE Bug 1243624 for CVE-2025-37929",
"url": "https://bugzilla.suse.com/1243624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37929"
},
{
"cve": "CVE-2025-37930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()\n\nNouveau is mostly designed in a way that it\u0027s expected that fences only\never get signaled through nouveau_fence_signal(). However, in at least\none other place, nouveau_fence_done(), can signal fences, too. If that\nhappens (race) a signaled fence remains in the pending list for a while,\nuntil it gets removed by nouveau_fence_update().\n\nShould nouveau_fence_context_kill() run in the meantime, this would be\na bug because the function would attempt to set an error code on an\nalready signaled fence.\n\nHave nouveau_fence_context_kill() check for a fence being signaled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37930",
"url": "https://www.suse.com/security/cve/CVE-2025-37930"
},
{
"category": "external",
"summary": "SUSE Bug 1243625 for CVE-2025-37930",
"url": "https://bugzilla.suse.com/1243625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37930"
},
{
"cve": "CVE-2025-37931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: adjust subpage bit start based on sectorsize\n\nWhen running machines with 64k page size and a 16k nodesize we started\nseeing tree log corruption in production. This turned out to be because\nwe were not writing out dirty blocks sometimes, so this in fact affects\nall metadata writes.\n\nWhen writing out a subpage EB we scan the subpage bitmap for a dirty\nrange. If the range isn\u0027t dirty we do\n\n\tbit_start++;\n\nto move onto the next bit. The problem is the bitmap is based on the\nnumber of sectors that an EB has. So in this case, we have a 64k\npagesize, 16k nodesize, but a 4k sectorsize. This means our bitmap is 4\nbits for every node. With a 64k page size we end up with 4 nodes per\npage.\n\nTo make this easier this is how everything looks\n\n[0 16k 32k 48k ] logical address\n[0 4 8 12 ] radix tree offset\n[ 64k page ] folio\n[ 16k eb ][ 16k eb ][ 16k eb ][ 16k eb ] extent buffers\n[ | | | | | | | | | | | | | | | | ] bitmap\n\nNow we use all of our addressing based on fs_info-\u003esectorsize_bits, so\nas you can see the above our 16k eb-\u003estart turns into radix entry 4.\n\nWhen we find a dirty range for our eb, we correctly do bit_start +=\nsectors_per_node, because if we start at bit 0, the next bit for the\nnext eb is 4, to correspond to eb-\u003estart 16k.\n\nHowever if our range is clean, we will do bit_start++, which will now\nput us offset from our radix tree entries.\n\nIn our case, assume that the first time we check the bitmap the block is\nnot dirty, we increment bit_start so now it == 1, and then we loop\naround and check again. This time it is dirty, and we go to find that\nstart using the following equation\n\n\tstart = folio_start + bit_start * fs_info-\u003esectorsize;\n\nso in the case above, eb-\u003estart 0 is now dirty, and we calculate start\nas\n\n\t0 + 1 * fs_info-\u003esectorsize = 4096\n\t4096 \u003e\u003e 12 = 1\n\nNow we\u0027re looking up the radix tree for 1, and we won\u0027t find an eb.\nWhat\u0027s worse is now we\u0027re using bit_start == 1, so we do bit_start +=\nsectors_per_node, which is now 5. If that eb is dirty we will run into\nthe same thing, we will look at an offset that is not populated in the\nradix tree, and now we\u0027re skipping the writeout of dirty extent buffers.\n\nThe best fix for this is to not use sectorsize_bits to address nodes,\nbut that\u0027s a larger change. Since this is a fs corruption problem fix\nit simply by always using sectors_per_node to increment the start bit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37931",
"url": "https://www.suse.com/security/cve/CVE-2025-37931"
},
{
"category": "external",
"summary": "SUSE Bug 1243626 for CVE-2025-37931",
"url": "https://bugzilla.suse.com/1243626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37931"
},
{
"cve": "CVE-2025-37932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_qlen_notify() idempotent\n\nhtb_qlen_notify() always deactivates the HTB class and in fact could\ntrigger a warning if it is already deactivated. Therefore, it is not\nidempotent and not friendly to its callers, like fq_codel_dequeue().\n\nLet\u0027s make it idempotent to ease qdisc_tree_reduce_backlog() callers\u0027\nlife.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37932",
"url": "https://www.suse.com/security/cve/CVE-2025-37932"
},
{
"category": "external",
"summary": "SUSE Bug 1243627 for CVE-2025-37932",
"url": "https://bugzilla.suse.com/1243627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37932"
},
{
"cve": "CVE-2025-37933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37933"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteon_ep: Fix host hang issue during device reboot\n\nWhen the host loses heartbeat messages from the device,\nthe driver calls the device-specific ndo_stop function,\nwhich frees the resources. If the driver is unloaded in\nthis scenario, it calls ndo_stop again, attempting to free\nresources that have already been freed, leading to a host\nhang issue. To resolve this, dev_close should be called\ninstead of the device-specific stop function.dev_close\ninternally calls ndo_stop to stop the network interface\nand performs additional cleanup tasks. During the driver\nunload process, if the device is already down, ndo_stop\nis not called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37933",
"url": "https://www.suse.com/security/cve/CVE-2025-37933"
},
{
"category": "external",
"summary": "SUSE Bug 1243628 for CVE-2025-37933",
"url": "https://bugzilla.suse.com/1243628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37933"
},
{
"cve": "CVE-2025-37936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU\u0027s value.\n\nWhen generating the MSR_IA32_PEBS_ENABLE value that will be loaded on\nVM-Entry to a KVM guest, mask the value with the vCPU\u0027s desired PEBS_ENABLE\nvalue. Consulting only the host kernel\u0027s host vs. guest masks results in\nrunning the guest with PEBS enabled even when the guest doesn\u0027t want to use\nPEBS. Because KVM uses perf events to proxy the guest virtual PMU, simply\nlooking at exclude_host can\u0027t differentiate between events created by host\nuserspace, and events created by KVM on behalf of the guest.\n\nRunning the guest with PEBS unexpectedly enabled typically manifests as\ncrashes due to a near-infinite stream of #PFs. E.g. if the guest hasn\u0027t\nwritten MSR_IA32_DS_AREA, the CPU will hit page faults on address \u00270\u0027 when\ntrying to record PEBS events.\n\nThe issue is most easily reproduced by running `perf kvm top` from before\ncommit 7b100989b4f6 (\"perf evlist: Remove __evlist__add_default\") (after\nwhich, `perf kvm top` effectively stopped using PEBS).\tThe userspace side\nof perf creates a guest-only PEBS event, which intel_guest_get_msrs()\nmisconstrues a guest-*owned* PEBS event.\n\nArguably, this is a userspace bug, as enabling PEBS on guest-only events\nsimply cannot work, and userspace can kill VMs in many other ways (there\nis no danger to the host). However, even if this is considered to be bad\nuserspace behavior, there\u0027s zero downside to perf/KVM restricting PEBS to\nguest-owned events.\n\nNote, commit 854250329c02 (\"KVM: x86/pmu: Disable guest PEBS temporarily\nin two rare situations\") fixed the case where host userspace is profiling\nKVM *and* userspace, but missed the case where userspace is profiling only\nKVM.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37936",
"url": "https://www.suse.com/security/cve/CVE-2025-37936"
},
{
"category": "external",
"summary": "SUSE Bug 1243537 for CVE-2025-37936",
"url": "https://bugzilla.suse.com/1243537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37936"
},
{
"cve": "CVE-2025-37937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds()\n\nIf dib8000_set_dds()\u0027s call to dib8000_read32() returns zero, the result\nis a divide-by-zero. Prevent that from happening.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/media/dvb-frontends/dib8000.o: warning: objtool: dib8000_tune() falls through to next function dib8096p_cfg_DibRx()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37937",
"url": "https://www.suse.com/security/cve/CVE-2025-37937"
},
{
"category": "external",
"summary": "SUSE Bug 1243540 for CVE-2025-37937",
"url": "https://bugzilla.suse.com/1243540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37937"
},
{
"cve": "CVE-2025-37943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi\n\nIn certain cases, hardware might provide packets with a\nlength greater than the maximum native Wi-Fi header length.\nThis can lead to accessing and modifying fields in the header\nwithin the ath12k_dp_rx_h_undecap_nwifi function for\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type and\npotentially resulting in invalid data access and memory corruption.\n\nAdd a sanity check before processing the SKB to prevent invalid\ndata access in the undecap native Wi-Fi function for the\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37943",
"url": "https://www.suse.com/security/cve/CVE-2025-37943"
},
{
"category": "external",
"summary": "SUSE Bug 1243509 for CVE-2025-37943",
"url": "https://bugzilla.suse.com/1243509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37943"
},
{
"cve": "CVE-2025-37944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process\n\nCurrently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry\nto fetch the next entry from the destination ring. This is incorrect because\nath12k_hal_srng_src_get_next_entry is intended for source rings, not destination\nrings. This leads to invalid entry fetches, causing potential data corruption or\ncrashes due to accessing incorrect memory locations. This happens because the\nsource ring and destination ring have different handling mechanisms and using\nthe wrong function results in incorrect pointer arithmetic and ring management.\n\nTo fix this issue, replace the call to ath12k_hal_srng_src_get_next_entry with\nath12k_hal_srng_dst_get_next_entry in ath12k_dp_mon_srng_process. This ensures\nthat the correct function is used for fetching entries from the destination\nring, preventing invalid memory accesses.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37944",
"url": "https://www.suse.com/security/cve/CVE-2025-37944"
},
{
"category": "external",
"summary": "SUSE Bug 1243530 for CVE-2025-37944",
"url": "https://bugzilla.suse.com/1243530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37944"
},
{
"cve": "CVE-2025-37948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Add BHB mitigation to the epilogue for cBPF programs\n\nA malicious BPF program may manipulate the branch history to influence\nwhat the hardware speculates will happen next.\n\nOn exit from a BPF program, emit the BHB mititgation sequence.\n\nThis is only applied for \u0027classic\u0027 cBPF programs that are loaded by\nseccomp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37948",
"url": "https://www.suse.com/security/cve/CVE-2025-37948"
},
{
"category": "external",
"summary": "SUSE Bug 1243649 for CVE-2025-37948",
"url": "https://bugzilla.suse.com/1243649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37948"
},
{
"cve": "CVE-2025-37949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxenbus: Use kref to track req lifetime\n\nMarek reported seeing a NULL pointer fault in the xenbus_thread\ncallstack:\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: e030:__wake_up_common+0x4c/0x180\nCall Trace:\n \u003cTASK\u003e\n __wake_up_common_lock+0x82/0xd0\n process_msg+0x18e/0x2f0\n xenbus_thread+0x165/0x1c0\n\nprocess_msg+0x18e is req-\u003ecb(req). req-\u003ecb is set to xs_wake_up(), a\nthin wrapper around wake_up(), or xenbus_dev_queue_reply(). It seems\nlike it was xs_wake_up() in this case.\n\nIt seems like req may have woken up the xs_wait_for_reply(), which\nkfree()ed the req. When xenbus_thread resumes, it faults on the zero-ed\ndata.\n\nLinux Device Drivers 2nd edition states:\n\"Normally, a wake_up call can cause an immediate reschedule to happen,\nmeaning that other processes might run before wake_up returns.\"\n... which would match the behaviour observed.\n\nChange to keeping two krefs on each request. One for the caller, and\none for xenbus_thread. Each will kref_put() when finished, and the last\nwill free it.\n\nThis use of kref matches the description in\nDocumentation/core-api/kref.rst",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37949",
"url": "https://www.suse.com/security/cve/CVE-2025-37949"
},
{
"category": "external",
"summary": "SUSE Bug 1243541 for CVE-2025-37949",
"url": "https://bugzilla.suse.com/1243541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37949"
},
{
"cve": "CVE-2025-37951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Add job to pending list if the reset was skipped\n\nWhen a CL/CSD job times out, we check if the GPU has made any progress\nsince the last timeout. If so, instead of resetting the hardware, we skip\nthe reset and let the timer get rearmed. This gives long-running jobs a\nchance to complete.\n\nHowever, when `timedout_job()` is called, the job in question is removed\nfrom the pending list, which means it won\u0027t be automatically freed through\n`free_job()`. Consequently, when we skip the reset and keep the job\nrunning, the job won\u0027t be freed when it finally completes.\n\nThis situation leads to a memory leak, as exposed in [1] and [2].\n\nSimilarly to commit 704d3d60fec4 (\"drm/etnaviv: don\u0027t block scheduler when\nGPU is still active\"), this patch ensures the job is put back on the\npending list when extending the timeout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37951",
"url": "https://www.suse.com/security/cve/CVE-2025-37951"
},
{
"category": "external",
"summary": "SUSE Bug 1243659 for CVE-2025-37951",
"url": "https://bugzilla.suse.com/1243659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37951"
},
{
"cve": "CVE-2025-37953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_deactivate() idempotent\n\nAlan reported a NULL pointer dereference in htb_next_rb_node()\nafter we made htb_qlen_notify() idempotent.\n\nIt turns out in the following case it introduced some regression:\n\nhtb_dequeue_tree():\n |-\u003e fq_codel_dequeue()\n |-\u003e qdisc_tree_reduce_backlog()\n |-\u003e htb_qlen_notify()\n |-\u003e htb_deactivate()\n |-\u003e htb_next_rb_node()\n |-\u003e htb_deactivate()\n\nFor htb_next_rb_node(), after calling the 1st htb_deactivate(), the\nclprio[prio]-\u003eptr could be already set to NULL, which means\nhtb_next_rb_node() is vulnerable here.\n\nFor htb_deactivate(), although we checked qlen before calling it, in\ncase of qlen==0 after qdisc_tree_reduce_backlog(), we may call it again\nwhich triggers the warning inside.\n\nTo fix the issues here, we need to:\n\n1) Make htb_deactivate() idempotent, that is, simply return if we\n already call it before.\n2) Make htb_next_rb_node() safe against ptr==NULL.\n\nMany thanks to Alan for testing and for the reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37953",
"url": "https://www.suse.com/security/cve/CVE-2025-37953"
},
{
"category": "external",
"summary": "SUSE Bug 1243543 for CVE-2025-37953",
"url": "https://bugzilla.suse.com/1243543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37953"
},
{
"cve": "CVE-2025-37954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Avoid race in open_cached_dir with lease breaks\n\nA pre-existing valid cfid returned from find_or_create_cached_dir might\nrace with a lease break, meaning open_cached_dir doesn\u0027t consider it\nvalid, and thinks it\u0027s newly-constructed. This leaks a dentry reference\nif the allocation occurs before the queued lease break work runs.\n\nAvoid the race by extending holding the cfid_list_lock across\nfind_or_create_cached_dir and when the result is checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37954",
"url": "https://www.suse.com/security/cve/CVE-2025-37954"
},
{
"category": "external",
"summary": "SUSE Bug 1243664 for CVE-2025-37954",
"url": "https://bugzilla.suse.com/1243664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37954"
},
{
"cve": "CVE-2025-37957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception\n\nPreviously, commit ed129ec9057f (\"KVM: x86: forcibly leave nested mode\non vCPU reset\") addressed an issue where a triple fault occurring in\nnested mode could lead to use-after-free scenarios. However, the commit\ndid not handle the analogous situation for System Management Mode (SMM).\n\nThis omission results in triggering a WARN when KVM forces a vCPU INIT\nafter SHUTDOWN interception while the vCPU is in SMM. This situation was\nreprodused using Syzkaller by:\n\n 1) Creating a KVM VM and vCPU\n 2) Sending a KVM_SMI ioctl to explicitly enter SMM\n 3) Executing invalid instructions causing consecutive exceptions and\n eventually a triple fault\n\nThe issue manifests as follows:\n\n WARNING: CPU: 0 PID: 25506 at arch/x86/kvm/x86.c:12112\n kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Modules linked in:\n CPU: 0 PID: 25506 Comm: syz-executor.0 Not tainted\n 6.1.130-syzkaller-00157-g164fe5dde9b6 #0\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),\n BIOS 1.12.0-1 04/01/2014\n RIP: 0010:kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Call Trace:\n \u003cTASK\u003e\n shutdown_interception+0x66/0xb0 arch/x86/kvm/svm/svm.c:2136\n svm_invoke_exit_handler+0x110/0x530 arch/x86/kvm/svm/svm.c:3395\n svm_handle_exit+0x424/0x920 arch/x86/kvm/svm/svm.c:3457\n vcpu_enter_guest arch/x86/kvm/x86.c:10959 [inline]\n vcpu_run+0x2c43/0x5a90 arch/x86/kvm/x86.c:11062\n kvm_arch_vcpu_ioctl_run+0x50f/0x1cf0 arch/x86/kvm/x86.c:11283\n kvm_vcpu_ioctl+0x570/0xf00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4122\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nArchitecturally, INIT is blocked when the CPU is in SMM, hence KVM\u0027s WARN()\nin kvm_vcpu_reset() to guard against KVM bugs, e.g. to detect improper\nemulation of INIT. SHUTDOWN on SVM is a weird edge case where KVM needs to\ndo _something_ sane with the VMCB, since it\u0027s technically undefined, and\nINIT is the least awful choice given KVM\u0027s ABI.\n\nSo, double down on stuffing INIT on SHUTDOWN, and force the vCPU out of\nSMM to avoid any weirdness (and the WARN).\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.\n\n[sean: massage changelog, make it clear this isn\u0027t architectural behavior]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37957",
"url": "https://www.suse.com/security/cve/CVE-2025-37957"
},
{
"category": "external",
"summary": "SUSE Bug 1243513 for CVE-2025-37957",
"url": "https://bugzilla.suse.com/1243513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37957"
},
{
"cve": "CVE-2025-37958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: fix dereferencing invalid pmd migration entry\n\nWhen migrating a THP, concurrent access to the PMD migration entry during\na deferred split scan can lead to an invalid address access, as\nillustrated below. To prevent this invalid access, it is necessary to\ncheck the PMD migration entry and return early. In this context, there is\nno need to use pmd_to_swp_entry and pfn_swap_entry_to_page to verify the\nequality of the target folio. Since the PMD migration entry is locked, it\ncannot be served as the target.\n\nMailing list discussion and explanation from Hugh Dickins: \"An anon_vma\nlookup points to a location which may contain the folio of interest, but\nmight instead contain another folio: and weeding out those other folios is\nprecisely what the \"folio != pmd_folio((*pmd)\" check (and the \"risk of\nreplacing the wrong folio\" comment a few lines above it) is for.\"\n\nBUG: unable to handle page fault for address: ffffea60001db008\nCPU: 0 UID: 0 PID: 2199114 Comm: tee Not tainted 6.14.0+ #4 NONE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:split_huge_pmd_locked+0x3b5/0x2b60\nCall Trace:\n\u003cTASK\u003e\ntry_to_migrate_one+0x28c/0x3730\nrmap_walk_anon+0x4f6/0x770\nunmap_folio+0x196/0x1f0\nsplit_huge_page_to_list_to_order+0x9f6/0x1560\ndeferred_split_scan+0xac5/0x12a0\nshrinker_debugfs_scan_write+0x376/0x470\nfull_proxy_write+0x15c/0x220\nvfs_write+0x2fc/0xcb0\nksys_write+0x146/0x250\ndo_syscall_64+0x6a/0x120\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe bug is found by syzkaller on an internal kernel, then confirmed on\nupstream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37958",
"url": "https://www.suse.com/security/cve/CVE-2025-37958"
},
{
"category": "external",
"summary": "SUSE Bug 1243539 for CVE-2025-37958",
"url": "https://bugzilla.suse.com/1243539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37958"
},
{
"cve": "CVE-2025-37959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Scrub packet on bpf_redirect_peer\n\nWhen bpf_redirect_peer is used to redirect packets to a device in\nanother network namespace, the skb isn\u0027t scrubbed. That can lead skb\ninformation from one namespace to be \"misused\" in another namespace.\n\nAs one example, this is causing Cilium to drop traffic when using\nbpf_redirect_peer to redirect packets that just went through IPsec\ndecryption to a container namespace. The following pwru trace shows (1)\nthe packet path from the host\u0027s XFRM layer to the container\u0027s XFRM\nlayer where it\u0027s dropped and (2) the number of active skb extensions at\neach function.\n\n NETNS MARK IFACE TUPLE FUNC\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm4_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 gro_cells_receive\n .active_extensions = (__u8)2,\n [...]\n 4026533547 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 skb_do_redirect\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv_core\n .active_extensions = (__u8)2,\n [...]\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 udp_queue_rcv_one_skb\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_policy_check\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 security_xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 kfree_skb_reason(SKB_DROP_REASON_XFRM_POLICY)\n .active_extensions = (__u8)2,\n\nIn this case, there are no XFRM policies in the container\u0027s network\nnamespace so the drop is unexpected. When we decrypt the IPsec packet,\nthe XFRM state used for decryption is set in the skb extensions. This\ninformation is preserved across the netns switch. When we reach the\nXFRM policy check in the container\u0027s netns, __xfrm_policy_check drops\nthe packet with LINUX_MIB_XFRMINNOPOLS because a (container-side) XFRM\npolicy can\u0027t be found that matches the (host-side) XFRM state used for\ndecryption.\n\nThis patch fixes this by scrubbing the packet when using\nbpf_redirect_peer, as is done on typical netns switches via veth\ndevices except skb-\u003emark and skb-\u003etstamp are not zeroed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37959",
"url": "https://www.suse.com/security/cve/CVE-2025-37959"
},
{
"category": "external",
"summary": "SUSE Bug 1243517 for CVE-2025-37959",
"url": "https://bugzilla.suse.com/1243517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37959"
},
{
"cve": "CVE-2025-37960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemblock: Accept allocated memory before use in memblock_double_array()\n\nWhen increasing the array size in memblock_double_array() and the slab\nis not yet available, a call to memblock_find_in_range() is used to\nreserve/allocate memory. However, the range returned may not have been\naccepted, which can result in a crash when booting an SNP guest:\n\n RIP: 0010:memcpy_orig+0x68/0x130\n Code: ...\n RSP: 0000:ffffffff9cc03ce8 EFLAGS: 00010006\n RAX: ff11001ff83e5000 RBX: 0000000000000000 RCX: fffffffffffff000\n RDX: 0000000000000bc0 RSI: ffffffff9dba8860 RDI: ff11001ff83e5c00\n RBP: 0000000000002000 R08: 0000000000000000 R09: 0000000000002000\n R10: 000000207fffe000 R11: 0000040000000000 R12: ffffffff9d06ef78\n R13: ff11001ff83e5000 R14: ffffffff9dba7c60 R15: 0000000000000c00\n memblock_double_array+0xff/0x310\n memblock_add_range+0x1fb/0x2f0\n memblock_reserve+0x4f/0xa0\n memblock_alloc_range_nid+0xac/0x130\n memblock_alloc_internal+0x53/0xc0\n memblock_alloc_try_nid+0x3d/0xa0\n swiotlb_init_remap+0x149/0x2f0\n mem_init+0xb/0xb0\n mm_core_init+0x8f/0x350\n start_kernel+0x17e/0x5d0\n x86_64_start_reservations+0x14/0x30\n x86_64_start_kernel+0x92/0xa0\n secondary_startup_64_no_verify+0x194/0x19b\n\nMitigate this by calling accept_memory() on the memory range returned\nbefore the slab is available.\n\nPrior to v6.12, the accept_memory() interface used a \u0027start\u0027 and \u0027end\u0027\nparameter instead of \u0027start\u0027 and \u0027size\u0027, therefore the accept_memory()\ncall must be adjusted to specify \u0027start + size\u0027 for \u0027end\u0027 when applying\nto kernels prior to v6.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37960",
"url": "https://www.suse.com/security/cve/CVE-2025-37960"
},
{
"category": "external",
"summary": "SUSE Bug 1243519 for CVE-2025-37960",
"url": "https://bugzilla.suse.com/1243519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37960"
},
{
"cve": "CVE-2025-37963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Only mitigate cBPF programs loaded by unprivileged users\n\nSupport for eBPF programs loaded by unprivileged users is typically\ndisabled. This means only cBPF programs need to be mitigated for BHB.\n\nIn addition, only mitigate cBPF programs that were loaded by an\nunprivileged user. Privileged users can also load the same program\nvia eBPF, making the mitigation pointless.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37963",
"url": "https://www.suse.com/security/cve/CVE-2025-37963"
},
{
"category": "external",
"summary": "SUSE Bug 1243660 for CVE-2025-37963",
"url": "https://bugzilla.suse.com/1243660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "low"
}
],
"title": "CVE-2025-37963"
},
{
"cve": "CVE-2025-37967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37967"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: displayport: Fix deadlock\n\nThis patch introduces the ucsi_con_mutex_lock / ucsi_con_mutex_unlock\nfunctions to the UCSI driver. ucsi_con_mutex_lock ensures the connector\nmutex is only locked if a connection is established and the partner pointer\nis valid. This resolves a deadlock scenario where\nucsi_displayport_remove_partner holds con-\u003emutex waiting for\ndp_altmode_work to complete while dp_altmode_work attempts to acquire it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37967",
"url": "https://www.suse.com/security/cve/CVE-2025-37967"
},
{
"category": "external",
"summary": "SUSE Bug 1243572 for CVE-2025-37967",
"url": "https://bugzilla.suse.com/1243572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37967"
},
{
"cve": "CVE-2025-37968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: opt3001: fix deadlock due to concurrent flag access\n\nThe threaded IRQ function in this driver is reading the flag twice: once to\nlock a mutex and once to unlock it. Even though the code setting the flag\nis designed to prevent it, there are subtle cases where the flag could be\ntrue at the mutex_lock stage and false at the mutex_unlock stage. This\nresults in the mutex not being unlocked, resulting in a deadlock.\n\nFix it by making the opt3001_irq() code generally more robust, reading the\nflag into a variable and using the variable value at both stages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37968",
"url": "https://www.suse.com/security/cve/CVE-2025-37968"
},
{
"category": "external",
"summary": "SUSE Bug 1243571 for CVE-2025-37968",
"url": "https://bugzilla.suse.com/1243571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37968"
},
{
"cve": "CVE-2025-37969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo\n\nPrevent st_lsm6dsx_read_tagged_fifo from falling in an infinite loop in\ncase pattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37969",
"url": "https://www.suse.com/security/cve/CVE-2025-37969"
},
{
"category": "external",
"summary": "SUSE Bug 1243574 for CVE-2025-37969",
"url": "https://bugzilla.suse.com/1243574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37969"
},
{
"cve": "CVE-2025-37970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo\n\nPrevent st_lsm6dsx_read_fifo from falling in an infinite loop in case\npattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37970",
"url": "https://www.suse.com/security/cve/CVE-2025-37970"
},
{
"category": "external",
"summary": "SUSE Bug 1243575 for CVE-2025-37970",
"url": "https://bugzilla.suse.com/1243575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37970"
},
{
"cve": "CVE-2025-37972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: mtk-pmic-keys - fix possible null pointer dereference\n\nIn mtk_pmic_keys_probe, the regs parameter is only set if the button is\nparsed in the device tree. However, on hardware where the button is left\nfloating, that node will most likely be removed not to enable that\ninput. In that case the code will try to dereference a null pointer.\n\nLet\u0027s use the regs struct instead as it is defined for all supported\nplatforms. Note that it is ok setting the key reg even if that latter is\ndisabled as the interrupt won\u0027t be enabled anyway.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37972",
"url": "https://www.suse.com/security/cve/CVE-2025-37972"
},
{
"category": "external",
"summary": "SUSE Bug 1243573 for CVE-2025-37972",
"url": "https://bugzilla.suse.com/1243573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37972"
},
{
"cve": "CVE-2025-37974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix missing check for zpci_create_device() error return\n\nThe zpci_create_device() function returns an error pointer that needs to\nbe checked before dereferencing it as a struct zpci_dev pointer. Add the\nmissing check in __clp_add() where it was missed when adding the\nscan_list in the fixed commit. Simply not adding the device to the scan\nlist results in the previous behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37974",
"url": "https://www.suse.com/security/cve/CVE-2025-37974"
},
{
"category": "external",
"summary": "SUSE Bug 1243547 for CVE-2025-37974",
"url": "https://bugzilla.suse.com/1243547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37974"
},
{
"cve": "CVE-2025-37978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: integrity: Do not call set_page_dirty_lock()\n\nPlacing multiple protection information buffers inside the same page\ncan lead to oopses because set_page_dirty_lock() can\u0027t be called from\ninterrupt context.\n\nSince a protection information buffer is not backed by a file there is\nno point in setting its page dirty, there is nothing to synchronize.\nDrop the call to set_page_dirty_lock() and remove the last argument to\nbio_integrity_unpin_bvec().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37978",
"url": "https://www.suse.com/security/cve/CVE-2025-37978"
},
{
"category": "external",
"summary": "SUSE Bug 1243516 for CVE-2025-37978",
"url": "https://bugzilla.suse.com/1243516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37978"
},
{
"cve": "CVE-2025-37979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: Fix sc7280 lpass potential buffer overflow\n\nCase values introduced in commit\n5f78e1fb7a3e (\"ASoC: qcom: Add driver support for audioreach solution\")\ncause out of bounds access in arrays of sc7280 driver data (e.g. in case\nof RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()).\n\nRedefine LPASS_MAX_PORTS to consider the maximum possible port id for\nq6dsp as sc7280 driver utilizes some of those values.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37979",
"url": "https://www.suse.com/security/cve/CVE-2025-37979"
},
{
"category": "external",
"summary": "SUSE Bug 1243545 for CVE-2025-37979",
"url": "https://bugzilla.suse.com/1243545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37979"
},
{
"cve": "CVE-2025-37980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix resource leak in blk_register_queue() error path\n\nWhen registering a queue fails after blk_mq_sysfs_register() is\nsuccessful but the function later encounters an error, we need\nto clean up the blk_mq_sysfs resources.\n\nAdd the missing blk_mq_sysfs_unregister() call in the error path\nto properly clean up these resources and prevent a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37980",
"url": "https://www.suse.com/security/cve/CVE-2025-37980"
},
{
"category": "external",
"summary": "SUSE Bug 1243522 for CVE-2025-37980",
"url": "https://bugzilla.suse.com/1243522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37980"
},
{
"cve": "CVE-2025-37982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wl1251: fix memory leak in wl1251_tx_work\n\nThe skb dequeued from tx_queue is lost when wl1251_ps_elp_wakeup fails\nwith a -ETIMEDOUT error. Fix that by queueing the skb back to tx_queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37982",
"url": "https://www.suse.com/security/cve/CVE-2025-37982"
},
{
"category": "external",
"summary": "SUSE Bug 1243524 for CVE-2025-37982",
"url": "https://bugzilla.suse.com/1243524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37982"
},
{
"cve": "CVE-2025-37983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqibfs: fix _another_ leak\n\nfailure to allocate inode =\u003e leaked dentry...\n\nthis one had been there since the initial merge; to be fair,\nif we are that far OOM, the odds of failing at that particular\nallocation are low...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37983",
"url": "https://www.suse.com/security/cve/CVE-2025-37983"
},
{
"category": "external",
"summary": "SUSE Bug 1243567 for CVE-2025-37983",
"url": "https://bugzilla.suse.com/1243567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37983"
},
{
"cve": "CVE-2025-37985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: wdm: close race between wdm_open and wdm_wwan_port_stop\n\nClearing WDM_WWAN_IN_USE must be the last action or\nwe can open a chardev whose URBs are still poisoned",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37985",
"url": "https://www.suse.com/security/cve/CVE-2025-37985"
},
{
"category": "external",
"summary": "SUSE Bug 1243529 for CVE-2025-37985",
"url": "https://bugzilla.suse.com/1243529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37985"
},
{
"cve": "CVE-2025-37986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Invalidate USB device pointers on partner unregistration\n\nTo avoid using invalid USB device pointers after a Type-C partner\ndisconnects, this patch clears the pointers upon partner unregistration.\nThis ensures a clean state for future connections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37986",
"url": "https://www.suse.com/security/cve/CVE-2025-37986"
},
{
"category": "external",
"summary": "SUSE Bug 1243515 for CVE-2025-37986",
"url": "https://bugzilla.suse.com/1243515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37986"
},
{
"cve": "CVE-2025-37987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37987"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: Prevent possible adminq overflow/stuck condition\n\nThe pds_core\u0027s adminq is protected by the adminq_lock, which prevents\nmore than 1 command to be posted onto it at any one time. This makes it\nso the client drivers cannot simultaneously post adminq commands.\nHowever, the completions happen in a different context, which means\nmultiple adminq commands can be posted sequentially and all waiting\non completion.\n\nOn the FW side, the backing adminq request queue is only 16 entries\nlong and the retry mechanism and/or overflow/stuck prevention is\nlacking. This can cause the adminq to get stuck, so commands are no\nlonger processed and completions are no longer sent by the FW.\n\nAs an initial fix, prevent more than 16 outstanding adminq commands so\nthere\u0027s no way to cause the adminq from getting stuck. This works\nbecause the backing adminq request queue will never have more than 16\npending adminq commands, so it will never overflow. This is done by\nreducing the adminq depth to 16.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37987",
"url": "https://www.suse.com/security/cve/CVE-2025-37987"
},
{
"category": "external",
"summary": "SUSE Bug 1243542 for CVE-2025-37987",
"url": "https://bugzilla.suse.com/1243542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37987"
},
{
"cve": "CVE-2025-37989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: leds: fix memory leak\n\nA network restart test on a router led to an out-of-memory condition,\nwhich was traced to a memory leak in the PHY LED trigger code.\n\nThe root cause is misuse of the devm API. The registration function\n(phy_led_triggers_register) is called from phy_attach_direct, not\nphy_probe, and the unregister function (phy_led_triggers_unregister)\nis called from phy_detach, not phy_remove. This means the register and\nunregister functions can be called multiple times for the same PHY\ndevice, but devm-allocated memory is not freed until the driver is\nunbound.\n\nThis also prevents kmemleak from detecting the leak, as the devm API\ninternally stores the allocated pointer.\n\nFix this by replacing devm_kzalloc/devm_kcalloc with standard\nkzalloc/kcalloc, and add the corresponding kfree calls in the unregister\npath.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37989",
"url": "https://www.suse.com/security/cve/CVE-2025-37989"
},
{
"category": "external",
"summary": "SUSE Bug 1243511 for CVE-2025-37989",
"url": "https://bugzilla.suse.com/1243511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37989"
},
{
"cve": "CVE-2025-37990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()\n\nThe function brcmf_usb_dl_writeimage() calls the function\nbrcmf_usb_dl_cmd() but dose not check its return value. The\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized if the\nfunction brcmf_usb_dl_cmd() fails. It is dangerous to use\nuninitialized variables in the conditions.\n\nAdd error handling for brcmf_usb_dl_cmd() to jump to error\nhandling path if the brcmf_usb_dl_cmd() fails and the\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized.\n\nImprove the error message to report more detailed error\ninformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37990",
"url": "https://www.suse.com/security/cve/CVE-2025-37990"
},
{
"category": "external",
"summary": "SUSE Bug 1243528 for CVE-2025-37990",
"url": "https://bugzilla.suse.com/1243528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-37990"
},
{
"cve": "CVE-2025-37998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: Fix unsafe attribute parsing in output_userspace()\n\nThis patch replaces the manual Netlink attribute iteration in\noutput_userspace() with nla_for_each_nested(), which ensures that only\nwell-formed attributes are processed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37998",
"url": "https://www.suse.com/security/cve/CVE-2025-37998"
},
{
"category": "external",
"summary": "SUSE Bug 1243836 for CVE-2025-37998",
"url": "https://bugzilla.suse.com/1243836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "low"
}
],
"title": "CVE-2025-37998"
},
{
"cve": "CVE-2025-38104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV\n\nRLCG Register Access is a way for virtual functions to safely access GPU\nregisters in a virtualized environment., including TLB flushes and\nregister reads. When multiple threads or VFs try to access the same\nregisters simultaneously, it can lead to race conditions. By using the\nRLCG interface, the driver can serialize access to the registers. This\nmeans that only one thread can access the registers at a time,\npreventing conflicts and ensuring that operations are performed\ncorrectly. Additionally, when a low-priority task holds a mutex that a\nhigh-priority task needs, ie., If a thread holding a spinlock tries to\nacquire a mutex, it can lead to priority inversion. register access in\namdgpu_virt_rlcg_reg_rw especially in a fast code path is critical.\n\nThe call stack shows that the function amdgpu_virt_rlcg_reg_rw is being\ncalled, which attempts to acquire the mutex. This function is invoked\nfrom amdgpu_sriov_wreg, which in turn is called from\ngmc_v11_0_flush_gpu_tlb.\n\nThe [ BUG: Invalid wait context ] indicates that a thread is trying to\nacquire a mutex while it is in a context that does not allow it to sleep\n(like holding a spinlock).\n\nFixes the below:\n\n[ 253.013423] =============================\n[ 253.013434] [ BUG: Invalid wait context ]\n[ 253.013446] 6.12.0-amdstaging-drm-next-lol-050225 #14 Tainted: G U OE\n[ 253.013464] -----------------------------\n[ 253.013475] kworker/0:1/10 is trying to lock:\n[ 253.013487] ffff9f30542e3cf8 (\u0026adev-\u003evirt.rlcg_reg_lock){+.+.}-{3:3}, at: amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.013815] other info that might help us debug this:\n[ 253.013827] context-{4:4}\n[ 253.013835] 3 locks held by kworker/0:1/10:\n[ 253.013847] #0: ffff9f3040050f58 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x3f5/0x680\n[ 253.013877] #1: ffffb789c008be40 ((work_completion)(\u0026wfc.work)){+.+.}-{0:0}, at: process_one_work+0x1d6/0x680\n[ 253.013905] #2: ffff9f3054281838 (\u0026adev-\u003egmc.invalidate_lock){+.+.}-{2:2}, at: gmc_v11_0_flush_gpu_tlb+0x198/0x4f0 [amdgpu]\n[ 253.014154] stack backtrace:\n[ 253.014164] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G U OE 6.12.0-amdstaging-drm-next-lol-050225 #14\n[ 253.014189] Tainted: [U]=USER, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n[ 253.014203] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/18/2024\n[ 253.014224] Workqueue: events work_for_cpu_fn\n[ 253.014241] Call Trace:\n[ 253.014250] \u003cTASK\u003e\n[ 253.014260] dump_stack_lvl+0x9b/0xf0\n[ 253.014275] dump_stack+0x10/0x20\n[ 253.014287] __lock_acquire+0xa47/0x2810\n[ 253.014303] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014321] lock_acquire+0xd1/0x300\n[ 253.014333] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014562] ? __lock_acquire+0xa6b/0x2810\n[ 253.014578] __mutex_lock+0x85/0xe20\n[ 253.014591] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014782] ? sched_clock_noinstr+0x9/0x10\n[ 253.014795] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014808] ? local_clock_noinstr+0xe/0xc0\n[ 253.014822] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015012] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.015029] mutex_lock_nested+0x1b/0x30\n[ 253.015044] ? mutex_lock_nested+0x1b/0x30\n[ 253.015057] amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015249] amdgpu_sriov_wreg+0xc5/0xd0 [amdgpu]\n[ 253.015435] gmc_v11_0_flush_gpu_tlb+0x44b/0x4f0 [amdgpu]\n[ 253.015667] gfx_v11_0_hw_init+0x499/0x29c0 [amdgpu]\n[ 253.015901] ? __pfx_smu_v13_0_update_pcie_parameters+0x10/0x10 [amdgpu]\n[ 253.016159] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.016173] ? smu_hw_init+0x18d/0x300 [amdgpu]\n[ 253.016403] amdgpu_device_init+0x29ad/0x36a0 [amdgpu]\n[ 253.016614] amdgpu_driver_load_kms+0x1a/0xc0 [amdgpu]\n[ 253.0170\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38104",
"url": "https://www.suse.com/security/cve/CVE-2025-38104"
},
{
"category": "external",
"summary": "SUSE Bug 1241635 for CVE-2025-38104",
"url": "https://bugzilla.suse.com/1241635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-38104"
},
{
"cve": "CVE-2025-38152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Clear table_sz when rproc_shutdown\n\nThere is case as below could trigger kernel dump:\nUse U-Boot to start remote processor(rproc) with resource table\npublished to a fixed address by rproc. After Kernel boots up,\nstop the rproc, load a new firmware which doesn\u0027t have resource table\n,and start rproc.\n\nWhen starting rproc with a firmware not have resource table,\n`memcpy(loaded_table, rproc-\u003ecached_table, rproc-\u003etable_sz)` will\ntrigger dump, because rproc-\u003ecache_table is set to NULL during the last\nstop operation, but rproc-\u003etable_sz is still valid.\n\nThis issue is found on i.MX8MP and i.MX9.\n\nDump as below:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af63000\n[0000000000000000] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in:\nCPU: 2 UID: 0 PID: 1060 Comm: sh Not tainted 6.14.0-rc7-next-20250317-dirty #38\nHardware name: NXP i.MX8MPlus EVK board (DT)\npstate: a0000005 (NzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __pi_memcpy_generic+0x110/0x22c\nlr : rproc_start+0x88/0x1e0\nCall trace:\n __pi_memcpy_generic+0x110/0x22c (P)\n rproc_boot+0x198/0x57c\n state_store+0x40/0x104\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x7c/0x94\n kernfs_fop_write_iter+0x120/0x1cc\n vfs_write+0x240/0x378\n ksys_write+0x70/0x108\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xcc\n el0t_64_sync_handler+0x10c/0x138\n el0t_64_sync+0x198/0x19c\n\nClear rproc-\u003etable_sz to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38152",
"url": "https://www.suse.com/security/cve/CVE-2025-38152"
},
{
"category": "external",
"summary": "SUSE Bug 1241627 for CVE-2025-38152",
"url": "https://bugzilla.suse.com/1241627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-38152"
},
{
"cve": "CVE-2025-38240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38240"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr\n\nThe function mtk_dp_wait_hpd_asserted() may be called before the\n`mtk_dp-\u003edrm_dev` pointer is assigned in mtk_dp_bridge_attach().\nSpecifically it can be called via this callpath:\n - mtk_edp_wait_hpd_asserted\n - [panel probe]\n - dp_aux_ep_probe\n\nUsing \"drm\" level prints anywhere in this callpath causes a NULL\npointer dereference. Change the error message directly in\nmtk_dp_wait_hpd_asserted() to dev_err() to avoid this. Also change the\nerror messages in mtk_dp_parse_capabilities(), which is called by\nmtk_dp_wait_hpd_asserted().\n\nWhile touching these prints, also add the error code to them to make\nfuture debugging easier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38240",
"url": "https://www.suse.com/security/cve/CVE-2025-38240"
},
{
"category": "external",
"summary": "SUSE Bug 1241457 for CVE-2025-38240",
"url": "https://bugzilla.suse.com/1241457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-38240"
},
{
"cve": "CVE-2025-38637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: skbprio: Remove overly strict queue assertions\n\nIn the current implementation, skbprio enqueue/dequeue contains an assertion\nthat fails under certain conditions when SKBPRIO is used as a child qdisc under\nTBF with specific parameters. The failure occurs because TBF sometimes peeks at\npackets in the child qdisc without actually dequeuing them when tokens are\nunavailable.\n\nThis peek operation creates a discrepancy between the parent and child qdisc\nqueue length counters. When TBF later receives a high-priority packet,\nSKBPRIO\u0027s queue length may show a different value than what\u0027s reflected in its\ninternal priority queue tracking, triggering the assertion.\n\nThe fix removes this overly strict assertions in SKBPRIO, they are not\nnecessary at all.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38637",
"url": "https://www.suse.com/security/cve/CVE-2025-38637"
},
{
"category": "external",
"summary": "SUSE Bug 1241657 for CVE-2025-38637",
"url": "https://bugzilla.suse.com/1241657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-38637"
},
{
"cve": "CVE-2025-39735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix slab-out-of-bounds read in ea_get()\n\nDuring the \"size_check\" label in ea_get(), the code checks if the extended\nattribute list (xattr) size matches ea_size. If not, it logs\n\"ea_get: invalid extended attribute\" and calls print_hex_dump().\n\nHere, EALIST_SIZE(ea_buf-\u003exattr) returns 4110417968, which exceeds\nINT_MAX (2,147,483,647). Then ea_size is clamped:\n\n\tint size = clamp_t(int, ea_size, 0, EALIST_SIZE(ea_buf-\u003exattr));\n\nAlthough clamp_t aims to bound ea_size between 0 and 4110417968, the upper\nlimit is treated as an int, causing an overflow above 2^31 - 1. This leads\n\"size\" to wrap around and become negative (-184549328).\n\nThe \"size\" is then passed to print_hex_dump() (called \"len\" in\nprint_hex_dump()), it is passed as type size_t (an unsigned\ntype), this is then stored inside a variable called\n\"int remaining\", which is then assigned to \"int linelen\" which\nis then passed to hex_dump_to_buffer(). In print_hex_dump()\nthe for loop, iterates through 0 to len-1, where len is\n18446744073525002176, calling hex_dump_to_buffer()\non each iteration:\n\n\tfor (i = 0; i \u003c len; i += rowsize) {\n\t\tlinelen = min(remaining, rowsize);\n\t\tremaining -= rowsize;\n\n\t\thex_dump_to_buffer(ptr + i, linelen, rowsize, groupsize,\n\t\t\t\t linebuf, sizeof(linebuf), ascii);\n\n\t\t...\n\t}\n\nThe expected stopping condition (i \u003c len) is effectively broken\nsince len is corrupted and very large. This eventually leads to\nthe \"ptr+i\" being passed to hex_dump_to_buffer() to get closer\nto the end of the actual bounds of \"ptr\", eventually an out of\nbounds access is done in hex_dump_to_buffer() in the following\nfor loop:\n\n\tfor (j = 0; j \u003c len; j++) {\n\t\t\tif (linebuflen \u003c lx + 2)\n\t\t\t\tgoto overflow2;\n\t\t\tch = ptr[j];\n\t\t...\n\t}\n\nTo fix this we should validate \"EALIST_SIZE(ea_buf-\u003exattr)\"\nbefore it is utilised.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39735",
"url": "https://www.suse.com/security/cve/CVE-2025-39735"
},
{
"category": "external",
"summary": "SUSE Bug 1241625 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "external",
"summary": "SUSE Bug 1241699 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "important"
}
],
"title": "CVE-2025-39735"
},
{
"cve": "CVE-2025-40014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq()\n\nIf speed_hz \u003c AMD_SPI_MIN_HZ, amd_set_spi_freq() iterates over the\nentire amd_spi_freq array without breaking out early, causing \u0027i\u0027 to go\nbeyond the array bounds.\n\nFix that by stopping the loop when it gets to the last entry, so the low\nspeed_hz value gets clamped up to AMD_SPI_MIN_HZ.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/spi/spi-amd.o: error: objtool: amd_set_spi_freq() falls through to next function amd_spi_set_opcode()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40014",
"url": "https://www.suse.com/security/cve/CVE-2025-40014"
},
{
"category": "external",
"summary": "SUSE Bug 1241644 for CVE-2025-40014",
"url": "https://bugzilla.suse.com/1241644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-40014"
},
{
"cve": "CVE-2025-40325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: wait barrier before returning discard request with REQ_NOWAIT\n\nraid10_handle_discard should wait barrier before returning a discard bio\nwhich has REQ_NOWAIT. And there is no need to print warning calltrace\nif a discard bio has REQ_NOWAIT flag. Quality engineer usually checks\ndmesg and reports error if dmesg has warning/error calltrace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40325",
"url": "https://www.suse.com/security/cve/CVE-2025-40325"
},
{
"category": "external",
"summary": "SUSE Bug 1241638 for CVE-2025-40325",
"url": "https://bugzilla.suse.com/1241638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-33.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-33.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-33.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-16T15:33:59Z",
"details": "moderate"
}
],
"title": "CVE-2025-40325"
}
]
}
suse-su-2025:02333-1
Vulnerability from csaf_suse
Published
2025-07-16 12:53
Modified
2025-07-16 12:53
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).
- CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728).
- CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913).
- CVE-2024-57995: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() (bsc#1237895).
- CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982).
- CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859).
- CVE-2025-21868: kABI workaround for adding an header (bsc#1240180).
- CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610).
- CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577).
- CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).
- CVE-2025-21938: mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr (bsc#1240723).
- CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814).
- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).
- CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544).
- CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572).
- CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617).
- CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573).
- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).
- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).
- CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).
- CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521).
- CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725).
- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).
- CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850).
- CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907).
- CVE-2025-37837: iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent() (bsc#1242952).
- CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946).
- CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051).
- CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982).
- CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954).
- CVE-2025-37874: net: ngbe: fix memory leak in ngbe_probe() error path (bsc#1242940).
- CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060).
- CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467).
- CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475).
- CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480).
- CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551).
- CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620).
- CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628).
- CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value (bsc#1243537).
- CVE-2025-37938: tracing: Verify event formats that have '%*p..' (bsc#1243544).
- CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538).
- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).
- CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523).
- CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572).
- CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571).
- CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542).
- CVE-2025-37992: net_sched: Flush gso_skb list too during ->change() (bsc#1243698).
- CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827).
- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).
- CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836).
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).
- CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729).
- CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999).
- CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746).
- CVE-2025-38055: perf/x86/intel: Fix segfault with PEBS-via-PT with sample_freq (bsc#1244747).
- CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862).
- CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry != NULL (bsc#1245155).
- CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743).
The following non-security bugs were fixed:
- ACPI: Add missing prototype for non CONFIG_SUSPEND/CONFIG_X86 case (stable-fixes).
- ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes).
- ACPI: HED: Always initialize before evged (stable-fixes).
- ACPI: OSI: Stop advertising support for '3.0 _SCP Extensions' (git-fixes).
- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).
- ACPI: battery: negate current when discharging (stable-fixes).
- ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes).
- ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes).
- ACPICA: Utilities: Fix spelling mistake 'Incremement' -> 'Increment' (git-fixes).
- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).
- ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes).
- ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).
- ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes).
- ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).
- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes).
- ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes).
- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).
- ALSA: seq: Improve data consistency at polling (stable-fixes).
- ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes).
- ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).
- ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes).
- ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).
- ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes).
- ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git-fixes).
- ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes).
- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes).
- ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes).
- ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes).
- ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes).
- ALSA: usb-audio: Skip setting clock selector for single connections (stable-fixes).
- ALSA: usb-audio: Support multiple control interfaces (stable-fixes).
- ALSA: usb-audio: Support read-only clock selector control (stable-fixes).
- ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes).
- ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes).
- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).
- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).
- ASoC: SOF: Intel: hda-bus: Use PIO mode on ACE2+ platforms (git-fixes).
- ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation type (git-fixes).
- ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes).
- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).
- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).
- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).
- ASoC: cs42l43: Disable headphone clamps during type detection (stable-fixes).
- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).
- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).
- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).
- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).
- ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY() (git-fixes).
- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).
- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).
- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).
- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).
- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).
- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).
- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).
- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).
- ASoC: tas2764: Enable main IRQs (git-fixes).
- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).
- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).
- ASoC: tas2764: Reinit cache on part reset (git-fixes).
- ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes).
- ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes).
- ASoC: ti: omap-hdmi: Re-add dai_link->platform to fix card init (git-fixes).
- Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes).
- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).
- Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes).
- Bluetooth: MGMT: Fix sparse errors (git-fixes).
- Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes).
- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).
- Bluetooth: Remove pending ACL connection attempts (stable-fixes).
- Bluetooth: btintel: Check dsbr size from EFI variable (git-fixes).
- Bluetooth: btintel_pcie: Fix driver not posting maximum rx buffers (git-fixes).
- Bluetooth: btintel_pcie: Increase the tx and rx descriptor count (git-fixes).
- Bluetooth: btintel_pcie: Reduce driver buffer posting to prevent race condition (git-fixes).
- Bluetooth: eir: Fix possible crashes on eir_create_adv_data (git-fixes).
- Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git-fixes).
- Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes).
- Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes).
- Bluetooth: hci_event: Fix not using key encryption size when its known (git-fixes).
- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).
- Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes).
- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).
- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).
- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).
- Documentation: ACPI: Use all-string data node references (git-fixes).
- Documentation: fix typo in root= kernel parameter description (git-fixes).
- Enable livepatching related packages on -RT (jsc#PED-1706)
- HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes).
- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).
- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).
- HID: wacom: fix kobject reference count leak (git-fixes).
- HID: wacom: fix memory leak on kobject creation failure (git-fixes).
- HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes).
- IB/cm: Drop lockdep assert and WARN when freeing old msg (git-fixes)
- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).
- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).
- Input: sparcspkr - avoid unannotated fall-through (stable-fixes).
- Input: xpad - add more controllers (stable-fixes).
- KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199).
- KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225).
- Merge branch 'SLE15-SP7' (8ab7501d9efd) into 'SLE15-SP7-RT'
- MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241) Fixes: 0999112774fc ('MyBS: Use buildflags to set which package to build')
- MyBS: Do not build kernel-obs-qa with limit_packages Fixes: 58e3f8c34b2b ('bs-upload-kernel: Pass limit_packages also on multibuild')
- MyBS: Simplify qa_expr generation Start with a 0 which makes the expression valid even if there are no QA repositories (currently does not happen). Then separator is always needed.
- NFC: nci: uart: Set tty->disc_data only in success path (git-fixes).
- NFS: Do not allow waiting for exiting tasks (git-fixes).
- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).
- NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes).
- NFSv4: Treat ENETUNREACH errors as fatal for state recovery (git-fixes).
- PCI/DPC: Initialize aer_err_info before using it (git-fixes).
- PCI/DPC: Log Error Source ID only when valid (git-fixes).
- PCI/DPC: Use defines with DPC reason fields (git-fixes).
- PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes).
- PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (stable-fixes).
- PCI: Explicitly put devices into D0 when initializing (git-fixes).
- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).
- PCI: apple: Set only available ports up (git-fixes).
- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).
- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).
- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).
- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: cadence: Fix runtime atomic count underflow (git-fixes).
- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).
- PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes).
- PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).
- PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).
- PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes).
- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).
- PM: sleep: Print PM debug messages during hibernation (git-fixes).
- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).
- RDMA/core: Fix best page size finding when it can cross SG entries (git-fixes)
- RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)
- Remove compress-vmlinux.sh /usr/lib/rpm/brp-suse.d/brp-99-compress-vmlinux was added in pesign-obs-integration during SLE12 RC. This workaround can be removed.
- Remove host-memcpy-hack.h This might have been usefult at some point but we have more things that depend on specific library versions today.
- Remove try-disable-staging-driver The config for linux-next is autogenerated from master config, and defaults filled for missing options. This is unlikely to enable any staging driver in the first place.
- Revert 'ALSA: usb-audio: Skip setting clock selector for single connections' (stable-fixes).
- Revert 'arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes)
- Revert 'bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first' (stable-fixes).
- Revert 'drm/amdgpu: do not allow userspace to create a doorbell BO' (stable-fixes).
- Revert 'ipv6: save dontfrag in cork (git-fixes).'
- Revert 'kABI: ipv6: save dontfrag in cork (git-fixes).'
- Revert 'wifi: mt76: mt7996: fill txd by host driver' (stable-fixes).
- Revert 'wifi: mwifiex: Fix HT40 bandwidth issue.' (git-fixes).
- SUNRPC: Do not allow waiting for exiting tasks (git-fixes).
- SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes).
- SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git-fixes).
- SUNRPC: rpcbind should never reset the port to the value '0' (git-fixes).
- USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes).
- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).
- accel/ivpu: Improve buffer object logging (git-fixes).
- accel/ivpu: Use dma_resv_lock() instead of a custom mutex (git-fixes).
- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).
- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).
- add bug reference to existing hv_storvsc change (bsc#1245455).
- arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)
- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes).
- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes).
- ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes).
- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).
- bnxt: properly flush XDP redirect lists (git-fixes).
- bpf: Force uprobe bpf program to always return 0 (git-fixes).
- bs-upload-kernel: Pass limit_packages also on multibuild Fixes: 0999112774fc ('MyBS: Use buildflags to set which package to build') Fixes: 747f601d4156 ('bs-upload-kernel, MyBS, Buildresults: Support multibuild (JSC-SLE#5501, boo#1211226, bsc#1218184)')
- btrfs: fix fsync of files with no hard links not persisting deletion (git-fixes).
- btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes).
- btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes).
- btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes).
- btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes).
- btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes).
- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).
- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).
- bus: fsl-mc: fix double-free on mc_dev (git-fixes).
- bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes).
- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).
- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes).
- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).
- can: tcan4x5x: fix power regulator retrieval during probe (git-fixes).
- ceph: Fix incorrect flush end position calculation (git-fixes).
- ceph: allocate sparse_ext map only for sparse reads (git-fixes).
- ceph: fix memory leaks in __ceph_sync_read() (git-fixes).
- cgroup/cpuset: Do not allow creation of local partition over a remote one (bsc#1241166).
- cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166).
- cifs: change tcon status when need_reconnect is set on it (git-fixes).
- clocksource: Fix brown-bag boolean thinko in (git-fixes)
- clocksource: Make watchdog and suspend-timing multiplication (git-fixes)
- crypto: lrw - Only add ecb if it is not already there (git-fixes).
- crypto: lzo - Fix compression buffer overrun (stable-fixes).
- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).
- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).
- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).
- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).
- crypto: qat - add shutdown handler to qat_420xx (git-fixes).
- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).
- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).
- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).
- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).
- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).
- crypto: xts - Only add ecb if it is not already there (git-fixes).
- devlink: Fix referring to hw_addr attribute during state validation (git-fixes).
- devlink: fix port dump cmd type (git-fixes).
- dlm: mask sk_shutdown value (bsc#1228854).
- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).
- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).
- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).
- drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes).
- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).
- drm/amd/display: Add debugging message for brightness caps (bsc#1240650).
- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).
- drm/amd/display: Add support for disconnected eDP streams (stable-fixes).
- drm/amd/display: Call FP Protect Before Mode Programming/Mode Support (stable-fixes).
- drm/amd/display: Configure DTBCLK_P with OPTC only for dcn401 (stable-fixes).
- drm/amd/display: Correct timing_adjust_pending flag setting (stable-fixes).
- drm/amd/display: Defer BW-optimization-blocked DRR adjustments (git-fixes).
- drm/amd/display: Do not enable replay when vtotal update is pending (stable-fixes).
- drm/amd/display: Do not treat wb connector as physical in create_validate_stream_for_sink (stable-fixes).
- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).
- drm/amd/display: Ensure DMCUB idle before reset on DCN31/DCN35 (stable-fixes).
- drm/amd/display: Fix BT2020 YCbCr limited/full range input (stable-fixes).
- drm/amd/display: Fix DMUB reset sequence for DCN401 (stable-fixes).
- drm/amd/display: Fix default DC and AC levels (bsc#1240650).
- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).
- drm/amd/display: Fix p-state type when p-state is unsupported (stable-fixes).
- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).
- drm/amd/display: Guard against setting dispclk low when active (stable-fixes).
- drm/amd/display: Increase block_sequence array size (stable-fixes).
- drm/amd/display: Initial psr_version with correct setting (stable-fixes).
- drm/amd/display: Populate register address for dentist for dcn401 (stable-fixes).
- drm/amd/display: Read LTTPR ALPM caps during link cap retrieval (stable-fixes).
- drm/amd/display: Request HW cursor on DCN3.2 with SubVP (stable-fixes).
- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).
- drm/amd/display: Support multiple options during psr entry (stable-fixes).
- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).
- drm/amd/display: Use Nominal vBlank If Provided Instead Of Capping It (stable-fixes).
- drm/amd/display: calculate the remain segments for all pipes (stable-fixes).
- drm/amd/display: check stream id dml21 wrapper to get plane_id (stable-fixes).
- drm/amd/display: fix dcn4x init failed (stable-fixes).
- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).
- drm/amd/display: handle max_downscale_src_width fail check (stable-fixes).
- drm/amd/display: not abort link train when bw is low (stable-fixes).
- drm/amd/display: pass calculated dram_speed_mts to dml2 (stable-fixes).
- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).
- drm/amd/pm: Fetch current power limit from PMFW (stable-fixes).
- drm/amd/pm: Skip P2S load for SMU v13.0.12 (stable-fixes).
- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).
- drm/amd: Adjust output for discovery error handling (git-fixes).
- drm/amdgpu/discovery: check ip_discovery fw file available (stable-fixes).
- drm/amdgpu/gfx11: do not read registers in mqd init (stable-fixes).
- drm/amdgpu/gfx12: do not read registers in mqd init (stable-fixes).
- drm/amdgpu/mes11: fix set_hw_resources_1 calculation (stable-fixes).
- drm/amdgpu: Allow P2P access through XGMI (stable-fixes).
- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).
- drm/amdgpu: Fix missing drain retry fault the last entry (stable-fixes).
- drm/amdgpu: Fix the race condition for draining retry fault (stable-fixes).
- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).
- drm/amdgpu: Skip pcie_replay_count sysfs creation for VF (stable-fixes).
- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).
- drm/amdgpu: Use active umc info from discovery (stable-fixes).
- drm/amdgpu: adjust drm_firmware_drivers_only() handling (stable-fixes).
- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).
- drm/amdgpu: read back register after written for VCN v4.0.5 (stable-fixes).
- drm/amdgpu: release xcp_mgr on exit (stable-fixes).
- drm/amdgpu: remove all KFD fences from the BO on release (stable-fixes).
- drm/amdgpu: reset psp->cmd to NULL after releasing the buffer (stable-fixes).
- drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).
- drm/amdkfd: Correct F8_MODE for gfx950 (git-fixes).
- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).
- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).
- drm/amdkfd: Set per-process flags only once for gfx9/10/11/12 (stable-fixes).
- drm/amdkfd: fix missing L2 cache info in topology (stable-fixes).
- drm/amdkfd: set precise mem ops caps to disabled for gfx 11 and 12 (stable-fixes).
- drm/ast: Find VBIOS mode from regular display size (stable-fixes).
- drm/ast: Fix comment on modeset lock (git-fixes).
- drm/atomic: clarify the rules around drm_atomic_state->allow_modeset (stable-fixes).
- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).
- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).
- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).
- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).
- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).
- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).
- drm/buddy: fix issue that force_merge cannot free all roots (stable-fixes).
- drm/etnaviv: Protect the scheduler's pending list with its lock (git-fixes).
- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).
- drm/i915/guc: Check if expecting reply before decrementing outstanding_submission_g2h (git-fixes).
- drm/i915/guc: Handle race condition where wakeref count drops below 0 (git-fixes).
- drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes).
- drm/i915/psr: Fix using wrong mask in REG_FIELD_PREP (git-fixes).
- drm/i915: fix build error some more (git-fixes).
- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).
- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).
- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).
- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).
- drm/msm/a6xx: Disable rgb565_predicator on Adreno 7c3 (git-fixes).
- drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (git-fixes).
- drm/msm/disp: Correct porch timing for SDM845 (git-fixes).
- drm/msm/dpu: Clear CTL_FETCH_PIPE_ACTIVE before blend setup (git-fixes).
- drm/msm/dpu: Clear CTL_FETCH_PIPE_ACTIVE on ctl_path reset (git-fixes).
- drm/msm/dpu: enable SmartDMA on SC8180X (git-fixes).
- drm/msm/dpu: enable SmartDMA on SM8150 (git-fixes).
- drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes).
- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).
- drm/msm: Fix CP_RESET_CONTEXT_STATE bitfield names (git-fixes).
- drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes).
- drm/nouveau: fix the broken marco GSP_MSG_MAX_SIZE (stable-fixes).
- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).
- drm/panel-simple: fix the warnings for the Evervision VGG644804 (git-fixes).
- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).
- drm/panic: add missing space (git-fixes).
- drm/panthor: Fix GPU_COHERENCY_ACE[_LITE] definitions (git-fixes).
- drm/panthor: Update panthor_mmu::irq::mask when needed (git-fixes).
- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).
- drm/rockchip: vop2: Improve display modes handling on RK3588 HDMI0 (stable-fixes).
- drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).
- drm/tegra: Assign plane type before registration (git-fixes).
- drm/tegra: Fix a possible null pointer dereference (git-fixes).
- drm/tegra: rgb: Fix the unbound reference count (git-fixes).
- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).
- drm/v3d: Add clock handling (stable-fixes).
- drm/v3d: Avoid NULL pointer dereference in `v3d_job_update_stats()` (stable-fixes).
- drm/vc4: tests: Use return instead of assert (git-fixes).
- drm/vkms: Adjust vkms_state->active_planes allocation type (git-fixes).
- drm/vmwgfx: Add error path for xa_store in vmw_bo_add_detached_resource (git-fixes).
- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).
- drm/vmwgfx: Fix dumb buffer leak (git-fixes).
- drm/xe/bmg: Update Wa_16023588340 (git-fixes).
- drm/xe/d3cold: Set power state to D3Cold during s2idle/s3 (git-fixes).
- drm/xe/debugfs: Add missing xe_pm_runtime_put in wedge_mode_set (stable-fixes).
- drm/xe/debugfs: fixed the return value of wedged_mode_set (stable-fixes).
- drm/xe/display: Add check for alloc_ordered_workqueue() (git-fixes).
- drm/xe/gt: Update handling of xe_force_wake_get return (stable-fixes).
- drm/xe/oa: Ensure that polled read returns latest data (stable-fixes).
- drm/xe/pf: Create a link between PF and VF devices (stable-fixes).
- drm/xe/pf: Reset GuC VF config when unprovisioning critical resource (stable-fixes).
- drm/xe/relay: Do not use GFP_KERNEL for new transactions (stable-fixes).
- drm/xe/sa: Always call drm_suballoc_manager_fini() (stable-fixes).
- drm/xe/sched: stop re-submitting signalled jobs (git-fixes).
- drm/xe/vf: Retry sending MMIO request to GUC on timeout error (stable-fixes).
- drm/xe/vm: move rebind_work init earlier (git-fixes).
- drm/xe/xe2hpg: Add Wa_22021007897 (stable-fixes).
- drm/xe: Create LRC BO without VM (git-fixes).
- drm/xe: Do not attempt to bootstrap VF in execlists mode (stable-fixes).
- drm/xe: Fix memset on iomem (git-fixes).
- drm/xe: Fix xe_tile_init_noalloc() error propagation (stable-fixes).
- drm/xe: Make xe_gt_freq part of the Documentation (git-fixes).
- drm/xe: Move suballocator init to after display init (stable-fixes).
- drm/xe: Nuke VM's mapping upon close (stable-fixes).
- drm/xe: Process deferred GGTT node removals on device unwind (git-fixes).
- drm/xe: Reject BO eviction if BO is bound to current VM (stable-fixes).
- drm/xe: Retry BO allocation (stable-fixes).
- drm/xe: Rework eviction rejection of bound external bos (git-fixes).
- drm/xe: Save the gt pointer in lrc and drop the tile (stable-fixes).
- drm/xe: Stop ignoring errors from xe_ttm_stolen_mgr_init() (stable-fixes).
- drm/xe: Wire up device shutdown handler (stable-fixes).
- drm/xe: remove unmatched xe_vm_unlock() from __xe_exec_queue_init() (git-fixes).
- drm/xe: xe_gen_wa_oob: replace program_invocation_short_name (stable-fixes).
- drm: Add valid clones check (stable-fixes).
- drm: bridge: adv7511: fill stream capabilities (stable-fixes).
- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).
- dummycon: Trigger redraw when switching consoles with deferred takeover (git-fixes).
- e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes).
- efi/libstub: Describe missing 'out' parameter in efi_load_initrd (git-fixes).
- fbcon: Make sure modelist not set on unregistered console (stable-fixes).
- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).
- fbdev/efifb: Remove PM for parent device (bsc#1244261).
- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).
- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).
- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).
- fgraph: Still initialize idle shadow stacks when starting (git-fixes).
- firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes).
- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).
- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).
- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).
- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).
- fpga: altera-cvp: Increase credit timeout (stable-fixes).
- fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes).
- gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).
- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).
- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).
- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).
- gpiolib: Revert 'Do not WARN on gpiod_put() for optional GPIO' (stable-fixes).
- gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes).
- gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes).
- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).
- hwmon: (dell-smm) Increment the number of fans (stable-fixes).
- hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).
- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).
- hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes).
- hwmon: (occ) Rework attribute registration for stack usage (git-fixes).
- hwmon: (occ) fix unaligned accesses (git-fixes).
- hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes).
- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).
- hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes).
- i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes).
- i2c: npcm: Add clock toggle recovery (stable-fixes).
- i2c: pxa: fix call balance of i2c->clk handling routines (stable-fixes).
- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).
- i2c: robotfuzz-osif: disable zero-length read messages (git-fixes).
- i2c: tegra: check msg length in SMBUS block read (bsc#1242086)
- i2c: tiny-usb: disable zero-length read messages (git-fixes).
- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).
- i3c: master: svc: Fix missing STOP for master request (stable-fixes).
- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).
- i40e: retry VFLR handling if there is ongoing VF reset (git-fixes).
- i40e: return false from i40e_reset_vf if reset is in progress (git-fixes).
- ice: Fix LACP bonds without SRIOV environment (git-fixes).
- ice: create new Tx scheduler nodes for new queues only (git-fixes).
- ice: fix Tx scheduler error handling in XDP callback (git-fixes).
- ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes).
- ice: fix vf->num_mac count with port representors (git-fixes).
- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).
- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).
- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).
- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).
- iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes).
- iio: filter: admv8818: fix band 4, state 15 (git-fixes).
- iio: filter: admv8818: fix integer overflow (git-fixes).
- iio: filter: admv8818: fix range calculation (git-fixes).
- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).
- ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650).
- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).
- intel_th: avoid using deprecated page->mapping, index fields (stable-fixes).
- iommu: Protect against overflow in iommu_pgsize() (git-fixes).
- iommu: Skip PASID validation for devices without PASID capability (bsc#1244100)
- iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)
- ip6mr: fix tables suspicious RCU usage (git-fixes).
- ip_tunnel: annotate data-races around t->parms.link (git-fixes).
- ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes).
- ipmr: fix tables suspicious RCU usage (git-fixes).
- ipv4: Convert ip_route_input() to dscp_t (git-fixes).
- ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes).
- ipv6: save dontfrag in cork (git-fixes).
- ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes).
- isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).
- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).
- jffs2: check that raw node were preallocated before writing summary (git-fixes).
- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).
- kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- kABI: ipv6: save dontfrag in cork (git-fixes).
- kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- kabi: restore layout of struct cgroup_subsys (bsc#1241166).
- kabi: restore layout of struct mem_control (jsc#PED-12551).
- kabi: restore layout of struct page_counter (jsc#PED-12551).
- kernel-source: Remove log.sh from sources
- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: add file_start_write() and file_end_write() (git-fixes).
- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).
- md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).
- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).
- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).
- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).
- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).
- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).
- media: cx231xx: set device_caps for 417 (stable-fixes).
- media: cxusb: no longer judge rbuf when the write fails (git-fixes).
- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).
- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).
- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).
- media: imx-jpeg: Cleanup after an allocation error (git-fixes).
- media: imx-jpeg: Drop the first error frames (git-fixes).
- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).
- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).
- media: intel/ipu6: Fix dma mask for non-secure mode (git-fixes).
- media: ipu6: Remove workaround for Meteor Lake ES2 (git-fixes).
- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).
- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).
- media: ov2740: Move pm-runtime cleanup on probe-errors to proper place (git-fixes).
- media: ov5675: suppress probe deferral errors (git-fixes).
- media: ov8856: suppress probe deferral errors (git-fixes).
- media: platform: mtk-mdp3: Remove unused mdp_get_plat_device (git-fixes).
- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).
- media: rkvdec: Fix frame size enumeration (git-fixes).
- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).
- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).
- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).
- media: uvcvideo: Fix deferred probing error (git-fixes).
- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).
- media: uvcvideo: Return the number of processed controls (git-fixes).
- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).
- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).
- media: venus: Fix probe error handling (git-fixes).
- media: verisilicon: Free post processor buffers on error (git-fixes).
- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).
- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).
- media: vivid: Change the siize of the composing (git-fixes).
- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).
- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).
- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).
- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).
- mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551).
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).
- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).
- mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551).
- mmc: Add quirk to disable DDR50 tuning (stable-fixes).
- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).
- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).
- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).
- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).
- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).
- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).
- neighbour: Do not let neigh_forced_gc() disable preemption for long (git-fixes).
- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes).
- net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes).
- net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes).
- net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes).
- net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes).
- net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).
- net/mlx5: Fix return value when searching for existing flow group (git-fixes).
- net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes).
- net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).
- net/neighbor: clear error in case strict check is not set (git-fixes).
- net/sched: fix use-after-free in taprio_dev_notifier (git-fixes).
- net: Fix TOCTOU issue in sk_is_readable() (git-fixes).
- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes).
- net: add rcu safety to rtnl_prop_list_size() (git-fixes).
- net: fix udp gso skb_segment after pull from frag_list (git-fixes).
- net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes).
- net: ice: Perform accurate aRFS flow match (git-fixes).
- net: ipv4: fix a memleak in ip_setup_cork (git-fixes).
- net: linkwatch: use system_unbound_wq (git-fixes).
- net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).
- net: mana: Record doorbell physical address in PF mode (bsc#1244229).
- net: page_pool: fix warning code (git-fixes).
- net: phy: clear phydev->devlink when the link is deleted (git-fixes).
- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).
- net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538)
- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).
- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).
- net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes).
- net: sched: consistently use rcu_replace_pointer() in taprio_change() (git-fixes).
- net: sched: em_text: fix possible memory leak in em_text_destroy() (git-fixes).
- net: sched: fix erspan_opt settings in cls_flower (git-fixes).
- net: usb: aqc111: debug info before sanitation (git-fixes).
- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).
- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).
- net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).
- net_sched: prio: fix a race in prio_tune() (git-fixes).
- net_sched: red: fix a race in __red_change() (git-fixes).
- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
- net_sched: sch_sfq: reject invalid perturb period (git-fixes).
- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)
- net_sched: tbf: fix a race in tbf_change() (git-fixes).
- netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).
- netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes).
- netlink: specs: dpll: replace underscores with dashes in names (git-fixes).
- netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes).
- netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).
- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).
- nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes).
- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).
- ntp: Clamp maxerror and esterror to operating range (git-fixes)
- ntp: Remove invalid cast in time offset math (git-fixes)
- ntp: Safeguard against time_constant overflow (git-fixes)
- nvme-fc: do not reference lsrsp after failure (bsc#1245193).
- nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes).
- nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).
- nvme-pci: add quirks for device 126f:1001 (git-fixes).
- nvme: always punt polled uring_cmd end_io work to task_work (git-fixes).
- nvme: fix command limits status code (git-fixes).
- nvme: fix implicit bool to flags conversion (git-fixes).
- nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).
- nvmet-fc: take tgtport refs for portentry (bsc#1245193).
- nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193).
- nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193).
- nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).
- nvmet-fcloop: do not wait for lport cleanup (bsc#1245193).
- nvmet-fcloop: drop response if targetport is gone (bsc#1245193).
- nvmet-fcloop: prevent double port deletion (bsc#1245193).
- nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).
- nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193).
- nvmet-fcloop: remove nport from list on last user (bsc#1245193).
- nvmet-fcloop: track ref counts for nports (bsc#1245193).
- nvmet-fcloop: update refs on tfcp_req (bsc#1245193).
- orangefs: Do not truncate file size (git-fixes).
- pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes).
- page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes).
- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).
- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).
- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).
- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).
- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes).
- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).
- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (git-fixes).
- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).
- pinctrl: bcm281xx: Use 'unsigned int' instead of bare 'unsigned' (stable-fixes).
- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).
- pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes).
- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).
- pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).
- pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).
- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).
- platform/x86/amd/hsmp: Add new error code and error logs (jsc#PED-13094).
- platform/x86/amd/hsmp: Add support for HSMP protocol version 7 messages (jsc#PED-13094).
- platform/x86/amd/hsmp: Change generic plat_dev name to hsmp_pdev (jsc#PED-13094).
- platform/x86/amd/hsmp: Change the error type (jsc#PED-13094).
- platform/x86/amd/hsmp: Convert amd_hsmp_rdwr() to a function pointer (jsc#PED-13094).
- platform/x86/amd/hsmp: Create hsmp/ directory (jsc#PED-13094).
- platform/x86/amd/hsmp: Create separate ACPI, plat and common drivers (jsc#PED-13094).
- platform/x86/amd/hsmp: Create wrapper function init_acpi() (jsc#PED-13094).
- platform/x86/amd/hsmp: Make amd_hsmp and hsmp_acpi as mutually exclusive drivers (jsc#PED-13094).
- platform/x86/amd/hsmp: Make hsmp_pdev static instead of global (jsc#PED-13094).
- platform/x86/amd/hsmp: Move ACPI code to acpi.c (jsc#PED-13094).
- platform/x86/amd/hsmp: Move platform device specific code to plat.c (jsc#PED-13094).
- platform/x86/amd/hsmp: Move structure and macros to header file (jsc#PED-13094).
- platform/x86/amd/hsmp: Report power via hwmon sensor (jsc#PED-13094).
- platform/x86/amd/hsmp: Use a single DRIVER_VERSION for all hsmp modules (jsc#PED-13094).
- platform/x86/amd/hsmp: Use dev_groups in the driver structure (jsc#PED-13094).
- platform/x86/amd/hsmp: Use name space while exporting module symbols (jsc#PED-13094).
- platform/x86/amd/hsmp: acpi: Add sysfs files to display HSMP telemetry (jsc#PED-13094).
- platform/x86/amd/hsmp: fix building with CONFIG_HWMON=m (jsc#PED-13094).
- platform/x86/amd/hsmp: mark hsmp_msg_desc_table as maybe_unused (git-fixes).
- platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes).
- platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes).
- platform/x86: amd: Use *-y instead of *-objs in Makefiles (jsc#PED-13094).
- platform/x86: dell_rbu: Fix list usage (git-fixes).
- platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).
- platform/x86: hp-bioscfg: Annotate struct bios_args with __counted_by (jsc#PED-13019).
- platform/x86: hp-bioscfg: Change how enum possible values size is evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Change how order list size is evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Change how password encoding size is evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Change how prerequisites size is evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Fix error handling in hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: Fix memory leaks in attribute packages (jsc#PED-13019).
- platform/x86: hp-bioscfg: Fix reference leak (jsc#PED-13019).
- platform/x86: hp-bioscfg: Fix uninitialized variable errors (jsc#PED-13019).
- platform/x86: hp-bioscfg: Makefile (jsc#PED-13019).
- platform/x86: hp-bioscfg: Remove duplicate use of variable in inner loop (jsc#PED-13019).
- platform/x86: hp-bioscfg: Remove unused obj in hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: Removed needless asm-generic (jsc#PED-13019).
- platform/x86: hp-bioscfg: Replace the word HACK from source code (jsc#PED-13019).
- platform/x86: hp-bioscfg: Simplify return check in hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: Update steps order list elements are evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Use kmemdup() to replace kmalloc + memcpy (jsc#PED-13019).
- platform/x86: hp-bioscfg: biosattr-interface (jsc#PED-13019).
- platform/x86: hp-bioscfg: bioscfg (jsc#PED-13019).
- platform/x86: hp-bioscfg: bioscfg-h (jsc#PED-13019).
- platform/x86: hp-bioscfg: enum-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: fix a signedness bug in hp_wmi_perform_query() (jsc#PED-13019).
- platform/x86: hp-bioscfg: fix error reporting in hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: int-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: move mutex_lock() down in hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: order-list-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: passwdobj-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: prevent a small buffer overflow (jsc#PED-13019).
- platform/x86: hp-bioscfg: spmobj-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: string-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: surestart-attributes (jsc#PED-13019).
- platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes).
- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).
- power: reset: at91-reset: Optimize at91_reset() (git-fixes).
- power: supply: bq27xxx: Retrieve again when busy (stable-fixes).
- power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes).
- powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199).
- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).
- powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199).
- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).
- pstore: Change kmsg_bytes storage size to u32 (git-fixes).
- ptp: ocp: fix start time alignment in ptp_ocp_signal_set (git-fixes).
- ptp: ocp: reject unsupported periodic output flags (git-fixes).
- ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() (git-fixes).
- r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes).
- regulator: ad5398: Add device tree support (stable-fixes).
- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).
- regulator: max20086: Change enable gpio to optional (git-fixes).
- regulator: max20086: Fix MAX200086 chip id (git-fixes).
- regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes).
- rpm/check-for-config-changes: add more to IGNORED_CONFIGS_RE Useful when someone tries (needs) to build the kernel with clang.
- rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725)
- rpm: Stop using is_kotd_qa macro This macro is set by bs-upload-kernel, and a conditional in each spec file is used to determine when to build the spec file. This logic should not really be in the spec file. Previously this was done with package links and package meta for the individula links. However, the use of package links is rejected for packages in git based release projects (nothing to do with git actually, new policy). An alternative to package links is multibuild. However, for multibuild packages package meta cannot be used to set which spec file gets built. Use prjcon buildflags instead, and remove this conditional. Depends on bs-upload-kernel adding the build flag.
- rtc: Fix offset calculation for .start_secs < 0 (git-fixes).
- rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes).
- rtc: at91rm9200: drop unused module alias (git-fixes).
- rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).
- rtc: cpcap: drop unused module alias (git-fixes).
- rtc: da9063: drop unused module alias (git-fixes).
- rtc: ds1307: stop disabling alarms on probe (stable-fixes).
- rtc: jz4740: drop unused module alias (git-fixes).
- rtc: pm8xxx: drop unused module alias (git-fixes).
- rtc: rv3032: fix EERD location (stable-fixes).
- rtc: s3c: drop unused module alias (git-fixes).
- rtc: sh: assign correct interrupts with DT (git-fixes).
- rtc: stm32: drop unused module alias (git-fixes).
- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).
- s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226).
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).
- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).
- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).
- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).
- s390/pci: Serialize device addition and removal (bsc#1244145).
- s390/pci: introduce lock to synchronize state of zpci_dev's (jsc#PED-10253 bsc#1244145).
- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).
- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).
- s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228).
- scsi: Improve CDL control (git-fixes).
- scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).
- scsi: dc395x: Remove leftover if statement in reselect() (git-fixes).
- scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes).
- scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: mpi3mr: Add level check to control event logging (git-fixes).
- scsi: mpt3sas: Fix _ctl_get_mpt_mctp_passthru_adapter() to return IOC pointer (git-fixes).
- scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes).
- scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes).
- scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels (git-fixes).
- scsi: st: ERASE does not change tape location (git-fixes).
- scsi: st: Restore some drive settings after reset (git-fixes).
- scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes).
- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).
- scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).
- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).
- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).
- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).
- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).
- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).
- serial: core: restore of_node information in sysfs (git-fixes).
- serial: imx: Restore original RXTL for console to fix data loss (git-fixes).
- serial: jsm: fix NPE during jsm_uart_port_init (git-fixes).
- serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes).
- serial: sh-sci: Save and restore more registers (git-fixes).
- serial: sh-sci: Update the suspend/resume support (stable-fixes).
- smb3: fix Open files on server counter going negative (git-fixes).
- smb: client: Use str_yes_no() helper function (git-fixes).
- smb: client: allow more DFS referrals to be cached (git-fixes).
- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).
- smb: client: do not retry DFS targets on server shutdown (git-fixes).
- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).
- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).
- smb: client: fix DFS interlink failover (git-fixes).
- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- smb: client: fix return value of parse_dfs_referrals() (git-fixes).
- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).
- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).
- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).
- smb: client: improve purging of cached referrals (git-fixes).
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- smb: client: optimize referral walk on failed link targets (git-fixes).
- smb: client: parse DNS domain name from domain= option (git-fixes).
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- smb: client: refresh referral without acquiring refpath_lock (git-fixes).
- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).
- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).
- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).
- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).
- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).
- software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes).
- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).
- spi-rockchip: Fix register out of bounds access (stable-fixes).
- spi: bcm63xx-hsspi: fix shared reset (git-fixes).
- spi: bcm63xx-spi: fix shared reset (git-fixes).
- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).
- spi: spi-sun4i: fix early activation (stable-fixes).
- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).
- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).
- spi: tegra210-quad: remove redundant error handling code (git-fixes).
- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).
- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).
- staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes).
- struct usci: hide additional member (git-fixes).
- sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes).
- supported.conf: Add SNP SVSM vTPM driver
- supported.conf: add it
- supported.conf: support firmware_attributes_class
- svsm: Add header with SVSM_VTPM_CMD helpers (bsc#1241191).
- sysfb: Fix screen_info type check for VGA (git-fixes).
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (git-fixes).
- tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (git-fixes).
- tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes).
- tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).
- thermal/drivers/mediatek/lvts: Fix debugfs unregister on failure (git-fixes).
- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).
- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).
- thunderbolt: Do not double dequeue a configuration request (stable-fixes).
- thunderbolt: Fix a logic error in wake on connect (git-fixes).
- thunderbolt: Improve redrive mode handling (git-fixes).
- timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)
- timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)
- timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)
- timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)
- tpm: Add SNP SVSM vTPM driver (bsc#1241191).
- tpm: Make chip->{status,cancel,req_canceled} opt (bsc#1241191).
- trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes).
- tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes).
- tracing: Add __print_dynamic_array() helper (bsc#1243544).
- tracing: Add __string_len() example (bsc#1243544).
- tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes).
- tracing: Fix compilation warning on arm32 (bsc#1243551).
- tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes).
- truct dwc3 hide new member wakeup_pending_funcs (git-fixes).
- tty: serial: 8250_omap: fix TX with DMA for am33xx (git-fixes).
- ucsi_debugfs_entry: hide signedness change (git-fixes).
- udp: annotate data-races around up->pending (git-fixes).
- udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (git-fixes).
- udp: fix receiving fraglist GSO packets (git-fixes).
- udp: preserve the connected status if only UDP cmsg (git-fixes).
- uprobes: Use kzalloc to allocate xol area (git-fixes).
- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).
- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).
- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).
- usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).
- usb: misc: onboard_usb_dev: fix support for Cypress HX3 hubs (git-fixes).
- usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes).
- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).
- usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes).
- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).
- usb: typec: tcpm: move tcpm_queue_vdm_unlocked to asynchronous work (git-fixes).
- usb: typec: ucsi: Only enable supported notifications (git-fixes).
- usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git-fixes).
- usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes).
- usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes).
- usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes).
- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).
- usb: usbtmc: Fix timeout value in get_stb (git-fixes).
- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).
- usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes).
- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).
- vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626).
- vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626).
- vmxnet3: update MTU after device quiesce (bsc#1244626).
- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).
- watchdog: da9052_wdt: respect TWDMIN (stable-fixes).
- watchdog: exar: Shorten identity name to fit correctly (git-fixes).
- watchdog: fix watchdog may detect false positive of softlockup (stable-fixes).
- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes).
- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes).
- wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).
- wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes).
- wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes).
- wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes).
- wifi: ath11k: do not wait when there is no vdev started (git-fixes).
- wifi: ath11k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath11k: fix ring-buffer corruption (git-fixes).
- wifi: ath11k: fix rx completion meta data corruption (git-fixes).
- wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes).
- wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes).
- wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847).
- wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes).
- wifi: ath12k: ACPI CCA threshold support (bsc#1240998).
- wifi: ath12k: ACPI SAR support (bsc#1240998).
- wifi: ath12k: ACPI TAS support (bsc#1240998).
- wifi: ath12k: ACPI band edge channel power support (bsc#1240998).
- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).
- wifi: ath12k: Add additional checks for vif and sta iterators (bsc#1240998).
- wifi: ath12k: Add firmware coredump collection support (bsc#1240998).
- wifi: ath12k: Add htt_stats_dump file ops support (bsc#1240998).
- wifi: ath12k: Add lock to protect the hardware state (bsc#1240998).
- wifi: ath12k: Add missing htt_metadata flag in ath12k_dp_tx() (bsc#1240998).
- wifi: ath12k: Add support to enable debugfs_htt_stats (bsc#1240998).
- wifi: ath12k: Add support to parse requested stats_type (bsc#1240998).
- wifi: ath12k: Avoid -Wflex-array-member-not-at-end warnings (bsc#1240998).
- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).
- wifi: ath12k: Cache vdev configs before vdev create (bsc#1240998).
- wifi: ath12k: Dump additional Tx PDEV HTT stats (bsc#1240998).
- wifi: ath12k: Fetch regdb.bin file from board-2.bin (stable-fixes).
- wifi: ath12k: Fix WARN_ON during firmware crash in split-phy (bsc#1240998).
- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).
- wifi: ath12k: Fix buffer overflow in debugfs (bsc#1240998).
- wifi: ath12k: Fix devmem address prefix when logging (bsc#1240998).
- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).
- wifi: ath12k: Fix for out-of bound access error (bsc#1240998).
- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).
- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).
- wifi: ath12k: Fix pdev id sent to firmware for single phy devices (bsc#1240998).
- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).
- wifi: ath12k: Handle error cases during extended skb allocation (git-fixes).
- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).
- wifi: ath12k: Introduce device index (bsc#1240998).
- wifi: ath12k: Modify add and remove chanctx ops for single wiphy support (bsc#1240998).
- wifi: ath12k: Modify print_array_to_buf() to support arrays with 1-based semantics (bsc#1240998).
- wifi: ath12k: Modify rts threshold mac op for single wiphy (bsc#1240998).
- wifi: ath12k: Modify set and get antenna mac ops for single wiphy (bsc#1240998).
- wifi: ath12k: Optimize the lock contention of used list in Rx data path (bsc#1240998).
- wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes).
- wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash (bsc#1240998).
- wifi: ath12k: Refactor Rxdma buffer replinish argument (bsc#1240998).
- wifi: ath12k: Refactor data path cmem init (bsc#1240998).
- wifi: ath12k: Refactor error handler of Rxdma replenish (bsc#1240998).
- wifi: ath12k: Refactor idle ring descriptor setup (bsc#1240998).
- wifi: ath12k: Refactor the hardware cookie conversion init (bsc#1240998).
- wifi: ath12k: Refactor the hardware recovery procedure (bsc#1240998).
- wifi: ath12k: Refactor the hardware state (bsc#1240998).
- wifi: ath12k: Remove unsupported tx monitor handling (bsc#1240998).
- wifi: ath12k: Remove unused ath12k_base from ath12k_hw (bsc#1240998).
- wifi: ath12k: Remove unused tcl_*_ring configuration (bsc#1240998).
- wifi: ath12k: Replace 'chip' with 'device' in hal Rx return buffer manager (bsc#1240998).
- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).
- wifi: ath12k: Resolve multicast packet drop by populating key_cipher in ath12k_install_key() (bsc#1240998).
- wifi: ath12k: Support BE OFDMA Pdev Rate Stats (bsc#1240998).
- wifi: ath12k: Support DMAC Reset Stats (bsc#1240998).
- wifi: ath12k: Support Pdev OBSS Stats (bsc#1240998).
- wifi: ath12k: Support Pdev Scheduled Algorithm Stats (bsc#1240998).
- wifi: ath12k: Support Ring and SFM stats (bsc#1240998).
- wifi: ath12k: Support Self-Generated Transmit stats (bsc#1240998).
- wifi: ath12k: Support TQM stats (bsc#1240998).
- wifi: ath12k: Support Transmit DE stats (bsc#1240998).
- wifi: ath12k: Support Transmit Scheduler stats (bsc#1240998).
- wifi: ath12k: Support pdev CCA Stats (bsc#1240998).
- wifi: ath12k: Support pdev Transmit Multi-user stats (bsc#1240998).
- wifi: ath12k: Support pdev error stats (bsc#1240998).
- wifi: ath12k: add 6 GHz params in peer assoc command (bsc#1240998).
- wifi: ath12k: add ATH12K_DBG_WOW log level (bsc#1240998).
- wifi: ath12k: add EMA beacon support (bsc#1240998).
- wifi: ath12k: add MBSSID beacon support (bsc#1240998).
- wifi: ath12k: add WoW net-detect functionality (bsc#1240998).
- wifi: ath12k: add basic WoW functionalities (bsc#1240998).
- wifi: ath12k: add channel 2 into 6 GHz channel list (bsc#1240998).
- wifi: ath12k: add hw_link_id in ath12k_pdev (bsc#1240998).
- wifi: ath12k: add missing lockdep_assert_wiphy() for ath12k_mac_op_ functions (bsc#1240998).
- wifi: ath12k: add multi device support for WBM idle ring buffer setup (bsc#1240998).
- wifi: ath12k: add multiple radio support in a single MAC HW un/register (bsc#1240998).
- wifi: ath12k: add panic handler (bsc#1240998).
- wifi: ath12k: add support to handle beacon miss for WCN7850 (bsc#1240998).
- wifi: ath12k: advertise driver capabilities for MBSSID and EMA (bsc#1240998).
- wifi: ath12k: allocate dummy net_device dynamically (bsc#1240998).
- wifi: ath12k: ath12k_mac_op_set_key(): fix uninitialized symbol 'ret' (bsc#1240998).
- wifi: ath12k: ath12k_mac_op_sta_state(): clean up update_wk cancellation (bsc#1240998).
- wifi: ath12k: ath12k_mac_set_key(): remove exit label (bsc#1240998).
- wifi: ath12k: avoid double SW2HW_MACID conversion (bsc#1240998).
- wifi: ath12k: avoid duplicated vdev down (bsc#1240998).
- wifi: ath12k: avoid redundant code in Rx cookie conversion init (bsc#1240998).
- wifi: ath12k: avoid stopping mac80211 queues in ath12k_core_restart() (bsc#1240998).
- wifi: ath12k: avoid unnecessary MSDU drop in the Rx error process (bsc#1240998).
- wifi: ath12k: change supports_suspend to true for WCN7850 (bsc#1240998).
- wifi: ath12k: cleanup unneeded labels (bsc#1240998).
- wifi: ath12k: configure MBSSID parameters in AP mode (bsc#1240998).
- wifi: ath12k: configure MBSSID params in vdev create/start (bsc#1240998).
- wifi: ath12k: convert struct ath12k_sta::update_wk to use struct wiphy_work (bsc#1240998).
- wifi: ath12k: correct the capital word typo (bsc#1240998).
- wifi: ath12k: create a structure for WMI vdev up parameters (bsc#1240998).
- wifi: ath12k: debugfs: radar simulation support (bsc#1240998).
- wifi: ath12k: decrease MHI channel buffer length to 8KB (bsc#1240998).
- wifi: ath12k: delete NSS and TX power setting for monitor vdev (bsc#1240998).
- wifi: ath12k: displace the Tx and Rx descriptor in cookie conversion table (bsc#1240998).
- wifi: ath12k: do not dump SRNG statistics during resume (bsc#1240998).
- wifi: ath12k: do not process consecutive RDDM event (bsc#1240998).
- wifi: ath12k: do not use %pK in dmesg format strings (bsc#1240998).
- wifi: ath12k: dynamic VLAN support (bsc#1240998).
- wifi: ath12k: dynamically update peer puncturing bitmap for STA (bsc#1240998).
- wifi: ath12k: enable WIPHY_FLAG_DISABLE_WEXT (bsc#1240998).
- wifi: ath12k: enable service flag for survey dump stats (bsc#1240998).
- wifi: ath12k: extend the link capable flag (bsc#1240998).
- wifi: ath12k: fetch correct radio based on vdev status (bsc#1240998).
- wifi: ath12k: fix A-MSDU indication in monitor mode (bsc#1240998).
- wifi: ath12k: fix ACPI warning when resume (bsc#1240998).
- wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (git-fixes).
- wifi: ath12k: fix NULL pointer access in ath12k_mac_op_get_survey() (bsc#1240998).
- wifi: ath12k: fix Smatch warnings on ath12k_core_suspend() (bsc#1240998).
- wifi: ath12k: fix a possible dead lock caused by ab->base_lock (stable-fixes).
- wifi: ath12k: fix ack signal strength calculation (bsc#1240998).
- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).
- wifi: ath12k: fix build vs old compiler (bsc#1240998).
- wifi: ath12k: fix calling correct function for rx monitor mode (bsc#1240998).
- wifi: ath12k: fix cleanup path after mhi init (git-fixes).
- wifi: ath12k: fix desc address calculation in wbm tx completion (bsc#1240998).
- wifi: ath12k: fix driver initialization for WoW unsupported devices (bsc#1240998).
- wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes).
- wifi: ath12k: fix flush failure in recovery scenarios (bsc#1240998).
- wifi: ath12k: fix hal_rx_buf_return_buf_manager documentation (bsc#1240998).
- wifi: ath12k: fix incorrect CE addresses (stable-fixes).
- wifi: ath12k: fix invalid access to memory (git-fixes).
- wifi: ath12k: fix key cache handling (bsc#1240998).
- wifi: ath12k: fix legacy peer association due to missing HT or 6 GHz capabilities (bsc#1240998).
- wifi: ath12k: fix link capable flags (bsc#1240998).
- wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes).
- wifi: ath12k: fix mac id extraction when MSDU spillover in rx error path (bsc#1240998).
- wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes).
- wifi: ath12k: fix mbssid max interface advertisement (bsc#1240998).
- wifi: ath12k: fix missing endianness conversion in wmi_vdev_create_cmd() (bsc#1240998).
- wifi: ath12k: fix misspelling of 'dma' in num_rxmda_per_pdev (bsc#1240998).
- wifi: ath12k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath12k: fix one more memcpy size error (bsc#1240998).
- wifi: ath12k: fix per pdev debugfs registration (bsc#1240998).
- wifi: ath12k: fix reusing outside iterator in ath12k_wow_vif_set_wakeups() (bsc#1240998).
- wifi: ath12k: fix ring-buffer corruption (git-fixes).
- wifi: ath12k: fix skb_ext_desc leak in ath12k_dp_tx() error path (bsc#1240998).
- wifi: ath12k: fix struct hal_rx_mpdu_start (bsc#1240998).
- wifi: ath12k: fix struct hal_rx_phyrx_rssi_legacy_info (bsc#1240998).
- wifi: ath12k: fix struct hal_rx_ppdu_end_user_stats (bsc#1240998).
- wifi: ath12k: fix struct hal_rx_ppdu_start (bsc#1240998).
- wifi: ath12k: fix survey dump collection in 6 GHz (bsc#1240998).
- wifi: ath12k: fix the ampdu id fetch in the HAL_RX_MPDU_START TLV (stable-fixes).
- wifi: ath12k: fix the stack frame size warning in ath12k_mac_op_hw_scan (bsc#1240998).
- wifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup() (bsc#1240998).
- wifi: ath12k: fix warning on DMA ring capabilities event (bsc#1240998).
- wifi: ath12k: flush all packets before suspend (bsc#1240998).
- wifi: ath12k: handle keepalive during WoWLAN suspend and resume (bsc#1240998).
- wifi: ath12k: handle symlink cleanup for per pdev debugfs dentry (bsc#1240998).
- wifi: ath12k: implement WoW enable and wakeup commands (bsc#1240998).
- wifi: ath12k: implement hardware data filter (bsc#1240998).
- wifi: ath12k: improve the rx descriptor error information (bsc#1240998).
- wifi: ath12k: initial debugfs support (bsc#1240998).
- wifi: ath12k: make read-only array svc_id static const (bsc#1240998).
- wifi: ath12k: modify ath12k mac start/stop ops for single wiphy (bsc#1240998).
- wifi: ath12k: modify ath12k_get_arvif_iter() for MLO (bsc#1240998).
- wifi: ath12k: modify ath12k_mac_op_bss_info_changed() for MLO (bsc#1240998).
- wifi: ath12k: modify ath12k_mac_op_set_key() for MLO (bsc#1240998).
- wifi: ath12k: modify ath12k_mac_vif_chan() for MLO (bsc#1240998).
- wifi: ath12k: modify link arvif creation and removal for MLO (bsc#1240998).
- wifi: ath12k: modify regulatory support for single wiphy architecture (bsc#1240998).
- wifi: ath12k: modify remain on channel for single wiphy (bsc#1240998).
- wifi: ath12k: move txbaddr/rxbaddr into struct ath12k_dp (bsc#1240998).
- wifi: ath12k: no need to handle pktlog during suspend/resume (bsc#1240998).
- wifi: ath12k: pass ath12k_link_vif instead of vif/ahvif (bsc#1240998).
- wifi: ath12k: prepare sta data structure for MLO handling (bsc#1240998).
- wifi: ath12k: prepare vif config caching for MLO (bsc#1240998).
- wifi: ath12k: prepare vif data structure for MLO handling (bsc#1240998).
- wifi: ath12k: read single_chip_mlo_support parameter from QMI PHY capability (bsc#1240998).
- wifi: ath12k: rearrange IRQ enable/disable in reset path (bsc#1240998).
- wifi: ath12k: refactor SMPS configuration (bsc#1240998).
- wifi: ath12k: refactor arvif security parameter configuration (bsc#1240998).
- wifi: ath12k: refactor ath12k_hw_regs structure (stable-fixes).
- wifi: ath12k: refactor rx descriptor CMEM configuration (bsc#1240998).
- wifi: ath12k: remove MHI LOOPBACK channels (bsc#1240998).
- wifi: ath12k: remove duplicate definition of MAX_RADIOS (bsc#1240998).
- wifi: ath12k: remove duplicate definitions in wmi.h (bsc#1240998).
- wifi: ath12k: remove invalid peer create logic (bsc#1240998).
- wifi: ath12k: remove obsolete struct wmi_start_scan_arg (bsc#1240998).
- wifi: ath12k: remove redundant peer delete for WCN7850 (bsc#1240998).
- wifi: ath12k: remove unused variable monitor_flags (bsc#1240998).
- wifi: ath12k: remove unused variable monitor_present (bsc#1240998).
- wifi: ath12k: rename MBSSID fields in wmi_vdev_up_cmd (bsc#1240998).
- wifi: ath12k: restore ASPM for supported hardwares only (bsc#1240998).
- wifi: ath12k: scan statemachine changes for single wiphy (bsc#1240998).
- wifi: ath12k: set mlo_capable_flags based on QMI PHY capability (bsc#1240998).
- wifi: ath12k: skip sending vdev down for channel switch (bsc#1240998).
- wifi: ath12k: support ARP and NS offload (bsc#1240998).
- wifi: ath12k: support GTK rekey offload (bsc#1240998).
- wifi: ath12k: support SMPS configuration for 6 GHz (bsc#1240998).
- wifi: ath12k: support get_survey mac op for single wiphy (bsc#1240998).
- wifi: ath12k: support suspend/resume (bsc#1240998).
- wifi: ath12k: switch to using wiphy_lock() and remove ar->conf_mutex (bsc#1240998).
- wifi: ath12k: unregister per pdev debugfs (bsc#1240998).
- wifi: ath12k: update ath12k_mac_op_conf_tx() for MLO (bsc#1240998).
- wifi: ath12k: update ath12k_mac_op_update_vif_offload() for MLO (bsc#1240998).
- wifi: ath12k: use 128 bytes aligned iova in transmit path for WCN7850 (bsc#1240998).
- wifi: ath12k: use correct MAX_RADIOS (bsc#1240998).
- wifi: ath12k: use tail MSDU to get MSDU information (bsc#1240998).
- wifi: ath12k: using msdu end descriptor to check for rx multicast packets (stable-fixes).
- wifi: ath12k: vdev statemachine changes for single wiphy (bsc#1240998).
- wifi: ath9k: return by of_get_mac_address (stable-fixes).
- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).
- wifi: carl9170: do not ping device which has failed to load firmware (git-fixes).
- wifi: cfg80211: allow IR in 20 MHz configurations (stable-fixes).
- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).
- wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes).
- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).
- wifi: iwlwifi: do not warn during reprobe (stable-fixes).
- wifi: iwlwifi: do not warn when if there is a FW error (stable-fixes).
- wifi: iwlwifi: fix debug actions order (stable-fixes).
- wifi: iwlwifi: fix the ECKV UEFI variable name (stable-fixes).
- wifi: iwlwifi: mark Br device not integrated (stable-fixes).
- wifi: iwlwifi: mvm: fix beacon CCK flag (stable-fixes).
- wifi: iwlwifi: mvm: fix setting the TK when associated (stable-fixes).
- wifi: iwlwifi: pcie: make sure to lock rxq->read (stable-fixes).
- wifi: iwlwifi: use correct IMR dump variable (stable-fixes).
- wifi: iwlwifi: w/a FW SMPS mode selection (stable-fixes).
- wifi: mac80211: VLAN traffic in multicast path (stable-fixes).
- wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes).
- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).
- wifi: mac80211: fix beacon interval calculation overflow (git-fixes).
- wifi: mac80211: fix warning on disconnect during failed ML reconf (stable-fixes).
- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).
- wifi: mac80211: set ieee80211_prep_tx_info::link_id upon Auth Rx (stable-fixes).
- wifi: mac80211: validate SCAN_FLAG_AP in scan request during MLO (stable-fixes).
- wifi: mac80211_hwsim: Fix MLD address translation (stable-fixes).
- wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes).
- wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes).
- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).
- wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes).
- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).
- wifi: mt76: mt7925: fix fails to enter low power mode in suspend state (stable-fixes).
- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).
- wifi: mt76: mt7925: introduce thermal protection (stable-fixes).
- wifi: mt76: mt7925: load the appropriate CLC data based on hardware type (stable-fixes).
- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).
- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).
- wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes).
- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).
- wifi: mt76: mt7996: revise TXS size (stable-fixes).
- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).
- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).
- wifi: mwifiex: Fix HT40 bandwidth issue (stable-fixes).
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).
- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).
- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).
- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).
- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (git-fixes).
- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).
- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).
- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).
- wifi: rtw89: 8922a: fix TX fail with wrong VCO setting (stable-fixes).
- wifi: rtw89: 8922a: fix incorrect STA-ID in EHT MU PPDU (stable-fixes).
- wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet (stable-fixes).
- wifi: rtw89: call power_on ahead before selecting firmware (stable-fixes).
- wifi: rtw89: fw: get sb_sel_ver via get_unaligned_le32() (stable-fixes).
- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).
- wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes).
- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).
- wifi: rtw89: phy: add dummy C2H event handler for report of TAS power (stable-fixes).
- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (stable-fixes).
- workqueue: Initialize wq_isolated_cpumask in workqueue_init_early() (bsc#1245101 jsc#PED-11934).
- x86/acpi: Fix LAPIC/x2APIC parsing order (git-fixes).
- x86/amd_nb, hwmon: (k10temp): Simplify amd_pci_dev_to_node_id() (jsc#PED-13094).
- x86/amd_nb: Clean up early_is_amd_nb() (jsc#PED-13094).
- x86/amd_nb: Move SMN access code to a new amd_node driver (jsc#PED-13094).
- x86/amd_nb: Restrict init function to AMD-based systems (jsc#PED-13094).
- x86/amd_nb: Simplify function 4 search (jsc#PED-13094).
- x86/amd_nb: Simplify root device search (jsc#PED-13094).
- x86/amd_node: Add SMN offsets to exclusive region access (jsc#PED-13094).
- x86/amd_node: Add support for debugfs access to SMN registers (jsc#PED-13094).
- x86/amd_node: Remove dependency on AMD_NB (jsc#PED-13094).
- x86/amd_node: Update __amd_smn_rw() error paths (jsc#PED-13094).
- x86/amd_node: Use defines for SMN register offsets (jsc#PED-13094).
- x86/fred/signal: Prevent immediate repeat of single step trap on return from SIGTRAP handler (git-fixes).
- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).
- x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).
- x86/mce/amd: Remove shared threshold bank plumbing (jsc#PED-13094).
- x86/microcode/AMD: Add get_patch_level() (git-fixes).
- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).
- x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes).
- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).
- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).
- x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes).
- x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes).
- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).
- x86/microcode: Consolidate the loader enablement checking (git-fixes).
- x86/mm/init: Handle the special case of device private pages in add_pages(), to not increase max_pfn and trigger dma_addressing_limited() bounce buffers (git-fixes).
- x86/platform/amd: Move the <asm/amd_hsmp.h> header to <asm/amd/hsmp.h> (jsc#PED-13094).
- x86/sev: Add SVSM vTPM probe/send_command functions (bsc#1241191).
- x86/sev: Provide guest VMPL level to userspace (bsc#1241191).
- x86/sev: Register tpm-svsm platform device (bsc#1241191).
- x86/xen: fix balloon target initialization for PVH dom0 (git-fixes).
- x86: Start moving AMD node functionality out of AMD_NB (jsc#PED-13094).
- xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)
- xen/x86: fix initial memory balloon target (git-fixes).
- xhci: dbc: Avoid event polling busyloop if pending rx transfers are inactive (git-fixes).
- xsk: always clear DMA mapping information when unmapping the pool (git-fixes).
Patchnames
SUSE-2025-2333,SUSE-SLE-Module-Live-Patching-15-SP7-2025-2333,SUSE-SLE-Module-RT-15-SP7-2025-2333
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).\n- CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728).\n- CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913).\n- CVE-2024-57995: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() (bsc#1237895).\n- CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982).\n- CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859).\n- CVE-2025-21868: kABI workaround for adding an header (bsc#1240180).\n- CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610).\n- CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577).\n- CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).\n- CVE-2025-21938: mptcp: fix \u0027scheduling while atomic\u0027 in mptcp_pm_nl_append_new_local_addr (bsc#1240723).\n- CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814).\n- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).\n- CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544).\n- CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572).\n- CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617).\n- CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573).\n- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).\n- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).\n- CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).\n- CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521).\n- CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725).\n- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).\n- CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850).\n- CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907).\n- CVE-2025-37837: iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent() (bsc#1242952).\n- CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946).\n- CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051).\n- CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982).\n- CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954).\n- CVE-2025-37874: net: ngbe: fix memory leak in ngbe_probe() error path (bsc#1242940).\n- CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060).\n- CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467).\n- CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475).\n- CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480).\n- CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551).\n- CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620).\n- CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628).\n- CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU\u0027s value (bsc#1243537).\n- CVE-2025-37938: tracing: Verify event formats that have \u0027%*p..\u0027 (bsc#1243544).\n- CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538).\n- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).\n- CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523).\n- CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572).\n- CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571).\n- CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542).\n- CVE-2025-37992: net_sched: Flush gso_skb list too during -\u003echange() (bsc#1243698).\n- CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827).\n- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).\n- CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836).\n- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).\n- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).\n- CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729).\n- CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999).\n- CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746).\n- CVE-2025-38055: perf/x86/intel: Fix segfault with PEBS-via-PT with sample_freq (bsc#1244747).\n- CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862).\n- CVE-2025-38060: bpf: abort verification if env-\u003ecur_state-\u003eloop_entry != NULL (bsc#1245155).\n- CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743).\n\nThe following non-security bugs were fixed:\n\n- ACPI: Add missing prototype for non CONFIG_SUSPEND/CONFIG_X86 case (stable-fixes).\n- ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes).\n- ACPI: HED: Always initialize before evged (stable-fixes).\n- ACPI: OSI: Stop advertising support for \u00273.0 _SCP Extensions\u0027 (git-fixes).\n- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).\n- ACPI: battery: negate current when discharging (stable-fixes).\n- ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes).\n- ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes).\n- ACPICA: Utilities: Fix spelling mistake \u0027Incremement\u0027 -\u003e \u0027Increment\u0027 (git-fixes).\n- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).\n- ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes).\n- ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).\n- ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes).\n- ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes).\n- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).\n- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).\n- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).\n- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes).\n- ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes).\n- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).\n- ALSA: seq: Improve data consistency at polling (stable-fixes).\n- ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes).\n- ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).\n- ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes).\n- ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes).\n- ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).\n- ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes).\n- ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git-fixes).\n- ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes).\n- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes).\n- ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes).\n- ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes).\n- ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes).\n- ALSA: usb-audio: Skip setting clock selector for single connections (stable-fixes).\n- ALSA: usb-audio: Support multiple control interfaces (stable-fixes).\n- ALSA: usb-audio: Support read-only clock selector control (stable-fixes).\n- ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes).\n- ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes).\n- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).\n- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).\n- ASoC: SOF: Intel: hda-bus: Use PIO mode on ACE2+ platforms (git-fixes).\n- ASoC: SOF: ipc4-pcm: Adjust pipeline_list-\u003epipelines allocation type (git-fixes).\n- ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes).\n- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).\n- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).\n- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).\n- ASoC: cs42l43: Disable headphone clamps during type detection (stable-fixes).\n- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).\n- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).\n- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).\n- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).\n- ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY() (git-fixes).\n- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).\n- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).\n- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).\n- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).\n- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).\n- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).\n- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).\n- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).\n- ASoC: tas2764: Enable main IRQs (git-fixes).\n- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).\n- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).\n- ASoC: tas2764: Reinit cache on part reset (git-fixes).\n- ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes).\n- ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes).\n- ASoC: ti: omap-hdmi: Re-add dai_link-\u003eplatform to fix card init (git-fixes).\n- Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes).\n- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).\n- Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes).\n- Bluetooth: MGMT: Fix sparse errors (git-fixes).\n- Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes).\n- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).\n- Bluetooth: Remove pending ACL connection attempts (stable-fixes).\n- Bluetooth: btintel: Check dsbr size from EFI variable (git-fixes).\n- Bluetooth: btintel_pcie: Fix driver not posting maximum rx buffers (git-fixes).\n- Bluetooth: btintel_pcie: Increase the tx and rx descriptor count (git-fixes).\n- Bluetooth: btintel_pcie: Reduce driver buffer posting to prevent race condition (git-fixes).\n- Bluetooth: eir: Fix possible crashes on eir_create_adv_data (git-fixes).\n- Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git-fixes).\n- Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes).\n- Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes).\n- Bluetooth: hci_event: Fix not using key encryption size when its known (git-fixes).\n- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).\n- Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes).\n- Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).\n- Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes).\n- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).\n- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).\n- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).\n- Documentation: ACPI: Use all-string data node references (git-fixes).\n- Documentation: fix typo in root= kernel parameter description (git-fixes).\n- Enable livepatching related packages on -RT (jsc#PED-1706)\n- HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes).\n- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).\n- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).\n- HID: wacom: fix kobject reference count leak (git-fixes).\n- HID: wacom: fix memory leak on kobject creation failure (git-fixes).\n- HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes).\n- IB/cm: Drop lockdep assert and WARN when freeing old msg (git-fixes)\n- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).\n- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).\n- Input: sparcspkr - avoid unannotated fall-through (stable-fixes).\n- Input: xpad - add more controllers (stable-fixes).\n- KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199).\n- KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225).\n- Merge branch \u0027SLE15-SP7\u0027 (8ab7501d9efd) into \u0027SLE15-SP7-RT\u0027\n- MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241) Fixes: 0999112774fc (\u0027MyBS: Use buildflags to set which package to build\u0027)\n- MyBS: Do not build kernel-obs-qa with limit_packages Fixes: 58e3f8c34b2b (\u0027bs-upload-kernel: Pass limit_packages also on multibuild\u0027)\n- MyBS: Simplify qa_expr generation Start with a 0 which makes the expression valid even if there are no QA repositories (currently does not happen). Then separator is always needed.\n- NFC: nci: uart: Set tty-\u003edisc_data only in success path (git-fixes).\n- NFS: Do not allow waiting for exiting tasks (git-fixes).\n- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).\n- NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes).\n- NFSv4: Treat ENETUNREACH errors as fatal for state recovery (git-fixes).\n- PCI/DPC: Initialize aer_err_info before using it (git-fixes).\n- PCI/DPC: Log Error Source ID only when valid (git-fixes).\n- PCI/DPC: Use defines with DPC reason fields (git-fixes).\n- PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes).\n- PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes).\n- PCI: Add ACS quirk for Loongson PCIe (stable-fixes).\n- PCI: Explicitly put devices into D0 when initializing (git-fixes).\n- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).\n- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).\n- PCI: apple: Set only available ports up (git-fixes).\n- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).\n- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).\n- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).\n- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).\n- PCI: cadence: Fix runtime atomic count underflow (git-fixes).\n- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).\n- PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes).\n- PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes).\n- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).\n- PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).\n- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).\n- PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes).\n- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).\n- PM: sleep: Print PM debug messages during hibernation (git-fixes).\n- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).\n- RDMA/core: Fix best page size finding when it can cross SG entries (git-fixes)\n- RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)\n- Remove compress-vmlinux.sh /usr/lib/rpm/brp-suse.d/brp-99-compress-vmlinux was added in pesign-obs-integration during SLE12 RC. This workaround can be removed.\n- Remove host-memcpy-hack.h This might have been usefult at some point but we have more things that depend on specific library versions today.\n- Remove try-disable-staging-driver The config for linux-next is autogenerated from master config, and defaults filled for missing options. This is unlikely to enable any staging driver in the first place.\n- Revert \u0027ALSA: usb-audio: Skip setting clock selector for single connections\u0027 (stable-fixes).\n- Revert \u0027arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes)\n- Revert \u0027bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first\u0027 (stable-fixes).\n- Revert \u0027drm/amdgpu: do not allow userspace to create a doorbell BO\u0027 (stable-fixes).\n- Revert \u0027ipv6: save dontfrag in cork (git-fixes).\u0027\n- Revert \u0027kABI: ipv6: save dontfrag in cork (git-fixes).\u0027\n- Revert \u0027wifi: mt76: mt7996: fill txd by host driver\u0027 (stable-fixes).\n- Revert \u0027wifi: mwifiex: Fix HT40 bandwidth issue.\u0027 (git-fixes).\n- SUNRPC: Do not allow waiting for exiting tasks (git-fixes).\n- SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes).\n- SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git-fixes).\n- SUNRPC: rpcbind should never reset the port to the value \u00270\u0027 (git-fixes).\n- USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes).\n- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).\n- accel/ivpu: Improve buffer object logging (git-fixes).\n- accel/ivpu: Use dma_resv_lock() instead of a custom mutex (git-fixes).\n- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).\n- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).\n- add bug reference to existing hv_storvsc change (bsc#1245455).\n- arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)\n- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes).\n- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes).\n- ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes).\n- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).\n- bnxt: properly flush XDP redirect lists (git-fixes).\n- bpf: Force uprobe bpf program to always return 0 (git-fixes).\n- bs-upload-kernel: Pass limit_packages also on multibuild Fixes: 0999112774fc (\u0027MyBS: Use buildflags to set which package to build\u0027) Fixes: 747f601d4156 (\u0027bs-upload-kernel, MyBS, Buildresults: Support multibuild (JSC-SLE#5501, boo#1211226, bsc#1218184)\u0027)\n- btrfs: fix fsync of files with no hard links not persisting deletion (git-fixes).\n- btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes).\n- btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes).\n- btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes).\n- btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes).\n- btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes).\n- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).\n- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).\n- bus: fsl-mc: fix double-free on mc_dev (git-fixes).\n- bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes).\n- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).\n- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes).\n- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).\n- can: tcan4x5x: fix power regulator retrieval during probe (git-fixes).\n- ceph: Fix incorrect flush end position calculation (git-fixes).\n- ceph: allocate sparse_ext map only for sparse reads (git-fixes).\n- ceph: fix memory leaks in __ceph_sync_read() (git-fixes).\n- cgroup/cpuset: Do not allow creation of local partition over a remote one (bsc#1241166).\n- cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166).\n- cifs: change tcon status when need_reconnect is set on it (git-fixes).\n- clocksource: Fix brown-bag boolean thinko in (git-fixes)\n- clocksource: Make watchdog and suspend-timing multiplication (git-fixes)\n- crypto: lrw - Only add ecb if it is not already there (git-fixes).\n- crypto: lzo - Fix compression buffer overrun (stable-fixes).\n- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).\n- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).\n- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).\n- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).\n- crypto: qat - add shutdown handler to qat_420xx (git-fixes).\n- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).\n- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).\n- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).\n- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).\n- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).\n- crypto: xts - Only add ecb if it is not already there (git-fixes).\n- devlink: Fix referring to hw_addr attribute during state validation (git-fixes).\n- devlink: fix port dump cmd type (git-fixes).\n- dlm: mask sk_shutdown value (bsc#1228854).\n- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).\n- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).\n- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).\n- drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes).\n- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).\n- drm/amd/display: Add debugging message for brightness caps (bsc#1240650).\n- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).\n- drm/amd/display: Add support for disconnected eDP streams (stable-fixes).\n- drm/amd/display: Call FP Protect Before Mode Programming/Mode Support (stable-fixes).\n- drm/amd/display: Configure DTBCLK_P with OPTC only for dcn401 (stable-fixes).\n- drm/amd/display: Correct timing_adjust_pending flag setting (stable-fixes).\n- drm/amd/display: Defer BW-optimization-blocked DRR adjustments (git-fixes).\n- drm/amd/display: Do not enable replay when vtotal update is pending (stable-fixes).\n- drm/amd/display: Do not treat wb connector as physical in create_validate_stream_for_sink (stable-fixes).\n- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).\n- drm/amd/display: Ensure DMCUB idle before reset on DCN31/DCN35 (stable-fixes).\n- drm/amd/display: Fix BT2020 YCbCr limited/full range input (stable-fixes).\n- drm/amd/display: Fix DMUB reset sequence for DCN401 (stable-fixes).\n- drm/amd/display: Fix default DC and AC levels (bsc#1240650).\n- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).\n- drm/amd/display: Fix p-state type when p-state is unsupported (stable-fixes).\n- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).\n- drm/amd/display: Guard against setting dispclk low when active (stable-fixes).\n- drm/amd/display: Increase block_sequence array size (stable-fixes).\n- drm/amd/display: Initial psr_version with correct setting (stable-fixes).\n- drm/amd/display: Populate register address for dentist for dcn401 (stable-fixes).\n- drm/amd/display: Read LTTPR ALPM caps during link cap retrieval (stable-fixes).\n- drm/amd/display: Request HW cursor on DCN3.2 with SubVP (stable-fixes).\n- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).\n- drm/amd/display: Support multiple options during psr entry (stable-fixes).\n- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).\n- drm/amd/display: Use Nominal vBlank If Provided Instead Of Capping It (stable-fixes).\n- drm/amd/display: calculate the remain segments for all pipes (stable-fixes).\n- drm/amd/display: check stream id dml21 wrapper to get plane_id (stable-fixes).\n- drm/amd/display: fix dcn4x init failed (stable-fixes).\n- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).\n- drm/amd/display: handle max_downscale_src_width fail check (stable-fixes).\n- drm/amd/display: not abort link train when bw is low (stable-fixes).\n- drm/amd/display: pass calculated dram_speed_mts to dml2 (stable-fixes).\n- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).\n- drm/amd/pm: Fetch current power limit from PMFW (stable-fixes).\n- drm/amd/pm: Skip P2S load for SMU v13.0.12 (stable-fixes).\n- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).\n- drm/amd: Adjust output for discovery error handling (git-fixes).\n- drm/amdgpu/discovery: check ip_discovery fw file available (stable-fixes).\n- drm/amdgpu/gfx11: do not read registers in mqd init (stable-fixes).\n- drm/amdgpu/gfx12: do not read registers in mqd init (stable-fixes).\n- drm/amdgpu/mes11: fix set_hw_resources_1 calculation (stable-fixes).\n- drm/amdgpu: Allow P2P access through XGMI (stable-fixes).\n- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).\n- drm/amdgpu: Fix missing drain retry fault the last entry (stable-fixes).\n- drm/amdgpu: Fix the race condition for draining retry fault (stable-fixes).\n- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).\n- drm/amdgpu: Skip pcie_replay_count sysfs creation for VF (stable-fixes).\n- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).\n- drm/amdgpu: Use active umc info from discovery (stable-fixes).\n- drm/amdgpu: adjust drm_firmware_drivers_only() handling (stable-fixes).\n- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).\n- drm/amdgpu: read back register after written for VCN v4.0.5 (stable-fixes).\n- drm/amdgpu: release xcp_mgr on exit (stable-fixes).\n- drm/amdgpu: remove all KFD fences from the BO on release (stable-fixes).\n- drm/amdgpu: reset psp-\u003ecmd to NULL after releasing the buffer (stable-fixes).\n- drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).\n- drm/amdkfd: Correct F8_MODE for gfx950 (git-fixes).\n- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).\n- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).\n- drm/amdkfd: Set per-process flags only once for gfx9/10/11/12 (stable-fixes).\n- drm/amdkfd: fix missing L2 cache info in topology (stable-fixes).\n- drm/amdkfd: set precise mem ops caps to disabled for gfx 11 and 12 (stable-fixes).\n- drm/ast: Find VBIOS mode from regular display size (stable-fixes).\n- drm/ast: Fix comment on modeset lock (git-fixes).\n- drm/atomic: clarify the rules around drm_atomic_state-\u003eallow_modeset (stable-fixes).\n- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).\n- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).\n- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).\n- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).\n- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).\n- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).\n- drm/buddy: fix issue that force_merge cannot free all roots (stable-fixes).\n- drm/etnaviv: Protect the scheduler\u0027s pending list with its lock (git-fixes).\n- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).\n- drm/i915/guc: Check if expecting reply before decrementing outstanding_submission_g2h (git-fixes).\n- drm/i915/guc: Handle race condition where wakeref count drops below 0 (git-fixes).\n- drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes).\n- drm/i915/psr: Fix using wrong mask in REG_FIELD_PREP (git-fixes).\n- drm/i915: fix build error some more (git-fixes).\n- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).\n- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).\n- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).\n- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).\n- drm/msm/a6xx: Disable rgb565_predicator on Adreno 7c3 (git-fixes).\n- drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (git-fixes).\n- drm/msm/disp: Correct porch timing for SDM845 (git-fixes).\n- drm/msm/dpu: Clear CTL_FETCH_PIPE_ACTIVE before blend setup (git-fixes).\n- drm/msm/dpu: Clear CTL_FETCH_PIPE_ACTIVE on ctl_path reset (git-fixes).\n- drm/msm/dpu: enable SmartDMA on SC8180X (git-fixes).\n- drm/msm/dpu: enable SmartDMA on SM8150 (git-fixes).\n- drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes).\n- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).\n- drm/msm: Fix CP_RESET_CONTEXT_STATE bitfield names (git-fixes).\n- drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes).\n- drm/nouveau: fix the broken marco GSP_MSG_MAX_SIZE (stable-fixes).\n- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).\n- drm/panel-simple: fix the warnings for the Evervision VGG644804 (git-fixes).\n- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).\n- drm/panic: add missing space (git-fixes).\n- drm/panthor: Fix GPU_COHERENCY_ACE[_LITE] definitions (git-fixes).\n- drm/panthor: Update panthor_mmu::irq::mask when needed (git-fixes).\n- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).\n- drm/rockchip: vop2: Improve display modes handling on RK3588 HDMI0 (stable-fixes).\n- drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).\n- drm/tegra: Assign plane type before registration (git-fixes).\n- drm/tegra: Fix a possible null pointer dereference (git-fixes).\n- drm/tegra: rgb: Fix the unbound reference count (git-fixes).\n- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).\n- drm/v3d: Add clock handling (stable-fixes).\n- drm/v3d: Avoid NULL pointer dereference in `v3d_job_update_stats()` (stable-fixes).\n- drm/vc4: tests: Use return instead of assert (git-fixes).\n- drm/vkms: Adjust vkms_state-\u003eactive_planes allocation type (git-fixes).\n- drm/vmwgfx: Add error path for xa_store in vmw_bo_add_detached_resource (git-fixes).\n- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).\n- drm/vmwgfx: Fix dumb buffer leak (git-fixes).\n- drm/xe/bmg: Update Wa_16023588340 (git-fixes).\n- drm/xe/d3cold: Set power state to D3Cold during s2idle/s3 (git-fixes).\n- drm/xe/debugfs: Add missing xe_pm_runtime_put in wedge_mode_set (stable-fixes).\n- drm/xe/debugfs: fixed the return value of wedged_mode_set (stable-fixes).\n- drm/xe/display: Add check for alloc_ordered_workqueue() (git-fixes).\n- drm/xe/gt: Update handling of xe_force_wake_get return (stable-fixes).\n- drm/xe/oa: Ensure that polled read returns latest data (stable-fixes).\n- drm/xe/pf: Create a link between PF and VF devices (stable-fixes).\n- drm/xe/pf: Reset GuC VF config when unprovisioning critical resource (stable-fixes).\n- drm/xe/relay: Do not use GFP_KERNEL for new transactions (stable-fixes).\n- drm/xe/sa: Always call drm_suballoc_manager_fini() (stable-fixes).\n- drm/xe/sched: stop re-submitting signalled jobs (git-fixes).\n- drm/xe/vf: Retry sending MMIO request to GUC on timeout error (stable-fixes).\n- drm/xe/vm: move rebind_work init earlier (git-fixes).\n- drm/xe/xe2hpg: Add Wa_22021007897 (stable-fixes).\n- drm/xe: Create LRC BO without VM (git-fixes).\n- drm/xe: Do not attempt to bootstrap VF in execlists mode (stable-fixes).\n- drm/xe: Fix memset on iomem (git-fixes).\n- drm/xe: Fix xe_tile_init_noalloc() error propagation (stable-fixes).\n- drm/xe: Make xe_gt_freq part of the Documentation (git-fixes).\n- drm/xe: Move suballocator init to after display init (stable-fixes).\n- drm/xe: Nuke VM\u0027s mapping upon close (stable-fixes).\n- drm/xe: Process deferred GGTT node removals on device unwind (git-fixes).\n- drm/xe: Reject BO eviction if BO is bound to current VM (stable-fixes).\n- drm/xe: Retry BO allocation (stable-fixes).\n- drm/xe: Rework eviction rejection of bound external bos (git-fixes).\n- drm/xe: Save the gt pointer in lrc and drop the tile (stable-fixes).\n- drm/xe: Stop ignoring errors from xe_ttm_stolen_mgr_init() (stable-fixes).\n- drm/xe: Wire up device shutdown handler (stable-fixes).\n- drm/xe: remove unmatched xe_vm_unlock() from __xe_exec_queue_init() (git-fixes).\n- drm/xe: xe_gen_wa_oob: replace program_invocation_short_name (stable-fixes).\n- drm: Add valid clones check (stable-fixes).\n- drm: bridge: adv7511: fill stream capabilities (stable-fixes).\n- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).\n- dummycon: Trigger redraw when switching consoles with deferred takeover (git-fixes).\n- e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes).\n- efi/libstub: Describe missing \u0027out\u0027 parameter in efi_load_initrd (git-fixes).\n- fbcon: Make sure modelist not set on unregistered console (stable-fixes).\n- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).\n- fbdev/efifb: Remove PM for parent device (bsc#1244261).\n- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).\n- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).\n- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).\n- fgraph: Still initialize idle shadow stacks when starting (git-fixes).\n- firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes).\n- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).\n- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).\n- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).\n- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).\n- fpga: altera-cvp: Increase credit timeout (stable-fixes).\n- fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes).\n- gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).\n- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).\n- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).\n- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).\n- gpiolib: Revert \u0027Do not WARN on gpiod_put() for optional GPIO\u0027 (stable-fixes).\n- gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes).\n- gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes).\n- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).\n- hwmon: (dell-smm) Increment the number of fans (stable-fixes).\n- hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).\n- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).\n- hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes).\n- hwmon: (occ) Rework attribute registration for stack usage (git-fixes).\n- hwmon: (occ) fix unaligned accesses (git-fixes).\n- hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes).\n- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).\n- hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes).\n- i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes).\n- i2c: npcm: Add clock toggle recovery (stable-fixes).\n- i2c: pxa: fix call balance of i2c-\u003eclk handling routines (stable-fixes).\n- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).\n- i2c: robotfuzz-osif: disable zero-length read messages (git-fixes).\n- i2c: tegra: check msg length in SMBUS block read (bsc#1242086)\n- i2c: tiny-usb: disable zero-length read messages (git-fixes).\n- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).\n- i3c: master: svc: Fix missing STOP for master request (stable-fixes).\n- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).\n- i40e: retry VFLR handling if there is ongoing VF reset (git-fixes).\n- i40e: return false from i40e_reset_vf if reset is in progress (git-fixes).\n- ice: Fix LACP bonds without SRIOV environment (git-fixes).\n- ice: create new Tx scheduler nodes for new queues only (git-fixes).\n- ice: fix Tx scheduler error handling in XDP callback (git-fixes).\n- ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes).\n- ice: fix vf-\u003enum_mac count with port representors (git-fixes).\n- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).\n- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).\n- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).\n- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).\n- iio: filter: admv8818: Support frequencies \u003e= 2^32 (git-fixes).\n- iio: filter: admv8818: fix band 4, state 15 (git-fixes).\n- iio: filter: admv8818: fix integer overflow (git-fixes).\n- iio: filter: admv8818: fix range calculation (git-fixes).\n- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).\n- ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650).\n- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).\n- intel_th: avoid using deprecated page-\u003emapping, index fields (stable-fixes).\n- iommu: Protect against overflow in iommu_pgsize() (git-fixes).\n- iommu: Skip PASID validation for devices without PASID capability (bsc#1244100)\n- iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)\n- ip6mr: fix tables suspicious RCU usage (git-fixes).\n- ip_tunnel: annotate data-races around t-\u003eparms.link (git-fixes).\n- ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes).\n- ipmr: fix tables suspicious RCU usage (git-fixes).\n- ipv4: Convert ip_route_input() to dscp_t (git-fixes).\n- ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes).\n- ipv6: save dontfrag in cork (git-fixes).\n- ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes).\n- isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).\n- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).\n- jffs2: check that raw node were preallocated before writing summary (git-fixes).\n- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).\n- kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).\n- kABI: ipv6: save dontfrag in cork (git-fixes).\n- kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).\n- kabi: restore layout of struct cgroup_subsys (bsc#1241166).\n- kabi: restore layout of struct mem_control (jsc#PED-12551).\n- kabi: restore layout of struct page_counter (jsc#PED-12551).\n- kernel-source: Remove log.sh from sources\n- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).\n- loop: Add sanity check for read/write_iter (git-fixes).\n- loop: add file_start_write() and file_end_write() (git-fixes).\n- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).\n- md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes).\n- md/raid1: Add check for missing source disk in process_checks() (git-fixes).\n- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).\n- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).\n- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).\n- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).\n- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).\n- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).\n- media: cx231xx: set device_caps for 417 (stable-fixes).\n- media: cxusb: no longer judge rbuf when the write fails (git-fixes).\n- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).\n- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).\n- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).\n- media: imx-jpeg: Cleanup after an allocation error (git-fixes).\n- media: imx-jpeg: Drop the first error frames (git-fixes).\n- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).\n- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).\n- media: intel/ipu6: Fix dma mask for non-secure mode (git-fixes).\n- media: ipu6: Remove workaround for Meteor Lake ES2 (git-fixes).\n- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).\n- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).\n- media: ov2740: Move pm-runtime cleanup on probe-errors to proper place (git-fixes).\n- media: ov5675: suppress probe deferral errors (git-fixes).\n- media: ov8856: suppress probe deferral errors (git-fixes).\n- media: platform: mtk-mdp3: Remove unused mdp_get_plat_device (git-fixes).\n- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).\n- media: rkvdec: Fix frame size enumeration (git-fixes).\n- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).\n- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).\n- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).\n- media: uvcvideo: Fix deferred probing error (git-fixes).\n- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).\n- media: uvcvideo: Return the number of processed controls (git-fixes).\n- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).\n- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).\n- media: venus: Fix probe error handling (git-fixes).\n- media: verisilicon: Free post processor buffers on error (git-fixes).\n- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).\n- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).\n- media: vivid: Change the siize of the composing (git-fixes).\n- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).\n- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).\n- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).\n- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).\n- mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551).\n- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).\n- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).\n- mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551).\n- mmc: Add quirk to disable DDR50 tuning (stable-fixes).\n- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).\n- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).\n- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).\n- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).\n- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).\n- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).\n- neighbour: Do not let neigh_forced_gc() disable preemption for long (git-fixes).\n- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes).\n- net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes).\n- net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes).\n- net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes).\n- net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes).\n- net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).\n- net/mlx5: Fix return value when searching for existing flow group (git-fixes).\n- net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes).\n- net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).\n- net/neighbor: clear error in case strict check is not set (git-fixes).\n- net/sched: fix use-after-free in taprio_dev_notifier (git-fixes).\n- net: Fix TOCTOU issue in sk_is_readable() (git-fixes).\n- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes).\n- net: add rcu safety to rtnl_prop_list_size() (git-fixes).\n- net: fix udp gso skb_segment after pull from frag_list (git-fixes).\n- net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes).\n- net: ice: Perform accurate aRFS flow match (git-fixes).\n- net: ipv4: fix a memleak in ip_setup_cork (git-fixes).\n- net: linkwatch: use system_unbound_wq (git-fixes).\n- net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).\n- net: mana: Record doorbell physical address in PF mode (bsc#1244229).\n- net: page_pool: fix warning code (git-fixes).\n- net: phy: clear phydev-\u003edevlink when the link is deleted (git-fixes).\n- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).\n- net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538)\n- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).\n- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).\n- net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes).\n- net: sched: consistently use rcu_replace_pointer() in taprio_change() (git-fixes).\n- net: sched: em_text: fix possible memory leak in em_text_destroy() (git-fixes).\n- net: sched: fix erspan_opt settings in cls_flower (git-fixes).\n- net: usb: aqc111: debug info before sanitation (git-fixes).\n- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).\n- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).\n- net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).\n- net_sched: prio: fix a race in prio_tune() (git-fixes).\n- net_sched: red: fix a race in __red_change() (git-fixes).\n- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)\n- net_sched: sch_sfq: reject invalid perturb period (git-fixes).\n- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)\n- net_sched: tbf: fix a race in tbf_change() (git-fixes).\n- netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).\n- netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes).\n- netlink: specs: dpll: replace underscores with dashes in names (git-fixes).\n- netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes).\n- netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).\n- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).\n- nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes).\n- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).\n- ntp: Clamp maxerror and esterror to operating range (git-fixes)\n- ntp: Remove invalid cast in time offset math (git-fixes)\n- ntp: Safeguard against time_constant overflow (git-fixes)\n- nvme-fc: do not reference lsrsp after failure (bsc#1245193).\n- nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes).\n- nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).\n- nvme-pci: add quirks for device 126f:1001 (git-fixes).\n- nvme: always punt polled uring_cmd end_io work to task_work (git-fixes).\n- nvme: fix command limits status code (git-fixes).\n- nvme: fix implicit bool to flags conversion (git-fixes).\n- nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).\n- nvmet-fc: take tgtport refs for portentry (bsc#1245193).\n- nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193).\n- nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193).\n- nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).\n- nvmet-fcloop: do not wait for lport cleanup (bsc#1245193).\n- nvmet-fcloop: drop response if targetport is gone (bsc#1245193).\n- nvmet-fcloop: prevent double port deletion (bsc#1245193).\n- nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).\n- nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193).\n- nvmet-fcloop: remove nport from list on last user (bsc#1245193).\n- nvmet-fcloop: track ref counts for nports (bsc#1245193).\n- nvmet-fcloop: update refs on tfcp_req (bsc#1245193).\n- orangefs: Do not truncate file size (git-fixes).\n- pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes).\n- page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes).\n- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).\n- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).\n- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).\n- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes).\n- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).\n- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs \u003e 31 (git-fixes).\n- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).\n- pinctrl: bcm281xx: Use \u0027unsigned int\u0027 instead of bare \u0027unsigned\u0027 (stable-fixes).\n- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).\n- pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes).\n- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).\n- pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).\n- pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).\n- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).\n- platform/x86/amd/hsmp: Add new error code and error logs (jsc#PED-13094).\n- platform/x86/amd/hsmp: Add support for HSMP protocol version 7 messages (jsc#PED-13094).\n- platform/x86/amd/hsmp: Change generic plat_dev name to hsmp_pdev (jsc#PED-13094).\n- platform/x86/amd/hsmp: Change the error type (jsc#PED-13094).\n- platform/x86/amd/hsmp: Convert amd_hsmp_rdwr() to a function pointer (jsc#PED-13094).\n- platform/x86/amd/hsmp: Create hsmp/ directory (jsc#PED-13094).\n- platform/x86/amd/hsmp: Create separate ACPI, plat and common drivers (jsc#PED-13094).\n- platform/x86/amd/hsmp: Create wrapper function init_acpi() (jsc#PED-13094).\n- platform/x86/amd/hsmp: Make amd_hsmp and hsmp_acpi as mutually exclusive drivers (jsc#PED-13094).\n- platform/x86/amd/hsmp: Make hsmp_pdev static instead of global (jsc#PED-13094).\n- platform/x86/amd/hsmp: Move ACPI code to acpi.c (jsc#PED-13094).\n- platform/x86/amd/hsmp: Move platform device specific code to plat.c (jsc#PED-13094).\n- platform/x86/amd/hsmp: Move structure and macros to header file (jsc#PED-13094).\n- platform/x86/amd/hsmp: Report power via hwmon sensor (jsc#PED-13094).\n- platform/x86/amd/hsmp: Use a single DRIVER_VERSION for all hsmp modules (jsc#PED-13094).\n- platform/x86/amd/hsmp: Use dev_groups in the driver structure (jsc#PED-13094).\n- platform/x86/amd/hsmp: Use name space while exporting module symbols (jsc#PED-13094).\n- platform/x86/amd/hsmp: acpi: Add sysfs files to display HSMP telemetry (jsc#PED-13094).\n- platform/x86/amd/hsmp: fix building with CONFIG_HWMON=m (jsc#PED-13094).\n- platform/x86/amd/hsmp: mark hsmp_msg_desc_table as maybe_unused (git-fixes).\n- platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes).\n- platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes).\n- platform/x86: amd: Use *-y instead of *-objs in Makefiles (jsc#PED-13094).\n- platform/x86: dell_rbu: Fix list usage (git-fixes).\n- platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes).\n- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes).\n- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).\n- platform/x86: hp-bioscfg: Annotate struct bios_args with __counted_by (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Change how enum possible values size is evaluated (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Change how order list size is evaluated (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Change how password encoding size is evaluated (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Change how prerequisites size is evaluated (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Fix error handling in hp_add_other_attributes() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Fix memory leaks in attribute packages (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Fix reference leak (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Fix uninitialized variable errors (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Makefile (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Remove duplicate use of variable in inner loop (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Remove unused obj in hp_add_other_attributes() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Removed needless asm-generic (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Replace the word HACK from source code (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Simplify return check in hp_add_other_attributes() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Update steps order list elements are evaluated (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Use kmemdup() to replace kmalloc + memcpy (jsc#PED-13019).\n- platform/x86: hp-bioscfg: biosattr-interface (jsc#PED-13019).\n- platform/x86: hp-bioscfg: bioscfg (jsc#PED-13019).\n- platform/x86: hp-bioscfg: bioscfg-h (jsc#PED-13019).\n- platform/x86: hp-bioscfg: enum-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: fix a signedness bug in hp_wmi_perform_query() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: fix error reporting in hp_add_other_attributes() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: int-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: move mutex_lock() down in hp_add_other_attributes() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: order-list-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: passwdobj-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: prevent a small buffer overflow (jsc#PED-13019).\n- platform/x86: hp-bioscfg: spmobj-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: string-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: surestart-attributes (jsc#PED-13019).\n- platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes).\n- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).\n- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes).\n- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).\n- power: reset: at91-reset: Optimize at91_reset() (git-fixes).\n- power: supply: bq27xxx: Retrieve again when busy (stable-fixes).\n- power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes).\n- powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199).\n- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).\n- powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199).\n- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).\n- pstore: Change kmsg_bytes storage size to u32 (git-fixes).\n- ptp: ocp: fix start time alignment in ptp_ocp_signal_set (git-fixes).\n- ptp: ocp: reject unsupported periodic output flags (git-fixes).\n- ptp: remove ptp-\u003en_vclocks check logic in ptp_vclock_in_use() (git-fixes).\n- r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes).\n- regulator: ad5398: Add device tree support (stable-fixes).\n- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).\n- regulator: max20086: Change enable gpio to optional (git-fixes).\n- regulator: max20086: Fix MAX200086 chip id (git-fixes).\n- regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes).\n- rpm/check-for-config-changes: add more to IGNORED_CONFIGS_RE Useful when someone tries (needs) to build the kernel with clang.\n- rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725)\n- rpm: Stop using is_kotd_qa macro This macro is set by bs-upload-kernel, and a conditional in each spec file is used to determine when to build the spec file. This logic should not really be in the spec file. Previously this was done with package links and package meta for the individula links. However, the use of package links is rejected for packages in git based release projects (nothing to do with git actually, new policy). An alternative to package links is multibuild. However, for multibuild packages package meta cannot be used to set which spec file gets built. Use prjcon buildflags instead, and remove this conditional. Depends on bs-upload-kernel adding the build flag.\n- rtc: Fix offset calculation for .start_secs \u0026lt; 0 (git-fixes).\n- rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes).\n- rtc: at91rm9200: drop unused module alias (git-fixes).\n- rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).\n- rtc: cpcap: drop unused module alias (git-fixes).\n- rtc: da9063: drop unused module alias (git-fixes).\n- rtc: ds1307: stop disabling alarms on probe (stable-fixes).\n- rtc: jz4740: drop unused module alias (git-fixes).\n- rtc: pm8xxx: drop unused module alias (git-fixes).\n- rtc: rv3032: fix EERD location (stable-fixes).\n- rtc: s3c: drop unused module alias (git-fixes).\n- rtc: sh: assign correct interrupts with DT (git-fixes).\n- rtc: stm32: drop unused module alias (git-fixes).\n- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).\n- s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226).\n- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).\n- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).\n- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).\n- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).\n- s390/pci: Serialize device addition and removal (bsc#1244145).\n- s390/pci: introduce lock to synchronize state of zpci_dev\u0027s (jsc#PED-10253 bsc#1244145).\n- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).\n- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).\n- s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228).\n- scsi: Improve CDL control (git-fixes).\n- scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).\n- scsi: dc395x: Remove leftover if statement in reselect() (git-fixes).\n- scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes).\n- scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes).\n- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).\n- scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).\n- scsi: mpi3mr: Add level check to control event logging (git-fixes).\n- scsi: mpt3sas: Fix _ctl_get_mpt_mctp_passthru_adapter() to return IOC pointer (git-fixes).\n- scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes).\n- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).\n- scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes).\n- scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes).\n- scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels (git-fixes).\n- scsi: st: ERASE does not change tape location (git-fixes).\n- scsi: st: Restore some drive settings after reset (git-fixes).\n- scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes).\n- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).\n- scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).\n- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).\n- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).\n- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).\n- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).\n- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).\n- serial: core: restore of_node information in sysfs (git-fixes).\n- serial: imx: Restore original RXTL for console to fix data loss (git-fixes).\n- serial: jsm: fix NPE during jsm_uart_port_init (git-fixes).\n- serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).\n- serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes).\n- serial: sh-sci: Save and restore more registers (git-fixes).\n- serial: sh-sci: Update the suspend/resume support (stable-fixes).\n- smb3: fix Open files on server counter going negative (git-fixes).\n- smb: client: Use str_yes_no() helper function (git-fixes).\n- smb: client: allow more DFS referrals to be cached (git-fixes).\n- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).\n- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).\n- smb: client: do not retry DFS targets on server shutdown (git-fixes).\n- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).\n- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).\n- smb: client: fix DFS interlink failover (git-fixes).\n- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).\n- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).\n- smb: client: fix potential race in cifs_put_tcon() (git-fixes).\n- smb: client: fix return value of parse_dfs_referrals() (git-fixes).\n- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).\n- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).\n- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).\n- smb: client: improve purging of cached referrals (git-fixes).\n- smb: client: introduce av_for_each_entry() helper (git-fixes).\n- smb: client: optimize referral walk on failed link targets (git-fixes).\n- smb: client: parse DNS domain name from domain= option (git-fixes).\n- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).\n- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).\n- smb: client: refresh referral without acquiring refpath_lock (git-fixes).\n- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).\n- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).\n- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).\n- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).\n- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).\n- software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes).\n- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).\n- spi-rockchip: Fix register out of bounds access (stable-fixes).\n- spi: bcm63xx-hsspi: fix shared reset (git-fixes).\n- spi: bcm63xx-spi: fix shared reset (git-fixes).\n- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).\n- spi: spi-sun4i: fix early activation (stable-fixes).\n- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).\n- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).\n- spi: tegra210-quad: remove redundant error handling code (git-fixes).\n- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).\n- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).\n- staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes).\n- struct usci: hide additional member (git-fixes).\n- sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes).\n- supported.conf: Add SNP SVSM vTPM driver\n- supported.conf: add it\n- supported.conf: support firmware_attributes_class\n- svsm: Add header with SVSM_VTPM_CMD helpers (bsc#1241191).\n- sysfb: Fix screen_info type check for VGA (git-fixes).\n- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (git-fixes).\n- tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).\n- tcp/dccp: complete lockless accesses to sk-\u003esk_max_ack_backlog (git-fixes).\n- tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes).\n- tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).\n- thermal/drivers/mediatek/lvts: Fix debugfs unregister on failure (git-fixes).\n- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).\n- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).\n- thunderbolt: Do not double dequeue a configuration request (stable-fixes).\n- thunderbolt: Fix a logic error in wake on connect (git-fixes).\n- thunderbolt: Improve redrive mode handling (git-fixes).\n- timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)\n- timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)\n- timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)\n- timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)\n- tpm: Add SNP SVSM vTPM driver (bsc#1241191).\n- tpm: Make chip-\u003e{status,cancel,req_canceled} opt (bsc#1241191).\n- trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes).\n- tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes).\n- tracing: Add __print_dynamic_array() helper (bsc#1243544).\n- tracing: Add __string_len() example (bsc#1243544).\n- tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes).\n- tracing: Fix compilation warning on arm32 (bsc#1243551).\n- tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes).\n- truct dwc3 hide new member wakeup_pending_funcs (git-fixes).\n- tty: serial: 8250_omap: fix TX with DMA for am33xx (git-fixes).\n- ucsi_debugfs_entry: hide signedness change (git-fixes).\n- udp: annotate data-races around up-\u003epending (git-fixes).\n- udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (git-fixes).\n- udp: fix receiving fraglist GSO packets (git-fixes).\n- udp: preserve the connected status if only UDP cmsg (git-fixes).\n- uprobes: Use kzalloc to allocate xol area (git-fixes).\n- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).\n- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).\n- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).\n- usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).\n- usb: misc: onboard_usb_dev: fix support for Cypress HX3 hubs (git-fixes).\n- usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes).\n- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).\n- usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes).\n- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).\n- usb: typec: tcpm: move tcpm_queue_vdm_unlocked to asynchronous work (git-fixes).\n- usb: typec: ucsi: Only enable supported notifications (git-fixes).\n- usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git-fixes).\n- usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes).\n- usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes).\n- usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes).\n- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).\n- usb: usbtmc: Fix timeout value in get_stb (git-fixes).\n- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).\n- usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes).\n- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).\n- vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626).\n- vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626).\n- vmxnet3: update MTU after device quiesce (bsc#1244626).\n- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).\n- watchdog: da9052_wdt: respect TWDMIN (stable-fixes).\n- watchdog: exar: Shorten identity name to fit correctly (git-fixes).\n- watchdog: fix watchdog may detect false positive of softlockup (stable-fixes).\n- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes).\n- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes).\n- wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).\n- wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes).\n- wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes).\n- wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes).\n- wifi: ath11k: do not wait when there is no vdev started (git-fixes).\n- wifi: ath11k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath11k: fix ring-buffer corruption (git-fixes).\n- wifi: ath11k: fix rx completion meta data corruption (git-fixes).\n- wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes).\n- wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes).\n- wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847).\n- wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes).\n- wifi: ath12k: ACPI CCA threshold support (bsc#1240998).\n- wifi: ath12k: ACPI SAR support (bsc#1240998).\n- wifi: ath12k: ACPI TAS support (bsc#1240998).\n- wifi: ath12k: ACPI band edge channel power support (bsc#1240998).\n- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).\n- wifi: ath12k: Add additional checks for vif and sta iterators (bsc#1240998).\n- wifi: ath12k: Add firmware coredump collection support (bsc#1240998).\n- wifi: ath12k: Add htt_stats_dump file ops support (bsc#1240998).\n- wifi: ath12k: Add lock to protect the hardware state (bsc#1240998).\n- wifi: ath12k: Add missing htt_metadata flag in ath12k_dp_tx() (bsc#1240998).\n- wifi: ath12k: Add support to enable debugfs_htt_stats (bsc#1240998).\n- wifi: ath12k: Add support to parse requested stats_type (bsc#1240998).\n- wifi: ath12k: Avoid -Wflex-array-member-not-at-end warnings (bsc#1240998).\n- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).\n- wifi: ath12k: Cache vdev configs before vdev create (bsc#1240998).\n- wifi: ath12k: Dump additional Tx PDEV HTT stats (bsc#1240998).\n- wifi: ath12k: Fetch regdb.bin file from board-2.bin (stable-fixes).\n- wifi: ath12k: Fix WARN_ON during firmware crash in split-phy (bsc#1240998).\n- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).\n- wifi: ath12k: Fix buffer overflow in debugfs (bsc#1240998).\n- wifi: ath12k: Fix devmem address prefix when logging (bsc#1240998).\n- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).\n- wifi: ath12k: Fix for out-of bound access error (bsc#1240998).\n- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).\n- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).\n- wifi: ath12k: Fix pdev id sent to firmware for single phy devices (bsc#1240998).\n- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).\n- wifi: ath12k: Handle error cases during extended skb allocation (git-fixes).\n- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).\n- wifi: ath12k: Introduce device index (bsc#1240998).\n- wifi: ath12k: Modify add and remove chanctx ops for single wiphy support (bsc#1240998).\n- wifi: ath12k: Modify print_array_to_buf() to support arrays with 1-based semantics (bsc#1240998).\n- wifi: ath12k: Modify rts threshold mac op for single wiphy (bsc#1240998).\n- wifi: ath12k: Modify set and get antenna mac ops for single wiphy (bsc#1240998).\n- wifi: ath12k: Optimize the lock contention of used list in Rx data path (bsc#1240998).\n- wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes).\n- wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash (bsc#1240998).\n- wifi: ath12k: Refactor Rxdma buffer replinish argument (bsc#1240998).\n- wifi: ath12k: Refactor data path cmem init (bsc#1240998).\n- wifi: ath12k: Refactor error handler of Rxdma replenish (bsc#1240998).\n- wifi: ath12k: Refactor idle ring descriptor setup (bsc#1240998).\n- wifi: ath12k: Refactor the hardware cookie conversion init (bsc#1240998).\n- wifi: ath12k: Refactor the hardware recovery procedure (bsc#1240998).\n- wifi: ath12k: Refactor the hardware state (bsc#1240998).\n- wifi: ath12k: Remove unsupported tx monitor handling (bsc#1240998).\n- wifi: ath12k: Remove unused ath12k_base from ath12k_hw (bsc#1240998).\n- wifi: ath12k: Remove unused tcl_*_ring configuration (bsc#1240998).\n- wifi: ath12k: Replace \u0027chip\u0027 with \u0027device\u0027 in hal Rx return buffer manager (bsc#1240998).\n- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).\n- wifi: ath12k: Resolve multicast packet drop by populating key_cipher in ath12k_install_key() (bsc#1240998).\n- wifi: ath12k: Support BE OFDMA Pdev Rate Stats (bsc#1240998).\n- wifi: ath12k: Support DMAC Reset Stats (bsc#1240998).\n- wifi: ath12k: Support Pdev OBSS Stats (bsc#1240998).\n- wifi: ath12k: Support Pdev Scheduled Algorithm Stats (bsc#1240998).\n- wifi: ath12k: Support Ring and SFM stats (bsc#1240998).\n- wifi: ath12k: Support Self-Generated Transmit stats (bsc#1240998).\n- wifi: ath12k: Support TQM stats (bsc#1240998).\n- wifi: ath12k: Support Transmit DE stats (bsc#1240998).\n- wifi: ath12k: Support Transmit Scheduler stats (bsc#1240998).\n- wifi: ath12k: Support pdev CCA Stats (bsc#1240998).\n- wifi: ath12k: Support pdev Transmit Multi-user stats (bsc#1240998).\n- wifi: ath12k: Support pdev error stats (bsc#1240998).\n- wifi: ath12k: add 6 GHz params in peer assoc command (bsc#1240998).\n- wifi: ath12k: add ATH12K_DBG_WOW log level (bsc#1240998).\n- wifi: ath12k: add EMA beacon support (bsc#1240998).\n- wifi: ath12k: add MBSSID beacon support (bsc#1240998).\n- wifi: ath12k: add WoW net-detect functionality (bsc#1240998).\n- wifi: ath12k: add basic WoW functionalities (bsc#1240998).\n- wifi: ath12k: add channel 2 into 6 GHz channel list (bsc#1240998).\n- wifi: ath12k: add hw_link_id in ath12k_pdev (bsc#1240998).\n- wifi: ath12k: add missing lockdep_assert_wiphy() for ath12k_mac_op_ functions (bsc#1240998).\n- wifi: ath12k: add multi device support for WBM idle ring buffer setup (bsc#1240998).\n- wifi: ath12k: add multiple radio support in a single MAC HW un/register (bsc#1240998).\n- wifi: ath12k: add panic handler (bsc#1240998).\n- wifi: ath12k: add support to handle beacon miss for WCN7850 (bsc#1240998).\n- wifi: ath12k: advertise driver capabilities for MBSSID and EMA (bsc#1240998).\n- wifi: ath12k: allocate dummy net_device dynamically (bsc#1240998).\n- wifi: ath12k: ath12k_mac_op_set_key(): fix uninitialized symbol \u0027ret\u0027 (bsc#1240998).\n- wifi: ath12k: ath12k_mac_op_sta_state(): clean up update_wk cancellation (bsc#1240998).\n- wifi: ath12k: ath12k_mac_set_key(): remove exit label (bsc#1240998).\n- wifi: ath12k: avoid double SW2HW_MACID conversion (bsc#1240998).\n- wifi: ath12k: avoid duplicated vdev down (bsc#1240998).\n- wifi: ath12k: avoid redundant code in Rx cookie conversion init (bsc#1240998).\n- wifi: ath12k: avoid stopping mac80211 queues in ath12k_core_restart() (bsc#1240998).\n- wifi: ath12k: avoid unnecessary MSDU drop in the Rx error process (bsc#1240998).\n- wifi: ath12k: change supports_suspend to true for WCN7850 (bsc#1240998).\n- wifi: ath12k: cleanup unneeded labels (bsc#1240998).\n- wifi: ath12k: configure MBSSID parameters in AP mode (bsc#1240998).\n- wifi: ath12k: configure MBSSID params in vdev create/start (bsc#1240998).\n- wifi: ath12k: convert struct ath12k_sta::update_wk to use struct wiphy_work (bsc#1240998).\n- wifi: ath12k: correct the capital word typo (bsc#1240998).\n- wifi: ath12k: create a structure for WMI vdev up parameters (bsc#1240998).\n- wifi: ath12k: debugfs: radar simulation support (bsc#1240998).\n- wifi: ath12k: decrease MHI channel buffer length to 8KB (bsc#1240998).\n- wifi: ath12k: delete NSS and TX power setting for monitor vdev (bsc#1240998).\n- wifi: ath12k: displace the Tx and Rx descriptor in cookie conversion table (bsc#1240998).\n- wifi: ath12k: do not dump SRNG statistics during resume (bsc#1240998).\n- wifi: ath12k: do not process consecutive RDDM event (bsc#1240998).\n- wifi: ath12k: do not use %pK in dmesg format strings (bsc#1240998).\n- wifi: ath12k: dynamic VLAN support (bsc#1240998).\n- wifi: ath12k: dynamically update peer puncturing bitmap for STA (bsc#1240998).\n- wifi: ath12k: enable WIPHY_FLAG_DISABLE_WEXT (bsc#1240998).\n- wifi: ath12k: enable service flag for survey dump stats (bsc#1240998).\n- wifi: ath12k: extend the link capable flag (bsc#1240998).\n- wifi: ath12k: fetch correct radio based on vdev status (bsc#1240998).\n- wifi: ath12k: fix A-MSDU indication in monitor mode (bsc#1240998).\n- wifi: ath12k: fix ACPI warning when resume (bsc#1240998).\n- wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (git-fixes).\n- wifi: ath12k: fix NULL pointer access in ath12k_mac_op_get_survey() (bsc#1240998).\n- wifi: ath12k: fix Smatch warnings on ath12k_core_suspend() (bsc#1240998).\n- wifi: ath12k: fix a possible dead lock caused by ab-\u003ebase_lock (stable-fixes).\n- wifi: ath12k: fix ack signal strength calculation (bsc#1240998).\n- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).\n- wifi: ath12k: fix build vs old compiler (bsc#1240998).\n- wifi: ath12k: fix calling correct function for rx monitor mode (bsc#1240998).\n- wifi: ath12k: fix cleanup path after mhi init (git-fixes).\n- wifi: ath12k: fix desc address calculation in wbm tx completion (bsc#1240998).\n- wifi: ath12k: fix driver initialization for WoW unsupported devices (bsc#1240998).\n- wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes).\n- wifi: ath12k: fix flush failure in recovery scenarios (bsc#1240998).\n- wifi: ath12k: fix hal_rx_buf_return_buf_manager documentation (bsc#1240998).\n- wifi: ath12k: fix incorrect CE addresses (stable-fixes).\n- wifi: ath12k: fix invalid access to memory (git-fixes).\n- wifi: ath12k: fix key cache handling (bsc#1240998).\n- wifi: ath12k: fix legacy peer association due to missing HT or 6 GHz capabilities (bsc#1240998).\n- wifi: ath12k: fix link capable flags (bsc#1240998).\n- wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes).\n- wifi: ath12k: fix mac id extraction when MSDU spillover in rx error path (bsc#1240998).\n- wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes).\n- wifi: ath12k: fix mbssid max interface advertisement (bsc#1240998).\n- wifi: ath12k: fix missing endianness conversion in wmi_vdev_create_cmd() (bsc#1240998).\n- wifi: ath12k: fix misspelling of \u0027dma\u0027 in num_rxmda_per_pdev (bsc#1240998).\n- wifi: ath12k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath12k: fix one more memcpy size error (bsc#1240998).\n- wifi: ath12k: fix per pdev debugfs registration (bsc#1240998).\n- wifi: ath12k: fix reusing outside iterator in ath12k_wow_vif_set_wakeups() (bsc#1240998).\n- wifi: ath12k: fix ring-buffer corruption (git-fixes).\n- wifi: ath12k: fix skb_ext_desc leak in ath12k_dp_tx() error path (bsc#1240998).\n- wifi: ath12k: fix struct hal_rx_mpdu_start (bsc#1240998).\n- wifi: ath12k: fix struct hal_rx_phyrx_rssi_legacy_info (bsc#1240998).\n- wifi: ath12k: fix struct hal_rx_ppdu_end_user_stats (bsc#1240998).\n- wifi: ath12k: fix struct hal_rx_ppdu_start (bsc#1240998).\n- wifi: ath12k: fix survey dump collection in 6 GHz (bsc#1240998).\n- wifi: ath12k: fix the ampdu id fetch in the HAL_RX_MPDU_START TLV (stable-fixes).\n- wifi: ath12k: fix the stack frame size warning in ath12k_mac_op_hw_scan (bsc#1240998).\n- wifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup() (bsc#1240998).\n- wifi: ath12k: fix warning on DMA ring capabilities event (bsc#1240998).\n- wifi: ath12k: flush all packets before suspend (bsc#1240998).\n- wifi: ath12k: handle keepalive during WoWLAN suspend and resume (bsc#1240998).\n- wifi: ath12k: handle symlink cleanup for per pdev debugfs dentry (bsc#1240998).\n- wifi: ath12k: implement WoW enable and wakeup commands (bsc#1240998).\n- wifi: ath12k: implement hardware data filter (bsc#1240998).\n- wifi: ath12k: improve the rx descriptor error information (bsc#1240998).\n- wifi: ath12k: initial debugfs support (bsc#1240998).\n- wifi: ath12k: make read-only array svc_id static const (bsc#1240998).\n- wifi: ath12k: modify ath12k mac start/stop ops for single wiphy (bsc#1240998).\n- wifi: ath12k: modify ath12k_get_arvif_iter() for MLO (bsc#1240998).\n- wifi: ath12k: modify ath12k_mac_op_bss_info_changed() for MLO (bsc#1240998).\n- wifi: ath12k: modify ath12k_mac_op_set_key() for MLO (bsc#1240998).\n- wifi: ath12k: modify ath12k_mac_vif_chan() for MLO (bsc#1240998).\n- wifi: ath12k: modify link arvif creation and removal for MLO (bsc#1240998).\n- wifi: ath12k: modify regulatory support for single wiphy architecture (bsc#1240998).\n- wifi: ath12k: modify remain on channel for single wiphy (bsc#1240998).\n- wifi: ath12k: move txbaddr/rxbaddr into struct ath12k_dp (bsc#1240998).\n- wifi: ath12k: no need to handle pktlog during suspend/resume (bsc#1240998).\n- wifi: ath12k: pass ath12k_link_vif instead of vif/ahvif (bsc#1240998).\n- wifi: ath12k: prepare sta data structure for MLO handling (bsc#1240998).\n- wifi: ath12k: prepare vif config caching for MLO (bsc#1240998).\n- wifi: ath12k: prepare vif data structure for MLO handling (bsc#1240998).\n- wifi: ath12k: read single_chip_mlo_support parameter from QMI PHY capability (bsc#1240998).\n- wifi: ath12k: rearrange IRQ enable/disable in reset path (bsc#1240998).\n- wifi: ath12k: refactor SMPS configuration (bsc#1240998).\n- wifi: ath12k: refactor arvif security parameter configuration (bsc#1240998).\n- wifi: ath12k: refactor ath12k_hw_regs structure (stable-fixes).\n- wifi: ath12k: refactor rx descriptor CMEM configuration (bsc#1240998).\n- wifi: ath12k: remove MHI LOOPBACK channels (bsc#1240998).\n- wifi: ath12k: remove duplicate definition of MAX_RADIOS (bsc#1240998).\n- wifi: ath12k: remove duplicate definitions in wmi.h (bsc#1240998).\n- wifi: ath12k: remove invalid peer create logic (bsc#1240998).\n- wifi: ath12k: remove obsolete struct wmi_start_scan_arg (bsc#1240998).\n- wifi: ath12k: remove redundant peer delete for WCN7850 (bsc#1240998).\n- wifi: ath12k: remove unused variable monitor_flags (bsc#1240998).\n- wifi: ath12k: remove unused variable monitor_present (bsc#1240998).\n- wifi: ath12k: rename MBSSID fields in wmi_vdev_up_cmd (bsc#1240998).\n- wifi: ath12k: restore ASPM for supported hardwares only (bsc#1240998).\n- wifi: ath12k: scan statemachine changes for single wiphy (bsc#1240998).\n- wifi: ath12k: set mlo_capable_flags based on QMI PHY capability (bsc#1240998).\n- wifi: ath12k: skip sending vdev down for channel switch (bsc#1240998).\n- wifi: ath12k: support ARP and NS offload (bsc#1240998).\n- wifi: ath12k: support GTK rekey offload (bsc#1240998).\n- wifi: ath12k: support SMPS configuration for 6 GHz (bsc#1240998).\n- wifi: ath12k: support get_survey mac op for single wiphy (bsc#1240998).\n- wifi: ath12k: support suspend/resume (bsc#1240998).\n- wifi: ath12k: switch to using wiphy_lock() and remove ar-\u003econf_mutex (bsc#1240998).\n- wifi: ath12k: unregister per pdev debugfs (bsc#1240998).\n- wifi: ath12k: update ath12k_mac_op_conf_tx() for MLO (bsc#1240998).\n- wifi: ath12k: update ath12k_mac_op_update_vif_offload() for MLO (bsc#1240998).\n- wifi: ath12k: use 128 bytes aligned iova in transmit path for WCN7850 (bsc#1240998).\n- wifi: ath12k: use correct MAX_RADIOS (bsc#1240998).\n- wifi: ath12k: use tail MSDU to get MSDU information (bsc#1240998).\n- wifi: ath12k: using msdu end descriptor to check for rx multicast packets (stable-fixes).\n- wifi: ath12k: vdev statemachine changes for single wiphy (bsc#1240998).\n- wifi: ath9k: return by of_get_mac_address (stable-fixes).\n- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).\n- wifi: carl9170: do not ping device which has failed to load firmware (git-fixes).\n- wifi: cfg80211: allow IR in 20 MHz configurations (stable-fixes).\n- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).\n- wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes).\n- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).\n- wifi: iwlwifi: do not warn during reprobe (stable-fixes).\n- wifi: iwlwifi: do not warn when if there is a FW error (stable-fixes).\n- wifi: iwlwifi: fix debug actions order (stable-fixes).\n- wifi: iwlwifi: fix the ECKV UEFI variable name (stable-fixes).\n- wifi: iwlwifi: mark Br device not integrated (stable-fixes).\n- wifi: iwlwifi: mvm: fix beacon CCK flag (stable-fixes).\n- wifi: iwlwifi: mvm: fix setting the TK when associated (stable-fixes).\n- wifi: iwlwifi: pcie: make sure to lock rxq-\u003eread (stable-fixes).\n- wifi: iwlwifi: use correct IMR dump variable (stable-fixes).\n- wifi: iwlwifi: w/a FW SMPS mode selection (stable-fixes).\n- wifi: mac80211: VLAN traffic in multicast path (stable-fixes).\n- wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes).\n- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).\n- wifi: mac80211: fix beacon interval calculation overflow (git-fixes).\n- wifi: mac80211: fix warning on disconnect during failed ML reconf (stable-fixes).\n- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).\n- wifi: mac80211: set ieee80211_prep_tx_info::link_id upon Auth Rx (stable-fixes).\n- wifi: mac80211: validate SCAN_FLAG_AP in scan request during MLO (stable-fixes).\n- wifi: mac80211_hwsim: Fix MLD address translation (stable-fixes).\n- wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes).\n- wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes).\n- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).\n- wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes).\n- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).\n- wifi: mt76: mt7925: fix fails to enter low power mode in suspend state (stable-fixes).\n- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).\n- wifi: mt76: mt7925: introduce thermal protection (stable-fixes).\n- wifi: mt76: mt7925: load the appropriate CLC data based on hardware type (stable-fixes).\n- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).\n- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).\n- wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes).\n- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).\n- wifi: mt76: mt7996: revise TXS size (stable-fixes).\n- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).\n- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).\n- wifi: mwifiex: Fix HT40 bandwidth issue (stable-fixes).\n- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).\n- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).\n- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).\n- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).\n- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).\n- wifi: rtw88: fix the \u0027para\u0027 buffer size to avoid reading out of bounds (git-fixes).\n- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).\n- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).\n- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).\n- wifi: rtw89: 8922a: fix TX fail with wrong VCO setting (stable-fixes).\n- wifi: rtw89: 8922a: fix incorrect STA-ID in EHT MU PPDU (stable-fixes).\n- wifi: rtw89: add wiphy_lock() to work that isn\u0027t held wiphy_lock() yet (stable-fixes).\n- wifi: rtw89: call power_on ahead before selecting firmware (stable-fixes).\n- wifi: rtw89: fw: get sb_sel_ver via get_unaligned_le32() (stable-fixes).\n- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).\n- wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes).\n- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).\n- wifi: rtw89: phy: add dummy C2H event handler for report of TAS power (stable-fixes).\n- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (stable-fixes).\n- workqueue: Initialize wq_isolated_cpumask in workqueue_init_early() (bsc#1245101 jsc#PED-11934).\n- x86/acpi: Fix LAPIC/x2APIC parsing order (git-fixes).\n- x86/amd_nb, hwmon: (k10temp): Simplify amd_pci_dev_to_node_id() (jsc#PED-13094).\n- x86/amd_nb: Clean up early_is_amd_nb() (jsc#PED-13094).\n- x86/amd_nb: Move SMN access code to a new amd_node driver (jsc#PED-13094).\n- x86/amd_nb: Restrict init function to AMD-based systems (jsc#PED-13094).\n- x86/amd_nb: Simplify function 4 search (jsc#PED-13094).\n- x86/amd_nb: Simplify root device search (jsc#PED-13094).\n- x86/amd_node: Add SMN offsets to exclusive region access (jsc#PED-13094).\n- x86/amd_node: Add support for debugfs access to SMN registers (jsc#PED-13094).\n- x86/amd_node: Remove dependency on AMD_NB (jsc#PED-13094).\n- x86/amd_node: Update __amd_smn_rw() error paths (jsc#PED-13094).\n- x86/amd_node: Use defines for SMN register offsets (jsc#PED-13094).\n- x86/fred/signal: Prevent immediate repeat of single step trap on return from SIGTRAP handler (git-fixes).\n- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).\n- x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).\n- x86/mce/amd: Remove shared threshold bank plumbing (jsc#PED-13094).\n- x86/microcode/AMD: Add get_patch_level() (git-fixes).\n- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).\n- x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes).\n- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).\n- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).\n- x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes).\n- x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes).\n- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).\n- x86/microcode: Consolidate the loader enablement checking (git-fixes).\n- x86/mm/init: Handle the special case of device private pages in add_pages(), to not increase max_pfn and trigger dma_addressing_limited() bounce buffers (git-fixes).\n- x86/platform/amd: Move the \u0026lt;asm/amd_hsmp.h\u003e header to \u0026lt;asm/amd/hsmp.h\u003e (jsc#PED-13094).\n- x86/sev: Add SVSM vTPM probe/send_command functions (bsc#1241191).\n- x86/sev: Provide guest VMPL level to userspace (bsc#1241191).\n- x86/sev: Register tpm-svsm platform device (bsc#1241191).\n- x86/xen: fix balloon target initialization for PVH dom0 (git-fixes).\n- x86: Start moving AMD node functionality out of AMD_NB (jsc#PED-13094).\n- xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)\n- xen/x86: fix initial memory balloon target (git-fixes).\n- xhci: dbc: Avoid event polling busyloop if pending rx transfers are inactive (git-fixes).\n- xsk: always clear DMA mapping information when unmapping the pool (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2333,SUSE-SLE-Module-Live-Patching-15-SP7-2025-2333,SUSE-SLE-Module-RT-15-SP7-2025-2333",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02333-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02333-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502333-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02333-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040738.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1210025",
"url": "https://bugzilla.suse.com/1210025"
},
{
"category": "self",
"summary": "SUSE Bug 1211226",
"url": "https://bugzilla.suse.com/1211226"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1218184",
"url": "https://bugzilla.suse.com/1218184"
},
{
"category": "self",
"summary": "SUSE Bug 1220112",
"url": "https://bugzilla.suse.com/1220112"
},
{
"category": "self",
"summary": "SUSE Bug 1223008",
"url": "https://bugzilla.suse.com/1223008"
},
{
"category": "self",
"summary": "SUSE Bug 1226498",
"url": "https://bugzilla.suse.com/1226498"
},
{
"category": "self",
"summary": "SUSE Bug 1228478",
"url": "https://bugzilla.suse.com/1228478"
},
{
"category": "self",
"summary": "SUSE Bug 1228557",
"url": "https://bugzilla.suse.com/1228557"
},
{
"category": "self",
"summary": "SUSE Bug 1228854",
"url": "https://bugzilla.suse.com/1228854"
},
{
"category": "self",
"summary": "SUSE Bug 1229491",
"url": "https://bugzilla.suse.com/1229491"
},
{
"category": "self",
"summary": "SUSE Bug 1230337",
"url": "https://bugzilla.suse.com/1230337"
},
{
"category": "self",
"summary": "SUSE Bug 1231913",
"url": "https://bugzilla.suse.com/1231913"
},
{
"category": "self",
"summary": "SUSE Bug 1232504",
"url": "https://bugzilla.suse.com/1232504"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1233482",
"url": "https://bugzilla.suse.com/1233482"
},
{
"category": "self",
"summary": "SUSE Bug 1235064",
"url": "https://bugzilla.suse.com/1235064"
},
{
"category": "self",
"summary": "SUSE Bug 1235490",
"url": "https://bugzilla.suse.com/1235490"
},
{
"category": "self",
"summary": "SUSE Bug 1235728",
"url": "https://bugzilla.suse.com/1235728"
},
{
"category": "self",
"summary": "SUSE Bug 1235968",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1237200",
"url": "https://bugzilla.suse.com/1237200"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1237887",
"url": "https://bugzilla.suse.com/1237887"
},
{
"category": "self",
"summary": "SUSE Bug 1237895",
"url": "https://bugzilla.suse.com/1237895"
},
{
"category": "self",
"summary": "SUSE Bug 1237905",
"url": "https://bugzilla.suse.com/1237905"
},
{
"category": "self",
"summary": "SUSE Bug 1237910",
"url": "https://bugzilla.suse.com/1237910"
},
{
"category": "self",
"summary": "SUSE Bug 1237913",
"url": "https://bugzilla.suse.com/1237913"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238478",
"url": "https://bugzilla.suse.com/1238478"
},
{
"category": "self",
"summary": "SUSE Bug 1238495",
"url": "https://bugzilla.suse.com/1238495"
},
{
"category": "self",
"summary": "SUSE Bug 1238508",
"url": "https://bugzilla.suse.com/1238508"
},
{
"category": "self",
"summary": "SUSE Bug 1238741",
"url": "https://bugzilla.suse.com/1238741"
},
{
"category": "self",
"summary": "SUSE Bug 1238859",
"url": "https://bugzilla.suse.com/1238859"
},
{
"category": "self",
"summary": "SUSE Bug 1238965",
"url": "https://bugzilla.suse.com/1238965"
},
{
"category": "self",
"summary": "SUSE Bug 1238982",
"url": "https://bugzilla.suse.com/1238982"
},
{
"category": "self",
"summary": "SUSE Bug 1238995",
"url": "https://bugzilla.suse.com/1238995"
},
{
"category": "self",
"summary": "SUSE Bug 1239063",
"url": "https://bugzilla.suse.com/1239063"
},
{
"category": "self",
"summary": "SUSE Bug 1239090",
"url": "https://bugzilla.suse.com/1239090"
},
{
"category": "self",
"summary": "SUSE Bug 1239485",
"url": "https://bugzilla.suse.com/1239485"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1240170",
"url": "https://bugzilla.suse.com/1240170"
},
{
"category": "self",
"summary": "SUSE Bug 1240180",
"url": "https://bugzilla.suse.com/1240180"
},
{
"category": "self",
"summary": "SUSE Bug 1240577",
"url": "https://bugzilla.suse.com/1240577"
},
{
"category": "self",
"summary": "SUSE Bug 1240579",
"url": "https://bugzilla.suse.com/1240579"
},
{
"category": "self",
"summary": "SUSE Bug 1240589",
"url": "https://bugzilla.suse.com/1240589"
},
{
"category": "self",
"summary": "SUSE Bug 1240610",
"url": "https://bugzilla.suse.com/1240610"
},
{
"category": "self",
"summary": "SUSE Bug 1240650",
"url": "https://bugzilla.suse.com/1240650"
},
{
"category": "self",
"summary": "SUSE Bug 1240686",
"url": "https://bugzilla.suse.com/1240686"
},
{
"category": "self",
"summary": "SUSE Bug 1240696",
"url": "https://bugzilla.suse.com/1240696"
},
{
"category": "self",
"summary": "SUSE Bug 1240702",
"url": "https://bugzilla.suse.com/1240702"
},
{
"category": "self",
"summary": "SUSE Bug 1240710",
"url": "https://bugzilla.suse.com/1240710"
},
{
"category": "self",
"summary": "SUSE Bug 1240723",
"url": "https://bugzilla.suse.com/1240723"
},
{
"category": "self",
"summary": "SUSE Bug 1240798",
"url": "https://bugzilla.suse.com/1240798"
},
{
"category": "self",
"summary": "SUSE Bug 1240814",
"url": "https://bugzilla.suse.com/1240814"
},
{
"category": "self",
"summary": "SUSE Bug 1240823",
"url": "https://bugzilla.suse.com/1240823"
},
{
"category": "self",
"summary": "SUSE Bug 1240866",
"url": "https://bugzilla.suse.com/1240866"
},
{
"category": "self",
"summary": "SUSE Bug 1240998",
"url": "https://bugzilla.suse.com/1240998"
},
{
"category": "self",
"summary": "SUSE Bug 1241166",
"url": "https://bugzilla.suse.com/1241166"
},
{
"category": "self",
"summary": "SUSE Bug 1241191",
"url": "https://bugzilla.suse.com/1241191"
},
{
"category": "self",
"summary": "SUSE Bug 1241278",
"url": "https://bugzilla.suse.com/1241278"
},
{
"category": "self",
"summary": "SUSE Bug 1241298",
"url": "https://bugzilla.suse.com/1241298"
},
{
"category": "self",
"summary": "SUSE Bug 1241340",
"url": "https://bugzilla.suse.com/1241340"
},
{
"category": "self",
"summary": "SUSE Bug 1241388",
"url": "https://bugzilla.suse.com/1241388"
},
{
"category": "self",
"summary": "SUSE Bug 1241414",
"url": "https://bugzilla.suse.com/1241414"
},
{
"category": "self",
"summary": "SUSE Bug 1241457",
"url": "https://bugzilla.suse.com/1241457"
},
{
"category": "self",
"summary": "SUSE Bug 1241492",
"url": "https://bugzilla.suse.com/1241492"
},
{
"category": "self",
"summary": "SUSE Bug 1241519",
"url": "https://bugzilla.suse.com/1241519"
},
{
"category": "self",
"summary": "SUSE Bug 1241538",
"url": "https://bugzilla.suse.com/1241538"
},
{
"category": "self",
"summary": "SUSE Bug 1241544",
"url": "https://bugzilla.suse.com/1241544"
},
{
"category": "self",
"summary": "SUSE Bug 1241572",
"url": "https://bugzilla.suse.com/1241572"
},
{
"category": "self",
"summary": "SUSE Bug 1241576",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "self",
"summary": "SUSE Bug 1241590",
"url": "https://bugzilla.suse.com/1241590"
},
{
"category": "self",
"summary": "SUSE Bug 1241592",
"url": "https://bugzilla.suse.com/1241592"
},
{
"category": "self",
"summary": "SUSE Bug 1241595",
"url": "https://bugzilla.suse.com/1241595"
},
{
"category": "self",
"summary": "SUSE Bug 1241617",
"url": "https://bugzilla.suse.com/1241617"
},
{
"category": "self",
"summary": "SUSE Bug 1241625",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "self",
"summary": "SUSE Bug 1241635",
"url": "https://bugzilla.suse.com/1241635"
},
{
"category": "self",
"summary": "SUSE Bug 1241644",
"url": "https://bugzilla.suse.com/1241644"
},
{
"category": "self",
"summary": "SUSE Bug 1241654",
"url": "https://bugzilla.suse.com/1241654"
},
{
"category": "self",
"summary": "SUSE Bug 1241689",
"url": "https://bugzilla.suse.com/1241689"
},
{
"category": "self",
"summary": "SUSE Bug 1242035",
"url": "https://bugzilla.suse.com/1242035"
},
{
"category": "self",
"summary": "SUSE Bug 1242044",
"url": "https://bugzilla.suse.com/1242044"
},
{
"category": "self",
"summary": "SUSE Bug 1242086",
"url": "https://bugzilla.suse.com/1242086"
},
{
"category": "self",
"summary": "SUSE Bug 1242163",
"url": "https://bugzilla.suse.com/1242163"
},
{
"category": "self",
"summary": "SUSE Bug 1242343",
"url": "https://bugzilla.suse.com/1242343"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242501",
"url": "https://bugzilla.suse.com/1242501"
},
{
"category": "self",
"summary": "SUSE Bug 1242504",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "self",
"summary": "SUSE Bug 1242508",
"url": "https://bugzilla.suse.com/1242508"
},
{
"category": "self",
"summary": "SUSE Bug 1242512",
"url": "https://bugzilla.suse.com/1242512"
},
{
"category": "self",
"summary": "SUSE Bug 1242514",
"url": "https://bugzilla.suse.com/1242514"
},
{
"category": "self",
"summary": "SUSE Bug 1242515",
"url": "https://bugzilla.suse.com/1242515"
},
{
"category": "self",
"summary": "SUSE Bug 1242520",
"url": "https://bugzilla.suse.com/1242520"
},
{
"category": "self",
"summary": "SUSE Bug 1242521",
"url": "https://bugzilla.suse.com/1242521"
},
{
"category": "self",
"summary": "SUSE Bug 1242524",
"url": "https://bugzilla.suse.com/1242524"
},
{
"category": "self",
"summary": "SUSE Bug 1242529",
"url": "https://bugzilla.suse.com/1242529"
},
{
"category": "self",
"summary": "SUSE Bug 1242530",
"url": "https://bugzilla.suse.com/1242530"
},
{
"category": "self",
"summary": "SUSE Bug 1242531",
"url": "https://bugzilla.suse.com/1242531"
},
{
"category": "self",
"summary": "SUSE Bug 1242532",
"url": "https://bugzilla.suse.com/1242532"
},
{
"category": "self",
"summary": "SUSE Bug 1242556",
"url": "https://bugzilla.suse.com/1242556"
},
{
"category": "self",
"summary": "SUSE Bug 1242559",
"url": "https://bugzilla.suse.com/1242559"
},
{
"category": "self",
"summary": "SUSE Bug 1242563",
"url": "https://bugzilla.suse.com/1242563"
},
{
"category": "self",
"summary": "SUSE Bug 1242564",
"url": "https://bugzilla.suse.com/1242564"
},
{
"category": "self",
"summary": "SUSE Bug 1242565",
"url": "https://bugzilla.suse.com/1242565"
},
{
"category": "self",
"summary": "SUSE Bug 1242566",
"url": "https://bugzilla.suse.com/1242566"
},
{
"category": "self",
"summary": "SUSE Bug 1242567",
"url": "https://bugzilla.suse.com/1242567"
},
{
"category": "self",
"summary": "SUSE Bug 1242568",
"url": "https://bugzilla.suse.com/1242568"
},
{
"category": "self",
"summary": "SUSE Bug 1242569",
"url": "https://bugzilla.suse.com/1242569"
},
{
"category": "self",
"summary": "SUSE Bug 1242573",
"url": "https://bugzilla.suse.com/1242573"
},
{
"category": "self",
"summary": "SUSE Bug 1242574",
"url": "https://bugzilla.suse.com/1242574"
},
{
"category": "self",
"summary": "SUSE Bug 1242575",
"url": "https://bugzilla.suse.com/1242575"
},
{
"category": "self",
"summary": "SUSE Bug 1242577",
"url": "https://bugzilla.suse.com/1242577"
},
{
"category": "self",
"summary": "SUSE Bug 1242578",
"url": "https://bugzilla.suse.com/1242578"
},
{
"category": "self",
"summary": "SUSE Bug 1242584",
"url": "https://bugzilla.suse.com/1242584"
},
{
"category": "self",
"summary": "SUSE Bug 1242587",
"url": "https://bugzilla.suse.com/1242587"
},
{
"category": "self",
"summary": "SUSE Bug 1242591",
"url": "https://bugzilla.suse.com/1242591"
},
{
"category": "self",
"summary": "SUSE Bug 1242709",
"url": "https://bugzilla.suse.com/1242709"
},
{
"category": "self",
"summary": "SUSE Bug 1242724",
"url": "https://bugzilla.suse.com/1242724"
},
{
"category": "self",
"summary": "SUSE Bug 1242725",
"url": "https://bugzilla.suse.com/1242725"
},
{
"category": "self",
"summary": "SUSE Bug 1242727",
"url": "https://bugzilla.suse.com/1242727"
},
{
"category": "self",
"summary": "SUSE Bug 1242729",
"url": "https://bugzilla.suse.com/1242729"
},
{
"category": "self",
"summary": "SUSE Bug 1242758",
"url": "https://bugzilla.suse.com/1242758"
},
{
"category": "self",
"summary": "SUSE Bug 1242760",
"url": "https://bugzilla.suse.com/1242760"
},
{
"category": "self",
"summary": "SUSE Bug 1242761",
"url": "https://bugzilla.suse.com/1242761"
},
{
"category": "self",
"summary": "SUSE Bug 1242764",
"url": "https://bugzilla.suse.com/1242764"
},
{
"category": "self",
"summary": "SUSE Bug 1242766",
"url": "https://bugzilla.suse.com/1242766"
},
{
"category": "self",
"summary": "SUSE Bug 1242770",
"url": "https://bugzilla.suse.com/1242770"
},
{
"category": "self",
"summary": "SUSE Bug 1242781",
"url": "https://bugzilla.suse.com/1242781"
},
{
"category": "self",
"summary": "SUSE Bug 1242782",
"url": "https://bugzilla.suse.com/1242782"
},
{
"category": "self",
"summary": "SUSE Bug 1242785",
"url": "https://bugzilla.suse.com/1242785"
},
{
"category": "self",
"summary": "SUSE Bug 1242792",
"url": "https://bugzilla.suse.com/1242792"
},
{
"category": "self",
"summary": "SUSE Bug 1242834",
"url": "https://bugzilla.suse.com/1242834"
},
{
"category": "self",
"summary": "SUSE Bug 1242846",
"url": "https://bugzilla.suse.com/1242846"
},
{
"category": "self",
"summary": "SUSE Bug 1242849",
"url": "https://bugzilla.suse.com/1242849"
},
{
"category": "self",
"summary": "SUSE Bug 1242850",
"url": "https://bugzilla.suse.com/1242850"
},
{
"category": "self",
"summary": "SUSE Bug 1242863",
"url": "https://bugzilla.suse.com/1242863"
},
{
"category": "self",
"summary": "SUSE Bug 1242865",
"url": "https://bugzilla.suse.com/1242865"
},
{
"category": "self",
"summary": "SUSE Bug 1242871",
"url": "https://bugzilla.suse.com/1242871"
},
{
"category": "self",
"summary": "SUSE Bug 1242873",
"url": "https://bugzilla.suse.com/1242873"
},
{
"category": "self",
"summary": "SUSE Bug 1242906",
"url": "https://bugzilla.suse.com/1242906"
},
{
"category": "self",
"summary": "SUSE Bug 1242907",
"url": "https://bugzilla.suse.com/1242907"
},
{
"category": "self",
"summary": "SUSE Bug 1242908",
"url": "https://bugzilla.suse.com/1242908"
},
{
"category": "self",
"summary": "SUSE Bug 1242909",
"url": "https://bugzilla.suse.com/1242909"
},
{
"category": "self",
"summary": "SUSE Bug 1242930",
"url": "https://bugzilla.suse.com/1242930"
},
{
"category": "self",
"summary": "SUSE Bug 1242940",
"url": "https://bugzilla.suse.com/1242940"
},
{
"category": "self",
"summary": "SUSE Bug 1242943",
"url": "https://bugzilla.suse.com/1242943"
},
{
"category": "self",
"summary": "SUSE Bug 1242945",
"url": "https://bugzilla.suse.com/1242945"
},
{
"category": "self",
"summary": "SUSE Bug 1242946",
"url": "https://bugzilla.suse.com/1242946"
},
{
"category": "self",
"summary": "SUSE Bug 1242947",
"url": "https://bugzilla.suse.com/1242947"
},
{
"category": "self",
"summary": "SUSE Bug 1242948",
"url": "https://bugzilla.suse.com/1242948"
},
{
"category": "self",
"summary": "SUSE Bug 1242949",
"url": "https://bugzilla.suse.com/1242949"
},
{
"category": "self",
"summary": "SUSE Bug 1242952",
"url": "https://bugzilla.suse.com/1242952"
},
{
"category": "self",
"summary": "SUSE Bug 1242953",
"url": "https://bugzilla.suse.com/1242953"
},
{
"category": "self",
"summary": "SUSE Bug 1242954",
"url": "https://bugzilla.suse.com/1242954"
},
{
"category": "self",
"summary": "SUSE Bug 1242955",
"url": "https://bugzilla.suse.com/1242955"
},
{
"category": "self",
"summary": "SUSE Bug 1242957",
"url": "https://bugzilla.suse.com/1242957"
},
{
"category": "self",
"summary": "SUSE Bug 1242959",
"url": "https://bugzilla.suse.com/1242959"
},
{
"category": "self",
"summary": "SUSE Bug 1242961",
"url": "https://bugzilla.suse.com/1242961"
},
{
"category": "self",
"summary": "SUSE Bug 1242964",
"url": "https://bugzilla.suse.com/1242964"
},
{
"category": "self",
"summary": "SUSE Bug 1242966",
"url": "https://bugzilla.suse.com/1242966"
},
{
"category": "self",
"summary": "SUSE Bug 1242967",
"url": "https://bugzilla.suse.com/1242967"
},
{
"category": "self",
"summary": "SUSE Bug 1242973",
"url": "https://bugzilla.suse.com/1242973"
},
{
"category": "self",
"summary": "SUSE Bug 1242974",
"url": "https://bugzilla.suse.com/1242974"
},
{
"category": "self",
"summary": "SUSE Bug 1242977",
"url": "https://bugzilla.suse.com/1242977"
},
{
"category": "self",
"summary": "SUSE Bug 1242982",
"url": "https://bugzilla.suse.com/1242982"
},
{
"category": "self",
"summary": "SUSE Bug 1242990",
"url": "https://bugzilla.suse.com/1242990"
},
{
"category": "self",
"summary": "SUSE Bug 1243000",
"url": "https://bugzilla.suse.com/1243000"
},
{
"category": "self",
"summary": "SUSE Bug 1243006",
"url": "https://bugzilla.suse.com/1243006"
},
{
"category": "self",
"summary": "SUSE Bug 1243011",
"url": "https://bugzilla.suse.com/1243011"
},
{
"category": "self",
"summary": "SUSE Bug 1243015",
"url": "https://bugzilla.suse.com/1243015"
},
{
"category": "self",
"summary": "SUSE Bug 1243049",
"url": "https://bugzilla.suse.com/1243049"
},
{
"category": "self",
"summary": "SUSE Bug 1243051",
"url": "https://bugzilla.suse.com/1243051"
},
{
"category": "self",
"summary": "SUSE Bug 1243055",
"url": "https://bugzilla.suse.com/1243055"
},
{
"category": "self",
"summary": "SUSE Bug 1243060",
"url": "https://bugzilla.suse.com/1243060"
},
{
"category": "self",
"summary": "SUSE Bug 1243074",
"url": "https://bugzilla.suse.com/1243074"
},
{
"category": "self",
"summary": "SUSE Bug 1243076",
"url": "https://bugzilla.suse.com/1243076"
},
{
"category": "self",
"summary": "SUSE Bug 1243082",
"url": "https://bugzilla.suse.com/1243082"
},
{
"category": "self",
"summary": "SUSE Bug 1243330",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243456",
"url": "https://bugzilla.suse.com/1243456"
},
{
"category": "self",
"summary": "SUSE Bug 1243467",
"url": "https://bugzilla.suse.com/1243467"
},
{
"category": "self",
"summary": "SUSE Bug 1243469",
"url": "https://bugzilla.suse.com/1243469"
},
{
"category": "self",
"summary": "SUSE Bug 1243470",
"url": "https://bugzilla.suse.com/1243470"
},
{
"category": "self",
"summary": "SUSE Bug 1243471",
"url": "https://bugzilla.suse.com/1243471"
},
{
"category": "self",
"summary": "SUSE Bug 1243472",
"url": "https://bugzilla.suse.com/1243472"
},
{
"category": "self",
"summary": "SUSE Bug 1243473",
"url": "https://bugzilla.suse.com/1243473"
},
{
"category": "self",
"summary": "SUSE Bug 1243475",
"url": "https://bugzilla.suse.com/1243475"
},
{
"category": "self",
"summary": "SUSE Bug 1243476",
"url": "https://bugzilla.suse.com/1243476"
},
{
"category": "self",
"summary": "SUSE Bug 1243480",
"url": "https://bugzilla.suse.com/1243480"
},
{
"category": "self",
"summary": "SUSE Bug 1243506",
"url": "https://bugzilla.suse.com/1243506"
},
{
"category": "self",
"summary": "SUSE Bug 1243509",
"url": "https://bugzilla.suse.com/1243509"
},
{
"category": "self",
"summary": "SUSE Bug 1243511",
"url": "https://bugzilla.suse.com/1243511"
},
{
"category": "self",
"summary": "SUSE Bug 1243514",
"url": "https://bugzilla.suse.com/1243514"
},
{
"category": "self",
"summary": "SUSE Bug 1243515",
"url": "https://bugzilla.suse.com/1243515"
},
{
"category": "self",
"summary": "SUSE Bug 1243516",
"url": "https://bugzilla.suse.com/1243516"
},
{
"category": "self",
"summary": "SUSE Bug 1243517",
"url": "https://bugzilla.suse.com/1243517"
},
{
"category": "self",
"summary": "SUSE Bug 1243522",
"url": "https://bugzilla.suse.com/1243522"
},
{
"category": "self",
"summary": "SUSE Bug 1243523",
"url": "https://bugzilla.suse.com/1243523"
},
{
"category": "self",
"summary": "SUSE Bug 1243524",
"url": "https://bugzilla.suse.com/1243524"
},
{
"category": "self",
"summary": "SUSE Bug 1243528",
"url": "https://bugzilla.suse.com/1243528"
},
{
"category": "self",
"summary": "SUSE Bug 1243529",
"url": "https://bugzilla.suse.com/1243529"
},
{
"category": "self",
"summary": "SUSE Bug 1243530",
"url": "https://bugzilla.suse.com/1243530"
},
{
"category": "self",
"summary": "SUSE Bug 1243534",
"url": "https://bugzilla.suse.com/1243534"
},
{
"category": "self",
"summary": "SUSE Bug 1243536",
"url": "https://bugzilla.suse.com/1243536"
},
{
"category": "self",
"summary": "SUSE Bug 1243537",
"url": "https://bugzilla.suse.com/1243537"
},
{
"category": "self",
"summary": "SUSE Bug 1243538",
"url": "https://bugzilla.suse.com/1243538"
},
{
"category": "self",
"summary": "SUSE Bug 1243540",
"url": "https://bugzilla.suse.com/1243540"
},
{
"category": "self",
"summary": "SUSE Bug 1243542",
"url": "https://bugzilla.suse.com/1243542"
},
{
"category": "self",
"summary": "SUSE Bug 1243543",
"url": "https://bugzilla.suse.com/1243543"
},
{
"category": "self",
"summary": "SUSE Bug 1243544",
"url": "https://bugzilla.suse.com/1243544"
},
{
"category": "self",
"summary": "SUSE Bug 1243545",
"url": "https://bugzilla.suse.com/1243545"
},
{
"category": "self",
"summary": "SUSE Bug 1243548",
"url": "https://bugzilla.suse.com/1243548"
},
{
"category": "self",
"summary": "SUSE Bug 1243551",
"url": "https://bugzilla.suse.com/1243551"
},
{
"category": "self",
"summary": "SUSE Bug 1243559",
"url": "https://bugzilla.suse.com/1243559"
},
{
"category": "self",
"summary": "SUSE Bug 1243560",
"url": "https://bugzilla.suse.com/1243560"
},
{
"category": "self",
"summary": "SUSE Bug 1243562",
"url": "https://bugzilla.suse.com/1243562"
},
{
"category": "self",
"summary": "SUSE Bug 1243567",
"url": "https://bugzilla.suse.com/1243567"
},
{
"category": "self",
"summary": "SUSE Bug 1243571",
"url": "https://bugzilla.suse.com/1243571"
},
{
"category": "self",
"summary": "SUSE Bug 1243572",
"url": "https://bugzilla.suse.com/1243572"
},
{
"category": "self",
"summary": "SUSE Bug 1243573",
"url": "https://bugzilla.suse.com/1243573"
},
{
"category": "self",
"summary": "SUSE Bug 1243574",
"url": "https://bugzilla.suse.com/1243574"
},
{
"category": "self",
"summary": "SUSE Bug 1243575",
"url": "https://bugzilla.suse.com/1243575"
},
{
"category": "self",
"summary": "SUSE Bug 1243589",
"url": "https://bugzilla.suse.com/1243589"
},
{
"category": "self",
"summary": "SUSE Bug 1243620",
"url": "https://bugzilla.suse.com/1243620"
},
{
"category": "self",
"summary": "SUSE Bug 1243621",
"url": "https://bugzilla.suse.com/1243621"
},
{
"category": "self",
"summary": "SUSE Bug 1243624",
"url": "https://bugzilla.suse.com/1243624"
},
{
"category": "self",
"summary": "SUSE Bug 1243625",
"url": "https://bugzilla.suse.com/1243625"
},
{
"category": "self",
"summary": "SUSE Bug 1243626",
"url": "https://bugzilla.suse.com/1243626"
},
{
"category": "self",
"summary": "SUSE Bug 1243627",
"url": "https://bugzilla.suse.com/1243627"
},
{
"category": "self",
"summary": "SUSE Bug 1243628",
"url": "https://bugzilla.suse.com/1243628"
},
{
"category": "self",
"summary": "SUSE Bug 1243649",
"url": "https://bugzilla.suse.com/1243649"
},
{
"category": "self",
"summary": "SUSE Bug 1243659",
"url": "https://bugzilla.suse.com/1243659"
},
{
"category": "self",
"summary": "SUSE Bug 1243660",
"url": "https://bugzilla.suse.com/1243660"
},
{
"category": "self",
"summary": "SUSE Bug 1243664",
"url": "https://bugzilla.suse.com/1243664"
},
{
"category": "self",
"summary": "SUSE Bug 1243698",
"url": "https://bugzilla.suse.com/1243698"
},
{
"category": "self",
"summary": "SUSE Bug 1243774",
"url": "https://bugzilla.suse.com/1243774"
},
{
"category": "self",
"summary": "SUSE Bug 1243782",
"url": "https://bugzilla.suse.com/1243782"
},
{
"category": "self",
"summary": "SUSE Bug 1243823",
"url": "https://bugzilla.suse.com/1243823"
},
{
"category": "self",
"summary": "SUSE Bug 1243827",
"url": "https://bugzilla.suse.com/1243827"
},
{
"category": "self",
"summary": "SUSE Bug 1243832",
"url": "https://bugzilla.suse.com/1243832"
},
{
"category": "self",
"summary": "SUSE Bug 1243836",
"url": "https://bugzilla.suse.com/1243836"
},
{
"category": "self",
"summary": "SUSE Bug 1243847",
"url": "https://bugzilla.suse.com/1243847"
},
{
"category": "self",
"summary": "SUSE Bug 1244100",
"url": "https://bugzilla.suse.com/1244100"
},
{
"category": "self",
"summary": "SUSE Bug 1244145",
"url": "https://bugzilla.suse.com/1244145"
},
{
"category": "self",
"summary": "SUSE Bug 1244172",
"url": "https://bugzilla.suse.com/1244172"
},
{
"category": "self",
"summary": "SUSE Bug 1244174",
"url": "https://bugzilla.suse.com/1244174"
},
{
"category": "self",
"summary": "SUSE Bug 1244176",
"url": "https://bugzilla.suse.com/1244176"
},
{
"category": "self",
"summary": "SUSE Bug 1244229",
"url": "https://bugzilla.suse.com/1244229"
},
{
"category": "self",
"summary": "SUSE Bug 1244234",
"url": "https://bugzilla.suse.com/1244234"
},
{
"category": "self",
"summary": "SUSE Bug 1244241",
"url": "https://bugzilla.suse.com/1244241"
},
{
"category": "self",
"summary": "SUSE Bug 1244261",
"url": "https://bugzilla.suse.com/1244261"
},
{
"category": "self",
"summary": "SUSE Bug 1244274",
"url": "https://bugzilla.suse.com/1244274"
},
{
"category": "self",
"summary": "SUSE Bug 1244275",
"url": "https://bugzilla.suse.com/1244275"
},
{
"category": "self",
"summary": "SUSE Bug 1244277",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "self",
"summary": "SUSE Bug 1244309",
"url": "https://bugzilla.suse.com/1244309"
},
{
"category": "self",
"summary": "SUSE Bug 1244313",
"url": "https://bugzilla.suse.com/1244313"
},
{
"category": "self",
"summary": "SUSE Bug 1244337",
"url": "https://bugzilla.suse.com/1244337"
},
{
"category": "self",
"summary": "SUSE Bug 1244626",
"url": "https://bugzilla.suse.com/1244626"
},
{
"category": "self",
"summary": "SUSE Bug 1244725",
"url": "https://bugzilla.suse.com/1244725"
},
{
"category": "self",
"summary": "SUSE Bug 1244727",
"url": "https://bugzilla.suse.com/1244727"
},
{
"category": "self",
"summary": "SUSE Bug 1244729",
"url": "https://bugzilla.suse.com/1244729"
},
{
"category": "self",
"summary": "SUSE Bug 1244731",
"url": "https://bugzilla.suse.com/1244731"
},
{
"category": "self",
"summary": "SUSE Bug 1244732",
"url": "https://bugzilla.suse.com/1244732"
},
{
"category": "self",
"summary": "SUSE Bug 1244736",
"url": "https://bugzilla.suse.com/1244736"
},
{
"category": "self",
"summary": "SUSE Bug 1244737",
"url": "https://bugzilla.suse.com/1244737"
},
{
"category": "self",
"summary": "SUSE Bug 1244738",
"url": "https://bugzilla.suse.com/1244738"
},
{
"category": "self",
"summary": "SUSE Bug 1244739",
"url": "https://bugzilla.suse.com/1244739"
},
{
"category": "self",
"summary": "SUSE Bug 1244743",
"url": "https://bugzilla.suse.com/1244743"
},
{
"category": "self",
"summary": "SUSE Bug 1244746",
"url": "https://bugzilla.suse.com/1244746"
},
{
"category": "self",
"summary": "SUSE Bug 1244747",
"url": "https://bugzilla.suse.com/1244747"
},
{
"category": "self",
"summary": "SUSE Bug 1244759",
"url": "https://bugzilla.suse.com/1244759"
},
{
"category": "self",
"summary": "SUSE Bug 1244789",
"url": "https://bugzilla.suse.com/1244789"
},
{
"category": "self",
"summary": "SUSE Bug 1244862",
"url": "https://bugzilla.suse.com/1244862"
},
{
"category": "self",
"summary": "SUSE Bug 1244906",
"url": "https://bugzilla.suse.com/1244906"
},
{
"category": "self",
"summary": "SUSE Bug 1244938",
"url": "https://bugzilla.suse.com/1244938"
},
{
"category": "self",
"summary": "SUSE Bug 1244995",
"url": "https://bugzilla.suse.com/1244995"
},
{
"category": "self",
"summary": "SUSE Bug 1244996",
"url": "https://bugzilla.suse.com/1244996"
},
{
"category": "self",
"summary": "SUSE Bug 1244999",
"url": "https://bugzilla.suse.com/1244999"
},
{
"category": "self",
"summary": "SUSE Bug 1245001",
"url": "https://bugzilla.suse.com/1245001"
},
{
"category": "self",
"summary": "SUSE Bug 1245003",
"url": "https://bugzilla.suse.com/1245003"
},
{
"category": "self",
"summary": "SUSE Bug 1245004",
"url": "https://bugzilla.suse.com/1245004"
},
{
"category": "self",
"summary": "SUSE Bug 1245025",
"url": "https://bugzilla.suse.com/1245025"
},
{
"category": "self",
"summary": "SUSE Bug 1245042",
"url": "https://bugzilla.suse.com/1245042"
},
{
"category": "self",
"summary": "SUSE Bug 1245046",
"url": "https://bugzilla.suse.com/1245046"
},
{
"category": "self",
"summary": "SUSE Bug 1245078",
"url": "https://bugzilla.suse.com/1245078"
},
{
"category": "self",
"summary": "SUSE Bug 1245081",
"url": "https://bugzilla.suse.com/1245081"
},
{
"category": "self",
"summary": "SUSE Bug 1245082",
"url": "https://bugzilla.suse.com/1245082"
},
{
"category": "self",
"summary": "SUSE Bug 1245083",
"url": "https://bugzilla.suse.com/1245083"
},
{
"category": "self",
"summary": "SUSE Bug 1245101",
"url": "https://bugzilla.suse.com/1245101"
},
{
"category": "self",
"summary": "SUSE Bug 1245155",
"url": "https://bugzilla.suse.com/1245155"
},
{
"category": "self",
"summary": "SUSE Bug 1245183",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "self",
"summary": "SUSE Bug 1245193",
"url": "https://bugzilla.suse.com/1245193"
},
{
"category": "self",
"summary": "SUSE Bug 1245210",
"url": "https://bugzilla.suse.com/1245210"
},
{
"category": "self",
"summary": "SUSE Bug 1245217",
"url": "https://bugzilla.suse.com/1245217"
},
{
"category": "self",
"summary": "SUSE Bug 1245225",
"url": "https://bugzilla.suse.com/1245225"
},
{
"category": "self",
"summary": "SUSE Bug 1245226",
"url": "https://bugzilla.suse.com/1245226"
},
{
"category": "self",
"summary": "SUSE Bug 1245228",
"url": "https://bugzilla.suse.com/1245228"
},
{
"category": "self",
"summary": "SUSE Bug 1245431",
"url": "https://bugzilla.suse.com/1245431"
},
{
"category": "self",
"summary": "SUSE Bug 1245455",
"url": "https://bugzilla.suse.com/1245455"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52888 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53146 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26762 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26831 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49568 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50034 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50293 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50293/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56541 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56613 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56699 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57982 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57987 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57988 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57995 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58004 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58015 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58053 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58062 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58077 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58098 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58100 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21629 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21658 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21713 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21720 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21805 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21849 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21880 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21898 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21899 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21901 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21920 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21920/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21938 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21939 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21939/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21940 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21987 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22023 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22035 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22083 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22089 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22095 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22111 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22113 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22113/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22120 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22124 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23147 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23148 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23151 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23155 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23157 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23158 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23159 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23161 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23162 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37740 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37756 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37757 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37761 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37763 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37769 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37771 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37786 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37788 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37791 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37800 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37801 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37805 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37811 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37813 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37837 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37841 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37847 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37848 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37849 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37851 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37859 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37861 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37867 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37874 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37884 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37888 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37897 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37900 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37901 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37903 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37909 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37917 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37921 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37923 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37927 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37929 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37933 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37934 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37936 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37938 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37944 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37945 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37946 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37954 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37961 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37965 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37967 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37968 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37980 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37981 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37982 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37983 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37986 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37987 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37989 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37990 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37992 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37994 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37995 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37998 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38000 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38001 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38003 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38004 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38007 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38009 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38010 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38011 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38013 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38015 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38018 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38020 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38022 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38023 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38024 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38027 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38031 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38040 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38043 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38044 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38045 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38053 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38055 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38059 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38060 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38068 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38072 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38077 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38078 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38079 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38080 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38081 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38083 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38240 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40014/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-07-16T12:53:19Z",
"generator": {
"date": "2025-07-16T12:53:19Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02333-1",
"initial_release_date": "2025-07-16T12:53:19Z",
"revision_history": [
{
"date": "2025-07-16T12:53:19Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-150700.7.8.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"product_id": "kernel-source-rt-6.4.0-150700.7.8.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"product_id": "cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"product": {
"name": "dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"product_id": "dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"product_id": "gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-6.4.0-150700.7.8.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-150700.7.8.1.x86_64",
"product_id": "kernel-rt-6.4.0-150700.7.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"product": {
"name": "kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"product_id": "kernel-rt-devel-6.4.0-150700.7.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-6.4.0-150700.7.8.1.x86_64",
"product": {
"name": "kernel-rt-extra-6.4.0-150700.7.8.1.x86_64",
"product_id": "kernel-rt-extra-6.4.0-150700.7.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-150700.7.8.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-150700.7.8.1.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-150700.7.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-6.4.0-150700.7.8.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-6.4.0-150700.7.8.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-6.4.0-150700.7.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-6.4.0-150700.7.8.1.x86_64",
"product": {
"name": "kernel-rt-optional-6.4.0-150700.7.8.1.x86_64",
"product_id": "kernel-rt-optional-6.4.0-150700.7.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-vdso-6.4.0-150700.7.8.1.x86_64",
"product": {
"name": "kernel-rt-vdso-6.4.0-150700.7.8.1.x86_64",
"product_id": "kernel-rt-vdso-6.4.0-150700.7.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"product": {
"name": "kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"product_id": "kernel-syms-rt-6.4.0-150700.7.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"product_id": "kselftests-kmp-rt-6.4.0-150700.7.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"product_id": "ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"product_id": "reiserfs-kmp-rt-6.4.0-150700.7.8.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP7",
"product": {
"name": "SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64"
},
"product_reference": "dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-150700.7.8.1.noarch as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-150700.7.8.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-150700.7.8.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-150700.7.8.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-150700.7.8.1.noarch as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-6.4.0-150700.7.8.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64"
},
"product_reference": "kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Only free buffer VA that is not NULL\n\nIn the MediaTek vcodec driver, while mtk_vcodec_mem_free() is mostly\ncalled only when the buffer to free exists, there are some instances\nthat didn\u0027t do the check and triggered warnings in practice.\n\nWe believe those checks were forgotten unintentionally. Add the checks\nback to fix the warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52888",
"url": "https://www.suse.com/security/cve/CVE-2023-52888"
},
{
"category": "external",
"summary": "SUSE Bug 1228557 for CVE-2023-52888",
"url": "https://bugzilla.suse.com/1228557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2023-52888"
},
{
"cve": "CVE-2023-53146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()\n\nIn dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach dw2102_i2c_transfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 950e252cb469\n(\"[media] dw2102: limit messages to buffer size\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53146",
"url": "https://www.suse.com/security/cve/CVE-2023-53146"
},
{
"category": "external",
"summary": "SUSE Bug 1220112 for CVE-2023-53146",
"url": "https://bugzilla.suse.com/1220112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2023-53146"
},
{
"cve": "CVE-2024-26762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/pci: Skip to handle RAS errors if CXL.mem device is detached\n\nThe PCI AER model is an awkward fit for CXL error handling. While the\nexpectation is that a PCI device can escalate to link reset to recover\nfrom an AER event, the same reset on CXL amounts to a surprise memory\nhotplug of massive amounts of memory.\n\nAt present, the CXL error handler attempts some optimistic error\nhandling to unbind the device from the cxl_mem driver after reaping some\nRAS register values. This results in a \"hopeful\" attempt to unplug the\nmemory, but there is no guarantee that will succeed.\n\nA subsequent AER notification after the memdev unbind event can no\nlonger assume the registers are mapped. Check for memdev bind before\nreaping status register values to avoid crashes of the form:\n\n BUG: unable to handle page fault for address: ffa00000195e9100\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n [...]\n RIP: 0010:__cxl_handle_ras+0x30/0x110 [cxl_core]\n [...]\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x24/0x70\n ? page_fault_oops+0x82/0x160\n ? kernelmode_fixup_or_oops+0x84/0x110\n ? exc_page_fault+0x113/0x170\n ? asm_exc_page_fault+0x26/0x30\n ? __pfx_dpc_reset_link+0x10/0x10\n ? __cxl_handle_ras+0x30/0x110 [cxl_core]\n ? find_cxl_port+0x59/0x80 [cxl_core]\n cxl_handle_rp_ras+0xbc/0xd0 [cxl_core]\n cxl_error_detected+0x6c/0xf0 [cxl_core]\n report_error_detected+0xc7/0x1c0\n pci_walk_bus+0x73/0x90\n pcie_do_recovery+0x23f/0x330\n\nLonger term, the unbind and PCI_ERS_RESULT_DISCONNECT behavior might\nneed to be replaced with a new PCI_ERS_RESULT_PANIC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26762",
"url": "https://www.suse.com/security/cve/CVE-2024-26762"
},
{
"category": "external",
"summary": "SUSE Bug 1230337 for CVE-2024-26762",
"url": "https://bugzilla.suse.com/1230337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-26762"
},
{
"cve": "CVE-2024-26831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/handshake: Fix handshake_req_destroy_test1\n\nRecently, handshake_req_destroy_test1 started failing:\n\nExpected handshake_req_destroy_test == req, but\n handshake_req_destroy_test == 0000000000000000\n req == 0000000060f99b40\nnot ok 11 req_destroy works\n\nThis is because \"sock_release(sock)\" was replaced with \"fput(filp)\"\nto address a memory leak. Note that sock_release() is synchronous\nbut fput() usually delays the final close and clean-up.\n\nThe delay is not consequential in the other cases that were changed\nbut handshake_req_destroy_test1 is testing that handshake_req_cancel()\nfollowed by closing the file actually does call the -\u003ehp_destroy\nmethod. Thus the PTR_EQ test at the end has to be sure that the\nfinal close is complete before it checks the pointer.\n\nWe cannot use a completion here because if -\u003ehp_destroy is never\ncalled (ie, there is an API bug) then the test will hang.\n\nReported by: Guenter Roeck \u003clinux@roeck-us.net\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26831",
"url": "https://www.suse.com/security/cve/CVE-2024-26831"
},
{
"category": "external",
"summary": "SUSE Bug 1223008 for CVE-2024-26831",
"url": "https://bugzilla.suse.com/1223008"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-26831"
},
{
"cve": "CVE-2024-41085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/mem: Fix no cxl_nvd during pmem region auto-assembling\n\nWhen CXL subsystem is auto-assembling a pmem region during cxl\nendpoint port probing, always hit below calltrace.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000078\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n RIP: 0010:cxl_pmem_region_probe+0x22e/0x360 [cxl_pmem]\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x24/0x70\n ? page_fault_oops+0x82/0x160\n ? do_user_addr_fault+0x65/0x6b0\n ? exc_page_fault+0x7d/0x170\n ? asm_exc_page_fault+0x26/0x30\n ? cxl_pmem_region_probe+0x22e/0x360 [cxl_pmem]\n ? cxl_pmem_region_probe+0x1ac/0x360 [cxl_pmem]\n cxl_bus_probe+0x1b/0x60 [cxl_core]\n really_probe+0x173/0x410\n ? __pfx___device_attach_driver+0x10/0x10\n __driver_probe_device+0x80/0x170\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x90/0x120\n bus_for_each_drv+0x84/0xe0\n __device_attach+0xbc/0x1f0\n bus_probe_device+0x90/0xa0\n device_add+0x51c/0x710\n devm_cxl_add_pmem_region+0x1b5/0x380 [cxl_core]\n cxl_bus_probe+0x1b/0x60 [cxl_core]\n\nThe cxl_nvd of the memdev needs to be available during the pmem region\nprobe. Currently the cxl_nvd is registered after the endpoint port probe.\nThe endpoint probe, in the case of autoassembly of regions, can cause a\npmem region probe requiring the not yet available cxl_nvd. Adjust the\nsequence so this dependency is met.\n\nThis requires adding a port parameter to cxl_find_nvdimm_bridge() that\ncan be used to query the ancestor root port. The endpoint port is not\nyet available, but will share a common ancestor with its parent, so\nstart the query from there instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41085",
"url": "https://www.suse.com/security/cve/CVE-2024-41085"
},
{
"category": "external",
"summary": "SUSE Bug 1228478 for CVE-2024-41085",
"url": "https://bugzilla.suse.com/1228478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-41085"
},
{
"cve": "CVE-2024-43869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix event leak upon exec and file release\n\nThe perf pending task work is never waited upon the matching event\nrelease. In the case of a child event, released via free_event()\ndirectly, this can potentially result in a leaked event, such as in the\nfollowing scenario that doesn\u0027t even require a weak IRQ work\nimplementation to trigger:\n\nschedule()\n prepare_task_switch()\n=======\u003e \u003cNMI\u003e\n perf_event_overflow()\n event-\u003epending_sigtrap = ...\n irq_work_queue(\u0026event-\u003epending_irq)\n\u003c======= \u003c/NMI\u003e\n perf_event_task_sched_out()\n event_sched_out()\n event-\u003epending_sigtrap = 0;\n atomic_long_inc_not_zero(\u0026event-\u003erefcount)\n task_work_add(\u0026event-\u003epending_task)\n finish_lock_switch()\n=======\u003e \u003cIRQ\u003e\n perf_pending_irq()\n //do nothing, rely on pending task work\n\u003c======= \u003c/IRQ\u003e\n\nbegin_new_exec()\n perf_event_exit_task()\n perf_event_exit_event()\n // If is child event\n free_event()\n WARN(atomic_long_cmpxchg(\u0026event-\u003erefcount, 1, 0) != 1)\n // event is leaked\n\nSimilar scenarios can also happen with perf_event_remove_on_exec() or\nsimply against concurrent perf_event_release().\n\nFix this with synchonizing against the possibly remaining pending task\nwork while freeing the event, just like is done with remaining pending\nIRQ work. This means that the pending task callback neither need nor\nshould hold a reference to the event, preventing it from ever beeing\nfreed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43869",
"url": "https://www.suse.com/security/cve/CVE-2024-43869"
},
{
"category": "external",
"summary": "SUSE Bug 1229491 for CVE-2024-43869",
"url": "https://bugzilla.suse.com/1229491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-43869"
},
{
"cve": "CVE-2024-49568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the fields v2_ext_offset/\neid_cnt/ism_gid_cnt in proposal msg are from the remote client\nand can not be fully trusted. Especially the field v2_ext_offset,\nonce exceed the max value, there has the chance to access wrong\naddress, and crash may happen.\n\nThis patch checks the fields v2_ext_offset/eid_cnt/ism_gid_cnt\nbefore using them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49568",
"url": "https://www.suse.com/security/cve/CVE-2024-49568"
},
{
"category": "external",
"summary": "SUSE Bug 1235728 for CVE-2024-49568",
"url": "https://bugzilla.suse.com/1235728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-49568"
},
{
"cve": "CVE-2024-50034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC\n\nEric report a panic on IPPROTO_SMC, and give the facts\nthat when INET_PROTOSW_ICSK was set, icsk-\u003eicsk_sync_mss must be set too.\n\nBug: Unable to handle kernel NULL pointer dereference at virtual address\n0000000000000000\nMem abort info:\nESR = 0x0000000086000005\nEC = 0x21: IABT (current EL), IL = 32 bits\nSET = 0, FnV = 0\nEA = 0, S1PTW = 0\nFSC = 0x05: level 1 translation fault\nuser pgtable: 4k pages, 48-bit VAs, pgdp=00000001195d1000\n[0000000000000000] pgd=0800000109c46003, p4d=0800000109c46003,\npud=0000000000000000\nInternal error: Oops: 0000000086000005 [#1] PREEMPT SMP\nModules linked in:\nCPU: 1 UID: 0 PID: 8037 Comm: syz.3.265 Not tainted\n6.11.0-rc7-syzkaller-g5f5673607153 #0\nHardware name: Google Google Compute Engine/Google Compute Engine,\nBIOS Google 08/06/2024\npstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : 0x0\nlr : cipso_v4_sock_setattr+0x2a8/0x3c0 net/ipv4/cipso_ipv4.c:1910\nsp : ffff80009b887a90\nx29: ffff80009b887aa0 x28: ffff80008db94050 x27: 0000000000000000\nx26: 1fffe0001aa6f5b3 x25: dfff800000000000 x24: ffff0000db75da00\nx23: 0000000000000000 x22: ffff0000d8b78518 x21: 0000000000000000\nx20: ffff0000d537ad80 x19: ffff0000d8b78000 x18: 1fffe000366d79ee\nx17: ffff8000800614a8 x16: ffff800080569b84 x15: 0000000000000001\nx14: 000000008b336894 x13: 00000000cd96feaa x12: 0000000000000003\nx11: 0000000000040000 x10: 00000000000020a3 x9 : 1fffe0001b16f0f1\nx8 : 0000000000000000 x7 : 0000000000000000 x6 : 000000000000003f\nx5 : 0000000000000040 x4 : 0000000000000001 x3 : 0000000000000000\nx2 : 0000000000000002 x1 : 0000000000000000 x0 : ffff0000d8b78000\nCall trace:\n0x0\nnetlbl_sock_setattr+0x2e4/0x338 net/netlabel/netlabel_kapi.c:1000\nsmack_netlbl_add+0xa4/0x154 security/smack/smack_lsm.c:2593\nsmack_socket_post_create+0xa8/0x14c security/smack/smack_lsm.c:2973\nsecurity_socket_post_create+0x94/0xd4 security/security.c:4425\n__sock_create+0x4c8/0x884 net/socket.c:1587\nsock_create net/socket.c:1622 [inline]\n__sys_socket_create net/socket.c:1659 [inline]\n__sys_socket+0x134/0x340 net/socket.c:1706\n__do_sys_socket net/socket.c:1720 [inline]\n__se_sys_socket net/socket.c:1718 [inline]\n__arm64_sys_socket+0x7c/0x94 net/socket.c:1718\n__invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\ninvoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\nel0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\ndo_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\nel0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712\nel0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730\nel0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598\nCode: ???????? ???????? ???????? ???????? (????????)\n---[ end trace 0000000000000000 ]---\n\nThis patch add a toy implementation that performs a simple return to\nprevent such panic. This is because MSS can be set in sock_create_kern\nor smc_setsockopt, similar to how it\u0027s done in AF_SMC. However, for\nAF_SMC, there is currently no way to synchronize MSS within\n__sys_connect_file. This toy implementation lays the groundwork for us\nto support such feature for IPPROTO_SMC in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50034",
"url": "https://www.suse.com/security/cve/CVE-2024-50034"
},
{
"category": "external",
"summary": "SUSE Bug 1231913 for CVE-2024-50034",
"url": "https://bugzilla.suse.com/1231913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-50034"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.com/1232882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-50106"
},
{
"cve": "CVE-2024-50293",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50293"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: do not leave a dangling sk pointer in __smc_create()\n\nThanks to commit 4bbd360a5084 (\"socket: Print pf-\u003ecreate() when\nit does not clear sock-\u003esk on failure.\"), syzbot found an issue with AF_SMC:\n\nsmc_create must clear sock-\u003esk on failure, family: 43, type: 1, protocol: 0\n WARNING: CPU: 0 PID: 5827 at net/socket.c:1565 __sock_create+0x96f/0xa30 net/socket.c:1563\nModules linked in:\nCPU: 0 UID: 0 PID: 5827 Comm: syz-executor259 Not tainted 6.12.0-rc6-next-20241106-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:__sock_create+0x96f/0xa30 net/socket.c:1563\nCode: 03 00 74 08 4c 89 e7 e8 4f 3b 85 f8 49 8b 34 24 48 c7 c7 40 89 0c 8d 8b 54 24 04 8b 4c 24 0c 44 8b 44 24 08 e8 32 78 db f7 90 \u003c0f\u003e 0b 90 90 e9 d3 fd ff ff 89 e9 80 e1 07 fe c1 38 c1 0f 8c ee f7\nRSP: 0018:ffffc90003e4fda0 EFLAGS: 00010246\nRAX: 099c6f938c7f4700 RBX: 1ffffffff1a595fd RCX: ffff888034823c00\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 00000000ffffffe9 R08: ffffffff81567052 R09: 1ffff920007c9f50\nR10: dffffc0000000000 R11: fffff520007c9f51 R12: ffffffff8d2cafe8\nR13: 1ffffffff1a595fe R14: ffffffff9a789c40 R15: ffff8880764298c0\nFS: 000055557b518380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fa62ff43225 CR3: 0000000031628000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n sock_create net/socket.c:1616 [inline]\n __sys_socket_create net/socket.c:1653 [inline]\n __sys_socket+0x150/0x3c0 net/socket.c:1700\n __do_sys_socket net/socket.c:1714 [inline]\n __se_sys_socket net/socket.c:1712 [inline]\n\nFor reference, see commit 2d859aff775d (\"Merge branch\n\u0027do-not-leave-dangling-sk-pointers-in-pf-create-functions\u0027\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50293",
"url": "https://www.suse.com/security/cve/CVE-2024-50293"
},
{
"category": "external",
"summary": "SUSE Bug 1233482 for CVE-2024-50293",
"url": "https://bugzilla.suse.com/1233482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "important"
}
],
"title": "CVE-2024-50293"
},
{
"cve": "CVE-2024-56541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup()\n\nDuring ath12k module removal, in ath12k_core_deinit(),\nath12k_mac_destroy() un-registers ah-\u003ehw from mac80211 and frees\nthe ah-\u003ehw as well as all the ar\u0027s in it. After this\nath12k_core_soc_destroy()-\u003e ath12k_dp_free()-\u003e ath12k_dp_cc_cleanup()\ntries to access one of the freed ar\u0027s from pending skb.\n\nThis is because during mac destroy, driver failed to flush few\ndata packets, which were accessed later in ath12k_dp_cc_cleanup()\nand freed, but using ar from the packet led to this use-after-free.\n\nBUG: KASAN: use-after-free in ath12k_dp_cc_cleanup.part.0+0x5e2/0xd40 [ath12k]\nWrite of size 4 at addr ffff888150bd3514 by task modprobe/8926\nCPU: 0 UID: 0 PID: 8926 Comm: modprobe Not tainted\n6.11.0-rc2-wt-ath+ #1746\nHardware name: Intel(R) Client Systems NUC8i7HVK/NUC8i7HVB, BIOS\nHNKBLi70.86A.0067.2021.0528.1339 05/28/2021\n\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7d/0xe0\n print_address_description.constprop.0+0x33/0x3a0\n print_report+0xb5/0x260\n ? kasan_addr_to_slab+0x24/0x80\n kasan_report+0xd8/0x110\n ? ath12k_dp_cc_cleanup.part.0+0x5e2/0xd40 [ath12k]\n ? ath12k_dp_cc_cleanup.part.0+0x5e2/0xd40 [ath12k]\n kasan_check_range+0xf3/0x1a0\n __kasan_check_write+0x14/0x20\n ath12k_dp_cc_cleanup.part.0+0x5e2/0xd40 [ath12k]\n ath12k_dp_free+0x178/0x420 [ath12k]\n ath12k_core_stop+0x176/0x200 [ath12k]\n ath12k_core_deinit+0x13f/0x210 [ath12k]\n ath12k_pci_remove+0xad/0x1c0 [ath12k]\n pci_device_remove+0x9b/0x1b0\n device_remove+0xbf/0x150\n device_release_driver_internal+0x3c3/0x580\n ? __kasan_check_read+0x11/0x20\n driver_detach+0xc4/0x190\n bus_remove_driver+0x130/0x2a0\n driver_unregister+0x68/0x90\n pci_unregister_driver+0x24/0x240\n ? find_module_all+0x13e/0x1e0\n ath12k_pci_exit+0x10/0x20 [ath12k]\n __do_sys_delete_module+0x32c/0x580\n ? module_flags+0x2f0/0x2f0\n ? kmem_cache_free+0xf0/0x410\n ? __fput+0x56f/0xab0\n ? __fput+0x56f/0xab0\n ? debug_smp_processor_id+0x17/0x20\n __x64_sys_delete_module+0x4f/0x70\n x64_sys_call+0x522/0x9f0\n do_syscall_64+0x64/0x130\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\nRIP: 0033:0x7f8182c6ac8b\n\nCommit 24de1b7b231c (\"wifi: ath12k: fix flush failure in recovery\nscenarios\") added the change to decrement the pending packets count\nin case of recovery which make sense as ah-\u003ehw as well all\nar\u0027s in it are intact during recovery, but during core deinit there\nis no use in decrementing packets count or waking up the empty waitq\nas the module is going to be removed also ar\u0027s from pending skb\u0027s\ncan\u0027t be used and the packets should just be released back.\n\nTo fix this, avoid accessing ar from skb-\u003ecb when driver is being\nunregistered.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.1.1-00214-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56541",
"url": "https://www.suse.com/security/cve/CVE-2024-56541"
},
{
"category": "external",
"summary": "SUSE Bug 1235064 for CVE-2024-56541",
"url": "https://bugzilla.suse.com/1235064"
},
{
"category": "external",
"summary": "SUSE Bug 1247044 for CVE-2024-56541",
"url": "https://bugzilla.suse.com/1247044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "important"
}
],
"title": "CVE-2024-56541"
},
{
"cve": "CVE-2024-56613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56613"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: fix memory leak due to the overwritten vma-\u003enumab_state\n\n[Problem Description]\nWhen running the hackbench program of LTP, the following memory leak is\nreported by kmemleak.\n\n # /opt/ltp/testcases/bin/hackbench 20 thread 1000\n Running with 20*40 (== 800) tasks.\n\n # dmesg | grep kmemleak\n ...\n kmemleak: 480 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n kmemleak: 665 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n\n # cat /sys/kernel/debug/kmemleak\n unreferenced object 0xffff888cd8ca2c40 (size 64):\n comm \"hackbench\", pid 17142, jiffies 4299780315\n hex dump (first 32 bytes):\n ac 74 49 00 01 00 00 00 4c 84 49 00 01 00 00 00 .tI.....L.I.....\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc bff18fd4):\n [\u003cffffffff81419a89\u003e] __kmalloc_cache_noprof+0x2f9/0x3f0\n [\u003cffffffff8113f715\u003e] task_numa_work+0x725/0xa00\n [\u003cffffffff8110f878\u003e] task_work_run+0x58/0x90\n [\u003cffffffff81ddd9f8\u003e] syscall_exit_to_user_mode+0x1c8/0x1e0\n [\u003cffffffff81dd78d5\u003e] do_syscall_64+0x85/0x150\n [\u003cffffffff81e0012b\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n ...\n\nThis issue can be consistently reproduced on three different servers:\n * a 448-core server\n * a 256-core server\n * a 192-core server\n\n[Root Cause]\nSince multiple threads are created by the hackbench program (along with\nthe command argument \u0027thread\u0027), a shared vma might be accessed by two or\nmore cores simultaneously. When two or more cores observe that\nvma-\u003enumab_state is NULL at the same time, vma-\u003enumab_state will be\noverwritten.\n\nAlthough current code ensures that only one thread scans the VMAs in a\nsingle \u0027numa_scan_period\u0027, there might be a chance for another thread\nto enter in the next \u0027numa_scan_period\u0027 while we have not gotten till\nnumab_state allocation [1].\n\nNote that the command `/opt/ltp/testcases/bin/hackbench 50 process 1000`\ncannot the reproduce the issue. It is verified with 200+ test runs.\n\n[Solution]\nUse the cmpxchg atomic operation to ensure that only one thread executes\nthe vma-\u003enumab_state assignment.\n\n[1] https://lore.kernel.org/lkml/1794be3c-358c-4cdc-a43d-a1f841d91ef7@amd.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56613",
"url": "https://www.suse.com/security/cve/CVE-2024-56613"
},
{
"category": "external",
"summary": "SUSE Bug 1244176 for CVE-2024-56613",
"url": "https://bugzilla.suse.com/1244176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "low"
}
],
"title": "CVE-2024-56613"
},
{
"cve": "CVE-2024-56699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix potential double remove of hotplug slot\n\nIn commit 6ee600bfbe0f (\"s390/pci: remove hotplug slot when releasing the\ndevice\") the zpci_exit_slot() was moved from zpci_device_reserved() to\nzpci_release_device() with the intention of keeping the hotplug slot\naround until the device is actually removed.\n\nNow zpci_release_device() is only called once all references are\ndropped. Since the zPCI subsystem only drops its reference once the\ndevice is in the reserved state it follows that zpci_release_device()\nmust only deal with devices in the reserved state. Despite that it\ncontains code to tear down from both configured and standby state. For\nthe standby case this already includes the removal of the hotplug slot\nso would cause a double removal if a device was ever removed in\neither configured or standby state.\n\nInstead of causing a potential double removal in a case that should\nnever happen explicitly WARN_ON() if a device in non-reserved state is\nreleased and get rid of the dead code cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56699",
"url": "https://www.suse.com/security/cve/CVE-2024-56699"
},
{
"category": "external",
"summary": "SUSE Bug 1235490 for CVE-2024-56699",
"url": "https://bugzilla.suse.com/1235490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-56699"
},
{
"cve": "CVE-2024-57982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: state: fix out-of-bounds read during lookup\n\nlookup and resize can run in parallel.\n\nThe xfrm_state_hash_generation seqlock ensures a retry, but the hash\nfunctions can observe a hmask value that is too large for the new hlist\narray.\n\nrehash does:\n rcu_assign_pointer(net-\u003exfrm.state_bydst, ndst) [..]\n net-\u003exfrm.state_hmask = nhashmask;\n\nWhile state lookup does:\n h = xfrm_dst_hash(net, daddr, saddr, tmpl-\u003ereqid, encap_family);\n hlist_for_each_entry_rcu(x, net-\u003exfrm.state_bydst + h, bydst) {\n\nThis is only safe in case the update to state_bydst is larger than\nnet-\u003exfrm.xfrm_state_hmask (or if the lookup function gets\nserialized via state spinlock again).\n\nFix this by prefetching state_hmask and the associated pointers.\nThe xfrm_state_hash_generation seqlock retry will ensure that the pointer\nand the hmask will be consistent.\n\nThe existing helpers, like xfrm_dst_hash(), are now unsafe for RCU side,\nadd lockdep assertions to document that they are only safe for insert\nside.\n\nxfrm_state_lookup_byaddr() uses the spinlock rather than RCU.\nAFAICS this is an oversight from back when state lookup was converted to\nRCU, this lock should be replaced with RCU in a future patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57982",
"url": "https://www.suse.com/security/cve/CVE-2024-57982"
},
{
"category": "external",
"summary": "SUSE Bug 1237913 for CVE-2024-57982",
"url": "https://bugzilla.suse.com/1237913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-57982"
},
{
"cve": "CVE-2024-57987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57987"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: check for NULL in btrtl_setup_realtek()\n\nIf insert an USB dongle which chip is not maintained in ic_id_table, it\nwill hit the NULL point accessed. Add a null point check to avoid the\nKernel Oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57987",
"url": "https://www.suse.com/security/cve/CVE-2024-57987"
},
{
"category": "external",
"summary": "SUSE Bug 1237905 for CVE-2024-57987",
"url": "https://bugzilla.suse.com/1237905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-57987"
},
{
"cve": "CVE-2024-57988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57988"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btbcm: Fix NULL deref in btbcm_get_board_name()\n\ndevm_kstrdup() can return a NULL pointer on failure,but this\nreturned value in btbcm_get_board_name() is not checked.\nAdd NULL check in btbcm_get_board_name(), to handle kernel NULL\npointer dereference error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57988",
"url": "https://www.suse.com/security/cve/CVE-2024-57988"
},
{
"category": "external",
"summary": "SUSE Bug 1237910 for CVE-2024-57988",
"url": "https://bugzilla.suse.com/1237910"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-57988"
},
{
"cve": "CVE-2024-57995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev()\n\nIn ath12k_mac_assign_vif_to_vdev(), if arvif is created on a different\nradio, it gets deleted from that radio through a call to\nath12k_mac_unassign_link_vif(). This action frees the arvif pointer.\nSubsequently, there is a check involving arvif, which will result in a\nread-after-free scenario.\n\nFix this by moving this check after arvif is again assigned via call to\nath12k_mac_assign_link_vif().\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57995",
"url": "https://www.suse.com/security/cve/CVE-2024-57995"
},
{
"category": "external",
"summary": "SUSE Bug 1237895 for CVE-2024-57995",
"url": "https://bugzilla.suse.com/1237895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-57995"
},
{
"cve": "CVE-2024-58004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: intel/ipu6: remove cpu latency qos request on error\n\nFix cpu latency qos list corruption like below. It happens when\nwe do not remove cpu latency request on error path and free\ncorresponding memory.\n\n[ 30.634378] l7 kernel: list_add corruption. prev-\u003enext should be next (ffffffff9645e960), but was 0000000100100001. (prev=ffff8e9e877e20a8).\n[ 30.634388] l7 kernel: WARNING: CPU: 2 PID: 2008 at lib/list_debug.c:32 __list_add_valid_or_report+0x83/0xa0\n\u003csnip\u003e\n[ 30.634640] l7 kernel: Call Trace:\n[ 30.634650] l7 kernel: \u003cTASK\u003e\n[ 30.634659] l7 kernel: ? __list_add_valid_or_report+0x83/0xa0\n[ 30.634669] l7 kernel: ? __warn.cold+0x93/0xf6\n[ 30.634678] l7 kernel: ? __list_add_valid_or_report+0x83/0xa0\n[ 30.634690] l7 kernel: ? report_bug+0xff/0x140\n[ 30.634702] l7 kernel: ? handle_bug+0x58/0x90\n[ 30.634712] l7 kernel: ? exc_invalid_op+0x17/0x70\n[ 30.634723] l7 kernel: ? asm_exc_invalid_op+0x1a/0x20\n[ 30.634733] l7 kernel: ? __list_add_valid_or_report+0x83/0xa0\n[ 30.634742] l7 kernel: plist_add+0xdd/0x140\n[ 30.634754] l7 kernel: pm_qos_update_target+0xa0/0x1f0\n[ 30.634764] l7 kernel: cpu_latency_qos_update_request+0x61/0xc0\n[ 30.634773] l7 kernel: intel_dp_aux_xfer+0x4c7/0x6e0 [i915 1f824655ed04687c2b0d23dbce759fa785f6d033]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58004",
"url": "https://www.suse.com/security/cve/CVE-2024-58004"
},
{
"category": "external",
"summary": "SUSE Bug 1238508 for CVE-2024-58004",
"url": "https://bugzilla.suse.com/1238508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-58004"
},
{
"cve": "CVE-2024-58015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix for out-of bound access error\n\nSelfgen stats are placed in a buffer using print_array_to_buf_index() function.\nArray length parameter passed to the function is too big, resulting in possible\nout-of bound memory error.\nDecreasing buffer size by one fixes faulty upper bound of passed array.\n\nDiscovered in coverity scan, CID 1600742 and CID 1600758",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58015",
"url": "https://www.suse.com/security/cve/CVE-2024-58015"
},
{
"category": "external",
"summary": "SUSE Bug 1238995 for CVE-2024-58015",
"url": "https://bugzilla.suse.com/1238995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-58015"
},
{
"cve": "CVE-2024-58053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix handling of received connection abort\n\nFix the handling of a connection abort that we\u0027ve received. Though the\nabort is at the connection level, it needs propagating to the calls on that\nconnection. Whilst the propagation bit is performed, the calls aren\u0027t then\nwoken up to go and process their termination, and as no further input is\nforthcoming, they just hang.\n\nAlso add some tracing for the logging of connection aborts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58053",
"url": "https://www.suse.com/security/cve/CVE-2024-58053"
},
{
"category": "external",
"summary": "SUSE Bug 1238982 for CVE-2024-58053",
"url": "https://bugzilla.suse.com/1238982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-58053"
},
{
"cve": "CVE-2024-58062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: avoid NULL pointer dereference\n\nWhen iterating over the links of a vif, we need to make sure that the\npointer is valid (in other words - that the link exists) before\ndereferncing it.\nUse for_each_vif_active_link that also does the check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58062",
"url": "https://www.suse.com/security/cve/CVE-2024-58062"
},
{
"category": "external",
"summary": "SUSE Bug 1238965 for CVE-2024-58062",
"url": "https://bugzilla.suse.com/1238965"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-58062"
},
{
"cve": "CVE-2024-58077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: soc-pcm: don\u0027t use soc_pcm_ret() on .prepare callback\n\ncommit 1f5664351410 (\"ASoC: lower \"no backend DAIs enabled for ... Port\"\nlog severity\") ignores -EINVAL error message on common soc_pcm_ret().\nIt is used from many functions, ignoring -EINVAL is over-kill.\n\nThe reason why -EINVAL was ignored was it really should only be used\nupon invalid parameters coming from userspace and in that case we don\u0027t\nwant to log an error since we do not want to give userspace a way to do\na denial-of-service attack on the syslog / diskspace.\n\nSo don\u0027t use soc_pcm_ret() on .prepare callback is better idea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58077",
"url": "https://www.suse.com/security/cve/CVE-2024-58077"
},
{
"category": "external",
"summary": "SUSE Bug 1239090 for CVE-2024-58077",
"url": "https://bugzilla.suse.com/1239090"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-58077"
},
{
"cve": "CVE-2024-58098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: track changes_pkt_data property for global functions\n\nWhen processing calls to certain helpers, verifier invalidates all\npacket pointers in a current state. For example, consider the\nfollowing program:\n\n __attribute__((__noinline__))\n long skb_pull_data(struct __sk_buff *sk, __u32 len)\n {\n return bpf_skb_pull_data(sk, len);\n }\n\n SEC(\"tc\")\n int test_invalidate_checks(struct __sk_buff *sk)\n {\n int *p = (void *)(long)sk-\u003edata;\n if ((void *)(p + 1) \u003e (void *)(long)sk-\u003edata_end) return TCX_DROP;\n skb_pull_data(sk, 0);\n *p = 42;\n return TCX_PASS;\n }\n\nAfter a call to bpf_skb_pull_data() the pointer \u0027p\u0027 can\u0027t be used\nsafely. See function filter.c:bpf_helper_changes_pkt_data() for a list\nof such helpers.\n\nAt the moment verifier invalidates packet pointers when processing\nhelper function calls, and does not traverse global sub-programs when\nprocessing calls to global sub-programs. This means that calls to\nhelpers done from global sub-programs do not invalidate pointers in\nthe caller state. E.g. the program above is unsafe, but is not\nrejected by verifier.\n\nThis commit fixes the omission by computing field\nbpf_subprog_info-\u003echanges_pkt_data for each sub-program before main\nverification pass.\nchanges_pkt_data should be set if:\n- subprogram calls helper for which bpf_helper_changes_pkt_data\n returns true;\n- subprogram calls a global function,\n for which bpf_subprog_info-\u003echanges_pkt_data should be set.\n\nThe verifier.c:check_cfg() pass is modified to compute this\ninformation. The commit relies on depth first instruction traversal\ndone by check_cfg() and absence of recursive function calls:\n- check_cfg() would eventually visit every call to subprogram S in a\n state when S is fully explored;\n- when S is fully explored:\n - every direct helper call within S is explored\n (and thus changes_pkt_data is set if needed);\n - every call to subprogram S1 called by S was visited with S1 fully\n explored (and thus S inherits changes_pkt_data from S1).\n\nThe downside of such approach is that dead code elimination is not\ntaken into account: if a helper call inside global function is dead\nbecause of current configuration, verifier would conservatively assume\nthat the call occurs for the purpose of the changes_pkt_data\ncomputation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58098",
"url": "https://www.suse.com/security/cve/CVE-2024-58098"
},
{
"category": "external",
"summary": "SUSE Bug 1242565 for CVE-2024-58098",
"url": "https://bugzilla.suse.com/1242565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-58098"
},
{
"cve": "CVE-2024-58099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame\n\nAndrew and Nikolay reported connectivity issues with Cilium\u0027s service\nload-balancing in case of vmxnet3.\n\nIf a BPF program for native XDP adds an encapsulation header such as\nIPIP and transmits the packet out the same interface, then in case\nof vmxnet3 a corrupted packet is being sent and subsequently dropped\non the path.\n\nvmxnet3_xdp_xmit_frame() which is called e.g. via vmxnet3_run_xdp()\nthrough vmxnet3_xdp_xmit_back() calculates an incorrect DMA address:\n\n page = virt_to_page(xdpf-\u003edata);\n tbi-\u003edma_addr = page_pool_get_dma_addr(page) +\n VMXNET3_XDP_HEADROOM;\n dma_sync_single_for_device(\u0026adapter-\u003epdev-\u003edev,\n tbi-\u003edma_addr, buf_size,\n DMA_TO_DEVICE);\n\nThe above assumes a fixed offset (VMXNET3_XDP_HEADROOM), but the XDP\nBPF program could have moved xdp-\u003edata. While the passed buf_size is\ncorrect (xdpf-\u003elen), the dma_addr needs to have a dynamic offset which\ncan be calculated as xdpf-\u003edata - (void *)xdpf, that is, xdp-\u003edata -\nxdp-\u003edata_hard_start.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58099",
"url": "https://www.suse.com/security/cve/CVE-2024-58099"
},
{
"category": "external",
"summary": "SUSE Bug 1242035 for CVE-2024-58099",
"url": "https://bugzilla.suse.com/1242035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-58099"
},
{
"cve": "CVE-2024-58100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: check changes_pkt_data property for extension programs\n\nWhen processing calls to global sub-programs, verifier decides whether\nto invalidate all packet pointers in current state depending on the\nchanges_pkt_data property of the global sub-program.\n\nBecause of this, an extension program replacing a global sub-program\nmust be compatible with changes_pkt_data property of the sub-program\nbeing replaced.\n\nThis commit:\n- adds changes_pkt_data flag to struct bpf_prog_aux:\n - this flag is set in check_cfg() for main sub-program;\n - in jit_subprogs() for other sub-programs;\n- modifies bpf_check_attach_btf_id() to check changes_pkt_data flag;\n- moves call to check_attach_btf_id() after the call to check_cfg(),\n because it needs changes_pkt_data flag to be set:\n\n bpf_check:\n ... ...\n - check_attach_btf_id resolve_pseudo_ldimm64\n resolve_pseudo_ldimm64 --\u003e bpf_prog_is_offloaded\n bpf_prog_is_offloaded check_cfg\n check_cfg + check_attach_btf_id\n ... ...\n\nThe following fields are set by check_attach_btf_id():\n- env-\u003eops\n- prog-\u003eaux-\u003eattach_btf_trace\n- prog-\u003eaux-\u003eattach_func_name\n- prog-\u003eaux-\u003eattach_func_proto\n- prog-\u003eaux-\u003edst_trampoline\n- prog-\u003eaux-\u003emod\n- prog-\u003eaux-\u003esaved_dst_attach_type\n- prog-\u003eaux-\u003esaved_dst_prog_type\n- prog-\u003eexpected_attach_type\n\nNeither of these fields are used by resolve_pseudo_ldimm64() or\nbpf_prog_offload_verifier_prep() (for netronome and netdevsim\ndrivers), so the reordering is safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58100",
"url": "https://www.suse.com/security/cve/CVE-2024-58100"
},
{
"category": "external",
"summary": "SUSE Bug 1242564 for CVE-2024-58100",
"url": "https://bugzilla.suse.com/1242564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-58100"
},
{
"cve": "CVE-2024-58237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: consider that tail calls invalidate packet pointers\n\nTail-called programs could execute any of the helpers that invalidate\npacket pointers. Hence, conservatively assume that each tail call\ninvalidates packet pointers.\n\nMaking the change in bpf_helper_changes_pkt_data() automatically makes\nuse of check_cfg() logic that computes \u0027changes_pkt_data\u0027 effect for\nglobal sub-programs, such that the following program could be\nrejected:\n\n int tail_call(struct __sk_buff *sk)\n {\n \tbpf_tail_call_static(sk, \u0026jmp_table, 0);\n \treturn 0;\n }\n\n SEC(\"tc\")\n int not_safe(struct __sk_buff *sk)\n {\n \tint *p = (void *)(long)sk-\u003edata;\n \t... make p valid ...\n \ttail_call(sk);\n \t*p = 42; /* this is unsafe */\n \t...\n }\n\nThe tc_bpf2bpf.c:subprog_tc() needs change: mark it as a function that\ncan invalidate packet pointers. Otherwise, it can\u0027t be freplaced with\ntailcall_freplace.c:entry_freplace() that does a tail call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58237",
"url": "https://www.suse.com/security/cve/CVE-2024-58237"
},
{
"category": "external",
"summary": "SUSE Bug 1242574 for CVE-2024-58237",
"url": "https://bugzilla.suse.com/1242574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-58237"
},
{
"cve": "CVE-2025-21629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\n\nThe blamed commit disabled hardware offoad of IPv6 packets with\nextension headers on devices that advertise NETIF_F_IPV6_CSUM,\nbased on the definition of that feature in skbuff.h:\n\n * * - %NETIF_F_IPV6_CSUM\n * - Driver (device) is only able to checksum plain\n * TCP or UDP packets over IPv6. These are specifically\n * unencapsulated packets of the form IPv6|TCP or\n * IPv6|UDP where the Next Header field in the IPv6\n * header is either TCP or UDP. IPv6 extension headers\n * are not supported with this feature. This feature\n * cannot be set in features for a device with\n * NETIF_F_HW_CSUM also set. This feature is being\n * DEPRECATED (see below).\n\nThe change causes skb_warn_bad_offload to fire for BIG TCP\npackets.\n\n[ 496.310233] WARNING: CPU: 13 PID: 23472 at net/core/dev.c:3129 skb_warn_bad_offload+0xc4/0xe0\n\n[ 496.310297] ? skb_warn_bad_offload+0xc4/0xe0\n[ 496.310300] skb_checksum_help+0x129/0x1f0\n[ 496.310303] skb_csum_hwoffload_help+0x150/0x1b0\n[ 496.310306] validate_xmit_skb+0x159/0x270\n[ 496.310309] validate_xmit_skb_list+0x41/0x70\n[ 496.310312] sch_direct_xmit+0x5c/0x250\n[ 496.310317] __qdisc_run+0x388/0x620\n\nBIG TCP introduced an IPV6_TLV_JUMBO IPv6 extension header to\ncommunicate packet length, as this is an IPv6 jumbogram. But, the\nfeature is only enabled on devices that support BIG TCP TSO. The\nheader is only present for PF_PACKET taps like tcpdump, and not\ntransmitted by physical devices.\n\nFor this specific case of extension headers that are not\ntransmitted, return to the situation before the blamed commit\nand support hardware offload.\n\nipv6_has_hopopt_jumbo() tests not only whether this header is present,\nbut also that it is the only extension header before a terminal (L4)\nheader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21629",
"url": "https://www.suse.com/security/cve/CVE-2025-21629"
},
{
"category": "external",
"summary": "SUSE Bug 1235968 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "external",
"summary": "SUSE Bug 1244722 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1244722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "important"
}
],
"title": "CVE-2025-21629"
},
{
"cve": "CVE-2025-21658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: avoid NULL pointer dereference if no valid extent tree\n\n[BUG]\nSyzbot reported a crash with the following call trace:\n\n BTRFS info (device loop0): scrub: started on devid 1\n BUG: kernel NULL pointer dereference, address: 0000000000000208\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 106e70067 P4D 106e70067 PUD 107143067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 UID: 0 PID: 689 Comm: repro Kdump: loaded Tainted: G O 6.13.0-rc4-custom+ #206\n Tainted: [O]=OOT_MODULE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 02/02/2022\n RIP: 0010:find_first_extent_item+0x26/0x1f0 [btrfs]\n Call Trace:\n \u003cTASK\u003e\n scrub_find_fill_first_stripe+0x13d/0x3b0 [btrfs]\n scrub_simple_mirror+0x175/0x260 [btrfs]\n scrub_stripe+0x5d4/0x6c0 [btrfs]\n scrub_chunk+0xbb/0x170 [btrfs]\n scrub_enumerate_chunks+0x2f4/0x5f0 [btrfs]\n btrfs_scrub_dev+0x240/0x600 [btrfs]\n btrfs_ioctl+0x1dc8/0x2fa0 [btrfs]\n ? do_sys_openat2+0xa5/0xf0\n __x64_sys_ioctl+0x97/0xc0\n do_syscall_64+0x4f/0x120\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\n[CAUSE]\nThe reproducer is using a corrupted image where extent tree root is\ncorrupted, thus forcing to use \"rescue=all,ro\" mount option to mount the\nimage.\n\nThen it triggered a scrub, but since scrub relies on extent tree to find\nwhere the data/metadata extents are, scrub_find_fill_first_stripe()\nrelies on an non-empty extent root.\n\nBut unfortunately scrub_find_fill_first_stripe() doesn\u0027t really expect\nan NULL pointer for extent root, it use extent_root to grab fs_info and\ntriggered a NULL pointer dereference.\n\n[FIX]\nAdd an extra check for a valid extent root at the beginning of\nscrub_find_fill_first_stripe().\n\nThe new error path is introduced by 42437a6386ff (\"btrfs: introduce\nmount option rescue=ignorebadroots\"), but that\u0027s pretty old, and later\ncommit b979547513ff (\"btrfs: scrub: introduce helper to find and fill\nsector info for a scrub_stripe\") changed how we do scrub.\n\nSo for kernels older than 6.6, the fix will need manual backport.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21658",
"url": "https://www.suse.com/security/cve/CVE-2025-21658"
},
{
"category": "external",
"summary": "SUSE Bug 1236208 for CVE-2025-21658",
"url": "https://bugzilla.suse.com/1236208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21658"
},
{
"cve": "CVE-2025-21713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: Don\u0027t unset window if it was never set\n\nOn pSeries, when user attempts to use the same vfio container used by\ndifferent iommu group, the spapr_tce_set_window() returns -EPERM\nand the subsequent cleanup leads to the below crash.\n\n Kernel attempted to read user page (308) - exploit attempt?\n BUG: Kernel NULL pointer dereference on read at 0x00000308\n Faulting instruction address: 0xc0000000001ce358\n Oops: Kernel access of bad area, sig: 11 [#1]\n NIP: c0000000001ce358 LR: c0000000001ce05c CTR: c00000000005add0\n \u003csnip\u003e\n NIP [c0000000001ce358] spapr_tce_unset_window+0x3b8/0x510\n LR [c0000000001ce05c] spapr_tce_unset_window+0xbc/0x510\n Call Trace:\n spapr_tce_unset_window+0xbc/0x510 (unreliable)\n tce_iommu_attach_group+0x24c/0x340 [vfio_iommu_spapr_tce]\n vfio_container_attach_group+0xec/0x240 [vfio]\n vfio_group_fops_unl_ioctl+0x548/0xb00 [vfio]\n sys_ioctl+0x754/0x1580\n system_call_exception+0x13c/0x330\n system_call_vectored_common+0x15c/0x2ec\n \u003csnip\u003e\n --- interrupt: 3000\n\nFix this by having null check for the tbl passed to the\nspapr_tce_unset_window().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21713",
"url": "https://www.suse.com/security/cve/CVE-2025-21713"
},
{
"category": "external",
"summary": "SUSE Bug 1237887 for CVE-2025-21713",
"url": "https://bugzilla.suse.com/1237887"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21713"
},
{
"cve": "CVE-2025-21720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21720"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: delete intermediate secpath entry in packet offload mode\n\nPackets handled by hardware have added secpath as a way to inform XFRM\ncore code that this path was already handled. That secpath is not needed\nat all after policy is checked and it is removed later in the stack.\n\nHowever, in the case of IP forwarding is enabled (/proc/sys/net/ipv4/ip_forward),\nthat secpath is not removed and packets which already were handled are reentered\nto the driver TX path with xfrm_offload set.\n\nThe following kernel panic is observed in mlx5 in such case:\n\n mlx5_core 0000:04:00.0 enp4s0f0np0: Link up\n mlx5_core 0000:04:00.1 enp4s0f1np1: Link up\n Initializing XFRM netlink socket\n IPsec XFRM device driver\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor instruction fetch in kernel mode\n #PF: error_code(0x0010) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0010 [#1] PREEMPT SMP\n CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc1-alex #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n RIP: 0010:0x0\n Code: Unable to access opcode bytes at 0xffffffffffffffd6.\n RSP: 0018:ffffb87380003800 EFLAGS: 00010206\n RAX: ffff8df004e02600 RBX: ffffb873800038d8 RCX: 00000000ffff98cf\n RDX: ffff8df00733e108 RSI: ffff8df00521fb80 RDI: ffff8df001661f00\n RBP: ffffb87380003850 R08: ffff8df013980000 R09: 0000000000000010\n R10: 0000000000000002 R11: 0000000000000002 R12: ffff8df001661f00\n R13: ffff8df00521fb80 R14: ffff8df00733e108 R15: ffff8df011faf04e\n FS: 0000000000000000(0000) GS:ffff8df46b800000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffffffffffffd6 CR3: 0000000106384000 CR4: 0000000000350ef0\n Call Trace:\n \u003cIRQ\u003e\n ? show_regs+0x63/0x70\n ? __die_body+0x20/0x60\n ? __die+0x2b/0x40\n ? page_fault_oops+0x15c/0x550\n ? do_user_addr_fault+0x3ed/0x870\n ? exc_page_fault+0x7f/0x190\n ? asm_exc_page_fault+0x27/0x30\n mlx5e_ipsec_handle_tx_skb+0xe7/0x2f0 [mlx5_core]\n mlx5e_xmit+0x58e/0x1980 [mlx5_core]\n ? __fib_lookup+0x6a/0xb0\n dev_hard_start_xmit+0x82/0x1d0\n sch_direct_xmit+0xfe/0x390\n __dev_queue_xmit+0x6d8/0xee0\n ? __fib_lookup+0x6a/0xb0\n ? internal_add_timer+0x48/0x70\n ? mod_timer+0xe2/0x2b0\n neigh_resolve_output+0x115/0x1b0\n __neigh_update+0x26a/0xc50\n neigh_update+0x14/0x20\n arp_process+0x2cb/0x8e0\n ? __napi_build_skb+0x5e/0x70\n arp_rcv+0x11e/0x1c0\n ? dev_gro_receive+0x574/0x820\n __netif_receive_skb_list_core+0x1cf/0x1f0\n netif_receive_skb_list_internal+0x183/0x2a0\n napi_complete_done+0x76/0x1c0\n mlx5e_napi_poll+0x234/0x7a0 [mlx5_core]\n __napi_poll+0x2d/0x1f0\n net_rx_action+0x1a6/0x370\n ? atomic_notifier_call_chain+0x3b/0x50\n ? irq_int_handler+0x15/0x20 [mlx5_core]\n handle_softirqs+0xb9/0x2f0\n ? handle_irq_event+0x44/0x60\n irq_exit_rcu+0xdb/0x100\n common_interrupt+0x98/0xc0\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_common_interrupt+0x27/0x40\n RIP: 0010:pv_native_safe_halt+0xb/0x10\n Code: 09 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 0f 22\n 0f 1f 84 00 00 00 00 00 90 eb 07 0f 00 2d 7f e9 36 00 fb\n40 00 83 ff 07 77 21 89 ff ff 24 fd 88 3d a1 bd 0f 21 f8\n RSP: 0018:ffffffffbe603de8 EFLAGS: 00000202\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000f92f46680\n RDX: 0000000000000037 RSI: 00000000ffffffff RDI: 00000000000518d4\n RBP: ffffffffbe603df0 R08: 000000cd42e4dffb R09: ffffffffbe603d70\n R10: 0000004d80d62680 R11: 0000000000000001 R12: ffffffffbe60bf40\n R13: 0000000000000000 R14: 0000000000000000 R15: ffffffffbe60aff8\n ? default_idle+0x9/0x20\n arch_cpu_idle+0x9/0x10\n default_idle_call+0x29/0xf0\n do_idle+0x1f2/0x240\n cpu_startup_entry+0x2c/0x30\n rest_init+0xe7/0x100\n start_kernel+0x76b/0xb90\n x86_64_start_reservations+0x18/0x30\n x86_64_start_kernel+0xc0/0x110\n ? setup_ghcb+0xe/0x130\n common_startup_64+0x13e/0x141\n \u003c/TASK\u003e\n Modules linked in: esp4_offload esp4 xfrm_interface\nxfrm6_tunnel tunnel4 tunnel6 xfrm_user xfrm_algo binf\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21720",
"url": "https://www.suse.com/security/cve/CVE-2025-21720"
},
{
"category": "external",
"summary": "SUSE Bug 1238859 for CVE-2025-21720",
"url": "https://bugzilla.suse.com/1238859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21720"
},
{
"cve": "CVE-2025-21770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix potential memory leak in iopf_queue_remove_device()\n\nThe iopf_queue_remove_device() helper removes a device from the per-iommu\niopf queue when PRI is disabled on the device. It responds to all\noutstanding iopf\u0027s with an IOMMU_PAGE_RESP_INVALID code and detaches the\ndevice from the queue.\n\nHowever, it fails to release the group structure that represents a group\nof iopf\u0027s awaiting for a response after responding to the hardware. This\ncan cause a memory leak if iopf_queue_remove_device() is called with\npending iopf\u0027s.\n\nFix it by calling iopf_free_group() after the iopf group is responded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21770",
"url": "https://www.suse.com/security/cve/CVE-2025-21770"
},
{
"category": "external",
"summary": "SUSE Bug 1238495 for CVE-2025-21770",
"url": "https://bugzilla.suse.com/1238495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21770"
},
{
"cve": "CVE-2025-21805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rtrs: Add missing deinit() call\n\nA warning is triggered when repeatedly connecting and disconnecting the\nrnbd:\n list_add corruption. prev-\u003enext should be next (ffff88800b13e480), but was ffff88801ecd1338. (prev=ffff88801ecd1340).\n WARNING: CPU: 1 PID: 36562 at lib/list_debug.c:32 __list_add_valid_or_report+0x7f/0xa0\n Workqueue: ib_cm cm_work_handler [ib_cm]\n RIP: 0010:__list_add_valid_or_report+0x7f/0xa0\n ? __list_add_valid_or_report+0x7f/0xa0\n ib_register_event_handler+0x65/0x93 [ib_core]\n rtrs_srv_ib_dev_init+0x29/0x30 [rtrs_server]\n rtrs_ib_dev_find_or_add+0x124/0x1d0 [rtrs_core]\n __alloc_path+0x46c/0x680 [rtrs_server]\n ? rtrs_rdma_connect+0xa6/0x2d0 [rtrs_server]\n ? rcu_is_watching+0xd/0x40\n ? __mutex_lock+0x312/0xcf0\n ? get_or_create_srv+0xad/0x310 [rtrs_server]\n ? rtrs_rdma_connect+0xa6/0x2d0 [rtrs_server]\n rtrs_rdma_connect+0x23c/0x2d0 [rtrs_server]\n ? __lock_release+0x1b1/0x2d0\n cma_cm_event_handler+0x4a/0x1a0 [rdma_cm]\n cma_ib_req_handler+0x3a0/0x7e0 [rdma_cm]\n cm_process_work+0x28/0x1a0 [ib_cm]\n ? _raw_spin_unlock_irq+0x2f/0x50\n cm_req_handler+0x618/0xa60 [ib_cm]\n cm_work_handler+0x71/0x520 [ib_cm]\n\nCommit 667db86bcbe8 (\"RDMA/rtrs: Register ib event handler\") introduced a\nnew element .deinit but never used it at all. Fix it by invoking the\n`deinit()` to appropriately unregister the IB event handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21805",
"url": "https://www.suse.com/security/cve/CVE-2025-21805"
},
{
"category": "external",
"summary": "SUSE Bug 1238741 for CVE-2025-21805",
"url": "https://bugzilla.suse.com/1238741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21805"
},
{
"cve": "CVE-2025-21824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpu: host1x: Fix a use of uninitialized mutex\n\ncommit c8347f915e67 (\"gpu: host1x: Fix boot regression for Tegra\")\ncaused a use of uninitialized mutex leading to below warning when\nCONFIG_DEBUG_MUTEXES and CONFIG_DEBUG_LOCK_ALLOC are enabled.\n\n[ 41.662843] ------------[ cut here ]------------\n[ 41.663012] DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n[ 41.663035] WARNING: CPU: 4 PID: 794 at kernel/locking/mutex.c:587 __mutex_lock+0x670/0x878\n[ 41.663458] Modules linked in: rtw88_8822c(+) bluetooth(+) rtw88_pci rtw88_core mac80211 aquantia libarc4 crc_itu_t cfg80211 tegra194_cpufreq dwmac_tegra(+) arm_dsu_pmu stmmac_platform stmmac pcs_xpcs rfkill at24 host1x(+) tegra_bpmp_thermal ramoops reed_solomon fuse loop nfnetlink xfs mmc_block rpmb_core ucsi_ccg ina3221 crct10dif_ce xhci_tegra ghash_ce lm90 sha2_ce sha256_arm64 sha1_ce sdhci_tegra pwm_fan sdhci_pltfm sdhci gpio_keys rtc_tegra cqhci mmc_core phy_tegra_xusb i2c_tegra tegra186_gpc_dma i2c_tegra_bpmp spi_tegra114 dm_mirror dm_region_hash dm_log dm_mod\n[ 41.665078] CPU: 4 UID: 0 PID: 794 Comm: (udev-worker) Not tainted 6.11.0-29.31_1538613708.el10.aarch64+debug #1\n[ 41.665838] Hardware name: NVIDIA NVIDIA Jetson AGX Orin Developer Kit/Jetson, BIOS 36.3.0-gcid-35594366 02/26/2024\n[ 41.672555] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 41.679636] pc : __mutex_lock+0x670/0x878\n[ 41.683834] lr : __mutex_lock+0x670/0x878\n[ 41.688035] sp : ffff800084b77090\n[ 41.691446] x29: ffff800084b77160 x28: ffffdd4bebf7b000 x27: ffffdd4be96b1000\n[ 41.698799] x26: 1fffe0002308361c x25: 1ffff0001096ee18 x24: 0000000000000000\n[ 41.706149] x23: 0000000000000000 x22: 0000000000000002 x21: ffffdd4be6e3c7a0\n[ 41.713500] x20: ffff800084b770f0 x19: ffff00011841b1e8 x18: 0000000000000000\n[ 41.720675] x17: 0000000000000000 x16: 0000000000000000 x15: 0720072007200720\n[ 41.728023] x14: 0000000000000000 x13: 0000000000000001 x12: ffff6001a96eaab3\n[ 41.735375] x11: 1fffe001a96eaab2 x10: ffff6001a96eaab2 x9 : ffffdd4be4838bbc\n[ 41.742723] x8 : 00009ffe5691554e x7 : ffff000d4b755593 x6 : 0000000000000001\n[ 41.749985] x5 : ffff000d4b755590 x4 : 1fffe0001d88f001 x3 : dfff800000000000\n[ 41.756988] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff0000ec478000\n[ 41.764251] Call trace:\n[ 41.766695] __mutex_lock+0x670/0x878\n[ 41.770373] mutex_lock_nested+0x2c/0x40\n[ 41.774134] host1x_intr_start+0x54/0xf8 [host1x]\n[ 41.778863] host1x_runtime_resume+0x150/0x228 [host1x]\n[ 41.783935] pm_generic_runtime_resume+0x84/0xc8\n[ 41.788485] __rpm_callback+0xa0/0x478\n[ 41.792422] rpm_callback+0x15c/0x1a8\n[ 41.795922] rpm_resume+0x698/0xc08\n[ 41.799597] __pm_runtime_resume+0xa8/0x140\n[ 41.803621] host1x_probe+0x810/0xbc0 [host1x]\n[ 41.807909] platform_probe+0xcc/0x1a8\n[ 41.811845] really_probe+0x188/0x800\n[ 41.815347] __driver_probe_device+0x164/0x360\n[ 41.819810] driver_probe_device+0x64/0x1a8\n[ 41.823834] __driver_attach+0x180/0x490\n[ 41.827773] bus_for_each_dev+0x104/0x1a0\n[ 41.831797] driver_attach+0x44/0x68\n[ 41.835296] bus_add_driver+0x23c/0x4e8\n[ 41.839235] driver_register+0x15c/0x3a8\n[ 41.843170] __platform_register_drivers+0xa4/0x208\n[ 41.848159] tegra_host1x_init+0x4c/0xff8 [host1x]\n[ 41.853147] do_one_initcall+0xd4/0x380\n[ 41.856997] do_init_module+0x1dc/0x698\n[ 41.860758] load_module+0xc70/0x1300\n[ 41.864435] __do_sys_init_module+0x1a8/0x1d0\n[ 41.868721] __arm64_sys_init_module+0x74/0xb0\n[ 41.873183] invoke_syscall.constprop.0+0xdc/0x1e8\n[ 41.877997] do_el0_svc+0x154/0x1d0\n[ 41.881671] el0_svc+0x54/0x140\n[ 41.884820] el0t_64_sync_handler+0x120/0x130\n[ 41.889285] el0t_64_sync+0x1a4/0x1a8\n[ 41.892960] irq event stamp: 69737\n[ 41.896370] hardirqs last enabled at (69737): [\u003cffffdd4be6d7768c\u003e] _raw_spin_unlock_irqrestore+0x44/0xe8\n[ 41.905739] hardirqs last disabled at (69736):\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21824",
"url": "https://www.suse.com/security/cve/CVE-2025-21824"
},
{
"category": "external",
"summary": "SUSE Bug 1238478 for CVE-2025-21824",
"url": "https://bugzilla.suse.com/1238478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21824"
},
{
"cve": "CVE-2025-21842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\namdkfd: properly free gang_ctx_bo when failed to init user queue\n\nThe destructor of a gtt bo is declared as\nvoid amdgpu_amdkfd_free_gtt_mem(struct amdgpu_device *adev, void **mem_obj);\nWhich takes void** as the second parameter.\n\nGCC allows passing void* to the function because void* can be implicitly\ncasted to any other types, so it can pass compiling.\n\nHowever, passing this void* parameter into the function\u0027s\nexecution process(which expects void** and dereferencing void**)\nwill result in errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21842",
"url": "https://www.suse.com/security/cve/CVE-2025-21842"
},
{
"category": "external",
"summary": "SUSE Bug 1239063 for CVE-2025-21842",
"url": "https://bugzilla.suse.com/1239063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21842"
},
{
"cve": "CVE-2025-21849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gt: Use spin_lock_irqsave() in interruptible context\n\nspin_lock/unlock() functions used in interrupt contexts could\nresult in a deadlock, as seen in GitLab issue #13399,\nwhich occurs when interrupt comes in while holding a lock.\n\nTry to remedy the problem by saving irq state before spin lock\nacquisition.\n\nv2: add irqs\u0027 state save/restore calls to all locks/unlocks in\n signal_irq_work() execution (Maciej)\n\nv3: use with spin_lock_irqsave() in guc_lrc_desc_unpin() instead\n of other lock/unlock calls and add Fixes and Cc tags (Tvrtko);\n change title and commit message\n\n(cherry picked from commit c088387ddd6482b40f21ccf23db1125e8fa4af7e)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21849",
"url": "https://www.suse.com/security/cve/CVE-2025-21849"
},
{
"category": "external",
"summary": "SUSE Bug 1239485 for CVE-2025-21849",
"url": "https://bugzilla.suse.com/1239485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21849"
},
{
"cve": "CVE-2025-21868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: allow small head cache usage with large MAX_SKB_FRAGS values\n\nSabrina reported the following splat:\n\n WARNING: CPU: 0 PID: 1 at net/core/dev.c:6935 netif_napi_add_weight_locked+0x8f2/0xba0\n Modules linked in:\n CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.14.0-rc1-net-00092-g011b03359038 #996\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:netif_napi_add_weight_locked+0x8f2/0xba0\n Code: e8 c3 e6 6a fe 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc c7 44 24 10 ff ff ff ff e9 8f fb ff ff e8 9e e6 6a fe \u003c0f\u003e 0b e9 d3 fe ff ff e8 92 e6 6a fe 48 8b 04 24 be ff ff ff ff 48\n RSP: 0000:ffffc9000001fc60 EFLAGS: 00010293\n RAX: 0000000000000000 RBX: ffff88806ce48128 RCX: 1ffff11001664b9e\n RDX: ffff888008f00040 RSI: ffffffff8317ca42 RDI: ffff88800b325cb6\n RBP: ffff88800b325c40 R08: 0000000000000001 R09: ffffed100167502c\n R10: ffff88800b3a8163 R11: 0000000000000000 R12: ffff88800ac1c168\n R13: ffff88800ac1c168 R14: ffff88800ac1c168 R15: 0000000000000007\n FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffff888008201000 CR3: 0000000004c94001 CR4: 0000000000370ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n gro_cells_init+0x1ba/0x270\n xfrm_input_init+0x4b/0x2a0\n xfrm_init+0x38/0x50\n ip_rt_init+0x2d7/0x350\n ip_init+0xf/0x20\n inet_init+0x406/0x590\n do_one_initcall+0x9d/0x2e0\n do_initcalls+0x23b/0x280\n kernel_init_freeable+0x445/0x490\n kernel_init+0x20/0x1d0\n ret_from_fork+0x46/0x80\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n irq event stamp: 584330\n hardirqs last enabled at (584338): [\u003cffffffff8168bf87\u003e] __up_console_sem+0x77/0xb0\n hardirqs last disabled at (584345): [\u003cffffffff8168bf6c\u003e] __up_console_sem+0x5c/0xb0\n softirqs last enabled at (583242): [\u003cffffffff833ee96d\u003e] netlink_insert+0x14d/0x470\n softirqs last disabled at (583754): [\u003cffffffff8317c8cd\u003e] netif_napi_add_weight_locked+0x77d/0xba0\n\non kernel built with MAX_SKB_FRAGS=45, where SKB_WITH_OVERHEAD(1024)\nis smaller than GRO_MAX_HEAD.\n\nSuch built additionally contains the revert of the single page frag cache\nso that napi_get_frags() ends up using the page frag allocator, triggering\nthe splat.\n\nNote that the underlying issue is independent from the mentioned\nrevert; address it ensuring that the small head cache will fit either TCP\nand GRO allocation and updating napi_alloc_skb() and __netdev_alloc_skb()\nto select kmalloc() usage for any allocation fitting such cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21868",
"url": "https://www.suse.com/security/cve/CVE-2025-21868"
},
{
"category": "external",
"summary": "SUSE Bug 1240180 for CVE-2025-21868",
"url": "https://bugzilla.suse.com/1240180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21868"
},
{
"cve": "CVE-2025-21880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21880"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/userptr: fix EFAULT handling\n\nCurrently we treat EFAULT from hmm_range_fault() as a non-fatal error\nwhen called from xe_vm_userptr_pin() with the idea that we want to avoid\nkilling the entire vm and chucking an error, under the assumption that\nthe user just did an unmap or something, and has no intention of\nactually touching that memory from the GPU. At this point we have\nalready zapped the PTEs so any access should generate a page fault, and\nif the pin fails there also it will then become fatal.\n\nHowever it looks like it\u0027s possible for the userptr vma to still be on\nthe rebind list in preempt_rebind_work_func(), if we had to retry the\npin again due to something happening in the caller before we did the\nrebind step, but in the meantime needing to re-validate the userptr and\nthis time hitting the EFAULT.\n\nThis explains an internal user report of hitting:\n\n[ 191.738349] WARNING: CPU: 1 PID: 157 at drivers/gpu/drm/xe/xe_res_cursor.h:158 xe_pt_stage_bind.constprop.0+0x60a/0x6b0 [xe]\n[ 191.738551] Workqueue: xe-ordered-wq preempt_rebind_work_func [xe]\n[ 191.738616] RIP: 0010:xe_pt_stage_bind.constprop.0+0x60a/0x6b0 [xe]\n[ 191.738690] Call Trace:\n[ 191.738692] \u003cTASK\u003e\n[ 191.738694] ? show_regs+0x69/0x80\n[ 191.738698] ? __warn+0x93/0x1a0\n[ 191.738703] ? xe_pt_stage_bind.constprop.0+0x60a/0x6b0 [xe]\n[ 191.738759] ? report_bug+0x18f/0x1a0\n[ 191.738764] ? handle_bug+0x63/0xa0\n[ 191.738767] ? exc_invalid_op+0x19/0x70\n[ 191.738770] ? asm_exc_invalid_op+0x1b/0x20\n[ 191.738777] ? xe_pt_stage_bind.constprop.0+0x60a/0x6b0 [xe]\n[ 191.738834] ? ret_from_fork_asm+0x1a/0x30\n[ 191.738849] bind_op_prepare+0x105/0x7b0 [xe]\n[ 191.738906] ? dma_resv_reserve_fences+0x301/0x380\n[ 191.738912] xe_pt_update_ops_prepare+0x28c/0x4b0 [xe]\n[ 191.738966] ? kmemleak_alloc+0x4b/0x80\n[ 191.738973] ops_execute+0x188/0x9d0 [xe]\n[ 191.739036] xe_vm_rebind+0x4ce/0x5a0 [xe]\n[ 191.739098] ? trace_hardirqs_on+0x4d/0x60\n[ 191.739112] preempt_rebind_work_func+0x76f/0xd00 [xe]\n\nFollowed by NPD, when running some workload, since the sg was never\nactually populated but the vma is still marked for rebind when it should\nbe skipped for this special EFAULT case. This is confirmed to fix the\nuser report.\n\nv2 (MattB):\n - Move earlier.\nv3 (MattB):\n - Update the commit message to make it clear that this indeed fixes the\n issue.\n\n(cherry picked from commit 6b93cb98910c826c2e2004942f8b060311e43618)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21880",
"url": "https://www.suse.com/security/cve/CVE-2025-21880"
},
{
"category": "external",
"summary": "SUSE Bug 1240170 for CVE-2025-21880",
"url": "https://bugzilla.suse.com/1240170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21880"
},
{
"cve": "CVE-2025-21898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Avoid potential division by zero in function_stat_show()\n\nCheck whether denominator expression x * (x - 1) * 1000 mod {2^32, 2^64}\nproduce zero and skip stddev computation in that case.\n\nFor now don\u0027t care about rec-\u003ecounter * rec-\u003ecounter overflow because\nrec-\u003etime * rec-\u003etime overflow will likely happen earlier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21898",
"url": "https://www.suse.com/security/cve/CVE-2025-21898"
},
{
"category": "external",
"summary": "SUSE Bug 1240610 for CVE-2025-21898",
"url": "https://bugzilla.suse.com/1240610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21898"
},
{
"cve": "CVE-2025-21899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21899"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix bad hist from corrupting named_triggers list\n\nThe following commands causes a crash:\n\n ~# cd /sys/kernel/tracing/events/rcu/rcu_callback\n ~# echo \u0027hist:name=bad:keys=common_pid:onmax(bogus).save(common_pid)\u0027 \u003e trigger\n bash: echo: write error: Invalid argument\n ~# echo \u0027hist:name=bad:keys=common_pid\u0027 \u003e trigger\n\nBecause the following occurs:\n\nevent_trigger_write() {\n trigger_process_regex() {\n event_hist_trigger_parse() {\n\n data = event_trigger_alloc(..);\n\n event_trigger_register(.., data) {\n cmd_ops-\u003ereg(.., data, ..) [hist_register_trigger()] {\n data-\u003eops-\u003einit() [event_hist_trigger_init()] {\n save_named_trigger(name, data) {\n list_add(\u0026data-\u003enamed_list, \u0026named_triggers);\n }\n }\n }\n }\n\n ret = create_actions(); (return -EINVAL)\n if (ret)\n goto out_unreg;\n[..]\n ret = hist_trigger_enable(data, ...) {\n list_add_tail_rcu(\u0026data-\u003elist, \u0026file-\u003etriggers); \u003c\u003c\u003c---- SKIPPED!!! (this is important!)\n[..]\n out_unreg:\n event_hist_unregister(.., data) {\n cmd_ops-\u003eunreg(.., data, ..) [hist_unregister_trigger()] {\n list_for_each_entry(iter, \u0026file-\u003etriggers, list) {\n if (!hist_trigger_match(data, iter, named_data, false)) \u003c- never matches\n continue;\n [..]\n test = iter;\n }\n if (test \u0026\u0026 test-\u003eops-\u003efree) \u003c\u003c\u003c-- test is NULL\n\n test-\u003eops-\u003efree(test) [event_hist_trigger_free()] {\n [..]\n if (data-\u003ename)\n del_named_trigger(data) {\n list_del(\u0026data-\u003enamed_list); \u003c\u003c\u003c\u003c-- NEVER gets removed!\n }\n }\n }\n }\n\n [..]\n kfree(data); \u003c\u003c\u003c-- frees item but it is still on list\n\nThe next time a hist with name is registered, it causes an u-a-f bug and\nthe kernel can crash.\n\nMove the code around such that if event_trigger_register() succeeds, the\nnext thing called is hist_trigger_enable() which adds it to the list.\n\nA bunch of actions is called if get_named_trigger_data() returns false.\nBut that doesn\u0027t need to be called after event_trigger_register(), so it\ncan be moved up, allowing event_trigger_register() to be called just\nbefore hist_trigger_enable() keeping them together and allowing the\nfile-\u003etriggers to be properly populated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21899",
"url": "https://www.suse.com/security/cve/CVE-2025-21899"
},
{
"category": "external",
"summary": "SUSE Bug 1240577 for CVE-2025-21899",
"url": "https://bugzilla.suse.com/1240577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21899"
},
{
"cve": "CVE-2025-21901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Add sanity checks on rdev validity\n\nThere is a possibility that ulp_irq_stop and ulp_irq_start\ncallbacks will be called when the device is in detached state.\nThis can cause a crash due to NULL pointer dereference as\nthe rdev is already freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21901",
"url": "https://www.suse.com/security/cve/CVE-2025-21901"
},
{
"category": "external",
"summary": "SUSE Bug 1240579 for CVE-2025-21901",
"url": "https://bugzilla.suse.com/1240579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21901"
},
{
"cve": "CVE-2025-21911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: avoid deadlock on fence release\n\nDo scheduler queue fence release processing on a workqueue, rather\nthan in the release function itself.\n\nFixes deadlock issues such as the following:\n\n[ 607.400437] ============================================\n[ 607.405755] WARNING: possible recursive locking detected\n[ 607.415500] --------------------------------------------\n[ 607.420817] weston:zfq0/24149 is trying to acquire lock:\n[ 607.426131] ffff000017d041a0 (reservation_ww_class_mutex){+.+.}-{3:3}, at: pvr_gem_object_vunmap+0x40/0xc0 [powervr]\n[ 607.436728]\n but task is already holding lock:\n[ 607.442554] ffff000017d105a0 (reservation_ww_class_mutex){+.+.}-{3:3}, at: dma_buf_ioctl+0x250/0x554\n[ 607.451727]\n other info that might help us debug this:\n[ 607.458245] Possible unsafe locking scenario:\n\n[ 607.464155] CPU0\n[ 607.466601] ----\n[ 607.469044] lock(reservation_ww_class_mutex);\n[ 607.473584] lock(reservation_ww_class_mutex);\n[ 607.478114]\n *** DEADLOCK ***",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21911",
"url": "https://www.suse.com/security/cve/CVE-2025-21911"
},
{
"category": "external",
"summary": "SUSE Bug 1240589 for CVE-2025-21911",
"url": "https://bugzilla.suse.com/1240589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21911"
},
{
"cve": "CVE-2025-21920",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21920"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvlan: enforce underlying device type\n\nCurrently, VLAN devices can be created on top of non-ethernet devices.\n\nBesides the fact that it doesn\u0027t make much sense, this also causes a\nbug which leaks the address of a kernel function to usermode.\n\nWhen creating a VLAN device, we initialize GARP (garp_init_applicant)\nand MRP (mrp_init_applicant) for the underlying device.\n\nAs part of the initialization process, we add the multicast address of\neach applicant to the underlying device, by calling dev_mc_add.\n\n__dev_mc_add uses dev-\u003eaddr_len to determine the length of the new\nmulticast address.\n\nThis causes an out-of-bounds read if dev-\u003eaddr_len is greater than 6,\nsince the multicast addresses provided by GARP and MRP are only 6\nbytes long.\n\nThis behaviour can be reproduced using the following commands:\n\nip tunnel add gretest mode ip6gre local ::1 remote ::2 dev lo\nip l set up dev gretest\nip link add link gretest name vlantest type vlan id 100\n\nThen, the following command will display the address of garp_pdu_rcv:\n\nip maddr show | grep 01:80:c2:00:00:21\n\nFix the bug by enforcing the type of the underlying device during VLAN\ndevice initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21920",
"url": "https://www.suse.com/security/cve/CVE-2025-21920"
},
{
"category": "external",
"summary": "SUSE Bug 1240686 for CVE-2025-21920",
"url": "https://bugzilla.suse.com/1240686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21920"
},
{
"cve": "CVE-2025-21938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix \u0027scheduling while atomic\u0027 in mptcp_pm_nl_append_new_local_addr\n\nIf multiple connection requests attempt to create an implicit mptcp\nendpoint in parallel, more than one caller may end up in\nmptcp_pm_nl_append_new_local_addr because none found the address in\nlocal_addr_list during their call to mptcp_pm_nl_get_local_id. In this\ncase, the concurrent new_local_addr calls may delete the address entry\ncreated by the previous caller. These deletes use synchronize_rcu, but\nthis is not permitted in some of the contexts where this function may be\ncalled. During packet recv, the caller may be in a rcu read critical\nsection and have preemption disabled.\n\nAn example stack:\n\n BUG: scheduling while atomic: swapper/2/0/0x00000302\n\n Call Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:117 (discriminator 1))\n dump_stack (lib/dump_stack.c:124)\n __schedule_bug (kernel/sched/core.c:5943)\n schedule_debug.constprop.0 (arch/x86/include/asm/preempt.h:33 kernel/sched/core.c:5970)\n __schedule (arch/x86/include/asm/jump_label.h:27 include/linux/jump_label.h:207 kernel/sched/features.h:29 kernel/sched/core.c:6621)\n schedule (arch/x86/include/asm/preempt.h:84 kernel/sched/core.c:6804 kernel/sched/core.c:6818)\n schedule_timeout (kernel/time/timer.c:2160)\n wait_for_completion (kernel/sched/completion.c:96 kernel/sched/completion.c:116 kernel/sched/completion.c:127 kernel/sched/completion.c:148)\n __wait_rcu_gp (include/linux/rcupdate.h:311 kernel/rcu/update.c:444)\n synchronize_rcu (kernel/rcu/tree.c:3609)\n mptcp_pm_nl_append_new_local_addr (net/mptcp/pm_netlink.c:966 net/mptcp/pm_netlink.c:1061)\n mptcp_pm_nl_get_local_id (net/mptcp/pm_netlink.c:1164)\n mptcp_pm_get_local_id (net/mptcp/pm.c:420)\n subflow_check_req (net/mptcp/subflow.c:98 net/mptcp/subflow.c:213)\n subflow_v4_route_req (net/mptcp/subflow.c:305)\n tcp_conn_request (net/ipv4/tcp_input.c:7216)\n subflow_v4_conn_request (net/mptcp/subflow.c:651)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6709)\n tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1934)\n tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2334)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205 (discriminator 1))\n ip_local_deliver_finish (include/linux/rcupdate.h:813 net/ipv4/ip_input.c:234)\n ip_local_deliver (include/linux/netfilter.h:314 include/linux/netfilter.h:308 net/ipv4/ip_input.c:254)\n ip_sublist_rcv_finish (include/net/dst.h:461 net/ipv4/ip_input.c:580)\n ip_sublist_rcv (net/ipv4/ip_input.c:640)\n ip_list_rcv (net/ipv4/ip_input.c:675)\n __netif_receive_skb_list_core (net/core/dev.c:5583 net/core/dev.c:5631)\n netif_receive_skb_list_internal (net/core/dev.c:5685 net/core/dev.c:5774)\n napi_complete_done (include/linux/list.h:37 include/net/gro.h:449 include/net/gro.h:444 net/core/dev.c:6114)\n igb_poll (drivers/net/ethernet/intel/igb/igb_main.c:8244) igb\n __napi_poll (net/core/dev.c:6582)\n net_rx_action (net/core/dev.c:6653 net/core/dev.c:6787)\n handle_softirqs (kernel/softirq.c:553)\n __irq_exit_rcu (kernel/softirq.c:588 kernel/softirq.c:427 kernel/softirq.c:636)\n irq_exit_rcu (kernel/softirq.c:651)\n common_interrupt (arch/x86/kernel/irq.c:247 (discriminator 14))\n \u003c/IRQ\u003e\n\nThis problem seems particularly prevalent if the user advertises an\nendpoint that has a different external vs internal address. In the case\nwhere the external address is advertised and multiple connections\nalready exist, multiple subflow SYNs arrive in parallel which tends to\ntrigger the race during creation of the first local_addr_list entries\nwhich have the internal address instead.\n\nFix by skipping the replacement of an existing implicit local address if\ncalled via mptcp_pm_nl_get_local_id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21938",
"url": "https://www.suse.com/security/cve/CVE-2025-21938"
},
{
"category": "external",
"summary": "SUSE Bug 1240723 for CVE-2025-21938",
"url": "https://bugzilla.suse.com/1240723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21938"
},
{
"cve": "CVE-2025-21939",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21939"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/hmm: Don\u0027t dereference struct page pointers without notifier lock\n\nThe pnfs that we obtain from hmm_range_fault() point to pages that\nwe don\u0027t have a reference on, and the guarantee that they are still\nin the cpu page-tables is that the notifier lock must be held and the\nnotifier seqno is still valid.\n\nSo while building the sg table and marking the pages accesses / dirty\nwe need to hold this lock with a validated seqno.\n\nHowever, the lock is reclaim tainted which makes\nsg_alloc_table_from_pages_segment() unusable, since it internally\nallocates memory.\n\nInstead build the sg-table manually. For the non-iommu case\nthis might lead to fewer coalesces, but if that\u0027s a problem it can\nbe fixed up later in the resource cursor code. For the iommu case,\nthe whole sg-table may still be coalesced to a single contigous\ndevice va region.\n\nThis avoids marking pages that we don\u0027t own dirty and accessed, and\nit also avoid dereferencing struct pages that we don\u0027t own.\n\nv2:\n- Use assert to check whether hmm pfns are valid (Matthew Auld)\n- Take into account that large pages may cross range boundaries\n (Matthew Auld)\n\nv3:\n- Don\u0027t unnecessarily check for a non-freed sg-table. (Matthew Auld)\n- Add a missing up_read() in an error path. (Matthew Auld)\n\n(cherry picked from commit ea3e66d280ce2576664a862693d1da8fd324c317)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21939",
"url": "https://www.suse.com/security/cve/CVE-2025-21939"
},
{
"category": "external",
"summary": "SUSE Bug 1240710 for CVE-2025-21939",
"url": "https://bugzilla.suse.com/1240710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21939"
},
{
"cve": "CVE-2025-21940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix NULL Pointer Dereference in KFD queue\n\nThrough KFD IOCTL Fuzzing we encountered a NULL pointer derefrence\nwhen calling kfd_queue_acquire_buffers.\n\n(cherry picked from commit 049e5bf3c8406f87c3d8e1958e0a16804fa1d530)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21940",
"url": "https://www.suse.com/security/cve/CVE-2025-21940"
},
{
"category": "external",
"summary": "SUSE Bug 1240702 for CVE-2025-21940",
"url": "https://bugzilla.suse.com/1240702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21940"
},
{
"cve": "CVE-2025-21959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()\n\nSince commit b36e4523d4d5 (\"netfilter: nf_conncount: fix garbage\ncollection confirm race\"), `cpu` and `jiffies32` were introduced to\nthe struct nf_conncount_tuple.\n\nThe commit made nf_conncount_add() initialize `conn-\u003ecpu` and\n`conn-\u003ejiffies32` when allocating the struct.\nIn contrast, count_tree() was not changed to initialize them.\n\nBy commit 34848d5c896e (\"netfilter: nf_conncount: Split insert and\ntraversal\"), count_tree() was split and the relevant allocation\ncode now resides in insert_tree().\nInitialize `conn-\u003ecpu` and `conn-\u003ejiffies32` in insert_tree().\n\nBUG: KMSAN: uninit-value in find_or_evict net/netfilter/nf_conncount.c:117 [inline]\nBUG: KMSAN: uninit-value in __nf_conncount_add+0xd9c/0x2850 net/netfilter/nf_conncount.c:143\n find_or_evict net/netfilter/nf_conncount.c:117 [inline]\n __nf_conncount_add+0xd9c/0x2850 net/netfilter/nf_conncount.c:143\n count_tree net/netfilter/nf_conncount.c:438 [inline]\n nf_conncount_count+0x82f/0x1e80 net/netfilter/nf_conncount.c:521\n connlimit_mt+0x7f6/0xbd0 net/netfilter/xt_connlimit.c:72\n __nft_match_eval net/netfilter/nft_compat.c:403 [inline]\n nft_match_eval+0x1a5/0x300 net/netfilter/nft_compat.c:433\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x1a5/0x230 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook_slow_list+0x24d/0x860 net/netfilter/core.c:663\n NF_HOOK_LIST include/linux/netfilter.h:350 [inline]\n ip_sublist_rcv+0x17b7/0x17f0 net/ipv4/ip_input.c:633\n ip_list_rcv+0x9ef/0xa40 net/ipv4/ip_input.c:669\n __netif_receive_skb_list_ptype net/core/dev.c:5936 [inline]\n __netif_receive_skb_list_core+0x15c5/0x1670 net/core/dev.c:5983\n __netif_receive_skb_list net/core/dev.c:6035 [inline]\n netif_receive_skb_list_internal+0x1085/0x1700 net/core/dev.c:6126\n netif_receive_skb_list+0x5a/0x460 net/core/dev.c:6178\n xdp_recv_frames net/bpf/test_run.c:280 [inline]\n xdp_test_run_batch net/bpf/test_run.c:361 [inline]\n bpf_test_run_xdp_live+0x2e86/0x3480 net/bpf/test_run.c:390\n bpf_prog_test_run_xdp+0xf1d/0x1ae0 net/bpf/test_run.c:1316\n bpf_prog_test_run+0x5e5/0xa30 kernel/bpf/syscall.c:4407\n __sys_bpf+0x6aa/0xd90 kernel/bpf/syscall.c:5813\n __do_sys_bpf kernel/bpf/syscall.c:5902 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5900 [inline]\n __ia32_sys_bpf+0xa0/0xe0 kernel/bpf/syscall.c:5900\n ia32_sys_call+0x394d/0x4180 arch/x86/include/generated/asm/syscalls_32.h:358\n do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]\n __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/common.c:387\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/common.c:412\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:450\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4121 [inline]\n slab_alloc_node mm/slub.c:4164 [inline]\n kmem_cache_alloc_noprof+0x915/0xe10 mm/slub.c:4171\n insert_tree net/netfilter/nf_conncount.c:372 [inline]\n count_tree net/netfilter/nf_conncount.c:450 [inline]\n nf_conncount_count+0x1415/0x1e80 net/netfilter/nf_conncount.c:521\n connlimit_mt+0x7f6/0xbd0 net/netfilter/xt_connlimit.c:72\n __nft_match_eval net/netfilter/nft_compat.c:403 [inline]\n nft_match_eval+0x1a5/0x300 net/netfilter/nft_compat.c:433\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x1a5/0x230 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook_slow_list+0x24d/0x860 net/netfilter/core.c:663\n NF_HOOK_LIST include/linux/netfilter.h:350 [inline]\n ip_sublist_rcv+0x17b7/0x17f0 net/ipv4/ip_input.c:633\n ip_list_rcv+0x9ef/0xa40 net/ip\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21959",
"url": "https://www.suse.com/security/cve/CVE-2025-21959"
},
{
"category": "external",
"summary": "SUSE Bug 1240814 for CVE-2025-21959",
"url": "https://bugzilla.suse.com/1240814"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21959"
},
{
"cve": "CVE-2025-21987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21987"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: init return value in amdgpu_ttm_clear_buffer\n\nOtherwise an uninitialized value can be returned if\namdgpu_res_cleared returns true for all regions.\n\nPossibly closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3812\n\n(cherry picked from commit 7c62aacc3b452f73a1284198c81551035fac6d71)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21987",
"url": "https://www.suse.com/security/cve/CVE-2025-21987"
},
{
"category": "external",
"summary": "SUSE Bug 1240798 for CVE-2025-21987",
"url": "https://bugzilla.suse.com/1240798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21987"
},
{
"cve": "CVE-2025-21997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix an integer overflow in xp_create_and_assign_umem()\n\nSince the i and pool-\u003echunk_size variables are of type \u0027u32\u0027,\ntheir product can wrap around and then be cast to \u0027u64\u0027.\nThis can lead to two different XDP buffers pointing to the same\nmemory area.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21997",
"url": "https://www.suse.com/security/cve/CVE-2025-21997"
},
{
"category": "external",
"summary": "SUSE Bug 1240823 for CVE-2025-21997",
"url": "https://bugzilla.suse.com/1240823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-21997"
},
{
"cve": "CVE-2025-22005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().\n\nfib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything\nwhen it fails.\n\nCommit 7dd73168e273 (\"ipv6: Always allocate pcpu memory in a fib6_nh\")\nmoved fib_nh_common_init() before alloc_percpu_gfp() within fib6_nh_init()\nbut forgot to add cleanup for fib6_nh-\u003enh_common.nhc_pcpu_rth_output in\ncase it fails to allocate fib6_nh-\u003ert6i_pcpu, resulting in memleak.\n\nLet\u0027s call fib_nh_common_release() and clear nhc_pcpu_rth_output in the\nerror path.\n\nNote that we can remove the fib6_nh_release() call in nh_create_ipv6()\nlater in net-next.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22005",
"url": "https://www.suse.com/security/cve/CVE-2025-22005"
},
{
"category": "external",
"summary": "SUSE Bug 1240866 for CVE-2025-22005",
"url": "https://bugzilla.suse.com/1240866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-22005"
},
{
"cve": "CVE-2025-22023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Don\u0027t skip on Stopped - Length Invalid\n\nUp until commit d56b0b2ab142 (\"usb: xhci: ensure skipped isoc TDs are\nreturned when isoc ring is stopped\") in v6.11, the driver didn\u0027t skip\nmissed isochronous TDs when handling Stoppend and Stopped - Length\nInvalid events. Instead, it erroneously cleared the skip flag, which\nwould cause the ring to get stuck, as future events won\u0027t match the\nmissed TD which is never removed from the queue until it\u0027s cancelled.\n\nThis buggy logic seems to have been in place substantially unchanged\nsince the 3.x series over 10 years ago, which probably speaks first\nand foremost about relative rarity of this case in normal usage, but\nby the spec I see no reason why it shouldn\u0027t be possible.\n\nAfter d56b0b2ab142, TDs are immediately skipped when handling those\nStopped events. This poses a potential problem in case of Stopped -\nLength Invalid, which occurs either on completed TDs (likely already\ngiven back) or Link and No-Op TRBs. Such event won\u0027t be recognized\nas matching any TD (unless it\u0027s the rare Link TRB inside a TD) and\nwill result in skipping all pending TDs, giving them back possibly\nbefore they are done, risking isoc data loss and maybe UAF by HW.\n\nAs a compromise, don\u0027t skip and don\u0027t clear the skip flag on this\nkind of event. Then the next event will skip missed TDs. A downside\nof not handling Stopped - Length Invalid on a Link inside a TD is\nthat if the TD is cancelled, its actual length will not be updated\nto account for TRBs (silently) completed before the TD was stopped.\n\nI had no luck producing this sequence of completion events so there\nis no compelling demonstration of any resulting disaster. It may be\na very rare, obscure condition. The sole motivation for this patch\nis that if such unlikely event does occur, I\u0027d rather risk reporting\na cancelled partially done isoc frame as empty than gamble with UAF.\n\nThis will be fixed more properly by looking at Stopped event\u0027s TRB\npointer when making skipping decisions, but such rework is unlikely\nto be backported to v6.12, which will stay around for a few years.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22023",
"url": "https://www.suse.com/security/cve/CVE-2025-22023"
},
{
"category": "external",
"summary": "SUSE Bug 1241298 for CVE-2025-22023",
"url": "https://bugzilla.suse.com/1241298"
},
{
"category": "external",
"summary": "SUSE Bug 1246754 for CVE-2025-22023",
"url": "https://bugzilla.suse.com/1246754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "important"
}
],
"title": "CVE-2025-22023"
},
{
"cve": "CVE-2025-22035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22035"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix use-after-free in print_graph_function_flags during tracer switching\n\nKairui reported a UAF issue in print_graph_function_flags() during\nftrace stress testing [1]. This issue can be reproduced if puting a\n\u0027mdelay(10)\u0027 after \u0027mutex_unlock(\u0026trace_types_lock)\u0027 in s_start(),\nand executing the following script:\n\n $ echo function_graph \u003e current_tracer\n $ cat trace \u003e /dev/null \u0026\n $ sleep 5 # Ensure the \u0027cat\u0027 reaches the \u0027mdelay(10)\u0027 point\n $ echo timerlat \u003e current_tracer\n\nThe root cause lies in the two calls to print_graph_function_flags\nwithin print_trace_line during each s_show():\n\n * One through \u0027iter-\u003etrace-\u003eprint_line()\u0027;\n * Another through \u0027event-\u003efuncs-\u003etrace()\u0027, which is hidden in\n print_trace_fmt() before print_trace_line returns.\n\nTracer switching only updates the former, while the latter continues\nto use the print_line function of the old tracer, which in the script\nabove is print_graph_function_flags.\n\nMoreover, when switching from the \u0027function_graph\u0027 tracer to the\n\u0027timerlat\u0027 tracer, s_start only calls graph_trace_close of the\n\u0027function_graph\u0027 tracer to free \u0027iter-\u003eprivate\u0027, but does not set\nit to NULL. This provides an opportunity for \u0027event-\u003efuncs-\u003etrace()\u0027\nto use an invalid \u0027iter-\u003eprivate\u0027.\n\nTo fix this issue, set \u0027iter-\u003eprivate\u0027 to NULL immediately after\nfreeing it in graph_trace_close(), ensuring that an invalid pointer\nis not passed to other tracers. Additionally, clean up the unnecessary\n\u0027iter-\u003eprivate = NULL\u0027 during each \u0027cat trace\u0027 when using wakeup and\nirqsoff tracers.\n\n [1] https://lore.kernel.org/all/20231112150030.84609-1-ryncsn@gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22035",
"url": "https://www.suse.com/security/cve/CVE-2025-22035"
},
{
"category": "external",
"summary": "SUSE Bug 1241544 for CVE-2025-22035",
"url": "https://bugzilla.suse.com/1241544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-22035"
},
{
"cve": "CVE-2025-22066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: imx-card: Add NULL check in imx_card_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nimx_card_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22066",
"url": "https://www.suse.com/security/cve/CVE-2025-22066"
},
{
"category": "external",
"summary": "SUSE Bug 1241340 for CVE-2025-22066",
"url": "https://bugzilla.suse.com/1241340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-22066"
},
{
"cve": "CVE-2025-22083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint\n\nIf vhost_scsi_set_endpoint is called multiple times without a\nvhost_scsi_clear_endpoint between them, we can hit multiple bugs\nfound by Haoran Zhang:\n\n1. Use-after-free when no tpgs are found:\n\nThis fixes a use after free that occurs when vhost_scsi_set_endpoint is\ncalled more than once and calls after the first call do not find any\ntpgs to add to the vs_tpg. When vhost_scsi_set_endpoint first finds\ntpgs to add to the vs_tpg array match=true, so we will do:\n\nvhost_vq_set_backend(vq, vs_tpg);\n...\n\nkfree(vs-\u003evs_tpg);\nvs-\u003evs_tpg = vs_tpg;\n\nIf vhost_scsi_set_endpoint is called again and no tpgs are found\nmatch=false so we skip the vhost_vq_set_backend call leaving the\npointer to the vs_tpg we then free via:\n\nkfree(vs-\u003evs_tpg);\nvs-\u003evs_tpg = vs_tpg;\n\nIf a scsi request is then sent we do:\n\nvhost_scsi_handle_vq -\u003e vhost_scsi_get_req -\u003e vhost_vq_get_backend\n\nwhich sees the vs_tpg we just did a kfree on.\n\n2. Tpg dir removal hang:\n\nThis patch fixes an issue where we cannot remove a LIO/target layer\ntpg (and structs above it like the target) dir due to the refcount\ndropping to -1.\n\nThe problem is that if vhost_scsi_set_endpoint detects a tpg is already\nin the vs-\u003evs_tpg array or if the tpg has been removed so\ntarget_depend_item fails, the undepend goto handler will do\ntarget_undepend_item on all tpgs in the vs_tpg array dropping their\nrefcount to 0. At this time vs_tpg contains both the tpgs we have added\nin the current vhost_scsi_set_endpoint call as well as tpgs we added in\nprevious calls which are also in vs-\u003evs_tpg.\n\nLater, when vhost_scsi_clear_endpoint runs it will do\ntarget_undepend_item on all the tpgs in the vs-\u003evs_tpg which will drop\ntheir refcount to -1. Userspace will then not be able to remove the tpg\nand will hang when it tries to do rmdir on the tpg dir.\n\n3. Tpg leak:\n\nThis fixes a bug where we can leak tpgs and cause them to be\nun-removable because the target name is overwritten when\nvhost_scsi_set_endpoint is called multiple times but with different\ntarget names.\n\nThe bug occurs if a user has called VHOST_SCSI_SET_ENDPOINT and setup\na vhost-scsi device to target/tpg mapping, then calls\nVHOST_SCSI_SET_ENDPOINT again with a new target name that has tpgs we\nhaven\u0027t seen before (target1 has tpg1 but target2 has tpg2). When this\nhappens we don\u0027t teardown the old target tpg mapping and just overwrite\nthe target name and the vs-\u003evs_tpg array. Later when we do\nvhost_scsi_clear_endpoint, we are passed in either target1 or target2\u0027s\nname and we will only match that target\u0027s tpgs when we loop over the\nvs-\u003evs_tpg. We will then return from the function without doing\ntarget_undepend_item on the tpgs.\n\nBecause of all these bugs, it looks like being able to call\nvhost_scsi_set_endpoint multiple times was never supported. The major\nuser, QEMU, already has checks to prevent this use case. So to fix the\nissues, this patch prevents vhost_scsi_set_endpoint from being called\nif it\u0027s already successfully added tpgs. To add, remove or change the\ntpg config or target name, you must do a vhost_scsi_clear_endpoint\nfirst.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22083",
"url": "https://www.suse.com/security/cve/CVE-2025-22083"
},
{
"category": "external",
"summary": "SUSE Bug 1241414 for CVE-2025-22083",
"url": "https://bugzilla.suse.com/1241414"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-22083"
},
{
"cve": "CVE-2025-22089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Don\u0027t expose hw_counters outside of init net namespace\n\nCommit 467f432a521a (\"RDMA/core: Split port and device counter sysfs\nattributes\") accidentally almost exposed hw counters to non-init net\nnamespaces. It didn\u0027t expose them fully, as an attempt to read any of\nthose counters leads to a crash like this one:\n\n[42021.807566] BUG: kernel NULL pointer dereference, address: 0000000000000028\n[42021.814463] #PF: supervisor read access in kernel mode\n[42021.819549] #PF: error_code(0x0000) - not-present page\n[42021.824636] PGD 0 P4D 0\n[42021.827145] Oops: 0000 [#1] SMP PTI\n[42021.830598] CPU: 82 PID: 2843922 Comm: switchto-defaul Kdump: loaded Tainted: G S W I XXX\n[42021.841697] Hardware name: XXX\n[42021.849619] RIP: 0010:hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.855362] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 49 89 d0 4c 8b 5e 20 48 8b 8f b8 04 00 00 48 81 c7 f0 fa ff ff \u003c48\u003e 8b 41 28 48 29 ce 48 83 c6 d0 48 c1 ee 04 69 d6 ab aa aa aa 48\n[42021.873931] RSP: 0018:ffff97fe90f03da0 EFLAGS: 00010287\n[42021.879108] RAX: ffff9406988a8c60 RBX: ffff940e1072d438 RCX: 0000000000000000\n[42021.886169] RDX: ffff94085f1aa000 RSI: ffff93c6cbbdbcb0 RDI: ffff940c7517aef0\n[42021.893230] RBP: ffff97fe90f03e70 R08: ffff94085f1aa000 R09: 0000000000000000\n[42021.900294] R10: ffff94085f1aa000 R11: ffffffffc0775680 R12: ffffffff87ca2530\n[42021.907355] R13: ffff940651602840 R14: ffff93c6cbbdbcb0 R15: ffff94085f1aa000\n[42021.914418] FS: 00007fda1a3b9700(0000) GS:ffff94453fb80000(0000) knlGS:0000000000000000\n[42021.922423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[42021.928130] CR2: 0000000000000028 CR3: 00000042dcfb8003 CR4: 00000000003726f0\n[42021.935194] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[42021.942257] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[42021.949324] Call Trace:\n[42021.951756] \u003cTASK\u003e\n[42021.953842] [\u003cffffffff86c58674\u003e] ? show_regs+0x64/0x70\n[42021.959030] [\u003cffffffff86c58468\u003e] ? __die+0x78/0xc0\n[42021.963874] [\u003cffffffff86c9ef75\u003e] ? page_fault_oops+0x2b5/0x3b0\n[42021.969749] [\u003cffffffff87674b92\u003e] ? exc_page_fault+0x1a2/0x3c0\n[42021.975549] [\u003cffffffff87801326\u003e] ? asm_exc_page_fault+0x26/0x30\n[42021.981517] [\u003cffffffffc0775680\u003e] ? __pfx_show_hw_stats+0x10/0x10 [ib_core]\n[42021.988482] [\u003cffffffffc077564e\u003e] ? hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.995438] [\u003cffffffff86ac7f8e\u003e] dev_attr_show+0x1e/0x50\n[42022.000803] [\u003cffffffff86a3eeb1\u003e] sysfs_kf_seq_show+0x81/0xe0\n[42022.006508] [\u003cffffffff86a11134\u003e] seq_read_iter+0xf4/0x410\n[42022.011954] [\u003cffffffff869f4b2e\u003e] vfs_read+0x16e/0x2f0\n[42022.017058] [\u003cffffffff869f50ee\u003e] ksys_read+0x6e/0xe0\n[42022.022073] [\u003cffffffff8766f1ca\u003e] do_syscall_64+0x6a/0xa0\n[42022.027441] [\u003cffffffff8780013b\u003e] entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nThe problem can be reproduced using the following steps:\n ip netns add foo\n ip netns exec foo bash\n cat /sys/class/infiniband/mlx4_0/hw_counters/*\n\nThe panic occurs because of casting the device pointer into an\nib_device pointer using container_of() in hw_stat_device_show() is\nwrong and leads to a memory corruption.\n\nHowever the real problem is that hw counters should never been exposed\noutside of the non-init net namespace.\n\nFix this by saving the index of the corresponding attribute group\n(it might be 1 or 2 depending on the presence of driver-specific\nattributes) and zeroing the pointer to hw_counters group for compat\ndevices during the initialization.\n\nWith this fix applied hw_counters are not available in a non-init\nnet namespace:\n find /sys/class/infiniband/mlx4_0/ -name hw_counters\n /sys/class/infiniband/mlx4_0/ports/1/hw_counters\n /sys/class/infiniband/mlx4_0/ports/2/hw_counters\n /sys/class/infiniband/mlx4_0/hw_counters\n\n ip netns add foo\n ip netns exec foo bash\n find /sys/class/infiniband/mlx4_0/ -name hw_counters",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22089",
"url": "https://www.suse.com/security/cve/CVE-2025-22089"
},
{
"category": "external",
"summary": "SUSE Bug 1241538 for CVE-2025-22089",
"url": "https://bugzilla.suse.com/1241538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-22089"
},
{
"cve": "CVE-2025-22095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: brcmstb: Fix error path after a call to regulator_bulk_get()\n\nIf the regulator_bulk_get() returns an error and no regulators\nare created, we need to set their number to zero.\n\nIf we don\u0027t do this and the PCIe link up fails, a call to the\nregulator_bulk_free() will result in a kernel panic.\n\nWhile at it, print the error value, as we cannot return an error\nupwards as the kernel will WARN() on an error from add_bus().\n\n[kwilczynski: commit log, use comma in the message to match style with\nother similar messages]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22095",
"url": "https://www.suse.com/security/cve/CVE-2025-22095"
},
{
"category": "external",
"summary": "SUSE Bug 1241519 for CVE-2025-22095",
"url": "https://bugzilla.suse.com/1241519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-22095"
},
{
"cve": "CVE-2025-22111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22111"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF.\n\nSIOCBRDELIF is passed to dev_ioctl() first and later forwarded to\nbr_ioctl_call(), which causes unnecessary RTNL dance and the splat\nbelow [0] under RTNL pressure.\n\nLet\u0027s say Thread A is trying to detach a device from a bridge and\nThread B is trying to remove the bridge.\n\nIn dev_ioctl(), Thread A bumps the bridge device\u0027s refcnt by\nnetdev_hold() and releases RTNL because the following br_ioctl_call()\nalso re-acquires RTNL.\n\nIn the race window, Thread B could acquire RTNL and try to remove\nthe bridge device. Then, rtnl_unlock() by Thread B will release RTNL\nand wait for netdev_put() by Thread A.\n\nThread A, however, must hold RTNL after the unlock in dev_ifsioc(),\nwhich may take long under RTNL pressure, resulting in the splat by\nThread B.\n\n Thread A (SIOCBRDELIF) Thread B (SIOCBRDELBR)\n ---------------------- ----------------------\n sock_ioctl sock_ioctl\n `- sock_do_ioctl `- br_ioctl_call\n `- dev_ioctl `- br_ioctl_stub\n |- rtnl_lock |\n |- dev_ifsioc \u0027\n \u0027 |- dev = __dev_get_by_name(...)\n |- netdev_hold(dev, ...) .\n / |- rtnl_unlock ------. |\n | |- br_ioctl_call `---\u003e |- rtnl_lock\n Race | | `- br_ioctl_stub |- br_del_bridge\n Window | | | |- dev = __dev_get_by_name(...)\n | | | May take long | `- br_dev_delete(dev, ...)\n | | | under RTNL pressure | `- unregister_netdevice_queue(dev, ...)\n | | | | `- rtnl_unlock\n \\ | |- rtnl_lock \u003c-\u0027 `- netdev_run_todo\n | |- ... `- netdev_run_todo\n | `- rtnl_unlock |- __rtnl_unlock\n | |- netdev_wait_allrefs_any\n |- netdev_put(dev, ...) \u003c----------------\u0027\n Wait refcnt decrement\n and log splat below\n\nTo avoid blocking SIOCBRDELBR unnecessarily, let\u0027s not call\ndev_ioctl() for SIOCBRADDIF and SIOCBRDELIF.\n\nIn the dev_ioctl() path, we do the following:\n\n 1. Copy struct ifreq by get_user_ifreq in sock_do_ioctl()\n 2. Check CAP_NET_ADMIN in dev_ioctl()\n 3. Call dev_load() in dev_ioctl()\n 4. Fetch the master dev from ifr.ifr_name in dev_ifsioc()\n\n3. can be done by request_module() in br_ioctl_call(), so we move\n1., 2., and 4. to br_ioctl_stub().\n\nNote that 2. is also checked later in add_del_if(), but it\u0027s better\nperformed before RTNL.\n\nSIOCBRADDIF and SIOCBRDELIF have been processed in dev_ioctl() since\nthe pre-git era, and there seems to be no specific reason to process\nthem there.\n\n[0]:\nunregister_netdevice: waiting for wpan3 to become free. Usage count = 2\nref_tracker: wpan3@ffff8880662d8608 has 1/1 users at\n __netdev_tracker_alloc include/linux/netdevice.h:4282 [inline]\n netdev_hold include/linux/netdevice.h:4311 [inline]\n dev_ifsioc+0xc6a/0x1160 net/core/dev_ioctl.c:624\n dev_ioctl+0x255/0x10c0 net/core/dev_ioctl.c:826\n sock_do_ioctl+0x1ca/0x260 net/socket.c:1213\n sock_ioctl+0x23a/0x6c0 net/socket.c:1318\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl fs/ioctl.c:892 [inline]\n __x64_sys_ioctl+0x1a4/0x210 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcb/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22111",
"url": "https://www.suse.com/security/cve/CVE-2025-22111"
},
{
"category": "external",
"summary": "SUSE Bug 1241572 for CVE-2025-22111",
"url": "https://bugzilla.suse.com/1241572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-22111"
},
{
"cve": "CVE-2025-22113",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22113"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid journaling sb update on error if journal is destroying\n\nPresently we always BUG_ON if trying to start a transaction on a journal marked\nwith JBD2_UNMOUNT, since this should never happen. However, while ltp running\nstress tests, it was observed that in case of some error handling paths, it is\npossible for update_super_work to start a transaction after the journal is\ndestroyed eg:\n\n(umount)\next4_kill_sb\n kill_block_super\n generic_shutdown_super\n sync_filesystem /* commits all txns */\n evict_inodes\n /* might start a new txn */\n ext4_put_super\n\tflush_work(\u0026sbi-\u003es_sb_upd_work) /* flush the workqueue */\n jbd2_journal_destroy\n journal_kill_thread\n journal-\u003ej_flags |= JBD2_UNMOUNT;\n jbd2_journal_commit_transaction\n jbd2_journal_get_descriptor_buffer\n jbd2_journal_bmap\n ext4_journal_bmap\n ext4_map_blocks\n ...\n ext4_inode_error\n ext4_handle_error\n schedule_work(\u0026sbi-\u003es_sb_upd_work)\n\n /* work queue kicks in */\n update_super_work\n jbd2_journal_start\n start_this_handle\n BUG_ON(journal-\u003ej_flags \u0026\n JBD2_UNMOUNT)\n\nHence, introduce a new mount flag to indicate journal is destroying and only do\na journaled (and deferred) update of sb if this flag is not set. Otherwise, just\nfallback to an un-journaled commit.\n\nFurther, in the journal destroy path, we have the following sequence:\n\n 1. Set mount flag indicating journal is destroying\n 2. force a commit and wait for it\n 3. flush pending sb updates\n\nThis sequence is important as it ensures that, after this point, there is no sb\nupdate that might be journaled so it is safe to update the sb outside the\njournal. (To avoid race discussed in 2d01ddc86606)\n\nAlso, we don\u0027t need a similar check in ext4_grp_locked_error since it is only\ncalled from mballoc and AFAICT it would be always valid to schedule work here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22113",
"url": "https://www.suse.com/security/cve/CVE-2025-22113"
},
{
"category": "external",
"summary": "SUSE Bug 1241617 for CVE-2025-22113",
"url": "https://bugzilla.suse.com/1241617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-22113"
},
{
"cve": "CVE-2025-22119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: init wiphy_work before allocating rfkill fails\n\nsyzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1]\n\nAfter rfkill allocation fails, the wiphy release process will be performed,\nwhich will cause cfg80211_dev_free to access the uninitialized wiphy_work\nrelated data.\n\nMove the initialization of wiphy_work to before rfkill initialization to\navoid this issue.\n\n[1]\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn\u0027t initialize this object before use?\nturning off the locking correctness validator.\nCPU: 0 UID: 0 PID: 5935 Comm: syz-executor550 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n assign_lock_key kernel/locking/lockdep.c:983 [inline]\n register_lock_class+0xc39/0x1240 kernel/locking/lockdep.c:1297\n __lock_acquire+0x135/0x3c40 kernel/locking/lockdep.c:5103\n lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162\n cfg80211_dev_free+0x30/0x3d0 net/wireless/core.c:1196\n device_release+0xa1/0x240 drivers/base/core.c:2568\n kobject_cleanup lib/kobject.c:689 [inline]\n kobject_release lib/kobject.c:720 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1e4/0x5a0 lib/kobject.c:737\n put_device+0x1f/0x30 drivers/base/core.c:3774\n wiphy_free net/wireless/core.c:1224 [inline]\n wiphy_new_nm+0x1c1f/0x2160 net/wireless/core.c:562\n ieee80211_alloc_hw_nm+0x1b7a/0x2260 net/mac80211/main.c:835\n mac80211_hwsim_new_radio+0x1d6/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5185\n hwsim_new_radio_nl+0xb42/0x12b0 drivers/net/wireless/virtual/mac80211_hwsim.c:6242\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2533\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1338\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1882\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg net/socket.c:733 [inline]\n ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2573\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2627\n __sys_sendmsg+0x16e/0x220 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n\nClose: https://syzkaller.appspot.com/bug?extid=aaf0488c83d1d5f4f029",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22119",
"url": "https://www.suse.com/security/cve/CVE-2025-22119"
},
{
"category": "external",
"summary": "SUSE Bug 1241576 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "external",
"summary": "SUSE Bug 1241577 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "important"
}
],
"title": "CVE-2025-22119"
},
{
"cve": "CVE-2025-22120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: goto right label \u0027out_mmap_sem\u0027 in ext4_setattr()\n\nOtherwise, if ext4_inode_attach_jinode() fails, a hung task will\nhappen because filemap_invalidate_unlock() isn\u0027t called to unlock\nmapping-\u003einvalidate_lock. Like this:\n\nEXT4-fs error (device sda) in ext4_setattr:5557: Out of memory\nINFO: task fsstress:374 blocked for more than 122 seconds.\n Not tainted 6.14.0-rc1-next-20250206-xfstests-dirty #726\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:fsstress state:D stack:0 pid:374 tgid:374 ppid:373\n task_flags:0x440140 flags:0x00000000\nCall Trace:\n \u003cTASK\u003e\n __schedule+0x2c9/0x7f0\n schedule+0x27/0xa0\n schedule_preempt_disabled+0x15/0x30\n rwsem_down_read_slowpath+0x278/0x4c0\n down_read+0x59/0xb0\n page_cache_ra_unbounded+0x65/0x1b0\n filemap_get_pages+0x124/0x3e0\n filemap_read+0x114/0x3d0\n vfs_read+0x297/0x360\n ksys_read+0x6c/0xe0\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22120",
"url": "https://www.suse.com/security/cve/CVE-2025-22120"
},
{
"category": "external",
"summary": "SUSE Bug 1241592 for CVE-2025-22120",
"url": "https://bugzilla.suse.com/1241592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-22120"
},
{
"cve": "CVE-2025-22124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: fix wrong bitmap_limit for clustermd when write sb\n\nIn clustermd, separate write-intent-bitmaps are used for each cluster\nnode:\n\n0 4k 8k 12k\n-------------------------------------------------------------------\n| idle | md super | bm super [0] + bits |\n| bm bits[0, contd] | bm super[1] + bits | bm bits[1, contd] |\n| bm super[2] + bits | bm bits [2, contd] | bm super[3] + bits |\n| bm bits [3, contd] | | |\n\nSo in node 1, pg_index in __write_sb_page() could equal to\nbitmap-\u003estorage.file_pages. Then bitmap_limit will be calculated to\n0. md_super_write() will be called with 0 size.\nThat means the first 4k sb area of node 1 will never be updated\nthrough filemap_write_page().\nThis bug causes hang of mdadm/clustermd_tests/01r1_Grow_resize.\n\nHere use (pg_index % bitmap-\u003estorage.file_pages) to make calculation\nof bitmap_limit correct.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22124",
"url": "https://www.suse.com/security/cve/CVE-2025-22124"
},
{
"category": "external",
"summary": "SUSE Bug 1241595 for CVE-2025-22124",
"url": "https://bugzilla.suse.com/1241595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-22124"
},
{
"cve": "CVE-2025-23141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses\n\nAcquire a lock on kvm-\u003esrcu when userspace is getting MP state to handle a\nrather extreme edge case where \"accepting\" APIC events, i.e. processing\npending INIT or SIPI, can trigger accesses to guest memory. If the vCPU\nis in L2 with INIT *and* a TRIPLE_FAULT request pending, then getting MP\nstate will trigger a nested VM-Exit by way of -\u003echeck_nested_events(), and\nemuating the nested VM-Exit can access guest memory.\n\nThe splat was originally hit by syzkaller on a Google-internal kernel, and\nreproduced on an upstream kernel by hacking the triple_fault_event_test\nselftest to stuff a pending INIT, store an MSR on VM-Exit (to generate a\nmemory access on VMX), and do vcpu_mp_state_get() to trigger the scenario.\n\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3-b112d356288b-vmx/pi_lockdep_false_pos-lock #3 Not tainted\n -----------------------------\n include/linux/kvm_host.h:1058 suspicious rcu_dereference_check() usage!\n\n other info that might help us debug this:\n\n rcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by triple_fault_ev/1256:\n #0: ffff88810df5a330 (\u0026vcpu-\u003emutex){+.+.}-{4:4}, at: kvm_vcpu_ioctl+0x8b/0x9a0 [kvm]\n\n stack backtrace:\n CPU: 11 UID: 1000 PID: 1256 Comm: triple_fault_ev Not tainted 6.14.0-rc3-b112d356288b-vmx #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7f/0x90\n lockdep_rcu_suspicious+0x144/0x190\n kvm_vcpu_gfn_to_memslot+0x156/0x180 [kvm]\n kvm_vcpu_read_guest+0x3e/0x90 [kvm]\n read_and_check_msr_entry+0x2e/0x180 [kvm_intel]\n __nested_vmx_vmexit+0x550/0xde0 [kvm_intel]\n kvm_check_nested_events+0x1b/0x30 [kvm]\n kvm_apic_accept_events+0x33/0x100 [kvm]\n kvm_arch_vcpu_ioctl_get_mpstate+0x30/0x1d0 [kvm]\n kvm_vcpu_ioctl+0x33e/0x9a0 [kvm]\n __x64_sys_ioctl+0x8b/0xb0\n do_syscall_64+0x6c/0x170\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23141",
"url": "https://www.suse.com/security/cve/CVE-2025-23141"
},
{
"category": "external",
"summary": "SUSE Bug 1242782 for CVE-2025-23141",
"url": "https://bugzilla.suse.com/1242782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-23141"
},
{
"cve": "CVE-2025-23142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: detect and prevent references to a freed transport in sendmsg\n\nsctp_sendmsg() re-uses associations and transports when possible by\ndoing a lookup based on the socket endpoint and the message destination\naddress, and then sctp_sendmsg_to_asoc() sets the selected transport in\nall the message chunks to be sent.\n\nThere\u0027s a possible race condition if another thread triggers the removal\nof that selected transport, for instance, by explicitly unbinding an\naddress with setsockopt(SCTP_SOCKOPT_BINDX_REM), after the chunks have\nbeen set up and before the message is sent. This can happen if the send\nbuffer is full, during the period when the sender thread temporarily\nreleases the socket lock in sctp_wait_for_sndbuf().\n\nThis causes the access to the transport data in\nsctp_outq_select_transport(), when the association outqueue is flushed,\nto result in a use-after-free read.\n\nThis change avoids this scenario by having sctp_transport_free() signal\nthe freeing of the transport, tagging it as \"dead\". In order to do this,\nthe patch restores the \"dead\" bit in struct sctp_transport, which was\nremoved in\ncommit 47faa1e4c50e (\"sctp: remove the dead field of sctp_transport\").\n\nThen, in the scenario where the sender thread has released the socket\nlock in sctp_wait_for_sndbuf(), the bit is checked again after\nre-acquiring the socket lock to detect the deletion. This is done while\nholding a reference to the transport to prevent it from being freed in\nthe process.\n\nIf the transport was deleted while the socket lock was relinquished,\nsctp_sendmsg_to_asoc() will return -EAGAIN to let userspace retry the\nsend.\n\nThe bug was found by a private syzbot instance (see the error report [1]\nand the C reproducer that triggers it [2]).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23142",
"url": "https://www.suse.com/security/cve/CVE-2025-23142"
},
{
"category": "external",
"summary": "SUSE Bug 1242760 for CVE-2025-23142",
"url": "https://bugzilla.suse.com/1242760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-23142"
},
{
"cve": "CVE-2025-23144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23144"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbacklight: led_bl: Hold led_access lock when calling led_sysfs_disable()\n\nLockdep detects the following issue on led-backlight removal:\n [ 142.315935] ------------[ cut here ]------------\n [ 142.315954] WARNING: CPU: 2 PID: 292 at drivers/leds/led-core.c:455 led_sysfs_enable+0x54/0x80\n ...\n [ 142.500725] Call trace:\n [ 142.503176] led_sysfs_enable+0x54/0x80 (P)\n [ 142.507370] led_bl_remove+0x80/0xa8 [led_bl]\n [ 142.511742] platform_remove+0x30/0x58\n [ 142.515501] device_remove+0x54/0x90\n ...\n\nIndeed, led_sysfs_enable() has to be called with the led_access\nlock held.\n\nHold the lock when calling led_sysfs_disable().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23144",
"url": "https://www.suse.com/security/cve/CVE-2025-23144"
},
{
"category": "external",
"summary": "SUSE Bug 1242568 for CVE-2025-23144",
"url": "https://bugzilla.suse.com/1242568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-23144"
},
{
"cve": "CVE-2025-23146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: ene-kb3930: Fix a potential NULL pointer dereference\n\nThe off_gpios could be NULL. Add missing check in the kb3930_probe().\nThis is similar to the issue fixed in commit b1ba8bcb2d1f\n(\"backlight: hx8357: Fix potential NULL pointer dereference\").\n\nThis was detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23146",
"url": "https://www.suse.com/security/cve/CVE-2025-23146"
},
{
"category": "external",
"summary": "SUSE Bug 1242559 for CVE-2025-23146",
"url": "https://bugzilla.suse.com/1242559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-23146"
},
{
"cve": "CVE-2025-23147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: Add NULL pointer check in i3c_master_queue_ibi()\n\nThe I3C master driver may receive an IBI from a target device that has not\nbeen probed yet. In such cases, the master calls `i3c_master_queue_ibi()`\nto queue an IBI work task, leading to \"Unable to handle kernel read from\nunreadable memory\" and resulting in a kernel panic.\n\nTypical IBI handling flow:\n1. The I3C master scans target devices and probes their respective drivers.\n2. The target device driver calls `i3c_device_request_ibi()` to enable IBI\n and assigns `dev-\u003eibi = ibi`.\n3. The I3C master receives an IBI from the target device and calls\n `i3c_master_queue_ibi()` to queue the target device driver\u0027s IBI\n handler task.\n\nHowever, since target device events are asynchronous to the I3C probe\nsequence, step 3 may occur before step 2, causing `dev-\u003eibi` to be `NULL`,\nleading to a kernel panic.\n\nAdd a NULL pointer check in `i3c_master_queue_ibi()` to prevent accessing\nan uninitialized `dev-\u003eibi`, ensuring stability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23147",
"url": "https://www.suse.com/security/cve/CVE-2025-23147"
},
{
"category": "external",
"summary": "SUSE Bug 1242530 for CVE-2025-23147",
"url": "https://bugzilla.suse.com/1242530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-23147"
},
{
"cve": "CVE-2025-23148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()\n\nsoc_dev_attr-\u003erevision could be NULL, thus,\na pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23148",
"url": "https://www.suse.com/security/cve/CVE-2025-23148"
},
{
"category": "external",
"summary": "SUSE Bug 1242578 for CVE-2025-23148",
"url": "https://bugzilla.suse.com/1242578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-23148"
},
{
"cve": "CVE-2025-23149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: do not start chip while suspended\n\nChecking TPM_CHIP_FLAG_SUSPENDED after the call to tpm_find_get_ops() can\nlead to a spurious tpm_chip_start() call:\n\n[35985.503771] i2c i2c-1: Transfer while suspended\n[35985.503796] WARNING: CPU: 0 PID: 74 at drivers/i2c/i2c-core.h:56 __i2c_transfer+0xbe/0x810\n[35985.503802] Modules linked in:\n[35985.503808] CPU: 0 UID: 0 PID: 74 Comm: hwrng Tainted: G W 6.13.0-next-20250203-00005-gfa0cb5642941 #19 9c3d7f78192f2d38e32010ac9c90fdc71109ef6f\n[35985.503814] Tainted: [W]=WARN\n[35985.503817] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[35985.503819] RIP: 0010:__i2c_transfer+0xbe/0x810\n[35985.503825] Code: 30 01 00 00 4c 89 f7 e8 40 fe d8 ff 48 8b 93 80 01 00 00 48 85 d2 75 03 49 8b 16 48 c7 c7 0a fb 7c a7 48 89 c6 e8 32 ad b0 fe \u003c0f\u003e 0b b8 94 ff ff ff e9 33 04 00 00 be 02 00 00 00 83 fd 02 0f 5\n[35985.503828] RSP: 0018:ffffa106c0333d30 EFLAGS: 00010246\n[35985.503833] RAX: 074ba64aa20f7000 RBX: ffff8aa4c1167120 RCX: 0000000000000000\n[35985.503836] RDX: 0000000000000000 RSI: ffffffffa77ab0e4 RDI: 0000000000000001\n[35985.503838] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\n[35985.503841] R10: 0000000000000004 R11: 00000001000313d5 R12: ffff8aa4c10f1820\n[35985.503843] R13: ffff8aa4c0e243c0 R14: ffff8aa4c1167250 R15: ffff8aa4c1167120\n[35985.503846] FS: 0000000000000000(0000) GS:ffff8aa4eae00000(0000) knlGS:0000000000000000\n[35985.503849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[35985.503852] CR2: 00007fab0aaf1000 CR3: 0000000105328000 CR4: 00000000003506f0\n[35985.503855] Call Trace:\n[35985.503859] \u003cTASK\u003e\n[35985.503863] ? __warn+0xd4/0x260\n[35985.503868] ? __i2c_transfer+0xbe/0x810\n[35985.503874] ? report_bug+0xf3/0x210\n[35985.503882] ? handle_bug+0x63/0xb0\n[35985.503887] ? exc_invalid_op+0x16/0x50\n[35985.503892] ? asm_exc_invalid_op+0x16/0x20\n[35985.503904] ? __i2c_transfer+0xbe/0x810\n[35985.503913] tpm_cr50_i2c_transfer_message+0x24/0xf0\n[35985.503920] tpm_cr50_i2c_read+0x8e/0x120\n[35985.503928] tpm_cr50_request_locality+0x75/0x170\n[35985.503935] tpm_chip_start+0x116/0x160\n[35985.503942] tpm_try_get_ops+0x57/0x90\n[35985.503948] tpm_find_get_ops+0x26/0xd0\n[35985.503955] tpm_get_random+0x2d/0x80\n\nDon\u0027t move forward with tpm_chip_start() inside tpm_try_get_ops(), unless\nTPM_CHIP_FLAG_SUSPENDED is not set. tpm_find_get_ops() will return NULL in\nsuch a failure case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23149",
"url": "https://www.suse.com/security/cve/CVE-2025-23149"
},
{
"category": "external",
"summary": "SUSE Bug 1242758 for CVE-2025-23149",
"url": "https://bugzilla.suse.com/1242758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-23149"
},
{
"cve": "CVE-2025-23151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Fix race between unprepare and queue_buf\n\nA client driver may use mhi_unprepare_from_transfer() to quiesce\nincoming data during the client driver\u0027s tear down. The client driver\nmight also be processing data at the same time, resulting in a call to\nmhi_queue_buf() which will invoke mhi_gen_tre(). If mhi_gen_tre() runs\nafter mhi_unprepare_from_transfer() has torn down the channel, a panic\nwill occur due to an invalid dereference leading to a page fault.\n\nThis occurs because mhi_gen_tre() does not verify the channel state\nafter locking it. Fix this by having mhi_gen_tre() confirm the channel\nstate is valid, or return error to avoid accessing deinitialized data.\n\n[mani: added stable tag]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23151",
"url": "https://www.suse.com/security/cve/CVE-2025-23151"
},
{
"category": "external",
"summary": "SUSE Bug 1242512 for CVE-2025-23151",
"url": "https://bugzilla.suse.com/1242512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-23151"
},
{
"cve": "CVE-2025-23155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23155"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: Fix accessing freed irq affinity_hint\n\nThe cpumask should not be a local variable, since its pointer is saved\nto irq_desc and may be accessed from procfs.\nTo fix it, use the persistent mask cpumask_of(cpu#).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23155",
"url": "https://www.suse.com/security/cve/CVE-2025-23155"
},
{
"category": "external",
"summary": "SUSE Bug 1242573 for CVE-2025-23155",
"url": "https://bugzilla.suse.com/1242573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-23155"
},
{
"cve": "CVE-2025-23156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: refactor hfi packet parsing logic\n\nwords_count denotes the number of words in total payload, while data\npoints to payload of various property within it. When words_count\nreaches last word, data can access memory beyond the total payload. This\ncan lead to OOB access. With this patch, the utility api for handling\nindividual properties now returns the size of data consumed. Accordingly\nremaining bytes are calculated before parsing the payload, thereby\neliminates the OOB access possibilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23156",
"url": "https://www.suse.com/security/cve/CVE-2025-23156"
},
{
"category": "external",
"summary": "SUSE Bug 1242569 for CVE-2025-23156",
"url": "https://bugzilla.suse.com/1242569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-23156"
},
{
"cve": "CVE-2025-23157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: add check to avoid out of bound access\n\nThere is a possibility that init_codecs is invoked multiple times during\nmanipulated payload from video firmware. In such case, if codecs_count\ncan get incremented to value more than MAX_CODEC_NUM, there can be OOB\naccess. Reset the count so that it always starts from beginning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23157",
"url": "https://www.suse.com/security/cve/CVE-2025-23157"
},
{
"category": "external",
"summary": "SUSE Bug 1242532 for CVE-2025-23157",
"url": "https://bugzilla.suse.com/1242532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-23157"
},
{
"cve": "CVE-2025-23158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add check to handle incorrect queue size\n\nqsize represents size of shared queued between driver and video\nfirmware. Firmware can modify this value to an invalid large value. In\nsuch situation, empty_space will be bigger than the space actually\navailable. Since new_wr_idx is not checked, so the following code will\nresult in an OOB write.\n...\nqsize = qhdr-\u003eq_size\n\nif (wr_idx \u003e= rd_idx)\n empty_space = qsize - (wr_idx - rd_idx)\n....\nif (new_wr_idx \u003c qsize) {\n memcpy(wr_ptr, packet, dwords \u003c\u003c 2) --\u003e OOB write\n\nAdd check to ensure qsize is within the allocated size while\nreading and writing packets into the queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23158",
"url": "https://www.suse.com/security/cve/CVE-2025-23158"
},
{
"category": "external",
"summary": "SUSE Bug 1242531 for CVE-2025-23158",
"url": "https://bugzilla.suse.com/1242531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-23158"
},
{
"cve": "CVE-2025-23159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add a check to handle OOB in sfr region\n\nsfr-\u003ebuf_size is in shared memory and can be modified by malicious user.\nOOB write is possible when the size is made higher than actual sfr data\nbuffer. Cap the size to allocated size for such cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23159",
"url": "https://www.suse.com/security/cve/CVE-2025-23159"
},
{
"category": "external",
"summary": "SUSE Bug 1242529 for CVE-2025-23159",
"url": "https://bugzilla.suse.com/1242529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-23159"
},
{
"cve": "CVE-2025-23161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type\n\nThe access to the PCI config space via pci_ops::read and pci_ops::write is\na low-level hardware access. The functions can be accessed with disabled\ninterrupts even on PREEMPT_RT. The pci_lock is a raw_spinlock_t for this\npurpose.\n\nA spinlock_t becomes a sleeping lock on PREEMPT_RT, so it cannot be\nacquired with disabled interrupts. The vmd_dev::cfg_lock is accessed in\nthe same context as the pci_lock.\n\nMake vmd_dev::cfg_lock a raw_spinlock_t type so it can be used with\ninterrupts disabled.\n\nThis was reported as:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n Call Trace:\n rt_spin_lock+0x4e/0x130\n vmd_pci_read+0x8d/0x100 [vmd]\n pci_user_read_config_byte+0x6f/0xe0\n pci_read_config+0xfe/0x290\n sysfs_kf_bin_read+0x68/0x90\n\n[bigeasy: reword commit message]\nTested-off-by: Luis Claudio R. Goncalves \u003clgoncalv@redhat.com\u003e\n[kwilczynski: commit log]\n[bhelgaas: add back report info from\nhttps://lore.kernel.org/lkml/20241218115951.83062-1-ryotkkr98@gmail.com/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23161",
"url": "https://www.suse.com/security/cve/CVE-2025-23161"
},
{
"category": "external",
"summary": "SUSE Bug 1242792 for CVE-2025-23161",
"url": "https://bugzilla.suse.com/1242792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-23161"
},
{
"cve": "CVE-2025-23162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/vf: Don\u0027t try to trigger a full GT reset if VF\n\nVFs don\u0027t have access to the GDRST(0x941c) register that driver\nuses to reset a GT. Attempt to trigger a reset using debugfs:\n\n $ cat /sys/kernel/debug/dri/0000:00:02.1/gt0/force_reset\n\nor due to a hang condition detected by the driver leads to:\n\n [ ] xe 0000:00:02.1: [drm] GT0: trying reset from force_reset [xe]\n [ ] xe 0000:00:02.1: [drm] GT0: reset queued\n [ ] xe 0000:00:02.1: [drm] GT0: reset started\n [ ] ------------[ cut here ]------------\n [ ] xe 0000:00:02.1: [drm] GT0: VF is trying to write 0x1 to an inaccessible register 0x941c+0x0\n [ ] WARNING: CPU: 3 PID: 3069 at drivers/gpu/drm/xe/xe_gt_sriov_vf.c:996 xe_gt_sriov_vf_write32+0xc6/0x580 [xe]\n [ ] RIP: 0010:xe_gt_sriov_vf_write32+0xc6/0x580 [xe]\n [ ] Call Trace:\n [ ] \u003cTASK\u003e\n [ ] ? show_regs+0x6c/0x80\n [ ] ? __warn+0x93/0x1c0\n [ ] ? xe_gt_sriov_vf_write32+0xc6/0x580 [xe]\n [ ] ? report_bug+0x182/0x1b0\n [ ] ? handle_bug+0x6e/0xb0\n [ ] ? exc_invalid_op+0x18/0x80\n [ ] ? asm_exc_invalid_op+0x1b/0x20\n [ ] ? xe_gt_sriov_vf_write32+0xc6/0x580 [xe]\n [ ] ? xe_gt_sriov_vf_write32+0xc6/0x580 [xe]\n [ ] ? xe_gt_tlb_invalidation_reset+0xef/0x110 [xe]\n [ ] ? __mutex_unlock_slowpath+0x41/0x2e0\n [ ] xe_mmio_write32+0x64/0x150 [xe]\n [ ] do_gt_reset+0x2f/0xa0 [xe]\n [ ] gt_reset_worker+0x14e/0x1e0 [xe]\n [ ] process_one_work+0x21c/0x740\n [ ] worker_thread+0x1db/0x3c0\n\nFix that by sending H2G VF_RESET(0x5507) action instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23162",
"url": "https://www.suse.com/security/cve/CVE-2025-23162"
},
{
"category": "external",
"summary": "SUSE Bug 1242834 for CVE-2025-23162",
"url": "https://bugzilla.suse.com/1242834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-23162"
},
{
"cve": "CVE-2025-37738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: ignore xattrs past end\n\nOnce inside \u0027ext4_xattr_inode_dec_ref_all\u0027 we should\nignore xattrs entries past the \u0027end\u0027 entry.\n\nThis fixes the following KASAN reported issue:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\nRead of size 4 at addr ffff888012c120c4 by task repro/2065\n\nCPU: 1 UID: 0 PID: 2065 Comm: repro Not tainted 6.13.0-rc2+ #11\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x1fd/0x300\n ? tcp_gro_dev_warn+0x260/0x260\n ? _printk+0xc0/0x100\n ? read_lock_is_recursive+0x10/0x10\n ? irq_work_queue+0x72/0xf0\n ? __virt_addr_valid+0x17b/0x4b0\n print_address_description+0x78/0x390\n print_report+0x107/0x1f0\n ? __virt_addr_valid+0x17b/0x4b0\n ? __virt_addr_valid+0x3ff/0x4b0\n ? __phys_addr+0xb5/0x160\n ? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n kasan_report+0xcc/0x100\n ? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n ? ext4_xattr_delete_inode+0xd30/0xd30\n ? __ext4_journal_ensure_credits+0x5f0/0x5f0\n ? __ext4_journal_ensure_credits+0x2b/0x5f0\n ? inode_update_timestamps+0x410/0x410\n ext4_xattr_delete_inode+0xb64/0xd30\n ? ext4_truncate+0xb70/0xdc0\n ? ext4_expand_extra_isize_ea+0x1d20/0x1d20\n ? __ext4_mark_inode_dirty+0x670/0x670\n ? ext4_journal_check_start+0x16f/0x240\n ? ext4_inode_is_fast_symlink+0x2f2/0x3a0\n ext4_evict_inode+0xc8c/0xff0\n ? ext4_inode_is_fast_symlink+0x3a0/0x3a0\n ? do_raw_spin_unlock+0x53/0x8a0\n ? ext4_inode_is_fast_symlink+0x3a0/0x3a0\n evict+0x4ac/0x950\n ? proc_nr_inodes+0x310/0x310\n ? trace_ext4_drop_inode+0xa2/0x220\n ? _raw_spin_unlock+0x1a/0x30\n ? iput+0x4cb/0x7e0\n do_unlinkat+0x495/0x7c0\n ? try_break_deleg+0x120/0x120\n ? 0xffffffff81000000\n ? __check_object_size+0x15a/0x210\n ? strncpy_from_user+0x13e/0x250\n ? getname_flags+0x1dc/0x530\n __x64_sys_unlinkat+0xc8/0xf0\n do_syscall_64+0x65/0x110\n entry_SYSCALL_64_after_hwframe+0x67/0x6f\nRIP: 0033:0x434ffd\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 8\nRSP: 002b:00007ffc50fa7b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000107\nRAX: ffffffffffffffda RBX: 00007ffc50fa7e18 RCX: 0000000000434ffd\nRDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000005\nRBP: 00007ffc50fa7be0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001\nR13: 00007ffc50fa7e08 R14: 00000000004bbf30 R15: 0000000000000001\n \u003c/TASK\u003e\n\nThe buggy address belongs to the object at ffff888012c12000\n which belongs to the cache filp of size 360\nThe buggy address is located 196 bytes inside of\n freed 360-byte region [ffff888012c12000, ffff888012c12168)\n\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12c12\nhead: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0\nflags: 0x40(head|node=0|zone=0)\npage_type: f5(slab)\nraw: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nraw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nhead: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000001 ffffea00004b0481 ffffffffffffffff 0000000000000000\nhead: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888012c11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888012c12000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n\u003e ffff888012c12080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888012c12100: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc\n ffff888012c12180: fc fc fc fc fc fc fc fc fc\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37738",
"url": "https://www.suse.com/security/cve/CVE-2025-37738"
},
{
"category": "external",
"summary": "SUSE Bug 1242846 for CVE-2025-37738",
"url": "https://bugzilla.suse.com/1242846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37738"
},
{
"cve": "CVE-2025-37740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add sanity check for agwidth in dbMount\n\nThe width in dmapctl of the AG is zero, it trigger a divide error when\ncalculating the control page level in dbAllocAG.\n\nTo avoid this issue, add a check for agwidth in dbAllocAG.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37740",
"url": "https://www.suse.com/security/cve/CVE-2025-37740"
},
{
"category": "external",
"summary": "SUSE Bug 1243006 for CVE-2025-37740",
"url": "https://bugzilla.suse.com/1243006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37740"
},
{
"cve": "CVE-2025-37741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Prevent copying of nlink with value 0 from disk inode\n\nsyzbot report a deadlock in diFree. [1]\n\nWhen calling \"ioctl$LOOP_SET_STATUS64\", the offset value passed in is 4,\nwhich does not match the mounted loop device, causing the mapping of the\nmounted loop device to be invalidated.\n\nWhen creating the directory and creating the inode of iag in diReadSpecial(),\nread the page of fixed disk inode (AIT) in raw mode in read_metapage(), the\nmetapage data it returns is corrupted, which causes the nlink value of 0 to be\nassigned to the iag inode when executing copy_from_dinode(), which ultimately\ncauses a deadlock when entering diFree().\n\nTo avoid this, first check the nlink value of dinode before setting iag inode.\n\n[1]\nWARNING: possible recursive locking detected\n6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0 Not tainted\n--------------------------------------------\nsyz-executor301/5309 is trying to acquire lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n\nbut task is already holding lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026(imap-\u003eim_aglock[index]));\n lock(\u0026(imap-\u003eim_aglock[index]));\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n5 locks held by syz-executor301/5309:\n #0: ffff8880422a4420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:515\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:850 [inline]\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: filename_create+0x260/0x540 fs/namei.c:4026\n #2: ffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2460 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocAG+0x4b7/0x1e50 fs/jfs/jfs_imap.c:1669\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2477 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocAG+0x869/0x1e50 fs/jfs/jfs_imap.c:1669\n\nstack backtrace:\nCPU: 0 UID: 0 PID: 5309 Comm: syz-executor301 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_deadlock_bug+0x483/0x620 kernel/locking/lockdep.c:3037\n check_deadlock kernel/locking/lockdep.c:3089 [inline]\n validate_chain+0x15e2/0x5920 kernel/locking/lockdep.c:3891\n __lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5202\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825\n __mutex_lock_common kernel/locking/mutex.c:608 [inline]\n __mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752\n diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n jfs_evict_inode+0x32d/0x440 fs/jfs/inode.c:156\n evict+0x4e8/0x9b0 fs/inode.c:725\n diFreeSpecial fs/jfs/jfs_imap.c:552 [inline]\n duplicateIXtree+0x3c6/0x550 fs/jfs/jfs_imap.c:3022\n diNewIAG fs/jfs/jfs_imap.c:2597 [inline]\n diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n diAllocAG+0x17dc/0x1e50 fs/jfs/jfs_imap.c:1669\n diAlloc+0x1d2/0x1630 fs/jfs/jfs_imap.c:1590\n ialloc+0x8f/0x900 fs/jfs/jfs_inode.c:56\n jfs_mkdir+0x1c5/0xba0 fs/jfs/namei.c:225\n vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257\n do_mkdirat+0x264/0x3a0 fs/namei.c:4280\n __do_sys_mkdirat fs/namei.c:4295 [inline]\n __se_sys_mkdirat fs/namei.c:4293 [inline]\n __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293\n do_syscall_x64 arch/x86/en\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37741",
"url": "https://www.suse.com/security/cve/CVE-2025-37741"
},
{
"category": "external",
"summary": "SUSE Bug 1243015 for CVE-2025-37741",
"url": "https://bugzilla.suse.com/1243015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37741"
},
{
"cve": "CVE-2025-37742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix uninit-value access of imap allocated in the diMount() function\n\nsyzbot reports that hex_dump_to_buffer is using uninit-value:\n\n=====================================================\nBUG: KMSAN: uninit-value in hex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nhex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nprint_hex_dump+0x13d/0x3e0 lib/hexdump.c:276\ndiFree+0x5ba/0x4350 fs/jfs/jfs_imap.c:876\njfs_evict_inode+0x510/0x550 fs/jfs/inode.c:156\nevict+0x723/0xd10 fs/inode.c:796\niput_final fs/inode.c:1946 [inline]\niput+0x97b/0xdb0 fs/inode.c:1972\ntxUpdateMap+0xf3e/0x1150 fs/jfs/jfs_txnmgr.c:2367\ntxLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline]\njfs_lazycommit+0x627/0x11d0 fs/jfs/jfs_txnmgr.c:2733\nkthread+0x6b9/0xef0 kernel/kthread.c:464\nret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:148\nret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nUninit was created at:\nslab_post_alloc_hook mm/slub.c:4121 [inline]\nslab_alloc_node mm/slub.c:4164 [inline]\n__kmalloc_cache_noprof+0x8e3/0xdf0 mm/slub.c:4320\nkmalloc_noprof include/linux/slab.h:901 [inline]\ndiMount+0x61/0x7f0 fs/jfs/jfs_imap.c:105\njfs_mount+0xa8e/0x11d0 fs/jfs/jfs_mount.c:176\njfs_fill_super+0xa47/0x17c0 fs/jfs/super.c:523\nget_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636\nget_tree_bdev+0x37/0x50 fs/super.c:1659\njfs_get_tree+0x34/0x40 fs/jfs/super.c:635\nvfs_get_tree+0xb1/0x5a0 fs/super.c:1814\ndo_new_mount+0x71f/0x15e0 fs/namespace.c:3560\npath_mount+0x742/0x1f10 fs/namespace.c:3887\ndo_mount fs/namespace.c:3900 [inline]\n__do_sys_mount fs/namespace.c:4111 [inline]\n__se_sys_mount+0x71f/0x800 fs/namespace.c:4088\n__x64_sys_mount+0xe4/0x150 fs/namespace.c:4088\nx64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\n=====================================================\n\nThe reason is that imap is not properly initialized after memory\nallocation. It will cause the snprintf() function to write uninitialized\ndata into linebuf within hex_dump_to_buffer().\n\nFix this by using kzalloc instead of kmalloc to clear its content at the\nbeginning in diMount().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37742",
"url": "https://www.suse.com/security/cve/CVE-2025-37742"
},
{
"category": "external",
"summary": "SUSE Bug 1243011 for CVE-2025-37742",
"url": "https://bugzilla.suse.com/1243011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37742"
},
{
"cve": "CVE-2025-37743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Avoid memory leak while enabling statistics\n\nDriver uses monitor destination rings for extended statistics mode and\nstandalone monitor mode. In extended statistics mode, TLVs are parsed from\nthe buffer received from the monitor destination ring and assigned to the\nppdu_info structure to update per-packet statistics. In standalone monitor\nmode, along with per-packet statistics, the packet data (payload) is\ncaptured, and the driver updates per MSDU to mac80211.\n\nWhen the AP interface is enabled, only extended statistics mode is\nactivated. As part of enabling monitor rings for collecting statistics,\nthe driver subscribes to HAL_RX_MPDU_START TLV in the filter\nconfiguration. This TLV is received from the monitor destination ring, and\nkzalloc for the mon_mpdu object occurs, which is not freed, leading to a\nmemory leak. The kzalloc for the mon_mpdu object is only required while\nenabling the standalone monitor interface. This causes a memory leak while\nenabling extended statistics mode in the driver.\n\nFix this memory leak by removing the kzalloc for the mon_mpdu object in\nthe HAL_RX_MPDU_START TLV handling. Additionally, remove the standalone\nmonitor mode handlings in the HAL_MON_BUF_ADDR and HAL_RX_MSDU_END TLVs.\nThese TLV tags will be handled properly when enabling standalone monitor\nmode in the future.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37743",
"url": "https://www.suse.com/security/cve/CVE-2025-37743"
},
{
"category": "external",
"summary": "SUSE Bug 1242163 for CVE-2025-37743",
"url": "https://bugzilla.suse.com/1242163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37743"
},
{
"cve": "CVE-2025-37747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37747",
"url": "https://www.suse.com/security/cve/CVE-2025-37747"
},
{
"category": "external",
"summary": "SUSE Bug 1242520 for CVE-2025-37747",
"url": "https://bugzilla.suse.com/1242520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37747"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "important"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/huc: Fix fence not released on early probe errors\n\nHuC delayed loading fence, introduced with commit 27536e03271da\n(\"drm/i915/huc: track delayed HuC load with a fence\"), is registered with\nobject tracker early on driver probe but unregistered only from driver\nremove, which is not called on early probe errors. Since its memory is\nallocated under devres, then released anyway, it may happen to be\nallocated again to the fence and reused on future driver probes, resulting\nin kernel warnings that taint the kernel:\n\n\u003c4\u003e [309.731371] ------------[ cut here ]------------\n\u003c3\u003e [309.731373] ODEBUG: init destroyed (active state 0) object: ffff88813d7dd2e0 object type: i915_sw_fence hint: sw_fence_dummy_notify+0x0/0x20 [i915]\n\u003c4\u003e [309.731575] WARNING: CPU: 2 PID: 3161 at lib/debugobjects.c:612 debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731693] CPU: 2 UID: 0 PID: 3161 Comm: i915_module_loa Tainted: G U 6.14.0-CI_DRM_16362-gf0fd77956987+ #1\n...\n\u003c4\u003e [309.731700] RIP: 0010:debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731728] Call Trace:\n\u003c4\u003e [309.731730] \u003cTASK\u003e\n...\n\u003c4\u003e [309.731949] __debug_object_init+0x17b/0x1c0\n\u003c4\u003e [309.731957] debug_object_init+0x34/0x50\n\u003c4\u003e [309.732126] __i915_sw_fence_init+0x34/0x60 [i915]\n\u003c4\u003e [309.732256] intel_huc_init_early+0x4b/0x1d0 [i915]\n\u003c4\u003e [309.732468] intel_uc_init_early+0x61/0x680 [i915]\n\u003c4\u003e [309.732667] intel_gt_common_init_early+0x105/0x130 [i915]\n\u003c4\u003e [309.732804] intel_root_gt_init_early+0x63/0x80 [i915]\n\u003c4\u003e [309.732938] i915_driver_probe+0x1fa/0xeb0 [i915]\n\u003c4\u003e [309.733075] i915_pci_probe+0xe6/0x220 [i915]\n\u003c4\u003e [309.733198] local_pci_probe+0x44/0xb0\n\u003c4\u003e [309.733203] pci_device_probe+0xf4/0x270\n\u003c4\u003e [309.733209] really_probe+0xee/0x3c0\n\u003c4\u003e [309.733215] __driver_probe_device+0x8c/0x180\n\u003c4\u003e [309.733219] driver_probe_device+0x24/0xd0\n\u003c4\u003e [309.733223] __driver_attach+0x10f/0x220\n\u003c4\u003e [309.733230] bus_for_each_dev+0x7d/0xe0\n\u003c4\u003e [309.733236] driver_attach+0x1e/0x30\n\u003c4\u003e [309.733239] bus_add_driver+0x151/0x290\n\u003c4\u003e [309.733244] driver_register+0x5e/0x130\n\u003c4\u003e [309.733247] __pci_register_driver+0x7d/0x90\n\u003c4\u003e [309.733251] i915_pci_register_driver+0x23/0x30 [i915]\n\u003c4\u003e [309.733413] i915_init+0x34/0x120 [i915]\n\u003c4\u003e [309.733655] do_one_initcall+0x62/0x3f0\n\u003c4\u003e [309.733667] do_init_module+0x97/0x2a0\n\u003c4\u003e [309.733671] load_module+0x25ff/0x2890\n\u003c4\u003e [309.733688] init_module_from_file+0x97/0xe0\n\u003c4\u003e [309.733701] idempotent_init_module+0x118/0x330\n\u003c4\u003e [309.733711] __x64_sys_finit_module+0x77/0x100\n\u003c4\u003e [309.733715] x64_sys_call+0x1f37/0x2650\n\u003c4\u003e [309.733719] do_syscall_64+0x91/0x180\n\u003c4\u003e [309.733763] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\u003c4\u003e [309.733792] \u003c/TASK\u003e\n...\n\u003c4\u003e [309.733806] ---[ end trace 0000000000000000 ]---\n\nThat scenario is most easily reproducible with\nigt@i915_module_load@reload-with-fault-injection.\n\nFix the issue by moving the cleanup step to driver release path.\n\n(cherry picked from commit 795dbde92fe5c6996a02a5b579481de73035e7bf)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37754",
"url": "https://www.suse.com/security/cve/CVE-2025-37754"
},
{
"category": "external",
"summary": "SUSE Bug 1242524 for CVE-2025-37754",
"url": "https://bugzilla.suse.com/1242524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37754"
},
{
"cve": "CVE-2025-37756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tls: explicitly disallow disconnect\n\nsyzbot discovered that it can disconnect a TLS socket and then\nrun into all sort of unexpected corner cases. I have a vague\nrecollection of Eric pointing this out to us a long time ago.\nSupporting disconnect is really hard, for one thing if offload\nis enabled we\u0027d need to wait for all packets to be _acked_.\nDisconnect is not commonly used, disallow it.\n\nThe immediate problem syzbot run into is the warning in the strp,\nbut that\u0027s just the easiest bug to trigger:\n\n WARNING: CPU: 0 PID: 5834 at net/tls/tls_strp.c:486 tls_strp_msg_load+0x72e/0xa80 net/tls/tls_strp.c:486\n RIP: 0010:tls_strp_msg_load+0x72e/0xa80 net/tls/tls_strp.c:486\n Call Trace:\n \u003cTASK\u003e\n tls_rx_rec_wait+0x280/0xa60 net/tls/tls_sw.c:1363\n tls_sw_recvmsg+0x85c/0x1c30 net/tls/tls_sw.c:2043\n inet6_recvmsg+0x2c9/0x730 net/ipv6/af_inet6.c:678\n sock_recvmsg_nosec net/socket.c:1023 [inline]\n sock_recvmsg+0x109/0x280 net/socket.c:1045\n __sys_recvfrom+0x202/0x380 net/socket.c:2237",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37756",
"url": "https://www.suse.com/security/cve/CVE-2025-37756"
},
{
"category": "external",
"summary": "SUSE Bug 1242515 for CVE-2025-37756",
"url": "https://bugzilla.suse.com/1242515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37756"
},
{
"cve": "CVE-2025-37757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37757"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix memory leak in tipc_link_xmit\n\nIn case the backlog transmit queue for system-importance messages is overloaded,\ntipc_link_xmit() returns -ENOBUFS but the skb list is not purged. This leads to\nmemory leak and failure when a skb is allocated.\n\nThis commit fixes this issue by purging the skb list before tipc_link_xmit()\nreturns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37757",
"url": "https://www.suse.com/security/cve/CVE-2025-37757"
},
{
"category": "external",
"summary": "SUSE Bug 1242521 for CVE-2025-37757",
"url": "https://bugzilla.suse.com/1242521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37757"
},
{
"cve": "CVE-2025-37758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()\n\ndevm_ioremap() returns NULL on error. Currently, pxa_ata_probe() does\nnot check for this case, which can result in a NULL pointer dereference.\n\nAdd NULL check after devm_ioremap() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37758",
"url": "https://www.suse.com/security/cve/CVE-2025-37758"
},
{
"category": "external",
"summary": "SUSE Bug 1242514 for CVE-2025-37758",
"url": "https://bugzilla.suse.com/1242514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37758"
},
{
"cve": "CVE-2025-37761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Fix an out-of-bounds shift when invalidating TLB\n\nWhen the size of the range invalidated is larger than\nrounddown_pow_of_two(ULONG_MAX),\nThe function macro roundup_pow_of_two(length) will hit an out-of-bounds\nshift [1].\n\nUse a full TLB invalidation for such cases.\nv2:\n- Use a define for the range size limit over which we use a full\n TLB invalidation. (Lucas)\n- Use a better calculation of the limit.\n\n[1]:\n[ 39.202421] ------------[ cut here ]------------\n[ 39.202657] UBSAN: shift-out-of-bounds in ./include/linux/log2.h:57:13\n[ 39.202673] shift exponent 64 is too large for 64-bit type \u0027long unsigned int\u0027\n[ 39.202688] CPU: 8 UID: 0 PID: 3129 Comm: xe_exec_system_ Tainted: G U 6.14.0+ #10\n[ 39.202690] Tainted: [U]=USER\n[ 39.202690] Hardware name: ASUS System Product Name/PRIME B560M-A AC, BIOS 2001 02/01/2023\n[ 39.202691] Call Trace:\n[ 39.202692] \u003cTASK\u003e\n[ 39.202695] dump_stack_lvl+0x6e/0xa0\n[ 39.202699] ubsan_epilogue+0x5/0x30\n[ 39.202701] __ubsan_handle_shift_out_of_bounds.cold+0x61/0xe6\n[ 39.202705] xe_gt_tlb_invalidation_range.cold+0x1d/0x3a [xe]\n[ 39.202800] ? find_held_lock+0x2b/0x80\n[ 39.202803] ? mark_held_locks+0x40/0x70\n[ 39.202806] xe_svm_invalidate+0x459/0x700 [xe]\n[ 39.202897] drm_gpusvm_notifier_invalidate+0x4d/0x70 [drm_gpusvm]\n[ 39.202900] __mmu_notifier_release+0x1f5/0x270\n[ 39.202905] exit_mmap+0x40e/0x450\n[ 39.202912] __mmput+0x45/0x110\n[ 39.202914] exit_mm+0xc5/0x130\n[ 39.202916] do_exit+0x21c/0x500\n[ 39.202918] ? lockdep_hardirqs_on_prepare+0xdb/0x190\n[ 39.202920] do_group_exit+0x36/0xa0\n[ 39.202922] get_signal+0x8f8/0x900\n[ 39.202926] arch_do_signal_or_restart+0x35/0x100\n[ 39.202930] syscall_exit_to_user_mode+0x1fc/0x290\n[ 39.202932] do_syscall_64+0xa1/0x180\n[ 39.202934] ? do_user_addr_fault+0x59f/0x8a0\n[ 39.202937] ? lock_release+0xd2/0x2a0\n[ 39.202939] ? do_user_addr_fault+0x5a9/0x8a0\n[ 39.202942] ? trace_hardirqs_off+0x4b/0xc0\n[ 39.202944] ? clear_bhb_loop+0x25/0x80\n[ 39.202946] ? clear_bhb_loop+0x25/0x80\n[ 39.202947] ? clear_bhb_loop+0x25/0x80\n[ 39.202950] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 39.202952] RIP: 0033:0x7fa945e543e1\n[ 39.202961] Code: Unable to access opcode bytes at 0x7fa945e543b7.\n[ 39.202962] RSP: 002b:00007ffca8fb4170 EFLAGS: 00000293\n[ 39.202963] RAX: 000000000000003d RBX: 0000000000000000 RCX: 00007fa945e543e3\n[ 39.202964] RDX: 0000000000000000 RSI: 00007ffca8fb41ac RDI: 00000000ffffffff\n[ 39.202964] RBP: 00007ffca8fb4190 R08: 0000000000000000 R09: 00007fa945f600a0\n[ 39.202965] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000\n[ 39.202966] R13: 00007fa9460dd310 R14: 00007ffca8fb41ac R15: 0000000000000000\n[ 39.202970] \u003c/TASK\u003e\n[ 39.202970] ---[ end trace ]---\n\n(cherry picked from commit b88f48f86500bc0b44b4f73ac66d500a40d320ad)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37761",
"url": "https://www.suse.com/security/cve/CVE-2025-37761"
},
{
"category": "external",
"summary": "SUSE Bug 1242724 for CVE-2025-37761",
"url": "https://bugzilla.suse.com/1242724"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37761"
},
{
"cve": "CVE-2025-37763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: take paired job reference\n\nFor paired jobs, have the fragment job take a reference on the\ngeometry job, so that the geometry job cannot be freed until\nthe fragment job has finished with it.\n\nThe geometry job structure is accessed when the fragment job is being\nprepared by the GPU scheduler. Taking the reference prevents the\ngeometry job being freed until the fragment job no longer requires it.\n\nFixes a use after free bug detected by KASAN:\n\n[ 124.256386] BUG: KASAN: slab-use-after-free in pvr_queue_prepare_job+0x108/0x868 [powervr]\n[ 124.264893] Read of size 1 at addr ffff0000084cb960 by task kworker/u16:4/63",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37763",
"url": "https://www.suse.com/security/cve/CVE-2025-37763"
},
{
"category": "external",
"summary": "SUSE Bug 1242508 for CVE-2025-37763",
"url": "https://bugzilla.suse.com/1242508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37763"
},
{
"cve": "CVE-2025-37764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: fix firmware memory leaks\n\nFree the memory used to hold the results of firmware image processing\nwhen the module is unloaded.\n\nFix the related issue of the same memory being leaked if processing\nof the firmware image fails during module load.\n\nEnsure all firmware GEM objects are destroyed if firmware image\nprocessing fails.\n\nFixes memory leaks on powervr module unload detected by Kmemleak:\n\nunreferenced object 0xffff000042e20000 (size 94208):\n comm \"modprobe\", pid 470, jiffies 4295277154\n hex dump (first 32 bytes):\n 02 ae 7f ed bf 45 84 00 3c 5b 1f ed 9f 45 45 05 .....E..\u003c[...EE.\n d5 4f 5d 14 6c 00 3d 23 30 d0 3a 4a 66 0e 48 c8 .O].l.=#0.:Jf.H.\n backtrace (crc dd329dec):\n kmemleak_alloc+0x30/0x40\n ___kmalloc_large_node+0x140/0x188\n __kmalloc_large_node_noprof+0x2c/0x13c\n __kmalloc_noprof+0x48/0x4c0\n pvr_fw_init+0xaa4/0x1f50 [powervr]\n\nunreferenced object 0xffff000042d20000 (size 20480):\n comm \"modprobe\", pid 470, jiffies 4295277154\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 09 00 00 00 0b 00 00 00 ................\n 00 00 00 00 00 00 00 00 07 00 00 00 08 00 00 00 ................\n backtrace (crc 395b02e3):\n kmemleak_alloc+0x30/0x40\n ___kmalloc_large_node+0x140/0x188\n __kmalloc_large_node_noprof+0x2c/0x13c\n __kmalloc_noprof+0x48/0x4c0\n pvr_fw_init+0xb0c/0x1f50 [powervr]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37764",
"url": "https://www.suse.com/security/cve/CVE-2025-37764"
},
{
"category": "external",
"summary": "SUSE Bug 1242577 for CVE-2025-37764",
"url": "https://bugzilla.suse.com/1242577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37764"
},
{
"cve": "CVE-2025-37765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: prime: fix ttm_bo_delayed_delete oops\n\nFix an oops in ttm_bo_delayed_delete which results from dererencing a\ndangling pointer:\n\nOops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [#1] PREEMPT SMP\nCPU: 4 UID: 0 PID: 1082 Comm: kworker/u65:2 Not tainted 6.14.0-rc4-00267-g505460b44513-dirty #216\nHardware name: LENOVO 82N6/LNVNB161216, BIOS GKCN65WW 01/16/2024\nWorkqueue: ttm ttm_bo_delayed_delete [ttm]\nRIP: 0010:dma_resv_iter_first_unlocked+0x55/0x290\nCode: 31 f6 48 c7 c7 00 2b fa aa e8 97 bd 52 ff e8 a2 c1 53 00 5a 85 c0 74 48 e9 88 01 00 00 4c 89 63 20 4d 85 e4 0f 84 30 01 00 00 \u003c41\u003e 8b 44 24 10 c6 43 2c 01 48 89 df 89 43 28 e8 97 fd ff ff 4c 8b\nRSP: 0018:ffffbf9383473d60 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: ffffbf9383473d88 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffbf9383473d78 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 6b6b6b6b6b6b6b6b\nR13: ffffa003bbf78580 R14: ffffa003a6728040 R15: 00000000000383cc\nFS: 0000000000000000(0000) GS:ffffa00991c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000758348024dd0 CR3: 000000012c259000 CR4: 0000000000f50ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x26\n ? die_addr+0x3d/0x70\n ? exc_general_protection+0x159/0x460\n ? asm_exc_general_protection+0x27/0x30\n ? dma_resv_iter_first_unlocked+0x55/0x290\n dma_resv_wait_timeout+0x56/0x100\n ttm_bo_delayed_delete+0x69/0xb0 [ttm]\n process_one_work+0x217/0x5c0\n worker_thread+0x1c8/0x3d0\n ? apply_wqattrs_cleanup.part.0+0xc0/0xc0\n kthread+0x10b/0x240\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork+0x40/0x70\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThe cause of this is:\n\n- drm_prime_gem_destroy calls dma_buf_put(dma_buf) which releases the\n reference to the shared dma_buf. The reference count is 0, so the\n dma_buf is destroyed, which in turn decrements the corresponding\n amdgpu_bo reference count to 0, and the amdgpu_bo is destroyed -\n calling drm_gem_object_release then dma_resv_fini (which destroys the\n reservation object), then finally freeing the amdgpu_bo.\n\n- nouveau_bo obj-\u003ebo.base.resv is now a dangling pointer to the memory\n formerly allocated to the amdgpu_bo.\n\n- nouveau_gem_object_del calls ttm_bo_put(\u0026nvbo-\u003ebo) which calls\n ttm_bo_release, which schedules ttm_bo_delayed_delete.\n\n- ttm_bo_delayed_delete runs and dereferences the dangling resv pointer,\n resulting in a general protection fault.\n\nFix this by moving the drm_prime_gem_destroy call from\nnouveau_gem_object_del to nouveau_bo_del_ttm. This ensures that it will\nbe run after ttm_bo_delayed_delete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37765",
"url": "https://www.suse.com/security/cve/CVE-2025-37765"
},
{
"category": "external",
"summary": "SUSE Bug 1242761 for CVE-2025-37765",
"url": "https://bugzilla.suse.com/1242761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37765"
},
{
"cve": "CVE-2025-37766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37766",
"url": "https://www.suse.com/security/cve/CVE-2025-37766"
},
{
"category": "external",
"summary": "SUSE Bug 1242785 for CVE-2025-37766",
"url": "https://bugzilla.suse.com/1242785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37766"
},
{
"cve": "CVE-2025-37767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37767",
"url": "https://www.suse.com/security/cve/CVE-2025-37767"
},
{
"category": "external",
"summary": "SUSE Bug 1242501 for CVE-2025-37767",
"url": "https://bugzilla.suse.com/1242501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37767"
},
{
"cve": "CVE-2025-37768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37768",
"url": "https://www.suse.com/security/cve/CVE-2025-37768"
},
{
"category": "external",
"summary": "SUSE Bug 1242567 for CVE-2025-37768",
"url": "https://bugzilla.suse.com/1242567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37768"
},
{
"cve": "CVE-2025-37769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm/smu11: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n(cherry picked from commit da7dc714a8f8e1c9fc33c57cd63583779a3bef71)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37769",
"url": "https://www.suse.com/security/cve/CVE-2025-37769"
},
{
"category": "external",
"summary": "SUSE Bug 1242587 for CVE-2025-37769",
"url": "https://bugzilla.suse.com/1242587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37769"
},
{
"cve": "CVE-2025-37770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37770",
"url": "https://www.suse.com/security/cve/CVE-2025-37770"
},
{
"category": "external",
"summary": "SUSE Bug 1242764 for CVE-2025-37770",
"url": "https://bugzilla.suse.com/1242764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37770"
},
{
"cve": "CVE-2025-37771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37771",
"url": "https://www.suse.com/security/cve/CVE-2025-37771"
},
{
"category": "external",
"summary": "SUSE Bug 1242781 for CVE-2025-37771",
"url": "https://bugzilla.suse.com/1242781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37771"
},
{
"cve": "CVE-2025-37772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix workqueue crash in cma_netevent_work_handler\n\nstruct rdma_cm_id has member \"struct work_struct net_work\"\nthat is reused for enqueuing cma_netevent_work_handler()s\nonto cma_wq.\n\nBelow crash[1] can occur if more than one call to\ncma_netevent_callback() occurs in quick succession,\nwhich further enqueues cma_netevent_work_handler()s for the\nsame rdma_cm_id, overwriting any previously queued work-item(s)\nthat was just scheduled to run i.e. there is no guarantee\nthe queued work item may run between two successive calls\nto cma_netevent_callback() and the 2nd INIT_WORK would overwrite\nthe 1st work item (for the same rdma_cm_id), despite grabbing\nid_table_lock during enqueue.\n\nAlso drgn analysis [2] indicates the work item was likely overwritten.\n\nFix this by moving the INIT_WORK() to __rdma_create_id(),\nso that it doesn\u0027t race with any existing queue_work() or\nits worker thread.\n\n[1] Trimmed crash stack:\n=============================================\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nkworker/u256:6 ... 6.12.0-0...\nWorkqueue: cma_netevent_work_handler [rdma_cm] (rdma_cm)\nRIP: 0010:process_one_work+0xba/0x31a\nCall Trace:\n worker_thread+0x266/0x3a0\n kthread+0xcf/0x100\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x1a/0x30\n=============================================\n\n[2] drgn crash analysis:\n\n\u003e\u003e\u003e trace = prog.crashed_thread().stack_trace()\n\u003e\u003e\u003e trace\n(0) crash_setup_regs (./arch/x86/include/asm/kexec.h:111:15)\n(1) __crash_kexec (kernel/crash_core.c:122:4)\n(2) panic (kernel/panic.c:399:3)\n(3) oops_end (arch/x86/kernel/dumpstack.c:382:3)\n...\n(8) process_one_work (kernel/workqueue.c:3168:2)\n(9) process_scheduled_works (kernel/workqueue.c:3310:3)\n(10) worker_thread (kernel/workqueue.c:3391:4)\n(11) kthread (kernel/kthread.c:389:9)\n\nLine workqueue.c:3168 for this kernel version is in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n\n\u003e\u003e\u003e trace[8][\"work\"]\n*(struct work_struct *)0xffff92577d0a21d8 = {\n\t.data = (atomic_long_t){\n\t\t.counter = (s64)536870912, \u003c=== Note\n\t},\n\t.entry = (struct list_head){\n\t\t.next = (struct list_head *)0xffff924d075924c0,\n\t\t.prev = (struct list_head *)0xffff924d075924c0,\n\t},\n\t.func = (work_func_t)cma_netevent_work_handler+0x0 = 0xffffffffc2cec280,\n}\n\nSuspicion is that pwq is NULL:\n\u003e\u003e\u003e trace[8][\"pwq\"]\n(struct pool_workqueue *)\u003cabsent\u003e\n\nIn process_one_work(), pwq is assigned from:\nstruct pool_workqueue *pwq = get_work_pwq(work);\n\nand get_work_pwq() is:\nstatic struct pool_workqueue *get_work_pwq(struct work_struct *work)\n{\n \tunsigned long data = atomic_long_read(\u0026work-\u003edata);\n\n \tif (data \u0026 WORK_STRUCT_PWQ)\n \t\treturn work_struct_pwq(data);\n \telse\n \t\treturn NULL;\n}\n\nWORK_STRUCT_PWQ is 0x4:\n\u003e\u003e\u003e print(repr(prog[\u0027WORK_STRUCT_PWQ\u0027]))\nObject(prog, \u0027enum work_flags\u0027, value=4)\n\nBut work-\u003edata is 536870912 which is 0x20000000.\nSo, get_work_pwq() returns NULL and we crash in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n=============================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37772",
"url": "https://www.suse.com/security/cve/CVE-2025-37772"
},
{
"category": "external",
"summary": "SUSE Bug 1242563 for CVE-2025-37772",
"url": "https://bugzilla.suse.com/1242563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37772"
},
{
"cve": "CVE-2025-37781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: cros-ec-tunnel: defer probe if parent EC is not present\n\nWhen i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent\ndevice will not be found, leading to NULL pointer dereference.\n\nThat can also be reproduced by unbinding the controller driver and then\nloading i2c-cros-ec-tunnel module (or binding the device).\n\n[ 271.991245] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 271.998215] #PF: supervisor read access in kernel mode\n[ 272.003351] #PF: error_code(0x0000) - not-present page\n[ 272.008485] PGD 0 P4D 0\n[ 272.011022] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 272.015207] CPU: 0 UID: 0 PID: 3859 Comm: insmod Tainted: G S 6.15.0-rc1-00004-g44722359ed83 #30 PREEMPT(full) 3c7fb39a552e7d949de2ad921a7d6588d3a4fdc5\n[ 272.030312] Tainted: [S]=CPU_OUT_OF_SPEC\n[ 272.034233] Hardware name: HP Berknip/Berknip, BIOS Google_Berknip.13434.356.0 05/17/2021\n[ 272.042400] RIP: 0010:ec_i2c_probe+0x2b/0x1c0 [i2c_cros_ec_tunnel]\n[ 272.048577] Code: 1f 44 00 00 41 57 41 56 41 55 41 54 53 48 83 ec 10 65 48 8b 05 06 a0 6c e7 48 89 44 24 08 4c 8d 7f 10 48 8b 47 50 4c 8b 60 78 \u003c49\u003e 83 7c 24 58 00 0f 84 2f 01 00 00 48 89 fb be 30 06 00 00 4c 9\n[ 272.067317] RSP: 0018:ffffa32082a03940 EFLAGS: 00010282\n[ 272.072541] RAX: ffff969580b6a810 RBX: ffff969580b68c10 RCX: 0000000000000000\n[ 272.079672] RDX: 0000000000000000 RSI: 0000000000000282 RDI: ffff969580b68c00\n[ 272.086804] RBP: 00000000fffffdfb R08: 0000000000000000 R09: 0000000000000000\n[ 272.093936] R10: 0000000000000000 R11: ffffffffc0600000 R12: 0000000000000000\n[ 272.101067] R13: ffffffffa666fbb8 R14: ffffffffc05b5528 R15: ffff969580b68c10\n[ 272.108198] FS: 00007b930906fc40(0000) GS:ffff969603149000(0000) knlGS:0000000000000000\n[ 272.116282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 272.122024] CR2: 0000000000000058 CR3: 000000012631c000 CR4: 00000000003506f0\n[ 272.129155] Call Trace:\n[ 272.131606] \u003cTASK\u003e\n[ 272.133709] ? acpi_dev_pm_attach+0xdd/0x110\n[ 272.137985] platform_probe+0x69/0xa0\n[ 272.141652] really_probe+0x152/0x310\n[ 272.145318] __driver_probe_device+0x77/0x110\n[ 272.149678] driver_probe_device+0x1e/0x190\n[ 272.153864] __driver_attach+0x10b/0x1e0\n[ 272.157790] ? driver_attach+0x20/0x20\n[ 272.161542] bus_for_each_dev+0x107/0x150\n[ 272.165553] bus_add_driver+0x15d/0x270\n[ 272.169392] driver_register+0x65/0x110\n[ 272.173232] ? cleanup_module+0xa80/0xa80 [i2c_cros_ec_tunnel 3a00532f3f4af4a9eade753f86b0f8dd4e4e5698]\n[ 272.182617] do_one_initcall+0x110/0x350\n[ 272.186543] ? security_kernfs_init_security+0x49/0xd0\n[ 272.191682] ? __kernfs_new_node+0x1b9/0x240\n[ 272.195954] ? security_kernfs_init_security+0x49/0xd0\n[ 272.201093] ? __kernfs_new_node+0x1b9/0x240\n[ 272.205365] ? kernfs_link_sibling+0x105/0x130\n[ 272.209810] ? kernfs_next_descendant_post+0x1c/0xa0\n[ 272.214773] ? kernfs_activate+0x57/0x70\n[ 272.218699] ? kernfs_add_one+0x118/0x160\n[ 272.222710] ? __kernfs_create_file+0x71/0xa0\n[ 272.227069] ? sysfs_add_bin_file_mode_ns+0xd6/0x110\n[ 272.232033] ? internal_create_group+0x453/0x4a0\n[ 272.236651] ? __vunmap_range_noflush+0x214/0x2d0\n[ 272.241355] ? __free_frozen_pages+0x1dc/0x420\n[ 272.245799] ? free_vmap_area_noflush+0x10a/0x1c0\n[ 272.250505] ? load_module+0x1509/0x16f0\n[ 272.254431] do_init_module+0x60/0x230\n[ 272.258181] __se_sys_finit_module+0x27a/0x370\n[ 272.262627] do_syscall_64+0x6a/0xf0\n[ 272.266206] ? do_syscall_64+0x76/0xf0\n[ 272.269956] ? irqentry_exit_to_user_mode+0x79/0x90\n[ 272.274836] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n[ 272.279887] RIP: 0033:0x7b9309168d39\n[ 272.283466] Code: 5b 41 5c 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d af 40 0c 00 f7 d8 64 89 01 8\n[ 272.302210] RSP: 002b:00007fff50f1a288 EFLAGS: 00000246 ORIG_RAX: 000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37781",
"url": "https://www.suse.com/security/cve/CVE-2025-37781"
},
{
"category": "external",
"summary": "SUSE Bug 1242575 for CVE-2025-37781",
"url": "https://bugzilla.suse.com/1242575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37781"
},
{
"cve": "CVE-2025-37782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37782"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37782",
"url": "https://www.suse.com/security/cve/CVE-2025-37782"
},
{
"category": "external",
"summary": "SUSE Bug 1242770 for CVE-2025-37782",
"url": "https://bugzilla.suse.com/1242770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37782"
},
{
"cve": "CVE-2025-37786",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37786"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: free routing table on probe failure\n\nIf complete = true in dsa_tree_setup(), it means that we are the last\nswitch of the tree which is successfully probing, and we should be\nsetting up all switches from our probe path.\n\nAfter \"complete\" becomes true, dsa_tree_setup_cpu_ports() or any\nsubsequent function may fail. If that happens, the entire tree setup is\nin limbo: the first N-1 switches have successfully finished probing\n(doing nothing but having allocated persistent memory in the tree\u0027s\ndst-\u003eports, and maybe dst-\u003ertable), and switch N failed to probe, ending\nthe tree setup process before anything is tangible from the user\u0027s PoV.\n\nIf switch N fails to probe, its memory (ports) will be freed and removed\nfrom dst-\u003eports. However, the dst-\u003ertable elements pointing to its ports,\nas created by dsa_link_touch(), will remain there, and will lead to\nuse-after-free if dereferenced.\n\nIf dsa_tree_setup_switches() returns -EPROBE_DEFER, which is entirely\npossible because that is where ds-\u003eops-\u003esetup() is, we get a kasan\nreport like this:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mv88e6xxx_setup_upstream_port+0x240/0x568\nRead of size 8 at addr ffff000004f56020 by task kworker/u8:3/42\n\nCall trace:\n __asan_report_load8_noabort+0x20/0x30\n mv88e6xxx_setup_upstream_port+0x240/0x568\n mv88e6xxx_setup+0xebc/0x1eb0\n dsa_register_switch+0x1af4/0x2ae0\n mv88e6xxx_register_switch+0x1b8/0x2a8\n mv88e6xxx_probe+0xc4c/0xf60\n mdio_probe+0x78/0xb8\n really_probe+0x2b8/0x5a8\n __driver_probe_device+0x164/0x298\n driver_probe_device+0x78/0x258\n __device_attach_driver+0x274/0x350\n\nAllocated by task 42:\n __kasan_kmalloc+0x84/0xa0\n __kmalloc_cache_noprof+0x298/0x490\n dsa_switch_touch_ports+0x174/0x3d8\n dsa_register_switch+0x800/0x2ae0\n mv88e6xxx_register_switch+0x1b8/0x2a8\n mv88e6xxx_probe+0xc4c/0xf60\n mdio_probe+0x78/0xb8\n really_probe+0x2b8/0x5a8\n __driver_probe_device+0x164/0x298\n driver_probe_device+0x78/0x258\n __device_attach_driver+0x274/0x350\n\nFreed by task 42:\n __kasan_slab_free+0x48/0x68\n kfree+0x138/0x418\n dsa_register_switch+0x2694/0x2ae0\n mv88e6xxx_register_switch+0x1b8/0x2a8\n mv88e6xxx_probe+0xc4c/0xf60\n mdio_probe+0x78/0xb8\n really_probe+0x2b8/0x5a8\n __driver_probe_device+0x164/0x298\n driver_probe_device+0x78/0x258\n __device_attach_driver+0x274/0x350\n\nThe simplest way to fix the bug is to delete the routing table in its\nentirety. dsa_tree_setup_routing_table() has no problem in regenerating\nit even if we deleted links between ports other than those of switch N,\nbecause dsa_link_touch() first checks whether the port pair already\nexists in dst-\u003ertable, allocating if not.\n\nThe deletion of the routing table in its entirety already exists in\ndsa_tree_teardown(), so refactor that into a function that can also be\ncalled from the tree setup error path.\n\nIn my analysis of the commit to blame, it is the one which added\ndsa_link elements to dst-\u003ertable. Prior to that, each switch had its own\nds-\u003ertable which is freed when the switch fails to probe. But the tree\nis potentially persistent memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37786",
"url": "https://www.suse.com/security/cve/CVE-2025-37786"
},
{
"category": "external",
"summary": "SUSE Bug 1242725 for CVE-2025-37786",
"url": "https://bugzilla.suse.com/1242725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37786"
},
{
"cve": "CVE-2025-37788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path\n\nIn the for loop used to allocate the loc_array and bmap for each port, a\nmemory leak is possible when the allocation for loc_array succeeds,\nbut the allocation for bmap fails. This is because when the control flow\ngoes to the label free_eth_finfo, only the allocations starting from\n(i-1)th iteration are freed.\n\nFix that by freeing the loc_array in the bmap allocation error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37788",
"url": "https://www.suse.com/security/cve/CVE-2025-37788"
},
{
"category": "external",
"summary": "SUSE Bug 1242766 for CVE-2025-37788",
"url": "https://bugzilla.suse.com/1242766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37788"
},
{
"cve": "CVE-2025-37791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll()\n\nrpl is passed as a pointer to ethtool_cmis_module_poll(), so the correct\nsize of rpl is sizeof(*rpl) which should be just 1 byte. Using the\npointer size instead can cause stack corruption:\n\nKernel panic - not syncing: stack-protector: Kernel stack is corrupted in: ethtool_cmis_wait_for_cond+0xf4/0x100\nCPU: 72 UID: 0 PID: 4440 Comm: kworker/72:2 Kdump: loaded Tainted: G OE 6.11.0 #24\nTainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\nHardware name: Dell Inc. PowerEdge R760/04GWWM, BIOS 1.6.6 09/20/2023\nWorkqueue: events module_flash_fw_work\nCall Trace:\n \u003cTASK\u003e\n panic+0x339/0x360\n ? ethtool_cmis_wait_for_cond+0xf4/0x100\n ? __pfx_status_success+0x10/0x10\n ? __pfx_status_fail+0x10/0x10\n __stack_chk_fail+0x10/0x10\n ethtool_cmis_wait_for_cond+0xf4/0x100\n ethtool_cmis_cdb_execute_cmd+0x1fc/0x330\n ? __pfx_status_fail+0x10/0x10\n cmis_cdb_module_features_get+0x6d/0xd0\n ethtool_cmis_cdb_init+0x8a/0xd0\n ethtool_cmis_fw_update+0x46/0x1d0\n module_flash_fw_work+0x17/0xa0\n process_one_work+0x179/0x390\n worker_thread+0x239/0x340\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xcc/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2d/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37791",
"url": "https://www.suse.com/security/cve/CVE-2025-37791"
},
{
"category": "external",
"summary": "SUSE Bug 1242729 for CVE-2025-37791",
"url": "https://bugzilla.suse.com/1242729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37791"
},
{
"cve": "CVE-2025-37792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: Prevent potential NULL dereference\n\nThe btrtl_initialize() function checks that rtl_load_file() either\nhad an error or it loaded a zero length file. However, if it loaded\na zero length file then the error code is not set correctly. It\nresults in an error pointer vs NULL bug, followed by a NULL pointer\ndereference. This was detected by Smatch:\n\ndrivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to \u0027ERR_PTR\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37792",
"url": "https://www.suse.com/security/cve/CVE-2025-37792"
},
{
"category": "external",
"summary": "SUSE Bug 1242591 for CVE-2025-37792",
"url": "https://bugzilla.suse.com/1242591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37792"
},
{
"cve": "CVE-2025-37793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\navs_component_probe() does not check for this case, which results in a\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37793",
"url": "https://www.suse.com/security/cve/CVE-2025-37793"
},
{
"category": "external",
"summary": "SUSE Bug 1242584 for CVE-2025-37793",
"url": "https://bugzilla.suse.com/1242584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37793"
},
{
"cve": "CVE-2025-37794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Purge vif txq in ieee80211_do_stop()\n\nAfter ieee80211_do_stop() SKB from vif\u0027s txq could still be processed.\nIndeed another concurrent vif schedule_and_wake_txq call could cause\nthose packets to be dequeued (see ieee80211_handle_wake_tx_queue())\nwithout checking the sdata current state.\n\nBecause vif.drv_priv is now cleared in this function, this could lead to\ndriver crash.\n\nFor example in ath12k, ahvif is store in vif.drv_priv. Thus if\nath12k_mac_op_tx() is called after ieee80211_do_stop(), ahvif-\u003eah can be\nNULL, leading the ath12k_warn(ahvif-\u003eah,...) call in this function to\ntrigger the NULL deref below.\n\n Unable to handle kernel paging request at virtual address dfffffc000000001\n KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n batman_adv: bat0: Interface deactivated: brbh1337\n Mem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n [dfffffc000000001] address between user and kernel address ranges\n Internal error: Oops: 0000000096000004 [#1] SMP\n CPU: 1 UID: 0 PID: 978 Comm: lbd Not tainted 6.13.0-g633f875b8f1e #114\n Hardware name: HW (DT)\n pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k]\n lr : ath12k_mac_op_tx+0x174/0x29b8 [ath12k]\n sp : ffffffc086ace450\n x29: ffffffc086ace450 x28: 0000000000000000 x27: 1ffffff810d59ca4\n x26: ffffff801d05f7c0 x25: 0000000000000000 x24: 000000004000001e\n x23: ffffff8009ce4926 x22: ffffff801f9c0800 x21: ffffff801d05f7f0\n x20: ffffff8034a19f40 x19: 0000000000000000 x18: ffffff801f9c0958\n x17: ffffff800bc0a504 x16: dfffffc000000000 x15: ffffffc086ace4f8\n x14: ffffff801d05f83c x13: 0000000000000000 x12: ffffffb003a0bf03\n x11: 0000000000000000 x10: ffffffb003a0bf02 x9 : ffffff8034a19f40\n x8 : ffffff801d05f818 x7 : 1ffffff0069433dc x6 : ffffff8034a19ee0\n x5 : ffffff801d05f7f0 x4 : 0000000000000000 x3 : 0000000000000001\n x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000008\n Call trace:\n ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k] (P)\n ieee80211_handle_wake_tx_queue+0x16c/0x260\n ieee80211_queue_skb+0xeec/0x1d20\n ieee80211_tx+0x200/0x2c8\n ieee80211_xmit+0x22c/0x338\n __ieee80211_subif_start_xmit+0x7e8/0xc60\n ieee80211_subif_start_xmit+0xc4/0xee0\n __ieee80211_subif_start_xmit_8023.isra.0+0x854/0x17a0\n ieee80211_subif_start_xmit_8023+0x124/0x488\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n br_dev_queue_push_xmit+0x120/0x4a8\n __br_forward+0xe4/0x2b0\n deliver_clone+0x5c/0xd0\n br_flood+0x398/0x580\n br_dev_xmit+0x454/0x9f8\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n ip6_finish_output2+0xc28/0x1b60\n __ip6_finish_output+0x38c/0x638\n ip6_output+0x1b4/0x338\n ip6_local_out+0x7c/0xa8\n ip6_send_skb+0x7c/0x1b0\n ip6_push_pending_frames+0x94/0xd0\n rawv6_sendmsg+0x1a98/0x2898\n inet_sendmsg+0x94/0xe0\n __sys_sendto+0x1e4/0x308\n __arm64_sys_sendto+0xc4/0x140\n do_el0_svc+0x110/0x280\n el0_svc+0x20/0x60\n el0t_64_sync_handler+0x104/0x138\n el0t_64_sync+0x154/0x158\n\nTo avoid that, empty vif\u0027s txq at ieee80211_do_stop() so no packet could\nbe dequeued after ieee80211_do_stop() (new packets cannot be queued\nbecause SDATA_STATE_RUNNING is cleared at this point).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37794",
"url": "https://www.suse.com/security/cve/CVE-2025-37794"
},
{
"category": "external",
"summary": "SUSE Bug 1242566 for CVE-2025-37794",
"url": "https://bugzilla.suse.com/1242566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37794"
},
{
"cve": "CVE-2025-37796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: at76c50x: fix use after free access in at76_disconnect\n\nThe memory pointed to by priv is freed at the end of at76_delete_device\nfunction (using ieee80211_free_hw). But the code then accesses the udev\nfield of the freed object to put the USB device. This may also lead to a\nmemory leak of the usb device. Fix this by using udev from interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37796",
"url": "https://www.suse.com/security/cve/CVE-2025-37796"
},
{
"category": "external",
"summary": "SUSE Bug 1242727 for CVE-2025-37796",
"url": "https://bugzilla.suse.com/1242727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37796"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix potential NULL pointer dereference in dev_uevent()\n\nIf userspace reads \"uevent\" device attribute at the same time as another\nthreads unbinds the device from its driver, change to dev-\u003edriver from a\nvalid pointer to NULL may result in crash. Fix this by using READ_ONCE()\nwhen fetching the pointer, and take bus\u0027 drivers klist lock to make sure\ndriver instance will not disappear while we access it.\n\nUse WRITE_ONCE() when setting the driver pointer to ensure there is no\ntearing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37800",
"url": "https://www.suse.com/security/cve/CVE-2025-37800"
},
{
"category": "external",
"summary": "SUSE Bug 1242849 for CVE-2025-37800",
"url": "https://bugzilla.suse.com/1242849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37800"
},
{
"cve": "CVE-2025-37801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37801"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-imx: Add check for spi_imx_setupxfer()\n\nAdd check for the return value of spi_imx_setupxfer().\nspi_imx-\u003erx and spi_imx-\u003etx function pointer can be NULL when\nspi_imx_setupxfer() return error, and make NULL pointer dereference.\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n Call trace:\n 0x0\n spi_imx_pio_transfer+0x50/0xd8\n spi_imx_transfer_one+0x18c/0x858\n spi_transfer_one_message+0x43c/0x790\n __spi_pump_transfer_message+0x238/0x5d4\n __spi_sync+0x2b0/0x454\n spi_write_then_read+0x11c/0x200",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37801",
"url": "https://www.suse.com/security/cve/CVE-2025-37801"
},
{
"category": "external",
"summary": "SUSE Bug 1242850 for CVE-2025-37801",
"url": "https://bugzilla.suse.com/1242850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37801"
},
{
"cve": "CVE-2025-37805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsound/virtio: Fix cancel_sync warnings on uninitialized work_structs\n\nBetty reported hitting the following warning:\n\n[ 8.709131][ T221] WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182\n...\n[ 8.713282][ T221] Call trace:\n[ 8.713365][ T221] __flush_work+0x8d0/0x914\n[ 8.713468][ T221] __cancel_work_sync+0xac/0xfc\n[ 8.713570][ T221] cancel_work_sync+0x24/0x34\n[ 8.713667][ T221] virtsnd_remove+0xa8/0xf8 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.713868][ T221] virtsnd_probe+0x48c/0x664 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.714035][ T221] virtio_dev_probe+0x28c/0x390\n[ 8.714139][ T221] really_probe+0x1bc/0x4c8\n...\n\nIt seems we\u0027re hitting the error path in virtsnd_probe(), which\ntriggers a virtsnd_remove() which iterates over the substreams\ncalling cancel_work_sync() on the elapsed_period work_struct.\n\nLooking at the code, from earlier in:\nvirtsnd_probe()-\u003evirtsnd_build_devs()-\u003evirtsnd_pcm_parse_cfg()\n\nWe set snd-\u003ensubstreams, allocate the snd-\u003esubstreams, and if\nwe then hit an error on the info allocation or something in\nvirtsnd_ctl_query_info() fails, we will exit without having\ninitialized the elapsed_period work_struct.\n\nWhen that error path unwinds we then call virtsnd_remove()\nwhich as long as the substreams array is allocated, will iterate\nthrough calling cancel_work_sync() on the uninitialized work\nstruct hitting this warning.\n\nTakashi Iwai suggested this fix, which initializes the substreams\nstructure right after allocation, so that if we hit the error\npaths we avoid trying to cleanup uninitialized data.\n\nNote: I have not yet managed to reproduce the issue myself, so\nthis patch has had limited testing.\n\nFeedback or thoughts would be appreciated!",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37805",
"url": "https://www.suse.com/security/cve/CVE-2025-37805"
},
{
"category": "external",
"summary": "SUSE Bug 1242930 for CVE-2025-37805",
"url": "https://bugzilla.suse.com/1242930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37805"
},
{
"cve": "CVE-2025-37810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: check that event count does not exceed event buffer length\n\nThe event count is read from register DWC3_GEVNTCOUNT.\nThere is a check for the count being zero, but not for exceeding the\nevent buffer length.\nCheck that event count does not exceed event buffer length,\navoiding an out-of-bounds access when memcpy\u0027ing the event.\nCrash log:\nUnable to handle kernel paging request at virtual address ffffffc0129be000\npc : __memcpy+0x114/0x180\nlr : dwc3_check_event_buf+0xec/0x348\nx3 : 0000000000000030 x2 : 000000000000dfc4\nx1 : ffffffc0129be000 x0 : ffffff87aad60080\nCall trace:\n__memcpy+0x114/0x180\ndwc3_interrupt+0x24/0x34",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37810",
"url": "https://www.suse.com/security/cve/CVE-2025-37810"
},
{
"category": "external",
"summary": "SUSE Bug 1242906 for CVE-2025-37810",
"url": "https://bugzilla.suse.com/1242906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37810"
},
{
"cve": "CVE-2025-37811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: chipidea: ci_hdrc_imx: fix usbmisc handling\n\nusbmisc is an optional device property so it is totally valid for the\ncorresponding data-\u003eusbmisc_data to have a NULL value.\n\nCheck that before dereferencing the pointer.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37811",
"url": "https://www.suse.com/security/cve/CVE-2025-37811"
},
{
"category": "external",
"summary": "SUSE Bug 1242907 for CVE-2025-37811",
"url": "https://bugzilla.suse.com/1242907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37811"
},
{
"cve": "CVE-2025-37812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: Fix deadlock when using NCM gadget\n\nThe cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit\n58f2fcb3a845 (\"usb: cdnsp: Fix deadlock issue during using NCM gadget\").\n\nUnder PREEMPT_RT the deadlock can be readily triggered by heavy network\ntraffic, for example using \"iperf --bidir\" over NCM ethernet link.\n\nThe deadlock occurs because the threaded interrupt handler gets\npreempted by a softirq, but both are protected by the same spinlock.\nPrevent deadlock by disabling softirq during threaded irq handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37812",
"url": "https://www.suse.com/security/cve/CVE-2025-37812"
},
{
"category": "external",
"summary": "SUSE Bug 1242908 for CVE-2025-37812",
"url": "https://bugzilla.suse.com/1242908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37812"
},
{
"cve": "CVE-2025-37813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix invalid pointer dereference in Etron workaround\n\nThis check is performed before prepare_transfer() and prepare_ring(), so\nenqueue can already point at the final link TRB of a segment. And indeed\nit will, some 0.4% of times this code is called.\n\nThen enqueue + 1 is an invalid pointer. It will crash the kernel right\naway or load some junk which may look like a link TRB and cause the real\nlink TRB to be replaced with a NOOP. This wouldn\u0027t end well.\n\nUse a functionally equivalent test which doesn\u0027t dereference the pointer\nand always gives correct result.\n\nSomething has crashed my machine twice in recent days while playing with\nan Etron HC, and a control transfer stress test ran for confirmation has\njust crashed it again. The same test passes with this patch applied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37813",
"url": "https://www.suse.com/security/cve/CVE-2025-37813"
},
{
"category": "external",
"summary": "SUSE Bug 1242909 for CVE-2025-37813",
"url": "https://bugzilla.suse.com/1242909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37813"
},
{
"cve": "CVE-2025-37814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: Require CAP_SYS_ADMIN for all usages of TIOCL_SELMOUSEREPORT\n\nThis requirement was overeagerly loosened in commit 2f83e38a095f\n(\"tty: Permit some TIOCL_SETSEL modes without CAP_SYS_ADMIN\"), but as\nit turns out,\n\n (1) the logic I implemented there was inconsistent (apologies!),\n\n (2) TIOCL_SELMOUSEREPORT might actually be a small security risk\n after all, and\n\n (3) TIOCL_SELMOUSEREPORT is only meant to be used by the mouse\n daemon (GPM or Consolation), which runs as CAP_SYS_ADMIN\n already.\n\nIn more detail:\n\n1. The previous patch has inconsistent logic:\n\n In commit 2f83e38a095f (\"tty: Permit some TIOCL_SETSEL modes\n without CAP_SYS_ADMIN\"), we checked for sel_mode ==\n TIOCL_SELMOUSEREPORT, but overlooked that the lower four bits of\n this \"mode\" parameter were actually used as an additional way to\n pass an argument. So the patch did actually still require\n CAP_SYS_ADMIN, if any of the mouse button bits are set, but did not\n require it if none of the mouse buttons bits are set.\n\n This logic is inconsistent and was not intentional. We should have\n the same policies for using TIOCL_SELMOUSEREPORT independent of the\n value of the \"hidden\" mouse button argument.\n\n I sent a separate documentation patch to the man page list with\n more details on TIOCL_SELMOUSEREPORT:\n https://lore.kernel.org/all/20250223091342.35523-2-gnoack3000@gmail.com/\n\n2. TIOCL_SELMOUSEREPORT is indeed a potential security risk which can\n let an attacker simulate \"keyboard\" input to command line\n applications on the same terminal, like TIOCSTI and some other\n TIOCLINUX \"selection mode\" IOCTLs.\n\n By enabling mouse reporting on a terminal and then injecting mouse\n reports through TIOCL_SELMOUSEREPORT, an attacker can simulate\n mouse movements on the same terminal, similar to the TIOCSTI\n keystroke injection attacks that were previously possible with\n TIOCSTI and other TIOCL_SETSEL selection modes.\n\n Many programs (including libreadline/bash) are then prone to\n misinterpret these mouse reports as normal keyboard input because\n they do not expect input in the X11 mouse protocol form. The\n attacker does not have complete control over the escape sequence,\n but they can at least control the values of two consecutive bytes\n in the binary mouse reporting escape sequence.\n\n I went into more detail on that in the discussion at\n https://lore.kernel.org/all/20250221.0a947528d8f3@gnoack.org/\n\n It is not equally trivial to simulate arbitrary keystrokes as it\n was with TIOCSTI (commit 83efeeeb3d04 (\"tty: Allow TIOCSTI to be\n disabled\")), but the general mechanism is there, and together with\n the small number of existing legit use cases (see below), it would\n be better to revert back to requiring CAP_SYS_ADMIN for\n TIOCL_SELMOUSEREPORT, as it was already the case before\n commit 2f83e38a095f (\"tty: Permit some TIOCL_SETSEL modes without\n CAP_SYS_ADMIN\").\n\n3. TIOCL_SELMOUSEREPORT is only used by the mouse daemons (GPM or\n Consolation), and they are the only legit use case:\n\n To quote console_codes(4):\n\n The mouse tracking facility is intended to return\n xterm(1)-compatible mouse status reports. Because the console\n driver has no way to know the device or type of the mouse, these\n reports are returned in the console input stream only when the\n virtual terminal driver receives a mouse update ioctl. These\n ioctls must be generated by a mouse-aware user-mode application\n such as the gpm(8) daemon.\n\n Jared Finder has also confirmed in\n https://lore.kernel.org/all/491f3df9de6593df8e70dbe77614b026@finder.org/\n that Emacs does not call TIOCL_SELMOUSEREPORT directly, and it\n would be difficult to find good reasons for doing that, given that\n it would interfere with the reports that GPM is sending.\n\n More information on the interaction between GPM, terminals and th\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37814",
"url": "https://www.suse.com/security/cve/CVE-2025-37814"
},
{
"category": "external",
"summary": "SUSE Bug 1242865 for CVE-2025-37814",
"url": "https://bugzilla.suse.com/1242865"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37814"
},
{
"cve": "CVE-2025-37815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration\n\nResolve kernel panic while accessing IRQ handler associated with the\ngenerated IRQ. This is done by acquiring the spinlock and storing the\ncurrent interrupt state before handling the interrupt request using\ngeneric_handle_irq.\n\nA previous fix patch was submitted where \u0027generic_handle_irq\u0027 was\nreplaced with \u0027handle_nested_irq\u0027. However, this change also causes\nthe kernel panic where after determining which GPIO triggered the\ninterrupt and attempting to call handle_nested_irq with the mapped\nIRQ number, leads to a failure in locating the registered handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37815",
"url": "https://www.suse.com/security/cve/CVE-2025-37815"
},
{
"category": "external",
"summary": "SUSE Bug 1242871 for CVE-2025-37815",
"url": "https://bugzilla.suse.com/1242871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37815"
},
{
"cve": "CVE-2025-37816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37816"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmei: vsc: Fix fortify-panic caused by invalid counted_by() use\n\ngcc 15 honors the __counted_by(len) attribute on vsc_tp_packet.buf[]\nand the vsc-tp.c code is using this in a wrong way. len does not contain\nthe available size in the buffer, it contains the actual packet length\n*without* the crc. So as soon as vsc_tp_xfer() tries to add the crc to\nbuf[] the fortify-panic handler gets triggered:\n\n[ 80.842193] memcpy: detected buffer overflow: 4 byte write of buffer size 0\n[ 80.842243] WARNING: CPU: 4 PID: 272 at lib/string_helpers.c:1032 __fortify_report+0x45/0x50\n...\n[ 80.843175] __fortify_panic+0x9/0xb\n[ 80.843186] vsc_tp_xfer.cold+0x67/0x67 [mei_vsc_hw]\n[ 80.843210] ? seqcount_lockdep_reader_access.constprop.0+0x82/0x90\n[ 80.843229] ? lockdep_hardirqs_on+0x7c/0x110\n[ 80.843250] mei_vsc_hw_start+0x98/0x120 [mei_vsc]\n[ 80.843270] mei_reset+0x11d/0x420 [mei]\n\nThe easiest fix would be to just drop the counted-by but with the exception\nof the ack buffer in vsc_tp_xfer_helper() which only contains enough room\nfor the packet-header, all other uses of vsc_tp_packet always use a buffer\nof VSC_TP_MAX_XFER_SIZE bytes for the packet.\n\nInstead of just dropping the counted-by, split the vsc_tp_packet struct\ndefinition into a header and a full-packet definition and use a fixed\nsize buf[] in the packet definition, this way fortify-source buffer\noverrun checking still works when enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37816",
"url": "https://www.suse.com/security/cve/CVE-2025-37816"
},
{
"category": "external",
"summary": "SUSE Bug 1242863 for CVE-2025-37816",
"url": "https://bugzilla.suse.com/1242863"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37816"
},
{
"cve": "CVE-2025-37819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()\n\nWith ACPI in place, gicv2m_get_fwnode() is registered with the pci\nsubsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime\nduring a PCI host bridge probe. But, the call back is wrongly marked as\n__init, causing it to be freed, while being registered with the PCI\nsubsystem and could trigger:\n\n Unable to handle kernel paging request at virtual address ffff8000816c0400\n gicv2m_get_fwnode+0x0/0x58 (P)\n pci_set_bus_msi_domain+0x74/0x88\n pci_register_host_bridge+0x194/0x548\n\nThis is easily reproducible on a Juno board with ACPI boot.\n\nRetain the function for later use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37819",
"url": "https://www.suse.com/security/cve/CVE-2025-37819"
},
{
"category": "external",
"summary": "SUSE Bug 1242873 for CVE-2025-37819",
"url": "https://bugzilla.suse.com/1242873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37819"
},
{
"cve": "CVE-2025-37836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix reference leak in pci_register_host_bridge()\n\nIf device_register() fails, call put_device() to give up the reference to\navoid a memory leak, per the comment at device_register().\n\nFound by code review.\n\n[bhelgaas: squash Dan Carpenter\u0027s double free fix from\nhttps://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37836",
"url": "https://www.suse.com/security/cve/CVE-2025-37836"
},
{
"category": "external",
"summary": "SUSE Bug 1242957 for CVE-2025-37836",
"url": "https://bugzilla.suse.com/1242957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37836"
},
{
"cve": "CVE-2025-37837",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37837"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent()\n\nTwo WARNINGs are observed when SMMU driver rolls back upon failure:\n arm-smmu-v3.9.auto: Failed to register iommu\n arm-smmu-v3.9.auto: probe with driver arm-smmu-v3 failed with error -22\n ------------[ cut here ]------------\n WARNING: CPU: 5 PID: 1 at kernel/dma/mapping.c:74 dmam_free_coherent+0xc0/0xd8\n Call trace:\n dmam_free_coherent+0xc0/0xd8 (P)\n tegra241_vintf_free_lvcmdq+0x74/0x188\n tegra241_cmdqv_remove_vintf+0x60/0x148\n tegra241_cmdqv_remove+0x48/0xc8\n arm_smmu_impl_remove+0x28/0x60\n devm_action_release+0x1c/0x40\n ------------[ cut here ]------------\n 128 pages are still in use!\n WARNING: CPU: 16 PID: 1 at mm/page_alloc.c:6902 free_contig_range+0x18c/0x1c8\n Call trace:\n free_contig_range+0x18c/0x1c8 (P)\n cma_release+0x154/0x2f0\n dma_free_contiguous+0x38/0xa0\n dma_direct_free+0x10c/0x248\n dma_free_attrs+0x100/0x290\n dmam_free_coherent+0x78/0xd8\n tegra241_vintf_free_lvcmdq+0x74/0x160\n tegra241_cmdqv_remove+0x98/0x198\n arm_smmu_impl_remove+0x28/0x60\n devm_action_release+0x1c/0x40\n\nThis is because the LVCMDQ queue memory are managed by devres, while that\ndmam_free_coherent() is called in the context of devm_action_release().\n\nJason pointed out that \"arm_smmu_impl_probe() has mis-ordered the devres\ncallbacks if ops-\u003edevice_remove() is going to be manually freeing things\nthat probe allocated\":\nhttps://lore.kernel.org/linux-iommu/20250407174408.GB1722458@nvidia.com/\n\nIn fact, tegra241_cmdqv_init_structures() only allocates memory resources\nwhich means any failure that it generates would be similar to -ENOMEM, so\nthere is no point in having that \"falling back to standard SMMU\" routine,\nas the standard SMMU would likely fail to allocate memory too.\n\nRemove the unwind part in tegra241_cmdqv_init_structures(), and return a\nproper error code to ask SMMU driver to call tegra241_cmdqv_remove() via\nimpl_ops-\u003edevice_remove(). Then, drop tegra241_vintf_free_lvcmdq() since\ndevres will take care of that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37837",
"url": "https://www.suse.com/security/cve/CVE-2025-37837"
},
{
"category": "external",
"summary": "SUSE Bug 1242952 for CVE-2025-37837",
"url": "https://bugzilla.suse.com/1242952"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37837"
},
{
"cve": "CVE-2025-37839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb-\u003es_sequence check\n\nJournal emptiness is not determined by sb-\u003es_sequence == 0 but rather by\nsb-\u003es_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37839",
"url": "https://www.suse.com/security/cve/CVE-2025-37839"
},
{
"category": "external",
"summary": "SUSE Bug 1242990 for CVE-2025-37839",
"url": "https://bugzilla.suse.com/1242990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37839"
},
{
"cve": "CVE-2025-37840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: fix PM resume warning\n\nFixed warning on PM resume as shown below caused due to uninitialized\nstruct nand_operation that checks chip select field :\nWARN_ON(op-\u003ecs \u003e= nanddev_ntargets(\u0026chip-\u003ebase)\n\n[ 14.588522] ------------[ cut here ]------------\n[ 14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8\n[ 14.588553] Modules linked in: bdc udc_core\n[ 14.588579] CPU: 0 UID: 0 PID: 1392 Comm: rtcwake Tainted: G W 6.14.0-rc4-g5394eea10651 #16\n[ 14.588590] Tainted: [W]=WARN\n[ 14.588593] Hardware name: Broadcom STB (Flattened Device Tree)\n[ 14.588598] Call trace:\n[ 14.588604] dump_backtrace from show_stack+0x18/0x1c\n[ 14.588622] r7:00000009 r6:0000008b r5:60000153 r4:c0fa558c\n[ 14.588625] show_stack from dump_stack_lvl+0x70/0x7c\n[ 14.588639] dump_stack_lvl from dump_stack+0x18/0x1c\n[ 14.588653] r5:c08d40b0 r4:c1003cb0\n[ 14.588656] dump_stack from __warn+0x84/0xe4\n[ 14.588668] __warn from warn_slowpath_fmt+0x18c/0x194\n[ 14.588678] r7:c08d40b0 r6:c1003cb0 r5:00000000 r4:00000000\n[ 14.588681] warn_slowpath_fmt from nand_reset_op+0x1e0/0x1f8\n[ 14.588695] r8:70c40dff r7:89705f41 r6:36b4a597 r5:c26c9444 r4:c26b0048\n[ 14.588697] nand_reset_op from brcmnand_resume+0x13c/0x150\n[ 14.588714] r9:00000000 r8:00000000 r7:c24f8010 r6:c228a3f8 r5:c26c94bc r4:c26b0040\n[ 14.588717] brcmnand_resume from platform_pm_resume+0x34/0x54\n[ 14.588735] r5:00000010 r4:c0840a50\n[ 14.588738] platform_pm_resume from dpm_run_callback+0x5c/0x14c\n[ 14.588757] dpm_run_callback from device_resume+0xc0/0x324\n[ 14.588776] r9:c24f8054 r8:c24f80a0 r7:00000000 r6:00000000 r5:00000010 r4:c24f8010\n[ 14.588779] device_resume from dpm_resume+0x130/0x160\n[ 14.588799] r9:c22539e4 r8:00000010 r7:c22bebb0 r6:c24f8010 r5:c22539dc r4:c22539b0\n[ 14.588802] dpm_resume from dpm_resume_end+0x14/0x20\n[ 14.588822] r10:c2204e40 r9:00000000 r8:c228a3fc r7:00000000 r6:00000003 r5:c228a414\n[ 14.588826] r4:00000010\n[ 14.588828] dpm_resume_end from suspend_devices_and_enter+0x274/0x6f8\n[ 14.588848] r5:c228a414 r4:00000000\n[ 14.588851] suspend_devices_and_enter from pm_suspend+0x228/0x2bc\n[ 14.588868] r10:c3502910 r9:c3501f40 r8:00000004 r7:c228a438 r6:c0f95e18 r5:00000000\n[ 14.588871] r4:00000003\n[ 14.588874] pm_suspend from state_store+0x74/0xd0\n[ 14.588889] r7:c228a438 r6:c0f934c8 r5:00000003 r4:00000003\n[ 14.588892] state_store from kobj_attr_store+0x1c/0x28\n[ 14.588913] r9:00000000 r8:00000000 r7:f09f9f08 r6:00000004 r5:c3502900 r4:c0283250\n[ 14.588916] kobj_attr_store from sysfs_kf_write+0x40/0x4c\n[ 14.588936] r5:c3502900 r4:c0d92a48\n[ 14.588939] sysfs_kf_write from kernfs_fop_write_iter+0x104/0x1f0\n[ 14.588956] r5:c3502900 r4:c3501f40\n[ 14.588960] kernfs_fop_write_iter from vfs_write+0x250/0x420\n[ 14.588980] r10:c0e14b48 r9:00000000 r8:c25f5780 r7:00443398 r6:f09f9f68 r5:c34f7f00\n[ 14.588983] r4:c042a88c\n[ 14.588987] vfs_write from ksys_write+0x74/0xe4\n[ 14.589005] r10:00000004 r9:c25f5780 r8:c02002fA0 r7:00000000 r6:00000000 r5:c34f7f00\n[ 14.589008] r4:c34f7f00\n[ 14.589011] ksys_write from sys_write+0x10/0x14\n[ 14.589029] r7:00000004 r6:004421c0 r5:00443398 r4:00000004\n[ 14.589032] sys_write from ret_fast_syscall+0x0/0x5c\n[ 14.589044] Exception stack(0xf09f9fa8 to 0xf09f9ff0)\n[ 14.589050] 9fa0: 00000004 00443398 00000004 00443398 00000004 00000001\n[ 14.589056] 9fc0: 00000004 00443398 004421c0 00000004 b6ecbd58 00000008 bebfbc38 0043eb78\n[ 14.589062] 9fe0: 00440eb0 bebfbaf8 b6de18a0 b6e579e8\n[ 14.589065] ---[ end trace 0000000000000000 ]---\n\nThe fix uses the higher level nand_reset(chip, chipnr); where chipnr = 0, when\ndoing PM resume operation in compliance with the controller support for single\ndie nand chip. Switching from nand_reset_op() to nan\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37840",
"url": "https://www.suse.com/security/cve/CVE-2025-37840"
},
{
"category": "external",
"summary": "SUSE Bug 1242953 for CVE-2025-37840",
"url": "https://bugzilla.suse.com/1242953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37840"
},
{
"cve": "CVE-2025-37841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npm: cpupower: bench: Prevent NULL dereference on malloc failure\n\nIf malloc returns NULL due to low memory, \u0027config\u0027 pointer can be NULL.\nAdd a check to prevent NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37841",
"url": "https://www.suse.com/security/cve/CVE-2025-37841"
},
{
"category": "external",
"summary": "SUSE Bug 1242974 for CVE-2025-37841",
"url": "https://bugzilla.suse.com/1242974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37841"
},
{
"cve": "CVE-2025-37844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: avoid NULL pointer dereference in dbg call\n\ncifs_server_dbg() implies server to be non-NULL so\nmove call under condition to avoid NULL pointer dereference.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37844",
"url": "https://www.suse.com/security/cve/CVE-2025-37844"
},
{
"category": "external",
"summary": "SUSE Bug 1242946 for CVE-2025-37844",
"url": "https://bugzilla.suse.com/1242946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37844"
},
{
"cve": "CVE-2025-37847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix deadlock in ivpu_ms_cleanup()\n\nFix deadlock in ivpu_ms_cleanup() by preventing runtime resume after\nfile_priv-\u003ems_lock is acquired.\n\nDuring a failure in runtime resume, a cold boot is executed, which\ncalls ivpu_ms_cleanup_all(). This function calls ivpu_ms_cleanup()\nthat acquires file_priv-\u003ems_lock and causes the deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37847",
"url": "https://www.suse.com/security/cve/CVE-2025-37847"
},
{
"category": "external",
"summary": "SUSE Bug 1242947 for CVE-2025-37847",
"url": "https://bugzilla.suse.com/1242947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37847"
},
{
"cve": "CVE-2025-37848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix PM related deadlocks in MS IOCTLs\n\nPrevent runtime resume/suspend while MS IOCTLs are in progress.\nFailed suspend will call ivpu_ms_cleanup() that would try to acquire\nfile_priv-\u003ems_lock, which is already held by the IOCTLs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37848",
"url": "https://www.suse.com/security/cve/CVE-2025-37848"
},
{
"category": "external",
"summary": "SUSE Bug 1242943 for CVE-2025-37848",
"url": "https://bugzilla.suse.com/1242943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37848"
},
{
"cve": "CVE-2025-37849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Tear down vGIC on failed vCPU creation\n\nIf kvm_arch_vcpu_create() fails to share the vCPU page with the\nhypervisor, we propagate the error back to the ioctl but leave the\nvGIC vCPU data initialised. Note only does this leak the corresponding\nmemory when the vCPU is destroyed but it can also lead to use-after-free\nif the redistributor device handling tries to walk into the vCPU.\n\nAdd the missing cleanup to kvm_arch_vcpu_create(), ensuring that the\nvGIC vCPU structures are destroyed on error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37849",
"url": "https://www.suse.com/security/cve/CVE-2025-37849"
},
{
"category": "external",
"summary": "SUSE Bug 1243000 for CVE-2025-37849",
"url": "https://bugzilla.suse.com/1243000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37849"
},
{
"cve": "CVE-2025-37850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()\n\nWith CONFIG_COMPILE_TEST \u0026\u0026 !CONFIG_HAVE_CLK, pwm_mediatek_config() has a\ndivide-by-zero in the following line:\n\n\tdo_div(resolution, clk_get_rate(pc-\u003eclk_pwms[pwm-\u003ehwpwm]));\n\ndue to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate()\nreturns zero.\n\nThis is presumably just a theoretical problem: COMPILE_TEST overrides\nthe dependency on RALINK which would select COMMON_CLK. Regardless it\u0027s\na good idea to check for the error explicitly to avoid divide-by-zero.\n\nFixes the following warning:\n\n drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section\n\n[ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37850",
"url": "https://www.suse.com/security/cve/CVE-2025-37850"
},
{
"category": "external",
"summary": "SUSE Bug 1242955 for CVE-2025-37850",
"url": "https://bugzilla.suse.com/1242955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37850"
},
{
"cve": "CVE-2025-37851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: Add \u0027plane\u0027 value check\n\nFunction dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB\nof the enum parameter plane.\n\nThe value of this parameter is initialized in dss_init_overlays and in the\ncurrent state of the code it cannot take this value so it\u0027s not a real\nproblem.\n\nFor the purposes of defensive coding it wouldn\u0027t be superfluous to check\nthe parameter value, because some functions down the call stack process\nthis value correctly and some not.\n\nFor example, in dispc_ovl_setup_global_alpha it may lead to buffer\noverflow.\n\nAdd check for this value.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37851",
"url": "https://www.suse.com/security/cve/CVE-2025-37851"
},
{
"category": "external",
"summary": "SUSE Bug 1242977 for CVE-2025-37851",
"url": "https://bugzilla.suse.com/1242977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37851"
},
{
"cve": "CVE-2025-37852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create()\n\nAdd error handling to propagate amdgpu_cgs_create_device() failures\nto the caller. When amdgpu_cgs_create_device() fails, release hwmgr\nand return -ENOMEM to prevent null pointer dereference.\n\n[v1]-\u003e[v2]: Change error code from -EINVAL to -ENOMEM. Free hwmgr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37852",
"url": "https://www.suse.com/security/cve/CVE-2025-37852"
},
{
"category": "external",
"summary": "SUSE Bug 1243074 for CVE-2025-37852",
"url": "https://bugzilla.suse.com/1243074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37852"
},
{
"cve": "CVE-2025-37853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: debugfs hang_hws skip GPU with MES\n\ndebugfs hang_hws is used by GPU reset test with HWS, for MES this crash\nthe kernel with NULL pointer access because dqm-\u003epacket_mgr is not setup\nfor MES path.\n\nSkip GPU with MES for now, MES hang_hws debugfs interface will be\nsupported later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37853",
"url": "https://www.suse.com/security/cve/CVE-2025-37853"
},
{
"category": "external",
"summary": "SUSE Bug 1243076 for CVE-2025-37853",
"url": "https://bugzilla.suse.com/1243076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37853"
},
{
"cve": "CVE-2025-37854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix mode1 reset crash issue\n\nIf HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal\nuser space to abort the processes. After process abort exit, user queues\nstill use the GPU to access system memory before h/w is reset while KFD\ncleanup worker free system memory and free VRAM.\n\nThere is use-after-free race bug that KFD allocate and reuse the freed\nsystem memory, and user queue write to the same system memory to corrupt\nthe data structure and cause driver crash.\n\nTo fix this race, KFD cleanup worker terminate user queues, then flush\nreset_domain wq to wait for any GPU ongoing reset complete, and then\nfree outstanding BOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37854",
"url": "https://www.suse.com/security/cve/CVE-2025-37854"
},
{
"category": "external",
"summary": "SUSE Bug 1243082 for CVE-2025-37854",
"url": "https://bugzilla.suse.com/1243082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37854"
},
{
"cve": "CVE-2025-37858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Prevent integer overflow in AG size calculation\n\nThe JFS filesystem calculates allocation group (AG) size using 1 \u003c\u003c\nl2agsize in dbExtendFS(). When l2agsize exceeds 31 (possible with \u003e2TB\naggregates on 32-bit systems), this 32-bit shift operation causes undefined\nbehavior and improper AG sizing.\n\nOn 32-bit architectures:\n- Left-shifting 1 by 32+ bits results in 0 due to integer overflow\n- This creates invalid AG sizes (0 or garbage values) in\nsbi-\u003ebmap-\u003edb_agsize\n- Subsequent block allocations would reference invalid AG structures\n- Could lead to:\n - Filesystem corruption during extend operations\n - Kernel crashes due to invalid memory accesses\n - Security vulnerabilities via malformed on-disk structures\n\nFix by casting to s64 before shifting:\nbmp-\u003edb_agsize = (s64)1 \u003c\u003c l2agsize;\n\nThis ensures 64-bit arithmetic even on 32-bit architectures. The cast\nmatches the data type of db_agsize (s64) and follows similar patterns in\nJFS block calculation code.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37858",
"url": "https://www.suse.com/security/cve/CVE-2025-37858"
},
{
"category": "external",
"summary": "SUSE Bug 1243049 for CVE-2025-37858",
"url": "https://bugzilla.suse.com/1243049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37858"
},
{
"cve": "CVE-2025-37859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npage_pool: avoid infinite loop to schedule delayed worker\n\nWe noticed the kworker in page_pool_release_retry() was waken\nup repeatedly and infinitely in production because of the\nbuggy driver causing the inflight less than 0 and warning\nus in page_pool_inflight()[1].\n\nSince the inflight value goes negative, it means we should\nnot expect the whole page_pool to get back to work normally.\n\nThis patch mitigates the adverse effect by not rescheduling\nthe kworker when detecting the inflight negative in\npage_pool_release_retry().\n\n[1]\n[Mon Feb 10 20:36:11 2025] ------------[ cut here ]------------\n[Mon Feb 10 20:36:11 2025] Negative(-51446) inflight packet-pages\n...\n[Mon Feb 10 20:36:11 2025] Call Trace:\n[Mon Feb 10 20:36:11 2025] page_pool_release_retry+0x23/0x70\n[Mon Feb 10 20:36:11 2025] process_one_work+0x1b1/0x370\n[Mon Feb 10 20:36:11 2025] worker_thread+0x37/0x3a0\n[Mon Feb 10 20:36:11 2025] kthread+0x11a/0x140\n[Mon Feb 10 20:36:11 2025] ? process_one_work+0x370/0x370\n[Mon Feb 10 20:36:11 2025] ? __kthread_cancel_work+0x40/0x40\n[Mon Feb 10 20:36:11 2025] ret_from_fork+0x35/0x40\n[Mon Feb 10 20:36:11 2025] ---[ end trace ebffe800f33e7e34 ]---\nNote: before this patch, the above calltrace would flood the\ndmesg due to repeated reschedule of release_dw kworker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37859",
"url": "https://www.suse.com/security/cve/CVE-2025-37859"
},
{
"category": "external",
"summary": "SUSE Bug 1243051 for CVE-2025-37859",
"url": "https://bugzilla.suse.com/1243051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37859"
},
{
"cve": "CVE-2025-37861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue\n\nWhen the task management thread processes reply queues while the reset\nthread resets them, the task management thread accesses an invalid queue ID\n(0xFFFF), set by the reset thread, which points to unallocated memory,\ncausing a crash.\n\nAdd flag \u0027io_admin_reset_sync\u0027 to synchronize access between the reset,\nI/O, and admin threads. Before a reset, the reset handler sets this flag to\nblock I/O and admin processing threads. If any thread bypasses the initial\ncheck, the reset thread waits up to 10 seconds for processing to finish. If\nthe wait exceeds 10 seconds, the controller is marked as unrecoverable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37861",
"url": "https://www.suse.com/security/cve/CVE-2025-37861"
},
{
"category": "external",
"summary": "SUSE Bug 1243055 for CVE-2025-37861",
"url": "https://bugzilla.suse.com/1243055"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37861"
},
{
"cve": "CVE-2025-37862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: pidff: Fix null pointer dereference in pidff_find_fields\n\nThis function triggered a null pointer dereference if used to search for\na report that isn\u0027t implemented on the device. This happened both for\noptional and required reports alike.\n\nThe same logic was applied to pidff_find_special_field and although\npidff_init_fields should return an error earlier if one of the required\nreports is missing, future modifications could change this logic and\nresurface this possible null pointer dereference again.\n\nLKML bug report:\nhttps://lore.kernel.org/all/CAL-gK7f5=R0nrrQdPtaZZr1fd-cdAMbDMuZ_NLA8vM0SX+nGSw@mail.gmail.com",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37862",
"url": "https://www.suse.com/security/cve/CVE-2025-37862"
},
{
"category": "external",
"summary": "SUSE Bug 1242982 for CVE-2025-37862",
"url": "https://bugzilla.suse.com/1242982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37862"
},
{
"cve": "CVE-2025-37865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported\n\nRussell King reports that on the ZII dev rev B, deleting a bridge VLAN\nfrom a user port fails with -ENOENT:\nhttps://lore.kernel.org/netdev/Z_lQXNP0s5-IiJzd@shell.armlinux.org.uk/\n\nThis comes from mv88e6xxx_port_vlan_leave() -\u003e mv88e6xxx_mst_put(),\nwhich tries to find an MST entry in \u0026chip-\u003emsts associated with the SID,\nbut fails and returns -ENOENT as such.\n\nBut we know that this chip does not support MST at all, so that is not\nsurprising. The question is why does the guard in mv88e6xxx_mst_put()\nnot exit early:\n\n\tif (!sid)\n\t\treturn 0;\n\nAnd the answer seems to be simple: the sid comes from vlan.sid which\nsupposedly was previously populated by mv88e6xxx_vtu_get().\nBut some chip-\u003einfo-\u003eops-\u003evtu_getnext() implementations do not populate\nvlan.sid, for example see mv88e6185_g1_vtu_getnext(). In that case,\nlater in mv88e6xxx_port_vlan_leave() we are using a garbage sid which is\njust residual stack memory.\n\nTesting for sid == 0 covers all cases of a non-bridge VLAN or a bridge\nVLAN mapped to the default MSTI. For some chips, SID 0 is valid and\ninstalled by mv88e6xxx_stu_setup(). A chip which does not support the\nSTU would implicitly only support mapping all VLANs to the default MSTI,\nso although SID 0 is not valid, it would be sufficient, if we were to\nzero-initialize the vlan structure, to fix the bug, due to the\ncoincidence that a test for vlan.sid == 0 already exists and leads to\nthe same (correct) behavior.\n\nAnother option which would be sufficient would be to add a test for\nmv88e6xxx_has_stu() inside mv88e6xxx_mst_put(), symmetric to the one\nwhich already exists in mv88e6xxx_mst_get(). But that placement means\nthe caller will have to dereference vlan.sid, which means it will access\nuninitialized memory, which is not nice even if it ignores it later.\n\nSo we end up making both modifications, in order to not rely just on the\nsid == 0 coincidence, but also to avoid having uninitialized structure\nfields which might get temporarily accessed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37865",
"url": "https://www.suse.com/security/cve/CVE-2025-37865"
},
{
"category": "external",
"summary": "SUSE Bug 1242954 for CVE-2025-37865",
"url": "https://bugzilla.suse.com/1242954"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37865"
},
{
"cve": "CVE-2025-37867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Silence oversized kvmalloc() warning\n\nsyzkaller triggered an oversized kvmalloc() warning.\nSilence it by adding __GFP_NOWARN.\n\nsyzkaller log:\n WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node_noprof+0x175/0x180\n CPU: 7 UID: 0 PID: 518 Comm: c_repro Not tainted 6.11.0-rc6+ #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__kvmalloc_node_noprof+0x175/0x180\n RSP: 0018:ffffc90001e67c10 EFLAGS: 00010246\n RAX: 0000000000000100 RBX: 0000000000000400 RCX: ffffffff8149d46b\n RDX: 0000000000000000 RSI: ffff8881030fae80 RDI: 0000000000000002\n RBP: 000000712c800000 R08: 0000000000000100 R09: 0000000000000000\n R10: ffffc90001e67c10 R11: 0030ae0601000000 R12: 0000000000000000\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000\n FS: 00007fde79159740(0000) GS:ffff88813bdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000180 CR3: 0000000105eb4005 CR4: 00000000003706b0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ib_umem_odp_get+0x1f6/0x390\n mlx5_ib_reg_user_mr+0x1e8/0x450\n ib_uverbs_reg_mr+0x28b/0x440\n ib_uverbs_write+0x7d3/0xa30\n vfs_write+0x1ac/0x6c0\n ksys_write+0x134/0x170\n ? __sanitizer_cov_trace_pc+0x1c/0x50\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37867",
"url": "https://www.suse.com/security/cve/CVE-2025-37867"
},
{
"category": "external",
"summary": "SUSE Bug 1242948 for CVE-2025-37867",
"url": "https://bugzilla.suse.com/1242948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37867"
},
{
"cve": "CVE-2025-37868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/userptr: fix notifier vs folio deadlock\n\nUser is reporting what smells like notifier vs folio deadlock, where\nmigrate_pages_batch() on core kernel side is holding folio lock(s) and\nthen interacting with the mappings of it, however those mappings are\ntied to some userptr, which means calling into the notifier callback and\ngrabbing the notifier lock. With perfect timing it looks possible that\nthe pages we pulled from the hmm fault can get sniped by\nmigrate_pages_batch() at the same time that we are holding the notifier\nlock to mark the pages as accessed/dirty, but at this point we also want\nto grab the folio locks(s) to mark them as dirty, but if they are\ncontended from notifier/migrate_pages_batch side then we deadlock since\nfolio lock won\u0027t be dropped until we drop the notifier lock.\n\nFortunately the mark_page_accessed/dirty is not really needed in the\nfirst place it seems and should have already been done by hmm fault, so\njust remove it.\n\n(cherry picked from commit bd7c0cb695e87c0e43247be8196b4919edbe0e85)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37868",
"url": "https://www.suse.com/security/cve/CVE-2025-37868"
},
{
"category": "external",
"summary": "SUSE Bug 1242966 for CVE-2025-37868",
"url": "https://bugzilla.suse.com/1242966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37868"
},
{
"cve": "CVE-2025-37869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Use local fence in error path of xe_migrate_clear\n\nThe intent of the error path in xe_migrate_clear is to wait on locally\ngenerated fence and then return. The code is waiting on m-\u003efence which\ncould be the local fence but this is only stable under the job mutex\nleading to a possible UAF. Fix code to wait on local fence.\n\n(cherry picked from commit 762b7e95362170b3e13a8704f38d5e47eca4ba74)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37869",
"url": "https://www.suse.com/security/cve/CVE-2025-37869"
},
{
"category": "external",
"summary": "SUSE Bug 1242967 for CVE-2025-37869",
"url": "https://bugzilla.suse.com/1242967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37869"
},
{
"cve": "CVE-2025-37871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: decrease sc_count directly if fail to queue dl_recall\n\nA deadlock warning occurred when invoking nfs4_put_stid following a failed\ndl_recall queue operation:\n T1 T2\n nfs4_laundromat\n nfs4_get_client_reaplist\n nfs4_anylock_blockers\n__break_lease\n spin_lock // ctx-\u003eflc_lock\n spin_lock // clp-\u003ecl_lock\n nfs4_lockowner_has_blockers\n locks_owner_has_blockers\n spin_lock // flctx-\u003eflc_lock\n nfsd_break_deleg_cb\n nfsd_break_one_deleg\n nfs4_put_stid\n refcount_dec_and_lock\n spin_lock // clp-\u003ecl_lock\n\nWhen a file is opened, an nfs4_delegation is allocated with sc_count\ninitialized to 1, and the file_lease holds a reference to the delegation.\nThe file_lease is then associated with the file through kernel_setlease.\n\nThe disassociation is performed in nfsd4_delegreturn via the following\ncall chain:\nnfsd4_delegreturn --\u003e destroy_delegation --\u003e destroy_unhashed_deleg --\u003e\nnfs4_unlock_deleg_lease --\u003e kernel_setlease --\u003e generic_delete_lease\nThe corresponding sc_count reference will be released after this\ndisassociation.\n\nSince nfsd_break_one_deleg executes while holding the flc_lock, the\ndisassociation process becomes blocked when attempting to acquire flc_lock\nin generic_delete_lease. This means:\n1) sc_count in nfsd_break_one_deleg will not be decremented to 0;\n2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to\nacquire cl_lock;\n3) Consequently, no deadlock condition is created.\n\nGiven that sc_count in nfsd_break_one_deleg remains non-zero, we can\nsafely perform refcount_dec on sc_count directly. This approach\neffectively avoids triggering deadlock warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37871",
"url": "https://www.suse.com/security/cve/CVE-2025-37871"
},
{
"category": "external",
"summary": "SUSE Bug 1242949 for CVE-2025-37871",
"url": "https://bugzilla.suse.com/1242949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37871"
},
{
"cve": "CVE-2025-37873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix missing ring index trim on error path\n\nCommit under Fixes converted tx_prod to be free running but missed\nmasking it on the Tx error path. This crashes on error conditions,\nfor example when DMA mapping fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37873",
"url": "https://www.suse.com/security/cve/CVE-2025-37873"
},
{
"category": "external",
"summary": "SUSE Bug 1242961 for CVE-2025-37873",
"url": "https://bugzilla.suse.com/1242961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37873"
},
{
"cve": "CVE-2025-37874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37874"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ngbe: fix memory leak in ngbe_probe() error path\n\nWhen ngbe_sw_init() is called, memory is allocated for wx-\u003erss_key\nin wx_init_rss_key(). However, in ngbe_probe() function, the subsequent\nerror paths after ngbe_sw_init() don\u0027t free the rss_key. Fix that by\nfreeing it in error path along with wx-\u003emac_table.\n\nAlso change the label to which execution jumps when ngbe_sw_init()\nfails, because otherwise, it could lead to a double free for rss_key,\nwhen the mac_table allocation fails in wx_sw_init().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37874",
"url": "https://www.suse.com/security/cve/CVE-2025-37874"
},
{
"category": "external",
"summary": "SUSE Bug 1242940 for CVE-2025-37874",
"url": "https://bugzilla.suse.com/1242940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37874"
},
{
"cve": "CVE-2025-37875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix PTM cycle trigger logic\n\nWriting to clear the PTM status \u0027valid\u0027 bit while the PTM cycle is\ntriggered results in unreliable PTM operation. To fix this, clear the\nPTM \u0027trigger\u0027 and status after each PTM transaction.\n\nThe issue can be reproduced with the following:\n\n$ sudo phc2sys -R 1000 -O 0 -i tsn0 -m\n\nNote: 1000 Hz (-R 1000) is unrealistically large, but provides a way to\nquickly reproduce the issue.\n\nPHC2SYS exits with:\n\n\"ioctl PTP_OFFSET_PRECISE: Connection timed out\" when the PTM transaction\n fails\n\nThis patch also fixes a hang in igc_probe() when loading the igc\ndriver in the kdump kernel on systems supporting PTM.\n\nThe igc driver running in the base kernel enables PTM trigger in\nigc_probe(). Therefore the driver is always in PTM trigger mode,\nexcept in brief periods when manually triggering a PTM cycle.\n\nWhen a crash occurs, the NIC is reset while PTM trigger is enabled.\nDue to a hardware problem, the NIC is subsequently in a bad busmaster\nstate and doesn\u0027t handle register reads/writes. When running\nigc_probe() in the kdump kernel, the first register access to a NIC\nregister hangs driver probing and ultimately breaks kdump.\n\nWith this patch, igc has PTM trigger disabled most of the time,\nand the trigger is only enabled for very brief (10 - 100 us) periods\nwhen manually triggering a PTM cycle. Chances that a crash occurs\nduring a PTM trigger are not 0, but extremely reduced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37875",
"url": "https://www.suse.com/security/cve/CVE-2025-37875"
},
{
"category": "external",
"summary": "SUSE Bug 1242959 for CVE-2025-37875",
"url": "https://bugzilla.suse.com/1242959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37875"
},
{
"cve": "CVE-2025-37881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()\n\nThe variable d-\u003ename, returned by devm_kasprintf(), could be NULL.\nA pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37881",
"url": "https://www.suse.com/security/cve/CVE-2025-37881"
},
{
"category": "external",
"summary": "SUSE Bug 1242973 for CVE-2025-37881",
"url": "https://bugzilla.suse.com/1242973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37881"
},
{
"cve": "CVE-2025-37884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix deadlock between rcu_tasks_trace and event_mutex.\n\nFix the following deadlock:\nCPU A\n_free_event()\n perf_kprobe_destroy()\n mutex_lock(\u0026event_mutex)\n perf_trace_event_unreg()\n synchronize_rcu_tasks_trace()\n\nThere are several paths where _free_event() grabs event_mutex\nand calls sync_rcu_tasks_trace. Above is one such case.\n\nCPU B\nbpf_prog_test_run_syscall()\n rcu_read_lock_trace()\n bpf_prog_run_pin_on_cpu()\n bpf_prog_load()\n bpf_tracing_func_proto()\n trace_set_clr_event()\n mutex_lock(\u0026event_mutex)\n\nDelegate trace_set_clr_event() to workqueue to avoid\nsuch lock dependency.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37884",
"url": "https://www.suse.com/security/cve/CVE-2025-37884"
},
{
"category": "external",
"summary": "SUSE Bug 1243060 for CVE-2025-37884",
"url": "https://bugzilla.suse.com/1243060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37884"
},
{
"cve": "CVE-2025-37888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table()\n\nAdd NULL check for mlx5_get_flow_namespace() returns in\nmlx5_create_inner_ttc_table() and mlx5_create_ttc_table() to prevent\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37888",
"url": "https://www.suse.com/security/cve/CVE-2025-37888"
},
{
"category": "external",
"summary": "SUSE Bug 1242964 for CVE-2025-37888",
"url": "https://bugzilla.suse.com/1242964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37888"
},
{
"cve": "CVE-2025-37889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Consistently treat platform_max as control value\n\nThis reverts commit 9bdd10d57a88 (\"ASoC: ops: Shift tested values in\nsnd_soc_put_volsw() by +min\"), and makes some additional related\nupdates.\n\nThere are two ways the platform_max could be interpreted; the maximum\nregister value, or the maximum value the control can be set to. The\npatch moved from treating the value as a control value to a register\none. When the patch was applied it was technically correct as\nsnd_soc_limit_volume() also used the register interpretation. However,\neven then most of the other usages treated platform_max as a\ncontrol value, and snd_soc_limit_volume() has since been updated to\nalso do so in commit fb9ad24485087 (\"ASoC: ops: add correct range\ncheck for limiting volume\"). That patch however, missed updating\nsnd_soc_put_volsw() back to the control interpretation, and fixing\nsnd_soc_info_volsw_range(). The control interpretation makes more\nsense as limiting is typically done from the machine driver, so it is\nappropriate to use the customer facing representation rather than the\ninternal codec representation. Update all the code to consistently use\nthis interpretation of platform_max.\n\nFinally, also add some comments to the soc_mixer_control struct to\nhopefully avoid further patches switching between the two approaches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37889",
"url": "https://www.suse.com/security/cve/CVE-2025-37889"
},
{
"category": "external",
"summary": "SUSE Bug 1242945 for CVE-2025-37889",
"url": "https://bugzilla.suse.com/1242945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37889"
},
{
"cve": "CVE-2025-37890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], we have a UAF case when an hfsc class\nhas a netem child qdisc. The crux of the issue is that hfsc is assuming\nthat checking for cl-\u003eqdisc-\u003eq.qlen == 0 guarantees that it hasn\u0027t inserted\nthe class in the vttree or eltree (which is not true for the netem\nduplicate case).\n\nThis patch checks the n_active class variable to make sure that the code\nwon\u0027t insert the class in the vttree or eltree twice, catering for the\nreentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37890",
"url": "https://www.suse.com/security/cve/CVE-2025-37890"
},
{
"category": "external",
"summary": "SUSE Bug 1243330 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "external",
"summary": "SUSE Bug 1245791 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1245791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "important"
}
],
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-37891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ump: Fix buffer overflow at UMP SysEx message conversion\n\nThe conversion function from MIDI 1.0 to UMP packet contains an\ninternal buffer to keep the incoming MIDI bytes, and its size is 4, as\nit was supposed to be the max size for a MIDI1 UMP packet data.\nHowever, the implementation overlooked that SysEx is handled in a\ndifferent format, and it can be up to 6 bytes, as found in\ndo_convert_to_ump(). It leads eventually to a buffer overflow, and\nmay corrupt the memory when a longer SysEx message is received.\n\nThe fix is simply to extend the buffer size to 6 to fit with the SysEx\nUMP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37891",
"url": "https://www.suse.com/security/cve/CVE-2025-37891"
},
{
"category": "external",
"summary": "SUSE Bug 1243589 for CVE-2025-37891",
"url": "https://bugzilla.suse.com/1243589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37891"
},
{
"cve": "CVE-2025-37892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: inftlcore: Add error check for inftl_read_oob()\n\nIn INFTL_findwriteunit(), the return value of inftl_read_oob()\nneed to be checked. A proper implementation can be\nfound in INFTL_deleteblock(). The status will be set as\nSECTOR_IGNORE to break from the while-loop correctly\nif the inftl_read_oob() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37892",
"url": "https://www.suse.com/security/cve/CVE-2025-37892"
},
{
"category": "external",
"summary": "SUSE Bug 1243536 for CVE-2025-37892",
"url": "https://bugzilla.suse.com/1243536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37892"
},
{
"cve": "CVE-2025-37897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37897"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: plfxlc: Remove erroneous assert in plfxlc_mac_release\n\nplfxlc_mac_release() asserts that mac-\u003elock is held. This assertion is\nincorrect, because even if it was possible, it would not be the valid\nbehaviour. The function is used when probe fails or after the device is\ndisconnected. In both cases mac-\u003elock can not be held as the driver is\nnot working with the device at the moment. All functions that use mac-\u003elock\nunlock it just after it was held. There is also no need to hold mac-\u003elock\nfor plfxlc_mac_release() itself, as mac data is not affected, except for\nmac-\u003eflags, which is modified atomically.\n\nThis bug leads to the following warning:\n================================================================\nWARNING: CPU: 0 PID: 127 at drivers/net/wireless/purelifi/plfxlc/mac.c:106 plfxlc_mac_release+0x7d/0xa0\nModules linked in:\nCPU: 0 PID: 127 Comm: kworker/0:2 Not tainted 6.1.124-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:plfxlc_mac_release+0x7d/0xa0 drivers/net/wireless/purelifi/plfxlc/mac.c:106\nCall Trace:\n \u003cTASK\u003e\n probe+0x941/0xbd0 drivers/net/wireless/purelifi/plfxlc/usb.c:694\n usb_probe_interface+0x5c0/0xaf0 drivers/usb/core/driver.c:396\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_set_configuration+0x19dd/0x2020 drivers/usb/core/message.c:2165\n usb_generic_driver_probe+0x84/0x140 drivers/usb/core/generic.c:238\n usb_probe_device+0x130/0x260 drivers/usb/core/driver.c:293\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_new_device+0xbdd/0x18f0 drivers/usb/core/hub.c:2620\n hub_port_connect drivers/usb/core/hub.c:5477 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5617 [inline]\n port_event drivers/usb/core/hub.c:5773 [inline]\n hub_event+0x2efe/0x5730 drivers/usb/core/hub.c:5855\n process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292\n worker_thread+0xa47/0x1200 kernel/workqueue.c:2439\n kthread+0x28d/0x320 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n \u003c/TASK\u003e\n================================================================\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37897",
"url": "https://www.suse.com/security/cve/CVE-2025-37897"
},
{
"category": "external",
"summary": "SUSE Bug 1243534 for CVE-2025-37897",
"url": "https://bugzilla.suse.com/1243534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "low"
}
],
"title": "CVE-2025-37897"
},
{
"cve": "CVE-2025-37900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix two issues in iommu_copy_struct_from_user()\n\nIn the review for iommu_copy_struct_to_user() helper, Matt pointed out that\na NULL pointer should be rejected prior to dereferencing it:\nhttps://lore.kernel.org/all/86881827-8E2D-461C-BDA3-FA8FD14C343C@nvidia.com\n\nAnd Alok pointed out a typo at the same time:\nhttps://lore.kernel.org/all/480536af-6830-43ce-a327-adbd13dc3f1d@oracle.com\n\nSince both issues were copied from iommu_copy_struct_from_user(), fix them\nfirst in the current header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37900",
"url": "https://www.suse.com/security/cve/CVE-2025-37900"
},
{
"category": "external",
"summary": "SUSE Bug 1243560 for CVE-2025-37900",
"url": "https://bugzilla.suse.com/1243560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37900"
},
{
"cve": "CVE-2025-37901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs\n\nOn Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not\nhave a corresponding MPM pin and should not be handled inside the MPM\ndriver. The IRQ domain hierarchy is always applied, so it\u0027s required to\nexplicitly disconnect the hierarchy for those. The pinctrl-msm driver marks\nthese with GPIO_NO_WAKE_IRQ. qcom-pdc has a check for this, but\nirq-qcom-mpm is currently missing the check. This is causing crashes when\nsetting up interrupts for non-wake GPIOs:\n\n root@rb1:~# gpiomon -c gpiochip1 10\n irq: IRQ159: trimming hierarchy from :soc@0:interrupt-controller@f200000-1\n Unable to handle kernel paging request at virtual address ffff8000a1dc3820\n Hardware name: Qualcomm Technologies, Inc. Robotics RB1 (DT)\n pc : mpm_set_type+0x80/0xcc\n lr : mpm_set_type+0x5c/0xcc\n Call trace:\n mpm_set_type+0x80/0xcc (P)\n qcom_mpm_set_type+0x64/0x158\n irq_chip_set_type_parent+0x20/0x38\n msm_gpio_irq_set_type+0x50/0x530\n __irq_set_trigger+0x60/0x184\n __setup_irq+0x304/0x6bc\n request_threaded_irq+0xc8/0x19c\n edge_detector_setup+0x260/0x364\n linereq_create+0x420/0x5a8\n gpio_ioctl+0x2d4/0x6c0\n\nFix this by copying the check for GPIO_NO_WAKE_IRQ from qcom-pdc.c, so that\nMPM is removed entirely from the hierarchy for non-wake GPIOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37901",
"url": "https://www.suse.com/security/cve/CVE-2025-37901"
},
{
"category": "external",
"summary": "SUSE Bug 1243559 for CVE-2025-37901",
"url": "https://bugzilla.suse.com/1243559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37901"
},
{
"cve": "CVE-2025-37903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free in hdcp\n\nThe HDCP code in amdgpu_dm_hdcp.c copies pointers to amdgpu_dm_connector\nobjects without incrementing the kref reference counts. When using a\nUSB-C dock, and the dock is unplugged, the corresponding\namdgpu_dm_connector objects are freed, creating dangling pointers in the\nHDCP code. When the dock is plugged back, the dangling pointers are\ndereferenced, resulting in a slab-use-after-free:\n\n[ 66.775837] BUG: KASAN: slab-use-after-free in event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776171] Read of size 4 at addr ffff888127804120 by task kworker/0:1/10\n\n[ 66.776179] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.14.0-rc7-00180-g54505f727a38-dirty #233\n[ 66.776183] Hardware name: HP HP Pavilion Aero Laptop 13-be0xxx/8916, BIOS F.17 12/18/2024\n[ 66.776186] Workqueue: events event_property_validate [amdgpu]\n[ 66.776494] Call Trace:\n[ 66.776496] \u003cTASK\u003e\n[ 66.776497] dump_stack_lvl+0x70/0xa0\n[ 66.776504] print_report+0x175/0x555\n[ 66.776507] ? __virt_addr_valid+0x243/0x450\n[ 66.776510] ? kasan_complete_mode_report_info+0x66/0x1c0\n[ 66.776515] kasan_report+0xeb/0x1c0\n[ 66.776518] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776819] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777121] __asan_report_load4_noabort+0x14/0x20\n[ 66.777124] event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777342] ? __lock_acquire+0x6b40/0x6b40\n[ 66.777347] ? enable_assr+0x250/0x250 [amdgpu]\n[ 66.777571] process_one_work+0x86b/0x1510\n[ 66.777575] ? pwq_dec_nr_in_flight+0xcf0/0xcf0\n[ 66.777578] ? assign_work+0x16b/0x280\n[ 66.777580] ? lock_is_held_type+0xa3/0x130\n[ 66.777583] worker_thread+0x5c0/0xfa0\n[ 66.777587] ? process_one_work+0x1510/0x1510\n[ 66.777588] kthread+0x3a2/0x840\n[ 66.777591] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777594] ? trace_hardirqs_on+0x4f/0x60\n[ 66.777597] ? _raw_spin_unlock_irq+0x27/0x60\n[ 66.777599] ? calculate_sigpending+0x77/0xa0\n[ 66.777602] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777605] ret_from_fork+0x40/0x90\n[ 66.777607] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777609] ret_from_fork_asm+0x11/0x20\n[ 66.777614] \u003c/TASK\u003e\n\n[ 66.777643] Allocated by task 10:\n[ 66.777646] kasan_save_stack+0x39/0x60\n[ 66.777649] kasan_save_track+0x14/0x40\n[ 66.777652] kasan_save_alloc_info+0x37/0x50\n[ 66.777655] __kasan_kmalloc+0xbb/0xc0\n[ 66.777658] __kmalloc_cache_noprof+0x1c8/0x4b0\n[ 66.777661] dm_dp_add_mst_connector+0xdd/0x5c0 [amdgpu]\n[ 66.777880] drm_dp_mst_port_add_connector+0x47e/0x770 [drm_display_helper]\n[ 66.777892] drm_dp_send_link_address+0x1554/0x2bf0 [drm_display_helper]\n[ 66.777901] drm_dp_check_and_send_link_address+0x187/0x1f0 [drm_display_helper]\n[ 66.777909] drm_dp_mst_link_probe_work+0x2b8/0x410 [drm_display_helper]\n[ 66.777917] process_one_work+0x86b/0x1510\n[ 66.777919] worker_thread+0x5c0/0xfa0\n[ 66.777922] kthread+0x3a2/0x840\n[ 66.777925] ret_from_fork+0x40/0x90\n[ 66.777927] ret_from_fork_asm+0x11/0x20\n\n[ 66.777932] Freed by task 1713:\n[ 66.777935] kasan_save_stack+0x39/0x60\n[ 66.777938] kasan_save_track+0x14/0x40\n[ 66.777940] kasan_save_free_info+0x3b/0x60\n[ 66.777944] __kasan_slab_free+0x52/0x70\n[ 66.777946] kfree+0x13f/0x4b0\n[ 66.777949] dm_dp_mst_connector_destroy+0xfa/0x150 [amdgpu]\n[ 66.778179] drm_connector_free+0x7d/0xb0\n[ 66.778184] drm_mode_object_put.part.0+0xee/0x160\n[ 66.778188] drm_mode_object_put+0x37/0x50\n[ 66.778191] drm_atomic_state_default_clear+0x220/0xd60\n[ 66.778194] __drm_atomic_state_free+0x16e/0x2a0\n[ 66.778197] drm_mode_atomic_ioctl+0x15ed/0x2ba0\n[ 66.778200] drm_ioctl_kernel+0x17a/0x310\n[ 66.778203] drm_ioctl+0x584/0xd10\n[ 66.778206] amdgpu_drm_ioctl+0xd2/0x1c0 [amdgpu]\n[ 66.778375] __x64_sys_ioctl+0x139/0x1a0\n[ 66.778378] x64_sys_call+0xee7/0xfb0\n[ 66.778381] \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37903",
"url": "https://www.suse.com/security/cve/CVE-2025-37903"
},
{
"category": "external",
"summary": "SUSE Bug 1243562 for CVE-2025-37903",
"url": "https://bugzilla.suse.com/1243562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37903"
},
{
"cve": "CVE-2025-37905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Balance device refcount when destroying devices\n\nUsing device_find_child() to lookup the proper SCMI device to destroy\ncauses an unbalance in device refcount, since device_find_child() calls an\nimplicit get_device(): this, in turns, inhibits the call of the provided\nrelease methods upon devices destruction.\n\nAs a consequence, one of the structures that is not freed properly upon\ndestruction is the internal struct device_private dev-\u003ep populated by the\ndrivers subsystem core.\n\nKMemleak detects this situation since loading/unloding some SCMI driver\ncauses related devices to be created/destroyed without calling any\ndevice_release method.\n\nunreferenced object 0xffff00000f583800 (size 512):\n comm \"insmod\", pid 227, jiffies 4294912190\n hex dump (first 32 bytes):\n 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........\n ff ff ff ff ff ff ff ff 60 36 1d 8a 00 80 ff ff ........`6......\n backtrace (crc 114e2eed):\n kmemleak_alloc+0xbc/0xd8\n __kmalloc_cache_noprof+0x2dc/0x398\n device_add+0x954/0x12d0\n device_register+0x28/0x40\n __scmi_device_create.part.0+0x1bc/0x380\n scmi_device_create+0x2d0/0x390\n scmi_create_protocol_devices+0x74/0xf8\n scmi_device_request_notifier+0x1f8/0x2a8\n notifier_call_chain+0x110/0x3b0\n blocking_notifier_call_chain+0x70/0xb0\n scmi_driver_register+0x350/0x7f0\n 0xffff80000a3b3038\n do_one_initcall+0x12c/0x730\n do_init_module+0x1dc/0x640\n load_module+0x4b20/0x5b70\n init_module_from_file+0xec/0x158\n\n$ ./scripts/faddr2line ./vmlinux device_add+0x954/0x12d0\ndevice_add+0x954/0x12d0:\nkmalloc_noprof at include/linux/slab.h:901\n(inlined by) kzalloc_noprof at include/linux/slab.h:1037\n(inlined by) device_private_init at drivers/base/core.c:3510\n(inlined by) device_add at drivers/base/core.c:3561\n\nBalance device refcount by issuing a put_device() on devices found via\ndevice_find_child().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37905",
"url": "https://www.suse.com/security/cve/CVE-2025-37905"
},
{
"category": "external",
"summary": "SUSE Bug 1243456 for CVE-2025-37905",
"url": "https://bugzilla.suse.com/1243456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37905"
},
{
"cve": "CVE-2025-37909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: lan743x: Fix memleak issue when GSO enabled\n\nAlways map the `skb` to the LS descriptor. Previously skb was\nmapped to EXT descriptor when the number of fragments is zero with\nGSO enabled. Mapping the skb to EXT descriptor prevents it from\nbeing freed, leading to a memory leak",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37909",
"url": "https://www.suse.com/security/cve/CVE-2025-37909"
},
{
"category": "external",
"summary": "SUSE Bug 1243467 for CVE-2025-37909",
"url": "https://bugzilla.suse.com/1243467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37909"
},
{
"cve": "CVE-2025-37911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix out-of-bound memcpy() during ethtool -w\n\nWhen retrieving the FW coredump using ethtool, it can sometimes cause\nmemory corruption:\n\nBUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nCorrupted memory at 0x000000008f0f30e8 [ ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ] (in kfence-#45):\n__bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nethtool_get_dump_data+0xdc/0x1a0\n__dev_ethtool+0xa1e/0x1af0\ndev_ethtool+0xa8/0x170\ndev_ioctl+0x1b5/0x580\nsock_do_ioctl+0xab/0xf0\nsock_ioctl+0x1ce/0x2e0\n__x64_sys_ioctl+0x87/0xc0\ndo_syscall_64+0x5c/0xf0\nentry_SYSCALL_64_after_hwframe+0x78/0x80\n\n...\n\nThis happens when copying the coredump segment list in\nbnxt_hwrm_dbg_dma_data() with the HWRM_DBG_COREDUMP_LIST FW command.\nThe info-\u003edest_buf buffer is allocated based on the number of coredump\nsegments returned by the FW. The segment list is then DMA\u0027ed by\nthe FW and the length of the DMA is returned by FW. The driver then\ncopies this DMA\u0027ed segment list to info-\u003edest_buf.\n\nIn some cases, this DMA length may exceed the info-\u003edest_buf length\nand cause the above BUG condition. Fix it by capping the copy\nlength to not exceed the length of info-\u003edest_buf. The extra\nDMA data contains no useful information.\n\nThis code path is shared for the HWRM_DBG_COREDUMP_LIST and the\nHWRM_DBG_COREDUMP_RETRIEVE FW commands. The buffering is different\nfor these 2 FW commands. To simplify the logic, we need to move\nthe line to adjust the buffer length for HWRM_DBG_COREDUMP_RETRIEVE\nup, so that the new check to cap the copy length will work for both\ncommands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37911",
"url": "https://www.suse.com/security/cve/CVE-2025-37911"
},
{
"category": "external",
"summary": "SUSE Bug 1243469 for CVE-2025-37911",
"url": "https://bugzilla.suse.com/1243469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37911"
},
{
"cve": "CVE-2025-37912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()\n\nAs mentioned in the commit baeb705fd6a7 (\"ice: always check VF VSI\npointer values\"), we need to perform a null pointer check on the return\nvalue of ice_get_vf_vsi() before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37912",
"url": "https://www.suse.com/security/cve/CVE-2025-37912"
},
{
"category": "external",
"summary": "SUSE Bug 1243470 for CVE-2025-37912",
"url": "https://bugzilla.suse.com/1243470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37912"
},
{
"cve": "CVE-2025-37913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: qfq: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of qfq, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nThis patch checks whether the class was already added to the agg-\u003eactive\nlist (cl_is_active) before doing the addition to cater for the reentrant\ncase.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37913",
"url": "https://www.suse.com/security/cve/CVE-2025-37913"
},
{
"category": "external",
"summary": "SUSE Bug 1243471 for CVE-2025-37913",
"url": "https://bugzilla.suse.com/1243471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37913"
},
{
"cve": "CVE-2025-37914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: ets: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of ets, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether\nthe class was already added to the active_list (cl_is_active) before\ndoing the addition to cater for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37914",
"url": "https://www.suse.com/security/cve/CVE-2025-37914"
},
{
"category": "external",
"summary": "SUSE Bug 1243472 for CVE-2025-37914",
"url": "https://bugzilla.suse.com/1243472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37914"
},
{
"cve": "CVE-2025-37915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: drr: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of drr, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether the\nclass was already added to the active_list (cl_is_active) before adding\nto the list to cover for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37915",
"url": "https://www.suse.com/security/cve/CVE-2025-37915"
},
{
"category": "external",
"summary": "SUSE Bug 1243473 for CVE-2025-37915",
"url": "https://bugzilla.suse.com/1243473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37915"
},
{
"cve": "CVE-2025-37917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll\n\nUse spin_lock_irqsave and spin_unlock_irqrestore instead of spin_lock\nand spin_unlock in mtk_star_emac driver to avoid spinlock recursion\noccurrence that can happen when enabling the DMA interrupts again in\nrx/tx poll.\n\n```\nBUG: spinlock recursion on CPU#0, swapper/0/0\n lock: 0xffff00000db9cf20, .magic: dead4ead, .owner: swapper/0/0,\n .owner_cpu: 0\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted\n 6.15.0-rc2-next-20250417-00001-gf6a27738686c-dirty #28 PREEMPT\nHardware name: MediaTek MT8365 Open Platform EVK (DT)\nCall trace:\n show_stack+0x18/0x24 (C)\n dump_stack_lvl+0x60/0x80\n dump_stack+0x18/0x24\n spin_dump+0x78/0x88\n do_raw_spin_lock+0x11c/0x120\n _raw_spin_lock+0x20/0x2c\n mtk_star_handle_irq+0xc0/0x22c [mtk_star_emac]\n __handle_irq_event_percpu+0x48/0x140\n handle_irq_event+0x4c/0xb0\n handle_fasteoi_irq+0xa0/0x1bc\n handle_irq_desc+0x34/0x58\n generic_handle_domain_irq+0x1c/0x28\n gic_handle_irq+0x4c/0x120\n do_interrupt_handler+0x50/0x84\n el1_interrupt+0x34/0x68\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x6c/0x70\n regmap_mmio_read32le+0xc/0x20 (P)\n _regmap_bus_reg_read+0x6c/0xac\n _regmap_read+0x60/0xdc\n regmap_read+0x4c/0x80\n mtk_star_rx_poll+0x2f4/0x39c [mtk_star_emac]\n __napi_poll+0x38/0x188\n net_rx_action+0x164/0x2c0\n handle_softirqs+0x100/0x244\n __do_softirq+0x14/0x20\n ____do_softirq+0x10/0x20\n call_on_irq_stack+0x24/0x64\n do_softirq_own_stack+0x1c/0x40\n __irq_exit_rcu+0xd4/0x10c\n irq_exit_rcu+0x10/0x1c\n el1_interrupt+0x38/0x68\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x6c/0x70\n cpuidle_enter_state+0xac/0x320 (P)\n cpuidle_enter+0x38/0x50\n do_idle+0x1e4/0x260\n cpu_startup_entry+0x34/0x3c\n rest_init+0xdc/0xe0\n console_on_rootfs+0x0/0x6c\n __primary_switched+0x88/0x90\n```",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37917",
"url": "https://www.suse.com/security/cve/CVE-2025-37917"
},
{
"category": "external",
"summary": "SUSE Bug 1243475 for CVE-2025-37917",
"url": "https://bugzilla.suse.com/1243475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37917"
},
{
"cve": "CVE-2025-37918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: avoid NULL pointer dereference in skb_dequeue()\n\nA NULL pointer dereference can occur in skb_dequeue() when processing a\nQCA firmware crash dump on WCN7851 (0489:e0f3).\n\n[ 93.672166] Bluetooth: hci0: ACL memdump size(589824)\n\n[ 93.672475] BUG: kernel NULL pointer dereference, address: 0000000000000008\n[ 93.672517] Workqueue: hci0 hci_devcd_rx [bluetooth]\n[ 93.672598] RIP: 0010:skb_dequeue+0x50/0x80\n\nThe issue stems from handle_dump_pkt_qca() returning 0 even when a dump\npacket is successfully processed. This is because it incorrectly\nforwards the return value of hci_devcd_init() (which returns 0 on\nsuccess). As a result, the caller (btusb_recv_acl_qca() or\nbtusb_recv_evt_qca()) assumes the packet was not handled and passes it\nto hci_recv_frame(), leading to premature kfree() of the skb.\n\nLater, hci_devcd_rx() attempts to dequeue the same skb from the dump\nqueue, resulting in a NULL pointer dereference.\n\nFix this by:\n1. Making handle_dump_pkt_qca() return 0 on success and negative errno\n on failure, consistent with kernel conventions.\n2. Splitting dump packet detection into separate functions for ACL\n and event packets for better structure and readability.\n\nThis ensures dump packets are properly identified and consumed, avoiding\ndouble handling and preventing NULL pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37918",
"url": "https://www.suse.com/security/cve/CVE-2025-37918"
},
{
"category": "external",
"summary": "SUSE Bug 1243476 for CVE-2025-37918",
"url": "https://bugzilla.suse.com/1243476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37918"
},
{
"cve": "CVE-2025-37921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: vnifilter: Fix unlocked deletion of default FDB entry\n\nWhen a VNI is deleted from a VXLAN device in \u0027vnifilter\u0027 mode, the FDB\nentry associated with the default remote (assuming one was configured)\nis deleted without holding the hash lock. This is wrong and will result\nin a warning [1] being generated by the lockdep annotation that was\nadded by commit ebe642067455 (\"vxlan: Create wrappers for FDB lookup\").\n\nReproducer:\n\n # ip link add vx0 up type vxlan dstport 4789 external vnifilter local 192.0.2.1\n # bridge vni add vni 10010 remote 198.51.100.1 dev vx0\n # bridge vni del vni 10010 dev vx0\n\nFix by acquiring the hash lock before the deletion and releasing it\nafterwards. Blame the original commit that introduced the issue rather\nthan the one that exposed it.\n\n[1]\nWARNING: CPU: 3 PID: 392 at drivers/net/vxlan/vxlan_core.c:417 vxlan_find_mac+0x17f/0x1a0\n[...]\nRIP: 0010:vxlan_find_mac+0x17f/0x1a0\n[...]\nCall Trace:\n \u003cTASK\u003e\n __vxlan_fdb_delete+0xbe/0x560\n vxlan_vni_delete_group+0x2ba/0x940\n vxlan_vni_del.isra.0+0x15f/0x580\n vxlan_process_vni_filter+0x38b/0x7b0\n vxlan_vnifilter_process+0x3bb/0x510\n rtnetlink_rcv_msg+0x2f7/0xb70\n netlink_rcv_skb+0x131/0x360\n netlink_unicast+0x426/0x710\n netlink_sendmsg+0x75a/0xc20\n __sock_sendmsg+0xc1/0x150\n ____sys_sendmsg+0x5aa/0x7b0\n ___sys_sendmsg+0xfc/0x180\n __sys_sendmsg+0x121/0x1b0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37921",
"url": "https://www.suse.com/security/cve/CVE-2025-37921"
},
{
"category": "external",
"summary": "SUSE Bug 1243480 for CVE-2025-37921",
"url": "https://bugzilla.suse.com/1243480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37921"
},
{
"cve": "CVE-2025-37923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix oob write in trace_seq_to_buffer()\n\nsyzbot reported this bug:\n==================================================================\nBUG: KASAN: slab-out-of-bounds in trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\nBUG: KASAN: slab-out-of-bounds in tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\nWrite of size 4507 at addr ffff888032b6b000 by task syz.2.320/7260\n\nCPU: 1 UID: 0 PID: 7260 Comm: syz.2.320 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xc3/0x670 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n __asan_memcpy+0x3c/0x60 mm/kasan/shadow.c:106\n trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\n tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\n ....\n==================================================================\n\nIt has been reported that trace_seq_to_buffer() tries to copy more data\nthan PAGE_SIZE to buf. Therefore, to prevent this, we should use the\nsmaller of trace_seq_used(\u0026iter-\u003eseq) and PAGE_SIZE as an argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37923",
"url": "https://www.suse.com/security/cve/CVE-2025-37923"
},
{
"category": "external",
"summary": "SUSE Bug 1243551 for CVE-2025-37923",
"url": "https://bugzilla.suse.com/1243551"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37923"
},
{
"cve": "CVE-2025-37925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: reject on-disk inodes of an unsupported type\n\nSyzbot has reported the following BUG:\n\nkernel BUG at fs/inode.c:668!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted 6.12.0-rc4-syzkaller-00085-g4e46774408d9 #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\nRIP: 0010:clear_inode+0x168/0x190\nCode: 4c 89 f7 e8 ba fe e5 ff e9 61 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 7c c1 4c 89 f7 e8 90 ff e5 ff eb b7\n 0b e8 01 5d 7f ff 90 0f 0b e8 f9 5c 7f ff 90 0f 0b e8 f1 5c 7f\nRSP: 0018:ffffc900027dfae8 EFLAGS: 00010093\nRAX: ffffffff82157a87 RBX: 0000000000000001 RCX: ffff888104d4b980\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\nRBP: ffffc900027dfc90 R08: ffffffff82157977 R09: fffff520004fbf38\nR10: dffffc0000000000 R11: fffff520004fbf38 R12: dffffc0000000000\nR13: ffff88811315bc00 R14: ffff88811315bda8 R15: ffff88811315bb80\nFS: 0000000000000000(0000) GS:ffff888135f00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005565222e0578 CR3: 0000000026ef0000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n ? __die_body+0x5f/0xb0\n ? die+0x9e/0xc0\n ? do_trap+0x15a/0x3a0\n ? clear_inode+0x168/0x190\n ? do_error_trap+0x1dc/0x2c0\n ? clear_inode+0x168/0x190\n ? __pfx_do_error_trap+0x10/0x10\n ? report_bug+0x3cd/0x500\n ? handle_invalid_op+0x34/0x40\n ? clear_inode+0x168/0x190\n ? exc_invalid_op+0x38/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? clear_inode+0x57/0x190\n ? clear_inode+0x167/0x190\n ? clear_inode+0x168/0x190\n ? clear_inode+0x167/0x190\n jfs_evict_inode+0xb5/0x440\n ? __pfx_jfs_evict_inode+0x10/0x10\n evict+0x4ea/0x9b0\n ? __pfx_evict+0x10/0x10\n ? iput+0x713/0xa50\n txUpdateMap+0x931/0xb10\n ? __pfx_txUpdateMap+0x10/0x10\n jfs_lazycommit+0x49a/0xb80\n ? _raw_spin_unlock_irqrestore+0x8f/0x140\n ? lockdep_hardirqs_on+0x99/0x150\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_default_wake_function+0x10/0x10\n ? __kthread_parkme+0x169/0x1d0\n ? __pfx_jfs_lazycommit+0x10/0x10\n kthread+0x2f2/0x390\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4d/0x80\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nThis happens when \u0027clear_inode()\u0027 makes an attempt to finalize an underlying\nJFS inode of unknown type. According to JFS layout description from\nhttps://jfs.sourceforge.net/project/pub/jfslayout.pdf, inode types from 5 to\n15 are reserved for future extensions and should not be encountered on a valid\nfilesystem. So add an extra check for valid inode type in \u0027copy_from_dinode()\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37925",
"url": "https://www.suse.com/security/cve/CVE-2025-37925"
},
{
"category": "external",
"summary": "SUSE Bug 1241654 for CVE-2025-37925",
"url": "https://bugzilla.suse.com/1241654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37925"
},
{
"cve": "CVE-2025-37927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid\n\nThere is a string parsing logic error which can lead to an overflow of hid\nor uid buffers. Comparing ACPIID_LEN against a total string length doesn\u0027t\ntake into account the lengths of individual hid and uid buffers so the\ncheck is insufficient in some cases. For example if the length of hid\nstring is 4 and the length of the uid string is 260, the length of str\nwill be equal to ACPIID_LEN + 1 but uid string will overflow uid buffer\nwhich size is 256.\n\nThe same applies to the hid string with length 13 and uid string with\nlength 250.\n\nCheck the length of hid and uid strings separately to prevent\nbuffer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37927",
"url": "https://www.suse.com/security/cve/CVE-2025-37927"
},
{
"category": "external",
"summary": "SUSE Bug 1243620 for CVE-2025-37927",
"url": "https://bugzilla.suse.com/1243620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37927"
},
{
"cve": "CVE-2025-37928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-bufio: don\u0027t schedule in atomic context\n\nA BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and\ntry_verify_in_tasklet are enabled.\n[ 129.444685][ T934] BUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2421\n[ 129.444723][ T934] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 934, name: kworker/1:4\n[ 129.444740][ T934] preempt_count: 201, expected: 0\n[ 129.444756][ T934] RCU nest depth: 0, expected: 0\n[ 129.444781][ T934] Preemption disabled at:\n[ 129.444789][ T934] [\u003cffffffd816231900\u003e] shrink_work+0x21c/0x248\n[ 129.445167][ T934] kernel BUG at kernel/sched/walt/walt_debug.c:16!\n[ 129.445183][ T934] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ 129.445204][ T934] Skip md ftrace buffer dump for: 0x1609e0\n[ 129.447348][ T934] CPU: 1 PID: 934 Comm: kworker/1:4 Tainted: G W OE 6.6.56-android15-8-o-g6f82312b30b9-debug #1 1400000003000000474e5500b3187743670464e8\n[ 129.447362][ T934] Hardware name: Qualcomm Technologies, Inc. Parrot QRD, Alpha-M (DT)\n[ 129.447373][ T934] Workqueue: dm_bufio_cache shrink_work\n[ 129.447394][ T934] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 129.447406][ T934] pc : android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug]\n[ 129.447435][ T934] lr : __traceiter_android_rvh_schedule_bug+0x44/0x6c\n[ 129.447451][ T934] sp : ffffffc0843dbc90\n[ 129.447459][ T934] x29: ffffffc0843dbc90 x28: ffffffffffffffff x27: 0000000000000c8b\n[ 129.447479][ T934] x26: 0000000000000040 x25: ffffff804b3d6260 x24: ffffffd816232b68\n[ 129.447497][ T934] x23: ffffff805171c5b4 x22: 0000000000000000 x21: ffffffd816231900\n[ 129.447517][ T934] x20: ffffff80306ba898 x19: 0000000000000000 x18: ffffffc084159030\n[ 129.447535][ T934] x17: 00000000d2b5dd1f x16: 00000000d2b5dd1f x15: ffffffd816720358\n[ 129.447554][ T934] x14: 0000000000000004 x13: ffffff89ef978000 x12: 0000000000000003\n[ 129.447572][ T934] x11: ffffffd817a823c4 x10: 0000000000000202 x9 : 7e779c5735de9400\n[ 129.447591][ T934] x8 : ffffffd81560d004 x7 : 205b5d3938373434 x6 : ffffffd8167397c8\n[ 129.447610][ T934] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffffffc0843db9e0\n[ 129.447629][ T934] x2 : 0000000000002f15 x1 : 0000000000000000 x0 : 0000000000000000\n[ 129.447647][ T934] Call trace:\n[ 129.447655][ T934] android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug 1400000003000000474e550080cce8a8a78606b6]\n[ 129.447681][ T934] __might_resched+0x190/0x1a8\n[ 129.447694][ T934] shrink_work+0x180/0x248\n[ 129.447706][ T934] process_one_work+0x260/0x624\n[ 129.447718][ T934] worker_thread+0x28c/0x454\n[ 129.447729][ T934] kthread+0x118/0x158\n[ 129.447742][ T934] ret_from_fork+0x10/0x20\n[ 129.447761][ T934] Code: ???????? ???????? ???????? d2b5dd1f (d4210000)\n[ 129.447772][ T934] ---[ end trace 0000000000000000 ]---\n\ndm_bufio_lock will call spin_lock_bh when try_verify_in_tasklet\nis enabled, and __scan will be called in atomic context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37928",
"url": "https://www.suse.com/security/cve/CVE-2025-37928"
},
{
"category": "external",
"summary": "SUSE Bug 1243621 for CVE-2025-37928",
"url": "https://bugzilla.suse.com/1243621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37928"
},
{
"cve": "CVE-2025-37929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays\n\nCommit a5951389e58d (\"arm64: errata: Add newer ARM cores to the\nspectre_bhb_loop_affected() lists\") added some additional CPUs to the\nSpectre-BHB workaround, including some new arrays for designs that\nrequire new \u0027k\u0027 values for the workaround to be effective.\n\nUnfortunately, the new arrays omitted the sentinel entry and so\nis_midr_in_range_list() will walk off the end when it doesn\u0027t find a\nmatch. With UBSAN enabled, this leads to a crash during boot when\nis_midr_in_range_list() is inlined (which was more common prior to\nc8c2647e69be (\"arm64: Make _midr_in_range_list() an exported\nfunction\")):\n\n | Internal error: aarch64 BRK: 00000000f2000001 [#1] PREEMPT SMP\n | pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n | pc : spectre_bhb_loop_affected+0x28/0x30\n | lr : is_spectre_bhb_affected+0x170/0x190\n | [...]\n | Call trace:\n | spectre_bhb_loop_affected+0x28/0x30\n | update_cpu_capabilities+0xc0/0x184\n | init_cpu_features+0x188/0x1a4\n | cpuinfo_store_boot_cpu+0x4c/0x60\n | smp_prepare_boot_cpu+0x38/0x54\n | start_kernel+0x8c/0x478\n | __primary_switched+0xc8/0xd4\n | Code: 6b09011f 54000061 52801080 d65f03c0 (d4200020)\n | ---[ end trace 0000000000000000 ]---\n | Kernel panic - not syncing: aarch64 BRK: Fatal exception\n\nAdd the missing sentinel entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37929",
"url": "https://www.suse.com/security/cve/CVE-2025-37929"
},
{
"category": "external",
"summary": "SUSE Bug 1243624 for CVE-2025-37929",
"url": "https://bugzilla.suse.com/1243624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37929"
},
{
"cve": "CVE-2025-37930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()\n\nNouveau is mostly designed in a way that it\u0027s expected that fences only\never get signaled through nouveau_fence_signal(). However, in at least\none other place, nouveau_fence_done(), can signal fences, too. If that\nhappens (race) a signaled fence remains in the pending list for a while,\nuntil it gets removed by nouveau_fence_update().\n\nShould nouveau_fence_context_kill() run in the meantime, this would be\na bug because the function would attempt to set an error code on an\nalready signaled fence.\n\nHave nouveau_fence_context_kill() check for a fence being signaled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37930",
"url": "https://www.suse.com/security/cve/CVE-2025-37930"
},
{
"category": "external",
"summary": "SUSE Bug 1243625 for CVE-2025-37930",
"url": "https://bugzilla.suse.com/1243625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37930"
},
{
"cve": "CVE-2025-37931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: adjust subpage bit start based on sectorsize\n\nWhen running machines with 64k page size and a 16k nodesize we started\nseeing tree log corruption in production. This turned out to be because\nwe were not writing out dirty blocks sometimes, so this in fact affects\nall metadata writes.\n\nWhen writing out a subpage EB we scan the subpage bitmap for a dirty\nrange. If the range isn\u0027t dirty we do\n\n\tbit_start++;\n\nto move onto the next bit. The problem is the bitmap is based on the\nnumber of sectors that an EB has. So in this case, we have a 64k\npagesize, 16k nodesize, but a 4k sectorsize. This means our bitmap is 4\nbits for every node. With a 64k page size we end up with 4 nodes per\npage.\n\nTo make this easier this is how everything looks\n\n[0 16k 32k 48k ] logical address\n[0 4 8 12 ] radix tree offset\n[ 64k page ] folio\n[ 16k eb ][ 16k eb ][ 16k eb ][ 16k eb ] extent buffers\n[ | | | | | | | | | | | | | | | | ] bitmap\n\nNow we use all of our addressing based on fs_info-\u003esectorsize_bits, so\nas you can see the above our 16k eb-\u003estart turns into radix entry 4.\n\nWhen we find a dirty range for our eb, we correctly do bit_start +=\nsectors_per_node, because if we start at bit 0, the next bit for the\nnext eb is 4, to correspond to eb-\u003estart 16k.\n\nHowever if our range is clean, we will do bit_start++, which will now\nput us offset from our radix tree entries.\n\nIn our case, assume that the first time we check the bitmap the block is\nnot dirty, we increment bit_start so now it == 1, and then we loop\naround and check again. This time it is dirty, and we go to find that\nstart using the following equation\n\n\tstart = folio_start + bit_start * fs_info-\u003esectorsize;\n\nso in the case above, eb-\u003estart 0 is now dirty, and we calculate start\nas\n\n\t0 + 1 * fs_info-\u003esectorsize = 4096\n\t4096 \u003e\u003e 12 = 1\n\nNow we\u0027re looking up the radix tree for 1, and we won\u0027t find an eb.\nWhat\u0027s worse is now we\u0027re using bit_start == 1, so we do bit_start +=\nsectors_per_node, which is now 5. If that eb is dirty we will run into\nthe same thing, we will look at an offset that is not populated in the\nradix tree, and now we\u0027re skipping the writeout of dirty extent buffers.\n\nThe best fix for this is to not use sectorsize_bits to address nodes,\nbut that\u0027s a larger change. Since this is a fs corruption problem fix\nit simply by always using sectors_per_node to increment the start bit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37931",
"url": "https://www.suse.com/security/cve/CVE-2025-37931"
},
{
"category": "external",
"summary": "SUSE Bug 1243626 for CVE-2025-37931",
"url": "https://bugzilla.suse.com/1243626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37931"
},
{
"cve": "CVE-2025-37932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_qlen_notify() idempotent\n\nhtb_qlen_notify() always deactivates the HTB class and in fact could\ntrigger a warning if it is already deactivated. Therefore, it is not\nidempotent and not friendly to its callers, like fq_codel_dequeue().\n\nLet\u0027s make it idempotent to ease qdisc_tree_reduce_backlog() callers\u0027\nlife.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37932",
"url": "https://www.suse.com/security/cve/CVE-2025-37932"
},
{
"category": "external",
"summary": "SUSE Bug 1243627 for CVE-2025-37932",
"url": "https://bugzilla.suse.com/1243627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37932"
},
{
"cve": "CVE-2025-37933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37933"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteon_ep: Fix host hang issue during device reboot\n\nWhen the host loses heartbeat messages from the device,\nthe driver calls the device-specific ndo_stop function,\nwhich frees the resources. If the driver is unloaded in\nthis scenario, it calls ndo_stop again, attempting to free\nresources that have already been freed, leading to a host\nhang issue. To resolve this, dev_close should be called\ninstead of the device-specific stop function.dev_close\ninternally calls ndo_stop to stop the network interface\nand performs additional cleanup tasks. During the driver\nunload process, if the device is already down, ndo_stop\nis not called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37933",
"url": "https://www.suse.com/security/cve/CVE-2025-37933"
},
{
"category": "external",
"summary": "SUSE Bug 1243628 for CVE-2025-37933",
"url": "https://bugzilla.suse.com/1243628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37933"
},
{
"cve": "CVE-2025-37934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction\n\nActually check if the passed pointers are valid, before writing to them.\nThis also fixes a USBAN warning:\nUBSAN: invalid-load in ../sound/soc/fsl/imx-card.c:687:25\nload of value 255 is not a valid value for type \u0027_Bool\u0027\n\nThis is because playback_only is uninitialized and is not written to, as\nthe playback-only property is absent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37934",
"url": "https://www.suse.com/security/cve/CVE-2025-37934"
},
{
"category": "external",
"summary": "SUSE Bug 1243548 for CVE-2025-37934",
"url": "https://bugzilla.suse.com/1243548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37934"
},
{
"cve": "CVE-2025-37936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU\u0027s value.\n\nWhen generating the MSR_IA32_PEBS_ENABLE value that will be loaded on\nVM-Entry to a KVM guest, mask the value with the vCPU\u0027s desired PEBS_ENABLE\nvalue. Consulting only the host kernel\u0027s host vs. guest masks results in\nrunning the guest with PEBS enabled even when the guest doesn\u0027t want to use\nPEBS. Because KVM uses perf events to proxy the guest virtual PMU, simply\nlooking at exclude_host can\u0027t differentiate between events created by host\nuserspace, and events created by KVM on behalf of the guest.\n\nRunning the guest with PEBS unexpectedly enabled typically manifests as\ncrashes due to a near-infinite stream of #PFs. E.g. if the guest hasn\u0027t\nwritten MSR_IA32_DS_AREA, the CPU will hit page faults on address \u00270\u0027 when\ntrying to record PEBS events.\n\nThe issue is most easily reproduced by running `perf kvm top` from before\ncommit 7b100989b4f6 (\"perf evlist: Remove __evlist__add_default\") (after\nwhich, `perf kvm top` effectively stopped using PEBS).\tThe userspace side\nof perf creates a guest-only PEBS event, which intel_guest_get_msrs()\nmisconstrues a guest-*owned* PEBS event.\n\nArguably, this is a userspace bug, as enabling PEBS on guest-only events\nsimply cannot work, and userspace can kill VMs in many other ways (there\nis no danger to the host). However, even if this is considered to be bad\nuserspace behavior, there\u0027s zero downside to perf/KVM restricting PEBS to\nguest-owned events.\n\nNote, commit 854250329c02 (\"KVM: x86/pmu: Disable guest PEBS temporarily\nin two rare situations\") fixed the case where host userspace is profiling\nKVM *and* userspace, but missed the case where userspace is profiling only\nKVM.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37936",
"url": "https://www.suse.com/security/cve/CVE-2025-37936"
},
{
"category": "external",
"summary": "SUSE Bug 1243537 for CVE-2025-37936",
"url": "https://bugzilla.suse.com/1243537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37936"
},
{
"cve": "CVE-2025-37937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds()\n\nIf dib8000_set_dds()\u0027s call to dib8000_read32() returns zero, the result\nis a divide-by-zero. Prevent that from happening.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/media/dvb-frontends/dib8000.o: warning: objtool: dib8000_tune() falls through to next function dib8096p_cfg_DibRx()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37937",
"url": "https://www.suse.com/security/cve/CVE-2025-37937"
},
{
"category": "external",
"summary": "SUSE Bug 1243540 for CVE-2025-37937",
"url": "https://bugzilla.suse.com/1243540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37937"
},
{
"cve": "CVE-2025-37938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Verify event formats that have \"%*p..\"\n\nThe trace event verifier checks the formats of trace events to make sure\nthat they do not point at memory that is not in the trace event itself or\nin data that will never be freed. If an event references data that was\nallocated when the event triggered and that same data is freed before the\nevent is read, then the kernel can crash by reading freed memory.\n\nThe verifier runs at boot up (or module load) and scans the print formats\nof the events and checks their arguments to make sure that dereferenced\npointers are safe. If the format uses \"%*p..\" the verifier will ignore it,\nand that could be dangerous. Cover this case as well.\n\nAlso add to the sample code a use case of \"%*pbl\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37938",
"url": "https://www.suse.com/security/cve/CVE-2025-37938"
},
{
"category": "external",
"summary": "SUSE Bug 1243544 for CVE-2025-37938",
"url": "https://bugzilla.suse.com/1243544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37938"
},
{
"cve": "CVE-2025-37943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi\n\nIn certain cases, hardware might provide packets with a\nlength greater than the maximum native Wi-Fi header length.\nThis can lead to accessing and modifying fields in the header\nwithin the ath12k_dp_rx_h_undecap_nwifi function for\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type and\npotentially resulting in invalid data access and memory corruption.\n\nAdd a sanity check before processing the SKB to prevent invalid\ndata access in the undecap native Wi-Fi function for the\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37943",
"url": "https://www.suse.com/security/cve/CVE-2025-37943"
},
{
"category": "external",
"summary": "SUSE Bug 1243509 for CVE-2025-37943",
"url": "https://bugzilla.suse.com/1243509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37943"
},
{
"cve": "CVE-2025-37944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process\n\nCurrently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry\nto fetch the next entry from the destination ring. This is incorrect because\nath12k_hal_srng_src_get_next_entry is intended for source rings, not destination\nrings. This leads to invalid entry fetches, causing potential data corruption or\ncrashes due to accessing incorrect memory locations. This happens because the\nsource ring and destination ring have different handling mechanisms and using\nthe wrong function results in incorrect pointer arithmetic and ring management.\n\nTo fix this issue, replace the call to ath12k_hal_srng_src_get_next_entry with\nath12k_hal_srng_dst_get_next_entry in ath12k_dp_mon_srng_process. This ensures\nthat the correct function is used for fetching entries from the destination\nring, preventing invalid memory accesses.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37944",
"url": "https://www.suse.com/security/cve/CVE-2025-37944"
},
{
"category": "external",
"summary": "SUSE Bug 1243530 for CVE-2025-37944",
"url": "https://bugzilla.suse.com/1243530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37944"
},
{
"cve": "CVE-2025-37945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY\n\nDSA has 2 kinds of drivers:\n\n1. Those who call dsa_switch_suspend() and dsa_switch_resume() from\n their device PM ops: qca8k-8xxx, bcm_sf2, microchip ksz\n2. Those who don\u0027t: all others. The above methods should be optional.\n\nFor type 1, dsa_switch_suspend() calls dsa_user_suspend() -\u003e phylink_stop(),\nand dsa_switch_resume() calls dsa_user_resume() -\u003e phylink_start().\nThese seem good candidates for setting mac_managed_pm = true because\nthat is essentially its definition [1], but that does not seem to be the\nbiggest problem for now, and is not what this change focuses on.\n\nTalking strictly about the 2nd category of DSA drivers here (which\ndo not have MAC managed PM, meaning that for their attached PHYs,\nmdio_bus_phy_suspend() and mdio_bus_phy_resume() should run in full),\nI have noticed that the following warning from mdio_bus_phy_resume() is\ntriggered:\n\n\tWARN_ON(phydev-\u003estate != PHY_HALTED \u0026\u0026 phydev-\u003estate != PHY_READY \u0026\u0026\n\t\tphydev-\u003estate != PHY_UP);\n\nbecause the PHY state machine is running.\n\nIt\u0027s running as a result of a previous dsa_user_open() -\u003e ... -\u003e\nphylink_start() -\u003e phy_start() having been initiated by the user.\n\nThe previous mdio_bus_phy_suspend() was supposed to have called\nphy_stop_machine(), but it didn\u0027t. So this is why the PHY is in state\nPHY_NOLINK by the time mdio_bus_phy_resume() runs.\n\nmdio_bus_phy_suspend() did not call phy_stop_machine() because for\nphylink, the phydev-\u003eadjust_link function pointer is NULL. This seems a\ntechnicality introduced by commit fddd91016d16 (\"phylib: fix PAL state\nmachine restart on resume\"). That commit was written before phylink\nexisted, and was intended to avoid crashing with consumer drivers which\ndon\u0027t use the PHY state machine - phylink always does, when using a PHY.\nBut phylink itself has historically not been developed with\nsuspend/resume in mind, and apparently not tested too much in that\nscenario, allowing this bug to exist unnoticed for so long. Plus, prior\nto the WARN_ON(), it would have likely been invisible.\n\nThis issue is not in fact restricted to type 2 DSA drivers (according to\nthe above ad-hoc classification), but can be extrapolated to any MAC\ndriver with phylink and MDIO-bus-managed PHY PM ops. DSA is just where\nthe issue was reported. Assuming mac_managed_pm is set correctly, a\nquick search indicates the following other drivers might be affected:\n\n$ grep -Zlr PHYLINK_NETDEV drivers/ | xargs -0 grep -L mac_managed_pm\ndrivers/net/ethernet/atheros/ag71xx.c\ndrivers/net/ethernet/microchip/sparx5/sparx5_main.c\ndrivers/net/ethernet/microchip/lan966x/lan966x_main.c\ndrivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c\ndrivers/net/ethernet/freescale/fs_enet/fs_enet-main.c\ndrivers/net/ethernet/freescale/dpaa/dpaa_eth.c\ndrivers/net/ethernet/freescale/ucc_geth.c\ndrivers/net/ethernet/freescale/enetc/enetc_pf_common.c\ndrivers/net/ethernet/marvell/mvpp2/mvpp2_main.c\ndrivers/net/ethernet/marvell/mvneta.c\ndrivers/net/ethernet/marvell/prestera/prestera_main.c\ndrivers/net/ethernet/mediatek/mtk_eth_soc.c\ndrivers/net/ethernet/altera/altera_tse_main.c\ndrivers/net/ethernet/wangxun/txgbe/txgbe_phy.c\ndrivers/net/ethernet/meta/fbnic/fbnic_phylink.c\ndrivers/net/ethernet/tehuti/tn40_phy.c\ndrivers/net/ethernet/mscc/ocelot_net.c\n\nMake the existing conditions dependent on the PHY device having a\nphydev-\u003ephy_link_change() implementation equal to the default\nphy_link_change() provided by phylib. Otherwise, we implicitly know that\nthe phydev has the phylink-provided phylink_phy_change() callback, and\nwhen phylink is used, the PHY state machine always needs to be stopped/\nstarted on the suspend/resume path. The code is structured as such that\nif phydev-\u003ephy_link_change() is absent, it is a matter of time until the\nkernel will crash - no need to further complicate the test.\n\nThus, for the situation where the PM is not managed b\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37945",
"url": "https://www.suse.com/security/cve/CVE-2025-37945"
},
{
"category": "external",
"summary": "SUSE Bug 1243538 for CVE-2025-37945",
"url": "https://bugzilla.suse.com/1243538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37945"
},
{
"cve": "CVE-2025-37946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37946"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs\n\nWith commit bcb5d6c76903 (\"s390/pci: introduce lock to synchronize state\nof zpci_dev\u0027s\") the code to ignore power off of a PF that has child VFs\nwas changed from a direct return to a goto to the unlock and\npci_dev_put() section. The change however left the existing pci_dev_put()\nuntouched resulting in a doubple put. This can subsequently cause a use\nafter free if the struct pci_dev is released in an unexpected state.\nFix this by removing the extra pci_dev_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37946",
"url": "https://www.suse.com/security/cve/CVE-2025-37946"
},
{
"category": "external",
"summary": "SUSE Bug 1243506 for CVE-2025-37946",
"url": "https://bugzilla.suse.com/1243506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37946"
},
{
"cve": "CVE-2025-37948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Add BHB mitigation to the epilogue for cBPF programs\n\nA malicious BPF program may manipulate the branch history to influence\nwhat the hardware speculates will happen next.\n\nOn exit from a BPF program, emit the BHB mititgation sequence.\n\nThis is only applied for \u0027classic\u0027 cBPF programs that are loaded by\nseccomp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37948",
"url": "https://www.suse.com/security/cve/CVE-2025-37948"
},
{
"category": "external",
"summary": "SUSE Bug 1243649 for CVE-2025-37948",
"url": "https://bugzilla.suse.com/1243649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37948"
},
{
"cve": "CVE-2025-37951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Add job to pending list if the reset was skipped\n\nWhen a CL/CSD job times out, we check if the GPU has made any progress\nsince the last timeout. If so, instead of resetting the hardware, we skip\nthe reset and let the timer get rearmed. This gives long-running jobs a\nchance to complete.\n\nHowever, when `timedout_job()` is called, the job in question is removed\nfrom the pending list, which means it won\u0027t be automatically freed through\n`free_job()`. Consequently, when we skip the reset and keep the job\nrunning, the job won\u0027t be freed when it finally completes.\n\nThis situation leads to a memory leak, as exposed in [1] and [2].\n\nSimilarly to commit 704d3d60fec4 (\"drm/etnaviv: don\u0027t block scheduler when\nGPU is still active\"), this patch ensures the job is put back on the\npending list when extending the timeout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37951",
"url": "https://www.suse.com/security/cve/CVE-2025-37951"
},
{
"category": "external",
"summary": "SUSE Bug 1243659 for CVE-2025-37951",
"url": "https://bugzilla.suse.com/1243659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37951"
},
{
"cve": "CVE-2025-37953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_deactivate() idempotent\n\nAlan reported a NULL pointer dereference in htb_next_rb_node()\nafter we made htb_qlen_notify() idempotent.\n\nIt turns out in the following case it introduced some regression:\n\nhtb_dequeue_tree():\n |-\u003e fq_codel_dequeue()\n |-\u003e qdisc_tree_reduce_backlog()\n |-\u003e htb_qlen_notify()\n |-\u003e htb_deactivate()\n |-\u003e htb_next_rb_node()\n |-\u003e htb_deactivate()\n\nFor htb_next_rb_node(), after calling the 1st htb_deactivate(), the\nclprio[prio]-\u003eptr could be already set to NULL, which means\nhtb_next_rb_node() is vulnerable here.\n\nFor htb_deactivate(), although we checked qlen before calling it, in\ncase of qlen==0 after qdisc_tree_reduce_backlog(), we may call it again\nwhich triggers the warning inside.\n\nTo fix the issues here, we need to:\n\n1) Make htb_deactivate() idempotent, that is, simply return if we\n already call it before.\n2) Make htb_next_rb_node() safe against ptr==NULL.\n\nMany thanks to Alan for testing and for the reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37953",
"url": "https://www.suse.com/security/cve/CVE-2025-37953"
},
{
"category": "external",
"summary": "SUSE Bug 1243543 for CVE-2025-37953",
"url": "https://bugzilla.suse.com/1243543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37953"
},
{
"cve": "CVE-2025-37954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Avoid race in open_cached_dir with lease breaks\n\nA pre-existing valid cfid returned from find_or_create_cached_dir might\nrace with a lease break, meaning open_cached_dir doesn\u0027t consider it\nvalid, and thinks it\u0027s newly-constructed. This leaks a dentry reference\nif the allocation occurs before the queued lease break work runs.\n\nAvoid the race by extending holding the cfid_list_lock across\nfind_or_create_cached_dir and when the result is checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37954",
"url": "https://www.suse.com/security/cve/CVE-2025-37954"
},
{
"category": "external",
"summary": "SUSE Bug 1243664 for CVE-2025-37954",
"url": "https://bugzilla.suse.com/1243664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37954"
},
{
"cve": "CVE-2025-37959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Scrub packet on bpf_redirect_peer\n\nWhen bpf_redirect_peer is used to redirect packets to a device in\nanother network namespace, the skb isn\u0027t scrubbed. That can lead skb\ninformation from one namespace to be \"misused\" in another namespace.\n\nAs one example, this is causing Cilium to drop traffic when using\nbpf_redirect_peer to redirect packets that just went through IPsec\ndecryption to a container namespace. The following pwru trace shows (1)\nthe packet path from the host\u0027s XFRM layer to the container\u0027s XFRM\nlayer where it\u0027s dropped and (2) the number of active skb extensions at\neach function.\n\n NETNS MARK IFACE TUPLE FUNC\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm4_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 gro_cells_receive\n .active_extensions = (__u8)2,\n [...]\n 4026533547 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 skb_do_redirect\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv_core\n .active_extensions = (__u8)2,\n [...]\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 udp_queue_rcv_one_skb\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_policy_check\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 security_xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 kfree_skb_reason(SKB_DROP_REASON_XFRM_POLICY)\n .active_extensions = (__u8)2,\n\nIn this case, there are no XFRM policies in the container\u0027s network\nnamespace so the drop is unexpected. When we decrypt the IPsec packet,\nthe XFRM state used for decryption is set in the skb extensions. This\ninformation is preserved across the netns switch. When we reach the\nXFRM policy check in the container\u0027s netns, __xfrm_policy_check drops\nthe packet with LINUX_MIB_XFRMINNOPOLS because a (container-side) XFRM\npolicy can\u0027t be found that matches the (host-side) XFRM state used for\ndecryption.\n\nThis patch fixes this by scrubbing the packet when using\nbpf_redirect_peer, as is done on typical netns switches via veth\ndevices except skb-\u003emark and skb-\u003etstamp are not zeroed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37959",
"url": "https://www.suse.com/security/cve/CVE-2025-37959"
},
{
"category": "external",
"summary": "SUSE Bug 1243517 for CVE-2025-37959",
"url": "https://bugzilla.suse.com/1243517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37959"
},
{
"cve": "CVE-2025-37961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix uninit-value for saddr in do_output_route4\n\nsyzbot reports for uninit-value for the saddr argument [1].\ncommit 4754957f04f5 (\"ipvs: do not use random local source address for\ntunnels\") already implies that the input value of saddr\nshould be ignored but the code is still reading it which can prevent\nto connect the route. Fix it by changing the argument to ret_saddr.\n\n[1]\nBUG: KMSAN: uninit-value in do_output_route4+0x42c/0x4d0 net/netfilter/ipvs/ip_vs_xmit.c:147\n do_output_route4+0x42c/0x4d0 net/netfilter/ipvs/ip_vs_xmit.c:147\n __ip_vs_get_out_rt+0x403/0x21d0 net/netfilter/ipvs/ip_vs_xmit.c:330\n ip_vs_tunnel_xmit+0x205/0x2380 net/netfilter/ipvs/ip_vs_xmit.c:1136\n ip_vs_in_hook+0x1aa5/0x35b0 net/netfilter/ipvs/ip_vs_core.c:2063\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf7/0x400 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n __ip_local_out+0x758/0x7e0 net/ipv4/ip_output.c:118\n ip_local_out net/ipv4/ip_output.c:127 [inline]\n ip_send_skb+0x6a/0x3c0 net/ipv4/ip_output.c:1501\n udp_send_skb+0xfda/0x1b70 net/ipv4/udp.c:1195\n udp_sendmsg+0x2fe3/0x33c0 net/ipv4/udp.c:1483\n inet_sendmsg+0x1fc/0x280 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x267/0x380 net/socket.c:727\n ____sys_sendmsg+0x91b/0xda0 net/socket.c:2566\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2620\n __sys_sendmmsg+0x41d/0x880 net/socket.c:2702\n __compat_sys_sendmmsg net/compat.c:360 [inline]\n __do_compat_sys_sendmmsg net/compat.c:367 [inline]\n __se_compat_sys_sendmmsg net/compat.c:364 [inline]\n __ia32_compat_sys_sendmmsg+0xc8/0x140 net/compat.c:364\n ia32_sys_call+0x3ffa/0x41f0 arch/x86/include/generated/asm/syscalls_32.h:346\n do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline]\n __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/syscall_32.c:306\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:331\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:369\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4167 [inline]\n slab_alloc_node mm/slub.c:4210 [inline]\n __kmalloc_cache_noprof+0x8fa/0xe00 mm/slub.c:4367\n kmalloc_noprof include/linux/slab.h:905 [inline]\n ip_vs_dest_dst_alloc net/netfilter/ipvs/ip_vs_xmit.c:61 [inline]\n __ip_vs_get_out_rt+0x35d/0x21d0 net/netfilter/ipvs/ip_vs_xmit.c:323\n ip_vs_tunnel_xmit+0x205/0x2380 net/netfilter/ipvs/ip_vs_xmit.c:1136\n ip_vs_in_hook+0x1aa5/0x35b0 net/netfilter/ipvs/ip_vs_core.c:2063\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf7/0x400 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n __ip_local_out+0x758/0x7e0 net/ipv4/ip_output.c:118\n ip_local_out net/ipv4/ip_output.c:127 [inline]\n ip_send_skb+0x6a/0x3c0 net/ipv4/ip_output.c:1501\n udp_send_skb+0xfda/0x1b70 net/ipv4/udp.c:1195\n udp_sendmsg+0x2fe3/0x33c0 net/ipv4/udp.c:1483\n inet_sendmsg+0x1fc/0x280 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x267/0x380 net/socket.c:727\n ____sys_sendmsg+0x91b/0xda0 net/socket.c:2566\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2620\n __sys_sendmmsg+0x41d/0x880 net/socket.c:2702\n __compat_sys_sendmmsg net/compat.c:360 [inline]\n __do_compat_sys_sendmmsg net/compat.c:367 [inline]\n __se_compat_sys_sendmmsg net/compat.c:364 [inline]\n __ia32_compat_sys_sendmmsg+0xc8/0x140 net/compat.c:364\n ia32_sys_call+0x3ffa/0x41f0 arch/x86/include/generated/asm/syscalls_32.h:346\n do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline]\n __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/syscall_32.c:306\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:331\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:369\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n\nCPU: 0 UID: 0 PID: 22408 Comm: syz.4.5165 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(undef)\nHardware name: Google Google Compute Engi\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37961",
"url": "https://www.suse.com/security/cve/CVE-2025-37961"
},
{
"category": "external",
"summary": "SUSE Bug 1243523 for CVE-2025-37961",
"url": "https://bugzilla.suse.com/1243523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37961"
},
{
"cve": "CVE-2025-37963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Only mitigate cBPF programs loaded by unprivileged users\n\nSupport for eBPF programs loaded by unprivileged users is typically\ndisabled. This means only cBPF programs need to be mitigated for BHB.\n\nIn addition, only mitigate cBPF programs that were loaded by an\nunprivileged user. Privileged users can also load the same program\nvia eBPF, making the mitigation pointless.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37963",
"url": "https://www.suse.com/security/cve/CVE-2025-37963"
},
{
"category": "external",
"summary": "SUSE Bug 1243660 for CVE-2025-37963",
"url": "https://bugzilla.suse.com/1243660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "low"
}
],
"title": "CVE-2025-37963"
},
{
"cve": "CVE-2025-37965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix invalid context error in dml helper\n\n[Why]\n\"BUG: sleeping function called from invalid context\" error.\nafter:\n\"drm/amd/display: Protect FPU in dml2_validate()/dml21_validate()\"\n\nThe populate_dml_plane_cfg_from_plane_state() uses the GFP_KERNEL flag\nfor memory allocation, which shouldn\u0027t be used in atomic contexts.\n\nThe allocation is needed only for using another helper function\nget_scaler_data_for_plane().\n\n[How]\nModify helpers to pass a pointer to scaler_data within existing context,\neliminating the need for dynamic memory allocation/deallocation\nand copying.\n\n(cherry picked from commit bd3e84bc98f81b44f2c43936bdadc3241d654259)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37965",
"url": "https://www.suse.com/security/cve/CVE-2025-37965"
},
{
"category": "external",
"summary": "SUSE Bug 1244174 for CVE-2025-37965",
"url": "https://bugzilla.suse.com/1244174"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37965"
},
{
"cve": "CVE-2025-37967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37967"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: displayport: Fix deadlock\n\nThis patch introduces the ucsi_con_mutex_lock / ucsi_con_mutex_unlock\nfunctions to the UCSI driver. ucsi_con_mutex_lock ensures the connector\nmutex is only locked if a connection is established and the partner pointer\nis valid. This resolves a deadlock scenario where\nucsi_displayport_remove_partner holds con-\u003emutex waiting for\ndp_altmode_work to complete while dp_altmode_work attempts to acquire it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37967",
"url": "https://www.suse.com/security/cve/CVE-2025-37967"
},
{
"category": "external",
"summary": "SUSE Bug 1243572 for CVE-2025-37967",
"url": "https://bugzilla.suse.com/1243572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37967"
},
{
"cve": "CVE-2025-37968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: opt3001: fix deadlock due to concurrent flag access\n\nThe threaded IRQ function in this driver is reading the flag twice: once to\nlock a mutex and once to unlock it. Even though the code setting the flag\nis designed to prevent it, there are subtle cases where the flag could be\ntrue at the mutex_lock stage and false at the mutex_unlock stage. This\nresults in the mutex not being unlocked, resulting in a deadlock.\n\nFix it by making the opt3001_irq() code generally more robust, reading the\nflag into a variable and using the variable value at both stages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37968",
"url": "https://www.suse.com/security/cve/CVE-2025-37968"
},
{
"category": "external",
"summary": "SUSE Bug 1243571 for CVE-2025-37968",
"url": "https://bugzilla.suse.com/1243571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37968"
},
{
"cve": "CVE-2025-37969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo\n\nPrevent st_lsm6dsx_read_tagged_fifo from falling in an infinite loop in\ncase pattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37969",
"url": "https://www.suse.com/security/cve/CVE-2025-37969"
},
{
"category": "external",
"summary": "SUSE Bug 1243574 for CVE-2025-37969",
"url": "https://bugzilla.suse.com/1243574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37969"
},
{
"cve": "CVE-2025-37970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo\n\nPrevent st_lsm6dsx_read_fifo from falling in an infinite loop in case\npattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37970",
"url": "https://www.suse.com/security/cve/CVE-2025-37970"
},
{
"category": "external",
"summary": "SUSE Bug 1243575 for CVE-2025-37970",
"url": "https://bugzilla.suse.com/1243575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37970"
},
{
"cve": "CVE-2025-37972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: mtk-pmic-keys - fix possible null pointer dereference\n\nIn mtk_pmic_keys_probe, the regs parameter is only set if the button is\nparsed in the device tree. However, on hardware where the button is left\nfloating, that node will most likely be removed not to enable that\ninput. In that case the code will try to dereference a null pointer.\n\nLet\u0027s use the regs struct instead as it is defined for all supported\nplatforms. Note that it is ok setting the key reg even if that latter is\ndisabled as the interrupt won\u0027t be enabled anyway.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37972",
"url": "https://www.suse.com/security/cve/CVE-2025-37972"
},
{
"category": "external",
"summary": "SUSE Bug 1243573 for CVE-2025-37972",
"url": "https://bugzilla.suse.com/1243573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37972"
},
{
"cve": "CVE-2025-37973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation\n\nCurrently during the multi-link element defragmentation process, the\nmulti-link element length added to the total IEs length when calculating\nthe length of remaining IEs after the multi-link element in\ncfg80211_defrag_mle(). This could lead to out-of-bounds access if the\nmulti-link element or its corresponding fragment elements are the last\nelements in the IEs buffer.\n\nTo address this issue, correctly calculate the remaining IEs length by\ndeducting the multi-link element end offset from total IEs end offset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37973",
"url": "https://www.suse.com/security/cve/CVE-2025-37973"
},
{
"category": "external",
"summary": "SUSE Bug 1244172 for CVE-2025-37973",
"url": "https://bugzilla.suse.com/1244172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37973"
},
{
"cve": "CVE-2025-37978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: integrity: Do not call set_page_dirty_lock()\n\nPlacing multiple protection information buffers inside the same page\ncan lead to oopses because set_page_dirty_lock() can\u0027t be called from\ninterrupt context.\n\nSince a protection information buffer is not backed by a file there is\nno point in setting its page dirty, there is nothing to synchronize.\nDrop the call to set_page_dirty_lock() and remove the last argument to\nbio_integrity_unpin_bvec().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37978",
"url": "https://www.suse.com/security/cve/CVE-2025-37978"
},
{
"category": "external",
"summary": "SUSE Bug 1243516 for CVE-2025-37978",
"url": "https://bugzilla.suse.com/1243516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37978"
},
{
"cve": "CVE-2025-37979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: Fix sc7280 lpass potential buffer overflow\n\nCase values introduced in commit\n5f78e1fb7a3e (\"ASoC: qcom: Add driver support for audioreach solution\")\ncause out of bounds access in arrays of sc7280 driver data (e.g. in case\nof RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()).\n\nRedefine LPASS_MAX_PORTS to consider the maximum possible port id for\nq6dsp as sc7280 driver utilizes some of those values.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37979",
"url": "https://www.suse.com/security/cve/CVE-2025-37979"
},
{
"category": "external",
"summary": "SUSE Bug 1243545 for CVE-2025-37979",
"url": "https://bugzilla.suse.com/1243545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37979"
},
{
"cve": "CVE-2025-37980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix resource leak in blk_register_queue() error path\n\nWhen registering a queue fails after blk_mq_sysfs_register() is\nsuccessful but the function later encounters an error, we need\nto clean up the blk_mq_sysfs resources.\n\nAdd the missing blk_mq_sysfs_unregister() call in the error path\nto properly clean up these resources and prevent a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37980",
"url": "https://www.suse.com/security/cve/CVE-2025-37980"
},
{
"category": "external",
"summary": "SUSE Bug 1243522 for CVE-2025-37980",
"url": "https://bugzilla.suse.com/1243522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37980"
},
{
"cve": "CVE-2025-37981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: smartpqi: Use is_kdump_kernel() to check for kdump\n\nThe smartpqi driver checks the reset_devices variable to determine\nwhether special adjustments need to be made for kdump. This has the\neffect that after a regular kexec reboot, some driver parameters such as\nmax_transfer_size are much lower than usual. More importantly, kexec\nreboot tests have revealed memory corruption caused by the driver log\nbeing written to system memory after a kexec.\n\nFix this by testing is_kdump_kernel() rather than reset_devices where\nappropriate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37981",
"url": "https://www.suse.com/security/cve/CVE-2025-37981"
},
{
"category": "external",
"summary": "SUSE Bug 1243514 for CVE-2025-37981",
"url": "https://bugzilla.suse.com/1243514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37981"
},
{
"cve": "CVE-2025-37982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wl1251: fix memory leak in wl1251_tx_work\n\nThe skb dequeued from tx_queue is lost when wl1251_ps_elp_wakeup fails\nwith a -ETIMEDOUT error. Fix that by queueing the skb back to tx_queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37982",
"url": "https://www.suse.com/security/cve/CVE-2025-37982"
},
{
"category": "external",
"summary": "SUSE Bug 1243524 for CVE-2025-37982",
"url": "https://bugzilla.suse.com/1243524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37982"
},
{
"cve": "CVE-2025-37983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqibfs: fix _another_ leak\n\nfailure to allocate inode =\u003e leaked dentry...\n\nthis one had been there since the initial merge; to be fair,\nif we are that far OOM, the odds of failing at that particular\nallocation are low...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37983",
"url": "https://www.suse.com/security/cve/CVE-2025-37983"
},
{
"category": "external",
"summary": "SUSE Bug 1243567 for CVE-2025-37983",
"url": "https://bugzilla.suse.com/1243567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37983"
},
{
"cve": "CVE-2025-37985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: wdm: close race between wdm_open and wdm_wwan_port_stop\n\nClearing WDM_WWAN_IN_USE must be the last action or\nwe can open a chardev whose URBs are still poisoned",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37985",
"url": "https://www.suse.com/security/cve/CVE-2025-37985"
},
{
"category": "external",
"summary": "SUSE Bug 1243529 for CVE-2025-37985",
"url": "https://bugzilla.suse.com/1243529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37985"
},
{
"cve": "CVE-2025-37986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Invalidate USB device pointers on partner unregistration\n\nTo avoid using invalid USB device pointers after a Type-C partner\ndisconnects, this patch clears the pointers upon partner unregistration.\nThis ensures a clean state for future connections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37986",
"url": "https://www.suse.com/security/cve/CVE-2025-37986"
},
{
"category": "external",
"summary": "SUSE Bug 1243515 for CVE-2025-37986",
"url": "https://bugzilla.suse.com/1243515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37986"
},
{
"cve": "CVE-2025-37987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37987"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: Prevent possible adminq overflow/stuck condition\n\nThe pds_core\u0027s adminq is protected by the adminq_lock, which prevents\nmore than 1 command to be posted onto it at any one time. This makes it\nso the client drivers cannot simultaneously post adminq commands.\nHowever, the completions happen in a different context, which means\nmultiple adminq commands can be posted sequentially and all waiting\non completion.\n\nOn the FW side, the backing adminq request queue is only 16 entries\nlong and the retry mechanism and/or overflow/stuck prevention is\nlacking. This can cause the adminq to get stuck, so commands are no\nlonger processed and completions are no longer sent by the FW.\n\nAs an initial fix, prevent more than 16 outstanding adminq commands so\nthere\u0027s no way to cause the adminq from getting stuck. This works\nbecause the backing adminq request queue will never have more than 16\npending adminq commands, so it will never overflow. This is done by\nreducing the adminq depth to 16.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37987",
"url": "https://www.suse.com/security/cve/CVE-2025-37987"
},
{
"category": "external",
"summary": "SUSE Bug 1243542 for CVE-2025-37987",
"url": "https://bugzilla.suse.com/1243542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37987"
},
{
"cve": "CVE-2025-37989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: leds: fix memory leak\n\nA network restart test on a router led to an out-of-memory condition,\nwhich was traced to a memory leak in the PHY LED trigger code.\n\nThe root cause is misuse of the devm API. The registration function\n(phy_led_triggers_register) is called from phy_attach_direct, not\nphy_probe, and the unregister function (phy_led_triggers_unregister)\nis called from phy_detach, not phy_remove. This means the register and\nunregister functions can be called multiple times for the same PHY\ndevice, but devm-allocated memory is not freed until the driver is\nunbound.\n\nThis also prevents kmemleak from detecting the leak, as the devm API\ninternally stores the allocated pointer.\n\nFix this by replacing devm_kzalloc/devm_kcalloc with standard\nkzalloc/kcalloc, and add the corresponding kfree calls in the unregister\npath.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37989",
"url": "https://www.suse.com/security/cve/CVE-2025-37989"
},
{
"category": "external",
"summary": "SUSE Bug 1243511 for CVE-2025-37989",
"url": "https://bugzilla.suse.com/1243511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37989"
},
{
"cve": "CVE-2025-37990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()\n\nThe function brcmf_usb_dl_writeimage() calls the function\nbrcmf_usb_dl_cmd() but dose not check its return value. The\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized if the\nfunction brcmf_usb_dl_cmd() fails. It is dangerous to use\nuninitialized variables in the conditions.\n\nAdd error handling for brcmf_usb_dl_cmd() to jump to error\nhandling path if the brcmf_usb_dl_cmd() fails and the\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized.\n\nImprove the error message to report more detailed error\ninformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37990",
"url": "https://www.suse.com/security/cve/CVE-2025-37990"
},
{
"category": "external",
"summary": "SUSE Bug 1243528 for CVE-2025-37990",
"url": "https://bugzilla.suse.com/1243528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37990"
},
{
"cve": "CVE-2025-37992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: Flush gso_skb list too during -\u003echange()\n\nPreviously, when reducing a qdisc\u0027s limit via the -\u003echange() operation, only\nthe main skb queue was trimmed, potentially leaving packets in the gso_skb\nlist. This could result in NULL pointer dereference when we only check\nsch-\u003elimit against sch-\u003eq.qlen.\n\nThis patch introduces a new helper, qdisc_dequeue_internal(), which ensures\nboth the gso_skb list and the main queue are properly flushed when trimming\nexcess packets. All relevant qdiscs (codel, fq, fq_codel, fq_pie, hhf, pie)\nare updated to use this helper in their -\u003echange() routines.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37992",
"url": "https://www.suse.com/security/cve/CVE-2025-37992"
},
{
"category": "external",
"summary": "SUSE Bug 1243698 for CVE-2025-37992",
"url": "https://bugzilla.suse.com/1243698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37992"
},
{
"cve": "CVE-2025-37994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: displayport: Fix NULL pointer access\n\nThis patch ensures that the UCSI driver waits for all pending tasks in the\nucsi_displayport_work workqueue to finish executing before proceeding with\nthe partner removal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37994",
"url": "https://www.suse.com/security/cve/CVE-2025-37994"
},
{
"category": "external",
"summary": "SUSE Bug 1243823 for CVE-2025-37994",
"url": "https://bugzilla.suse.com/1243823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37994"
},
{
"cve": "CVE-2025-37995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmodule: ensure that kobject_put() is safe for module type kobjects\n\nIn \u0027lookup_or_create_module_kobject()\u0027, an internal kobject is created\nusing \u0027module_ktype\u0027. So call to \u0027kobject_put()\u0027 on error handling\npath causes an attempt to use an uninitialized completion pointer in\n\u0027module_kobject_release()\u0027. In this scenario, we just want to release\nkobject without an extra synchronization required for a regular module\nunloading process, so adding an extra check whether \u0027complete()\u0027 is\nactually required makes \u0027kobject_put()\u0027 safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37995",
"url": "https://www.suse.com/security/cve/CVE-2025-37995"
},
{
"category": "external",
"summary": "SUSE Bug 1243827 for CVE-2025-37995",
"url": "https://bugzilla.suse.com/1243827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37995"
},
{
"cve": "CVE-2025-37997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: fix region locking in hash types\n\nRegion locking introduced in v5.6-rc4 contained three macros to handle\nthe region locks: ahash_bucket_start(), ahash_bucket_end() which gave\nback the start and end hash bucket values belonging to a given region\nlock and ahash_region() which should give back the region lock belonging\nto a given hash bucket. The latter was incorrect which can lead to a\nrace condition between the garbage collector and adding new elements\nwhen a hash type of set is defined with timeouts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37997",
"url": "https://www.suse.com/security/cve/CVE-2025-37997"
},
{
"category": "external",
"summary": "SUSE Bug 1243832 for CVE-2025-37997",
"url": "https://bugzilla.suse.com/1243832"
},
{
"category": "external",
"summary": "SUSE Bug 1245774 for CVE-2025-37997",
"url": "https://bugzilla.suse.com/1245774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "important"
}
],
"title": "CVE-2025-37997"
},
{
"cve": "CVE-2025-37998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: Fix unsafe attribute parsing in output_userspace()\n\nThis patch replaces the manual Netlink attribute iteration in\noutput_userspace() with nla_for_each_nested(), which ensures that only\nwell-formed attributes are processed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37998",
"url": "https://www.suse.com/security/cve/CVE-2025-37998"
},
{
"category": "external",
"summary": "SUSE Bug 1243836 for CVE-2025-37998",
"url": "https://bugzilla.suse.com/1243836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "low"
}
],
"title": "CVE-2025-37998"
},
{
"cve": "CVE-2025-38000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38000"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()\n\nWhen enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the\nchild qdisc\u0027s peek() operation before incrementing sch-\u003eq.qlen and\nsch-\u003eqstats.backlog. If the child qdisc uses qdisc_peek_dequeued(), this may\ntrigger an immediate dequeue and potential packet drop. In such cases,\nqdisc_tree_reduce_backlog() is called, but the HFSC qdisc\u0027s qlen and backlog\nhave not yet been updated, leading to inconsistent queue accounting. This\ncan leave an empty HFSC class in the active list, causing further\nconsequences like use-after-free.\n\nThis patch fixes the bug by moving the increment of sch-\u003eq.qlen and\nsch-\u003eqstats.backlog before the call to the child qdisc\u0027s peek() operation.\nThis ensures that queue length and backlog are always accurate when packet\ndrops or dequeues are triggered during the peek.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38000",
"url": "https://www.suse.com/security/cve/CVE-2025-38000"
},
{
"category": "external",
"summary": "SUSE Bug 1244277 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "external",
"summary": "SUSE Bug 1245775 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1245775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "important"
}
],
"title": "CVE-2025-38000"
},
{
"cve": "CVE-2025-38001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Address reentrant enqueue adding class to eltree twice\n\nSavino says:\n \"We are writing to report that this recent patch\n (141d34391abbb315d68556b7c67ad97885407547) [1]\n can be bypassed, and a UAF can still occur when HFSC is utilized with\n NETEM.\n\n The patch only checks the cl-\u003ecl_nactive field to determine whether\n it is the first insertion or not [2], but this field is only\n incremented by init_vf [3].\n\n By using HFSC_RSC (which uses init_ed) [4], it is possible to bypass the\n check and insert the class twice in the eltree.\n Under normal conditions, this would lead to an infinite loop in\n hfsc_dequeue for the reasons we already explained in this report [5].\n\n However, if TBF is added as root qdisc and it is configured with a\n very low rate,\n it can be utilized to prevent packets from being dequeued.\n This behavior can be exploited to perform subsequent insertions in the\n HFSC eltree and cause a UAF.\"\n\nTo fix both the UAF and the infinite loop, with netem as an hfsc child,\ncheck explicitly in hfsc_enqueue whether the class is already in the eltree\nwhenever the HFSC_RSC flag is set.\n\n[1] https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=141d34391abbb315d68556b7c67ad97885407547\n[2] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L1572\n[3] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L677\n[4] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L1574\n[5] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/T/#u",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38001",
"url": "https://www.suse.com/security/cve/CVE-2025-38001"
},
{
"category": "external",
"summary": "SUSE Bug 1244234 for CVE-2025-38001",
"url": "https://bugzilla.suse.com/1244234"
},
{
"category": "external",
"summary": "SUSE Bug 1244235 for CVE-2025-38001",
"url": "https://bugzilla.suse.com/1244235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "important"
}
],
"title": "CVE-2025-38001"
},
{
"cve": "CVE-2025-38003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38003"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: add missing rcu read protection for procfs content\n\nWhen the procfs content is generated for a bcm_op which is in the process\nto be removed the procfs output might show unreliable data (UAF).\n\nAs the removal of bcm_op\u0027s is already implemented with rcu handling this\npatch adds the missing rcu_read_lock() and makes sure the list entries\nare properly removed under rcu protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38003",
"url": "https://www.suse.com/security/cve/CVE-2025-38003"
},
{
"category": "external",
"summary": "SUSE Bug 1244275 for CVE-2025-38003",
"url": "https://bugzilla.suse.com/1244275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38003"
},
{
"cve": "CVE-2025-38004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: add locking for bcm_op runtime updates\n\nThe CAN broadcast manager (CAN BCM) can send a sequence of CAN frames via\nhrtimer. The content and also the length of the sequence can be changed\nresp reduced at runtime where the \u0027currframe\u0027 counter is then set to zero.\n\nAlthough this appeared to be a safe operation the updates of \u0027currframe\u0027\ncan be triggered from user space and hrtimer context in bcm_can_tx().\nAnderson Nascimento created a proof of concept that triggered a KASAN\nslab-out-of-bounds read access which can be prevented with a spin_lock_bh.\n\nAt the rework of bcm_can_tx() the \u0027count\u0027 variable has been moved into\nthe protected section as this variable can be modified from both contexts\ntoo.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38004",
"url": "https://www.suse.com/security/cve/CVE-2025-38004"
},
{
"category": "external",
"summary": "SUSE Bug 1244274 for CVE-2025-38004",
"url": "https://bugzilla.suse.com/1244274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38004"
},
{
"cve": "CVE-2025-38005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: k3-udma: Add missing locking\n\nRecent kernels complain about a missing lock in k3-udma.c when the lock\nvalidator is enabled:\n\n[ 4.128073] WARNING: CPU: 0 PID: 746 at drivers/dma/ti/../virt-dma.h:169 udma_start.isra.0+0x34/0x238\n[ 4.137352] CPU: 0 UID: 0 PID: 746 Comm: kworker/0:3 Not tainted 6.12.9-arm64 #28\n[ 4.144867] Hardware name: pp-v12 (DT)\n[ 4.148648] Workqueue: events udma_check_tx_completion\n[ 4.153841] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 4.160834] pc : udma_start.isra.0+0x34/0x238\n[ 4.165227] lr : udma_start.isra.0+0x30/0x238\n[ 4.169618] sp : ffffffc083cabcf0\n[ 4.172963] x29: ffffffc083cabcf0 x28: 0000000000000000 x27: ffffff800001b005\n[ 4.180167] x26: ffffffc0812f0000 x25: 0000000000000000 x24: 0000000000000000\n[ 4.187370] x23: 0000000000000001 x22: 00000000e21eabe9 x21: ffffff8000fa0670\n[ 4.194571] x20: ffffff8001b6bf00 x19: ffffff8000fa0430 x18: ffffffc083b95030\n[ 4.201773] x17: 0000000000000000 x16: 00000000f0000000 x15: 0000000000000048\n[ 4.208976] x14: 0000000000000048 x13: 0000000000000000 x12: 0000000000000001\n[ 4.216179] x11: ffffffc08151a240 x10: 0000000000003ea1 x9 : ffffffc08046ab68\n[ 4.223381] x8 : ffffffc083cabac0 x7 : ffffffc081df3718 x6 : 0000000000029fc8\n[ 4.230583] x5 : ffffffc0817ee6d8 x4 : 0000000000000bc0 x3 : 0000000000000000\n[ 4.237784] x2 : 0000000000000000 x1 : 00000000001fffff x0 : 0000000000000000\n[ 4.244986] Call trace:\n[ 4.247463] udma_start.isra.0+0x34/0x238\n[ 4.251509] udma_check_tx_completion+0xd0/0xdc\n[ 4.256076] process_one_work+0x244/0x3fc\n[ 4.260129] process_scheduled_works+0x6c/0x74\n[ 4.264610] worker_thread+0x150/0x1dc\n[ 4.268398] kthread+0xd8/0xe8\n[ 4.271492] ret_from_fork+0x10/0x20\n[ 4.275107] irq event stamp: 220\n[ 4.278363] hardirqs last enabled at (219): [\u003cffffffc080a27c7c\u003e] _raw_spin_unlock_irq+0x38/0x50\n[ 4.287183] hardirqs last disabled at (220): [\u003cffffffc080a1c154\u003e] el1_dbg+0x24/0x50\n[ 4.294879] softirqs last enabled at (182): [\u003cffffffc080037e68\u003e] handle_softirqs+0x1c0/0x3cc\n[ 4.303437] softirqs last disabled at (177): [\u003cffffffc080010170\u003e] __do_softirq+0x1c/0x28\n[ 4.311559] ---[ end trace 0000000000000000 ]---\n\nThis commit adds the missing locking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38005",
"url": "https://www.suse.com/security/cve/CVE-2025-38005"
},
{
"category": "external",
"summary": "SUSE Bug 1244727 for CVE-2025-38005",
"url": "https://bugzilla.suse.com/1244727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38005"
},
{
"cve": "CVE-2025-38007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: uclogic: Add NULL check in uclogic_input_configured()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nuclogic_input_configured() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38007",
"url": "https://www.suse.com/security/cve/CVE-2025-38007"
},
{
"category": "external",
"summary": "SUSE Bug 1244938 for CVE-2025-38007",
"url": "https://bugzilla.suse.com/1244938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38007"
},
{
"cve": "CVE-2025-38009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: disable napi on driver removal\n\nA warning on driver removal started occurring after commit 9dd05df8403b\n(\"net: warn if NAPI instance wasn\u0027t shut down\"). Disable tx napi before\ndeleting it in mt76_dma_cleanup().\n\n WARNING: CPU: 4 PID: 18828 at net/core/dev.c:7288 __netif_napi_del_locked+0xf0/0x100\n CPU: 4 UID: 0 PID: 18828 Comm: modprobe Not tainted 6.15.0-rc4 #4 PREEMPT(lazy)\n Hardware name: ASUS System Product Name/PRIME X670E-PRO WIFI, BIOS 3035 09/05/2024\n RIP: 0010:__netif_napi_del_locked+0xf0/0x100\n Call Trace:\n \u003cTASK\u003e\n mt76_dma_cleanup+0x54/0x2f0 [mt76]\n mt7921_pci_remove+0xd5/0x190 [mt7921e]\n pci_device_remove+0x47/0xc0\n device_release_driver_internal+0x19e/0x200\n driver_detach+0x48/0x90\n bus_remove_driver+0x6d/0xf0\n pci_unregister_driver+0x2e/0xb0\n __do_sys_delete_module.isra.0+0x197/0x2e0\n do_syscall_64+0x7b/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nTested with mt7921e but the same pattern can be actually applied to other\nmt76 drivers calling mt76_dma_cleanup() during removal. Tx napi is enabled\nin their *_dma_init() functions and only toggled off and on again inside\ntheir suspend/resume/reset paths. So it should be okay to disable tx\nnapi in such a generic way.\n\nFound by Linux Verification Center (linuxtesting.org).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38009",
"url": "https://www.suse.com/security/cve/CVE-2025-38009"
},
{
"category": "external",
"summary": "SUSE Bug 1244995 for CVE-2025-38009",
"url": "https://bugzilla.suse.com/1244995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "low"
}
],
"title": "CVE-2025-38009"
},
{
"cve": "CVE-2025-38010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: tegra: xusb: Use a bitmask for UTMI pad power state tracking\n\nThe current implementation uses bias_pad_enable as a reference count to\nmanage the shared bias pad for all UTMI PHYs. However, during system\nsuspension with connected USB devices, multiple power-down requests for\nthe UTMI pad result in a mismatch in the reference count, which in turn\nproduces warnings such as:\n\n[ 237.762967] WARNING: CPU: 10 PID: 1618 at tegra186_utmi_pad_power_down+0x160/0x170\n[ 237.763103] Call trace:\n[ 237.763104] tegra186_utmi_pad_power_down+0x160/0x170\n[ 237.763107] tegra186_utmi_phy_power_off+0x10/0x30\n[ 237.763110] phy_power_off+0x48/0x100\n[ 237.763113] tegra_xusb_enter_elpg+0x204/0x500\n[ 237.763119] tegra_xusb_suspend+0x48/0x140\n[ 237.763122] platform_pm_suspend+0x2c/0xb0\n[ 237.763125] dpm_run_callback.isra.0+0x20/0xa0\n[ 237.763127] __device_suspend+0x118/0x330\n[ 237.763129] dpm_suspend+0x10c/0x1f0\n[ 237.763130] dpm_suspend_start+0x88/0xb0\n[ 237.763132] suspend_devices_and_enter+0x120/0x500\n[ 237.763135] pm_suspend+0x1ec/0x270\n\nThe root cause was traced back to the dynamic power-down changes\nintroduced in commit a30951d31b25 (\"xhci: tegra: USB2 pad power controls\"),\nwhere the UTMI pad was being powered down without verifying its current\nstate. This unbalanced behavior led to discrepancies in the reference\ncount.\n\nTo rectify this issue, this patch replaces the single reference counter\nwith a bitmask, renamed to utmi_pad_enabled. Each bit in the mask\ncorresponds to one of the four USB2 PHYs, allowing us to track each pad\u0027s\nenablement status individually.\n\nWith this change:\n - The bias pad is powered on only when the mask is clear.\n - Each UTMI pad is powered on or down based on its corresponding bit\n in the mask, preventing redundant operations.\n - The overall power state of the shared bias pad is maintained\n correctly during suspend/resume cycles.\n\nThe mutex used to prevent race conditions during UTMI pad enable/disable\noperations has been moved from the tegra186_utmi_bias_pad_power_on/off\nfunctions to the parent functions tegra186_utmi_pad_power_on/down. This\nchange ensures that there are no race conditions when updating the bitmask.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38010",
"url": "https://www.suse.com/security/cve/CVE-2025-38010"
},
{
"category": "external",
"summary": "SUSE Bug 1244996 for CVE-2025-38010",
"url": "https://bugzilla.suse.com/1244996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "low"
}
],
"title": "CVE-2025-38010"
},
{
"cve": "CVE-2025-38011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: csa unmap use uninterruptible lock\n\nAfter process exit to unmap csa and free GPU vm, if signal is accepted\nand then waiting to take vm lock is interrupted and return, it causes\nmemory leaking and below warning backtrace.\n\nChange to use uninterruptible wait lock fix the issue.\n\nWARNING: CPU: 69 PID: 167800 at amd/amdgpu/amdgpu_kms.c:1525\n amdgpu_driver_postclose_kms+0x294/0x2a0 [amdgpu]\n Call Trace:\n \u003cTASK\u003e\n drm_file_free.part.0+0x1da/0x230 [drm]\n drm_close_helper.isra.0+0x65/0x70 [drm]\n drm_release+0x6a/0x120 [drm]\n amdgpu_drm_release+0x51/0x60 [amdgpu]\n __fput+0x9f/0x280\n ____fput+0xe/0x20\n task_work_run+0x67/0xa0\n do_exit+0x217/0x3c0\n do_group_exit+0x3b/0xb0\n get_signal+0x14a/0x8d0\n arch_do_signal_or_restart+0xde/0x100\n exit_to_user_mode_loop+0xc1/0x1a0\n exit_to_user_mode_prepare+0xf4/0x100\n syscall_exit_to_user_mode+0x17/0x40\n do_syscall_64+0x69/0xc0\n\n(cherry picked from commit 7dbbfb3c171a6f63b01165958629c9c26abf38ab)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38011",
"url": "https://www.suse.com/security/cve/CVE-2025-38011"
},
{
"category": "external",
"summary": "SUSE Bug 1244729 for CVE-2025-38011",
"url": "https://bugzilla.suse.com/1244729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38011"
},
{
"cve": "CVE-2025-38013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request\n\nMake sure that n_channels is set after allocating the\nstruct cfg80211_registered_device::int_scan_req member. Seen with\nsyzkaller:\n\nUBSAN: array-index-out-of-bounds in net/mac80211/scan.c:1208:5\nindex 0 is out of range for type \u0027struct ieee80211_channel *[] __counted_by(n_channels)\u0027 (aka \u0027struct ieee80211_channel *[]\u0027)\n\nThis was missed in the initial conversions because I failed to locate\nthe allocation likely due to the \"sizeof(void *)\" not matching the\n\"channels\" array type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38013",
"url": "https://www.suse.com/security/cve/CVE-2025-38013"
},
{
"category": "external",
"summary": "SUSE Bug 1244731 for CVE-2025-38013",
"url": "https://bugzilla.suse.com/1244731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38013"
},
{
"cve": "CVE-2025-38014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Refactor remove call with idxd_cleanup() helper\n\nThe idxd_cleanup() helper cleans up perfmon, interrupts, internals and\nso on. Refactor remove call with the idxd_cleanup() helper to avoid code\nduplication. Note, this also fixes the missing put_device() for idxd\ngroups, enginces and wqs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38014",
"url": "https://www.suse.com/security/cve/CVE-2025-38014"
},
{
"category": "external",
"summary": "SUSE Bug 1244732 for CVE-2025-38014",
"url": "https://bugzilla.suse.com/1244732"
},
{
"category": "external",
"summary": "SUSE Bug 1244733 for CVE-2025-38014",
"url": "https://bugzilla.suse.com/1244733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38014"
},
{
"cve": "CVE-2025-38015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: fix memory leak in error handling path of idxd_alloc\n\nMemory allocated for idxd is not freed if an error occurs during\nidxd_alloc(). To fix it, free the allocated memory in the reverse order\nof allocation before exiting the function in case of an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38015",
"url": "https://www.suse.com/security/cve/CVE-2025-38015"
},
{
"category": "external",
"summary": "SUSE Bug 1244789 for CVE-2025-38015",
"url": "https://bugzilla.suse.com/1244789"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38015"
},
{
"cve": "CVE-2025-38018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: fix kernel panic when alloc_page failed\n\nWe cannot set frag_list to NULL pointer when alloc_page failed.\nIt will be used in tls_strp_check_queue_ok when the next time\ntls_strp_read_sock is called.\n\nThis is because we don\u0027t reset full_len in tls_strp_flush_anchor_copy()\nso the recv path will try to continue handling the partial record\non the next call but we dettached the rcvq from the frag list.\nAlternative fix would be to reset full_len.\n\nUnable to handle kernel NULL pointer dereference\nat virtual address 0000000000000028\n Call trace:\n tls_strp_check_rcv+0x128/0x27c\n tls_strp_data_ready+0x34/0x44\n tls_data_ready+0x3c/0x1f0\n tcp_data_ready+0x9c/0xe4\n tcp_data_queue+0xf6c/0x12d0\n tcp_rcv_established+0x52c/0x798",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38018",
"url": "https://www.suse.com/security/cve/CVE-2025-38018"
},
{
"category": "external",
"summary": "SUSE Bug 1244999 for CVE-2025-38018",
"url": "https://bugzilla.suse.com/1244999"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38018"
},
{
"cve": "CVE-2025-38020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Disable MACsec offload for uplink representor profile\n\nMACsec offload is not supported in switchdev mode for uplink\nrepresentors. When switching to the uplink representor profile, the\nMACsec offload feature must be cleared from the netdevice\u0027s features.\n\nIf left enabled, attempts to add offloads result in a null pointer\ndereference, as the uplink representor does not support MACsec offload\neven though the feature bit remains set.\n\nClear NETIF_F_HW_MACSEC in mlx5e_fix_uplink_rep_features().\n\nKernel log:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000000f: 0000 [#1] SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000078-0x000000000000007f]\nCPU: 29 UID: 0 PID: 4714 Comm: ip Not tainted 6.14.0-rc4_for_upstream_debug_2025_03_02_17_35 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nRIP: 0010:__mutex_lock+0x128/0x1dd0\nCode: d0 7c 08 84 d2 0f 85 ad 15 00 00 8b 35 91 5c fe 03 85 f6 75 29 49 8d 7e 60 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 a6 15 00 00 4d 3b 76 60 0f 85 fd 0b 00 00 65 ff\nRSP: 0018:ffff888147a4f160 EFLAGS: 00010206\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000001\nRDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000078\nRBP: ffff888147a4f2e0 R08: ffffffffa05d2c19 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: 0000000000000018 R15: ffff888152de0000\nFS: 00007f855e27d800(0000) GS:ffff88881ee80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000004e5768 CR3: 000000013ae7c005 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x3d/0xa0\n ? exc_general_protection+0x144/0x220\n ? asm_exc_general_protection+0x22/0x30\n ? mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n ? __mutex_lock+0x128/0x1dd0\n ? lockdep_set_lock_cmp_fn+0x190/0x190\n ? mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n ? mutex_lock_io_nested+0x1ae0/0x1ae0\n ? lock_acquire+0x1c2/0x530\n ? macsec_upd_offload+0x145/0x380\n ? lockdep_hardirqs_on_prepare+0x400/0x400\n ? kasan_save_stack+0x30/0x40\n ? kasan_save_stack+0x20/0x40\n ? kasan_save_track+0x10/0x30\n ? __kasan_kmalloc+0x77/0x90\n ? __kmalloc_noprof+0x249/0x6b0\n ? genl_family_rcv_msg_attrs_parse.constprop.0+0xb5/0x240\n ? mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n ? mlx5e_macsec_add_rxsa+0x11a0/0x11a0 [mlx5_core]\n macsec_update_offload+0x26c/0x820\n ? macsec_set_mac_address+0x4b0/0x4b0\n ? lockdep_hardirqs_on_prepare+0x284/0x400\n ? _raw_spin_unlock_irqrestore+0x47/0x50\n macsec_upd_offload+0x2c8/0x380\n ? macsec_update_offload+0x820/0x820\n ? __nla_parse+0x22/0x30\n ? genl_family_rcv_msg_attrs_parse.constprop.0+0x15e/0x240\n genl_family_rcv_msg_doit+0x1cc/0x2a0\n ? genl_family_rcv_msg_attrs_parse.constprop.0+0x240/0x240\n ? cap_capable+0xd4/0x330\n genl_rcv_msg+0x3ea/0x670\n ? genl_family_rcv_msg_dumpit+0x2a0/0x2a0\n ? lockdep_set_lock_cmp_fn+0x190/0x190\n ? macsec_update_offload+0x820/0x820\n netlink_rcv_skb+0x12b/0x390\n ? genl_family_rcv_msg_dumpit+0x2a0/0x2a0\n ? netlink_ack+0xd80/0xd80\n ? rwsem_down_read_slowpath+0xf90/0xf90\n ? netlink_deliver_tap+0xcd/0xac0\n ? netlink_deliver_tap+0x155/0xac0\n ? _copy_from_iter+0x1bb/0x12c0\n genl_rcv+0x24/0x40\n netlink_unicast+0x440/0x700\n ? netlink_attachskb+0x760/0x760\n ? lock_acquire+0x1c2/0x530\n ? __might_fault+0xbb/0x170\n netlink_sendmsg+0x749/0xc10\n ? netlink_unicast+0x700/0x700\n ? __might_fault+0xbb/0x170\n ? netlink_unicast+0x700/0x700\n __sock_sendmsg+0xc5/0x190\n ____sys_sendmsg+0x53f/0x760\n ? import_iovec+0x7/0x10\n ? kernel_sendmsg+0x30/0x30\n ? __copy_msghdr+0x3c0/0x3c0\n ? filter_irq_stacks+0x90/0x90\n ? stack_depot_save_flags+0x28/0xa30\n ___sys_sen\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38020",
"url": "https://www.suse.com/security/cve/CVE-2025-38020"
},
{
"category": "external",
"summary": "SUSE Bug 1245001 for CVE-2025-38020",
"url": "https://bugzilla.suse.com/1245001"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38020"
},
{
"cve": "CVE-2025-38022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38022"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Fix \"KASAN: slab-use-after-free Read in ib_register_device\" problem\n\nCall Trace:\n\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xc3/0x670 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n strlen+0x93/0xa0 lib/string.c:420\n __fortify_strlen include/linux/fortify-string.h:268 [inline]\n get_kobj_path_length lib/kobject.c:118 [inline]\n kobject_get_path+0x3f/0x2a0 lib/kobject.c:158\n kobject_uevent_env+0x289/0x1870 lib/kobject_uevent.c:545\n ib_register_device drivers/infiniband/core/device.c:1472 [inline]\n ib_register_device+0x8cf/0xe00 drivers/infiniband/core/device.c:1393\n rxe_register_device+0x275/0x320 drivers/infiniband/sw/rxe/rxe_verbs.c:1552\n rxe_net_add+0x8e/0xe0 drivers/infiniband/sw/rxe/rxe_net.c:550\n rxe_newlink+0x70/0x190 drivers/infiniband/sw/rxe/rxe.c:225\n nldev_newlink+0x3a3/0x680 drivers/infiniband/core/nldev.c:1796\n rdma_nl_rcv_msg+0x387/0x6e0 drivers/infiniband/core/netlink.c:195\n rdma_nl_rcv_skb.constprop.0.isra.0+0x2e5/0x450\n netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n netlink_unicast+0x53a/0x7f0 net/netlink/af_netlink.c:1339\n netlink_sendmsg+0x8d1/0xdd0 net/netlink/af_netlink.c:1883\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg net/socket.c:727 [inline]\n ____sys_sendmsg+0xa95/0xc70 net/socket.c:2566\n ___sys_sendmsg+0x134/0x1d0 net/socket.c:2620\n __sys_sendmsg+0x16d/0x220 net/socket.c:2652\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x260 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThis problem is similar to the problem that the\ncommit 1d6a9e7449e2 (\"RDMA/core: Fix use-after-free when rename device name\")\nfixes.\n\nThe root cause is: the function ib_device_rename() renames the name with\nlock. But in the function kobject_uevent(), this name is accessed without\nlock protection at the same time.\n\nThe solution is to add the lock protection when this name is accessed in\nthe function kobject_uevent().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38022",
"url": "https://www.suse.com/security/cve/CVE-2025-38022"
},
{
"category": "external",
"summary": "SUSE Bug 1245003 for CVE-2025-38022",
"url": "https://bugzilla.suse.com/1245003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38022"
},
{
"cve": "CVE-2025-38023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: handle failure of nfs_get_lock_context in unlock path\n\nWhen memory is insufficient, the allocation of nfs_lock_context in\nnfs_get_lock_context() fails and returns -ENOMEM. If we mistakenly treat\nan nfs4_unlockdata structure (whose l_ctx member has been set to -ENOMEM)\nas valid and proceed to execute rpc_run_task(), this will trigger a NULL\npointer dereference in nfs4_locku_prepare. For example:\n\nBUG: kernel NULL pointer dereference, address: 000000000000000c\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] SMP PTI\nCPU: 15 UID: 0 PID: 12 Comm: kworker/u64:0 Not tainted 6.15.0-rc2-dirty #60\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40\nWorkqueue: rpciod rpc_async_schedule\nRIP: 0010:nfs4_locku_prepare+0x35/0xc2\nCode: 89 f2 48 89 fd 48 c7 c7 68 69 ef b5 53 48 8b 8e 90 00 00 00 48 89 f3\nRSP: 0018:ffffbbafc006bdb8 EFLAGS: 00010246\nRAX: 000000000000004b RBX: ffff9b964fc1fa00 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: fffffffffffffff4 RDI: ffff9ba53fddbf40\nRBP: ffff9ba539934000 R08: 0000000000000000 R09: ffffbbafc006bc38\nR10: ffffffffb6b689c8 R11: 0000000000000003 R12: ffff9ba539934030\nR13: 0000000000000001 R14: 0000000004248060 R15: ffffffffb56d1c30\nFS: 0000000000000000(0000) GS:ffff9ba5881f0000(0000) knlGS:00000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000000000000c CR3: 000000093f244000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n __rpc_execute+0xbc/0x480\n rpc_async_schedule+0x2f/0x40\n process_one_work+0x232/0x5d0\n worker_thread+0x1da/0x3d0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x10d/0x240\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nModules linked in:\nCR2: 000000000000000c\n---[ end trace 0000000000000000 ]---\n\nFree the allocated nfs4_unlockdata when nfs_get_lock_context() fails and\nreturn NULL to terminate subsequent rpc_run_task, preventing NULL pointer\ndereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38023",
"url": "https://www.suse.com/security/cve/CVE-2025-38023"
},
{
"category": "external",
"summary": "SUSE Bug 1245004 for CVE-2025-38023",
"url": "https://bugzilla.suse.com/1245004"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38023"
},
{
"cve": "CVE-2025-38024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug\n\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x7d/0xa0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xcf/0x610 mm/kasan/report.c:489\n kasan_report+0xb5/0xe0 mm/kasan/report.c:602\n rxe_queue_cleanup+0xd0/0xe0 drivers/infiniband/sw/rxe/rxe_queue.c:195\n rxe_cq_cleanup+0x3f/0x50 drivers/infiniband/sw/rxe/rxe_cq.c:132\n __rxe_cleanup+0x168/0x300 drivers/infiniband/sw/rxe/rxe_pool.c:232\n rxe_create_cq+0x22e/0x3a0 drivers/infiniband/sw/rxe/rxe_verbs.c:1109\n create_cq+0x658/0xb90 drivers/infiniband/core/uverbs_cmd.c:1052\n ib_uverbs_create_cq+0xc7/0x120 drivers/infiniband/core/uverbs_cmd.c:1095\n ib_uverbs_write+0x969/0xc90 drivers/infiniband/core/uverbs_main.c:679\n vfs_write fs/read_write.c:677 [inline]\n vfs_write+0x26a/0xcc0 fs/read_write.c:659\n ksys_write+0x1b8/0x200 fs/read_write.c:731\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xaa/0x1b0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nIn the function rxe_create_cq, when rxe_cq_from_init fails, the function\nrxe_cleanup will be called to handle the allocated resources. In fact,\nsome memory resources have already been freed in the function\nrxe_cq_from_init. Thus, this problem will occur.\n\nThe solution is to let rxe_cleanup do all the work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38024",
"url": "https://www.suse.com/security/cve/CVE-2025-38024"
},
{
"category": "external",
"summary": "SUSE Bug 1245025 for CVE-2025-38024",
"url": "https://bugzilla.suse.com/1245025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38024"
},
{
"cve": "CVE-2025-38027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38027"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: max20086: fix invalid memory access\n\nmax20086_parse_regulators_dt() calls of_regulator_match() using an\narray of struct of_regulator_match allocated on the stack for the\nmatches argument.\n\nof_regulator_match() calls devm_of_regulator_put_matches(), which calls\ndevres_alloc() to allocate a struct devm_of_regulator_matches which will\nbe de-allocated using devm_of_regulator_put_matches().\n\nstruct devm_of_regulator_matches is populated with the stack allocated\nmatches array.\n\nIf the device fails to probe, devm_of_regulator_put_matches() will be\ncalled and will try to call of_node_put() on that stack pointer,\ngenerating the following dmesg entries:\n\nmax20086 6-0028: Failed to read DEVICE_ID reg: -121\nkobject: \u0027\\xc0$\\xa5\\x03\u0027 (000000002cebcb7a): is not initialized, yet\nkobject_put() is being called.\n\nFollowed by a stack trace matching the call flow described above.\n\nSwitch to allocating the matches array using devm_kcalloc() to\navoid accessing the stack pointer long after it\u0027s out of scope.\n\nThis also has the advantage of allowing multiple max20086 to probe\nwithout overriding the data stored inside the global of_regulator_match.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38027",
"url": "https://www.suse.com/security/cve/CVE-2025-38027"
},
{
"category": "external",
"summary": "SUSE Bug 1245042 for CVE-2025-38027",
"url": "https://bugzilla.suse.com/1245042"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38027"
},
{
"cve": "CVE-2025-38031",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38031"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: do not leak refcount in reorder_work\n\nA recent patch that addressed a UAF introduced a reference count leak:\nthe parallel_data refcount is incremented unconditionally, regardless\nof the return value of queue_work(). If the work item is already queued,\nthe incremented refcount is never decremented.\n\nFix this by checking the return value of queue_work() and decrementing\nthe refcount when necessary.\n\nResolves:\n\nUnreferenced object 0xffff9d9f421e3d80 (size 192):\n comm \"cryptomgr_probe\", pid 157, jiffies 4294694003\n hex dump (first 32 bytes):\n 80 8b cf 41 9f 9d ff ff b8 97 e0 89 ff ff ff ff ...A............\n d0 97 e0 89 ff ff ff ff 19 00 00 00 1f 88 23 00 ..............#.\n backtrace (crc 838fb36):\n __kmalloc_cache_noprof+0x284/0x320\n padata_alloc_pd+0x20/0x1e0\n padata_alloc_shell+0x3b/0xa0\n 0xffffffffc040a54d\n cryptomgr_probe+0x43/0xc0\n kthread+0xf6/0x1f0\n ret_from_fork+0x2f/0x50\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38031",
"url": "https://www.suse.com/security/cve/CVE-2025-38031"
},
{
"category": "external",
"summary": "SUSE Bug 1245046 for CVE-2025-38031",
"url": "https://bugzilla.suse.com/1245046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38031"
},
{
"cve": "CVE-2025-38040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38040"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: mctrl_gpio: split disable_ms into sync and no_sync APIs\n\nThe following splat has been observed on a SAMA5D27 platform using\natmel_serial:\n\nBUG: sleeping function called from invalid context at kernel/irq/manage.c:738\nin_atomic(): 1, irqs_disabled(): 128, non_block: 0, pid: 27, name: kworker/u5:0\npreempt_count: 1, expected: 0\nINFO: lockdep is turned off.\nirq event stamp: 0\nhardirqs last enabled at (0): [\u003c00000000\u003e] 0x0\nhardirqs last disabled at (0): [\u003cc01588f0\u003e] copy_process+0x1c4c/0x7bec\nsoftirqs last enabled at (0): [\u003cc0158944\u003e] copy_process+0x1ca0/0x7bec\nsoftirqs last disabled at (0): [\u003c00000000\u003e] 0x0\nCPU: 0 UID: 0 PID: 27 Comm: kworker/u5:0 Not tainted 6.13.0-rc7+ #74\nHardware name: Atmel SAMA5\nWorkqueue: hci0 hci_power_on [bluetooth]\nCall trace:\n unwind_backtrace from show_stack+0x18/0x1c\n show_stack from dump_stack_lvl+0x44/0x70\n dump_stack_lvl from __might_resched+0x38c/0x598\n __might_resched from disable_irq+0x1c/0x48\n disable_irq from mctrl_gpio_disable_ms+0x74/0xc0\n mctrl_gpio_disable_ms from atmel_disable_ms.part.0+0x80/0x1f4\n atmel_disable_ms.part.0 from atmel_set_termios+0x764/0x11e8\n atmel_set_termios from uart_change_line_settings+0x15c/0x994\n uart_change_line_settings from uart_set_termios+0x2b0/0x668\n uart_set_termios from tty_set_termios+0x600/0x8ec\n tty_set_termios from ttyport_set_flow_control+0x188/0x1e0\n ttyport_set_flow_control from wilc_setup+0xd0/0x524 [hci_wilc]\n wilc_setup [hci_wilc] from hci_dev_open_sync+0x330/0x203c [bluetooth]\n hci_dev_open_sync [bluetooth] from hci_dev_do_open+0x40/0xb0 [bluetooth]\n hci_dev_do_open [bluetooth] from hci_power_on+0x12c/0x664 [bluetooth]\n hci_power_on [bluetooth] from process_one_work+0x998/0x1a38\n process_one_work from worker_thread+0x6e0/0xfb4\n worker_thread from kthread+0x3d4/0x484\n kthread from ret_from_fork+0x14/0x28\n\nThis warning is emitted when trying to toggle, at the highest level,\nsome flow control (with serdev_device_set_flow_control) in a device\ndriver. At the lowest level, the atmel_serial driver is using\nserial_mctrl_gpio lib to enable/disable the corresponding IRQs\naccordingly. The warning emitted by CONFIG_DEBUG_ATOMIC_SLEEP is due to\ndisable_irq (called in mctrl_gpio_disable_ms) being possibly called in\nsome atomic context (some tty drivers perform modem lines configuration\nin regions protected by port lock).\n\nSplit mctrl_gpio_disable_ms into two differents APIs, a non-blocking one\nand a blocking one. Replace mctrl_gpio_disable_ms calls with the\nrelevant version depending on whether the call is protected by some port\nlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38040",
"url": "https://www.suse.com/security/cve/CVE-2025-38040"
},
{
"category": "external",
"summary": "SUSE Bug 1245078 for CVE-2025-38040",
"url": "https://bugzilla.suse.com/1245078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38040"
},
{
"cve": "CVE-2025-38043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_ffa: Set dma_mask for ffa devices\n\nSet dma_mask for FFA devices, otherwise DMA allocation using the device pointer\nlead to following warning:\n\nWARNING: CPU: 1 PID: 1 at kernel/dma/mapping.c:597 dma_alloc_attrs+0xe0/0x124",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38043",
"url": "https://www.suse.com/security/cve/CVE-2025-38043"
},
{
"category": "external",
"summary": "SUSE Bug 1245081 for CVE-2025-38043",
"url": "https://bugzilla.suse.com/1245081"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38043"
},
{
"cve": "CVE-2025-38044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx231xx: set device_caps for 417\n\nThe video_device for the MPEG encoder did not set device_caps.\n\nAdd this, otherwise the video device can\u0027t be registered (you get a\nWARN_ON instead).\n\nNot seen before since currently 417 support is disabled, but I found\nthis while experimenting with it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38044",
"url": "https://www.suse.com/security/cve/CVE-2025-38044"
},
{
"category": "external",
"summary": "SUSE Bug 1245082 for CVE-2025-38044",
"url": "https://bugzilla.suse.com/1245082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38044"
},
{
"cve": "CVE-2025-38045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix debug actions order\n\nThe order of actions taken for debug was implemented incorrectly.\nNow we implemented the dump split and do the FW reset only in the\nmiddle of the dump (rather than the FW killing itself on error.)\nAs a result, some of the actions taken when applying the config\nwill now crash the device, so we need to fix the order.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38045",
"url": "https://www.suse.com/security/cve/CVE-2025-38045"
},
{
"category": "external",
"summary": "SUSE Bug 1245083 for CVE-2025-38045",
"url": "https://bugzilla.suse.com/1245083"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38045"
},
{
"cve": "CVE-2025-38053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix null-ptr-deref in idpf_features_check\n\nidpf_features_check is used to validate the TX packet. skb header\nlength is compared with the hardware supported value received from\nthe device control plane. The value is stored in the adapter structure\nand to access it, vport pointer is used. During reset all the vports\nare released and the vport pointer that the netdev private structure\npoints to is NULL.\n\nTo avoid null-ptr-deref, store the max header length value in netdev\nprivate structure. This also helps to cache the value and avoid\naccessing adapter pointer in hot path.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000068\n...\nRIP: 0010:idpf_features_check+0x6d/0xe0 [idpf]\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x154/0x520\n ? exc_page_fault+0x76/0x190\n ? asm_exc_page_fault+0x26/0x30\n ? idpf_features_check+0x6d/0xe0 [idpf]\n netif_skb_features+0x88/0x310\n validate_xmit_skb+0x2a/0x2b0\n validate_xmit_skb_list+0x4c/0x70\n sch_direct_xmit+0x19d/0x3a0\n __dev_queue_xmit+0xb74/0xe70\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38053",
"url": "https://www.suse.com/security/cve/CVE-2025-38053"
},
{
"category": "external",
"summary": "SUSE Bug 1244746 for CVE-2025-38053",
"url": "https://bugzilla.suse.com/1244746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38053"
},
{
"cve": "CVE-2025-38055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel: Fix segfault with PEBS-via-PT with sample_freq\n\nCurrently, using PEBS-via-PT with a sample frequency instead of a sample\nperiod, causes a segfault. For example:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000195\n \u003cNMI\u003e\n ? __die_body.cold+0x19/0x27\n ? page_fault_oops+0xca/0x290\n ? exc_page_fault+0x7e/0x1b0\n ? asm_exc_page_fault+0x26/0x30\n ? intel_pmu_pebs_event_update_no_drain+0x40/0x60\n ? intel_pmu_pebs_event_update_no_drain+0x32/0x60\n intel_pmu_drain_pebs_icl+0x333/0x350\n handle_pmi_common+0x272/0x3c0\n intel_pmu_handle_irq+0x10a/0x2e0\n perf_event_nmi_handler+0x2a/0x50\n\nThat happens because intel_pmu_pebs_event_update_no_drain() assumes all the\npebs_enabled bits represent counter indexes, which is not always the case.\nIn this particular case, bits 60 and 61 are set for PEBS-via-PT purposes.\n\nThe behaviour of PEBS-via-PT with sample frequency is questionable because\nalthough a PMI is generated (PEBS_PMI_AFTER_EACH_RECORD), the period is not\nadjusted anyway.\n\nPutting that aside, fix intel_pmu_pebs_event_update_no_drain() by passing\nthe mask of counter bits instead of \u0027size\u0027. Note, prior to the Fixes\ncommit, \u0027size\u0027 would be limited to the maximum counter index, so the issue\nwas not hit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38055",
"url": "https://www.suse.com/security/cve/CVE-2025-38055"
},
{
"category": "external",
"summary": "SUSE Bug 1244747 for CVE-2025-38055",
"url": "https://bugzilla.suse.com/1244747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38055"
},
{
"cve": "CVE-2025-38057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nespintcp: fix skb leaks\n\nA few error paths are missing a kfree_skb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38057",
"url": "https://www.suse.com/security/cve/CVE-2025-38057"
},
{
"category": "external",
"summary": "SUSE Bug 1244862 for CVE-2025-38057",
"url": "https://bugzilla.suse.com/1244862"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38057"
},
{
"cve": "CVE-2025-38059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: avoid NULL pointer dereference if no valid csum tree\n\n[BUG]\nWhen trying read-only scrub on a btrfs with rescue=idatacsums mount\noption, it will crash with the following call trace:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000208\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n CPU: 1 UID: 0 PID: 835 Comm: btrfs Tainted: G O 6.15.0-rc3-custom+ #236 PREEMPT(full)\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 02/02/2022\n RIP: 0010:btrfs_lookup_csums_bitmap+0x49/0x480 [btrfs]\n Call Trace:\n \u003cTASK\u003e\n scrub_find_fill_first_stripe+0x35b/0x3d0 [btrfs]\n scrub_simple_mirror+0x175/0x290 [btrfs]\n scrub_stripe+0x5f7/0x6f0 [btrfs]\n scrub_chunk+0x9a/0x150 [btrfs]\n scrub_enumerate_chunks+0x333/0x660 [btrfs]\n btrfs_scrub_dev+0x23e/0x600 [btrfs]\n btrfs_ioctl+0x1dcf/0x2f80 [btrfs]\n __x64_sys_ioctl+0x97/0xc0\n do_syscall_64+0x4f/0x120\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n[CAUSE]\nMount option \"rescue=idatacsums\" will completely skip loading the csum\ntree, so that any data read will not find any data csum thus we will\nignore data checksum verification.\n\nNormally call sites utilizing csum tree will check the fs state flag\nNO_DATA_CSUMS bit, but unfortunately scrub does not check that bit at all.\n\nThis results in scrub to call btrfs_search_slot() on a NULL pointer\nand triggered above crash.\n\n[FIX]\nCheck both extent and csum tree root before doing any tree search.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38059",
"url": "https://www.suse.com/security/cve/CVE-2025-38059"
},
{
"category": "external",
"summary": "SUSE Bug 1244759 for CVE-2025-38059",
"url": "https://bugzilla.suse.com/1244759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38059"
},
{
"cve": "CVE-2025-38060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: copy_verifier_state() should copy \u0027loop_entry\u0027 field\n\nThe bpf_verifier_state.loop_entry state should be copied by\ncopy_verifier_state(). Otherwise, .loop_entry values from unrelated\nstates would poison env-\u003ecur_state.\n\nAdditionally, env-\u003estack should not contain any states with\n.loop_entry != NULL. The states in env-\u003estack are yet to be verified,\nwhile .loop_entry is set for states that reached an equivalent state.\nThis means that env-\u003ecur_state-\u003eloop_entry should always be NULL after\npop_stack().\n\nSee the selftest in the next commit for an example of the program that\nis not safe yet is accepted by verifier w/o this fix.\n\nThis change has some verification performance impact for selftests:\n\nFile Program Insns (A) Insns (B) Insns (DIFF) States (A) States (B) States (DIFF)\n---------------------------------- ---------------------------- --------- --------- -------------- ---------- ---------- -------------\narena_htab.bpf.o arena_htab_llvm 717 426 -291 (-40.59%) 57 37 -20 (-35.09%)\narena_htab_asm.bpf.o arena_htab_asm 597 445 -152 (-25.46%) 47 37 -10 (-21.28%)\narena_list.bpf.o arena_list_del 309 279 -30 (-9.71%) 23 14 -9 (-39.13%)\niters.bpf.o iter_subprog_check_stacksafe 155 141 -14 (-9.03%) 15 14 -1 (-6.67%)\niters.bpf.o iter_subprog_iters 1094 1003 -91 (-8.32%) 88 83 -5 (-5.68%)\niters.bpf.o loop_state_deps2 479 725 +246 (+51.36%) 46 63 +17 (+36.96%)\nkmem_cache_iter.bpf.o open_coded_iter 63 59 -4 (-6.35%) 7 6 -1 (-14.29%)\nverifier_bits_iter.bpf.o max_words 92 84 -8 (-8.70%) 8 7 -1 (-12.50%)\nverifier_iterating_callbacks.bpf.o cond_break2 113 107 -6 (-5.31%) 12 12 +0 (+0.00%)\n\nAnd significant negative impact for sched_ext:\n\nFile Program Insns (A) Insns (B) Insns (DIFF) States (A) States (B) States (DIFF)\n----------------- ---------------------- --------- --------- -------------------- ---------- ---------- ------------------\nbpf.bpf.o lavd_init 7039 14723 +7684 (+109.16%) 490 1139 +649 (+132.45%)\nbpf.bpf.o layered_dispatch 11485 10548 -937 (-8.16%) 848 762 -86 (-10.14%)\nbpf.bpf.o layered_dump 7422 1000001 +992579 (+13373.47%) 681 31178 +30497 (+4478.27%)\nbpf.bpf.o layered_enqueue 16854 71127 +54273 (+322.02%) 1611 6450 +4839 (+300.37%)\nbpf.bpf.o p2dq_dispatch 665 791 +126 (+18.95%) 68 78 +10 (+14.71%)\nbpf.bpf.o p2dq_init 2343 2980 +637 (+27.19%) 201 237 +36 (+17.91%)\nbpf.bpf.o refresh_layer_cpumasks 16487 674760 +658273 (+3992.68%) 1770 65370 +63600 (+3593.22%)\nbpf.bpf.o rusty_select_cpu 1937 40872 +38935 (+2010.07%) 177 3210 +3033 (+1713.56%)\nscx_central.bpf.o central_dispatch 636 2687 +2051 (+322.48%) 63 227 +164 (+260.32%)\nscx_nest.bpf.o nest_init 636 815 +179 (+28.14%) 60 73 +13 (+21.67%)\nscx_qmap.bpf.o qmap_dispatch \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38060",
"url": "https://www.suse.com/security/cve/CVE-2025-38060"
},
{
"category": "external",
"summary": "SUSE Bug 1245155 for CVE-2025-38060",
"url": "https://bugzilla.suse.com/1245155"
},
{
"category": "external",
"summary": "SUSE Bug 1245156 for CVE-2025-38060",
"url": "https://bugzilla.suse.com/1245156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "important"
}
],
"title": "CVE-2025-38060"
},
{
"cve": "CVE-2025-38065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: Do not truncate file size\n\n\u0027len\u0027 is used to store the result of i_size_read(), so making \u0027len\u0027\na size_t results in truncation to 4GiB on 32-bit systems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38065",
"url": "https://www.suse.com/security/cve/CVE-2025-38065"
},
{
"category": "external",
"summary": "SUSE Bug 1244906 for CVE-2025-38065",
"url": "https://bugzilla.suse.com/1244906"
},
{
"category": "external",
"summary": "SUSE Bug 1244907 for CVE-2025-38065",
"url": "https://bugzilla.suse.com/1244907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "important"
}
],
"title": "CVE-2025-38065"
},
{
"cve": "CVE-2025-38068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: lzo - Fix compression buffer overrun\n\nUnlike the decompression code, the compression code in LZO never\nchecked for output overruns. It instead assumes that the caller\nalways provides enough buffer space, disregarding the buffer length\nprovided by the caller.\n\nAdd a safe compression interface that checks for the end of buffer\nbefore each write. Use the safe interface in crypto/lzo.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38068",
"url": "https://www.suse.com/security/cve/CVE-2025-38068"
},
{
"category": "external",
"summary": "SUSE Bug 1245210 for CVE-2025-38068",
"url": "https://bugzilla.suse.com/1245210"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38068"
},
{
"cve": "CVE-2025-38072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibnvdimm/labels: Fix divide error in nd_label_data_init()\n\nIf a faulty CXL memory device returns a broken zero LSA size in its\nmemory device information (Identify Memory Device (Opcode 4000h), CXL\nspec. 3.1, 8.2.9.9.1.1), a divide error occurs in the libnvdimm\ndriver:\n\n Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:nd_label_data_init+0x10e/0x800 [libnvdimm]\n\nCode and flow:\n\n1) CXL Command 4000h returns LSA size = 0\n2) config_size is assigned to zero LSA size (CXL pmem driver):\n\ndrivers/cxl/pmem.c: .config_size = mds-\u003elsa_size,\n\n3) max_xfer is set to zero (nvdimm driver):\n\ndrivers/nvdimm/label.c: max_xfer = min_t(size_t, ndd-\u003ensarea.max_xfer, config_size);\n\n4) A subsequent DIV_ROUND_UP() causes a division by zero:\n\ndrivers/nvdimm/label.c: /* Make our initial read size a multiple of max_xfer size */\ndrivers/nvdimm/label.c: read_size = min(DIV_ROUND_UP(read_size, max_xfer) * max_xfer,\ndrivers/nvdimm/label.c- config_size);\n\nFix this by checking the config size parameter by extending an\nexisting check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38072",
"url": "https://www.suse.com/security/cve/CVE-2025-38072"
},
{
"category": "external",
"summary": "SUSE Bug 1244743 for CVE-2025-38072",
"url": "https://bugzilla.suse.com/1244743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38072"
},
{
"cve": "CVE-2025-38077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store()\n\nIf the \u0027buf\u0027 array received from the user contains an empty string, the\n\u0027length\u0027 variable will be zero. Accessing the \u0027buf\u0027 array element with\nindex \u0027length - 1\u0027 will result in a buffer overflow.\n\nAdd a check for an empty string.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38077",
"url": "https://www.suse.com/security/cve/CVE-2025-38077"
},
{
"category": "external",
"summary": "SUSE Bug 1244736 for CVE-2025-38077",
"url": "https://bugzilla.suse.com/1244736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38077"
},
{
"cve": "CVE-2025-38078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: Fix race of buffer access at PCM OSS layer\n\nThe PCM OSS layer tries to clear the buffer with the silence data at\ninitialization (or reconfiguration) of a stream with the explicit call\nof snd_pcm_format_set_silence() with runtime-\u003edma_area. But this may\nlead to a UAF because the accessed runtime-\u003edma_area might be freed\nconcurrently, as it\u0027s performed outside the PCM ops.\n\nFor avoiding it, move the code into the PCM core and perform it inside\nthe buffer access lock, so that it won\u0027t be changed during the\noperation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38078",
"url": "https://www.suse.com/security/cve/CVE-2025-38078"
},
{
"category": "external",
"summary": "SUSE Bug 1244737 for CVE-2025-38078",
"url": "https://bugzilla.suse.com/1244737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38078"
},
{
"cve": "CVE-2025-38079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_hash - fix double free in hash_accept\n\nIf accept(2) is called on socket type algif_hash with\nMSG_MORE flag set and crypto_ahash_import fails,\nsk2 is freed. However, it is also freed in af_alg_release,\nleading to slab-use-after-free error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38079",
"url": "https://www.suse.com/security/cve/CVE-2025-38079"
},
{
"category": "external",
"summary": "SUSE Bug 1245217 for CVE-2025-38079",
"url": "https://bugzilla.suse.com/1245217"
},
{
"category": "external",
"summary": "SUSE Bug 1245218 for CVE-2025-38079",
"url": "https://bugzilla.suse.com/1245218"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "important"
}
],
"title": "CVE-2025-38079"
},
{
"cve": "CVE-2025-38080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Increase block_sequence array size\n\n[Why]\nIt\u0027s possible to generate more than 50 steps in hwss_build_fast_sequence,\nfor example with a 6-pipe asic where all pipes are in one MPC chain. This\noverflows the block_sequence buffer and corrupts block_sequence_steps,\ncausing a crash.\n\n[How]\nExpand block_sequence to 100 items. A naive upper bound on the possible\nnumber of steps for a 6-pipe asic, ignoring the potential for steps to be\nmutually exclusive, is 91 with current code, therefore 100 is sufficient.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38080",
"url": "https://www.suse.com/security/cve/CVE-2025-38080"
},
{
"category": "external",
"summary": "SUSE Bug 1244738 for CVE-2025-38080",
"url": "https://bugzilla.suse.com/1244738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38080"
},
{
"cve": "CVE-2025-38081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38081"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi-rockchip: Fix register out of bounds access\n\nDo not write native chip select stuff for GPIO chip selects.\nGPIOs can be numbered much higher than native CS.\nAlso, it makes no sense.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38081",
"url": "https://www.suse.com/security/cve/CVE-2025-38081"
},
{
"category": "external",
"summary": "SUSE Bug 1244739 for CVE-2025-38081",
"url": "https://bugzilla.suse.com/1244739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38081"
},
{
"cve": "CVE-2025-38083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: prio: fix a race in prio_tune()\n\nGerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer\nfires at the wrong time.\n\nThe race is as follows:\n\nCPU 0 CPU 1\n[1]: lock root\n[2]: qdisc_tree_flush_backlog()\n[3]: unlock root\n |\n | [5]: lock root\n | [6]: rehash\n | [7]: qdisc_tree_reduce_backlog()\n |\n[4]: qdisc_put()\n\nThis can be abused to underflow a parent\u0027s qlen.\n\nCalling qdisc_purge_queue() instead of qdisc_tree_flush_backlog()\nshould fix the race, because all packets will be purged from the qdisc\nbefore releasing the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38083",
"url": "https://www.suse.com/security/cve/CVE-2025-38083"
},
{
"category": "external",
"summary": "SUSE Bug 1245183 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "external",
"summary": "SUSE Bug 1245350 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "important"
}
],
"title": "CVE-2025-38083"
},
{
"cve": "CVE-2025-38104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV\n\nRLCG Register Access is a way for virtual functions to safely access GPU\nregisters in a virtualized environment., including TLB flushes and\nregister reads. When multiple threads or VFs try to access the same\nregisters simultaneously, it can lead to race conditions. By using the\nRLCG interface, the driver can serialize access to the registers. This\nmeans that only one thread can access the registers at a time,\npreventing conflicts and ensuring that operations are performed\ncorrectly. Additionally, when a low-priority task holds a mutex that a\nhigh-priority task needs, ie., If a thread holding a spinlock tries to\nacquire a mutex, it can lead to priority inversion. register access in\namdgpu_virt_rlcg_reg_rw especially in a fast code path is critical.\n\nThe call stack shows that the function amdgpu_virt_rlcg_reg_rw is being\ncalled, which attempts to acquire the mutex. This function is invoked\nfrom amdgpu_sriov_wreg, which in turn is called from\ngmc_v11_0_flush_gpu_tlb.\n\nThe [ BUG: Invalid wait context ] indicates that a thread is trying to\nacquire a mutex while it is in a context that does not allow it to sleep\n(like holding a spinlock).\n\nFixes the below:\n\n[ 253.013423] =============================\n[ 253.013434] [ BUG: Invalid wait context ]\n[ 253.013446] 6.12.0-amdstaging-drm-next-lol-050225 #14 Tainted: G U OE\n[ 253.013464] -----------------------------\n[ 253.013475] kworker/0:1/10 is trying to lock:\n[ 253.013487] ffff9f30542e3cf8 (\u0026adev-\u003evirt.rlcg_reg_lock){+.+.}-{3:3}, at: amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.013815] other info that might help us debug this:\n[ 253.013827] context-{4:4}\n[ 253.013835] 3 locks held by kworker/0:1/10:\n[ 253.013847] #0: ffff9f3040050f58 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x3f5/0x680\n[ 253.013877] #1: ffffb789c008be40 ((work_completion)(\u0026wfc.work)){+.+.}-{0:0}, at: process_one_work+0x1d6/0x680\n[ 253.013905] #2: ffff9f3054281838 (\u0026adev-\u003egmc.invalidate_lock){+.+.}-{2:2}, at: gmc_v11_0_flush_gpu_tlb+0x198/0x4f0 [amdgpu]\n[ 253.014154] stack backtrace:\n[ 253.014164] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G U OE 6.12.0-amdstaging-drm-next-lol-050225 #14\n[ 253.014189] Tainted: [U]=USER, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n[ 253.014203] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/18/2024\n[ 253.014224] Workqueue: events work_for_cpu_fn\n[ 253.014241] Call Trace:\n[ 253.014250] \u003cTASK\u003e\n[ 253.014260] dump_stack_lvl+0x9b/0xf0\n[ 253.014275] dump_stack+0x10/0x20\n[ 253.014287] __lock_acquire+0xa47/0x2810\n[ 253.014303] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014321] lock_acquire+0xd1/0x300\n[ 253.014333] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014562] ? __lock_acquire+0xa6b/0x2810\n[ 253.014578] __mutex_lock+0x85/0xe20\n[ 253.014591] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014782] ? sched_clock_noinstr+0x9/0x10\n[ 253.014795] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014808] ? local_clock_noinstr+0xe/0xc0\n[ 253.014822] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015012] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.015029] mutex_lock_nested+0x1b/0x30\n[ 253.015044] ? mutex_lock_nested+0x1b/0x30\n[ 253.015057] amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015249] amdgpu_sriov_wreg+0xc5/0xd0 [amdgpu]\n[ 253.015435] gmc_v11_0_flush_gpu_tlb+0x44b/0x4f0 [amdgpu]\n[ 253.015667] gfx_v11_0_hw_init+0x499/0x29c0 [amdgpu]\n[ 253.015901] ? __pfx_smu_v13_0_update_pcie_parameters+0x10/0x10 [amdgpu]\n[ 253.016159] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.016173] ? smu_hw_init+0x18d/0x300 [amdgpu]\n[ 253.016403] amdgpu_device_init+0x29ad/0x36a0 [amdgpu]\n[ 253.016614] amdgpu_driver_load_kms+0x1a/0xc0 [amdgpu]\n[ 253.0170\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38104",
"url": "https://www.suse.com/security/cve/CVE-2025-38104"
},
{
"category": "external",
"summary": "SUSE Bug 1241635 for CVE-2025-38104",
"url": "https://bugzilla.suse.com/1241635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38104"
},
{
"cve": "CVE-2025-38240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38240"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr\n\nThe function mtk_dp_wait_hpd_asserted() may be called before the\n`mtk_dp-\u003edrm_dev` pointer is assigned in mtk_dp_bridge_attach().\nSpecifically it can be called via this callpath:\n - mtk_edp_wait_hpd_asserted\n - [panel probe]\n - dp_aux_ep_probe\n\nUsing \"drm\" level prints anywhere in this callpath causes a NULL\npointer dereference. Change the error message directly in\nmtk_dp_wait_hpd_asserted() to dev_err() to avoid this. Also change the\nerror messages in mtk_dp_parse_capabilities(), which is called by\nmtk_dp_wait_hpd_asserted().\n\nWhile touching these prints, also add the error code to them to make\nfuture debugging easier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38240",
"url": "https://www.suse.com/security/cve/CVE-2025-38240"
},
{
"category": "external",
"summary": "SUSE Bug 1241457 for CVE-2025-38240",
"url": "https://bugzilla.suse.com/1241457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38240"
},
{
"cve": "CVE-2025-39735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix slab-out-of-bounds read in ea_get()\n\nDuring the \"size_check\" label in ea_get(), the code checks if the extended\nattribute list (xattr) size matches ea_size. If not, it logs\n\"ea_get: invalid extended attribute\" and calls print_hex_dump().\n\nHere, EALIST_SIZE(ea_buf-\u003exattr) returns 4110417968, which exceeds\nINT_MAX (2,147,483,647). Then ea_size is clamped:\n\n\tint size = clamp_t(int, ea_size, 0, EALIST_SIZE(ea_buf-\u003exattr));\n\nAlthough clamp_t aims to bound ea_size between 0 and 4110417968, the upper\nlimit is treated as an int, causing an overflow above 2^31 - 1. This leads\n\"size\" to wrap around and become negative (-184549328).\n\nThe \"size\" is then passed to print_hex_dump() (called \"len\" in\nprint_hex_dump()), it is passed as type size_t (an unsigned\ntype), this is then stored inside a variable called\n\"int remaining\", which is then assigned to \"int linelen\" which\nis then passed to hex_dump_to_buffer(). In print_hex_dump()\nthe for loop, iterates through 0 to len-1, where len is\n18446744073525002176, calling hex_dump_to_buffer()\non each iteration:\n\n\tfor (i = 0; i \u003c len; i += rowsize) {\n\t\tlinelen = min(remaining, rowsize);\n\t\tremaining -= rowsize;\n\n\t\thex_dump_to_buffer(ptr + i, linelen, rowsize, groupsize,\n\t\t\t\t linebuf, sizeof(linebuf), ascii);\n\n\t\t...\n\t}\n\nThe expected stopping condition (i \u003c len) is effectively broken\nsince len is corrupted and very large. This eventually leads to\nthe \"ptr+i\" being passed to hex_dump_to_buffer() to get closer\nto the end of the actual bounds of \"ptr\", eventually an out of\nbounds access is done in hex_dump_to_buffer() in the following\nfor loop:\n\n\tfor (j = 0; j \u003c len; j++) {\n\t\t\tif (linebuflen \u003c lx + 2)\n\t\t\t\tgoto overflow2;\n\t\t\tch = ptr[j];\n\t\t...\n\t}\n\nTo fix this we should validate \"EALIST_SIZE(ea_buf-\u003exattr)\"\nbefore it is utilised.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39735",
"url": "https://www.suse.com/security/cve/CVE-2025-39735"
},
{
"category": "external",
"summary": "SUSE Bug 1241625 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "external",
"summary": "SUSE Bug 1241699 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "important"
}
],
"title": "CVE-2025-39735"
},
{
"cve": "CVE-2025-40014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq()\n\nIf speed_hz \u003c AMD_SPI_MIN_HZ, amd_set_spi_freq() iterates over the\nentire amd_spi_freq array without breaking out early, causing \u0027i\u0027 to go\nbeyond the array bounds.\n\nFix that by stopping the loop when it gets to the last entry, so the low\nspeed_hz value gets clamped up to AMD_SPI_MIN_HZ.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/spi/spi-amd.o: error: objtool: amd_set_spi_freq() falls through to next function amd_spi_set_opcode()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40014",
"url": "https://www.suse.com/security/cve/CVE-2025-40014"
},
{
"category": "external",
"summary": "SUSE Bug 1241644 for CVE-2025-40014",
"url": "https://bugzilla.suse.com/1241644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.8.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.8.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T12:53:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-40014"
}
]
}
suse-su-2025:02307-1
Vulnerability from csaf_suse
Published
2025-07-14 12:31
Modified
2025-07-14 12:31
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP7 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).
- CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728).
- CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913).
- CVE-2024-57995: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() (bsc#1237895).
- CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982).
- CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859).
- CVE-2025-21868: kABI workaround for adding an header (bsc#1240180).
- CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610).
- CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577).
- CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).
- CVE-2025-21938: mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr (bsc#1240723).
- CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814).
- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).
- CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544).
- CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572).
- CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617).
- CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573).
- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).
- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).
- CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).
- CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521).
- CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725).
- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).
- CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850).
- CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907).
- CVE-2025-37837: iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent() (bsc#1242952).
- CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946).
- CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051).
- CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982).
- CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954).
- CVE-2025-37874: net: ngbe: fix memory leak in ngbe_probe() error path (bsc#1242940).
- CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060).
- CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467).
- CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475).
- CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480).
- CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551).
- CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620).
- CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628).
- CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value (bsc#1243537).
- CVE-2025-37938: tracing: Verify event formats that have '%*p..' (bsc#1243544).
- CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538).
- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).
- CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523).
- CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572).
- CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571).
- CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542).
- CVE-2025-37992: net_sched: Flush gso_skb list too during ->change() (bsc#1243698).
- CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827).
- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).
- CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836).
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).
- CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729).
- CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999).
- CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746).
- CVE-2025-38055: perf/x86/intel: Fix segfault with PEBS-via-PT with sample_freq (bsc#1244747).
- CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862).
- CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry != NULL (bsc#1245155).
- CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743).
The following non-security bugs were fixed:
- ACPI: Add missing prototype for non CONFIG_SUSPEND/CONFIG_X86 case (stable-fixes).
- ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes).
- ACPI: HED: Always initialize before evged (stable-fixes).
- ACPI: OSI: Stop advertising support for '3.0 _SCP Extensions' (git-fixes).
- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).
- ACPI: battery: negate current when discharging (stable-fixes).
- ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes).
- ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes).
- ACPICA: Utilities: Fix spelling mistake 'Incremement' -> 'Increment' (git-fixes).
- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).
- ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes).
- ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).
- ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes).
- ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).
- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes).
- ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes).
- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).
- ALSA: seq: Improve data consistency at polling (stable-fixes).
- ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes).
- ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).
- ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes).
- ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).
- ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes).
- ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git-fixes).
- ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes).
- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes).
- ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes).
- ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes).
- ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes).
- ALSA: usb-audio: Skip setting clock selector for single connections (stable-fixes).
- ALSA: usb-audio: Support multiple control interfaces (stable-fixes).
- ALSA: usb-audio: Support read-only clock selector control (stable-fixes).
- ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes).
- ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes).
- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).
- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).
- ASoC: SOF: Intel: hda-bus: Use PIO mode on ACE2+ platforms (git-fixes).
- ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation type (git-fixes).
- ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes).
- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).
- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).
- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).
- ASoC: cs42l43: Disable headphone clamps during type detection (stable-fixes).
- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).
- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).
- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).
- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).
- ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY() (git-fixes).
- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).
- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).
- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).
- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).
- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).
- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).
- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).
- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).
- ASoC: tas2764: Enable main IRQs (git-fixes).
- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).
- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).
- ASoC: tas2764: Reinit cache on part reset (git-fixes).
- ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes).
- ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes).
- ASoC: ti: omap-hdmi: Re-add dai_link->platform to fix card init (git-fixes).
- Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes).
- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).
- Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes).
- Bluetooth: MGMT: Fix sparse errors (git-fixes).
- Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes).
- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).
- Bluetooth: Remove pending ACL connection attempts (stable-fixes).
- Bluetooth: btintel: Check dsbr size from EFI variable (git-fixes).
- Bluetooth: btintel_pcie: Fix driver not posting maximum rx buffers (git-fixes).
- Bluetooth: btintel_pcie: Increase the tx and rx descriptor count (git-fixes).
- Bluetooth: btintel_pcie: Reduce driver buffer posting to prevent race condition (git-fixes).
- Bluetooth: eir: Fix possible crashes on eir_create_adv_data (git-fixes).
- Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git-fixes).
- Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes).
- Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes).
- Bluetooth: hci_event: Fix not using key encryption size when its known (git-fixes).
- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).
- Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes).
- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).
- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).
- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).
- Documentation: ACPI: Use all-string data node references (git-fixes).
- Documentation: fix typo in root= kernel parameter description (git-fixes).
- HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes).
- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).
- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).
- HID: wacom: fix kobject reference count leak (git-fixes).
- HID: wacom: fix memory leak on kobject creation failure (git-fixes).
- HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes).
- IB/cm: Drop lockdep assert and WARN when freeing old msg (git-fixes)
- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).
- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).
- Input: sparcspkr - avoid unannotated fall-through (stable-fixes).
- Input: xpad - add more controllers (stable-fixes).
- KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199).
- KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225).
- MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241) Fixes: 0999112774fc ('MyBS: Use buildflags to set which package to build')
- MyBS: Do not build kernel-obs-qa with limit_packages Fixes: 58e3f8c34b2b ('bs-upload-kernel: Pass limit_packages also on multibuild')
- MyBS: Simplify qa_expr generation Start with a 0 which makes the expression valid even if there are no QA repositories (currently does not happen). Then separator is always needed.
- NFC: nci: uart: Set tty->disc_data only in success path (git-fixes).
- NFS: Do not allow waiting for exiting tasks (git-fixes).
- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).
- NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes).
- NFSv4: Treat ENETUNREACH errors as fatal for state recovery (git-fixes).
- PCI/DPC: Initialize aer_err_info before using it (git-fixes).
- PCI/DPC: Log Error Source ID only when valid (git-fixes).
- PCI/DPC: Use defines with DPC reason fields (git-fixes).
- PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes).
- PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (stable-fixes).
- PCI: Explicitly put devices into D0 when initializing (git-fixes).
- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).
- PCI: apple: Set only available ports up (git-fixes).
- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).
- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).
- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).
- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: cadence: Fix runtime atomic count underflow (git-fixes).
- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).
- PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes).
- PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).
- PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).
- PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes).
- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).
- PM: sleep: Print PM debug messages during hibernation (git-fixes).
- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).
- RDMA/core: Fix best page size finding when it can cross SG entries (git-fixes)
- RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)
- Remove compress-vmlinux.sh /usr/lib/rpm/brp-suse.d/brp-99-compress-vmlinux was added in pesign-obs-integration during SLE12 RC. This workaround can be removed.
- Remove host-memcpy-hack.h This might have been usefult at some point but we have more things that depend on specific library versions today.
- Remove try-disable-staging-driver The config for linux-next is autogenerated from master config, and defaults filled for missing options. This is unlikely to enable any staging driver in the first place.
- Revert 'ALSA: usb-audio: Skip setting clock selector for single connections' (stable-fixes).
- Revert 'arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes)
- Revert 'bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first' (stable-fixes).
- Revert 'drm/amdgpu: do not allow userspace to create a doorbell BO' (stable-fixes).
- Revert 'ipv6: save dontfrag in cork (git-fixes).'
- Revert 'kABI: ipv6: save dontfrag in cork (git-fixes).'
- Revert 'wifi: mt76: mt7996: fill txd by host driver' (stable-fixes).
- Revert 'wifi: mwifiex: Fix HT40 bandwidth issue.' (git-fixes).
- SUNRPC: Do not allow waiting for exiting tasks (git-fixes).
- SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes).
- SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git-fixes).
- SUNRPC: rpcbind should never reset the port to the value '0' (git-fixes).
- USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes).
- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).
- accel/ivpu: Improve buffer object logging (git-fixes).
- accel/ivpu: Use dma_resv_lock() instead of a custom mutex (git-fixes).
- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).
- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).
- add bug reference to existing hv_storvsc change (bsc#1245455).
- arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)
- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes).
- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes).
- ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes).
- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).
- bnxt: properly flush XDP redirect lists (git-fixes).
- bpf: Force uprobe bpf program to always return 0 (git-fixes).
- bs-upload-kernel: Pass limit_packages also on multibuild Fixes: 0999112774fc ('MyBS: Use buildflags to set which package to build') Fixes: 747f601d4156 ('bs-upload-kernel, MyBS, Buildresults: Support multibuild (JSC-SLE#5501, boo#1211226, bsc#1218184)')
- btrfs: fix fsync of files with no hard links not persisting deletion (git-fixes).
- btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes).
- btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes).
- btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes).
- btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes).
- btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes).
- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).
- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).
- bus: fsl-mc: fix double-free on mc_dev (git-fixes).
- bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes).
- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).
- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes).
- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).
- can: tcan4x5x: fix power regulator retrieval during probe (git-fixes).
- ceph: Fix incorrect flush end position calculation (git-fixes).
- ceph: allocate sparse_ext map only for sparse reads (git-fixes).
- ceph: fix memory leaks in __ceph_sync_read() (git-fixes).
- cgroup/cpuset: Do not allow creation of local partition over a remote one (bsc#1241166).
- cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166).
- cifs: change tcon status when need_reconnect is set on it (git-fixes).
- clocksource: Fix brown-bag boolean thinko in (git-fixes)
- clocksource: Make watchdog and suspend-timing multiplication (git-fixes)
- crypto: lrw - Only add ecb if it is not already there (git-fixes).
- crypto: lzo - Fix compression buffer overrun (stable-fixes).
- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).
- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).
- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).
- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).
- crypto: qat - add shutdown handler to qat_420xx (git-fixes).
- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).
- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).
- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).
- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).
- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).
- crypto: xts - Only add ecb if it is not already there (git-fixes).
- devlink: Fix referring to hw_addr attribute during state validation (git-fixes).
- devlink: fix port dump cmd type (git-fixes).
- dlm: mask sk_shutdown value (bsc#1228854).
- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).
- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).
- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).
- drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes).
- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).
- drm/amd/display: Add debugging message for brightness caps (bsc#1240650).
- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).
- drm/amd/display: Add support for disconnected eDP streams (stable-fixes).
- drm/amd/display: Call FP Protect Before Mode Programming/Mode Support (stable-fixes).
- drm/amd/display: Configure DTBCLK_P with OPTC only for dcn401 (stable-fixes).
- drm/amd/display: Correct timing_adjust_pending flag setting (stable-fixes).
- drm/amd/display: Defer BW-optimization-blocked DRR adjustments (git-fixes).
- drm/amd/display: Do not enable replay when vtotal update is pending (stable-fixes).
- drm/amd/display: Do not treat wb connector as physical in create_validate_stream_for_sink (stable-fixes).
- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).
- drm/amd/display: Ensure DMCUB idle before reset on DCN31/DCN35 (stable-fixes).
- drm/amd/display: Fix BT2020 YCbCr limited/full range input (stable-fixes).
- drm/amd/display: Fix DMUB reset sequence for DCN401 (stable-fixes).
- drm/amd/display: Fix default DC and AC levels (bsc#1240650).
- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).
- drm/amd/display: Fix p-state type when p-state is unsupported (stable-fixes).
- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).
- drm/amd/display: Guard against setting dispclk low when active (stable-fixes).
- drm/amd/display: Increase block_sequence array size (stable-fixes).
- drm/amd/display: Initial psr_version with correct setting (stable-fixes).
- drm/amd/display: Populate register address for dentist for dcn401 (stable-fixes).
- drm/amd/display: Read LTTPR ALPM caps during link cap retrieval (stable-fixes).
- drm/amd/display: Request HW cursor on DCN3.2 with SubVP (stable-fixes).
- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).
- drm/amd/display: Support multiple options during psr entry (stable-fixes).
- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).
- drm/amd/display: Use Nominal vBlank If Provided Instead Of Capping It (stable-fixes).
- drm/amd/display: calculate the remain segments for all pipes (stable-fixes).
- drm/amd/display: check stream id dml21 wrapper to get plane_id (stable-fixes).
- drm/amd/display: fix dcn4x init failed (stable-fixes).
- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).
- drm/amd/display: handle max_downscale_src_width fail check (stable-fixes).
- drm/amd/display: not abort link train when bw is low (stable-fixes).
- drm/amd/display: pass calculated dram_speed_mts to dml2 (stable-fixes).
- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).
- drm/amd/pm: Fetch current power limit from PMFW (stable-fixes).
- drm/amd/pm: Skip P2S load for SMU v13.0.12 (stable-fixes).
- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).
- drm/amd: Adjust output for discovery error handling (git-fixes).
- drm/amdgpu/discovery: check ip_discovery fw file available (stable-fixes).
- drm/amdgpu/gfx11: do not read registers in mqd init (stable-fixes).
- drm/amdgpu/gfx12: do not read registers in mqd init (stable-fixes).
- drm/amdgpu/mes11: fix set_hw_resources_1 calculation (stable-fixes).
- drm/amdgpu: Allow P2P access through XGMI (stable-fixes).
- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).
- drm/amdgpu: Fix missing drain retry fault the last entry (stable-fixes).
- drm/amdgpu: Fix the race condition for draining retry fault (stable-fixes).
- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).
- drm/amdgpu: Skip pcie_replay_count sysfs creation for VF (stable-fixes).
- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).
- drm/amdgpu: Use active umc info from discovery (stable-fixes).
- drm/amdgpu: adjust drm_firmware_drivers_only() handling (stable-fixes).
- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).
- drm/amdgpu: read back register after written for VCN v4.0.5 (stable-fixes).
- drm/amdgpu: release xcp_mgr on exit (stable-fixes).
- drm/amdgpu: remove all KFD fences from the BO on release (stable-fixes).
- drm/amdgpu: reset psp->cmd to NULL after releasing the buffer (stable-fixes).
- drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).
- drm/amdkfd: Correct F8_MODE for gfx950 (git-fixes).
- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).
- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).
- drm/amdkfd: Set per-process flags only once for gfx9/10/11/12 (stable-fixes).
- drm/amdkfd: fix missing L2 cache info in topology (stable-fixes).
- drm/amdkfd: set precise mem ops caps to disabled for gfx 11 and 12 (stable-fixes).
- drm/ast: Find VBIOS mode from regular display size (stable-fixes).
- drm/ast: Fix comment on modeset lock (git-fixes).
- drm/atomic: clarify the rules around drm_atomic_state->allow_modeset (stable-fixes).
- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).
- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).
- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).
- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).
- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).
- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).
- drm/buddy: fix issue that force_merge cannot free all roots (stable-fixes).
- drm/etnaviv: Protect the scheduler's pending list with its lock (git-fixes).
- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).
- drm/i915/guc: Check if expecting reply before decrementing outstanding_submission_g2h (git-fixes).
- drm/i915/guc: Handle race condition where wakeref count drops below 0 (git-fixes).
- drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes).
- drm/i915/psr: Fix using wrong mask in REG_FIELD_PREP (git-fixes).
- drm/i915: fix build error some more (git-fixes).
- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).
- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).
- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).
- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).
- drm/msm/a6xx: Disable rgb565_predicator on Adreno 7c3 (git-fixes).
- drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (git-fixes).
- drm/msm/disp: Correct porch timing for SDM845 (git-fixes).
- drm/msm/dpu: Clear CTL_FETCH_PIPE_ACTIVE before blend setup (git-fixes).
- drm/msm/dpu: Clear CTL_FETCH_PIPE_ACTIVE on ctl_path reset (git-fixes).
- drm/msm/dpu: enable SmartDMA on SC8180X (git-fixes).
- drm/msm/dpu: enable SmartDMA on SM8150 (git-fixes).
- drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes).
- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).
- drm/msm: Fix CP_RESET_CONTEXT_STATE bitfield names (git-fixes).
- drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes).
- drm/nouveau: fix the broken marco GSP_MSG_MAX_SIZE (stable-fixes).
- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).
- drm/panel-simple: fix the warnings for the Evervision VGG644804 (git-fixes).
- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).
- drm/panic: add missing space (git-fixes).
- drm/panthor: Fix GPU_COHERENCY_ACE[_LITE] definitions (git-fixes).
- drm/panthor: Update panthor_mmu::irq::mask when needed (git-fixes).
- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).
- drm/rockchip: vop2: Improve display modes handling on RK3588 HDMI0 (stable-fixes).
- drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).
- drm/tegra: Assign plane type before registration (git-fixes).
- drm/tegra: Fix a possible null pointer dereference (git-fixes).
- drm/tegra: rgb: Fix the unbound reference count (git-fixes).
- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).
- drm/v3d: Add clock handling (stable-fixes).
- drm/v3d: Avoid NULL pointer dereference in `v3d_job_update_stats()` (stable-fixes).
- drm/vc4: tests: Use return instead of assert (git-fixes).
- drm/vkms: Adjust vkms_state->active_planes allocation type (git-fixes).
- drm/vmwgfx: Add error path for xa_store in vmw_bo_add_detached_resource (git-fixes).
- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).
- drm/vmwgfx: Fix dumb buffer leak (git-fixes).
- drm/xe/bmg: Update Wa_16023588340 (git-fixes).
- drm/xe/d3cold: Set power state to D3Cold during s2idle/s3 (git-fixes).
- drm/xe/debugfs: Add missing xe_pm_runtime_put in wedge_mode_set (stable-fixes).
- drm/xe/debugfs: fixed the return value of wedged_mode_set (stable-fixes).
- drm/xe/display: Add check for alloc_ordered_workqueue() (git-fixes).
- drm/xe/gt: Update handling of xe_force_wake_get return (stable-fixes).
- drm/xe/oa: Ensure that polled read returns latest data (stable-fixes).
- drm/xe/pf: Create a link between PF and VF devices (stable-fixes).
- drm/xe/pf: Reset GuC VF config when unprovisioning critical resource (stable-fixes).
- drm/xe/relay: Do not use GFP_KERNEL for new transactions (stable-fixes).
- drm/xe/sa: Always call drm_suballoc_manager_fini() (stable-fixes).
- drm/xe/sched: stop re-submitting signalled jobs (git-fixes).
- drm/xe/vf: Retry sending MMIO request to GUC on timeout error (stable-fixes).
- drm/xe/vm: move rebind_work init earlier (git-fixes).
- drm/xe/xe2hpg: Add Wa_22021007897 (stable-fixes).
- drm/xe: Create LRC BO without VM (git-fixes).
- drm/xe: Do not attempt to bootstrap VF in execlists mode (stable-fixes).
- drm/xe: Fix memset on iomem (git-fixes).
- drm/xe: Fix xe_tile_init_noalloc() error propagation (stable-fixes).
- drm/xe: Make xe_gt_freq part of the Documentation (git-fixes).
- drm/xe: Move suballocator init to after display init (stable-fixes).
- drm/xe: Nuke VM's mapping upon close (stable-fixes).
- drm/xe: Process deferred GGTT node removals on device unwind (git-fixes).
- drm/xe: Reject BO eviction if BO is bound to current VM (stable-fixes).
- drm/xe: Retry BO allocation (stable-fixes).
- drm/xe: Rework eviction rejection of bound external bos (git-fixes).
- drm/xe: Save the gt pointer in lrc and drop the tile (stable-fixes).
- drm/xe: Stop ignoring errors from xe_ttm_stolen_mgr_init() (stable-fixes).
- drm/xe: Wire up device shutdown handler (stable-fixes).
- drm/xe: remove unmatched xe_vm_unlock() from __xe_exec_queue_init() (git-fixes).
- drm/xe: xe_gen_wa_oob: replace program_invocation_short_name (stable-fixes).
- drm: Add valid clones check (stable-fixes).
- drm: bridge: adv7511: fill stream capabilities (stable-fixes).
- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).
- dummycon: Trigger redraw when switching consoles with deferred takeover (git-fixes).
- e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes).
- efi/libstub: Describe missing 'out' parameter in efi_load_initrd (git-fixes).
- fbcon: Make sure modelist not set on unregistered console (stable-fixes).
- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).
- fbdev/efifb: Remove PM for parent device (bsc#1244261).
- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).
- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).
- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).
- fgraph: Still initialize idle shadow stacks when starting (git-fixes).
- firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes).
- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).
- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).
- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).
- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).
- fpga: altera-cvp: Increase credit timeout (stable-fixes).
- fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes).
- gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).
- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).
- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).
- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).
- gpiolib: Revert 'Do not WARN on gpiod_put() for optional GPIO' (stable-fixes).
- gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes).
- gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes).
- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).
- hwmon: (dell-smm) Increment the number of fans (stable-fixes).
- hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).
- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).
- hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes).
- hwmon: (occ) Rework attribute registration for stack usage (git-fixes).
- hwmon: (occ) fix unaligned accesses (git-fixes).
- hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes).
- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).
- hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes).
- i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes).
- i2c: npcm: Add clock toggle recovery (stable-fixes).
- i2c: pxa: fix call balance of i2c->clk handling routines (stable-fixes).
- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).
- i2c: robotfuzz-osif: disable zero-length read messages (git-fixes).
- i2c: tegra: check msg length in SMBUS block read (bsc#1242086)
- i2c: tiny-usb: disable zero-length read messages (git-fixes).
- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).
- i3c: master: svc: Fix missing STOP for master request (stable-fixes).
- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).
- i40e: retry VFLR handling if there is ongoing VF reset (git-fixes).
- i40e: return false from i40e_reset_vf if reset is in progress (git-fixes).
- ice: Fix LACP bonds without SRIOV environment (git-fixes).
- ice: create new Tx scheduler nodes for new queues only (git-fixes).
- ice: fix Tx scheduler error handling in XDP callback (git-fixes).
- ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes).
- ice: fix vf->num_mac count with port representors (git-fixes).
- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).
- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).
- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).
- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).
- iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes).
- iio: filter: admv8818: fix band 4, state 15 (git-fixes).
- iio: filter: admv8818: fix integer overflow (git-fixes).
- iio: filter: admv8818: fix range calculation (git-fixes).
- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).
- ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650).
- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).
- intel_th: avoid using deprecated page->mapping, index fields (stable-fixes).
- iommu: Protect against overflow in iommu_pgsize() (git-fixes).
- iommu: Skip PASID validation for devices without PASID capability (bsc#1244100)
- iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)
- ip6mr: fix tables suspicious RCU usage (git-fixes).
- ip_tunnel: annotate data-races around t->parms.link (git-fixes).
- ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes).
- ipmr: fix tables suspicious RCU usage (git-fixes).
- ipv4: Convert ip_route_input() to dscp_t (git-fixes).
- ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes).
- ipv6: save dontfrag in cork (git-fixes).
- ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes).
- isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).
- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).
- jffs2: check that raw node were preallocated before writing summary (git-fixes).
- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).
- kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- kABI: ipv6: save dontfrag in cork (git-fixes).
- kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- kabi: restore layout of struct cgroup_subsys (bsc#1241166).
- kabi: restore layout of struct mem_control (jsc#PED-12551).
- kabi: restore layout of struct page_counter (jsc#PED-12551).
- kernel-source: Do not use multiple -r in sed parameters
- kernel-source: Remove log.sh from sources
- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: add file_start_write() and file_end_write() (git-fixes).
- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).
- md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).
- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).
- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).
- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).
- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).
- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).
- media: cx231xx: set device_caps for 417 (stable-fixes).
- media: cxusb: no longer judge rbuf when the write fails (git-fixes).
- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).
- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).
- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).
- media: imx-jpeg: Cleanup after an allocation error (git-fixes).
- media: imx-jpeg: Drop the first error frames (git-fixes).
- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).
- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).
- media: intel/ipu6: Fix dma mask for non-secure mode (git-fixes).
- media: ipu6: Remove workaround for Meteor Lake ES2 (git-fixes).
- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).
- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).
- media: ov2740: Move pm-runtime cleanup on probe-errors to proper place (git-fixes).
- media: ov5675: suppress probe deferral errors (git-fixes).
- media: ov8856: suppress probe deferral errors (git-fixes).
- media: platform: mtk-mdp3: Remove unused mdp_get_plat_device (git-fixes).
- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).
- media: rkvdec: Fix frame size enumeration (git-fixes).
- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).
- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).
- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).
- media: uvcvideo: Fix deferred probing error (git-fixes).
- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).
- media: uvcvideo: Return the number of processed controls (git-fixes).
- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).
- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).
- media: venus: Fix probe error handling (git-fixes).
- media: verisilicon: Free post processor buffers on error (git-fixes).
- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).
- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).
- media: vivid: Change the siize of the composing (git-fixes).
- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).
- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).
- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).
- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).
- mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551).
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).
- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).
- mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551).
- mmc: Add quirk to disable DDR50 tuning (stable-fixes).
- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).
- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).
- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).
- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).
- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).
- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).
- neighbour: Do not let neigh_forced_gc() disable preemption for long (git-fixes).
- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes).
- net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes).
- net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes).
- net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes).
- net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes).
- net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).
- net/mlx5: Fix return value when searching for existing flow group (git-fixes).
- net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes).
- net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).
- net/neighbor: clear error in case strict check is not set (git-fixes).
- net/sched: fix use-after-free in taprio_dev_notifier (git-fixes).
- net: Fix TOCTOU issue in sk_is_readable() (git-fixes).
- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes).
- net: add rcu safety to rtnl_prop_list_size() (git-fixes).
- net: fix udp gso skb_segment after pull from frag_list (git-fixes).
- net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes).
- net: ice: Perform accurate aRFS flow match (git-fixes).
- net: ipv4: fix a memleak in ip_setup_cork (git-fixes).
- net: linkwatch: use system_unbound_wq (git-fixes).
- net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).
- net: mana: Record doorbell physical address in PF mode (bsc#1244229).
- net: page_pool: fix warning code (git-fixes).
- net: phy: clear phydev->devlink when the link is deleted (git-fixes).
- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).
- net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538)
- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).
- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).
- net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes).
- net: sched: consistently use rcu_replace_pointer() in taprio_change() (git-fixes).
- net: sched: em_text: fix possible memory leak in em_text_destroy() (git-fixes).
- net: sched: fix erspan_opt settings in cls_flower (git-fixes).
- net: usb: aqc111: debug info before sanitation (git-fixes).
- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).
- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).
- net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).
- net_sched: prio: fix a race in prio_tune() (git-fixes).
- net_sched: red: fix a race in __red_change() (git-fixes).
- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
- net_sched: sch_sfq: reject invalid perturb period (git-fixes).
- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)
- net_sched: tbf: fix a race in tbf_change() (git-fixes).
- netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).
- netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes).
- netlink: specs: dpll: replace underscores with dashes in names (git-fixes).
- netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes).
- netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).
- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).
- nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes).
- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).
- ntp: Clamp maxerror and esterror to operating range (git-fixes)
- ntp: Remove invalid cast in time offset math (git-fixes)
- ntp: Safeguard against time_constant overflow (git-fixes)
- nvme-fc: do not reference lsrsp after failure (bsc#1245193).
- nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes).
- nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).
- nvme-pci: add quirks for device 126f:1001 (git-fixes).
- nvme: always punt polled uring_cmd end_io work to task_work (git-fixes).
- nvme: fix command limits status code (git-fixes).
- nvme: fix implicit bool to flags conversion (git-fixes).
- nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).
- nvmet-fc: take tgtport refs for portentry (bsc#1245193).
- nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193).
- nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193).
- nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).
- nvmet-fcloop: do not wait for lport cleanup (bsc#1245193).
- nvmet-fcloop: drop response if targetport is gone (bsc#1245193).
- nvmet-fcloop: prevent double port deletion (bsc#1245193).
- nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).
- nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193).
- nvmet-fcloop: remove nport from list on last user (bsc#1245193).
- nvmet-fcloop: track ref counts for nports (bsc#1245193).
- nvmet-fcloop: update refs on tfcp_req (bsc#1245193).
- orangefs: Do not truncate file size (git-fixes).
- pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes).
- page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes).
- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).
- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).
- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).
- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).
- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes).
- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).
- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (git-fixes).
- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).
- pinctrl: bcm281xx: Use 'unsigned int' instead of bare 'unsigned' (stable-fixes).
- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).
- pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes).
- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).
- pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).
- pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).
- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).
- platform/x86/amd/hsmp: Add new error code and error logs (jsc#PED-13094).
- platform/x86/amd/hsmp: Add support for HSMP protocol version 7 messages (jsc#PED-13094).
- platform/x86/amd/hsmp: Change generic plat_dev name to hsmp_pdev (jsc#PED-13094).
- platform/x86/amd/hsmp: Change the error type (jsc#PED-13094).
- platform/x86/amd/hsmp: Convert amd_hsmp_rdwr() to a function pointer (jsc#PED-13094).
- platform/x86/amd/hsmp: Create hsmp/ directory (jsc#PED-13094).
- platform/x86/amd/hsmp: Create separate ACPI, plat and common drivers (jsc#PED-13094).
- platform/x86/amd/hsmp: Create wrapper function init_acpi() (jsc#PED-13094).
- platform/x86/amd/hsmp: Make amd_hsmp and hsmp_acpi as mutually exclusive drivers (jsc#PED-13094).
- platform/x86/amd/hsmp: Make hsmp_pdev static instead of global (jsc#PED-13094).
- platform/x86/amd/hsmp: Move ACPI code to acpi.c (jsc#PED-13094).
- platform/x86/amd/hsmp: Move platform device specific code to plat.c (jsc#PED-13094).
- platform/x86/amd/hsmp: Move structure and macros to header file (jsc#PED-13094).
- platform/x86/amd/hsmp: Report power via hwmon sensor (jsc#PED-13094).
- platform/x86/amd/hsmp: Use a single DRIVER_VERSION for all hsmp modules (jsc#PED-13094).
- platform/x86/amd/hsmp: Use dev_groups in the driver structure (jsc#PED-13094).
- platform/x86/amd/hsmp: Use name space while exporting module symbols (jsc#PED-13094).
- platform/x86/amd/hsmp: acpi: Add sysfs files to display HSMP telemetry (jsc#PED-13094).
- platform/x86/amd/hsmp: fix building with CONFIG_HWMON=m (jsc#PED-13094).
- platform/x86/amd/hsmp: mark hsmp_msg_desc_table as maybe_unused (git-fixes).
- platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes).
- platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes).
- platform/x86: amd: Use *-y instead of *-objs in Makefiles (jsc#PED-13094).
- platform/x86: dell_rbu: Fix list usage (git-fixes).
- platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).
- platform/x86: hp-bioscfg: Annotate struct bios_args with __counted_by (jsc#PED-13019).
- platform/x86: hp-bioscfg: Change how enum possible values size is evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Change how order list size is evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Change how password encoding size is evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Change how prerequisites size is evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Fix error handling in hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: Fix memory leaks in attribute packages (jsc#PED-13019).
- platform/x86: hp-bioscfg: Fix reference leak (jsc#PED-13019).
- platform/x86: hp-bioscfg: Fix uninitialized variable errors (jsc#PED-13019).
- platform/x86: hp-bioscfg: Makefile (jsc#PED-13019).
- platform/x86: hp-bioscfg: Remove duplicate use of variable in inner loop (jsc#PED-13019).
- platform/x86: hp-bioscfg: Remove unused obj in hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: Removed needless asm-generic (jsc#PED-13019).
- platform/x86: hp-bioscfg: Replace the word HACK from source code (jsc#PED-13019).
- platform/x86: hp-bioscfg: Simplify return check in hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: Update steps order list elements are evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Use kmemdup() to replace kmalloc + memcpy (jsc#PED-13019).
- platform/x86: hp-bioscfg: biosattr-interface (jsc#PED-13019).
- platform/x86: hp-bioscfg: bioscfg (jsc#PED-13019).
- platform/x86: hp-bioscfg: bioscfg-h (jsc#PED-13019).
- platform/x86: hp-bioscfg: enum-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: fix a signedness bug in hp_wmi_perform_query() (jsc#PED-13019).
- platform/x86: hp-bioscfg: fix error reporting in hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: int-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: move mutex_lock() down in hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: order-list-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: passwdobj-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: prevent a small buffer overflow (jsc#PED-13019).
- platform/x86: hp-bioscfg: spmobj-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: string-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: surestart-attributes (jsc#PED-13019).
- platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes).
- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).
- power: reset: at91-reset: Optimize at91_reset() (git-fixes).
- power: supply: bq27xxx: Retrieve again when busy (stable-fixes).
- power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes).
- powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199).
- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).
- powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199).
- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).
- pstore: Change kmsg_bytes storage size to u32 (git-fixes).
- ptp: ocp: fix start time alignment in ptp_ocp_signal_set (git-fixes).
- ptp: ocp: reject unsupported periodic output flags (git-fixes).
- ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() (git-fixes).
- r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes).
- regulator: ad5398: Add device tree support (stable-fixes).
- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).
- regulator: max20086: Change enable gpio to optional (git-fixes).
- regulator: max20086: Fix MAX200086 chip id (git-fixes).
- regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes).
- rpm/check-for-config-changes: add more to IGNORED_CONFIGS_RE Useful when someone tries (needs) to build the kernel with clang.
- rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725)
- rpm: Stop using is_kotd_qa macro This macro is set by bs-upload-kernel, and a conditional in each spec file is used to determine when to build the spec file. This logic should not really be in the spec file. Previously this was done with package links and package meta for the individula links. However, the use of package links is rejected for packages in git based release projects (nothing to do with git actually, new policy). An alternative to package links is multibuild. However, for multibuild packages package meta cannot be used to set which spec file gets built. Use prjcon buildflags instead, and remove this conditional. Depends on bs-upload-kernel adding the build flag.
- rtc: Fix offset calculation for .start_secs < 0 (git-fixes).
- rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes).
- rtc: at91rm9200: drop unused module alias (git-fixes).
- rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).
- rtc: cpcap: drop unused module alias (git-fixes).
- rtc: da9063: drop unused module alias (git-fixes).
- rtc: ds1307: stop disabling alarms on probe (stable-fixes).
- rtc: jz4740: drop unused module alias (git-fixes).
- rtc: pm8xxx: drop unused module alias (git-fixes).
- rtc: rv3032: fix EERD location (stable-fixes).
- rtc: s3c: drop unused module alias (git-fixes).
- rtc: sh: assign correct interrupts with DT (git-fixes).
- rtc: stm32: drop unused module alias (git-fixes).
- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).
- s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226).
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).
- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).
- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).
- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).
- s390/pci: Serialize device addition and removal (bsc#1244145).
- s390/pci: introduce lock to synchronize state of zpci_dev's (jsc#PED-10253 bsc#1244145).
- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).
- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).
- s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228).
- scsi: Improve CDL control (git-fixes).
- scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).
- scsi: dc395x: Remove leftover if statement in reselect() (git-fixes).
- scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes).
- scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: mpi3mr: Add level check to control event logging (git-fixes).
- scsi: mpt3sas: Fix _ctl_get_mpt_mctp_passthru_adapter() to return IOC pointer (git-fixes).
- scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes).
- scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes).
- scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels (git-fixes).
- scsi: st: ERASE does not change tape location (git-fixes).
- scsi: st: Restore some drive settings after reset (git-fixes).
- scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes).
- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).
- scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).
- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).
- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).
- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).
- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).
- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).
- serial: core: restore of_node information in sysfs (git-fixes).
- serial: imx: Restore original RXTL for console to fix data loss (git-fixes).
- serial: jsm: fix NPE during jsm_uart_port_init (git-fixes).
- serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes).
- serial: sh-sci: Save and restore more registers (git-fixes).
- serial: sh-sci: Update the suspend/resume support (stable-fixes).
- smb3: fix Open files on server counter going negative (git-fixes).
- smb: client: Use str_yes_no() helper function (git-fixes).
- smb: client: allow more DFS referrals to be cached (git-fixes).
- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).
- smb: client: do not retry DFS targets on server shutdown (git-fixes).
- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).
- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).
- smb: client: fix DFS interlink failover (git-fixes).
- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- smb: client: fix return value of parse_dfs_referrals() (git-fixes).
- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).
- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).
- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).
- smb: client: improve purging of cached referrals (git-fixes).
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- smb: client: optimize referral walk on failed link targets (git-fixes).
- smb: client: parse DNS domain name from domain= option (git-fixes).
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- smb: client: refresh referral without acquiring refpath_lock (git-fixes).
- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).
- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).
- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).
- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).
- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).
- software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes).
- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).
- spi-rockchip: Fix register out of bounds access (stable-fixes).
- spi: bcm63xx-hsspi: fix shared reset (git-fixes).
- spi: bcm63xx-spi: fix shared reset (git-fixes).
- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).
- spi: spi-sun4i: fix early activation (stable-fixes).
- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).
- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).
- spi: tegra210-quad: remove redundant error handling code (git-fixes).
- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).
- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).
- staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes).
- struct usci: hide additional member (git-fixes).
- sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes).
- supported.conf: Add SNP SVSM vTPM driver
- supported.conf: add it
- supported.conf: support firmware_attributes_class
- svsm: Add header with SVSM_VTPM_CMD helpers (bsc#1241191).
- sysfb: Fix screen_info type check for VGA (git-fixes).
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (git-fixes).
- tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (git-fixes).
- tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes).
- tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).
- thermal/drivers/mediatek/lvts: Fix debugfs unregister on failure (git-fixes).
- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).
- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).
- thunderbolt: Do not double dequeue a configuration request (stable-fixes).
- thunderbolt: Fix a logic error in wake on connect (git-fixes).
- thunderbolt: Improve redrive mode handling (git-fixes).
- timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)
- timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)
- timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)
- timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)
- tpm: Add SNP SVSM vTPM driver (bsc#1241191).
- tpm: Make chip->{status,cancel,req_canceled} opt (bsc#1241191).
- trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes).
- tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes).
- tracing: Add __print_dynamic_array() helper (bsc#1243544).
- tracing: Add __string_len() example (bsc#1243544).
- tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes).
- tracing: Fix compilation warning on arm32 (bsc#1243551).
- tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes).
- truct dwc3 hide new member wakeup_pending_funcs (git-fixes).
- tty: serial: 8250_omap: fix TX with DMA for am33xx (git-fixes).
- ucsi_debugfs_entry: hide signedness change (git-fixes).
- udp: annotate data-races around up->pending (git-fixes).
- udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (git-fixes).
- udp: fix receiving fraglist GSO packets (git-fixes).
- udp: preserve the connected status if only UDP cmsg (git-fixes).
- uprobes: Use kzalloc to allocate xol area (git-fixes).
- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).
- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).
- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).
- usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).
- usb: misc: onboard_usb_dev: fix support for Cypress HX3 hubs (git-fixes).
- usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes).
- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).
- usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes).
- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).
- usb: typec: tcpm: move tcpm_queue_vdm_unlocked to asynchronous work (git-fixes).
- usb: typec: ucsi: Only enable supported notifications (git-fixes).
- usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git-fixes).
- usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes).
- usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes).
- usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes).
- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).
- usb: usbtmc: Fix timeout value in get_stb (git-fixes).
- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).
- usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes).
- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).
- vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626).
- vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626).
- vmxnet3: update MTU after device quiesce (bsc#1244626).
- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).
- watchdog: da9052_wdt: respect TWDMIN (stable-fixes).
- watchdog: exar: Shorten identity name to fit correctly (git-fixes).
- watchdog: fix watchdog may detect false positive of softlockup (stable-fixes).
- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes).
- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes).
- wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).
- wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes).
- wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes).
- wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes).
- wifi: ath11k: do not wait when there is no vdev started (git-fixes).
- wifi: ath11k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath11k: fix ring-buffer corruption (git-fixes).
- wifi: ath11k: fix rx completion meta data corruption (git-fixes).
- wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes).
- wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes).
- wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847).
- wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes).
- wifi: ath12k: ACPI CCA threshold support (bsc#1240998).
- wifi: ath12k: ACPI SAR support (bsc#1240998).
- wifi: ath12k: ACPI TAS support (bsc#1240998).
- wifi: ath12k: ACPI band edge channel power support (bsc#1240998).
- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).
- wifi: ath12k: Add additional checks for vif and sta iterators (bsc#1240998).
- wifi: ath12k: Add firmware coredump collection support (bsc#1240998).
- wifi: ath12k: Add htt_stats_dump file ops support (bsc#1240998).
- wifi: ath12k: Add lock to protect the hardware state (bsc#1240998).
- wifi: ath12k: Add missing htt_metadata flag in ath12k_dp_tx() (bsc#1240998).
- wifi: ath12k: Add support to enable debugfs_htt_stats (bsc#1240998).
- wifi: ath12k: Add support to parse requested stats_type (bsc#1240998).
- wifi: ath12k: Avoid -Wflex-array-member-not-at-end warnings (bsc#1240998).
- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).
- wifi: ath12k: Cache vdev configs before vdev create (bsc#1240998).
- wifi: ath12k: Dump additional Tx PDEV HTT stats (bsc#1240998).
- wifi: ath12k: Fetch regdb.bin file from board-2.bin (stable-fixes).
- wifi: ath12k: Fix WARN_ON during firmware crash in split-phy (bsc#1240998).
- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).
- wifi: ath12k: Fix buffer overflow in debugfs (bsc#1240998).
- wifi: ath12k: Fix devmem address prefix when logging (bsc#1240998).
- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).
- wifi: ath12k: Fix for out-of bound access error (bsc#1240998).
- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).
- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).
- wifi: ath12k: Fix pdev id sent to firmware for single phy devices (bsc#1240998).
- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).
- wifi: ath12k: Handle error cases during extended skb allocation (git-fixes).
- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).
- wifi: ath12k: Introduce device index (bsc#1240998).
- wifi: ath12k: Modify add and remove chanctx ops for single wiphy support (bsc#1240998).
- wifi: ath12k: Modify print_array_to_buf() to support arrays with 1-based semantics (bsc#1240998).
- wifi: ath12k: Modify rts threshold mac op for single wiphy (bsc#1240998).
- wifi: ath12k: Modify set and get antenna mac ops for single wiphy (bsc#1240998).
- wifi: ath12k: Optimize the lock contention of used list in Rx data path (bsc#1240998).
- wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes).
- wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash (bsc#1240998).
- wifi: ath12k: Refactor Rxdma buffer replinish argument (bsc#1240998).
- wifi: ath12k: Refactor data path cmem init (bsc#1240998).
- wifi: ath12k: Refactor error handler of Rxdma replenish (bsc#1240998).
- wifi: ath12k: Refactor idle ring descriptor setup (bsc#1240998).
- wifi: ath12k: Refactor the hardware cookie conversion init (bsc#1240998).
- wifi: ath12k: Refactor the hardware recovery procedure (bsc#1240998).
- wifi: ath12k: Refactor the hardware state (bsc#1240998).
- wifi: ath12k: Remove unsupported tx monitor handling (bsc#1240998).
- wifi: ath12k: Remove unused ath12k_base from ath12k_hw (bsc#1240998).
- wifi: ath12k: Remove unused tcl_*_ring configuration (bsc#1240998).
- wifi: ath12k: Replace 'chip' with 'device' in hal Rx return buffer manager (bsc#1240998).
- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).
- wifi: ath12k: Resolve multicast packet drop by populating key_cipher in ath12k_install_key() (bsc#1240998).
- wifi: ath12k: Support BE OFDMA Pdev Rate Stats (bsc#1240998).
- wifi: ath12k: Support DMAC Reset Stats (bsc#1240998).
- wifi: ath12k: Support Pdev OBSS Stats (bsc#1240998).
- wifi: ath12k: Support Pdev Scheduled Algorithm Stats (bsc#1240998).
- wifi: ath12k: Support Ring and SFM stats (bsc#1240998).
- wifi: ath12k: Support Self-Generated Transmit stats (bsc#1240998).
- wifi: ath12k: Support TQM stats (bsc#1240998).
- wifi: ath12k: Support Transmit DE stats (bsc#1240998).
- wifi: ath12k: Support Transmit Scheduler stats (bsc#1240998).
- wifi: ath12k: Support pdev CCA Stats (bsc#1240998).
- wifi: ath12k: Support pdev Transmit Multi-user stats (bsc#1240998).
- wifi: ath12k: Support pdev error stats (bsc#1240998).
- wifi: ath12k: add 6 GHz params in peer assoc command (bsc#1240998).
- wifi: ath12k: add ATH12K_DBG_WOW log level (bsc#1240998).
- wifi: ath12k: add EMA beacon support (bsc#1240998).
- wifi: ath12k: add MBSSID beacon support (bsc#1240998).
- wifi: ath12k: add WoW net-detect functionality (bsc#1240998).
- wifi: ath12k: add basic WoW functionalities (bsc#1240998).
- wifi: ath12k: add channel 2 into 6 GHz channel list (bsc#1240998).
- wifi: ath12k: add hw_link_id in ath12k_pdev (bsc#1240998).
- wifi: ath12k: add missing lockdep_assert_wiphy() for ath12k_mac_op_ functions (bsc#1240998).
- wifi: ath12k: add multi device support for WBM idle ring buffer setup (bsc#1240998).
- wifi: ath12k: add multiple radio support in a single MAC HW un/register (bsc#1240998).
- wifi: ath12k: add panic handler (bsc#1240998).
- wifi: ath12k: add support to handle beacon miss for WCN7850 (bsc#1240998).
- wifi: ath12k: advertise driver capabilities for MBSSID and EMA (bsc#1240998).
- wifi: ath12k: allocate dummy net_device dynamically (bsc#1240998).
- wifi: ath12k: ath12k_mac_op_set_key(): fix uninitialized symbol 'ret' (bsc#1240998).
- wifi: ath12k: ath12k_mac_op_sta_state(): clean up update_wk cancellation (bsc#1240998).
- wifi: ath12k: ath12k_mac_set_key(): remove exit label (bsc#1240998).
- wifi: ath12k: avoid double SW2HW_MACID conversion (bsc#1240998).
- wifi: ath12k: avoid duplicated vdev down (bsc#1240998).
- wifi: ath12k: avoid redundant code in Rx cookie conversion init (bsc#1240998).
- wifi: ath12k: avoid stopping mac80211 queues in ath12k_core_restart() (bsc#1240998).
- wifi: ath12k: avoid unnecessary MSDU drop in the Rx error process (bsc#1240998).
- wifi: ath12k: change supports_suspend to true for WCN7850 (bsc#1240998).
- wifi: ath12k: cleanup unneeded labels (bsc#1240998).
- wifi: ath12k: configure MBSSID parameters in AP mode (bsc#1240998).
- wifi: ath12k: configure MBSSID params in vdev create/start (bsc#1240998).
- wifi: ath12k: convert struct ath12k_sta::update_wk to use struct wiphy_work (bsc#1240998).
- wifi: ath12k: correct the capital word typo (bsc#1240998).
- wifi: ath12k: create a structure for WMI vdev up parameters (bsc#1240998).
- wifi: ath12k: debugfs: radar simulation support (bsc#1240998).
- wifi: ath12k: decrease MHI channel buffer length to 8KB (bsc#1240998).
- wifi: ath12k: delete NSS and TX power setting for monitor vdev (bsc#1240998).
- wifi: ath12k: displace the Tx and Rx descriptor in cookie conversion table (bsc#1240998).
- wifi: ath12k: do not dump SRNG statistics during resume (bsc#1240998).
- wifi: ath12k: do not process consecutive RDDM event (bsc#1240998).
- wifi: ath12k: do not use %pK in dmesg format strings (bsc#1240998).
- wifi: ath12k: dynamic VLAN support (bsc#1240998).
- wifi: ath12k: dynamically update peer puncturing bitmap for STA (bsc#1240998).
- wifi: ath12k: enable WIPHY_FLAG_DISABLE_WEXT (bsc#1240998).
- wifi: ath12k: enable service flag for survey dump stats (bsc#1240998).
- wifi: ath12k: extend the link capable flag (bsc#1240998).
- wifi: ath12k: fetch correct radio based on vdev status (bsc#1240998).
- wifi: ath12k: fix A-MSDU indication in monitor mode (bsc#1240998).
- wifi: ath12k: fix ACPI warning when resume (bsc#1240998).
- wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (git-fixes).
- wifi: ath12k: fix NULL pointer access in ath12k_mac_op_get_survey() (bsc#1240998).
- wifi: ath12k: fix Smatch warnings on ath12k_core_suspend() (bsc#1240998).
- wifi: ath12k: fix a possible dead lock caused by ab->base_lock (stable-fixes).
- wifi: ath12k: fix ack signal strength calculation (bsc#1240998).
- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).
- wifi: ath12k: fix build vs old compiler (bsc#1240998).
- wifi: ath12k: fix calling correct function for rx monitor mode (bsc#1240998).
- wifi: ath12k: fix cleanup path after mhi init (git-fixes).
- wifi: ath12k: fix desc address calculation in wbm tx completion (bsc#1240998).
- wifi: ath12k: fix driver initialization for WoW unsupported devices (bsc#1240998).
- wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes).
- wifi: ath12k: fix flush failure in recovery scenarios (bsc#1240998).
- wifi: ath12k: fix hal_rx_buf_return_buf_manager documentation (bsc#1240998).
- wifi: ath12k: fix incorrect CE addresses (stable-fixes).
- wifi: ath12k: fix invalid access to memory (git-fixes).
- wifi: ath12k: fix key cache handling (bsc#1240998).
- wifi: ath12k: fix legacy peer association due to missing HT or 6 GHz capabilities (bsc#1240998).
- wifi: ath12k: fix link capable flags (bsc#1240998).
- wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes).
- wifi: ath12k: fix mac id extraction when MSDU spillover in rx error path (bsc#1240998).
- wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes).
- wifi: ath12k: fix mbssid max interface advertisement (bsc#1240998).
- wifi: ath12k: fix missing endianness conversion in wmi_vdev_create_cmd() (bsc#1240998).
- wifi: ath12k: fix misspelling of 'dma' in num_rxmda_per_pdev (bsc#1240998).
- wifi: ath12k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath12k: fix one more memcpy size error (bsc#1240998).
- wifi: ath12k: fix per pdev debugfs registration (bsc#1240998).
- wifi: ath12k: fix reusing outside iterator in ath12k_wow_vif_set_wakeups() (bsc#1240998).
- wifi: ath12k: fix ring-buffer corruption (git-fixes).
- wifi: ath12k: fix skb_ext_desc leak in ath12k_dp_tx() error path (bsc#1240998).
- wifi: ath12k: fix struct hal_rx_mpdu_start (bsc#1240998).
- wifi: ath12k: fix struct hal_rx_phyrx_rssi_legacy_info (bsc#1240998).
- wifi: ath12k: fix struct hal_rx_ppdu_end_user_stats (bsc#1240998).
- wifi: ath12k: fix struct hal_rx_ppdu_start (bsc#1240998).
- wifi: ath12k: fix survey dump collection in 6 GHz (bsc#1240998).
- wifi: ath12k: fix the ampdu id fetch in the HAL_RX_MPDU_START TLV (stable-fixes).
- wifi: ath12k: fix the stack frame size warning in ath12k_mac_op_hw_scan (bsc#1240998).
- wifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup() (bsc#1240998).
- wifi: ath12k: fix warning on DMA ring capabilities event (bsc#1240998).
- wifi: ath12k: flush all packets before suspend (bsc#1240998).
- wifi: ath12k: handle keepalive during WoWLAN suspend and resume (bsc#1240998).
- wifi: ath12k: handle symlink cleanup for per pdev debugfs dentry (bsc#1240998).
- wifi: ath12k: implement WoW enable and wakeup commands (bsc#1240998).
- wifi: ath12k: implement hardware data filter (bsc#1240998).
- wifi: ath12k: improve the rx descriptor error information (bsc#1240998).
- wifi: ath12k: initial debugfs support (bsc#1240998).
- wifi: ath12k: make read-only array svc_id static const (bsc#1240998).
- wifi: ath12k: modify ath12k mac start/stop ops for single wiphy (bsc#1240998).
- wifi: ath12k: modify ath12k_get_arvif_iter() for MLO (bsc#1240998).
- wifi: ath12k: modify ath12k_mac_op_bss_info_changed() for MLO (bsc#1240998).
- wifi: ath12k: modify ath12k_mac_op_set_key() for MLO (bsc#1240998).
- wifi: ath12k: modify ath12k_mac_vif_chan() for MLO (bsc#1240998).
- wifi: ath12k: modify link arvif creation and removal for MLO (bsc#1240998).
- wifi: ath12k: modify regulatory support for single wiphy architecture (bsc#1240998).
- wifi: ath12k: modify remain on channel for single wiphy (bsc#1240998).
- wifi: ath12k: move txbaddr/rxbaddr into struct ath12k_dp (bsc#1240998).
- wifi: ath12k: no need to handle pktlog during suspend/resume (bsc#1240998).
- wifi: ath12k: pass ath12k_link_vif instead of vif/ahvif (bsc#1240998).
- wifi: ath12k: prepare sta data structure for MLO handling (bsc#1240998).
- wifi: ath12k: prepare vif config caching for MLO (bsc#1240998).
- wifi: ath12k: prepare vif data structure for MLO handling (bsc#1240998).
- wifi: ath12k: read single_chip_mlo_support parameter from QMI PHY capability (bsc#1240998).
- wifi: ath12k: rearrange IRQ enable/disable in reset path (bsc#1240998).
- wifi: ath12k: refactor SMPS configuration (bsc#1240998).
- wifi: ath12k: refactor arvif security parameter configuration (bsc#1240998).
- wifi: ath12k: refactor ath12k_hw_regs structure (stable-fixes).
- wifi: ath12k: refactor rx descriptor CMEM configuration (bsc#1240998).
- wifi: ath12k: remove MHI LOOPBACK channels (bsc#1240998).
- wifi: ath12k: remove duplicate definition of MAX_RADIOS (bsc#1240998).
- wifi: ath12k: remove duplicate definitions in wmi.h (bsc#1240998).
- wifi: ath12k: remove invalid peer create logic (bsc#1240998).
- wifi: ath12k: remove obsolete struct wmi_start_scan_arg (bsc#1240998).
- wifi: ath12k: remove redundant peer delete for WCN7850 (bsc#1240998).
- wifi: ath12k: remove unused variable monitor_flags (bsc#1240998).
- wifi: ath12k: remove unused variable monitor_present (bsc#1240998).
- wifi: ath12k: rename MBSSID fields in wmi_vdev_up_cmd (bsc#1240998).
- wifi: ath12k: restore ASPM for supported hardwares only (bsc#1240998).
- wifi: ath12k: scan statemachine changes for single wiphy (bsc#1240998).
- wifi: ath12k: set mlo_capable_flags based on QMI PHY capability (bsc#1240998).
- wifi: ath12k: skip sending vdev down for channel switch (bsc#1240998).
- wifi: ath12k: support ARP and NS offload (bsc#1240998).
- wifi: ath12k: support GTK rekey offload (bsc#1240998).
- wifi: ath12k: support SMPS configuration for 6 GHz (bsc#1240998).
- wifi: ath12k: support get_survey mac op for single wiphy (bsc#1240998).
- wifi: ath12k: support suspend/resume (bsc#1240998).
- wifi: ath12k: switch to using wiphy_lock() and remove ar->conf_mutex (bsc#1240998).
- wifi: ath12k: unregister per pdev debugfs (bsc#1240998).
- wifi: ath12k: update ath12k_mac_op_conf_tx() for MLO (bsc#1240998).
- wifi: ath12k: update ath12k_mac_op_update_vif_offload() for MLO (bsc#1240998).
- wifi: ath12k: use 128 bytes aligned iova in transmit path for WCN7850 (bsc#1240998).
- wifi: ath12k: use correct MAX_RADIOS (bsc#1240998).
- wifi: ath12k: use tail MSDU to get MSDU information (bsc#1240998).
- wifi: ath12k: using msdu end descriptor to check for rx multicast packets (stable-fixes).
- wifi: ath12k: vdev statemachine changes for single wiphy (bsc#1240998).
- wifi: ath9k: return by of_get_mac_address (stable-fixes).
- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).
- wifi: carl9170: do not ping device which has failed to load firmware (git-fixes).
- wifi: cfg80211: allow IR in 20 MHz configurations (stable-fixes).
- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).
- wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes).
- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).
- wifi: iwlwifi: do not warn during reprobe (stable-fixes).
- wifi: iwlwifi: do not warn when if there is a FW error (stable-fixes).
- wifi: iwlwifi: fix debug actions order (stable-fixes).
- wifi: iwlwifi: fix the ECKV UEFI variable name (stable-fixes).
- wifi: iwlwifi: mark Br device not integrated (stable-fixes).
- wifi: iwlwifi: mvm: fix beacon CCK flag (stable-fixes).
- wifi: iwlwifi: mvm: fix setting the TK when associated (stable-fixes).
- wifi: iwlwifi: pcie: make sure to lock rxq->read (stable-fixes).
- wifi: iwlwifi: use correct IMR dump variable (stable-fixes).
- wifi: iwlwifi: w/a FW SMPS mode selection (stable-fixes).
- wifi: mac80211: VLAN traffic in multicast path (stable-fixes).
- wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes).
- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).
- wifi: mac80211: fix beacon interval calculation overflow (git-fixes).
- wifi: mac80211: fix warning on disconnect during failed ML reconf (stable-fixes).
- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).
- wifi: mac80211: set ieee80211_prep_tx_info::link_id upon Auth Rx (stable-fixes).
- wifi: mac80211: validate SCAN_FLAG_AP in scan request during MLO (stable-fixes).
- wifi: mac80211_hwsim: Fix MLD address translation (stable-fixes).
- wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes).
- wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes).
- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).
- wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes).
- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).
- wifi: mt76: mt7925: fix fails to enter low power mode in suspend state (stable-fixes).
- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).
- wifi: mt76: mt7925: introduce thermal protection (stable-fixes).
- wifi: mt76: mt7925: load the appropriate CLC data based on hardware type (stable-fixes).
- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).
- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).
- wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes).
- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).
- wifi: mt76: mt7996: revise TXS size (stable-fixes).
- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).
- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).
- wifi: mwifiex: Fix HT40 bandwidth issue (stable-fixes).
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).
- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).
- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).
- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).
- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (git-fixes).
- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).
- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).
- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).
- wifi: rtw89: 8922a: fix TX fail with wrong VCO setting (stable-fixes).
- wifi: rtw89: 8922a: fix incorrect STA-ID in EHT MU PPDU (stable-fixes).
- wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet (stable-fixes).
- wifi: rtw89: call power_on ahead before selecting firmware (stable-fixes).
- wifi: rtw89: fw: get sb_sel_ver via get_unaligned_le32() (stable-fixes).
- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).
- wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes).
- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).
- wifi: rtw89: phy: add dummy C2H event handler for report of TAS power (stable-fixes).
- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (stable-fixes).
- workqueue: Initialize wq_isolated_cpumask in workqueue_init_early() (bsc#1245101 jsc#PED-11934).
- x86/acpi: Fix LAPIC/x2APIC parsing order (git-fixes).
- x86/amd_nb, hwmon: (k10temp): Simplify amd_pci_dev_to_node_id() (jsc#PED-13094).
- x86/amd_nb: Clean up early_is_amd_nb() (jsc#PED-13094).
- x86/amd_nb: Move SMN access code to a new amd_node driver (jsc#PED-13094).
- x86/amd_nb: Restrict init function to AMD-based systems (jsc#PED-13094).
- x86/amd_nb: Simplify function 4 search (jsc#PED-13094).
- x86/amd_nb: Simplify root device search (jsc#PED-13094).
- x86/amd_node: Add SMN offsets to exclusive region access (jsc#PED-13094).
- x86/amd_node: Add support for debugfs access to SMN registers (jsc#PED-13094).
- x86/amd_node: Remove dependency on AMD_NB (jsc#PED-13094).
- x86/amd_node: Update __amd_smn_rw() error paths (jsc#PED-13094).
- x86/amd_node: Use defines for SMN register offsets (jsc#PED-13094).
- x86/fred/signal: Prevent immediate repeat of single step trap on return from SIGTRAP handler (git-fixes).
- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).
- x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).
- x86/mce/amd: Remove shared threshold bank plumbing (jsc#PED-13094).
- x86/microcode/AMD: Add get_patch_level() (git-fixes).
- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).
- x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes).
- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).
- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).
- x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes).
- x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes).
- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).
- x86/microcode: Consolidate the loader enablement checking (git-fixes).
- x86/mm/init: Handle the special case of device private pages in add_pages(), to not increase max_pfn and trigger dma_addressing_limited() bounce buffers (git-fixes).
- x86/platform/amd: Move the <asm/amd_hsmp.h> header to <asm/amd/hsmp.h> (jsc#PED-13094).
- x86/sev: Add SVSM vTPM probe/send_command functions (bsc#1241191).
- x86/sev: Provide guest VMPL level to userspace (bsc#1241191).
- x86/sev: Register tpm-svsm platform device (bsc#1241191).
- x86/xen: fix balloon target initialization for PVH dom0 (git-fixes).
- x86: Start moving AMD node functionality out of AMD_NB (jsc#PED-13094).
- xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)
- xen/x86: fix initial memory balloon target (git-fixes).
- xhci: dbc: Avoid event polling busyloop if pending rx transfers are inactive (git-fixes).
- xsk: always clear DMA mapping information when unmapping the pool (git-fixes).
Patchnames
SUSE-2025-2307,SUSE-SLE-Module-Basesystem-15-SP7-2025-2307,SUSE-SLE-Module-Development-Tools-15-SP7-2025-2307,SUSE-SLE-Module-Legacy-15-SP7-2025-2307,SUSE-SLE-Module-Live-Patching-15-SP7-2025-2307,SUSE-SLE-Product-HA-15-SP7-2025-2307,SUSE-SLE-Product-WE-15-SP7-2025-2307
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP7 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).\n- CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728).\n- CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913).\n- CVE-2024-57995: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() (bsc#1237895).\n- CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982).\n- CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859).\n- CVE-2025-21868: kABI workaround for adding an header (bsc#1240180).\n- CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610).\n- CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577).\n- CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).\n- CVE-2025-21938: mptcp: fix \u0027scheduling while atomic\u0027 in mptcp_pm_nl_append_new_local_addr (bsc#1240723).\n- CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814).\n- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).\n- CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544).\n- CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572).\n- CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617).\n- CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573).\n- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).\n- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).\n- CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).\n- CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521).\n- CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725).\n- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).\n- CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850).\n- CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907).\n- CVE-2025-37837: iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent() (bsc#1242952).\n- CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946).\n- CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051).\n- CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982).\n- CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954).\n- CVE-2025-37874: net: ngbe: fix memory leak in ngbe_probe() error path (bsc#1242940).\n- CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060).\n- CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467).\n- CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475).\n- CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480).\n- CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551).\n- CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620).\n- CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628).\n- CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU\u0027s value (bsc#1243537).\n- CVE-2025-37938: tracing: Verify event formats that have \u0027%*p..\u0027 (bsc#1243544).\n- CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538).\n- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).\n- CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523).\n- CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572).\n- CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571).\n- CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542).\n- CVE-2025-37992: net_sched: Flush gso_skb list too during -\u003echange() (bsc#1243698).\n- CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827).\n- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).\n- CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836).\n- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).\n- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).\n- CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729).\n- CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999).\n- CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746).\n- CVE-2025-38055: perf/x86/intel: Fix segfault with PEBS-via-PT with sample_freq (bsc#1244747).\n- CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862).\n- CVE-2025-38060: bpf: abort verification if env-\u003ecur_state-\u003eloop_entry != NULL (bsc#1245155).\n- CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743).\n\nThe following non-security bugs were fixed:\n\n- ACPI: Add missing prototype for non CONFIG_SUSPEND/CONFIG_X86 case (stable-fixes).\n- ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes).\n- ACPI: HED: Always initialize before evged (stable-fixes).\n- ACPI: OSI: Stop advertising support for \u00273.0 _SCP Extensions\u0027 (git-fixes).\n- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).\n- ACPI: battery: negate current when discharging (stable-fixes).\n- ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes).\n- ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes).\n- ACPICA: Utilities: Fix spelling mistake \u0027Incremement\u0027 -\u003e \u0027Increment\u0027 (git-fixes).\n- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).\n- ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes).\n- ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).\n- ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes).\n- ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes).\n- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).\n- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).\n- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).\n- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes).\n- ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes).\n- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).\n- ALSA: seq: Improve data consistency at polling (stable-fixes).\n- ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes).\n- ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).\n- ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes).\n- ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes).\n- ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).\n- ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes).\n- ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git-fixes).\n- ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes).\n- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes).\n- ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes).\n- ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes).\n- ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes).\n- ALSA: usb-audio: Skip setting clock selector for single connections (stable-fixes).\n- ALSA: usb-audio: Support multiple control interfaces (stable-fixes).\n- ALSA: usb-audio: Support read-only clock selector control (stable-fixes).\n- ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes).\n- ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes).\n- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).\n- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).\n- ASoC: SOF: Intel: hda-bus: Use PIO mode on ACE2+ platforms (git-fixes).\n- ASoC: SOF: ipc4-pcm: Adjust pipeline_list-\u003epipelines allocation type (git-fixes).\n- ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes).\n- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).\n- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).\n- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).\n- ASoC: cs42l43: Disable headphone clamps during type detection (stable-fixes).\n- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).\n- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).\n- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).\n- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).\n- ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY() (git-fixes).\n- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).\n- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).\n- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).\n- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).\n- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).\n- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).\n- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).\n- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).\n- ASoC: tas2764: Enable main IRQs (git-fixes).\n- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).\n- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).\n- ASoC: tas2764: Reinit cache on part reset (git-fixes).\n- ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes).\n- ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes).\n- ASoC: ti: omap-hdmi: Re-add dai_link-\u003eplatform to fix card init (git-fixes).\n- Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes).\n- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).\n- Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes).\n- Bluetooth: MGMT: Fix sparse errors (git-fixes).\n- Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes).\n- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).\n- Bluetooth: Remove pending ACL connection attempts (stable-fixes).\n- Bluetooth: btintel: Check dsbr size from EFI variable (git-fixes).\n- Bluetooth: btintel_pcie: Fix driver not posting maximum rx buffers (git-fixes).\n- Bluetooth: btintel_pcie: Increase the tx and rx descriptor count (git-fixes).\n- Bluetooth: btintel_pcie: Reduce driver buffer posting to prevent race condition (git-fixes).\n- Bluetooth: eir: Fix possible crashes on eir_create_adv_data (git-fixes).\n- Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git-fixes).\n- Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes).\n- Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes).\n- Bluetooth: hci_event: Fix not using key encryption size when its known (git-fixes).\n- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).\n- Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes).\n- Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).\n- Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes).\n- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).\n- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).\n- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).\n- Documentation: ACPI: Use all-string data node references (git-fixes).\n- Documentation: fix typo in root= kernel parameter description (git-fixes).\n- HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes).\n- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).\n- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).\n- HID: wacom: fix kobject reference count leak (git-fixes).\n- HID: wacom: fix memory leak on kobject creation failure (git-fixes).\n- HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes).\n- IB/cm: Drop lockdep assert and WARN when freeing old msg (git-fixes)\n- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).\n- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).\n- Input: sparcspkr - avoid unannotated fall-through (stable-fixes).\n- Input: xpad - add more controllers (stable-fixes).\n- KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199).\n- KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225).\n- MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241) Fixes: 0999112774fc (\u0027MyBS: Use buildflags to set which package to build\u0027)\n- MyBS: Do not build kernel-obs-qa with limit_packages Fixes: 58e3f8c34b2b (\u0027bs-upload-kernel: Pass limit_packages also on multibuild\u0027)\n- MyBS: Simplify qa_expr generation Start with a 0 which makes the expression valid even if there are no QA repositories (currently does not happen). Then separator is always needed.\n- NFC: nci: uart: Set tty-\u003edisc_data only in success path (git-fixes).\n- NFS: Do not allow waiting for exiting tasks (git-fixes).\n- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).\n- NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes).\n- NFSv4: Treat ENETUNREACH errors as fatal for state recovery (git-fixes).\n- PCI/DPC: Initialize aer_err_info before using it (git-fixes).\n- PCI/DPC: Log Error Source ID only when valid (git-fixes).\n- PCI/DPC: Use defines with DPC reason fields (git-fixes).\n- PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes).\n- PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes).\n- PCI: Add ACS quirk for Loongson PCIe (stable-fixes).\n- PCI: Explicitly put devices into D0 when initializing (git-fixes).\n- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).\n- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).\n- PCI: apple: Set only available ports up (git-fixes).\n- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).\n- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).\n- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).\n- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).\n- PCI: cadence: Fix runtime atomic count underflow (git-fixes).\n- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).\n- PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes).\n- PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes).\n- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).\n- PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).\n- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).\n- PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes).\n- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).\n- PM: sleep: Print PM debug messages during hibernation (git-fixes).\n- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).\n- RDMA/core: Fix best page size finding when it can cross SG entries (git-fixes)\n- RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)\n- Remove compress-vmlinux.sh /usr/lib/rpm/brp-suse.d/brp-99-compress-vmlinux was added in pesign-obs-integration during SLE12 RC. This workaround can be removed.\n- Remove host-memcpy-hack.h This might have been usefult at some point but we have more things that depend on specific library versions today.\n- Remove try-disable-staging-driver The config for linux-next is autogenerated from master config, and defaults filled for missing options. This is unlikely to enable any staging driver in the first place.\n- Revert \u0027ALSA: usb-audio: Skip setting clock selector for single connections\u0027 (stable-fixes).\n- Revert \u0027arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes)\n- Revert \u0027bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first\u0027 (stable-fixes).\n- Revert \u0027drm/amdgpu: do not allow userspace to create a doorbell BO\u0027 (stable-fixes).\n- Revert \u0027ipv6: save dontfrag in cork (git-fixes).\u0027\n- Revert \u0027kABI: ipv6: save dontfrag in cork (git-fixes).\u0027\n- Revert \u0027wifi: mt76: mt7996: fill txd by host driver\u0027 (stable-fixes).\n- Revert \u0027wifi: mwifiex: Fix HT40 bandwidth issue.\u0027 (git-fixes).\n- SUNRPC: Do not allow waiting for exiting tasks (git-fixes).\n- SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes).\n- SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git-fixes).\n- SUNRPC: rpcbind should never reset the port to the value \u00270\u0027 (git-fixes).\n- USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes).\n- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).\n- accel/ivpu: Improve buffer object logging (git-fixes).\n- accel/ivpu: Use dma_resv_lock() instead of a custom mutex (git-fixes).\n- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).\n- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).\n- add bug reference to existing hv_storvsc change (bsc#1245455).\n- arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)\n- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes).\n- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes).\n- ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes).\n- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).\n- bnxt: properly flush XDP redirect lists (git-fixes).\n- bpf: Force uprobe bpf program to always return 0 (git-fixes).\n- bs-upload-kernel: Pass limit_packages also on multibuild Fixes: 0999112774fc (\u0027MyBS: Use buildflags to set which package to build\u0027) Fixes: 747f601d4156 (\u0027bs-upload-kernel, MyBS, Buildresults: Support multibuild (JSC-SLE#5501, boo#1211226, bsc#1218184)\u0027)\n- btrfs: fix fsync of files with no hard links not persisting deletion (git-fixes).\n- btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes).\n- btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes).\n- btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes).\n- btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes).\n- btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes).\n- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).\n- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).\n- bus: fsl-mc: fix double-free on mc_dev (git-fixes).\n- bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes).\n- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).\n- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes).\n- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).\n- can: tcan4x5x: fix power regulator retrieval during probe (git-fixes).\n- ceph: Fix incorrect flush end position calculation (git-fixes).\n- ceph: allocate sparse_ext map only for sparse reads (git-fixes).\n- ceph: fix memory leaks in __ceph_sync_read() (git-fixes).\n- cgroup/cpuset: Do not allow creation of local partition over a remote one (bsc#1241166).\n- cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166).\n- cifs: change tcon status when need_reconnect is set on it (git-fixes).\n- clocksource: Fix brown-bag boolean thinko in (git-fixes)\n- clocksource: Make watchdog and suspend-timing multiplication (git-fixes)\n- crypto: lrw - Only add ecb if it is not already there (git-fixes).\n- crypto: lzo - Fix compression buffer overrun (stable-fixes).\n- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).\n- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).\n- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).\n- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).\n- crypto: qat - add shutdown handler to qat_420xx (git-fixes).\n- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).\n- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).\n- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).\n- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).\n- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).\n- crypto: xts - Only add ecb if it is not already there (git-fixes).\n- devlink: Fix referring to hw_addr attribute during state validation (git-fixes).\n- devlink: fix port dump cmd type (git-fixes).\n- dlm: mask sk_shutdown value (bsc#1228854).\n- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).\n- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).\n- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).\n- drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes).\n- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).\n- drm/amd/display: Add debugging message for brightness caps (bsc#1240650).\n- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).\n- drm/amd/display: Add support for disconnected eDP streams (stable-fixes).\n- drm/amd/display: Call FP Protect Before Mode Programming/Mode Support (stable-fixes).\n- drm/amd/display: Configure DTBCLK_P with OPTC only for dcn401 (stable-fixes).\n- drm/amd/display: Correct timing_adjust_pending flag setting (stable-fixes).\n- drm/amd/display: Defer BW-optimization-blocked DRR adjustments (git-fixes).\n- drm/amd/display: Do not enable replay when vtotal update is pending (stable-fixes).\n- drm/amd/display: Do not treat wb connector as physical in create_validate_stream_for_sink (stable-fixes).\n- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).\n- drm/amd/display: Ensure DMCUB idle before reset on DCN31/DCN35 (stable-fixes).\n- drm/amd/display: Fix BT2020 YCbCr limited/full range input (stable-fixes).\n- drm/amd/display: Fix DMUB reset sequence for DCN401 (stable-fixes).\n- drm/amd/display: Fix default DC and AC levels (bsc#1240650).\n- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).\n- drm/amd/display: Fix p-state type when p-state is unsupported (stable-fixes).\n- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).\n- drm/amd/display: Guard against setting dispclk low when active (stable-fixes).\n- drm/amd/display: Increase block_sequence array size (stable-fixes).\n- drm/amd/display: Initial psr_version with correct setting (stable-fixes).\n- drm/amd/display: Populate register address for dentist for dcn401 (stable-fixes).\n- drm/amd/display: Read LTTPR ALPM caps during link cap retrieval (stable-fixes).\n- drm/amd/display: Request HW cursor on DCN3.2 with SubVP (stable-fixes).\n- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).\n- drm/amd/display: Support multiple options during psr entry (stable-fixes).\n- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).\n- drm/amd/display: Use Nominal vBlank If Provided Instead Of Capping It (stable-fixes).\n- drm/amd/display: calculate the remain segments for all pipes (stable-fixes).\n- drm/amd/display: check stream id dml21 wrapper to get plane_id (stable-fixes).\n- drm/amd/display: fix dcn4x init failed (stable-fixes).\n- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).\n- drm/amd/display: handle max_downscale_src_width fail check (stable-fixes).\n- drm/amd/display: not abort link train when bw is low (stable-fixes).\n- drm/amd/display: pass calculated dram_speed_mts to dml2 (stable-fixes).\n- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).\n- drm/amd/pm: Fetch current power limit from PMFW (stable-fixes).\n- drm/amd/pm: Skip P2S load for SMU v13.0.12 (stable-fixes).\n- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).\n- drm/amd: Adjust output for discovery error handling (git-fixes).\n- drm/amdgpu/discovery: check ip_discovery fw file available (stable-fixes).\n- drm/amdgpu/gfx11: do not read registers in mqd init (stable-fixes).\n- drm/amdgpu/gfx12: do not read registers in mqd init (stable-fixes).\n- drm/amdgpu/mes11: fix set_hw_resources_1 calculation (stable-fixes).\n- drm/amdgpu: Allow P2P access through XGMI (stable-fixes).\n- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).\n- drm/amdgpu: Fix missing drain retry fault the last entry (stable-fixes).\n- drm/amdgpu: Fix the race condition for draining retry fault (stable-fixes).\n- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).\n- drm/amdgpu: Skip pcie_replay_count sysfs creation for VF (stable-fixes).\n- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).\n- drm/amdgpu: Use active umc info from discovery (stable-fixes).\n- drm/amdgpu: adjust drm_firmware_drivers_only() handling (stable-fixes).\n- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).\n- drm/amdgpu: read back register after written for VCN v4.0.5 (stable-fixes).\n- drm/amdgpu: release xcp_mgr on exit (stable-fixes).\n- drm/amdgpu: remove all KFD fences from the BO on release (stable-fixes).\n- drm/amdgpu: reset psp-\u003ecmd to NULL after releasing the buffer (stable-fixes).\n- drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).\n- drm/amdkfd: Correct F8_MODE for gfx950 (git-fixes).\n- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).\n- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).\n- drm/amdkfd: Set per-process flags only once for gfx9/10/11/12 (stable-fixes).\n- drm/amdkfd: fix missing L2 cache info in topology (stable-fixes).\n- drm/amdkfd: set precise mem ops caps to disabled for gfx 11 and 12 (stable-fixes).\n- drm/ast: Find VBIOS mode from regular display size (stable-fixes).\n- drm/ast: Fix comment on modeset lock (git-fixes).\n- drm/atomic: clarify the rules around drm_atomic_state-\u003eallow_modeset (stable-fixes).\n- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).\n- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).\n- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).\n- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).\n- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).\n- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).\n- drm/buddy: fix issue that force_merge cannot free all roots (stable-fixes).\n- drm/etnaviv: Protect the scheduler\u0027s pending list with its lock (git-fixes).\n- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).\n- drm/i915/guc: Check if expecting reply before decrementing outstanding_submission_g2h (git-fixes).\n- drm/i915/guc: Handle race condition where wakeref count drops below 0 (git-fixes).\n- drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes).\n- drm/i915/psr: Fix using wrong mask in REG_FIELD_PREP (git-fixes).\n- drm/i915: fix build error some more (git-fixes).\n- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).\n- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).\n- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).\n- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).\n- drm/msm/a6xx: Disable rgb565_predicator on Adreno 7c3 (git-fixes).\n- drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (git-fixes).\n- drm/msm/disp: Correct porch timing for SDM845 (git-fixes).\n- drm/msm/dpu: Clear CTL_FETCH_PIPE_ACTIVE before blend setup (git-fixes).\n- drm/msm/dpu: Clear CTL_FETCH_PIPE_ACTIVE on ctl_path reset (git-fixes).\n- drm/msm/dpu: enable SmartDMA on SC8180X (git-fixes).\n- drm/msm/dpu: enable SmartDMA on SM8150 (git-fixes).\n- drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes).\n- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).\n- drm/msm: Fix CP_RESET_CONTEXT_STATE bitfield names (git-fixes).\n- drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes).\n- drm/nouveau: fix the broken marco GSP_MSG_MAX_SIZE (stable-fixes).\n- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).\n- drm/panel-simple: fix the warnings for the Evervision VGG644804 (git-fixes).\n- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).\n- drm/panic: add missing space (git-fixes).\n- drm/panthor: Fix GPU_COHERENCY_ACE[_LITE] definitions (git-fixes).\n- drm/panthor: Update panthor_mmu::irq::mask when needed (git-fixes).\n- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).\n- drm/rockchip: vop2: Improve display modes handling on RK3588 HDMI0 (stable-fixes).\n- drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).\n- drm/tegra: Assign plane type before registration (git-fixes).\n- drm/tegra: Fix a possible null pointer dereference (git-fixes).\n- drm/tegra: rgb: Fix the unbound reference count (git-fixes).\n- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).\n- drm/v3d: Add clock handling (stable-fixes).\n- drm/v3d: Avoid NULL pointer dereference in `v3d_job_update_stats()` (stable-fixes).\n- drm/vc4: tests: Use return instead of assert (git-fixes).\n- drm/vkms: Adjust vkms_state-\u003eactive_planes allocation type (git-fixes).\n- drm/vmwgfx: Add error path for xa_store in vmw_bo_add_detached_resource (git-fixes).\n- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).\n- drm/vmwgfx: Fix dumb buffer leak (git-fixes).\n- drm/xe/bmg: Update Wa_16023588340 (git-fixes).\n- drm/xe/d3cold: Set power state to D3Cold during s2idle/s3 (git-fixes).\n- drm/xe/debugfs: Add missing xe_pm_runtime_put in wedge_mode_set (stable-fixes).\n- drm/xe/debugfs: fixed the return value of wedged_mode_set (stable-fixes).\n- drm/xe/display: Add check for alloc_ordered_workqueue() (git-fixes).\n- drm/xe/gt: Update handling of xe_force_wake_get return (stable-fixes).\n- drm/xe/oa: Ensure that polled read returns latest data (stable-fixes).\n- drm/xe/pf: Create a link between PF and VF devices (stable-fixes).\n- drm/xe/pf: Reset GuC VF config when unprovisioning critical resource (stable-fixes).\n- drm/xe/relay: Do not use GFP_KERNEL for new transactions (stable-fixes).\n- drm/xe/sa: Always call drm_suballoc_manager_fini() (stable-fixes).\n- drm/xe/sched: stop re-submitting signalled jobs (git-fixes).\n- drm/xe/vf: Retry sending MMIO request to GUC on timeout error (stable-fixes).\n- drm/xe/vm: move rebind_work init earlier (git-fixes).\n- drm/xe/xe2hpg: Add Wa_22021007897 (stable-fixes).\n- drm/xe: Create LRC BO without VM (git-fixes).\n- drm/xe: Do not attempt to bootstrap VF in execlists mode (stable-fixes).\n- drm/xe: Fix memset on iomem (git-fixes).\n- drm/xe: Fix xe_tile_init_noalloc() error propagation (stable-fixes).\n- drm/xe: Make xe_gt_freq part of the Documentation (git-fixes).\n- drm/xe: Move suballocator init to after display init (stable-fixes).\n- drm/xe: Nuke VM\u0027s mapping upon close (stable-fixes).\n- drm/xe: Process deferred GGTT node removals on device unwind (git-fixes).\n- drm/xe: Reject BO eviction if BO is bound to current VM (stable-fixes).\n- drm/xe: Retry BO allocation (stable-fixes).\n- drm/xe: Rework eviction rejection of bound external bos (git-fixes).\n- drm/xe: Save the gt pointer in lrc and drop the tile (stable-fixes).\n- drm/xe: Stop ignoring errors from xe_ttm_stolen_mgr_init() (stable-fixes).\n- drm/xe: Wire up device shutdown handler (stable-fixes).\n- drm/xe: remove unmatched xe_vm_unlock() from __xe_exec_queue_init() (git-fixes).\n- drm/xe: xe_gen_wa_oob: replace program_invocation_short_name (stable-fixes).\n- drm: Add valid clones check (stable-fixes).\n- drm: bridge: adv7511: fill stream capabilities (stable-fixes).\n- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).\n- dummycon: Trigger redraw when switching consoles with deferred takeover (git-fixes).\n- e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes).\n- efi/libstub: Describe missing \u0027out\u0027 parameter in efi_load_initrd (git-fixes).\n- fbcon: Make sure modelist not set on unregistered console (stable-fixes).\n- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).\n- fbdev/efifb: Remove PM for parent device (bsc#1244261).\n- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).\n- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).\n- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).\n- fgraph: Still initialize idle shadow stacks when starting (git-fixes).\n- firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes).\n- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).\n- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).\n- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).\n- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).\n- fpga: altera-cvp: Increase credit timeout (stable-fixes).\n- fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes).\n- gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).\n- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).\n- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).\n- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).\n- gpiolib: Revert \u0027Do not WARN on gpiod_put() for optional GPIO\u0027 (stable-fixes).\n- gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes).\n- gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes).\n- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).\n- hwmon: (dell-smm) Increment the number of fans (stable-fixes).\n- hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).\n- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).\n- hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes).\n- hwmon: (occ) Rework attribute registration for stack usage (git-fixes).\n- hwmon: (occ) fix unaligned accesses (git-fixes).\n- hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes).\n- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).\n- hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes).\n- i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes).\n- i2c: npcm: Add clock toggle recovery (stable-fixes).\n- i2c: pxa: fix call balance of i2c-\u003eclk handling routines (stable-fixes).\n- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).\n- i2c: robotfuzz-osif: disable zero-length read messages (git-fixes).\n- i2c: tegra: check msg length in SMBUS block read (bsc#1242086)\n- i2c: tiny-usb: disable zero-length read messages (git-fixes).\n- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).\n- i3c: master: svc: Fix missing STOP for master request (stable-fixes).\n- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).\n- i40e: retry VFLR handling if there is ongoing VF reset (git-fixes).\n- i40e: return false from i40e_reset_vf if reset is in progress (git-fixes).\n- ice: Fix LACP bonds without SRIOV environment (git-fixes).\n- ice: create new Tx scheduler nodes for new queues only (git-fixes).\n- ice: fix Tx scheduler error handling in XDP callback (git-fixes).\n- ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes).\n- ice: fix vf-\u003enum_mac count with port representors (git-fixes).\n- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).\n- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).\n- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).\n- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).\n- iio: filter: admv8818: Support frequencies \u003e= 2^32 (git-fixes).\n- iio: filter: admv8818: fix band 4, state 15 (git-fixes).\n- iio: filter: admv8818: fix integer overflow (git-fixes).\n- iio: filter: admv8818: fix range calculation (git-fixes).\n- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).\n- ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650).\n- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).\n- intel_th: avoid using deprecated page-\u003emapping, index fields (stable-fixes).\n- iommu: Protect against overflow in iommu_pgsize() (git-fixes).\n- iommu: Skip PASID validation for devices without PASID capability (bsc#1244100)\n- iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)\n- ip6mr: fix tables suspicious RCU usage (git-fixes).\n- ip_tunnel: annotate data-races around t-\u003eparms.link (git-fixes).\n- ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes).\n- ipmr: fix tables suspicious RCU usage (git-fixes).\n- ipv4: Convert ip_route_input() to dscp_t (git-fixes).\n- ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes).\n- ipv6: save dontfrag in cork (git-fixes).\n- ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes).\n- isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).\n- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).\n- jffs2: check that raw node were preallocated before writing summary (git-fixes).\n- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).\n- kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).\n- kABI: ipv6: save dontfrag in cork (git-fixes).\n- kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).\n- kabi: restore layout of struct cgroup_subsys (bsc#1241166).\n- kabi: restore layout of struct mem_control (jsc#PED-12551).\n- kabi: restore layout of struct page_counter (jsc#PED-12551).\n- kernel-source: Do not use multiple -r in sed parameters\n- kernel-source: Remove log.sh from sources\n- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).\n- loop: Add sanity check for read/write_iter (git-fixes).\n- loop: add file_start_write() and file_end_write() (git-fixes).\n- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).\n- md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes).\n- md/raid1: Add check for missing source disk in process_checks() (git-fixes).\n- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).\n- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).\n- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).\n- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).\n- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).\n- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).\n- media: cx231xx: set device_caps for 417 (stable-fixes).\n- media: cxusb: no longer judge rbuf when the write fails (git-fixes).\n- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).\n- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).\n- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).\n- media: imx-jpeg: Cleanup after an allocation error (git-fixes).\n- media: imx-jpeg: Drop the first error frames (git-fixes).\n- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).\n- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).\n- media: intel/ipu6: Fix dma mask for non-secure mode (git-fixes).\n- media: ipu6: Remove workaround for Meteor Lake ES2 (git-fixes).\n- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).\n- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).\n- media: ov2740: Move pm-runtime cleanup on probe-errors to proper place (git-fixes).\n- media: ov5675: suppress probe deferral errors (git-fixes).\n- media: ov8856: suppress probe deferral errors (git-fixes).\n- media: platform: mtk-mdp3: Remove unused mdp_get_plat_device (git-fixes).\n- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).\n- media: rkvdec: Fix frame size enumeration (git-fixes).\n- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).\n- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).\n- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).\n- media: uvcvideo: Fix deferred probing error (git-fixes).\n- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).\n- media: uvcvideo: Return the number of processed controls (git-fixes).\n- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).\n- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).\n- media: venus: Fix probe error handling (git-fixes).\n- media: verisilicon: Free post processor buffers on error (git-fixes).\n- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).\n- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).\n- media: vivid: Change the siize of the composing (git-fixes).\n- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).\n- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).\n- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).\n- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).\n- mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551).\n- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).\n- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).\n- mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551).\n- mmc: Add quirk to disable DDR50 tuning (stable-fixes).\n- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).\n- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).\n- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).\n- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).\n- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).\n- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).\n- neighbour: Do not let neigh_forced_gc() disable preemption for long (git-fixes).\n- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes).\n- net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes).\n- net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes).\n- net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes).\n- net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes).\n- net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).\n- net/mlx5: Fix return value when searching for existing flow group (git-fixes).\n- net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes).\n- net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).\n- net/neighbor: clear error in case strict check is not set (git-fixes).\n- net/sched: fix use-after-free in taprio_dev_notifier (git-fixes).\n- net: Fix TOCTOU issue in sk_is_readable() (git-fixes).\n- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes).\n- net: add rcu safety to rtnl_prop_list_size() (git-fixes).\n- net: fix udp gso skb_segment after pull from frag_list (git-fixes).\n- net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes).\n- net: ice: Perform accurate aRFS flow match (git-fixes).\n- net: ipv4: fix a memleak in ip_setup_cork (git-fixes).\n- net: linkwatch: use system_unbound_wq (git-fixes).\n- net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).\n- net: mana: Record doorbell physical address in PF mode (bsc#1244229).\n- net: page_pool: fix warning code (git-fixes).\n- net: phy: clear phydev-\u003edevlink when the link is deleted (git-fixes).\n- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).\n- net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538)\n- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).\n- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).\n- net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes).\n- net: sched: consistently use rcu_replace_pointer() in taprio_change() (git-fixes).\n- net: sched: em_text: fix possible memory leak in em_text_destroy() (git-fixes).\n- net: sched: fix erspan_opt settings in cls_flower (git-fixes).\n- net: usb: aqc111: debug info before sanitation (git-fixes).\n- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).\n- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).\n- net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).\n- net_sched: prio: fix a race in prio_tune() (git-fixes).\n- net_sched: red: fix a race in __red_change() (git-fixes).\n- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)\n- net_sched: sch_sfq: reject invalid perturb period (git-fixes).\n- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)\n- net_sched: tbf: fix a race in tbf_change() (git-fixes).\n- netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).\n- netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes).\n- netlink: specs: dpll: replace underscores with dashes in names (git-fixes).\n- netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes).\n- netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).\n- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).\n- nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes).\n- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).\n- ntp: Clamp maxerror and esterror to operating range (git-fixes)\n- ntp: Remove invalid cast in time offset math (git-fixes)\n- ntp: Safeguard against time_constant overflow (git-fixes)\n- nvme-fc: do not reference lsrsp after failure (bsc#1245193).\n- nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes).\n- nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).\n- nvme-pci: add quirks for device 126f:1001 (git-fixes).\n- nvme: always punt polled uring_cmd end_io work to task_work (git-fixes).\n- nvme: fix command limits status code (git-fixes).\n- nvme: fix implicit bool to flags conversion (git-fixes).\n- nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).\n- nvmet-fc: take tgtport refs for portentry (bsc#1245193).\n- nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193).\n- nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193).\n- nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).\n- nvmet-fcloop: do not wait for lport cleanup (bsc#1245193).\n- nvmet-fcloop: drop response if targetport is gone (bsc#1245193).\n- nvmet-fcloop: prevent double port deletion (bsc#1245193).\n- nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).\n- nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193).\n- nvmet-fcloop: remove nport from list on last user (bsc#1245193).\n- nvmet-fcloop: track ref counts for nports (bsc#1245193).\n- nvmet-fcloop: update refs on tfcp_req (bsc#1245193).\n- orangefs: Do not truncate file size (git-fixes).\n- pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes).\n- page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes).\n- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).\n- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).\n- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).\n- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes).\n- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).\n- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs \u003e 31 (git-fixes).\n- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).\n- pinctrl: bcm281xx: Use \u0027unsigned int\u0027 instead of bare \u0027unsigned\u0027 (stable-fixes).\n- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).\n- pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes).\n- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).\n- pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).\n- pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).\n- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).\n- platform/x86/amd/hsmp: Add new error code and error logs (jsc#PED-13094).\n- platform/x86/amd/hsmp: Add support for HSMP protocol version 7 messages (jsc#PED-13094).\n- platform/x86/amd/hsmp: Change generic plat_dev name to hsmp_pdev (jsc#PED-13094).\n- platform/x86/amd/hsmp: Change the error type (jsc#PED-13094).\n- platform/x86/amd/hsmp: Convert amd_hsmp_rdwr() to a function pointer (jsc#PED-13094).\n- platform/x86/amd/hsmp: Create hsmp/ directory (jsc#PED-13094).\n- platform/x86/amd/hsmp: Create separate ACPI, plat and common drivers (jsc#PED-13094).\n- platform/x86/amd/hsmp: Create wrapper function init_acpi() (jsc#PED-13094).\n- platform/x86/amd/hsmp: Make amd_hsmp and hsmp_acpi as mutually exclusive drivers (jsc#PED-13094).\n- platform/x86/amd/hsmp: Make hsmp_pdev static instead of global (jsc#PED-13094).\n- platform/x86/amd/hsmp: Move ACPI code to acpi.c (jsc#PED-13094).\n- platform/x86/amd/hsmp: Move platform device specific code to plat.c (jsc#PED-13094).\n- platform/x86/amd/hsmp: Move structure and macros to header file (jsc#PED-13094).\n- platform/x86/amd/hsmp: Report power via hwmon sensor (jsc#PED-13094).\n- platform/x86/amd/hsmp: Use a single DRIVER_VERSION for all hsmp modules (jsc#PED-13094).\n- platform/x86/amd/hsmp: Use dev_groups in the driver structure (jsc#PED-13094).\n- platform/x86/amd/hsmp: Use name space while exporting module symbols (jsc#PED-13094).\n- platform/x86/amd/hsmp: acpi: Add sysfs files to display HSMP telemetry (jsc#PED-13094).\n- platform/x86/amd/hsmp: fix building with CONFIG_HWMON=m (jsc#PED-13094).\n- platform/x86/amd/hsmp: mark hsmp_msg_desc_table as maybe_unused (git-fixes).\n- platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes).\n- platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes).\n- platform/x86: amd: Use *-y instead of *-objs in Makefiles (jsc#PED-13094).\n- platform/x86: dell_rbu: Fix list usage (git-fixes).\n- platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes).\n- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes).\n- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).\n- platform/x86: hp-bioscfg: Annotate struct bios_args with __counted_by (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Change how enum possible values size is evaluated (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Change how order list size is evaluated (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Change how password encoding size is evaluated (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Change how prerequisites size is evaluated (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Fix error handling in hp_add_other_attributes() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Fix memory leaks in attribute packages (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Fix reference leak (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Fix uninitialized variable errors (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Makefile (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Remove duplicate use of variable in inner loop (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Remove unused obj in hp_add_other_attributes() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Removed needless asm-generic (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Replace the word HACK from source code (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Simplify return check in hp_add_other_attributes() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Update steps order list elements are evaluated (jsc#PED-13019).\n- platform/x86: hp-bioscfg: Use kmemdup() to replace kmalloc + memcpy (jsc#PED-13019).\n- platform/x86: hp-bioscfg: biosattr-interface (jsc#PED-13019).\n- platform/x86: hp-bioscfg: bioscfg (jsc#PED-13019).\n- platform/x86: hp-bioscfg: bioscfg-h (jsc#PED-13019).\n- platform/x86: hp-bioscfg: enum-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: fix a signedness bug in hp_wmi_perform_query() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: fix error reporting in hp_add_other_attributes() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: int-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: move mutex_lock() down in hp_add_other_attributes() (jsc#PED-13019).\n- platform/x86: hp-bioscfg: order-list-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: passwdobj-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: prevent a small buffer overflow (jsc#PED-13019).\n- platform/x86: hp-bioscfg: spmobj-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: string-attributes (jsc#PED-13019).\n- platform/x86: hp-bioscfg: surestart-attributes (jsc#PED-13019).\n- platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes).\n- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).\n- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes).\n- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).\n- power: reset: at91-reset: Optimize at91_reset() (git-fixes).\n- power: supply: bq27xxx: Retrieve again when busy (stable-fixes).\n- power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes).\n- powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199).\n- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).\n- powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199).\n- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).\n- pstore: Change kmsg_bytes storage size to u32 (git-fixes).\n- ptp: ocp: fix start time alignment in ptp_ocp_signal_set (git-fixes).\n- ptp: ocp: reject unsupported periodic output flags (git-fixes).\n- ptp: remove ptp-\u003en_vclocks check logic in ptp_vclock_in_use() (git-fixes).\n- r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes).\n- regulator: ad5398: Add device tree support (stable-fixes).\n- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).\n- regulator: max20086: Change enable gpio to optional (git-fixes).\n- regulator: max20086: Fix MAX200086 chip id (git-fixes).\n- regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes).\n- rpm/check-for-config-changes: add more to IGNORED_CONFIGS_RE Useful when someone tries (needs) to build the kernel with clang.\n- rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725)\n- rpm: Stop using is_kotd_qa macro This macro is set by bs-upload-kernel, and a conditional in each spec file is used to determine when to build the spec file. This logic should not really be in the spec file. Previously this was done with package links and package meta for the individula links. However, the use of package links is rejected for packages in git based release projects (nothing to do with git actually, new policy). An alternative to package links is multibuild. However, for multibuild packages package meta cannot be used to set which spec file gets built. Use prjcon buildflags instead, and remove this conditional. Depends on bs-upload-kernel adding the build flag.\n- rtc: Fix offset calculation for .start_secs \u0026lt; 0 (git-fixes).\n- rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes).\n- rtc: at91rm9200: drop unused module alias (git-fixes).\n- rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).\n- rtc: cpcap: drop unused module alias (git-fixes).\n- rtc: da9063: drop unused module alias (git-fixes).\n- rtc: ds1307: stop disabling alarms on probe (stable-fixes).\n- rtc: jz4740: drop unused module alias (git-fixes).\n- rtc: pm8xxx: drop unused module alias (git-fixes).\n- rtc: rv3032: fix EERD location (stable-fixes).\n- rtc: s3c: drop unused module alias (git-fixes).\n- rtc: sh: assign correct interrupts with DT (git-fixes).\n- rtc: stm32: drop unused module alias (git-fixes).\n- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).\n- s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226).\n- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).\n- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).\n- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).\n- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).\n- s390/pci: Serialize device addition and removal (bsc#1244145).\n- s390/pci: introduce lock to synchronize state of zpci_dev\u0027s (jsc#PED-10253 bsc#1244145).\n- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).\n- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).\n- s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228).\n- scsi: Improve CDL control (git-fixes).\n- scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).\n- scsi: dc395x: Remove leftover if statement in reselect() (git-fixes).\n- scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes).\n- scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes).\n- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).\n- scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).\n- scsi: mpi3mr: Add level check to control event logging (git-fixes).\n- scsi: mpt3sas: Fix _ctl_get_mpt_mctp_passthru_adapter() to return IOC pointer (git-fixes).\n- scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes).\n- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).\n- scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes).\n- scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes).\n- scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels (git-fixes).\n- scsi: st: ERASE does not change tape location (git-fixes).\n- scsi: st: Restore some drive settings after reset (git-fixes).\n- scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes).\n- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).\n- scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).\n- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).\n- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).\n- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).\n- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).\n- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).\n- serial: core: restore of_node information in sysfs (git-fixes).\n- serial: imx: Restore original RXTL for console to fix data loss (git-fixes).\n- serial: jsm: fix NPE during jsm_uart_port_init (git-fixes).\n- serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).\n- serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes).\n- serial: sh-sci: Save and restore more registers (git-fixes).\n- serial: sh-sci: Update the suspend/resume support (stable-fixes).\n- smb3: fix Open files on server counter going negative (git-fixes).\n- smb: client: Use str_yes_no() helper function (git-fixes).\n- smb: client: allow more DFS referrals to be cached (git-fixes).\n- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).\n- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).\n- smb: client: do not retry DFS targets on server shutdown (git-fixes).\n- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).\n- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).\n- smb: client: fix DFS interlink failover (git-fixes).\n- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).\n- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).\n- smb: client: fix potential race in cifs_put_tcon() (git-fixes).\n- smb: client: fix return value of parse_dfs_referrals() (git-fixes).\n- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).\n- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).\n- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).\n- smb: client: improve purging of cached referrals (git-fixes).\n- smb: client: introduce av_for_each_entry() helper (git-fixes).\n- smb: client: optimize referral walk on failed link targets (git-fixes).\n- smb: client: parse DNS domain name from domain= option (git-fixes).\n- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).\n- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).\n- smb: client: refresh referral without acquiring refpath_lock (git-fixes).\n- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).\n- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).\n- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).\n- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).\n- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).\n- software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes).\n- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).\n- spi-rockchip: Fix register out of bounds access (stable-fixes).\n- spi: bcm63xx-hsspi: fix shared reset (git-fixes).\n- spi: bcm63xx-spi: fix shared reset (git-fixes).\n- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).\n- spi: spi-sun4i: fix early activation (stable-fixes).\n- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).\n- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).\n- spi: tegra210-quad: remove redundant error handling code (git-fixes).\n- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).\n- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).\n- staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes).\n- struct usci: hide additional member (git-fixes).\n- sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes).\n- supported.conf: Add SNP SVSM vTPM driver\n- supported.conf: add it\n- supported.conf: support firmware_attributes_class\n- svsm: Add header with SVSM_VTPM_CMD helpers (bsc#1241191).\n- sysfb: Fix screen_info type check for VGA (git-fixes).\n- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (git-fixes).\n- tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).\n- tcp/dccp: complete lockless accesses to sk-\u003esk_max_ack_backlog (git-fixes).\n- tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes).\n- tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).\n- thermal/drivers/mediatek/lvts: Fix debugfs unregister on failure (git-fixes).\n- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).\n- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).\n- thunderbolt: Do not double dequeue a configuration request (stable-fixes).\n- thunderbolt: Fix a logic error in wake on connect (git-fixes).\n- thunderbolt: Improve redrive mode handling (git-fixes).\n- timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)\n- timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)\n- timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)\n- timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)\n- tpm: Add SNP SVSM vTPM driver (bsc#1241191).\n- tpm: Make chip-\u003e{status,cancel,req_canceled} opt (bsc#1241191).\n- trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes).\n- tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes).\n- tracing: Add __print_dynamic_array() helper (bsc#1243544).\n- tracing: Add __string_len() example (bsc#1243544).\n- tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes).\n- tracing: Fix compilation warning on arm32 (bsc#1243551).\n- tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes).\n- truct dwc3 hide new member wakeup_pending_funcs (git-fixes).\n- tty: serial: 8250_omap: fix TX with DMA for am33xx (git-fixes).\n- ucsi_debugfs_entry: hide signedness change (git-fixes).\n- udp: annotate data-races around up-\u003epending (git-fixes).\n- udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (git-fixes).\n- udp: fix receiving fraglist GSO packets (git-fixes).\n- udp: preserve the connected status if only UDP cmsg (git-fixes).\n- uprobes: Use kzalloc to allocate xol area (git-fixes).\n- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).\n- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).\n- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).\n- usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).\n- usb: misc: onboard_usb_dev: fix support for Cypress HX3 hubs (git-fixes).\n- usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes).\n- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).\n- usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes).\n- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).\n- usb: typec: tcpm: move tcpm_queue_vdm_unlocked to asynchronous work (git-fixes).\n- usb: typec: ucsi: Only enable supported notifications (git-fixes).\n- usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git-fixes).\n- usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes).\n- usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes).\n- usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes).\n- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).\n- usb: usbtmc: Fix timeout value in get_stb (git-fixes).\n- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).\n- usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes).\n- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).\n- vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626).\n- vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626).\n- vmxnet3: update MTU after device quiesce (bsc#1244626).\n- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).\n- watchdog: da9052_wdt: respect TWDMIN (stable-fixes).\n- watchdog: exar: Shorten identity name to fit correctly (git-fixes).\n- watchdog: fix watchdog may detect false positive of softlockup (stable-fixes).\n- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes).\n- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes).\n- wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).\n- wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes).\n- wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes).\n- wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes).\n- wifi: ath11k: do not wait when there is no vdev started (git-fixes).\n- wifi: ath11k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath11k: fix ring-buffer corruption (git-fixes).\n- wifi: ath11k: fix rx completion meta data corruption (git-fixes).\n- wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes).\n- wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes).\n- wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847).\n- wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes).\n- wifi: ath12k: ACPI CCA threshold support (bsc#1240998).\n- wifi: ath12k: ACPI SAR support (bsc#1240998).\n- wifi: ath12k: ACPI TAS support (bsc#1240998).\n- wifi: ath12k: ACPI band edge channel power support (bsc#1240998).\n- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).\n- wifi: ath12k: Add additional checks for vif and sta iterators (bsc#1240998).\n- wifi: ath12k: Add firmware coredump collection support (bsc#1240998).\n- wifi: ath12k: Add htt_stats_dump file ops support (bsc#1240998).\n- wifi: ath12k: Add lock to protect the hardware state (bsc#1240998).\n- wifi: ath12k: Add missing htt_metadata flag in ath12k_dp_tx() (bsc#1240998).\n- wifi: ath12k: Add support to enable debugfs_htt_stats (bsc#1240998).\n- wifi: ath12k: Add support to parse requested stats_type (bsc#1240998).\n- wifi: ath12k: Avoid -Wflex-array-member-not-at-end warnings (bsc#1240998).\n- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).\n- wifi: ath12k: Cache vdev configs before vdev create (bsc#1240998).\n- wifi: ath12k: Dump additional Tx PDEV HTT stats (bsc#1240998).\n- wifi: ath12k: Fetch regdb.bin file from board-2.bin (stable-fixes).\n- wifi: ath12k: Fix WARN_ON during firmware crash in split-phy (bsc#1240998).\n- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).\n- wifi: ath12k: Fix buffer overflow in debugfs (bsc#1240998).\n- wifi: ath12k: Fix devmem address prefix when logging (bsc#1240998).\n- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).\n- wifi: ath12k: Fix for out-of bound access error (bsc#1240998).\n- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).\n- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).\n- wifi: ath12k: Fix pdev id sent to firmware for single phy devices (bsc#1240998).\n- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).\n- wifi: ath12k: Handle error cases during extended skb allocation (git-fixes).\n- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).\n- wifi: ath12k: Introduce device index (bsc#1240998).\n- wifi: ath12k: Modify add and remove chanctx ops for single wiphy support (bsc#1240998).\n- wifi: ath12k: Modify print_array_to_buf() to support arrays with 1-based semantics (bsc#1240998).\n- wifi: ath12k: Modify rts threshold mac op for single wiphy (bsc#1240998).\n- wifi: ath12k: Modify set and get antenna mac ops for single wiphy (bsc#1240998).\n- wifi: ath12k: Optimize the lock contention of used list in Rx data path (bsc#1240998).\n- wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes).\n- wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash (bsc#1240998).\n- wifi: ath12k: Refactor Rxdma buffer replinish argument (bsc#1240998).\n- wifi: ath12k: Refactor data path cmem init (bsc#1240998).\n- wifi: ath12k: Refactor error handler of Rxdma replenish (bsc#1240998).\n- wifi: ath12k: Refactor idle ring descriptor setup (bsc#1240998).\n- wifi: ath12k: Refactor the hardware cookie conversion init (bsc#1240998).\n- wifi: ath12k: Refactor the hardware recovery procedure (bsc#1240998).\n- wifi: ath12k: Refactor the hardware state (bsc#1240998).\n- wifi: ath12k: Remove unsupported tx monitor handling (bsc#1240998).\n- wifi: ath12k: Remove unused ath12k_base from ath12k_hw (bsc#1240998).\n- wifi: ath12k: Remove unused tcl_*_ring configuration (bsc#1240998).\n- wifi: ath12k: Replace \u0027chip\u0027 with \u0027device\u0027 in hal Rx return buffer manager (bsc#1240998).\n- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).\n- wifi: ath12k: Resolve multicast packet drop by populating key_cipher in ath12k_install_key() (bsc#1240998).\n- wifi: ath12k: Support BE OFDMA Pdev Rate Stats (bsc#1240998).\n- wifi: ath12k: Support DMAC Reset Stats (bsc#1240998).\n- wifi: ath12k: Support Pdev OBSS Stats (bsc#1240998).\n- wifi: ath12k: Support Pdev Scheduled Algorithm Stats (bsc#1240998).\n- wifi: ath12k: Support Ring and SFM stats (bsc#1240998).\n- wifi: ath12k: Support Self-Generated Transmit stats (bsc#1240998).\n- wifi: ath12k: Support TQM stats (bsc#1240998).\n- wifi: ath12k: Support Transmit DE stats (bsc#1240998).\n- wifi: ath12k: Support Transmit Scheduler stats (bsc#1240998).\n- wifi: ath12k: Support pdev CCA Stats (bsc#1240998).\n- wifi: ath12k: Support pdev Transmit Multi-user stats (bsc#1240998).\n- wifi: ath12k: Support pdev error stats (bsc#1240998).\n- wifi: ath12k: add 6 GHz params in peer assoc command (bsc#1240998).\n- wifi: ath12k: add ATH12K_DBG_WOW log level (bsc#1240998).\n- wifi: ath12k: add EMA beacon support (bsc#1240998).\n- wifi: ath12k: add MBSSID beacon support (bsc#1240998).\n- wifi: ath12k: add WoW net-detect functionality (bsc#1240998).\n- wifi: ath12k: add basic WoW functionalities (bsc#1240998).\n- wifi: ath12k: add channel 2 into 6 GHz channel list (bsc#1240998).\n- wifi: ath12k: add hw_link_id in ath12k_pdev (bsc#1240998).\n- wifi: ath12k: add missing lockdep_assert_wiphy() for ath12k_mac_op_ functions (bsc#1240998).\n- wifi: ath12k: add multi device support for WBM idle ring buffer setup (bsc#1240998).\n- wifi: ath12k: add multiple radio support in a single MAC HW un/register (bsc#1240998).\n- wifi: ath12k: add panic handler (bsc#1240998).\n- wifi: ath12k: add support to handle beacon miss for WCN7850 (bsc#1240998).\n- wifi: ath12k: advertise driver capabilities for MBSSID and EMA (bsc#1240998).\n- wifi: ath12k: allocate dummy net_device dynamically (bsc#1240998).\n- wifi: ath12k: ath12k_mac_op_set_key(): fix uninitialized symbol \u0027ret\u0027 (bsc#1240998).\n- wifi: ath12k: ath12k_mac_op_sta_state(): clean up update_wk cancellation (bsc#1240998).\n- wifi: ath12k: ath12k_mac_set_key(): remove exit label (bsc#1240998).\n- wifi: ath12k: avoid double SW2HW_MACID conversion (bsc#1240998).\n- wifi: ath12k: avoid duplicated vdev down (bsc#1240998).\n- wifi: ath12k: avoid redundant code in Rx cookie conversion init (bsc#1240998).\n- wifi: ath12k: avoid stopping mac80211 queues in ath12k_core_restart() (bsc#1240998).\n- wifi: ath12k: avoid unnecessary MSDU drop in the Rx error process (bsc#1240998).\n- wifi: ath12k: change supports_suspend to true for WCN7850 (bsc#1240998).\n- wifi: ath12k: cleanup unneeded labels (bsc#1240998).\n- wifi: ath12k: configure MBSSID parameters in AP mode (bsc#1240998).\n- wifi: ath12k: configure MBSSID params in vdev create/start (bsc#1240998).\n- wifi: ath12k: convert struct ath12k_sta::update_wk to use struct wiphy_work (bsc#1240998).\n- wifi: ath12k: correct the capital word typo (bsc#1240998).\n- wifi: ath12k: create a structure for WMI vdev up parameters (bsc#1240998).\n- wifi: ath12k: debugfs: radar simulation support (bsc#1240998).\n- wifi: ath12k: decrease MHI channel buffer length to 8KB (bsc#1240998).\n- wifi: ath12k: delete NSS and TX power setting for monitor vdev (bsc#1240998).\n- wifi: ath12k: displace the Tx and Rx descriptor in cookie conversion table (bsc#1240998).\n- wifi: ath12k: do not dump SRNG statistics during resume (bsc#1240998).\n- wifi: ath12k: do not process consecutive RDDM event (bsc#1240998).\n- wifi: ath12k: do not use %pK in dmesg format strings (bsc#1240998).\n- wifi: ath12k: dynamic VLAN support (bsc#1240998).\n- wifi: ath12k: dynamically update peer puncturing bitmap for STA (bsc#1240998).\n- wifi: ath12k: enable WIPHY_FLAG_DISABLE_WEXT (bsc#1240998).\n- wifi: ath12k: enable service flag for survey dump stats (bsc#1240998).\n- wifi: ath12k: extend the link capable flag (bsc#1240998).\n- wifi: ath12k: fetch correct radio based on vdev status (bsc#1240998).\n- wifi: ath12k: fix A-MSDU indication in monitor mode (bsc#1240998).\n- wifi: ath12k: fix ACPI warning when resume (bsc#1240998).\n- wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (git-fixes).\n- wifi: ath12k: fix NULL pointer access in ath12k_mac_op_get_survey() (bsc#1240998).\n- wifi: ath12k: fix Smatch warnings on ath12k_core_suspend() (bsc#1240998).\n- wifi: ath12k: fix a possible dead lock caused by ab-\u003ebase_lock (stable-fixes).\n- wifi: ath12k: fix ack signal strength calculation (bsc#1240998).\n- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).\n- wifi: ath12k: fix build vs old compiler (bsc#1240998).\n- wifi: ath12k: fix calling correct function for rx monitor mode (bsc#1240998).\n- wifi: ath12k: fix cleanup path after mhi init (git-fixes).\n- wifi: ath12k: fix desc address calculation in wbm tx completion (bsc#1240998).\n- wifi: ath12k: fix driver initialization for WoW unsupported devices (bsc#1240998).\n- wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes).\n- wifi: ath12k: fix flush failure in recovery scenarios (bsc#1240998).\n- wifi: ath12k: fix hal_rx_buf_return_buf_manager documentation (bsc#1240998).\n- wifi: ath12k: fix incorrect CE addresses (stable-fixes).\n- wifi: ath12k: fix invalid access to memory (git-fixes).\n- wifi: ath12k: fix key cache handling (bsc#1240998).\n- wifi: ath12k: fix legacy peer association due to missing HT or 6 GHz capabilities (bsc#1240998).\n- wifi: ath12k: fix link capable flags (bsc#1240998).\n- wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes).\n- wifi: ath12k: fix mac id extraction when MSDU spillover in rx error path (bsc#1240998).\n- wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes).\n- wifi: ath12k: fix mbssid max interface advertisement (bsc#1240998).\n- wifi: ath12k: fix missing endianness conversion in wmi_vdev_create_cmd() (bsc#1240998).\n- wifi: ath12k: fix misspelling of \u0027dma\u0027 in num_rxmda_per_pdev (bsc#1240998).\n- wifi: ath12k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath12k: fix one more memcpy size error (bsc#1240998).\n- wifi: ath12k: fix per pdev debugfs registration (bsc#1240998).\n- wifi: ath12k: fix reusing outside iterator in ath12k_wow_vif_set_wakeups() (bsc#1240998).\n- wifi: ath12k: fix ring-buffer corruption (git-fixes).\n- wifi: ath12k: fix skb_ext_desc leak in ath12k_dp_tx() error path (bsc#1240998).\n- wifi: ath12k: fix struct hal_rx_mpdu_start (bsc#1240998).\n- wifi: ath12k: fix struct hal_rx_phyrx_rssi_legacy_info (bsc#1240998).\n- wifi: ath12k: fix struct hal_rx_ppdu_end_user_stats (bsc#1240998).\n- wifi: ath12k: fix struct hal_rx_ppdu_start (bsc#1240998).\n- wifi: ath12k: fix survey dump collection in 6 GHz (bsc#1240998).\n- wifi: ath12k: fix the ampdu id fetch in the HAL_RX_MPDU_START TLV (stable-fixes).\n- wifi: ath12k: fix the stack frame size warning in ath12k_mac_op_hw_scan (bsc#1240998).\n- wifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup() (bsc#1240998).\n- wifi: ath12k: fix warning on DMA ring capabilities event (bsc#1240998).\n- wifi: ath12k: flush all packets before suspend (bsc#1240998).\n- wifi: ath12k: handle keepalive during WoWLAN suspend and resume (bsc#1240998).\n- wifi: ath12k: handle symlink cleanup for per pdev debugfs dentry (bsc#1240998).\n- wifi: ath12k: implement WoW enable and wakeup commands (bsc#1240998).\n- wifi: ath12k: implement hardware data filter (bsc#1240998).\n- wifi: ath12k: improve the rx descriptor error information (bsc#1240998).\n- wifi: ath12k: initial debugfs support (bsc#1240998).\n- wifi: ath12k: make read-only array svc_id static const (bsc#1240998).\n- wifi: ath12k: modify ath12k mac start/stop ops for single wiphy (bsc#1240998).\n- wifi: ath12k: modify ath12k_get_arvif_iter() for MLO (bsc#1240998).\n- wifi: ath12k: modify ath12k_mac_op_bss_info_changed() for MLO (bsc#1240998).\n- wifi: ath12k: modify ath12k_mac_op_set_key() for MLO (bsc#1240998).\n- wifi: ath12k: modify ath12k_mac_vif_chan() for MLO (bsc#1240998).\n- wifi: ath12k: modify link arvif creation and removal for MLO (bsc#1240998).\n- wifi: ath12k: modify regulatory support for single wiphy architecture (bsc#1240998).\n- wifi: ath12k: modify remain on channel for single wiphy (bsc#1240998).\n- wifi: ath12k: move txbaddr/rxbaddr into struct ath12k_dp (bsc#1240998).\n- wifi: ath12k: no need to handle pktlog during suspend/resume (bsc#1240998).\n- wifi: ath12k: pass ath12k_link_vif instead of vif/ahvif (bsc#1240998).\n- wifi: ath12k: prepare sta data structure for MLO handling (bsc#1240998).\n- wifi: ath12k: prepare vif config caching for MLO (bsc#1240998).\n- wifi: ath12k: prepare vif data structure for MLO handling (bsc#1240998).\n- wifi: ath12k: read single_chip_mlo_support parameter from QMI PHY capability (bsc#1240998).\n- wifi: ath12k: rearrange IRQ enable/disable in reset path (bsc#1240998).\n- wifi: ath12k: refactor SMPS configuration (bsc#1240998).\n- wifi: ath12k: refactor arvif security parameter configuration (bsc#1240998).\n- wifi: ath12k: refactor ath12k_hw_regs structure (stable-fixes).\n- wifi: ath12k: refactor rx descriptor CMEM configuration (bsc#1240998).\n- wifi: ath12k: remove MHI LOOPBACK channels (bsc#1240998).\n- wifi: ath12k: remove duplicate definition of MAX_RADIOS (bsc#1240998).\n- wifi: ath12k: remove duplicate definitions in wmi.h (bsc#1240998).\n- wifi: ath12k: remove invalid peer create logic (bsc#1240998).\n- wifi: ath12k: remove obsolete struct wmi_start_scan_arg (bsc#1240998).\n- wifi: ath12k: remove redundant peer delete for WCN7850 (bsc#1240998).\n- wifi: ath12k: remove unused variable monitor_flags (bsc#1240998).\n- wifi: ath12k: remove unused variable monitor_present (bsc#1240998).\n- wifi: ath12k: rename MBSSID fields in wmi_vdev_up_cmd (bsc#1240998).\n- wifi: ath12k: restore ASPM for supported hardwares only (bsc#1240998).\n- wifi: ath12k: scan statemachine changes for single wiphy (bsc#1240998).\n- wifi: ath12k: set mlo_capable_flags based on QMI PHY capability (bsc#1240998).\n- wifi: ath12k: skip sending vdev down for channel switch (bsc#1240998).\n- wifi: ath12k: support ARP and NS offload (bsc#1240998).\n- wifi: ath12k: support GTK rekey offload (bsc#1240998).\n- wifi: ath12k: support SMPS configuration for 6 GHz (bsc#1240998).\n- wifi: ath12k: support get_survey mac op for single wiphy (bsc#1240998).\n- wifi: ath12k: support suspend/resume (bsc#1240998).\n- wifi: ath12k: switch to using wiphy_lock() and remove ar-\u003econf_mutex (bsc#1240998).\n- wifi: ath12k: unregister per pdev debugfs (bsc#1240998).\n- wifi: ath12k: update ath12k_mac_op_conf_tx() for MLO (bsc#1240998).\n- wifi: ath12k: update ath12k_mac_op_update_vif_offload() for MLO (bsc#1240998).\n- wifi: ath12k: use 128 bytes aligned iova in transmit path for WCN7850 (bsc#1240998).\n- wifi: ath12k: use correct MAX_RADIOS (bsc#1240998).\n- wifi: ath12k: use tail MSDU to get MSDU information (bsc#1240998).\n- wifi: ath12k: using msdu end descriptor to check for rx multicast packets (stable-fixes).\n- wifi: ath12k: vdev statemachine changes for single wiphy (bsc#1240998).\n- wifi: ath9k: return by of_get_mac_address (stable-fixes).\n- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).\n- wifi: carl9170: do not ping device which has failed to load firmware (git-fixes).\n- wifi: cfg80211: allow IR in 20 MHz configurations (stable-fixes).\n- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).\n- wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes).\n- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).\n- wifi: iwlwifi: do not warn during reprobe (stable-fixes).\n- wifi: iwlwifi: do not warn when if there is a FW error (stable-fixes).\n- wifi: iwlwifi: fix debug actions order (stable-fixes).\n- wifi: iwlwifi: fix the ECKV UEFI variable name (stable-fixes).\n- wifi: iwlwifi: mark Br device not integrated (stable-fixes).\n- wifi: iwlwifi: mvm: fix beacon CCK flag (stable-fixes).\n- wifi: iwlwifi: mvm: fix setting the TK when associated (stable-fixes).\n- wifi: iwlwifi: pcie: make sure to lock rxq-\u003eread (stable-fixes).\n- wifi: iwlwifi: use correct IMR dump variable (stable-fixes).\n- wifi: iwlwifi: w/a FW SMPS mode selection (stable-fixes).\n- wifi: mac80211: VLAN traffic in multicast path (stable-fixes).\n- wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes).\n- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).\n- wifi: mac80211: fix beacon interval calculation overflow (git-fixes).\n- wifi: mac80211: fix warning on disconnect during failed ML reconf (stable-fixes).\n- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).\n- wifi: mac80211: set ieee80211_prep_tx_info::link_id upon Auth Rx (stable-fixes).\n- wifi: mac80211: validate SCAN_FLAG_AP in scan request during MLO (stable-fixes).\n- wifi: mac80211_hwsim: Fix MLD address translation (stable-fixes).\n- wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes).\n- wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes).\n- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).\n- wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes).\n- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).\n- wifi: mt76: mt7925: fix fails to enter low power mode in suspend state (stable-fixes).\n- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).\n- wifi: mt76: mt7925: introduce thermal protection (stable-fixes).\n- wifi: mt76: mt7925: load the appropriate CLC data based on hardware type (stable-fixes).\n- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).\n- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).\n- wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes).\n- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).\n- wifi: mt76: mt7996: revise TXS size (stable-fixes).\n- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).\n- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).\n- wifi: mwifiex: Fix HT40 bandwidth issue (stable-fixes).\n- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).\n- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).\n- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).\n- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).\n- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).\n- wifi: rtw88: fix the \u0027para\u0027 buffer size to avoid reading out of bounds (git-fixes).\n- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).\n- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).\n- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).\n- wifi: rtw89: 8922a: fix TX fail with wrong VCO setting (stable-fixes).\n- wifi: rtw89: 8922a: fix incorrect STA-ID in EHT MU PPDU (stable-fixes).\n- wifi: rtw89: add wiphy_lock() to work that isn\u0027t held wiphy_lock() yet (stable-fixes).\n- wifi: rtw89: call power_on ahead before selecting firmware (stable-fixes).\n- wifi: rtw89: fw: get sb_sel_ver via get_unaligned_le32() (stable-fixes).\n- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).\n- wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes).\n- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).\n- wifi: rtw89: phy: add dummy C2H event handler for report of TAS power (stable-fixes).\n- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (stable-fixes).\n- workqueue: Initialize wq_isolated_cpumask in workqueue_init_early() (bsc#1245101 jsc#PED-11934).\n- x86/acpi: Fix LAPIC/x2APIC parsing order (git-fixes).\n- x86/amd_nb, hwmon: (k10temp): Simplify amd_pci_dev_to_node_id() (jsc#PED-13094).\n- x86/amd_nb: Clean up early_is_amd_nb() (jsc#PED-13094).\n- x86/amd_nb: Move SMN access code to a new amd_node driver (jsc#PED-13094).\n- x86/amd_nb: Restrict init function to AMD-based systems (jsc#PED-13094).\n- x86/amd_nb: Simplify function 4 search (jsc#PED-13094).\n- x86/amd_nb: Simplify root device search (jsc#PED-13094).\n- x86/amd_node: Add SMN offsets to exclusive region access (jsc#PED-13094).\n- x86/amd_node: Add support for debugfs access to SMN registers (jsc#PED-13094).\n- x86/amd_node: Remove dependency on AMD_NB (jsc#PED-13094).\n- x86/amd_node: Update __amd_smn_rw() error paths (jsc#PED-13094).\n- x86/amd_node: Use defines for SMN register offsets (jsc#PED-13094).\n- x86/fred/signal: Prevent immediate repeat of single step trap on return from SIGTRAP handler (git-fixes).\n- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).\n- x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).\n- x86/mce/amd: Remove shared threshold bank plumbing (jsc#PED-13094).\n- x86/microcode/AMD: Add get_patch_level() (git-fixes).\n- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).\n- x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes).\n- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).\n- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).\n- x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes).\n- x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes).\n- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).\n- x86/microcode: Consolidate the loader enablement checking (git-fixes).\n- x86/mm/init: Handle the special case of device private pages in add_pages(), to not increase max_pfn and trigger dma_addressing_limited() bounce buffers (git-fixes).\n- x86/platform/amd: Move the \u0026lt;asm/amd_hsmp.h\u003e header to \u0026lt;asm/amd/hsmp.h\u003e (jsc#PED-13094).\n- x86/sev: Add SVSM vTPM probe/send_command functions (bsc#1241191).\n- x86/sev: Provide guest VMPL level to userspace (bsc#1241191).\n- x86/sev: Register tpm-svsm platform device (bsc#1241191).\n- x86/xen: fix balloon target initialization for PVH dom0 (git-fixes).\n- x86: Start moving AMD node functionality out of AMD_NB (jsc#PED-13094).\n- xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)\n- xen/x86: fix initial memory balloon target (git-fixes).\n- xhci: dbc: Avoid event polling busyloop if pending rx transfers are inactive (git-fixes).\n- xsk: always clear DMA mapping information when unmapping the pool (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2307,SUSE-SLE-Module-Basesystem-15-SP7-2025-2307,SUSE-SLE-Module-Development-Tools-15-SP7-2025-2307,SUSE-SLE-Module-Legacy-15-SP7-2025-2307,SUSE-SLE-Module-Live-Patching-15-SP7-2025-2307,SUSE-SLE-Product-HA-15-SP7-2025-2307,SUSE-SLE-Product-WE-15-SP7-2025-2307",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02307-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02307-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502307-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02307-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040706.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1151679",
"url": "https://bugzilla.suse.com/1151679"
},
{
"category": "self",
"summary": "SUSE Bug 1151680",
"url": "https://bugzilla.suse.com/1151680"
},
{
"category": "self",
"summary": "SUSE Bug 1151794",
"url": "https://bugzilla.suse.com/1151794"
},
{
"category": "self",
"summary": "SUSE Bug 1151927",
"url": "https://bugzilla.suse.com/1151927"
},
{
"category": "self",
"summary": "SUSE Bug 1210025",
"url": "https://bugzilla.suse.com/1210025"
},
{
"category": "self",
"summary": "SUSE Bug 1211226",
"url": "https://bugzilla.suse.com/1211226"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1218184",
"url": "https://bugzilla.suse.com/1218184"
},
{
"category": "self",
"summary": "SUSE Bug 1220112",
"url": "https://bugzilla.suse.com/1220112"
},
{
"category": "self",
"summary": "SUSE Bug 1223008",
"url": "https://bugzilla.suse.com/1223008"
},
{
"category": "self",
"summary": "SUSE Bug 1226498",
"url": "https://bugzilla.suse.com/1226498"
},
{
"category": "self",
"summary": "SUSE Bug 1228478",
"url": "https://bugzilla.suse.com/1228478"
},
{
"category": "self",
"summary": "SUSE Bug 1228557",
"url": "https://bugzilla.suse.com/1228557"
},
{
"category": "self",
"summary": "SUSE Bug 1228854",
"url": "https://bugzilla.suse.com/1228854"
},
{
"category": "self",
"summary": "SUSE Bug 1229491",
"url": "https://bugzilla.suse.com/1229491"
},
{
"category": "self",
"summary": "SUSE Bug 1230337",
"url": "https://bugzilla.suse.com/1230337"
},
{
"category": "self",
"summary": "SUSE Bug 1231913",
"url": "https://bugzilla.suse.com/1231913"
},
{
"category": "self",
"summary": "SUSE Bug 1232504",
"url": "https://bugzilla.suse.com/1232504"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1233482",
"url": "https://bugzilla.suse.com/1233482"
},
{
"category": "self",
"summary": "SUSE Bug 1235064",
"url": "https://bugzilla.suse.com/1235064"
},
{
"category": "self",
"summary": "SUSE Bug 1235490",
"url": "https://bugzilla.suse.com/1235490"
},
{
"category": "self",
"summary": "SUSE Bug 1235728",
"url": "https://bugzilla.suse.com/1235728"
},
{
"category": "self",
"summary": "SUSE Bug 1235968",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1237200",
"url": "https://bugzilla.suse.com/1237200"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1237887",
"url": "https://bugzilla.suse.com/1237887"
},
{
"category": "self",
"summary": "SUSE Bug 1237895",
"url": "https://bugzilla.suse.com/1237895"
},
{
"category": "self",
"summary": "SUSE Bug 1237905",
"url": "https://bugzilla.suse.com/1237905"
},
{
"category": "self",
"summary": "SUSE Bug 1237910",
"url": "https://bugzilla.suse.com/1237910"
},
{
"category": "self",
"summary": "SUSE Bug 1237913",
"url": "https://bugzilla.suse.com/1237913"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238478",
"url": "https://bugzilla.suse.com/1238478"
},
{
"category": "self",
"summary": "SUSE Bug 1238495",
"url": "https://bugzilla.suse.com/1238495"
},
{
"category": "self",
"summary": "SUSE Bug 1238508",
"url": "https://bugzilla.suse.com/1238508"
},
{
"category": "self",
"summary": "SUSE Bug 1238741",
"url": "https://bugzilla.suse.com/1238741"
},
{
"category": "self",
"summary": "SUSE Bug 1238859",
"url": "https://bugzilla.suse.com/1238859"
},
{
"category": "self",
"summary": "SUSE Bug 1238965",
"url": "https://bugzilla.suse.com/1238965"
},
{
"category": "self",
"summary": "SUSE Bug 1238982",
"url": "https://bugzilla.suse.com/1238982"
},
{
"category": "self",
"summary": "SUSE Bug 1238995",
"url": "https://bugzilla.suse.com/1238995"
},
{
"category": "self",
"summary": "SUSE Bug 1239063",
"url": "https://bugzilla.suse.com/1239063"
},
{
"category": "self",
"summary": "SUSE Bug 1239090",
"url": "https://bugzilla.suse.com/1239090"
},
{
"category": "self",
"summary": "SUSE Bug 1239485",
"url": "https://bugzilla.suse.com/1239485"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1240170",
"url": "https://bugzilla.suse.com/1240170"
},
{
"category": "self",
"summary": "SUSE Bug 1240180",
"url": "https://bugzilla.suse.com/1240180"
},
{
"category": "self",
"summary": "SUSE Bug 1240577",
"url": "https://bugzilla.suse.com/1240577"
},
{
"category": "self",
"summary": "SUSE Bug 1240579",
"url": "https://bugzilla.suse.com/1240579"
},
{
"category": "self",
"summary": "SUSE Bug 1240589",
"url": "https://bugzilla.suse.com/1240589"
},
{
"category": "self",
"summary": "SUSE Bug 1240610",
"url": "https://bugzilla.suse.com/1240610"
},
{
"category": "self",
"summary": "SUSE Bug 1240650",
"url": "https://bugzilla.suse.com/1240650"
},
{
"category": "self",
"summary": "SUSE Bug 1240686",
"url": "https://bugzilla.suse.com/1240686"
},
{
"category": "self",
"summary": "SUSE Bug 1240696",
"url": "https://bugzilla.suse.com/1240696"
},
{
"category": "self",
"summary": "SUSE Bug 1240702",
"url": "https://bugzilla.suse.com/1240702"
},
{
"category": "self",
"summary": "SUSE Bug 1240710",
"url": "https://bugzilla.suse.com/1240710"
},
{
"category": "self",
"summary": "SUSE Bug 1240723",
"url": "https://bugzilla.suse.com/1240723"
},
{
"category": "self",
"summary": "SUSE Bug 1240798",
"url": "https://bugzilla.suse.com/1240798"
},
{
"category": "self",
"summary": "SUSE Bug 1240814",
"url": "https://bugzilla.suse.com/1240814"
},
{
"category": "self",
"summary": "SUSE Bug 1240823",
"url": "https://bugzilla.suse.com/1240823"
},
{
"category": "self",
"summary": "SUSE Bug 1240866",
"url": "https://bugzilla.suse.com/1240866"
},
{
"category": "self",
"summary": "SUSE Bug 1240998",
"url": "https://bugzilla.suse.com/1240998"
},
{
"category": "self",
"summary": "SUSE Bug 1241166",
"url": "https://bugzilla.suse.com/1241166"
},
{
"category": "self",
"summary": "SUSE Bug 1241191",
"url": "https://bugzilla.suse.com/1241191"
},
{
"category": "self",
"summary": "SUSE Bug 1241278",
"url": "https://bugzilla.suse.com/1241278"
},
{
"category": "self",
"summary": "SUSE Bug 1241298",
"url": "https://bugzilla.suse.com/1241298"
},
{
"category": "self",
"summary": "SUSE Bug 1241340",
"url": "https://bugzilla.suse.com/1241340"
},
{
"category": "self",
"summary": "SUSE Bug 1241388",
"url": "https://bugzilla.suse.com/1241388"
},
{
"category": "self",
"summary": "SUSE Bug 1241414",
"url": "https://bugzilla.suse.com/1241414"
},
{
"category": "self",
"summary": "SUSE Bug 1241457",
"url": "https://bugzilla.suse.com/1241457"
},
{
"category": "self",
"summary": "SUSE Bug 1241492",
"url": "https://bugzilla.suse.com/1241492"
},
{
"category": "self",
"summary": "SUSE Bug 1241519",
"url": "https://bugzilla.suse.com/1241519"
},
{
"category": "self",
"summary": "SUSE Bug 1241538",
"url": "https://bugzilla.suse.com/1241538"
},
{
"category": "self",
"summary": "SUSE Bug 1241544",
"url": "https://bugzilla.suse.com/1241544"
},
{
"category": "self",
"summary": "SUSE Bug 1241572",
"url": "https://bugzilla.suse.com/1241572"
},
{
"category": "self",
"summary": "SUSE Bug 1241576",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "self",
"summary": "SUSE Bug 1241590",
"url": "https://bugzilla.suse.com/1241590"
},
{
"category": "self",
"summary": "SUSE Bug 1241592",
"url": "https://bugzilla.suse.com/1241592"
},
{
"category": "self",
"summary": "SUSE Bug 1241595",
"url": "https://bugzilla.suse.com/1241595"
},
{
"category": "self",
"summary": "SUSE Bug 1241617",
"url": "https://bugzilla.suse.com/1241617"
},
{
"category": "self",
"summary": "SUSE Bug 1241625",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "self",
"summary": "SUSE Bug 1241635",
"url": "https://bugzilla.suse.com/1241635"
},
{
"category": "self",
"summary": "SUSE Bug 1241644",
"url": "https://bugzilla.suse.com/1241644"
},
{
"category": "self",
"summary": "SUSE Bug 1241654",
"url": "https://bugzilla.suse.com/1241654"
},
{
"category": "self",
"summary": "SUSE Bug 1241689",
"url": "https://bugzilla.suse.com/1241689"
},
{
"category": "self",
"summary": "SUSE Bug 1242035",
"url": "https://bugzilla.suse.com/1242035"
},
{
"category": "self",
"summary": "SUSE Bug 1242044",
"url": "https://bugzilla.suse.com/1242044"
},
{
"category": "self",
"summary": "SUSE Bug 1242086",
"url": "https://bugzilla.suse.com/1242086"
},
{
"category": "self",
"summary": "SUSE Bug 1242163",
"url": "https://bugzilla.suse.com/1242163"
},
{
"category": "self",
"summary": "SUSE Bug 1242343",
"url": "https://bugzilla.suse.com/1242343"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242501",
"url": "https://bugzilla.suse.com/1242501"
},
{
"category": "self",
"summary": "SUSE Bug 1242504",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "self",
"summary": "SUSE Bug 1242508",
"url": "https://bugzilla.suse.com/1242508"
},
{
"category": "self",
"summary": "SUSE Bug 1242512",
"url": "https://bugzilla.suse.com/1242512"
},
{
"category": "self",
"summary": "SUSE Bug 1242514",
"url": "https://bugzilla.suse.com/1242514"
},
{
"category": "self",
"summary": "SUSE Bug 1242515",
"url": "https://bugzilla.suse.com/1242515"
},
{
"category": "self",
"summary": "SUSE Bug 1242520",
"url": "https://bugzilla.suse.com/1242520"
},
{
"category": "self",
"summary": "SUSE Bug 1242521",
"url": "https://bugzilla.suse.com/1242521"
},
{
"category": "self",
"summary": "SUSE Bug 1242524",
"url": "https://bugzilla.suse.com/1242524"
},
{
"category": "self",
"summary": "SUSE Bug 1242529",
"url": "https://bugzilla.suse.com/1242529"
},
{
"category": "self",
"summary": "SUSE Bug 1242530",
"url": "https://bugzilla.suse.com/1242530"
},
{
"category": "self",
"summary": "SUSE Bug 1242531",
"url": "https://bugzilla.suse.com/1242531"
},
{
"category": "self",
"summary": "SUSE Bug 1242532",
"url": "https://bugzilla.suse.com/1242532"
},
{
"category": "self",
"summary": "SUSE Bug 1242556",
"url": "https://bugzilla.suse.com/1242556"
},
{
"category": "self",
"summary": "SUSE Bug 1242559",
"url": "https://bugzilla.suse.com/1242559"
},
{
"category": "self",
"summary": "SUSE Bug 1242563",
"url": "https://bugzilla.suse.com/1242563"
},
{
"category": "self",
"summary": "SUSE Bug 1242564",
"url": "https://bugzilla.suse.com/1242564"
},
{
"category": "self",
"summary": "SUSE Bug 1242565",
"url": "https://bugzilla.suse.com/1242565"
},
{
"category": "self",
"summary": "SUSE Bug 1242566",
"url": "https://bugzilla.suse.com/1242566"
},
{
"category": "self",
"summary": "SUSE Bug 1242567",
"url": "https://bugzilla.suse.com/1242567"
},
{
"category": "self",
"summary": "SUSE Bug 1242568",
"url": "https://bugzilla.suse.com/1242568"
},
{
"category": "self",
"summary": "SUSE Bug 1242569",
"url": "https://bugzilla.suse.com/1242569"
},
{
"category": "self",
"summary": "SUSE Bug 1242573",
"url": "https://bugzilla.suse.com/1242573"
},
{
"category": "self",
"summary": "SUSE Bug 1242574",
"url": "https://bugzilla.suse.com/1242574"
},
{
"category": "self",
"summary": "SUSE Bug 1242575",
"url": "https://bugzilla.suse.com/1242575"
},
{
"category": "self",
"summary": "SUSE Bug 1242577",
"url": "https://bugzilla.suse.com/1242577"
},
{
"category": "self",
"summary": "SUSE Bug 1242578",
"url": "https://bugzilla.suse.com/1242578"
},
{
"category": "self",
"summary": "SUSE Bug 1242584",
"url": "https://bugzilla.suse.com/1242584"
},
{
"category": "self",
"summary": "SUSE Bug 1242587",
"url": "https://bugzilla.suse.com/1242587"
},
{
"category": "self",
"summary": "SUSE Bug 1242591",
"url": "https://bugzilla.suse.com/1242591"
},
{
"category": "self",
"summary": "SUSE Bug 1242709",
"url": "https://bugzilla.suse.com/1242709"
},
{
"category": "self",
"summary": "SUSE Bug 1242724",
"url": "https://bugzilla.suse.com/1242724"
},
{
"category": "self",
"summary": "SUSE Bug 1242725",
"url": "https://bugzilla.suse.com/1242725"
},
{
"category": "self",
"summary": "SUSE Bug 1242727",
"url": "https://bugzilla.suse.com/1242727"
},
{
"category": "self",
"summary": "SUSE Bug 1242729",
"url": "https://bugzilla.suse.com/1242729"
},
{
"category": "self",
"summary": "SUSE Bug 1242758",
"url": "https://bugzilla.suse.com/1242758"
},
{
"category": "self",
"summary": "SUSE Bug 1242760",
"url": "https://bugzilla.suse.com/1242760"
},
{
"category": "self",
"summary": "SUSE Bug 1242761",
"url": "https://bugzilla.suse.com/1242761"
},
{
"category": "self",
"summary": "SUSE Bug 1242764",
"url": "https://bugzilla.suse.com/1242764"
},
{
"category": "self",
"summary": "SUSE Bug 1242766",
"url": "https://bugzilla.suse.com/1242766"
},
{
"category": "self",
"summary": "SUSE Bug 1242770",
"url": "https://bugzilla.suse.com/1242770"
},
{
"category": "self",
"summary": "SUSE Bug 1242781",
"url": "https://bugzilla.suse.com/1242781"
},
{
"category": "self",
"summary": "SUSE Bug 1242782",
"url": "https://bugzilla.suse.com/1242782"
},
{
"category": "self",
"summary": "SUSE Bug 1242785",
"url": "https://bugzilla.suse.com/1242785"
},
{
"category": "self",
"summary": "SUSE Bug 1242792",
"url": "https://bugzilla.suse.com/1242792"
},
{
"category": "self",
"summary": "SUSE Bug 1242834",
"url": "https://bugzilla.suse.com/1242834"
},
{
"category": "self",
"summary": "SUSE Bug 1242846",
"url": "https://bugzilla.suse.com/1242846"
},
{
"category": "self",
"summary": "SUSE Bug 1242849",
"url": "https://bugzilla.suse.com/1242849"
},
{
"category": "self",
"summary": "SUSE Bug 1242850",
"url": "https://bugzilla.suse.com/1242850"
},
{
"category": "self",
"summary": "SUSE Bug 1242863",
"url": "https://bugzilla.suse.com/1242863"
},
{
"category": "self",
"summary": "SUSE Bug 1242865",
"url": "https://bugzilla.suse.com/1242865"
},
{
"category": "self",
"summary": "SUSE Bug 1242871",
"url": "https://bugzilla.suse.com/1242871"
},
{
"category": "self",
"summary": "SUSE Bug 1242873",
"url": "https://bugzilla.suse.com/1242873"
},
{
"category": "self",
"summary": "SUSE Bug 1242906",
"url": "https://bugzilla.suse.com/1242906"
},
{
"category": "self",
"summary": "SUSE Bug 1242907",
"url": "https://bugzilla.suse.com/1242907"
},
{
"category": "self",
"summary": "SUSE Bug 1242908",
"url": "https://bugzilla.suse.com/1242908"
},
{
"category": "self",
"summary": "SUSE Bug 1242909",
"url": "https://bugzilla.suse.com/1242909"
},
{
"category": "self",
"summary": "SUSE Bug 1242930",
"url": "https://bugzilla.suse.com/1242930"
},
{
"category": "self",
"summary": "SUSE Bug 1242940",
"url": "https://bugzilla.suse.com/1242940"
},
{
"category": "self",
"summary": "SUSE Bug 1242943",
"url": "https://bugzilla.suse.com/1242943"
},
{
"category": "self",
"summary": "SUSE Bug 1242945",
"url": "https://bugzilla.suse.com/1242945"
},
{
"category": "self",
"summary": "SUSE Bug 1242946",
"url": "https://bugzilla.suse.com/1242946"
},
{
"category": "self",
"summary": "SUSE Bug 1242947",
"url": "https://bugzilla.suse.com/1242947"
},
{
"category": "self",
"summary": "SUSE Bug 1242948",
"url": "https://bugzilla.suse.com/1242948"
},
{
"category": "self",
"summary": "SUSE Bug 1242949",
"url": "https://bugzilla.suse.com/1242949"
},
{
"category": "self",
"summary": "SUSE Bug 1242952",
"url": "https://bugzilla.suse.com/1242952"
},
{
"category": "self",
"summary": "SUSE Bug 1242953",
"url": "https://bugzilla.suse.com/1242953"
},
{
"category": "self",
"summary": "SUSE Bug 1242954",
"url": "https://bugzilla.suse.com/1242954"
},
{
"category": "self",
"summary": "SUSE Bug 1242955",
"url": "https://bugzilla.suse.com/1242955"
},
{
"category": "self",
"summary": "SUSE Bug 1242957",
"url": "https://bugzilla.suse.com/1242957"
},
{
"category": "self",
"summary": "SUSE Bug 1242959",
"url": "https://bugzilla.suse.com/1242959"
},
{
"category": "self",
"summary": "SUSE Bug 1242961",
"url": "https://bugzilla.suse.com/1242961"
},
{
"category": "self",
"summary": "SUSE Bug 1242964",
"url": "https://bugzilla.suse.com/1242964"
},
{
"category": "self",
"summary": "SUSE Bug 1242966",
"url": "https://bugzilla.suse.com/1242966"
},
{
"category": "self",
"summary": "SUSE Bug 1242967",
"url": "https://bugzilla.suse.com/1242967"
},
{
"category": "self",
"summary": "SUSE Bug 1242973",
"url": "https://bugzilla.suse.com/1242973"
},
{
"category": "self",
"summary": "SUSE Bug 1242974",
"url": "https://bugzilla.suse.com/1242974"
},
{
"category": "self",
"summary": "SUSE Bug 1242977",
"url": "https://bugzilla.suse.com/1242977"
},
{
"category": "self",
"summary": "SUSE Bug 1242982",
"url": "https://bugzilla.suse.com/1242982"
},
{
"category": "self",
"summary": "SUSE Bug 1242990",
"url": "https://bugzilla.suse.com/1242990"
},
{
"category": "self",
"summary": "SUSE Bug 1243000",
"url": "https://bugzilla.suse.com/1243000"
},
{
"category": "self",
"summary": "SUSE Bug 1243006",
"url": "https://bugzilla.suse.com/1243006"
},
{
"category": "self",
"summary": "SUSE Bug 1243011",
"url": "https://bugzilla.suse.com/1243011"
},
{
"category": "self",
"summary": "SUSE Bug 1243015",
"url": "https://bugzilla.suse.com/1243015"
},
{
"category": "self",
"summary": "SUSE Bug 1243049",
"url": "https://bugzilla.suse.com/1243049"
},
{
"category": "self",
"summary": "SUSE Bug 1243051",
"url": "https://bugzilla.suse.com/1243051"
},
{
"category": "self",
"summary": "SUSE Bug 1243055",
"url": "https://bugzilla.suse.com/1243055"
},
{
"category": "self",
"summary": "SUSE Bug 1243060",
"url": "https://bugzilla.suse.com/1243060"
},
{
"category": "self",
"summary": "SUSE Bug 1243074",
"url": "https://bugzilla.suse.com/1243074"
},
{
"category": "self",
"summary": "SUSE Bug 1243076",
"url": "https://bugzilla.suse.com/1243076"
},
{
"category": "self",
"summary": "SUSE Bug 1243082",
"url": "https://bugzilla.suse.com/1243082"
},
{
"category": "self",
"summary": "SUSE Bug 1243330",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243456",
"url": "https://bugzilla.suse.com/1243456"
},
{
"category": "self",
"summary": "SUSE Bug 1243467",
"url": "https://bugzilla.suse.com/1243467"
},
{
"category": "self",
"summary": "SUSE Bug 1243469",
"url": "https://bugzilla.suse.com/1243469"
},
{
"category": "self",
"summary": "SUSE Bug 1243470",
"url": "https://bugzilla.suse.com/1243470"
},
{
"category": "self",
"summary": "SUSE Bug 1243471",
"url": "https://bugzilla.suse.com/1243471"
},
{
"category": "self",
"summary": "SUSE Bug 1243472",
"url": "https://bugzilla.suse.com/1243472"
},
{
"category": "self",
"summary": "SUSE Bug 1243473",
"url": "https://bugzilla.suse.com/1243473"
},
{
"category": "self",
"summary": "SUSE Bug 1243475",
"url": "https://bugzilla.suse.com/1243475"
},
{
"category": "self",
"summary": "SUSE Bug 1243476",
"url": "https://bugzilla.suse.com/1243476"
},
{
"category": "self",
"summary": "SUSE Bug 1243480",
"url": "https://bugzilla.suse.com/1243480"
},
{
"category": "self",
"summary": "SUSE Bug 1243506",
"url": "https://bugzilla.suse.com/1243506"
},
{
"category": "self",
"summary": "SUSE Bug 1243509",
"url": "https://bugzilla.suse.com/1243509"
},
{
"category": "self",
"summary": "SUSE Bug 1243511",
"url": "https://bugzilla.suse.com/1243511"
},
{
"category": "self",
"summary": "SUSE Bug 1243514",
"url": "https://bugzilla.suse.com/1243514"
},
{
"category": "self",
"summary": "SUSE Bug 1243515",
"url": "https://bugzilla.suse.com/1243515"
},
{
"category": "self",
"summary": "SUSE Bug 1243516",
"url": "https://bugzilla.suse.com/1243516"
},
{
"category": "self",
"summary": "SUSE Bug 1243517",
"url": "https://bugzilla.suse.com/1243517"
},
{
"category": "self",
"summary": "SUSE Bug 1243522",
"url": "https://bugzilla.suse.com/1243522"
},
{
"category": "self",
"summary": "SUSE Bug 1243523",
"url": "https://bugzilla.suse.com/1243523"
},
{
"category": "self",
"summary": "SUSE Bug 1243524",
"url": "https://bugzilla.suse.com/1243524"
},
{
"category": "self",
"summary": "SUSE Bug 1243528",
"url": "https://bugzilla.suse.com/1243528"
},
{
"category": "self",
"summary": "SUSE Bug 1243529",
"url": "https://bugzilla.suse.com/1243529"
},
{
"category": "self",
"summary": "SUSE Bug 1243530",
"url": "https://bugzilla.suse.com/1243530"
},
{
"category": "self",
"summary": "SUSE Bug 1243534",
"url": "https://bugzilla.suse.com/1243534"
},
{
"category": "self",
"summary": "SUSE Bug 1243536",
"url": "https://bugzilla.suse.com/1243536"
},
{
"category": "self",
"summary": "SUSE Bug 1243537",
"url": "https://bugzilla.suse.com/1243537"
},
{
"category": "self",
"summary": "SUSE Bug 1243538",
"url": "https://bugzilla.suse.com/1243538"
},
{
"category": "self",
"summary": "SUSE Bug 1243540",
"url": "https://bugzilla.suse.com/1243540"
},
{
"category": "self",
"summary": "SUSE Bug 1243542",
"url": "https://bugzilla.suse.com/1243542"
},
{
"category": "self",
"summary": "SUSE Bug 1243543",
"url": "https://bugzilla.suse.com/1243543"
},
{
"category": "self",
"summary": "SUSE Bug 1243544",
"url": "https://bugzilla.suse.com/1243544"
},
{
"category": "self",
"summary": "SUSE Bug 1243545",
"url": "https://bugzilla.suse.com/1243545"
},
{
"category": "self",
"summary": "SUSE Bug 1243548",
"url": "https://bugzilla.suse.com/1243548"
},
{
"category": "self",
"summary": "SUSE Bug 1243551",
"url": "https://bugzilla.suse.com/1243551"
},
{
"category": "self",
"summary": "SUSE Bug 1243559",
"url": "https://bugzilla.suse.com/1243559"
},
{
"category": "self",
"summary": "SUSE Bug 1243560",
"url": "https://bugzilla.suse.com/1243560"
},
{
"category": "self",
"summary": "SUSE Bug 1243562",
"url": "https://bugzilla.suse.com/1243562"
},
{
"category": "self",
"summary": "SUSE Bug 1243567",
"url": "https://bugzilla.suse.com/1243567"
},
{
"category": "self",
"summary": "SUSE Bug 1243571",
"url": "https://bugzilla.suse.com/1243571"
},
{
"category": "self",
"summary": "SUSE Bug 1243572",
"url": "https://bugzilla.suse.com/1243572"
},
{
"category": "self",
"summary": "SUSE Bug 1243573",
"url": "https://bugzilla.suse.com/1243573"
},
{
"category": "self",
"summary": "SUSE Bug 1243574",
"url": "https://bugzilla.suse.com/1243574"
},
{
"category": "self",
"summary": "SUSE Bug 1243575",
"url": "https://bugzilla.suse.com/1243575"
},
{
"category": "self",
"summary": "SUSE Bug 1243589",
"url": "https://bugzilla.suse.com/1243589"
},
{
"category": "self",
"summary": "SUSE Bug 1243620",
"url": "https://bugzilla.suse.com/1243620"
},
{
"category": "self",
"summary": "SUSE Bug 1243621",
"url": "https://bugzilla.suse.com/1243621"
},
{
"category": "self",
"summary": "SUSE Bug 1243624",
"url": "https://bugzilla.suse.com/1243624"
},
{
"category": "self",
"summary": "SUSE Bug 1243625",
"url": "https://bugzilla.suse.com/1243625"
},
{
"category": "self",
"summary": "SUSE Bug 1243626",
"url": "https://bugzilla.suse.com/1243626"
},
{
"category": "self",
"summary": "SUSE Bug 1243627",
"url": "https://bugzilla.suse.com/1243627"
},
{
"category": "self",
"summary": "SUSE Bug 1243628",
"url": "https://bugzilla.suse.com/1243628"
},
{
"category": "self",
"summary": "SUSE Bug 1243649",
"url": "https://bugzilla.suse.com/1243649"
},
{
"category": "self",
"summary": "SUSE Bug 1243659",
"url": "https://bugzilla.suse.com/1243659"
},
{
"category": "self",
"summary": "SUSE Bug 1243660",
"url": "https://bugzilla.suse.com/1243660"
},
{
"category": "self",
"summary": "SUSE Bug 1243664",
"url": "https://bugzilla.suse.com/1243664"
},
{
"category": "self",
"summary": "SUSE Bug 1243698",
"url": "https://bugzilla.suse.com/1243698"
},
{
"category": "self",
"summary": "SUSE Bug 1243774",
"url": "https://bugzilla.suse.com/1243774"
},
{
"category": "self",
"summary": "SUSE Bug 1243782",
"url": "https://bugzilla.suse.com/1243782"
},
{
"category": "self",
"summary": "SUSE Bug 1243823",
"url": "https://bugzilla.suse.com/1243823"
},
{
"category": "self",
"summary": "SUSE Bug 1243827",
"url": "https://bugzilla.suse.com/1243827"
},
{
"category": "self",
"summary": "SUSE Bug 1243832",
"url": "https://bugzilla.suse.com/1243832"
},
{
"category": "self",
"summary": "SUSE Bug 1243836",
"url": "https://bugzilla.suse.com/1243836"
},
{
"category": "self",
"summary": "SUSE Bug 1243847",
"url": "https://bugzilla.suse.com/1243847"
},
{
"category": "self",
"summary": "SUSE Bug 1244100",
"url": "https://bugzilla.suse.com/1244100"
},
{
"category": "self",
"summary": "SUSE Bug 1244145",
"url": "https://bugzilla.suse.com/1244145"
},
{
"category": "self",
"summary": "SUSE Bug 1244172",
"url": "https://bugzilla.suse.com/1244172"
},
{
"category": "self",
"summary": "SUSE Bug 1244174",
"url": "https://bugzilla.suse.com/1244174"
},
{
"category": "self",
"summary": "SUSE Bug 1244176",
"url": "https://bugzilla.suse.com/1244176"
},
{
"category": "self",
"summary": "SUSE Bug 1244229",
"url": "https://bugzilla.suse.com/1244229"
},
{
"category": "self",
"summary": "SUSE Bug 1244234",
"url": "https://bugzilla.suse.com/1244234"
},
{
"category": "self",
"summary": "SUSE Bug 1244241",
"url": "https://bugzilla.suse.com/1244241"
},
{
"category": "self",
"summary": "SUSE Bug 1244261",
"url": "https://bugzilla.suse.com/1244261"
},
{
"category": "self",
"summary": "SUSE Bug 1244274",
"url": "https://bugzilla.suse.com/1244274"
},
{
"category": "self",
"summary": "SUSE Bug 1244275",
"url": "https://bugzilla.suse.com/1244275"
},
{
"category": "self",
"summary": "SUSE Bug 1244277",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "self",
"summary": "SUSE Bug 1244309",
"url": "https://bugzilla.suse.com/1244309"
},
{
"category": "self",
"summary": "SUSE Bug 1244313",
"url": "https://bugzilla.suse.com/1244313"
},
{
"category": "self",
"summary": "SUSE Bug 1244337",
"url": "https://bugzilla.suse.com/1244337"
},
{
"category": "self",
"summary": "SUSE Bug 1244626",
"url": "https://bugzilla.suse.com/1244626"
},
{
"category": "self",
"summary": "SUSE Bug 1244725",
"url": "https://bugzilla.suse.com/1244725"
},
{
"category": "self",
"summary": "SUSE Bug 1244727",
"url": "https://bugzilla.suse.com/1244727"
},
{
"category": "self",
"summary": "SUSE Bug 1244729",
"url": "https://bugzilla.suse.com/1244729"
},
{
"category": "self",
"summary": "SUSE Bug 1244731",
"url": "https://bugzilla.suse.com/1244731"
},
{
"category": "self",
"summary": "SUSE Bug 1244732",
"url": "https://bugzilla.suse.com/1244732"
},
{
"category": "self",
"summary": "SUSE Bug 1244736",
"url": "https://bugzilla.suse.com/1244736"
},
{
"category": "self",
"summary": "SUSE Bug 1244737",
"url": "https://bugzilla.suse.com/1244737"
},
{
"category": "self",
"summary": "SUSE Bug 1244738",
"url": "https://bugzilla.suse.com/1244738"
},
{
"category": "self",
"summary": "SUSE Bug 1244739",
"url": "https://bugzilla.suse.com/1244739"
},
{
"category": "self",
"summary": "SUSE Bug 1244743",
"url": "https://bugzilla.suse.com/1244743"
},
{
"category": "self",
"summary": "SUSE Bug 1244746",
"url": "https://bugzilla.suse.com/1244746"
},
{
"category": "self",
"summary": "SUSE Bug 1244747",
"url": "https://bugzilla.suse.com/1244747"
},
{
"category": "self",
"summary": "SUSE Bug 1244759",
"url": "https://bugzilla.suse.com/1244759"
},
{
"category": "self",
"summary": "SUSE Bug 1244789",
"url": "https://bugzilla.suse.com/1244789"
},
{
"category": "self",
"summary": "SUSE Bug 1244862",
"url": "https://bugzilla.suse.com/1244862"
},
{
"category": "self",
"summary": "SUSE Bug 1244906",
"url": "https://bugzilla.suse.com/1244906"
},
{
"category": "self",
"summary": "SUSE Bug 1244938",
"url": "https://bugzilla.suse.com/1244938"
},
{
"category": "self",
"summary": "SUSE Bug 1244995",
"url": "https://bugzilla.suse.com/1244995"
},
{
"category": "self",
"summary": "SUSE Bug 1244996",
"url": "https://bugzilla.suse.com/1244996"
},
{
"category": "self",
"summary": "SUSE Bug 1244999",
"url": "https://bugzilla.suse.com/1244999"
},
{
"category": "self",
"summary": "SUSE Bug 1245001",
"url": "https://bugzilla.suse.com/1245001"
},
{
"category": "self",
"summary": "SUSE Bug 1245003",
"url": "https://bugzilla.suse.com/1245003"
},
{
"category": "self",
"summary": "SUSE Bug 1245004",
"url": "https://bugzilla.suse.com/1245004"
},
{
"category": "self",
"summary": "SUSE Bug 1245025",
"url": "https://bugzilla.suse.com/1245025"
},
{
"category": "self",
"summary": "SUSE Bug 1245042",
"url": "https://bugzilla.suse.com/1245042"
},
{
"category": "self",
"summary": "SUSE Bug 1245046",
"url": "https://bugzilla.suse.com/1245046"
},
{
"category": "self",
"summary": "SUSE Bug 1245078",
"url": "https://bugzilla.suse.com/1245078"
},
{
"category": "self",
"summary": "SUSE Bug 1245081",
"url": "https://bugzilla.suse.com/1245081"
},
{
"category": "self",
"summary": "SUSE Bug 1245082",
"url": "https://bugzilla.suse.com/1245082"
},
{
"category": "self",
"summary": "SUSE Bug 1245083",
"url": "https://bugzilla.suse.com/1245083"
},
{
"category": "self",
"summary": "SUSE Bug 1245101",
"url": "https://bugzilla.suse.com/1245101"
},
{
"category": "self",
"summary": "SUSE Bug 1245155",
"url": "https://bugzilla.suse.com/1245155"
},
{
"category": "self",
"summary": "SUSE Bug 1245183",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "self",
"summary": "SUSE Bug 1245193",
"url": "https://bugzilla.suse.com/1245193"
},
{
"category": "self",
"summary": "SUSE Bug 1245210",
"url": "https://bugzilla.suse.com/1245210"
},
{
"category": "self",
"summary": "SUSE Bug 1245217",
"url": "https://bugzilla.suse.com/1245217"
},
{
"category": "self",
"summary": "SUSE Bug 1245225",
"url": "https://bugzilla.suse.com/1245225"
},
{
"category": "self",
"summary": "SUSE Bug 1245226",
"url": "https://bugzilla.suse.com/1245226"
},
{
"category": "self",
"summary": "SUSE Bug 1245228",
"url": "https://bugzilla.suse.com/1245228"
},
{
"category": "self",
"summary": "SUSE Bug 1245431",
"url": "https://bugzilla.suse.com/1245431"
},
{
"category": "self",
"summary": "SUSE Bug 1245455",
"url": "https://bugzilla.suse.com/1245455"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52888 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53146 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26762 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26831 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49568 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50034 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50293 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50293/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56541 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56613 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56699 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57982 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57987 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57988 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57995 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58004 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58015 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58053 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58062 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58077 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58098 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58100 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21629 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21658 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21713 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21720 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21805 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21849 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21880 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21898 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21899 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21901 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21920 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21920/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21938 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21939 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21939/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21940 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21987 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22023 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22035 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22083 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22089 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22095 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22111 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22113 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22113/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22120 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22124 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23147 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23148 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23151 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23155 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23157 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23158 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23159 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23161 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23162 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37740 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37756 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37757 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37761 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37763 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37769 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37771 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37786 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37788 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37791 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37800 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37801 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37805 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37811 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37813 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37837 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37841 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37847 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37848 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37849 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37851 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37859 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37861 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37867 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37874 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37884 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37888 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37897 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37900 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37901 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37903 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37909 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37917 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37921 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37923 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37927 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37929 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37933 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37934 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37936 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37938 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37944 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37945 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37946 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37954 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37961 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37965 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37967 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37968 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37980 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37981 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37982 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37983 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37986 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37987 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37989 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37990 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37992 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37994 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37995 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37998 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38000 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38001 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38003 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38004 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38007 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38009 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38010 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38011 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38013 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38015 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38018 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38020 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38022 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38023 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38024 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38027 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38031 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38040 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38043 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38044 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38045 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38053 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38055 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38059 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38060 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38068 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38072 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38077 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38078 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38079 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38080 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38081 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38083 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38240 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40014/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-07-14T12:31:08Z",
"generator": {
"date": "2025-07-14T12:31:08Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02307-1",
"initial_release_date": "2025-07-14T12:31:08Z",
"revision_history": [
{
"date": "2025-07-14T12:31:08Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-64kb-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "cluster-md-kmp-64kb-6.4.0-150700.53.6.1.aarch64",
"product_id": "cluster-md-kmp-64kb-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-64kb-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dlm-kmp-64kb-6.4.0-150700.53.6.1.aarch64",
"product_id": "dlm-kmp-64kb-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"product_id": "dlm-kmp-default-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-allwinner-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-allwinner-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-allwinner-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-altera-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-altera-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-altera-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amazon-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-amazon-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-amazon-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amd-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-amd-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-amd-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amlogic-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-amlogic-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-amlogic-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apm-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-apm-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-apm-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apple-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-apple-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-apple-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-arm-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-arm-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-arm-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-broadcom-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-broadcom-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-broadcom-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-cavium-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-cavium-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-cavium-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-exynos-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-exynos-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-exynos-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-freescale-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-freescale-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-freescale-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-hisilicon-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-hisilicon-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-hisilicon-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-lg-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-lg-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-lg-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-marvell-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-marvell-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-marvell-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-mediatek-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-mediatek-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-mediatek-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-nvidia-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-nvidia-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-nvidia-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-qcom-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-qcom-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-qcom-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-renesas-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-renesas-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-renesas-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-rockchip-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-rockchip-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-rockchip-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-socionext-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-socionext-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-socionext-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-sprd-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-sprd-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-sprd-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-xilinx-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "dtb-xilinx-6.4.0-150700.53.6.1.aarch64",
"product_id": "dtb-xilinx-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-64kb-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "gfs2-kmp-64kb-6.4.0-150700.53.6.1.aarch64",
"product_id": "gfs2-kmp-64kb-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"product_id": "kernel-64kb-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"product_id": "kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-extra-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "kernel-64kb-extra-6.4.0-150700.53.6.1.aarch64",
"product_id": "kernel-64kb-extra-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-optional-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "kernel-64kb-optional-6.4.0-150700.53.6.1.aarch64",
"product_id": "kernel-64kb-optional-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-150700.53.6.1.aarch64",
"product_id": "kernel-default-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"product_id": "kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"product_id": "kernel-default-base-rebuild-6.4.0-150700.53.6.1.150700.17.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"product_id": "kernel-default-devel-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.6.1.aarch64",
"product_id": "kernel-default-extra-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.6.1.aarch64",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.6.1.aarch64",
"product_id": "kernel-default-optional-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "kernel-kvmsmall-6.4.0-150700.53.6.1.aarch64",
"product_id": "kernel-kvmsmall-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.6.1.aarch64",
"product_id": "kernel-kvmsmall-devel-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"product_id": "kernel-obs-build-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.6.1.aarch64",
"product_id": "kernel-obs-qa-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "kernel-syms-6.4.0-150700.53.6.1.aarch64",
"product_id": "kernel-syms-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-64kb-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "kselftests-kmp-64kb-6.4.0-150700.53.6.1.aarch64",
"product_id": "kselftests-kmp-64kb-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.6.1.aarch64",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-64kb-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "ocfs2-kmp-64kb-6.4.0-150700.53.6.1.aarch64",
"product_id": "ocfs2-kmp-64kb-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-64kb-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "reiserfs-kmp-64kb-6.4.0-150700.53.6.1.aarch64",
"product_id": "reiserfs-kmp-64kb-6.4.0-150700.53.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-150700.53.6.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-150700.53.6.1.noarch",
"product_id": "kernel-devel-6.4.0-150700.53.6.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-6.4.0-150700.53.6.1.noarch",
"product": {
"name": "kernel-docs-6.4.0-150700.53.6.1.noarch",
"product_id": "kernel-docs-6.4.0-150700.53.6.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-6.4.0-150700.53.6.1.noarch",
"product": {
"name": "kernel-docs-html-6.4.0-150700.53.6.1.noarch",
"product_id": "kernel-docs-html-6.4.0-150700.53.6.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-150700.53.6.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-150700.53.6.1.noarch",
"product_id": "kernel-macros-6.4.0-150700.53.6.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-150700.53.6.1.noarch",
"product": {
"name": "kernel-source-6.4.0-150700.53.6.1.noarch",
"product_id": "kernel-source-6.4.0-150700.53.6.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-6.4.0-150700.53.6.1.noarch",
"product": {
"name": "kernel-source-vanilla-6.4.0-150700.53.6.1.noarch",
"product_id": "kernel-source-vanilla-6.4.0-150700.53.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"product_id": "dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "kernel-default-6.4.0-150700.53.6.1.ppc64le",
"product_id": "kernel-default-6.4.0-150700.53.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"product": {
"name": "kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"product_id": "kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"product_id": "kernel-default-base-rebuild-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"product_id": "kernel-default-devel-6.4.0-150700.53.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.6.1.ppc64le",
"product_id": "kernel-default-extra-6.4.0-150700.53.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"product_id": "kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.6.1.ppc64le",
"product_id": "kernel-default-optional-6.4.0-150700.53.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-6.4.0-150700.53.6.1.ppc64le",
"product_id": "kernel-kvmsmall-6.4.0-150700.53.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.6.1.ppc64le",
"product_id": "kernel-kvmsmall-devel-6.4.0-150700.53.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"product": {
"name": "kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"product_id": "kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"product_id": "kernel-obs-build-6.4.0-150700.53.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.6.1.ppc64le",
"product_id": "kernel-obs-qa-6.4.0-150700.53.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"product_id": "kernel-syms-6.4.0-150700.53.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"product_id": "dlm-kmp-default-6.4.0-150700.53.6.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.6.1.s390x",
"product": {
"name": "kernel-default-6.4.0-150700.53.6.1.s390x",
"product_id": "kernel-default-6.4.0-150700.53.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"product_id": "kernel-default-devel-6.4.0-150700.53.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.6.1.s390x",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.6.1.s390x",
"product_id": "kernel-default-extra-6.4.0-150700.53.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"product_id": "kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.6.1.s390x",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.6.1.s390x",
"product_id": "kernel-default-optional-6.4.0-150700.53.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"product_id": "kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"product_id": "kernel-obs-build-6.4.0-150700.53.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.6.1.s390x",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.6.1.s390x",
"product_id": "kernel-obs-qa-6.4.0-150700.53.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.6.1.s390x",
"product": {
"name": "kernel-syms-6.4.0-150700.53.6.1.s390x",
"product_id": "kernel-syms-6.4.0-150700.53.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"product": {
"name": "kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"product_id": "kernel-zfcpdump-6.4.0-150700.53.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.6.1.s390x",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.6.1.s390x",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.6.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"product_id": "dlm-kmp-default-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-150700.53.6.1.x86_64",
"product_id": "kernel-default-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"product_id": "kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"product_id": "kernel-default-base-rebuild-6.4.0-150700.53.6.1.150700.17.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"product_id": "kernel-default-devel-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.6.1.x86_64",
"product_id": "kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"product_id": "kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.6.1.x86_64",
"product_id": "kernel-default-optional-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-vdso-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "kernel-default-vdso-6.4.0-150700.53.6.1.x86_64",
"product_id": "kernel-default-vdso-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-150700.53.6.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.6.1.x86_64",
"product_id": "kernel-kvmsmall-devel-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-vdso-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "kernel-kvmsmall-vdso-6.4.0-150700.53.6.1.x86_64",
"product_id": "kernel-kvmsmall-vdso-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"product_id": "kernel-obs-build-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.6.1.x86_64",
"product_id": "kernel-obs-qa-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "kernel-syms-6.4.0-150700.53.6.1.x86_64",
"product_id": "kernel-syms-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.6.1.x86_64",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-6.4.0-150700.53.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64"
},
"product_reference": "kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64"
},
"product_reference": "kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-150700.53.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le"
},
"product_reference": "kernel-default-6.4.0-150700.53.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x"
},
"product_reference": "kernel-default-6.4.0-150700.53.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-150700.53.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le"
},
"product_reference": "kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-150700.53.6.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-150700.53.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-150700.53.6.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-150700.53.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-6.4.0-150700.53.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x"
},
"product_reference": "kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-6.4.0-150700.53.6.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch"
},
"product_reference": "kernel-docs-6.4.0-150700.53.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.6.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.6.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.6.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.6.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-150700.53.6.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch"
},
"product_reference": "kernel-source-6.4.0-150700.53.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.6.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64"
},
"product_reference": "kernel-syms-6.4.0-150700.53.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.6.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le"
},
"product_reference": "kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.6.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x"
},
"product_reference": "kernel-syms-6.4.0-150700.53.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.6.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64"
},
"product_reference": "kernel-syms-6.4.0-150700.53.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150700.53.6.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.6.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.6.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.6.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.6.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150700.53.6.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
},
"product_reference": "kernel-default-extra-6.4.0-150700.53.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Only free buffer VA that is not NULL\n\nIn the MediaTek vcodec driver, while mtk_vcodec_mem_free() is mostly\ncalled only when the buffer to free exists, there are some instances\nthat didn\u0027t do the check and triggered warnings in practice.\n\nWe believe those checks were forgotten unintentionally. Add the checks\nback to fix the warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52888",
"url": "https://www.suse.com/security/cve/CVE-2023-52888"
},
{
"category": "external",
"summary": "SUSE Bug 1228557 for CVE-2023-52888",
"url": "https://bugzilla.suse.com/1228557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2023-52888"
},
{
"cve": "CVE-2023-53146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()\n\nIn dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach dw2102_i2c_transfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 950e252cb469\n(\"[media] dw2102: limit messages to buffer size\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53146",
"url": "https://www.suse.com/security/cve/CVE-2023-53146"
},
{
"category": "external",
"summary": "SUSE Bug 1220112 for CVE-2023-53146",
"url": "https://bugzilla.suse.com/1220112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2023-53146"
},
{
"cve": "CVE-2024-26762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/pci: Skip to handle RAS errors if CXL.mem device is detached\n\nThe PCI AER model is an awkward fit for CXL error handling. While the\nexpectation is that a PCI device can escalate to link reset to recover\nfrom an AER event, the same reset on CXL amounts to a surprise memory\nhotplug of massive amounts of memory.\n\nAt present, the CXL error handler attempts some optimistic error\nhandling to unbind the device from the cxl_mem driver after reaping some\nRAS register values. This results in a \"hopeful\" attempt to unplug the\nmemory, but there is no guarantee that will succeed.\n\nA subsequent AER notification after the memdev unbind event can no\nlonger assume the registers are mapped. Check for memdev bind before\nreaping status register values to avoid crashes of the form:\n\n BUG: unable to handle page fault for address: ffa00000195e9100\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n [...]\n RIP: 0010:__cxl_handle_ras+0x30/0x110 [cxl_core]\n [...]\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x24/0x70\n ? page_fault_oops+0x82/0x160\n ? kernelmode_fixup_or_oops+0x84/0x110\n ? exc_page_fault+0x113/0x170\n ? asm_exc_page_fault+0x26/0x30\n ? __pfx_dpc_reset_link+0x10/0x10\n ? __cxl_handle_ras+0x30/0x110 [cxl_core]\n ? find_cxl_port+0x59/0x80 [cxl_core]\n cxl_handle_rp_ras+0xbc/0xd0 [cxl_core]\n cxl_error_detected+0x6c/0xf0 [cxl_core]\n report_error_detected+0xc7/0x1c0\n pci_walk_bus+0x73/0x90\n pcie_do_recovery+0x23f/0x330\n\nLonger term, the unbind and PCI_ERS_RESULT_DISCONNECT behavior might\nneed to be replaced with a new PCI_ERS_RESULT_PANIC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26762",
"url": "https://www.suse.com/security/cve/CVE-2024-26762"
},
{
"category": "external",
"summary": "SUSE Bug 1230337 for CVE-2024-26762",
"url": "https://bugzilla.suse.com/1230337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-26762"
},
{
"cve": "CVE-2024-26831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/handshake: Fix handshake_req_destroy_test1\n\nRecently, handshake_req_destroy_test1 started failing:\n\nExpected handshake_req_destroy_test == req, but\n handshake_req_destroy_test == 0000000000000000\n req == 0000000060f99b40\nnot ok 11 req_destroy works\n\nThis is because \"sock_release(sock)\" was replaced with \"fput(filp)\"\nto address a memory leak. Note that sock_release() is synchronous\nbut fput() usually delays the final close and clean-up.\n\nThe delay is not consequential in the other cases that were changed\nbut handshake_req_destroy_test1 is testing that handshake_req_cancel()\nfollowed by closing the file actually does call the -\u003ehp_destroy\nmethod. Thus the PTR_EQ test at the end has to be sure that the\nfinal close is complete before it checks the pointer.\n\nWe cannot use a completion here because if -\u003ehp_destroy is never\ncalled (ie, there is an API bug) then the test will hang.\n\nReported by: Guenter Roeck \u003clinux@roeck-us.net\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26831",
"url": "https://www.suse.com/security/cve/CVE-2024-26831"
},
{
"category": "external",
"summary": "SUSE Bug 1223008 for CVE-2024-26831",
"url": "https://bugzilla.suse.com/1223008"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-26831"
},
{
"cve": "CVE-2024-41085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/mem: Fix no cxl_nvd during pmem region auto-assembling\n\nWhen CXL subsystem is auto-assembling a pmem region during cxl\nendpoint port probing, always hit below calltrace.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000078\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n RIP: 0010:cxl_pmem_region_probe+0x22e/0x360 [cxl_pmem]\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x24/0x70\n ? page_fault_oops+0x82/0x160\n ? do_user_addr_fault+0x65/0x6b0\n ? exc_page_fault+0x7d/0x170\n ? asm_exc_page_fault+0x26/0x30\n ? cxl_pmem_region_probe+0x22e/0x360 [cxl_pmem]\n ? cxl_pmem_region_probe+0x1ac/0x360 [cxl_pmem]\n cxl_bus_probe+0x1b/0x60 [cxl_core]\n really_probe+0x173/0x410\n ? __pfx___device_attach_driver+0x10/0x10\n __driver_probe_device+0x80/0x170\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x90/0x120\n bus_for_each_drv+0x84/0xe0\n __device_attach+0xbc/0x1f0\n bus_probe_device+0x90/0xa0\n device_add+0x51c/0x710\n devm_cxl_add_pmem_region+0x1b5/0x380 [cxl_core]\n cxl_bus_probe+0x1b/0x60 [cxl_core]\n\nThe cxl_nvd of the memdev needs to be available during the pmem region\nprobe. Currently the cxl_nvd is registered after the endpoint port probe.\nThe endpoint probe, in the case of autoassembly of regions, can cause a\npmem region probe requiring the not yet available cxl_nvd. Adjust the\nsequence so this dependency is met.\n\nThis requires adding a port parameter to cxl_find_nvdimm_bridge() that\ncan be used to query the ancestor root port. The endpoint port is not\nyet available, but will share a common ancestor with its parent, so\nstart the query from there instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41085",
"url": "https://www.suse.com/security/cve/CVE-2024-41085"
},
{
"category": "external",
"summary": "SUSE Bug 1228478 for CVE-2024-41085",
"url": "https://bugzilla.suse.com/1228478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-41085"
},
{
"cve": "CVE-2024-43869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix event leak upon exec and file release\n\nThe perf pending task work is never waited upon the matching event\nrelease. In the case of a child event, released via free_event()\ndirectly, this can potentially result in a leaked event, such as in the\nfollowing scenario that doesn\u0027t even require a weak IRQ work\nimplementation to trigger:\n\nschedule()\n prepare_task_switch()\n=======\u003e \u003cNMI\u003e\n perf_event_overflow()\n event-\u003epending_sigtrap = ...\n irq_work_queue(\u0026event-\u003epending_irq)\n\u003c======= \u003c/NMI\u003e\n perf_event_task_sched_out()\n event_sched_out()\n event-\u003epending_sigtrap = 0;\n atomic_long_inc_not_zero(\u0026event-\u003erefcount)\n task_work_add(\u0026event-\u003epending_task)\n finish_lock_switch()\n=======\u003e \u003cIRQ\u003e\n perf_pending_irq()\n //do nothing, rely on pending task work\n\u003c======= \u003c/IRQ\u003e\n\nbegin_new_exec()\n perf_event_exit_task()\n perf_event_exit_event()\n // If is child event\n free_event()\n WARN(atomic_long_cmpxchg(\u0026event-\u003erefcount, 1, 0) != 1)\n // event is leaked\n\nSimilar scenarios can also happen with perf_event_remove_on_exec() or\nsimply against concurrent perf_event_release().\n\nFix this with synchonizing against the possibly remaining pending task\nwork while freeing the event, just like is done with remaining pending\nIRQ work. This means that the pending task callback neither need nor\nshould hold a reference to the event, preventing it from ever beeing\nfreed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43869",
"url": "https://www.suse.com/security/cve/CVE-2024-43869"
},
{
"category": "external",
"summary": "SUSE Bug 1229491 for CVE-2024-43869",
"url": "https://bugzilla.suse.com/1229491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-43869"
},
{
"cve": "CVE-2024-49568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the fields v2_ext_offset/\neid_cnt/ism_gid_cnt in proposal msg are from the remote client\nand can not be fully trusted. Especially the field v2_ext_offset,\nonce exceed the max value, there has the chance to access wrong\naddress, and crash may happen.\n\nThis patch checks the fields v2_ext_offset/eid_cnt/ism_gid_cnt\nbefore using them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49568",
"url": "https://www.suse.com/security/cve/CVE-2024-49568"
},
{
"category": "external",
"summary": "SUSE Bug 1235728 for CVE-2024-49568",
"url": "https://bugzilla.suse.com/1235728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-49568"
},
{
"cve": "CVE-2024-50034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC\n\nEric report a panic on IPPROTO_SMC, and give the facts\nthat when INET_PROTOSW_ICSK was set, icsk-\u003eicsk_sync_mss must be set too.\n\nBug: Unable to handle kernel NULL pointer dereference at virtual address\n0000000000000000\nMem abort info:\nESR = 0x0000000086000005\nEC = 0x21: IABT (current EL), IL = 32 bits\nSET = 0, FnV = 0\nEA = 0, S1PTW = 0\nFSC = 0x05: level 1 translation fault\nuser pgtable: 4k pages, 48-bit VAs, pgdp=00000001195d1000\n[0000000000000000] pgd=0800000109c46003, p4d=0800000109c46003,\npud=0000000000000000\nInternal error: Oops: 0000000086000005 [#1] PREEMPT SMP\nModules linked in:\nCPU: 1 UID: 0 PID: 8037 Comm: syz.3.265 Not tainted\n6.11.0-rc7-syzkaller-g5f5673607153 #0\nHardware name: Google Google Compute Engine/Google Compute Engine,\nBIOS Google 08/06/2024\npstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : 0x0\nlr : cipso_v4_sock_setattr+0x2a8/0x3c0 net/ipv4/cipso_ipv4.c:1910\nsp : ffff80009b887a90\nx29: ffff80009b887aa0 x28: ffff80008db94050 x27: 0000000000000000\nx26: 1fffe0001aa6f5b3 x25: dfff800000000000 x24: ffff0000db75da00\nx23: 0000000000000000 x22: ffff0000d8b78518 x21: 0000000000000000\nx20: ffff0000d537ad80 x19: ffff0000d8b78000 x18: 1fffe000366d79ee\nx17: ffff8000800614a8 x16: ffff800080569b84 x15: 0000000000000001\nx14: 000000008b336894 x13: 00000000cd96feaa x12: 0000000000000003\nx11: 0000000000040000 x10: 00000000000020a3 x9 : 1fffe0001b16f0f1\nx8 : 0000000000000000 x7 : 0000000000000000 x6 : 000000000000003f\nx5 : 0000000000000040 x4 : 0000000000000001 x3 : 0000000000000000\nx2 : 0000000000000002 x1 : 0000000000000000 x0 : ffff0000d8b78000\nCall trace:\n0x0\nnetlbl_sock_setattr+0x2e4/0x338 net/netlabel/netlabel_kapi.c:1000\nsmack_netlbl_add+0xa4/0x154 security/smack/smack_lsm.c:2593\nsmack_socket_post_create+0xa8/0x14c security/smack/smack_lsm.c:2973\nsecurity_socket_post_create+0x94/0xd4 security/security.c:4425\n__sock_create+0x4c8/0x884 net/socket.c:1587\nsock_create net/socket.c:1622 [inline]\n__sys_socket_create net/socket.c:1659 [inline]\n__sys_socket+0x134/0x340 net/socket.c:1706\n__do_sys_socket net/socket.c:1720 [inline]\n__se_sys_socket net/socket.c:1718 [inline]\n__arm64_sys_socket+0x7c/0x94 net/socket.c:1718\n__invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\ninvoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\nel0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\ndo_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\nel0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712\nel0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730\nel0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598\nCode: ???????? ???????? ???????? ???????? (????????)\n---[ end trace 0000000000000000 ]---\n\nThis patch add a toy implementation that performs a simple return to\nprevent such panic. This is because MSS can be set in sock_create_kern\nor smc_setsockopt, similar to how it\u0027s done in AF_SMC. However, for\nAF_SMC, there is currently no way to synchronize MSS within\n__sys_connect_file. This toy implementation lays the groundwork for us\nto support such feature for IPPROTO_SMC in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50034",
"url": "https://www.suse.com/security/cve/CVE-2024-50034"
},
{
"category": "external",
"summary": "SUSE Bug 1231913 for CVE-2024-50034",
"url": "https://bugzilla.suse.com/1231913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-50034"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.com/1232882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-50106"
},
{
"cve": "CVE-2024-50293",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50293"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: do not leave a dangling sk pointer in __smc_create()\n\nThanks to commit 4bbd360a5084 (\"socket: Print pf-\u003ecreate() when\nit does not clear sock-\u003esk on failure.\"), syzbot found an issue with AF_SMC:\n\nsmc_create must clear sock-\u003esk on failure, family: 43, type: 1, protocol: 0\n WARNING: CPU: 0 PID: 5827 at net/socket.c:1565 __sock_create+0x96f/0xa30 net/socket.c:1563\nModules linked in:\nCPU: 0 UID: 0 PID: 5827 Comm: syz-executor259 Not tainted 6.12.0-rc6-next-20241106-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:__sock_create+0x96f/0xa30 net/socket.c:1563\nCode: 03 00 74 08 4c 89 e7 e8 4f 3b 85 f8 49 8b 34 24 48 c7 c7 40 89 0c 8d 8b 54 24 04 8b 4c 24 0c 44 8b 44 24 08 e8 32 78 db f7 90 \u003c0f\u003e 0b 90 90 e9 d3 fd ff ff 89 e9 80 e1 07 fe c1 38 c1 0f 8c ee f7\nRSP: 0018:ffffc90003e4fda0 EFLAGS: 00010246\nRAX: 099c6f938c7f4700 RBX: 1ffffffff1a595fd RCX: ffff888034823c00\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 00000000ffffffe9 R08: ffffffff81567052 R09: 1ffff920007c9f50\nR10: dffffc0000000000 R11: fffff520007c9f51 R12: ffffffff8d2cafe8\nR13: 1ffffffff1a595fe R14: ffffffff9a789c40 R15: ffff8880764298c0\nFS: 000055557b518380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fa62ff43225 CR3: 0000000031628000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n sock_create net/socket.c:1616 [inline]\n __sys_socket_create net/socket.c:1653 [inline]\n __sys_socket+0x150/0x3c0 net/socket.c:1700\n __do_sys_socket net/socket.c:1714 [inline]\n __se_sys_socket net/socket.c:1712 [inline]\n\nFor reference, see commit 2d859aff775d (\"Merge branch\n\u0027do-not-leave-dangling-sk-pointers-in-pf-create-functions\u0027\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50293",
"url": "https://www.suse.com/security/cve/CVE-2024-50293"
},
{
"category": "external",
"summary": "SUSE Bug 1233482 for CVE-2024-50293",
"url": "https://bugzilla.suse.com/1233482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "important"
}
],
"title": "CVE-2024-50293"
},
{
"cve": "CVE-2024-56541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup()\n\nDuring ath12k module removal, in ath12k_core_deinit(),\nath12k_mac_destroy() un-registers ah-\u003ehw from mac80211 and frees\nthe ah-\u003ehw as well as all the ar\u0027s in it. After this\nath12k_core_soc_destroy()-\u003e ath12k_dp_free()-\u003e ath12k_dp_cc_cleanup()\ntries to access one of the freed ar\u0027s from pending skb.\n\nThis is because during mac destroy, driver failed to flush few\ndata packets, which were accessed later in ath12k_dp_cc_cleanup()\nand freed, but using ar from the packet led to this use-after-free.\n\nBUG: KASAN: use-after-free in ath12k_dp_cc_cleanup.part.0+0x5e2/0xd40 [ath12k]\nWrite of size 4 at addr ffff888150bd3514 by task modprobe/8926\nCPU: 0 UID: 0 PID: 8926 Comm: modprobe Not tainted\n6.11.0-rc2-wt-ath+ #1746\nHardware name: Intel(R) Client Systems NUC8i7HVK/NUC8i7HVB, BIOS\nHNKBLi70.86A.0067.2021.0528.1339 05/28/2021\n\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7d/0xe0\n print_address_description.constprop.0+0x33/0x3a0\n print_report+0xb5/0x260\n ? kasan_addr_to_slab+0x24/0x80\n kasan_report+0xd8/0x110\n ? ath12k_dp_cc_cleanup.part.0+0x5e2/0xd40 [ath12k]\n ? ath12k_dp_cc_cleanup.part.0+0x5e2/0xd40 [ath12k]\n kasan_check_range+0xf3/0x1a0\n __kasan_check_write+0x14/0x20\n ath12k_dp_cc_cleanup.part.0+0x5e2/0xd40 [ath12k]\n ath12k_dp_free+0x178/0x420 [ath12k]\n ath12k_core_stop+0x176/0x200 [ath12k]\n ath12k_core_deinit+0x13f/0x210 [ath12k]\n ath12k_pci_remove+0xad/0x1c0 [ath12k]\n pci_device_remove+0x9b/0x1b0\n device_remove+0xbf/0x150\n device_release_driver_internal+0x3c3/0x580\n ? __kasan_check_read+0x11/0x20\n driver_detach+0xc4/0x190\n bus_remove_driver+0x130/0x2a0\n driver_unregister+0x68/0x90\n pci_unregister_driver+0x24/0x240\n ? find_module_all+0x13e/0x1e0\n ath12k_pci_exit+0x10/0x20 [ath12k]\n __do_sys_delete_module+0x32c/0x580\n ? module_flags+0x2f0/0x2f0\n ? kmem_cache_free+0xf0/0x410\n ? __fput+0x56f/0xab0\n ? __fput+0x56f/0xab0\n ? debug_smp_processor_id+0x17/0x20\n __x64_sys_delete_module+0x4f/0x70\n x64_sys_call+0x522/0x9f0\n do_syscall_64+0x64/0x130\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\nRIP: 0033:0x7f8182c6ac8b\n\nCommit 24de1b7b231c (\"wifi: ath12k: fix flush failure in recovery\nscenarios\") added the change to decrement the pending packets count\nin case of recovery which make sense as ah-\u003ehw as well all\nar\u0027s in it are intact during recovery, but during core deinit there\nis no use in decrementing packets count or waking up the empty waitq\nas the module is going to be removed also ar\u0027s from pending skb\u0027s\ncan\u0027t be used and the packets should just be released back.\n\nTo fix this, avoid accessing ar from skb-\u003ecb when driver is being\nunregistered.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.1.1-00214-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56541",
"url": "https://www.suse.com/security/cve/CVE-2024-56541"
},
{
"category": "external",
"summary": "SUSE Bug 1235064 for CVE-2024-56541",
"url": "https://bugzilla.suse.com/1235064"
},
{
"category": "external",
"summary": "SUSE Bug 1247044 for CVE-2024-56541",
"url": "https://bugzilla.suse.com/1247044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "important"
}
],
"title": "CVE-2024-56541"
},
{
"cve": "CVE-2024-56613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56613"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: fix memory leak due to the overwritten vma-\u003enumab_state\n\n[Problem Description]\nWhen running the hackbench program of LTP, the following memory leak is\nreported by kmemleak.\n\n # /opt/ltp/testcases/bin/hackbench 20 thread 1000\n Running with 20*40 (== 800) tasks.\n\n # dmesg | grep kmemleak\n ...\n kmemleak: 480 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n kmemleak: 665 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n\n # cat /sys/kernel/debug/kmemleak\n unreferenced object 0xffff888cd8ca2c40 (size 64):\n comm \"hackbench\", pid 17142, jiffies 4299780315\n hex dump (first 32 bytes):\n ac 74 49 00 01 00 00 00 4c 84 49 00 01 00 00 00 .tI.....L.I.....\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc bff18fd4):\n [\u003cffffffff81419a89\u003e] __kmalloc_cache_noprof+0x2f9/0x3f0\n [\u003cffffffff8113f715\u003e] task_numa_work+0x725/0xa00\n [\u003cffffffff8110f878\u003e] task_work_run+0x58/0x90\n [\u003cffffffff81ddd9f8\u003e] syscall_exit_to_user_mode+0x1c8/0x1e0\n [\u003cffffffff81dd78d5\u003e] do_syscall_64+0x85/0x150\n [\u003cffffffff81e0012b\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n ...\n\nThis issue can be consistently reproduced on three different servers:\n * a 448-core server\n * a 256-core server\n * a 192-core server\n\n[Root Cause]\nSince multiple threads are created by the hackbench program (along with\nthe command argument \u0027thread\u0027), a shared vma might be accessed by two or\nmore cores simultaneously. When two or more cores observe that\nvma-\u003enumab_state is NULL at the same time, vma-\u003enumab_state will be\noverwritten.\n\nAlthough current code ensures that only one thread scans the VMAs in a\nsingle \u0027numa_scan_period\u0027, there might be a chance for another thread\nto enter in the next \u0027numa_scan_period\u0027 while we have not gotten till\nnumab_state allocation [1].\n\nNote that the command `/opt/ltp/testcases/bin/hackbench 50 process 1000`\ncannot the reproduce the issue. It is verified with 200+ test runs.\n\n[Solution]\nUse the cmpxchg atomic operation to ensure that only one thread executes\nthe vma-\u003enumab_state assignment.\n\n[1] https://lore.kernel.org/lkml/1794be3c-358c-4cdc-a43d-a1f841d91ef7@amd.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56613",
"url": "https://www.suse.com/security/cve/CVE-2024-56613"
},
{
"category": "external",
"summary": "SUSE Bug 1244176 for CVE-2024-56613",
"url": "https://bugzilla.suse.com/1244176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "low"
}
],
"title": "CVE-2024-56613"
},
{
"cve": "CVE-2024-56699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix potential double remove of hotplug slot\n\nIn commit 6ee600bfbe0f (\"s390/pci: remove hotplug slot when releasing the\ndevice\") the zpci_exit_slot() was moved from zpci_device_reserved() to\nzpci_release_device() with the intention of keeping the hotplug slot\naround until the device is actually removed.\n\nNow zpci_release_device() is only called once all references are\ndropped. Since the zPCI subsystem only drops its reference once the\ndevice is in the reserved state it follows that zpci_release_device()\nmust only deal with devices in the reserved state. Despite that it\ncontains code to tear down from both configured and standby state. For\nthe standby case this already includes the removal of the hotplug slot\nso would cause a double removal if a device was ever removed in\neither configured or standby state.\n\nInstead of causing a potential double removal in a case that should\nnever happen explicitly WARN_ON() if a device in non-reserved state is\nreleased and get rid of the dead code cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56699",
"url": "https://www.suse.com/security/cve/CVE-2024-56699"
},
{
"category": "external",
"summary": "SUSE Bug 1235490 for CVE-2024-56699",
"url": "https://bugzilla.suse.com/1235490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-56699"
},
{
"cve": "CVE-2024-57982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: state: fix out-of-bounds read during lookup\n\nlookup and resize can run in parallel.\n\nThe xfrm_state_hash_generation seqlock ensures a retry, but the hash\nfunctions can observe a hmask value that is too large for the new hlist\narray.\n\nrehash does:\n rcu_assign_pointer(net-\u003exfrm.state_bydst, ndst) [..]\n net-\u003exfrm.state_hmask = nhashmask;\n\nWhile state lookup does:\n h = xfrm_dst_hash(net, daddr, saddr, tmpl-\u003ereqid, encap_family);\n hlist_for_each_entry_rcu(x, net-\u003exfrm.state_bydst + h, bydst) {\n\nThis is only safe in case the update to state_bydst is larger than\nnet-\u003exfrm.xfrm_state_hmask (or if the lookup function gets\nserialized via state spinlock again).\n\nFix this by prefetching state_hmask and the associated pointers.\nThe xfrm_state_hash_generation seqlock retry will ensure that the pointer\nand the hmask will be consistent.\n\nThe existing helpers, like xfrm_dst_hash(), are now unsafe for RCU side,\nadd lockdep assertions to document that they are only safe for insert\nside.\n\nxfrm_state_lookup_byaddr() uses the spinlock rather than RCU.\nAFAICS this is an oversight from back when state lookup was converted to\nRCU, this lock should be replaced with RCU in a future patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57982",
"url": "https://www.suse.com/security/cve/CVE-2024-57982"
},
{
"category": "external",
"summary": "SUSE Bug 1237913 for CVE-2024-57982",
"url": "https://bugzilla.suse.com/1237913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-57982"
},
{
"cve": "CVE-2024-57987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57987"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: check for NULL in btrtl_setup_realtek()\n\nIf insert an USB dongle which chip is not maintained in ic_id_table, it\nwill hit the NULL point accessed. Add a null point check to avoid the\nKernel Oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57987",
"url": "https://www.suse.com/security/cve/CVE-2024-57987"
},
{
"category": "external",
"summary": "SUSE Bug 1237905 for CVE-2024-57987",
"url": "https://bugzilla.suse.com/1237905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-57987"
},
{
"cve": "CVE-2024-57988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57988"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btbcm: Fix NULL deref in btbcm_get_board_name()\n\ndevm_kstrdup() can return a NULL pointer on failure,but this\nreturned value in btbcm_get_board_name() is not checked.\nAdd NULL check in btbcm_get_board_name(), to handle kernel NULL\npointer dereference error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57988",
"url": "https://www.suse.com/security/cve/CVE-2024-57988"
},
{
"category": "external",
"summary": "SUSE Bug 1237910 for CVE-2024-57988",
"url": "https://bugzilla.suse.com/1237910"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-57988"
},
{
"cve": "CVE-2024-57995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev()\n\nIn ath12k_mac_assign_vif_to_vdev(), if arvif is created on a different\nradio, it gets deleted from that radio through a call to\nath12k_mac_unassign_link_vif(). This action frees the arvif pointer.\nSubsequently, there is a check involving arvif, which will result in a\nread-after-free scenario.\n\nFix this by moving this check after arvif is again assigned via call to\nath12k_mac_assign_link_vif().\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57995",
"url": "https://www.suse.com/security/cve/CVE-2024-57995"
},
{
"category": "external",
"summary": "SUSE Bug 1237895 for CVE-2024-57995",
"url": "https://bugzilla.suse.com/1237895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-57995"
},
{
"cve": "CVE-2024-58004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: intel/ipu6: remove cpu latency qos request on error\n\nFix cpu latency qos list corruption like below. It happens when\nwe do not remove cpu latency request on error path and free\ncorresponding memory.\n\n[ 30.634378] l7 kernel: list_add corruption. prev-\u003enext should be next (ffffffff9645e960), but was 0000000100100001. (prev=ffff8e9e877e20a8).\n[ 30.634388] l7 kernel: WARNING: CPU: 2 PID: 2008 at lib/list_debug.c:32 __list_add_valid_or_report+0x83/0xa0\n\u003csnip\u003e\n[ 30.634640] l7 kernel: Call Trace:\n[ 30.634650] l7 kernel: \u003cTASK\u003e\n[ 30.634659] l7 kernel: ? __list_add_valid_or_report+0x83/0xa0\n[ 30.634669] l7 kernel: ? __warn.cold+0x93/0xf6\n[ 30.634678] l7 kernel: ? __list_add_valid_or_report+0x83/0xa0\n[ 30.634690] l7 kernel: ? report_bug+0xff/0x140\n[ 30.634702] l7 kernel: ? handle_bug+0x58/0x90\n[ 30.634712] l7 kernel: ? exc_invalid_op+0x17/0x70\n[ 30.634723] l7 kernel: ? asm_exc_invalid_op+0x1a/0x20\n[ 30.634733] l7 kernel: ? __list_add_valid_or_report+0x83/0xa0\n[ 30.634742] l7 kernel: plist_add+0xdd/0x140\n[ 30.634754] l7 kernel: pm_qos_update_target+0xa0/0x1f0\n[ 30.634764] l7 kernel: cpu_latency_qos_update_request+0x61/0xc0\n[ 30.634773] l7 kernel: intel_dp_aux_xfer+0x4c7/0x6e0 [i915 1f824655ed04687c2b0d23dbce759fa785f6d033]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58004",
"url": "https://www.suse.com/security/cve/CVE-2024-58004"
},
{
"category": "external",
"summary": "SUSE Bug 1238508 for CVE-2024-58004",
"url": "https://bugzilla.suse.com/1238508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-58004"
},
{
"cve": "CVE-2024-58015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix for out-of bound access error\n\nSelfgen stats are placed in a buffer using print_array_to_buf_index() function.\nArray length parameter passed to the function is too big, resulting in possible\nout-of bound memory error.\nDecreasing buffer size by one fixes faulty upper bound of passed array.\n\nDiscovered in coverity scan, CID 1600742 and CID 1600758",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58015",
"url": "https://www.suse.com/security/cve/CVE-2024-58015"
},
{
"category": "external",
"summary": "SUSE Bug 1238995 for CVE-2024-58015",
"url": "https://bugzilla.suse.com/1238995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-58015"
},
{
"cve": "CVE-2024-58053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix handling of received connection abort\n\nFix the handling of a connection abort that we\u0027ve received. Though the\nabort is at the connection level, it needs propagating to the calls on that\nconnection. Whilst the propagation bit is performed, the calls aren\u0027t then\nwoken up to go and process their termination, and as no further input is\nforthcoming, they just hang.\n\nAlso add some tracing for the logging of connection aborts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58053",
"url": "https://www.suse.com/security/cve/CVE-2024-58053"
},
{
"category": "external",
"summary": "SUSE Bug 1238982 for CVE-2024-58053",
"url": "https://bugzilla.suse.com/1238982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-58053"
},
{
"cve": "CVE-2024-58062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: avoid NULL pointer dereference\n\nWhen iterating over the links of a vif, we need to make sure that the\npointer is valid (in other words - that the link exists) before\ndereferncing it.\nUse for_each_vif_active_link that also does the check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58062",
"url": "https://www.suse.com/security/cve/CVE-2024-58062"
},
{
"category": "external",
"summary": "SUSE Bug 1238965 for CVE-2024-58062",
"url": "https://bugzilla.suse.com/1238965"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-58062"
},
{
"cve": "CVE-2024-58077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: soc-pcm: don\u0027t use soc_pcm_ret() on .prepare callback\n\ncommit 1f5664351410 (\"ASoC: lower \"no backend DAIs enabled for ... Port\"\nlog severity\") ignores -EINVAL error message on common soc_pcm_ret().\nIt is used from many functions, ignoring -EINVAL is over-kill.\n\nThe reason why -EINVAL was ignored was it really should only be used\nupon invalid parameters coming from userspace and in that case we don\u0027t\nwant to log an error since we do not want to give userspace a way to do\na denial-of-service attack on the syslog / diskspace.\n\nSo don\u0027t use soc_pcm_ret() on .prepare callback is better idea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58077",
"url": "https://www.suse.com/security/cve/CVE-2024-58077"
},
{
"category": "external",
"summary": "SUSE Bug 1239090 for CVE-2024-58077",
"url": "https://bugzilla.suse.com/1239090"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-58077"
},
{
"cve": "CVE-2024-58098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: track changes_pkt_data property for global functions\n\nWhen processing calls to certain helpers, verifier invalidates all\npacket pointers in a current state. For example, consider the\nfollowing program:\n\n __attribute__((__noinline__))\n long skb_pull_data(struct __sk_buff *sk, __u32 len)\n {\n return bpf_skb_pull_data(sk, len);\n }\n\n SEC(\"tc\")\n int test_invalidate_checks(struct __sk_buff *sk)\n {\n int *p = (void *)(long)sk-\u003edata;\n if ((void *)(p + 1) \u003e (void *)(long)sk-\u003edata_end) return TCX_DROP;\n skb_pull_data(sk, 0);\n *p = 42;\n return TCX_PASS;\n }\n\nAfter a call to bpf_skb_pull_data() the pointer \u0027p\u0027 can\u0027t be used\nsafely. See function filter.c:bpf_helper_changes_pkt_data() for a list\nof such helpers.\n\nAt the moment verifier invalidates packet pointers when processing\nhelper function calls, and does not traverse global sub-programs when\nprocessing calls to global sub-programs. This means that calls to\nhelpers done from global sub-programs do not invalidate pointers in\nthe caller state. E.g. the program above is unsafe, but is not\nrejected by verifier.\n\nThis commit fixes the omission by computing field\nbpf_subprog_info-\u003echanges_pkt_data for each sub-program before main\nverification pass.\nchanges_pkt_data should be set if:\n- subprogram calls helper for which bpf_helper_changes_pkt_data\n returns true;\n- subprogram calls a global function,\n for which bpf_subprog_info-\u003echanges_pkt_data should be set.\n\nThe verifier.c:check_cfg() pass is modified to compute this\ninformation. The commit relies on depth first instruction traversal\ndone by check_cfg() and absence of recursive function calls:\n- check_cfg() would eventually visit every call to subprogram S in a\n state when S is fully explored;\n- when S is fully explored:\n - every direct helper call within S is explored\n (and thus changes_pkt_data is set if needed);\n - every call to subprogram S1 called by S was visited with S1 fully\n explored (and thus S inherits changes_pkt_data from S1).\n\nThe downside of such approach is that dead code elimination is not\ntaken into account: if a helper call inside global function is dead\nbecause of current configuration, verifier would conservatively assume\nthat the call occurs for the purpose of the changes_pkt_data\ncomputation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58098",
"url": "https://www.suse.com/security/cve/CVE-2024-58098"
},
{
"category": "external",
"summary": "SUSE Bug 1242565 for CVE-2024-58098",
"url": "https://bugzilla.suse.com/1242565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-58098"
},
{
"cve": "CVE-2024-58099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame\n\nAndrew and Nikolay reported connectivity issues with Cilium\u0027s service\nload-balancing in case of vmxnet3.\n\nIf a BPF program for native XDP adds an encapsulation header such as\nIPIP and transmits the packet out the same interface, then in case\nof vmxnet3 a corrupted packet is being sent and subsequently dropped\non the path.\n\nvmxnet3_xdp_xmit_frame() which is called e.g. via vmxnet3_run_xdp()\nthrough vmxnet3_xdp_xmit_back() calculates an incorrect DMA address:\n\n page = virt_to_page(xdpf-\u003edata);\n tbi-\u003edma_addr = page_pool_get_dma_addr(page) +\n VMXNET3_XDP_HEADROOM;\n dma_sync_single_for_device(\u0026adapter-\u003epdev-\u003edev,\n tbi-\u003edma_addr, buf_size,\n DMA_TO_DEVICE);\n\nThe above assumes a fixed offset (VMXNET3_XDP_HEADROOM), but the XDP\nBPF program could have moved xdp-\u003edata. While the passed buf_size is\ncorrect (xdpf-\u003elen), the dma_addr needs to have a dynamic offset which\ncan be calculated as xdpf-\u003edata - (void *)xdpf, that is, xdp-\u003edata -\nxdp-\u003edata_hard_start.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58099",
"url": "https://www.suse.com/security/cve/CVE-2024-58099"
},
{
"category": "external",
"summary": "SUSE Bug 1242035 for CVE-2024-58099",
"url": "https://bugzilla.suse.com/1242035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-58099"
},
{
"cve": "CVE-2024-58100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: check changes_pkt_data property for extension programs\n\nWhen processing calls to global sub-programs, verifier decides whether\nto invalidate all packet pointers in current state depending on the\nchanges_pkt_data property of the global sub-program.\n\nBecause of this, an extension program replacing a global sub-program\nmust be compatible with changes_pkt_data property of the sub-program\nbeing replaced.\n\nThis commit:\n- adds changes_pkt_data flag to struct bpf_prog_aux:\n - this flag is set in check_cfg() for main sub-program;\n - in jit_subprogs() for other sub-programs;\n- modifies bpf_check_attach_btf_id() to check changes_pkt_data flag;\n- moves call to check_attach_btf_id() after the call to check_cfg(),\n because it needs changes_pkt_data flag to be set:\n\n bpf_check:\n ... ...\n - check_attach_btf_id resolve_pseudo_ldimm64\n resolve_pseudo_ldimm64 --\u003e bpf_prog_is_offloaded\n bpf_prog_is_offloaded check_cfg\n check_cfg + check_attach_btf_id\n ... ...\n\nThe following fields are set by check_attach_btf_id():\n- env-\u003eops\n- prog-\u003eaux-\u003eattach_btf_trace\n- prog-\u003eaux-\u003eattach_func_name\n- prog-\u003eaux-\u003eattach_func_proto\n- prog-\u003eaux-\u003edst_trampoline\n- prog-\u003eaux-\u003emod\n- prog-\u003eaux-\u003esaved_dst_attach_type\n- prog-\u003eaux-\u003esaved_dst_prog_type\n- prog-\u003eexpected_attach_type\n\nNeither of these fields are used by resolve_pseudo_ldimm64() or\nbpf_prog_offload_verifier_prep() (for netronome and netdevsim\ndrivers), so the reordering is safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58100",
"url": "https://www.suse.com/security/cve/CVE-2024-58100"
},
{
"category": "external",
"summary": "SUSE Bug 1242564 for CVE-2024-58100",
"url": "https://bugzilla.suse.com/1242564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-58100"
},
{
"cve": "CVE-2024-58237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: consider that tail calls invalidate packet pointers\n\nTail-called programs could execute any of the helpers that invalidate\npacket pointers. Hence, conservatively assume that each tail call\ninvalidates packet pointers.\n\nMaking the change in bpf_helper_changes_pkt_data() automatically makes\nuse of check_cfg() logic that computes \u0027changes_pkt_data\u0027 effect for\nglobal sub-programs, such that the following program could be\nrejected:\n\n int tail_call(struct __sk_buff *sk)\n {\n \tbpf_tail_call_static(sk, \u0026jmp_table, 0);\n \treturn 0;\n }\n\n SEC(\"tc\")\n int not_safe(struct __sk_buff *sk)\n {\n \tint *p = (void *)(long)sk-\u003edata;\n \t... make p valid ...\n \ttail_call(sk);\n \t*p = 42; /* this is unsafe */\n \t...\n }\n\nThe tc_bpf2bpf.c:subprog_tc() needs change: mark it as a function that\ncan invalidate packet pointers. Otherwise, it can\u0027t be freplaced with\ntailcall_freplace.c:entry_freplace() that does a tail call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58237",
"url": "https://www.suse.com/security/cve/CVE-2024-58237"
},
{
"category": "external",
"summary": "SUSE Bug 1242574 for CVE-2024-58237",
"url": "https://bugzilla.suse.com/1242574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-58237"
},
{
"cve": "CVE-2025-21629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\n\nThe blamed commit disabled hardware offoad of IPv6 packets with\nextension headers on devices that advertise NETIF_F_IPV6_CSUM,\nbased on the definition of that feature in skbuff.h:\n\n * * - %NETIF_F_IPV6_CSUM\n * - Driver (device) is only able to checksum plain\n * TCP or UDP packets over IPv6. These are specifically\n * unencapsulated packets of the form IPv6|TCP or\n * IPv6|UDP where the Next Header field in the IPv6\n * header is either TCP or UDP. IPv6 extension headers\n * are not supported with this feature. This feature\n * cannot be set in features for a device with\n * NETIF_F_HW_CSUM also set. This feature is being\n * DEPRECATED (see below).\n\nThe change causes skb_warn_bad_offload to fire for BIG TCP\npackets.\n\n[ 496.310233] WARNING: CPU: 13 PID: 23472 at net/core/dev.c:3129 skb_warn_bad_offload+0xc4/0xe0\n\n[ 496.310297] ? skb_warn_bad_offload+0xc4/0xe0\n[ 496.310300] skb_checksum_help+0x129/0x1f0\n[ 496.310303] skb_csum_hwoffload_help+0x150/0x1b0\n[ 496.310306] validate_xmit_skb+0x159/0x270\n[ 496.310309] validate_xmit_skb_list+0x41/0x70\n[ 496.310312] sch_direct_xmit+0x5c/0x250\n[ 496.310317] __qdisc_run+0x388/0x620\n\nBIG TCP introduced an IPV6_TLV_JUMBO IPv6 extension header to\ncommunicate packet length, as this is an IPv6 jumbogram. But, the\nfeature is only enabled on devices that support BIG TCP TSO. The\nheader is only present for PF_PACKET taps like tcpdump, and not\ntransmitted by physical devices.\n\nFor this specific case of extension headers that are not\ntransmitted, return to the situation before the blamed commit\nand support hardware offload.\n\nipv6_has_hopopt_jumbo() tests not only whether this header is present,\nbut also that it is the only extension header before a terminal (L4)\nheader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21629",
"url": "https://www.suse.com/security/cve/CVE-2025-21629"
},
{
"category": "external",
"summary": "SUSE Bug 1235968 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "external",
"summary": "SUSE Bug 1244722 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1244722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "important"
}
],
"title": "CVE-2025-21629"
},
{
"cve": "CVE-2025-21658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: avoid NULL pointer dereference if no valid extent tree\n\n[BUG]\nSyzbot reported a crash with the following call trace:\n\n BTRFS info (device loop0): scrub: started on devid 1\n BUG: kernel NULL pointer dereference, address: 0000000000000208\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 106e70067 P4D 106e70067 PUD 107143067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 UID: 0 PID: 689 Comm: repro Kdump: loaded Tainted: G O 6.13.0-rc4-custom+ #206\n Tainted: [O]=OOT_MODULE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 02/02/2022\n RIP: 0010:find_first_extent_item+0x26/0x1f0 [btrfs]\n Call Trace:\n \u003cTASK\u003e\n scrub_find_fill_first_stripe+0x13d/0x3b0 [btrfs]\n scrub_simple_mirror+0x175/0x260 [btrfs]\n scrub_stripe+0x5d4/0x6c0 [btrfs]\n scrub_chunk+0xbb/0x170 [btrfs]\n scrub_enumerate_chunks+0x2f4/0x5f0 [btrfs]\n btrfs_scrub_dev+0x240/0x600 [btrfs]\n btrfs_ioctl+0x1dc8/0x2fa0 [btrfs]\n ? do_sys_openat2+0xa5/0xf0\n __x64_sys_ioctl+0x97/0xc0\n do_syscall_64+0x4f/0x120\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\n[CAUSE]\nThe reproducer is using a corrupted image where extent tree root is\ncorrupted, thus forcing to use \"rescue=all,ro\" mount option to mount the\nimage.\n\nThen it triggered a scrub, but since scrub relies on extent tree to find\nwhere the data/metadata extents are, scrub_find_fill_first_stripe()\nrelies on an non-empty extent root.\n\nBut unfortunately scrub_find_fill_first_stripe() doesn\u0027t really expect\nan NULL pointer for extent root, it use extent_root to grab fs_info and\ntriggered a NULL pointer dereference.\n\n[FIX]\nAdd an extra check for a valid extent root at the beginning of\nscrub_find_fill_first_stripe().\n\nThe new error path is introduced by 42437a6386ff (\"btrfs: introduce\nmount option rescue=ignorebadroots\"), but that\u0027s pretty old, and later\ncommit b979547513ff (\"btrfs: scrub: introduce helper to find and fill\nsector info for a scrub_stripe\") changed how we do scrub.\n\nSo for kernels older than 6.6, the fix will need manual backport.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21658",
"url": "https://www.suse.com/security/cve/CVE-2025-21658"
},
{
"category": "external",
"summary": "SUSE Bug 1236208 for CVE-2025-21658",
"url": "https://bugzilla.suse.com/1236208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21658"
},
{
"cve": "CVE-2025-21713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: Don\u0027t unset window if it was never set\n\nOn pSeries, when user attempts to use the same vfio container used by\ndifferent iommu group, the spapr_tce_set_window() returns -EPERM\nand the subsequent cleanup leads to the below crash.\n\n Kernel attempted to read user page (308) - exploit attempt?\n BUG: Kernel NULL pointer dereference on read at 0x00000308\n Faulting instruction address: 0xc0000000001ce358\n Oops: Kernel access of bad area, sig: 11 [#1]\n NIP: c0000000001ce358 LR: c0000000001ce05c CTR: c00000000005add0\n \u003csnip\u003e\n NIP [c0000000001ce358] spapr_tce_unset_window+0x3b8/0x510\n LR [c0000000001ce05c] spapr_tce_unset_window+0xbc/0x510\n Call Trace:\n spapr_tce_unset_window+0xbc/0x510 (unreliable)\n tce_iommu_attach_group+0x24c/0x340 [vfio_iommu_spapr_tce]\n vfio_container_attach_group+0xec/0x240 [vfio]\n vfio_group_fops_unl_ioctl+0x548/0xb00 [vfio]\n sys_ioctl+0x754/0x1580\n system_call_exception+0x13c/0x330\n system_call_vectored_common+0x15c/0x2ec\n \u003csnip\u003e\n --- interrupt: 3000\n\nFix this by having null check for the tbl passed to the\nspapr_tce_unset_window().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21713",
"url": "https://www.suse.com/security/cve/CVE-2025-21713"
},
{
"category": "external",
"summary": "SUSE Bug 1237887 for CVE-2025-21713",
"url": "https://bugzilla.suse.com/1237887"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21713"
},
{
"cve": "CVE-2025-21720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21720"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: delete intermediate secpath entry in packet offload mode\n\nPackets handled by hardware have added secpath as a way to inform XFRM\ncore code that this path was already handled. That secpath is not needed\nat all after policy is checked and it is removed later in the stack.\n\nHowever, in the case of IP forwarding is enabled (/proc/sys/net/ipv4/ip_forward),\nthat secpath is not removed and packets which already were handled are reentered\nto the driver TX path with xfrm_offload set.\n\nThe following kernel panic is observed in mlx5 in such case:\n\n mlx5_core 0000:04:00.0 enp4s0f0np0: Link up\n mlx5_core 0000:04:00.1 enp4s0f1np1: Link up\n Initializing XFRM netlink socket\n IPsec XFRM device driver\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor instruction fetch in kernel mode\n #PF: error_code(0x0010) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0010 [#1] PREEMPT SMP\n CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc1-alex #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n RIP: 0010:0x0\n Code: Unable to access opcode bytes at 0xffffffffffffffd6.\n RSP: 0018:ffffb87380003800 EFLAGS: 00010206\n RAX: ffff8df004e02600 RBX: ffffb873800038d8 RCX: 00000000ffff98cf\n RDX: ffff8df00733e108 RSI: ffff8df00521fb80 RDI: ffff8df001661f00\n RBP: ffffb87380003850 R08: ffff8df013980000 R09: 0000000000000010\n R10: 0000000000000002 R11: 0000000000000002 R12: ffff8df001661f00\n R13: ffff8df00521fb80 R14: ffff8df00733e108 R15: ffff8df011faf04e\n FS: 0000000000000000(0000) GS:ffff8df46b800000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffffffffffffd6 CR3: 0000000106384000 CR4: 0000000000350ef0\n Call Trace:\n \u003cIRQ\u003e\n ? show_regs+0x63/0x70\n ? __die_body+0x20/0x60\n ? __die+0x2b/0x40\n ? page_fault_oops+0x15c/0x550\n ? do_user_addr_fault+0x3ed/0x870\n ? exc_page_fault+0x7f/0x190\n ? asm_exc_page_fault+0x27/0x30\n mlx5e_ipsec_handle_tx_skb+0xe7/0x2f0 [mlx5_core]\n mlx5e_xmit+0x58e/0x1980 [mlx5_core]\n ? __fib_lookup+0x6a/0xb0\n dev_hard_start_xmit+0x82/0x1d0\n sch_direct_xmit+0xfe/0x390\n __dev_queue_xmit+0x6d8/0xee0\n ? __fib_lookup+0x6a/0xb0\n ? internal_add_timer+0x48/0x70\n ? mod_timer+0xe2/0x2b0\n neigh_resolve_output+0x115/0x1b0\n __neigh_update+0x26a/0xc50\n neigh_update+0x14/0x20\n arp_process+0x2cb/0x8e0\n ? __napi_build_skb+0x5e/0x70\n arp_rcv+0x11e/0x1c0\n ? dev_gro_receive+0x574/0x820\n __netif_receive_skb_list_core+0x1cf/0x1f0\n netif_receive_skb_list_internal+0x183/0x2a0\n napi_complete_done+0x76/0x1c0\n mlx5e_napi_poll+0x234/0x7a0 [mlx5_core]\n __napi_poll+0x2d/0x1f0\n net_rx_action+0x1a6/0x370\n ? atomic_notifier_call_chain+0x3b/0x50\n ? irq_int_handler+0x15/0x20 [mlx5_core]\n handle_softirqs+0xb9/0x2f0\n ? handle_irq_event+0x44/0x60\n irq_exit_rcu+0xdb/0x100\n common_interrupt+0x98/0xc0\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_common_interrupt+0x27/0x40\n RIP: 0010:pv_native_safe_halt+0xb/0x10\n Code: 09 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 0f 22\n 0f 1f 84 00 00 00 00 00 90 eb 07 0f 00 2d 7f e9 36 00 fb\n40 00 83 ff 07 77 21 89 ff ff 24 fd 88 3d a1 bd 0f 21 f8\n RSP: 0018:ffffffffbe603de8 EFLAGS: 00000202\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000f92f46680\n RDX: 0000000000000037 RSI: 00000000ffffffff RDI: 00000000000518d4\n RBP: ffffffffbe603df0 R08: 000000cd42e4dffb R09: ffffffffbe603d70\n R10: 0000004d80d62680 R11: 0000000000000001 R12: ffffffffbe60bf40\n R13: 0000000000000000 R14: 0000000000000000 R15: ffffffffbe60aff8\n ? default_idle+0x9/0x20\n arch_cpu_idle+0x9/0x10\n default_idle_call+0x29/0xf0\n do_idle+0x1f2/0x240\n cpu_startup_entry+0x2c/0x30\n rest_init+0xe7/0x100\n start_kernel+0x76b/0xb90\n x86_64_start_reservations+0x18/0x30\n x86_64_start_kernel+0xc0/0x110\n ? setup_ghcb+0xe/0x130\n common_startup_64+0x13e/0x141\n \u003c/TASK\u003e\n Modules linked in: esp4_offload esp4 xfrm_interface\nxfrm6_tunnel tunnel4 tunnel6 xfrm_user xfrm_algo binf\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21720",
"url": "https://www.suse.com/security/cve/CVE-2025-21720"
},
{
"category": "external",
"summary": "SUSE Bug 1238859 for CVE-2025-21720",
"url": "https://bugzilla.suse.com/1238859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21720"
},
{
"cve": "CVE-2025-21770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix potential memory leak in iopf_queue_remove_device()\n\nThe iopf_queue_remove_device() helper removes a device from the per-iommu\niopf queue when PRI is disabled on the device. It responds to all\noutstanding iopf\u0027s with an IOMMU_PAGE_RESP_INVALID code and detaches the\ndevice from the queue.\n\nHowever, it fails to release the group structure that represents a group\nof iopf\u0027s awaiting for a response after responding to the hardware. This\ncan cause a memory leak if iopf_queue_remove_device() is called with\npending iopf\u0027s.\n\nFix it by calling iopf_free_group() after the iopf group is responded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21770",
"url": "https://www.suse.com/security/cve/CVE-2025-21770"
},
{
"category": "external",
"summary": "SUSE Bug 1238495 for CVE-2025-21770",
"url": "https://bugzilla.suse.com/1238495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21770"
},
{
"cve": "CVE-2025-21805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rtrs: Add missing deinit() call\n\nA warning is triggered when repeatedly connecting and disconnecting the\nrnbd:\n list_add corruption. prev-\u003enext should be next (ffff88800b13e480), but was ffff88801ecd1338. (prev=ffff88801ecd1340).\n WARNING: CPU: 1 PID: 36562 at lib/list_debug.c:32 __list_add_valid_or_report+0x7f/0xa0\n Workqueue: ib_cm cm_work_handler [ib_cm]\n RIP: 0010:__list_add_valid_or_report+0x7f/0xa0\n ? __list_add_valid_or_report+0x7f/0xa0\n ib_register_event_handler+0x65/0x93 [ib_core]\n rtrs_srv_ib_dev_init+0x29/0x30 [rtrs_server]\n rtrs_ib_dev_find_or_add+0x124/0x1d0 [rtrs_core]\n __alloc_path+0x46c/0x680 [rtrs_server]\n ? rtrs_rdma_connect+0xa6/0x2d0 [rtrs_server]\n ? rcu_is_watching+0xd/0x40\n ? __mutex_lock+0x312/0xcf0\n ? get_or_create_srv+0xad/0x310 [rtrs_server]\n ? rtrs_rdma_connect+0xa6/0x2d0 [rtrs_server]\n rtrs_rdma_connect+0x23c/0x2d0 [rtrs_server]\n ? __lock_release+0x1b1/0x2d0\n cma_cm_event_handler+0x4a/0x1a0 [rdma_cm]\n cma_ib_req_handler+0x3a0/0x7e0 [rdma_cm]\n cm_process_work+0x28/0x1a0 [ib_cm]\n ? _raw_spin_unlock_irq+0x2f/0x50\n cm_req_handler+0x618/0xa60 [ib_cm]\n cm_work_handler+0x71/0x520 [ib_cm]\n\nCommit 667db86bcbe8 (\"RDMA/rtrs: Register ib event handler\") introduced a\nnew element .deinit but never used it at all. Fix it by invoking the\n`deinit()` to appropriately unregister the IB event handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21805",
"url": "https://www.suse.com/security/cve/CVE-2025-21805"
},
{
"category": "external",
"summary": "SUSE Bug 1238741 for CVE-2025-21805",
"url": "https://bugzilla.suse.com/1238741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21805"
},
{
"cve": "CVE-2025-21824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpu: host1x: Fix a use of uninitialized mutex\n\ncommit c8347f915e67 (\"gpu: host1x: Fix boot regression for Tegra\")\ncaused a use of uninitialized mutex leading to below warning when\nCONFIG_DEBUG_MUTEXES and CONFIG_DEBUG_LOCK_ALLOC are enabled.\n\n[ 41.662843] ------------[ cut here ]------------\n[ 41.663012] DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n[ 41.663035] WARNING: CPU: 4 PID: 794 at kernel/locking/mutex.c:587 __mutex_lock+0x670/0x878\n[ 41.663458] Modules linked in: rtw88_8822c(+) bluetooth(+) rtw88_pci rtw88_core mac80211 aquantia libarc4 crc_itu_t cfg80211 tegra194_cpufreq dwmac_tegra(+) arm_dsu_pmu stmmac_platform stmmac pcs_xpcs rfkill at24 host1x(+) tegra_bpmp_thermal ramoops reed_solomon fuse loop nfnetlink xfs mmc_block rpmb_core ucsi_ccg ina3221 crct10dif_ce xhci_tegra ghash_ce lm90 sha2_ce sha256_arm64 sha1_ce sdhci_tegra pwm_fan sdhci_pltfm sdhci gpio_keys rtc_tegra cqhci mmc_core phy_tegra_xusb i2c_tegra tegra186_gpc_dma i2c_tegra_bpmp spi_tegra114 dm_mirror dm_region_hash dm_log dm_mod\n[ 41.665078] CPU: 4 UID: 0 PID: 794 Comm: (udev-worker) Not tainted 6.11.0-29.31_1538613708.el10.aarch64+debug #1\n[ 41.665838] Hardware name: NVIDIA NVIDIA Jetson AGX Orin Developer Kit/Jetson, BIOS 36.3.0-gcid-35594366 02/26/2024\n[ 41.672555] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 41.679636] pc : __mutex_lock+0x670/0x878\n[ 41.683834] lr : __mutex_lock+0x670/0x878\n[ 41.688035] sp : ffff800084b77090\n[ 41.691446] x29: ffff800084b77160 x28: ffffdd4bebf7b000 x27: ffffdd4be96b1000\n[ 41.698799] x26: 1fffe0002308361c x25: 1ffff0001096ee18 x24: 0000000000000000\n[ 41.706149] x23: 0000000000000000 x22: 0000000000000002 x21: ffffdd4be6e3c7a0\n[ 41.713500] x20: ffff800084b770f0 x19: ffff00011841b1e8 x18: 0000000000000000\n[ 41.720675] x17: 0000000000000000 x16: 0000000000000000 x15: 0720072007200720\n[ 41.728023] x14: 0000000000000000 x13: 0000000000000001 x12: ffff6001a96eaab3\n[ 41.735375] x11: 1fffe001a96eaab2 x10: ffff6001a96eaab2 x9 : ffffdd4be4838bbc\n[ 41.742723] x8 : 00009ffe5691554e x7 : ffff000d4b755593 x6 : 0000000000000001\n[ 41.749985] x5 : ffff000d4b755590 x4 : 1fffe0001d88f001 x3 : dfff800000000000\n[ 41.756988] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff0000ec478000\n[ 41.764251] Call trace:\n[ 41.766695] __mutex_lock+0x670/0x878\n[ 41.770373] mutex_lock_nested+0x2c/0x40\n[ 41.774134] host1x_intr_start+0x54/0xf8 [host1x]\n[ 41.778863] host1x_runtime_resume+0x150/0x228 [host1x]\n[ 41.783935] pm_generic_runtime_resume+0x84/0xc8\n[ 41.788485] __rpm_callback+0xa0/0x478\n[ 41.792422] rpm_callback+0x15c/0x1a8\n[ 41.795922] rpm_resume+0x698/0xc08\n[ 41.799597] __pm_runtime_resume+0xa8/0x140\n[ 41.803621] host1x_probe+0x810/0xbc0 [host1x]\n[ 41.807909] platform_probe+0xcc/0x1a8\n[ 41.811845] really_probe+0x188/0x800\n[ 41.815347] __driver_probe_device+0x164/0x360\n[ 41.819810] driver_probe_device+0x64/0x1a8\n[ 41.823834] __driver_attach+0x180/0x490\n[ 41.827773] bus_for_each_dev+0x104/0x1a0\n[ 41.831797] driver_attach+0x44/0x68\n[ 41.835296] bus_add_driver+0x23c/0x4e8\n[ 41.839235] driver_register+0x15c/0x3a8\n[ 41.843170] __platform_register_drivers+0xa4/0x208\n[ 41.848159] tegra_host1x_init+0x4c/0xff8 [host1x]\n[ 41.853147] do_one_initcall+0xd4/0x380\n[ 41.856997] do_init_module+0x1dc/0x698\n[ 41.860758] load_module+0xc70/0x1300\n[ 41.864435] __do_sys_init_module+0x1a8/0x1d0\n[ 41.868721] __arm64_sys_init_module+0x74/0xb0\n[ 41.873183] invoke_syscall.constprop.0+0xdc/0x1e8\n[ 41.877997] do_el0_svc+0x154/0x1d0\n[ 41.881671] el0_svc+0x54/0x140\n[ 41.884820] el0t_64_sync_handler+0x120/0x130\n[ 41.889285] el0t_64_sync+0x1a4/0x1a8\n[ 41.892960] irq event stamp: 69737\n[ 41.896370] hardirqs last enabled at (69737): [\u003cffffdd4be6d7768c\u003e] _raw_spin_unlock_irqrestore+0x44/0xe8\n[ 41.905739] hardirqs last disabled at (69736):\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21824",
"url": "https://www.suse.com/security/cve/CVE-2025-21824"
},
{
"category": "external",
"summary": "SUSE Bug 1238478 for CVE-2025-21824",
"url": "https://bugzilla.suse.com/1238478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21824"
},
{
"cve": "CVE-2025-21842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\namdkfd: properly free gang_ctx_bo when failed to init user queue\n\nThe destructor of a gtt bo is declared as\nvoid amdgpu_amdkfd_free_gtt_mem(struct amdgpu_device *adev, void **mem_obj);\nWhich takes void** as the second parameter.\n\nGCC allows passing void* to the function because void* can be implicitly\ncasted to any other types, so it can pass compiling.\n\nHowever, passing this void* parameter into the function\u0027s\nexecution process(which expects void** and dereferencing void**)\nwill result in errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21842",
"url": "https://www.suse.com/security/cve/CVE-2025-21842"
},
{
"category": "external",
"summary": "SUSE Bug 1239063 for CVE-2025-21842",
"url": "https://bugzilla.suse.com/1239063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21842"
},
{
"cve": "CVE-2025-21849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gt: Use spin_lock_irqsave() in interruptible context\n\nspin_lock/unlock() functions used in interrupt contexts could\nresult in a deadlock, as seen in GitLab issue #13399,\nwhich occurs when interrupt comes in while holding a lock.\n\nTry to remedy the problem by saving irq state before spin lock\nacquisition.\n\nv2: add irqs\u0027 state save/restore calls to all locks/unlocks in\n signal_irq_work() execution (Maciej)\n\nv3: use with spin_lock_irqsave() in guc_lrc_desc_unpin() instead\n of other lock/unlock calls and add Fixes and Cc tags (Tvrtko);\n change title and commit message\n\n(cherry picked from commit c088387ddd6482b40f21ccf23db1125e8fa4af7e)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21849",
"url": "https://www.suse.com/security/cve/CVE-2025-21849"
},
{
"category": "external",
"summary": "SUSE Bug 1239485 for CVE-2025-21849",
"url": "https://bugzilla.suse.com/1239485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21849"
},
{
"cve": "CVE-2025-21868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: allow small head cache usage with large MAX_SKB_FRAGS values\n\nSabrina reported the following splat:\n\n WARNING: CPU: 0 PID: 1 at net/core/dev.c:6935 netif_napi_add_weight_locked+0x8f2/0xba0\n Modules linked in:\n CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.14.0-rc1-net-00092-g011b03359038 #996\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:netif_napi_add_weight_locked+0x8f2/0xba0\n Code: e8 c3 e6 6a fe 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc c7 44 24 10 ff ff ff ff e9 8f fb ff ff e8 9e e6 6a fe \u003c0f\u003e 0b e9 d3 fe ff ff e8 92 e6 6a fe 48 8b 04 24 be ff ff ff ff 48\n RSP: 0000:ffffc9000001fc60 EFLAGS: 00010293\n RAX: 0000000000000000 RBX: ffff88806ce48128 RCX: 1ffff11001664b9e\n RDX: ffff888008f00040 RSI: ffffffff8317ca42 RDI: ffff88800b325cb6\n RBP: ffff88800b325c40 R08: 0000000000000001 R09: ffffed100167502c\n R10: ffff88800b3a8163 R11: 0000000000000000 R12: ffff88800ac1c168\n R13: ffff88800ac1c168 R14: ffff88800ac1c168 R15: 0000000000000007\n FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffff888008201000 CR3: 0000000004c94001 CR4: 0000000000370ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n gro_cells_init+0x1ba/0x270\n xfrm_input_init+0x4b/0x2a0\n xfrm_init+0x38/0x50\n ip_rt_init+0x2d7/0x350\n ip_init+0xf/0x20\n inet_init+0x406/0x590\n do_one_initcall+0x9d/0x2e0\n do_initcalls+0x23b/0x280\n kernel_init_freeable+0x445/0x490\n kernel_init+0x20/0x1d0\n ret_from_fork+0x46/0x80\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n irq event stamp: 584330\n hardirqs last enabled at (584338): [\u003cffffffff8168bf87\u003e] __up_console_sem+0x77/0xb0\n hardirqs last disabled at (584345): [\u003cffffffff8168bf6c\u003e] __up_console_sem+0x5c/0xb0\n softirqs last enabled at (583242): [\u003cffffffff833ee96d\u003e] netlink_insert+0x14d/0x470\n softirqs last disabled at (583754): [\u003cffffffff8317c8cd\u003e] netif_napi_add_weight_locked+0x77d/0xba0\n\non kernel built with MAX_SKB_FRAGS=45, where SKB_WITH_OVERHEAD(1024)\nis smaller than GRO_MAX_HEAD.\n\nSuch built additionally contains the revert of the single page frag cache\nso that napi_get_frags() ends up using the page frag allocator, triggering\nthe splat.\n\nNote that the underlying issue is independent from the mentioned\nrevert; address it ensuring that the small head cache will fit either TCP\nand GRO allocation and updating napi_alloc_skb() and __netdev_alloc_skb()\nto select kmalloc() usage for any allocation fitting such cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21868",
"url": "https://www.suse.com/security/cve/CVE-2025-21868"
},
{
"category": "external",
"summary": "SUSE Bug 1240180 for CVE-2025-21868",
"url": "https://bugzilla.suse.com/1240180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21868"
},
{
"cve": "CVE-2025-21880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21880"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/userptr: fix EFAULT handling\n\nCurrently we treat EFAULT from hmm_range_fault() as a non-fatal error\nwhen called from xe_vm_userptr_pin() with the idea that we want to avoid\nkilling the entire vm and chucking an error, under the assumption that\nthe user just did an unmap or something, and has no intention of\nactually touching that memory from the GPU. At this point we have\nalready zapped the PTEs so any access should generate a page fault, and\nif the pin fails there also it will then become fatal.\n\nHowever it looks like it\u0027s possible for the userptr vma to still be on\nthe rebind list in preempt_rebind_work_func(), if we had to retry the\npin again due to something happening in the caller before we did the\nrebind step, but in the meantime needing to re-validate the userptr and\nthis time hitting the EFAULT.\n\nThis explains an internal user report of hitting:\n\n[ 191.738349] WARNING: CPU: 1 PID: 157 at drivers/gpu/drm/xe/xe_res_cursor.h:158 xe_pt_stage_bind.constprop.0+0x60a/0x6b0 [xe]\n[ 191.738551] Workqueue: xe-ordered-wq preempt_rebind_work_func [xe]\n[ 191.738616] RIP: 0010:xe_pt_stage_bind.constprop.0+0x60a/0x6b0 [xe]\n[ 191.738690] Call Trace:\n[ 191.738692] \u003cTASK\u003e\n[ 191.738694] ? show_regs+0x69/0x80\n[ 191.738698] ? __warn+0x93/0x1a0\n[ 191.738703] ? xe_pt_stage_bind.constprop.0+0x60a/0x6b0 [xe]\n[ 191.738759] ? report_bug+0x18f/0x1a0\n[ 191.738764] ? handle_bug+0x63/0xa0\n[ 191.738767] ? exc_invalid_op+0x19/0x70\n[ 191.738770] ? asm_exc_invalid_op+0x1b/0x20\n[ 191.738777] ? xe_pt_stage_bind.constprop.0+0x60a/0x6b0 [xe]\n[ 191.738834] ? ret_from_fork_asm+0x1a/0x30\n[ 191.738849] bind_op_prepare+0x105/0x7b0 [xe]\n[ 191.738906] ? dma_resv_reserve_fences+0x301/0x380\n[ 191.738912] xe_pt_update_ops_prepare+0x28c/0x4b0 [xe]\n[ 191.738966] ? kmemleak_alloc+0x4b/0x80\n[ 191.738973] ops_execute+0x188/0x9d0 [xe]\n[ 191.739036] xe_vm_rebind+0x4ce/0x5a0 [xe]\n[ 191.739098] ? trace_hardirqs_on+0x4d/0x60\n[ 191.739112] preempt_rebind_work_func+0x76f/0xd00 [xe]\n\nFollowed by NPD, when running some workload, since the sg was never\nactually populated but the vma is still marked for rebind when it should\nbe skipped for this special EFAULT case. This is confirmed to fix the\nuser report.\n\nv2 (MattB):\n - Move earlier.\nv3 (MattB):\n - Update the commit message to make it clear that this indeed fixes the\n issue.\n\n(cherry picked from commit 6b93cb98910c826c2e2004942f8b060311e43618)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21880",
"url": "https://www.suse.com/security/cve/CVE-2025-21880"
},
{
"category": "external",
"summary": "SUSE Bug 1240170 for CVE-2025-21880",
"url": "https://bugzilla.suse.com/1240170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21880"
},
{
"cve": "CVE-2025-21898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Avoid potential division by zero in function_stat_show()\n\nCheck whether denominator expression x * (x - 1) * 1000 mod {2^32, 2^64}\nproduce zero and skip stddev computation in that case.\n\nFor now don\u0027t care about rec-\u003ecounter * rec-\u003ecounter overflow because\nrec-\u003etime * rec-\u003etime overflow will likely happen earlier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21898",
"url": "https://www.suse.com/security/cve/CVE-2025-21898"
},
{
"category": "external",
"summary": "SUSE Bug 1240610 for CVE-2025-21898",
"url": "https://bugzilla.suse.com/1240610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21898"
},
{
"cve": "CVE-2025-21899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21899"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix bad hist from corrupting named_triggers list\n\nThe following commands causes a crash:\n\n ~# cd /sys/kernel/tracing/events/rcu/rcu_callback\n ~# echo \u0027hist:name=bad:keys=common_pid:onmax(bogus).save(common_pid)\u0027 \u003e trigger\n bash: echo: write error: Invalid argument\n ~# echo \u0027hist:name=bad:keys=common_pid\u0027 \u003e trigger\n\nBecause the following occurs:\n\nevent_trigger_write() {\n trigger_process_regex() {\n event_hist_trigger_parse() {\n\n data = event_trigger_alloc(..);\n\n event_trigger_register(.., data) {\n cmd_ops-\u003ereg(.., data, ..) [hist_register_trigger()] {\n data-\u003eops-\u003einit() [event_hist_trigger_init()] {\n save_named_trigger(name, data) {\n list_add(\u0026data-\u003enamed_list, \u0026named_triggers);\n }\n }\n }\n }\n\n ret = create_actions(); (return -EINVAL)\n if (ret)\n goto out_unreg;\n[..]\n ret = hist_trigger_enable(data, ...) {\n list_add_tail_rcu(\u0026data-\u003elist, \u0026file-\u003etriggers); \u003c\u003c\u003c---- SKIPPED!!! (this is important!)\n[..]\n out_unreg:\n event_hist_unregister(.., data) {\n cmd_ops-\u003eunreg(.., data, ..) [hist_unregister_trigger()] {\n list_for_each_entry(iter, \u0026file-\u003etriggers, list) {\n if (!hist_trigger_match(data, iter, named_data, false)) \u003c- never matches\n continue;\n [..]\n test = iter;\n }\n if (test \u0026\u0026 test-\u003eops-\u003efree) \u003c\u003c\u003c-- test is NULL\n\n test-\u003eops-\u003efree(test) [event_hist_trigger_free()] {\n [..]\n if (data-\u003ename)\n del_named_trigger(data) {\n list_del(\u0026data-\u003enamed_list); \u003c\u003c\u003c\u003c-- NEVER gets removed!\n }\n }\n }\n }\n\n [..]\n kfree(data); \u003c\u003c\u003c-- frees item but it is still on list\n\nThe next time a hist with name is registered, it causes an u-a-f bug and\nthe kernel can crash.\n\nMove the code around such that if event_trigger_register() succeeds, the\nnext thing called is hist_trigger_enable() which adds it to the list.\n\nA bunch of actions is called if get_named_trigger_data() returns false.\nBut that doesn\u0027t need to be called after event_trigger_register(), so it\ncan be moved up, allowing event_trigger_register() to be called just\nbefore hist_trigger_enable() keeping them together and allowing the\nfile-\u003etriggers to be properly populated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21899",
"url": "https://www.suse.com/security/cve/CVE-2025-21899"
},
{
"category": "external",
"summary": "SUSE Bug 1240577 for CVE-2025-21899",
"url": "https://bugzilla.suse.com/1240577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21899"
},
{
"cve": "CVE-2025-21901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Add sanity checks on rdev validity\n\nThere is a possibility that ulp_irq_stop and ulp_irq_start\ncallbacks will be called when the device is in detached state.\nThis can cause a crash due to NULL pointer dereference as\nthe rdev is already freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21901",
"url": "https://www.suse.com/security/cve/CVE-2025-21901"
},
{
"category": "external",
"summary": "SUSE Bug 1240579 for CVE-2025-21901",
"url": "https://bugzilla.suse.com/1240579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21901"
},
{
"cve": "CVE-2025-21911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: avoid deadlock on fence release\n\nDo scheduler queue fence release processing on a workqueue, rather\nthan in the release function itself.\n\nFixes deadlock issues such as the following:\n\n[ 607.400437] ============================================\n[ 607.405755] WARNING: possible recursive locking detected\n[ 607.415500] --------------------------------------------\n[ 607.420817] weston:zfq0/24149 is trying to acquire lock:\n[ 607.426131] ffff000017d041a0 (reservation_ww_class_mutex){+.+.}-{3:3}, at: pvr_gem_object_vunmap+0x40/0xc0 [powervr]\n[ 607.436728]\n but task is already holding lock:\n[ 607.442554] ffff000017d105a0 (reservation_ww_class_mutex){+.+.}-{3:3}, at: dma_buf_ioctl+0x250/0x554\n[ 607.451727]\n other info that might help us debug this:\n[ 607.458245] Possible unsafe locking scenario:\n\n[ 607.464155] CPU0\n[ 607.466601] ----\n[ 607.469044] lock(reservation_ww_class_mutex);\n[ 607.473584] lock(reservation_ww_class_mutex);\n[ 607.478114]\n *** DEADLOCK ***",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21911",
"url": "https://www.suse.com/security/cve/CVE-2025-21911"
},
{
"category": "external",
"summary": "SUSE Bug 1240589 for CVE-2025-21911",
"url": "https://bugzilla.suse.com/1240589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21911"
},
{
"cve": "CVE-2025-21920",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21920"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvlan: enforce underlying device type\n\nCurrently, VLAN devices can be created on top of non-ethernet devices.\n\nBesides the fact that it doesn\u0027t make much sense, this also causes a\nbug which leaks the address of a kernel function to usermode.\n\nWhen creating a VLAN device, we initialize GARP (garp_init_applicant)\nand MRP (mrp_init_applicant) for the underlying device.\n\nAs part of the initialization process, we add the multicast address of\neach applicant to the underlying device, by calling dev_mc_add.\n\n__dev_mc_add uses dev-\u003eaddr_len to determine the length of the new\nmulticast address.\n\nThis causes an out-of-bounds read if dev-\u003eaddr_len is greater than 6,\nsince the multicast addresses provided by GARP and MRP are only 6\nbytes long.\n\nThis behaviour can be reproduced using the following commands:\n\nip tunnel add gretest mode ip6gre local ::1 remote ::2 dev lo\nip l set up dev gretest\nip link add link gretest name vlantest type vlan id 100\n\nThen, the following command will display the address of garp_pdu_rcv:\n\nip maddr show | grep 01:80:c2:00:00:21\n\nFix the bug by enforcing the type of the underlying device during VLAN\ndevice initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21920",
"url": "https://www.suse.com/security/cve/CVE-2025-21920"
},
{
"category": "external",
"summary": "SUSE Bug 1240686 for CVE-2025-21920",
"url": "https://bugzilla.suse.com/1240686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21920"
},
{
"cve": "CVE-2025-21938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix \u0027scheduling while atomic\u0027 in mptcp_pm_nl_append_new_local_addr\n\nIf multiple connection requests attempt to create an implicit mptcp\nendpoint in parallel, more than one caller may end up in\nmptcp_pm_nl_append_new_local_addr because none found the address in\nlocal_addr_list during their call to mptcp_pm_nl_get_local_id. In this\ncase, the concurrent new_local_addr calls may delete the address entry\ncreated by the previous caller. These deletes use synchronize_rcu, but\nthis is not permitted in some of the contexts where this function may be\ncalled. During packet recv, the caller may be in a rcu read critical\nsection and have preemption disabled.\n\nAn example stack:\n\n BUG: scheduling while atomic: swapper/2/0/0x00000302\n\n Call Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:117 (discriminator 1))\n dump_stack (lib/dump_stack.c:124)\n __schedule_bug (kernel/sched/core.c:5943)\n schedule_debug.constprop.0 (arch/x86/include/asm/preempt.h:33 kernel/sched/core.c:5970)\n __schedule (arch/x86/include/asm/jump_label.h:27 include/linux/jump_label.h:207 kernel/sched/features.h:29 kernel/sched/core.c:6621)\n schedule (arch/x86/include/asm/preempt.h:84 kernel/sched/core.c:6804 kernel/sched/core.c:6818)\n schedule_timeout (kernel/time/timer.c:2160)\n wait_for_completion (kernel/sched/completion.c:96 kernel/sched/completion.c:116 kernel/sched/completion.c:127 kernel/sched/completion.c:148)\n __wait_rcu_gp (include/linux/rcupdate.h:311 kernel/rcu/update.c:444)\n synchronize_rcu (kernel/rcu/tree.c:3609)\n mptcp_pm_nl_append_new_local_addr (net/mptcp/pm_netlink.c:966 net/mptcp/pm_netlink.c:1061)\n mptcp_pm_nl_get_local_id (net/mptcp/pm_netlink.c:1164)\n mptcp_pm_get_local_id (net/mptcp/pm.c:420)\n subflow_check_req (net/mptcp/subflow.c:98 net/mptcp/subflow.c:213)\n subflow_v4_route_req (net/mptcp/subflow.c:305)\n tcp_conn_request (net/ipv4/tcp_input.c:7216)\n subflow_v4_conn_request (net/mptcp/subflow.c:651)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6709)\n tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1934)\n tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2334)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205 (discriminator 1))\n ip_local_deliver_finish (include/linux/rcupdate.h:813 net/ipv4/ip_input.c:234)\n ip_local_deliver (include/linux/netfilter.h:314 include/linux/netfilter.h:308 net/ipv4/ip_input.c:254)\n ip_sublist_rcv_finish (include/net/dst.h:461 net/ipv4/ip_input.c:580)\n ip_sublist_rcv (net/ipv4/ip_input.c:640)\n ip_list_rcv (net/ipv4/ip_input.c:675)\n __netif_receive_skb_list_core (net/core/dev.c:5583 net/core/dev.c:5631)\n netif_receive_skb_list_internal (net/core/dev.c:5685 net/core/dev.c:5774)\n napi_complete_done (include/linux/list.h:37 include/net/gro.h:449 include/net/gro.h:444 net/core/dev.c:6114)\n igb_poll (drivers/net/ethernet/intel/igb/igb_main.c:8244) igb\n __napi_poll (net/core/dev.c:6582)\n net_rx_action (net/core/dev.c:6653 net/core/dev.c:6787)\n handle_softirqs (kernel/softirq.c:553)\n __irq_exit_rcu (kernel/softirq.c:588 kernel/softirq.c:427 kernel/softirq.c:636)\n irq_exit_rcu (kernel/softirq.c:651)\n common_interrupt (arch/x86/kernel/irq.c:247 (discriminator 14))\n \u003c/IRQ\u003e\n\nThis problem seems particularly prevalent if the user advertises an\nendpoint that has a different external vs internal address. In the case\nwhere the external address is advertised and multiple connections\nalready exist, multiple subflow SYNs arrive in parallel which tends to\ntrigger the race during creation of the first local_addr_list entries\nwhich have the internal address instead.\n\nFix by skipping the replacement of an existing implicit local address if\ncalled via mptcp_pm_nl_get_local_id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21938",
"url": "https://www.suse.com/security/cve/CVE-2025-21938"
},
{
"category": "external",
"summary": "SUSE Bug 1240723 for CVE-2025-21938",
"url": "https://bugzilla.suse.com/1240723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21938"
},
{
"cve": "CVE-2025-21939",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21939"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/hmm: Don\u0027t dereference struct page pointers without notifier lock\n\nThe pnfs that we obtain from hmm_range_fault() point to pages that\nwe don\u0027t have a reference on, and the guarantee that they are still\nin the cpu page-tables is that the notifier lock must be held and the\nnotifier seqno is still valid.\n\nSo while building the sg table and marking the pages accesses / dirty\nwe need to hold this lock with a validated seqno.\n\nHowever, the lock is reclaim tainted which makes\nsg_alloc_table_from_pages_segment() unusable, since it internally\nallocates memory.\n\nInstead build the sg-table manually. For the non-iommu case\nthis might lead to fewer coalesces, but if that\u0027s a problem it can\nbe fixed up later in the resource cursor code. For the iommu case,\nthe whole sg-table may still be coalesced to a single contigous\ndevice va region.\n\nThis avoids marking pages that we don\u0027t own dirty and accessed, and\nit also avoid dereferencing struct pages that we don\u0027t own.\n\nv2:\n- Use assert to check whether hmm pfns are valid (Matthew Auld)\n- Take into account that large pages may cross range boundaries\n (Matthew Auld)\n\nv3:\n- Don\u0027t unnecessarily check for a non-freed sg-table. (Matthew Auld)\n- Add a missing up_read() in an error path. (Matthew Auld)\n\n(cherry picked from commit ea3e66d280ce2576664a862693d1da8fd324c317)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21939",
"url": "https://www.suse.com/security/cve/CVE-2025-21939"
},
{
"category": "external",
"summary": "SUSE Bug 1240710 for CVE-2025-21939",
"url": "https://bugzilla.suse.com/1240710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21939"
},
{
"cve": "CVE-2025-21940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix NULL Pointer Dereference in KFD queue\n\nThrough KFD IOCTL Fuzzing we encountered a NULL pointer derefrence\nwhen calling kfd_queue_acquire_buffers.\n\n(cherry picked from commit 049e5bf3c8406f87c3d8e1958e0a16804fa1d530)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21940",
"url": "https://www.suse.com/security/cve/CVE-2025-21940"
},
{
"category": "external",
"summary": "SUSE Bug 1240702 for CVE-2025-21940",
"url": "https://bugzilla.suse.com/1240702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21940"
},
{
"cve": "CVE-2025-21959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()\n\nSince commit b36e4523d4d5 (\"netfilter: nf_conncount: fix garbage\ncollection confirm race\"), `cpu` and `jiffies32` were introduced to\nthe struct nf_conncount_tuple.\n\nThe commit made nf_conncount_add() initialize `conn-\u003ecpu` and\n`conn-\u003ejiffies32` when allocating the struct.\nIn contrast, count_tree() was not changed to initialize them.\n\nBy commit 34848d5c896e (\"netfilter: nf_conncount: Split insert and\ntraversal\"), count_tree() was split and the relevant allocation\ncode now resides in insert_tree().\nInitialize `conn-\u003ecpu` and `conn-\u003ejiffies32` in insert_tree().\n\nBUG: KMSAN: uninit-value in find_or_evict net/netfilter/nf_conncount.c:117 [inline]\nBUG: KMSAN: uninit-value in __nf_conncount_add+0xd9c/0x2850 net/netfilter/nf_conncount.c:143\n find_or_evict net/netfilter/nf_conncount.c:117 [inline]\n __nf_conncount_add+0xd9c/0x2850 net/netfilter/nf_conncount.c:143\n count_tree net/netfilter/nf_conncount.c:438 [inline]\n nf_conncount_count+0x82f/0x1e80 net/netfilter/nf_conncount.c:521\n connlimit_mt+0x7f6/0xbd0 net/netfilter/xt_connlimit.c:72\n __nft_match_eval net/netfilter/nft_compat.c:403 [inline]\n nft_match_eval+0x1a5/0x300 net/netfilter/nft_compat.c:433\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x1a5/0x230 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook_slow_list+0x24d/0x860 net/netfilter/core.c:663\n NF_HOOK_LIST include/linux/netfilter.h:350 [inline]\n ip_sublist_rcv+0x17b7/0x17f0 net/ipv4/ip_input.c:633\n ip_list_rcv+0x9ef/0xa40 net/ipv4/ip_input.c:669\n __netif_receive_skb_list_ptype net/core/dev.c:5936 [inline]\n __netif_receive_skb_list_core+0x15c5/0x1670 net/core/dev.c:5983\n __netif_receive_skb_list net/core/dev.c:6035 [inline]\n netif_receive_skb_list_internal+0x1085/0x1700 net/core/dev.c:6126\n netif_receive_skb_list+0x5a/0x460 net/core/dev.c:6178\n xdp_recv_frames net/bpf/test_run.c:280 [inline]\n xdp_test_run_batch net/bpf/test_run.c:361 [inline]\n bpf_test_run_xdp_live+0x2e86/0x3480 net/bpf/test_run.c:390\n bpf_prog_test_run_xdp+0xf1d/0x1ae0 net/bpf/test_run.c:1316\n bpf_prog_test_run+0x5e5/0xa30 kernel/bpf/syscall.c:4407\n __sys_bpf+0x6aa/0xd90 kernel/bpf/syscall.c:5813\n __do_sys_bpf kernel/bpf/syscall.c:5902 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5900 [inline]\n __ia32_sys_bpf+0xa0/0xe0 kernel/bpf/syscall.c:5900\n ia32_sys_call+0x394d/0x4180 arch/x86/include/generated/asm/syscalls_32.h:358\n do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]\n __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/common.c:387\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/common.c:412\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:450\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4121 [inline]\n slab_alloc_node mm/slub.c:4164 [inline]\n kmem_cache_alloc_noprof+0x915/0xe10 mm/slub.c:4171\n insert_tree net/netfilter/nf_conncount.c:372 [inline]\n count_tree net/netfilter/nf_conncount.c:450 [inline]\n nf_conncount_count+0x1415/0x1e80 net/netfilter/nf_conncount.c:521\n connlimit_mt+0x7f6/0xbd0 net/netfilter/xt_connlimit.c:72\n __nft_match_eval net/netfilter/nft_compat.c:403 [inline]\n nft_match_eval+0x1a5/0x300 net/netfilter/nft_compat.c:433\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x1a5/0x230 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook_slow_list+0x24d/0x860 net/netfilter/core.c:663\n NF_HOOK_LIST include/linux/netfilter.h:350 [inline]\n ip_sublist_rcv+0x17b7/0x17f0 net/ipv4/ip_input.c:633\n ip_list_rcv+0x9ef/0xa40 net/ip\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21959",
"url": "https://www.suse.com/security/cve/CVE-2025-21959"
},
{
"category": "external",
"summary": "SUSE Bug 1240814 for CVE-2025-21959",
"url": "https://bugzilla.suse.com/1240814"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21959"
},
{
"cve": "CVE-2025-21987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21987"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: init return value in amdgpu_ttm_clear_buffer\n\nOtherwise an uninitialized value can be returned if\namdgpu_res_cleared returns true for all regions.\n\nPossibly closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3812\n\n(cherry picked from commit 7c62aacc3b452f73a1284198c81551035fac6d71)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21987",
"url": "https://www.suse.com/security/cve/CVE-2025-21987"
},
{
"category": "external",
"summary": "SUSE Bug 1240798 for CVE-2025-21987",
"url": "https://bugzilla.suse.com/1240798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21987"
},
{
"cve": "CVE-2025-21997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix an integer overflow in xp_create_and_assign_umem()\n\nSince the i and pool-\u003echunk_size variables are of type \u0027u32\u0027,\ntheir product can wrap around and then be cast to \u0027u64\u0027.\nThis can lead to two different XDP buffers pointing to the same\nmemory area.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21997",
"url": "https://www.suse.com/security/cve/CVE-2025-21997"
},
{
"category": "external",
"summary": "SUSE Bug 1240823 for CVE-2025-21997",
"url": "https://bugzilla.suse.com/1240823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-21997"
},
{
"cve": "CVE-2025-22005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().\n\nfib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything\nwhen it fails.\n\nCommit 7dd73168e273 (\"ipv6: Always allocate pcpu memory in a fib6_nh\")\nmoved fib_nh_common_init() before alloc_percpu_gfp() within fib6_nh_init()\nbut forgot to add cleanup for fib6_nh-\u003enh_common.nhc_pcpu_rth_output in\ncase it fails to allocate fib6_nh-\u003ert6i_pcpu, resulting in memleak.\n\nLet\u0027s call fib_nh_common_release() and clear nhc_pcpu_rth_output in the\nerror path.\n\nNote that we can remove the fib6_nh_release() call in nh_create_ipv6()\nlater in net-next.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22005",
"url": "https://www.suse.com/security/cve/CVE-2025-22005"
},
{
"category": "external",
"summary": "SUSE Bug 1240866 for CVE-2025-22005",
"url": "https://bugzilla.suse.com/1240866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-22005"
},
{
"cve": "CVE-2025-22023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Don\u0027t skip on Stopped - Length Invalid\n\nUp until commit d56b0b2ab142 (\"usb: xhci: ensure skipped isoc TDs are\nreturned when isoc ring is stopped\") in v6.11, the driver didn\u0027t skip\nmissed isochronous TDs when handling Stoppend and Stopped - Length\nInvalid events. Instead, it erroneously cleared the skip flag, which\nwould cause the ring to get stuck, as future events won\u0027t match the\nmissed TD which is never removed from the queue until it\u0027s cancelled.\n\nThis buggy logic seems to have been in place substantially unchanged\nsince the 3.x series over 10 years ago, which probably speaks first\nand foremost about relative rarity of this case in normal usage, but\nby the spec I see no reason why it shouldn\u0027t be possible.\n\nAfter d56b0b2ab142, TDs are immediately skipped when handling those\nStopped events. This poses a potential problem in case of Stopped -\nLength Invalid, which occurs either on completed TDs (likely already\ngiven back) or Link and No-Op TRBs. Such event won\u0027t be recognized\nas matching any TD (unless it\u0027s the rare Link TRB inside a TD) and\nwill result in skipping all pending TDs, giving them back possibly\nbefore they are done, risking isoc data loss and maybe UAF by HW.\n\nAs a compromise, don\u0027t skip and don\u0027t clear the skip flag on this\nkind of event. Then the next event will skip missed TDs. A downside\nof not handling Stopped - Length Invalid on a Link inside a TD is\nthat if the TD is cancelled, its actual length will not be updated\nto account for TRBs (silently) completed before the TD was stopped.\n\nI had no luck producing this sequence of completion events so there\nis no compelling demonstration of any resulting disaster. It may be\na very rare, obscure condition. The sole motivation for this patch\nis that if such unlikely event does occur, I\u0027d rather risk reporting\na cancelled partially done isoc frame as empty than gamble with UAF.\n\nThis will be fixed more properly by looking at Stopped event\u0027s TRB\npointer when making skipping decisions, but such rework is unlikely\nto be backported to v6.12, which will stay around for a few years.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22023",
"url": "https://www.suse.com/security/cve/CVE-2025-22023"
},
{
"category": "external",
"summary": "SUSE Bug 1241298 for CVE-2025-22023",
"url": "https://bugzilla.suse.com/1241298"
},
{
"category": "external",
"summary": "SUSE Bug 1246754 for CVE-2025-22023",
"url": "https://bugzilla.suse.com/1246754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "important"
}
],
"title": "CVE-2025-22023"
},
{
"cve": "CVE-2025-22035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22035"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix use-after-free in print_graph_function_flags during tracer switching\n\nKairui reported a UAF issue in print_graph_function_flags() during\nftrace stress testing [1]. This issue can be reproduced if puting a\n\u0027mdelay(10)\u0027 after \u0027mutex_unlock(\u0026trace_types_lock)\u0027 in s_start(),\nand executing the following script:\n\n $ echo function_graph \u003e current_tracer\n $ cat trace \u003e /dev/null \u0026\n $ sleep 5 # Ensure the \u0027cat\u0027 reaches the \u0027mdelay(10)\u0027 point\n $ echo timerlat \u003e current_tracer\n\nThe root cause lies in the two calls to print_graph_function_flags\nwithin print_trace_line during each s_show():\n\n * One through \u0027iter-\u003etrace-\u003eprint_line()\u0027;\n * Another through \u0027event-\u003efuncs-\u003etrace()\u0027, which is hidden in\n print_trace_fmt() before print_trace_line returns.\n\nTracer switching only updates the former, while the latter continues\nto use the print_line function of the old tracer, which in the script\nabove is print_graph_function_flags.\n\nMoreover, when switching from the \u0027function_graph\u0027 tracer to the\n\u0027timerlat\u0027 tracer, s_start only calls graph_trace_close of the\n\u0027function_graph\u0027 tracer to free \u0027iter-\u003eprivate\u0027, but does not set\nit to NULL. This provides an opportunity for \u0027event-\u003efuncs-\u003etrace()\u0027\nto use an invalid \u0027iter-\u003eprivate\u0027.\n\nTo fix this issue, set \u0027iter-\u003eprivate\u0027 to NULL immediately after\nfreeing it in graph_trace_close(), ensuring that an invalid pointer\nis not passed to other tracers. Additionally, clean up the unnecessary\n\u0027iter-\u003eprivate = NULL\u0027 during each \u0027cat trace\u0027 when using wakeup and\nirqsoff tracers.\n\n [1] https://lore.kernel.org/all/20231112150030.84609-1-ryncsn@gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22035",
"url": "https://www.suse.com/security/cve/CVE-2025-22035"
},
{
"category": "external",
"summary": "SUSE Bug 1241544 for CVE-2025-22035",
"url": "https://bugzilla.suse.com/1241544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-22035"
},
{
"cve": "CVE-2025-22066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: imx-card: Add NULL check in imx_card_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nimx_card_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22066",
"url": "https://www.suse.com/security/cve/CVE-2025-22066"
},
{
"category": "external",
"summary": "SUSE Bug 1241340 for CVE-2025-22066",
"url": "https://bugzilla.suse.com/1241340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-22066"
},
{
"cve": "CVE-2025-22083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint\n\nIf vhost_scsi_set_endpoint is called multiple times without a\nvhost_scsi_clear_endpoint between them, we can hit multiple bugs\nfound by Haoran Zhang:\n\n1. Use-after-free when no tpgs are found:\n\nThis fixes a use after free that occurs when vhost_scsi_set_endpoint is\ncalled more than once and calls after the first call do not find any\ntpgs to add to the vs_tpg. When vhost_scsi_set_endpoint first finds\ntpgs to add to the vs_tpg array match=true, so we will do:\n\nvhost_vq_set_backend(vq, vs_tpg);\n...\n\nkfree(vs-\u003evs_tpg);\nvs-\u003evs_tpg = vs_tpg;\n\nIf vhost_scsi_set_endpoint is called again and no tpgs are found\nmatch=false so we skip the vhost_vq_set_backend call leaving the\npointer to the vs_tpg we then free via:\n\nkfree(vs-\u003evs_tpg);\nvs-\u003evs_tpg = vs_tpg;\n\nIf a scsi request is then sent we do:\n\nvhost_scsi_handle_vq -\u003e vhost_scsi_get_req -\u003e vhost_vq_get_backend\n\nwhich sees the vs_tpg we just did a kfree on.\n\n2. Tpg dir removal hang:\n\nThis patch fixes an issue where we cannot remove a LIO/target layer\ntpg (and structs above it like the target) dir due to the refcount\ndropping to -1.\n\nThe problem is that if vhost_scsi_set_endpoint detects a tpg is already\nin the vs-\u003evs_tpg array or if the tpg has been removed so\ntarget_depend_item fails, the undepend goto handler will do\ntarget_undepend_item on all tpgs in the vs_tpg array dropping their\nrefcount to 0. At this time vs_tpg contains both the tpgs we have added\nin the current vhost_scsi_set_endpoint call as well as tpgs we added in\nprevious calls which are also in vs-\u003evs_tpg.\n\nLater, when vhost_scsi_clear_endpoint runs it will do\ntarget_undepend_item on all the tpgs in the vs-\u003evs_tpg which will drop\ntheir refcount to -1. Userspace will then not be able to remove the tpg\nand will hang when it tries to do rmdir on the tpg dir.\n\n3. Tpg leak:\n\nThis fixes a bug where we can leak tpgs and cause them to be\nun-removable because the target name is overwritten when\nvhost_scsi_set_endpoint is called multiple times but with different\ntarget names.\n\nThe bug occurs if a user has called VHOST_SCSI_SET_ENDPOINT and setup\na vhost-scsi device to target/tpg mapping, then calls\nVHOST_SCSI_SET_ENDPOINT again with a new target name that has tpgs we\nhaven\u0027t seen before (target1 has tpg1 but target2 has tpg2). When this\nhappens we don\u0027t teardown the old target tpg mapping and just overwrite\nthe target name and the vs-\u003evs_tpg array. Later when we do\nvhost_scsi_clear_endpoint, we are passed in either target1 or target2\u0027s\nname and we will only match that target\u0027s tpgs when we loop over the\nvs-\u003evs_tpg. We will then return from the function without doing\ntarget_undepend_item on the tpgs.\n\nBecause of all these bugs, it looks like being able to call\nvhost_scsi_set_endpoint multiple times was never supported. The major\nuser, QEMU, already has checks to prevent this use case. So to fix the\nissues, this patch prevents vhost_scsi_set_endpoint from being called\nif it\u0027s already successfully added tpgs. To add, remove or change the\ntpg config or target name, you must do a vhost_scsi_clear_endpoint\nfirst.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22083",
"url": "https://www.suse.com/security/cve/CVE-2025-22083"
},
{
"category": "external",
"summary": "SUSE Bug 1241414 for CVE-2025-22083",
"url": "https://bugzilla.suse.com/1241414"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-22083"
},
{
"cve": "CVE-2025-22089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Don\u0027t expose hw_counters outside of init net namespace\n\nCommit 467f432a521a (\"RDMA/core: Split port and device counter sysfs\nattributes\") accidentally almost exposed hw counters to non-init net\nnamespaces. It didn\u0027t expose them fully, as an attempt to read any of\nthose counters leads to a crash like this one:\n\n[42021.807566] BUG: kernel NULL pointer dereference, address: 0000000000000028\n[42021.814463] #PF: supervisor read access in kernel mode\n[42021.819549] #PF: error_code(0x0000) - not-present page\n[42021.824636] PGD 0 P4D 0\n[42021.827145] Oops: 0000 [#1] SMP PTI\n[42021.830598] CPU: 82 PID: 2843922 Comm: switchto-defaul Kdump: loaded Tainted: G S W I XXX\n[42021.841697] Hardware name: XXX\n[42021.849619] RIP: 0010:hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.855362] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 49 89 d0 4c 8b 5e 20 48 8b 8f b8 04 00 00 48 81 c7 f0 fa ff ff \u003c48\u003e 8b 41 28 48 29 ce 48 83 c6 d0 48 c1 ee 04 69 d6 ab aa aa aa 48\n[42021.873931] RSP: 0018:ffff97fe90f03da0 EFLAGS: 00010287\n[42021.879108] RAX: ffff9406988a8c60 RBX: ffff940e1072d438 RCX: 0000000000000000\n[42021.886169] RDX: ffff94085f1aa000 RSI: ffff93c6cbbdbcb0 RDI: ffff940c7517aef0\n[42021.893230] RBP: ffff97fe90f03e70 R08: ffff94085f1aa000 R09: 0000000000000000\n[42021.900294] R10: ffff94085f1aa000 R11: ffffffffc0775680 R12: ffffffff87ca2530\n[42021.907355] R13: ffff940651602840 R14: ffff93c6cbbdbcb0 R15: ffff94085f1aa000\n[42021.914418] FS: 00007fda1a3b9700(0000) GS:ffff94453fb80000(0000) knlGS:0000000000000000\n[42021.922423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[42021.928130] CR2: 0000000000000028 CR3: 00000042dcfb8003 CR4: 00000000003726f0\n[42021.935194] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[42021.942257] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[42021.949324] Call Trace:\n[42021.951756] \u003cTASK\u003e\n[42021.953842] [\u003cffffffff86c58674\u003e] ? show_regs+0x64/0x70\n[42021.959030] [\u003cffffffff86c58468\u003e] ? __die+0x78/0xc0\n[42021.963874] [\u003cffffffff86c9ef75\u003e] ? page_fault_oops+0x2b5/0x3b0\n[42021.969749] [\u003cffffffff87674b92\u003e] ? exc_page_fault+0x1a2/0x3c0\n[42021.975549] [\u003cffffffff87801326\u003e] ? asm_exc_page_fault+0x26/0x30\n[42021.981517] [\u003cffffffffc0775680\u003e] ? __pfx_show_hw_stats+0x10/0x10 [ib_core]\n[42021.988482] [\u003cffffffffc077564e\u003e] ? hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.995438] [\u003cffffffff86ac7f8e\u003e] dev_attr_show+0x1e/0x50\n[42022.000803] [\u003cffffffff86a3eeb1\u003e] sysfs_kf_seq_show+0x81/0xe0\n[42022.006508] [\u003cffffffff86a11134\u003e] seq_read_iter+0xf4/0x410\n[42022.011954] [\u003cffffffff869f4b2e\u003e] vfs_read+0x16e/0x2f0\n[42022.017058] [\u003cffffffff869f50ee\u003e] ksys_read+0x6e/0xe0\n[42022.022073] [\u003cffffffff8766f1ca\u003e] do_syscall_64+0x6a/0xa0\n[42022.027441] [\u003cffffffff8780013b\u003e] entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nThe problem can be reproduced using the following steps:\n ip netns add foo\n ip netns exec foo bash\n cat /sys/class/infiniband/mlx4_0/hw_counters/*\n\nThe panic occurs because of casting the device pointer into an\nib_device pointer using container_of() in hw_stat_device_show() is\nwrong and leads to a memory corruption.\n\nHowever the real problem is that hw counters should never been exposed\noutside of the non-init net namespace.\n\nFix this by saving the index of the corresponding attribute group\n(it might be 1 or 2 depending on the presence of driver-specific\nattributes) and zeroing the pointer to hw_counters group for compat\ndevices during the initialization.\n\nWith this fix applied hw_counters are not available in a non-init\nnet namespace:\n find /sys/class/infiniband/mlx4_0/ -name hw_counters\n /sys/class/infiniband/mlx4_0/ports/1/hw_counters\n /sys/class/infiniband/mlx4_0/ports/2/hw_counters\n /sys/class/infiniband/mlx4_0/hw_counters\n\n ip netns add foo\n ip netns exec foo bash\n find /sys/class/infiniband/mlx4_0/ -name hw_counters",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22089",
"url": "https://www.suse.com/security/cve/CVE-2025-22089"
},
{
"category": "external",
"summary": "SUSE Bug 1241538 for CVE-2025-22089",
"url": "https://bugzilla.suse.com/1241538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-22089"
},
{
"cve": "CVE-2025-22095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: brcmstb: Fix error path after a call to regulator_bulk_get()\n\nIf the regulator_bulk_get() returns an error and no regulators\nare created, we need to set their number to zero.\n\nIf we don\u0027t do this and the PCIe link up fails, a call to the\nregulator_bulk_free() will result in a kernel panic.\n\nWhile at it, print the error value, as we cannot return an error\nupwards as the kernel will WARN() on an error from add_bus().\n\n[kwilczynski: commit log, use comma in the message to match style with\nother similar messages]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22095",
"url": "https://www.suse.com/security/cve/CVE-2025-22095"
},
{
"category": "external",
"summary": "SUSE Bug 1241519 for CVE-2025-22095",
"url": "https://bugzilla.suse.com/1241519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-22095"
},
{
"cve": "CVE-2025-22111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22111"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF.\n\nSIOCBRDELIF is passed to dev_ioctl() first and later forwarded to\nbr_ioctl_call(), which causes unnecessary RTNL dance and the splat\nbelow [0] under RTNL pressure.\n\nLet\u0027s say Thread A is trying to detach a device from a bridge and\nThread B is trying to remove the bridge.\n\nIn dev_ioctl(), Thread A bumps the bridge device\u0027s refcnt by\nnetdev_hold() and releases RTNL because the following br_ioctl_call()\nalso re-acquires RTNL.\n\nIn the race window, Thread B could acquire RTNL and try to remove\nthe bridge device. Then, rtnl_unlock() by Thread B will release RTNL\nand wait for netdev_put() by Thread A.\n\nThread A, however, must hold RTNL after the unlock in dev_ifsioc(),\nwhich may take long under RTNL pressure, resulting in the splat by\nThread B.\n\n Thread A (SIOCBRDELIF) Thread B (SIOCBRDELBR)\n ---------------------- ----------------------\n sock_ioctl sock_ioctl\n `- sock_do_ioctl `- br_ioctl_call\n `- dev_ioctl `- br_ioctl_stub\n |- rtnl_lock |\n |- dev_ifsioc \u0027\n \u0027 |- dev = __dev_get_by_name(...)\n |- netdev_hold(dev, ...) .\n / |- rtnl_unlock ------. |\n | |- br_ioctl_call `---\u003e |- rtnl_lock\n Race | | `- br_ioctl_stub |- br_del_bridge\n Window | | | |- dev = __dev_get_by_name(...)\n | | | May take long | `- br_dev_delete(dev, ...)\n | | | under RTNL pressure | `- unregister_netdevice_queue(dev, ...)\n | | | | `- rtnl_unlock\n \\ | |- rtnl_lock \u003c-\u0027 `- netdev_run_todo\n | |- ... `- netdev_run_todo\n | `- rtnl_unlock |- __rtnl_unlock\n | |- netdev_wait_allrefs_any\n |- netdev_put(dev, ...) \u003c----------------\u0027\n Wait refcnt decrement\n and log splat below\n\nTo avoid blocking SIOCBRDELBR unnecessarily, let\u0027s not call\ndev_ioctl() for SIOCBRADDIF and SIOCBRDELIF.\n\nIn the dev_ioctl() path, we do the following:\n\n 1. Copy struct ifreq by get_user_ifreq in sock_do_ioctl()\n 2. Check CAP_NET_ADMIN in dev_ioctl()\n 3. Call dev_load() in dev_ioctl()\n 4. Fetch the master dev from ifr.ifr_name in dev_ifsioc()\n\n3. can be done by request_module() in br_ioctl_call(), so we move\n1., 2., and 4. to br_ioctl_stub().\n\nNote that 2. is also checked later in add_del_if(), but it\u0027s better\nperformed before RTNL.\n\nSIOCBRADDIF and SIOCBRDELIF have been processed in dev_ioctl() since\nthe pre-git era, and there seems to be no specific reason to process\nthem there.\n\n[0]:\nunregister_netdevice: waiting for wpan3 to become free. Usage count = 2\nref_tracker: wpan3@ffff8880662d8608 has 1/1 users at\n __netdev_tracker_alloc include/linux/netdevice.h:4282 [inline]\n netdev_hold include/linux/netdevice.h:4311 [inline]\n dev_ifsioc+0xc6a/0x1160 net/core/dev_ioctl.c:624\n dev_ioctl+0x255/0x10c0 net/core/dev_ioctl.c:826\n sock_do_ioctl+0x1ca/0x260 net/socket.c:1213\n sock_ioctl+0x23a/0x6c0 net/socket.c:1318\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl fs/ioctl.c:892 [inline]\n __x64_sys_ioctl+0x1a4/0x210 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcb/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22111",
"url": "https://www.suse.com/security/cve/CVE-2025-22111"
},
{
"category": "external",
"summary": "SUSE Bug 1241572 for CVE-2025-22111",
"url": "https://bugzilla.suse.com/1241572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-22111"
},
{
"cve": "CVE-2025-22113",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22113"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid journaling sb update on error if journal is destroying\n\nPresently we always BUG_ON if trying to start a transaction on a journal marked\nwith JBD2_UNMOUNT, since this should never happen. However, while ltp running\nstress tests, it was observed that in case of some error handling paths, it is\npossible for update_super_work to start a transaction after the journal is\ndestroyed eg:\n\n(umount)\next4_kill_sb\n kill_block_super\n generic_shutdown_super\n sync_filesystem /* commits all txns */\n evict_inodes\n /* might start a new txn */\n ext4_put_super\n\tflush_work(\u0026sbi-\u003es_sb_upd_work) /* flush the workqueue */\n jbd2_journal_destroy\n journal_kill_thread\n journal-\u003ej_flags |= JBD2_UNMOUNT;\n jbd2_journal_commit_transaction\n jbd2_journal_get_descriptor_buffer\n jbd2_journal_bmap\n ext4_journal_bmap\n ext4_map_blocks\n ...\n ext4_inode_error\n ext4_handle_error\n schedule_work(\u0026sbi-\u003es_sb_upd_work)\n\n /* work queue kicks in */\n update_super_work\n jbd2_journal_start\n start_this_handle\n BUG_ON(journal-\u003ej_flags \u0026\n JBD2_UNMOUNT)\n\nHence, introduce a new mount flag to indicate journal is destroying and only do\na journaled (and deferred) update of sb if this flag is not set. Otherwise, just\nfallback to an un-journaled commit.\n\nFurther, in the journal destroy path, we have the following sequence:\n\n 1. Set mount flag indicating journal is destroying\n 2. force a commit and wait for it\n 3. flush pending sb updates\n\nThis sequence is important as it ensures that, after this point, there is no sb\nupdate that might be journaled so it is safe to update the sb outside the\njournal. (To avoid race discussed in 2d01ddc86606)\n\nAlso, we don\u0027t need a similar check in ext4_grp_locked_error since it is only\ncalled from mballoc and AFAICT it would be always valid to schedule work here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22113",
"url": "https://www.suse.com/security/cve/CVE-2025-22113"
},
{
"category": "external",
"summary": "SUSE Bug 1241617 for CVE-2025-22113",
"url": "https://bugzilla.suse.com/1241617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-22113"
},
{
"cve": "CVE-2025-22119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: init wiphy_work before allocating rfkill fails\n\nsyzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1]\n\nAfter rfkill allocation fails, the wiphy release process will be performed,\nwhich will cause cfg80211_dev_free to access the uninitialized wiphy_work\nrelated data.\n\nMove the initialization of wiphy_work to before rfkill initialization to\navoid this issue.\n\n[1]\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn\u0027t initialize this object before use?\nturning off the locking correctness validator.\nCPU: 0 UID: 0 PID: 5935 Comm: syz-executor550 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n assign_lock_key kernel/locking/lockdep.c:983 [inline]\n register_lock_class+0xc39/0x1240 kernel/locking/lockdep.c:1297\n __lock_acquire+0x135/0x3c40 kernel/locking/lockdep.c:5103\n lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162\n cfg80211_dev_free+0x30/0x3d0 net/wireless/core.c:1196\n device_release+0xa1/0x240 drivers/base/core.c:2568\n kobject_cleanup lib/kobject.c:689 [inline]\n kobject_release lib/kobject.c:720 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1e4/0x5a0 lib/kobject.c:737\n put_device+0x1f/0x30 drivers/base/core.c:3774\n wiphy_free net/wireless/core.c:1224 [inline]\n wiphy_new_nm+0x1c1f/0x2160 net/wireless/core.c:562\n ieee80211_alloc_hw_nm+0x1b7a/0x2260 net/mac80211/main.c:835\n mac80211_hwsim_new_radio+0x1d6/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5185\n hwsim_new_radio_nl+0xb42/0x12b0 drivers/net/wireless/virtual/mac80211_hwsim.c:6242\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2533\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1338\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1882\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg net/socket.c:733 [inline]\n ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2573\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2627\n __sys_sendmsg+0x16e/0x220 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n\nClose: https://syzkaller.appspot.com/bug?extid=aaf0488c83d1d5f4f029",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22119",
"url": "https://www.suse.com/security/cve/CVE-2025-22119"
},
{
"category": "external",
"summary": "SUSE Bug 1241576 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "external",
"summary": "SUSE Bug 1241577 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "important"
}
],
"title": "CVE-2025-22119"
},
{
"cve": "CVE-2025-22120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: goto right label \u0027out_mmap_sem\u0027 in ext4_setattr()\n\nOtherwise, if ext4_inode_attach_jinode() fails, a hung task will\nhappen because filemap_invalidate_unlock() isn\u0027t called to unlock\nmapping-\u003einvalidate_lock. Like this:\n\nEXT4-fs error (device sda) in ext4_setattr:5557: Out of memory\nINFO: task fsstress:374 blocked for more than 122 seconds.\n Not tainted 6.14.0-rc1-next-20250206-xfstests-dirty #726\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:fsstress state:D stack:0 pid:374 tgid:374 ppid:373\n task_flags:0x440140 flags:0x00000000\nCall Trace:\n \u003cTASK\u003e\n __schedule+0x2c9/0x7f0\n schedule+0x27/0xa0\n schedule_preempt_disabled+0x15/0x30\n rwsem_down_read_slowpath+0x278/0x4c0\n down_read+0x59/0xb0\n page_cache_ra_unbounded+0x65/0x1b0\n filemap_get_pages+0x124/0x3e0\n filemap_read+0x114/0x3d0\n vfs_read+0x297/0x360\n ksys_read+0x6c/0xe0\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22120",
"url": "https://www.suse.com/security/cve/CVE-2025-22120"
},
{
"category": "external",
"summary": "SUSE Bug 1241592 for CVE-2025-22120",
"url": "https://bugzilla.suse.com/1241592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-22120"
},
{
"cve": "CVE-2025-22124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: fix wrong bitmap_limit for clustermd when write sb\n\nIn clustermd, separate write-intent-bitmaps are used for each cluster\nnode:\n\n0 4k 8k 12k\n-------------------------------------------------------------------\n| idle | md super | bm super [0] + bits |\n| bm bits[0, contd] | bm super[1] + bits | bm bits[1, contd] |\n| bm super[2] + bits | bm bits [2, contd] | bm super[3] + bits |\n| bm bits [3, contd] | | |\n\nSo in node 1, pg_index in __write_sb_page() could equal to\nbitmap-\u003estorage.file_pages. Then bitmap_limit will be calculated to\n0. md_super_write() will be called with 0 size.\nThat means the first 4k sb area of node 1 will never be updated\nthrough filemap_write_page().\nThis bug causes hang of mdadm/clustermd_tests/01r1_Grow_resize.\n\nHere use (pg_index % bitmap-\u003estorage.file_pages) to make calculation\nof bitmap_limit correct.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22124",
"url": "https://www.suse.com/security/cve/CVE-2025-22124"
},
{
"category": "external",
"summary": "SUSE Bug 1241595 for CVE-2025-22124",
"url": "https://bugzilla.suse.com/1241595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-22124"
},
{
"cve": "CVE-2025-23141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses\n\nAcquire a lock on kvm-\u003esrcu when userspace is getting MP state to handle a\nrather extreme edge case where \"accepting\" APIC events, i.e. processing\npending INIT or SIPI, can trigger accesses to guest memory. If the vCPU\nis in L2 with INIT *and* a TRIPLE_FAULT request pending, then getting MP\nstate will trigger a nested VM-Exit by way of -\u003echeck_nested_events(), and\nemuating the nested VM-Exit can access guest memory.\n\nThe splat was originally hit by syzkaller on a Google-internal kernel, and\nreproduced on an upstream kernel by hacking the triple_fault_event_test\nselftest to stuff a pending INIT, store an MSR on VM-Exit (to generate a\nmemory access on VMX), and do vcpu_mp_state_get() to trigger the scenario.\n\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3-b112d356288b-vmx/pi_lockdep_false_pos-lock #3 Not tainted\n -----------------------------\n include/linux/kvm_host.h:1058 suspicious rcu_dereference_check() usage!\n\n other info that might help us debug this:\n\n rcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by triple_fault_ev/1256:\n #0: ffff88810df5a330 (\u0026vcpu-\u003emutex){+.+.}-{4:4}, at: kvm_vcpu_ioctl+0x8b/0x9a0 [kvm]\n\n stack backtrace:\n CPU: 11 UID: 1000 PID: 1256 Comm: triple_fault_ev Not tainted 6.14.0-rc3-b112d356288b-vmx #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7f/0x90\n lockdep_rcu_suspicious+0x144/0x190\n kvm_vcpu_gfn_to_memslot+0x156/0x180 [kvm]\n kvm_vcpu_read_guest+0x3e/0x90 [kvm]\n read_and_check_msr_entry+0x2e/0x180 [kvm_intel]\n __nested_vmx_vmexit+0x550/0xde0 [kvm_intel]\n kvm_check_nested_events+0x1b/0x30 [kvm]\n kvm_apic_accept_events+0x33/0x100 [kvm]\n kvm_arch_vcpu_ioctl_get_mpstate+0x30/0x1d0 [kvm]\n kvm_vcpu_ioctl+0x33e/0x9a0 [kvm]\n __x64_sys_ioctl+0x8b/0xb0\n do_syscall_64+0x6c/0x170\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23141",
"url": "https://www.suse.com/security/cve/CVE-2025-23141"
},
{
"category": "external",
"summary": "SUSE Bug 1242782 for CVE-2025-23141",
"url": "https://bugzilla.suse.com/1242782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-23141"
},
{
"cve": "CVE-2025-23142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: detect and prevent references to a freed transport in sendmsg\n\nsctp_sendmsg() re-uses associations and transports when possible by\ndoing a lookup based on the socket endpoint and the message destination\naddress, and then sctp_sendmsg_to_asoc() sets the selected transport in\nall the message chunks to be sent.\n\nThere\u0027s a possible race condition if another thread triggers the removal\nof that selected transport, for instance, by explicitly unbinding an\naddress with setsockopt(SCTP_SOCKOPT_BINDX_REM), after the chunks have\nbeen set up and before the message is sent. This can happen if the send\nbuffer is full, during the period when the sender thread temporarily\nreleases the socket lock in sctp_wait_for_sndbuf().\n\nThis causes the access to the transport data in\nsctp_outq_select_transport(), when the association outqueue is flushed,\nto result in a use-after-free read.\n\nThis change avoids this scenario by having sctp_transport_free() signal\nthe freeing of the transport, tagging it as \"dead\". In order to do this,\nthe patch restores the \"dead\" bit in struct sctp_transport, which was\nremoved in\ncommit 47faa1e4c50e (\"sctp: remove the dead field of sctp_transport\").\n\nThen, in the scenario where the sender thread has released the socket\nlock in sctp_wait_for_sndbuf(), the bit is checked again after\nre-acquiring the socket lock to detect the deletion. This is done while\nholding a reference to the transport to prevent it from being freed in\nthe process.\n\nIf the transport was deleted while the socket lock was relinquished,\nsctp_sendmsg_to_asoc() will return -EAGAIN to let userspace retry the\nsend.\n\nThe bug was found by a private syzbot instance (see the error report [1]\nand the C reproducer that triggers it [2]).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23142",
"url": "https://www.suse.com/security/cve/CVE-2025-23142"
},
{
"category": "external",
"summary": "SUSE Bug 1242760 for CVE-2025-23142",
"url": "https://bugzilla.suse.com/1242760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-23142"
},
{
"cve": "CVE-2025-23144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23144"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbacklight: led_bl: Hold led_access lock when calling led_sysfs_disable()\n\nLockdep detects the following issue on led-backlight removal:\n [ 142.315935] ------------[ cut here ]------------\n [ 142.315954] WARNING: CPU: 2 PID: 292 at drivers/leds/led-core.c:455 led_sysfs_enable+0x54/0x80\n ...\n [ 142.500725] Call trace:\n [ 142.503176] led_sysfs_enable+0x54/0x80 (P)\n [ 142.507370] led_bl_remove+0x80/0xa8 [led_bl]\n [ 142.511742] platform_remove+0x30/0x58\n [ 142.515501] device_remove+0x54/0x90\n ...\n\nIndeed, led_sysfs_enable() has to be called with the led_access\nlock held.\n\nHold the lock when calling led_sysfs_disable().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23144",
"url": "https://www.suse.com/security/cve/CVE-2025-23144"
},
{
"category": "external",
"summary": "SUSE Bug 1242568 for CVE-2025-23144",
"url": "https://bugzilla.suse.com/1242568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-23144"
},
{
"cve": "CVE-2025-23146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: ene-kb3930: Fix a potential NULL pointer dereference\n\nThe off_gpios could be NULL. Add missing check in the kb3930_probe().\nThis is similar to the issue fixed in commit b1ba8bcb2d1f\n(\"backlight: hx8357: Fix potential NULL pointer dereference\").\n\nThis was detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23146",
"url": "https://www.suse.com/security/cve/CVE-2025-23146"
},
{
"category": "external",
"summary": "SUSE Bug 1242559 for CVE-2025-23146",
"url": "https://bugzilla.suse.com/1242559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-23146"
},
{
"cve": "CVE-2025-23147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: Add NULL pointer check in i3c_master_queue_ibi()\n\nThe I3C master driver may receive an IBI from a target device that has not\nbeen probed yet. In such cases, the master calls `i3c_master_queue_ibi()`\nto queue an IBI work task, leading to \"Unable to handle kernel read from\nunreadable memory\" and resulting in a kernel panic.\n\nTypical IBI handling flow:\n1. The I3C master scans target devices and probes their respective drivers.\n2. The target device driver calls `i3c_device_request_ibi()` to enable IBI\n and assigns `dev-\u003eibi = ibi`.\n3. The I3C master receives an IBI from the target device and calls\n `i3c_master_queue_ibi()` to queue the target device driver\u0027s IBI\n handler task.\n\nHowever, since target device events are asynchronous to the I3C probe\nsequence, step 3 may occur before step 2, causing `dev-\u003eibi` to be `NULL`,\nleading to a kernel panic.\n\nAdd a NULL pointer check in `i3c_master_queue_ibi()` to prevent accessing\nan uninitialized `dev-\u003eibi`, ensuring stability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23147",
"url": "https://www.suse.com/security/cve/CVE-2025-23147"
},
{
"category": "external",
"summary": "SUSE Bug 1242530 for CVE-2025-23147",
"url": "https://bugzilla.suse.com/1242530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-23147"
},
{
"cve": "CVE-2025-23148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()\n\nsoc_dev_attr-\u003erevision could be NULL, thus,\na pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23148",
"url": "https://www.suse.com/security/cve/CVE-2025-23148"
},
{
"category": "external",
"summary": "SUSE Bug 1242578 for CVE-2025-23148",
"url": "https://bugzilla.suse.com/1242578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-23148"
},
{
"cve": "CVE-2025-23149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: do not start chip while suspended\n\nChecking TPM_CHIP_FLAG_SUSPENDED after the call to tpm_find_get_ops() can\nlead to a spurious tpm_chip_start() call:\n\n[35985.503771] i2c i2c-1: Transfer while suspended\n[35985.503796] WARNING: CPU: 0 PID: 74 at drivers/i2c/i2c-core.h:56 __i2c_transfer+0xbe/0x810\n[35985.503802] Modules linked in:\n[35985.503808] CPU: 0 UID: 0 PID: 74 Comm: hwrng Tainted: G W 6.13.0-next-20250203-00005-gfa0cb5642941 #19 9c3d7f78192f2d38e32010ac9c90fdc71109ef6f\n[35985.503814] Tainted: [W]=WARN\n[35985.503817] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[35985.503819] RIP: 0010:__i2c_transfer+0xbe/0x810\n[35985.503825] Code: 30 01 00 00 4c 89 f7 e8 40 fe d8 ff 48 8b 93 80 01 00 00 48 85 d2 75 03 49 8b 16 48 c7 c7 0a fb 7c a7 48 89 c6 e8 32 ad b0 fe \u003c0f\u003e 0b b8 94 ff ff ff e9 33 04 00 00 be 02 00 00 00 83 fd 02 0f 5\n[35985.503828] RSP: 0018:ffffa106c0333d30 EFLAGS: 00010246\n[35985.503833] RAX: 074ba64aa20f7000 RBX: ffff8aa4c1167120 RCX: 0000000000000000\n[35985.503836] RDX: 0000000000000000 RSI: ffffffffa77ab0e4 RDI: 0000000000000001\n[35985.503838] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\n[35985.503841] R10: 0000000000000004 R11: 00000001000313d5 R12: ffff8aa4c10f1820\n[35985.503843] R13: ffff8aa4c0e243c0 R14: ffff8aa4c1167250 R15: ffff8aa4c1167120\n[35985.503846] FS: 0000000000000000(0000) GS:ffff8aa4eae00000(0000) knlGS:0000000000000000\n[35985.503849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[35985.503852] CR2: 00007fab0aaf1000 CR3: 0000000105328000 CR4: 00000000003506f0\n[35985.503855] Call Trace:\n[35985.503859] \u003cTASK\u003e\n[35985.503863] ? __warn+0xd4/0x260\n[35985.503868] ? __i2c_transfer+0xbe/0x810\n[35985.503874] ? report_bug+0xf3/0x210\n[35985.503882] ? handle_bug+0x63/0xb0\n[35985.503887] ? exc_invalid_op+0x16/0x50\n[35985.503892] ? asm_exc_invalid_op+0x16/0x20\n[35985.503904] ? __i2c_transfer+0xbe/0x810\n[35985.503913] tpm_cr50_i2c_transfer_message+0x24/0xf0\n[35985.503920] tpm_cr50_i2c_read+0x8e/0x120\n[35985.503928] tpm_cr50_request_locality+0x75/0x170\n[35985.503935] tpm_chip_start+0x116/0x160\n[35985.503942] tpm_try_get_ops+0x57/0x90\n[35985.503948] tpm_find_get_ops+0x26/0xd0\n[35985.503955] tpm_get_random+0x2d/0x80\n\nDon\u0027t move forward with tpm_chip_start() inside tpm_try_get_ops(), unless\nTPM_CHIP_FLAG_SUSPENDED is not set. tpm_find_get_ops() will return NULL in\nsuch a failure case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23149",
"url": "https://www.suse.com/security/cve/CVE-2025-23149"
},
{
"category": "external",
"summary": "SUSE Bug 1242758 for CVE-2025-23149",
"url": "https://bugzilla.suse.com/1242758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-23149"
},
{
"cve": "CVE-2025-23151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Fix race between unprepare and queue_buf\n\nA client driver may use mhi_unprepare_from_transfer() to quiesce\nincoming data during the client driver\u0027s tear down. The client driver\nmight also be processing data at the same time, resulting in a call to\nmhi_queue_buf() which will invoke mhi_gen_tre(). If mhi_gen_tre() runs\nafter mhi_unprepare_from_transfer() has torn down the channel, a panic\nwill occur due to an invalid dereference leading to a page fault.\n\nThis occurs because mhi_gen_tre() does not verify the channel state\nafter locking it. Fix this by having mhi_gen_tre() confirm the channel\nstate is valid, or return error to avoid accessing deinitialized data.\n\n[mani: added stable tag]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23151",
"url": "https://www.suse.com/security/cve/CVE-2025-23151"
},
{
"category": "external",
"summary": "SUSE Bug 1242512 for CVE-2025-23151",
"url": "https://bugzilla.suse.com/1242512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-23151"
},
{
"cve": "CVE-2025-23155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23155"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: Fix accessing freed irq affinity_hint\n\nThe cpumask should not be a local variable, since its pointer is saved\nto irq_desc and may be accessed from procfs.\nTo fix it, use the persistent mask cpumask_of(cpu#).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23155",
"url": "https://www.suse.com/security/cve/CVE-2025-23155"
},
{
"category": "external",
"summary": "SUSE Bug 1242573 for CVE-2025-23155",
"url": "https://bugzilla.suse.com/1242573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-23155"
},
{
"cve": "CVE-2025-23156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: refactor hfi packet parsing logic\n\nwords_count denotes the number of words in total payload, while data\npoints to payload of various property within it. When words_count\nreaches last word, data can access memory beyond the total payload. This\ncan lead to OOB access. With this patch, the utility api for handling\nindividual properties now returns the size of data consumed. Accordingly\nremaining bytes are calculated before parsing the payload, thereby\neliminates the OOB access possibilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23156",
"url": "https://www.suse.com/security/cve/CVE-2025-23156"
},
{
"category": "external",
"summary": "SUSE Bug 1242569 for CVE-2025-23156",
"url": "https://bugzilla.suse.com/1242569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-23156"
},
{
"cve": "CVE-2025-23157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: add check to avoid out of bound access\n\nThere is a possibility that init_codecs is invoked multiple times during\nmanipulated payload from video firmware. In such case, if codecs_count\ncan get incremented to value more than MAX_CODEC_NUM, there can be OOB\naccess. Reset the count so that it always starts from beginning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23157",
"url": "https://www.suse.com/security/cve/CVE-2025-23157"
},
{
"category": "external",
"summary": "SUSE Bug 1242532 for CVE-2025-23157",
"url": "https://bugzilla.suse.com/1242532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-23157"
},
{
"cve": "CVE-2025-23158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add check to handle incorrect queue size\n\nqsize represents size of shared queued between driver and video\nfirmware. Firmware can modify this value to an invalid large value. In\nsuch situation, empty_space will be bigger than the space actually\navailable. Since new_wr_idx is not checked, so the following code will\nresult in an OOB write.\n...\nqsize = qhdr-\u003eq_size\n\nif (wr_idx \u003e= rd_idx)\n empty_space = qsize - (wr_idx - rd_idx)\n....\nif (new_wr_idx \u003c qsize) {\n memcpy(wr_ptr, packet, dwords \u003c\u003c 2) --\u003e OOB write\n\nAdd check to ensure qsize is within the allocated size while\nreading and writing packets into the queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23158",
"url": "https://www.suse.com/security/cve/CVE-2025-23158"
},
{
"category": "external",
"summary": "SUSE Bug 1242531 for CVE-2025-23158",
"url": "https://bugzilla.suse.com/1242531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-23158"
},
{
"cve": "CVE-2025-23159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add a check to handle OOB in sfr region\n\nsfr-\u003ebuf_size is in shared memory and can be modified by malicious user.\nOOB write is possible when the size is made higher than actual sfr data\nbuffer. Cap the size to allocated size for such cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23159",
"url": "https://www.suse.com/security/cve/CVE-2025-23159"
},
{
"category": "external",
"summary": "SUSE Bug 1242529 for CVE-2025-23159",
"url": "https://bugzilla.suse.com/1242529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-23159"
},
{
"cve": "CVE-2025-23161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type\n\nThe access to the PCI config space via pci_ops::read and pci_ops::write is\na low-level hardware access. The functions can be accessed with disabled\ninterrupts even on PREEMPT_RT. The pci_lock is a raw_spinlock_t for this\npurpose.\n\nA spinlock_t becomes a sleeping lock on PREEMPT_RT, so it cannot be\nacquired with disabled interrupts. The vmd_dev::cfg_lock is accessed in\nthe same context as the pci_lock.\n\nMake vmd_dev::cfg_lock a raw_spinlock_t type so it can be used with\ninterrupts disabled.\n\nThis was reported as:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n Call Trace:\n rt_spin_lock+0x4e/0x130\n vmd_pci_read+0x8d/0x100 [vmd]\n pci_user_read_config_byte+0x6f/0xe0\n pci_read_config+0xfe/0x290\n sysfs_kf_bin_read+0x68/0x90\n\n[bigeasy: reword commit message]\nTested-off-by: Luis Claudio R. Goncalves \u003clgoncalv@redhat.com\u003e\n[kwilczynski: commit log]\n[bhelgaas: add back report info from\nhttps://lore.kernel.org/lkml/20241218115951.83062-1-ryotkkr98@gmail.com/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23161",
"url": "https://www.suse.com/security/cve/CVE-2025-23161"
},
{
"category": "external",
"summary": "SUSE Bug 1242792 for CVE-2025-23161",
"url": "https://bugzilla.suse.com/1242792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-23161"
},
{
"cve": "CVE-2025-23162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/vf: Don\u0027t try to trigger a full GT reset if VF\n\nVFs don\u0027t have access to the GDRST(0x941c) register that driver\nuses to reset a GT. Attempt to trigger a reset using debugfs:\n\n $ cat /sys/kernel/debug/dri/0000:00:02.1/gt0/force_reset\n\nor due to a hang condition detected by the driver leads to:\n\n [ ] xe 0000:00:02.1: [drm] GT0: trying reset from force_reset [xe]\n [ ] xe 0000:00:02.1: [drm] GT0: reset queued\n [ ] xe 0000:00:02.1: [drm] GT0: reset started\n [ ] ------------[ cut here ]------------\n [ ] xe 0000:00:02.1: [drm] GT0: VF is trying to write 0x1 to an inaccessible register 0x941c+0x0\n [ ] WARNING: CPU: 3 PID: 3069 at drivers/gpu/drm/xe/xe_gt_sriov_vf.c:996 xe_gt_sriov_vf_write32+0xc6/0x580 [xe]\n [ ] RIP: 0010:xe_gt_sriov_vf_write32+0xc6/0x580 [xe]\n [ ] Call Trace:\n [ ] \u003cTASK\u003e\n [ ] ? show_regs+0x6c/0x80\n [ ] ? __warn+0x93/0x1c0\n [ ] ? xe_gt_sriov_vf_write32+0xc6/0x580 [xe]\n [ ] ? report_bug+0x182/0x1b0\n [ ] ? handle_bug+0x6e/0xb0\n [ ] ? exc_invalid_op+0x18/0x80\n [ ] ? asm_exc_invalid_op+0x1b/0x20\n [ ] ? xe_gt_sriov_vf_write32+0xc6/0x580 [xe]\n [ ] ? xe_gt_sriov_vf_write32+0xc6/0x580 [xe]\n [ ] ? xe_gt_tlb_invalidation_reset+0xef/0x110 [xe]\n [ ] ? __mutex_unlock_slowpath+0x41/0x2e0\n [ ] xe_mmio_write32+0x64/0x150 [xe]\n [ ] do_gt_reset+0x2f/0xa0 [xe]\n [ ] gt_reset_worker+0x14e/0x1e0 [xe]\n [ ] process_one_work+0x21c/0x740\n [ ] worker_thread+0x1db/0x3c0\n\nFix that by sending H2G VF_RESET(0x5507) action instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23162",
"url": "https://www.suse.com/security/cve/CVE-2025-23162"
},
{
"category": "external",
"summary": "SUSE Bug 1242834 for CVE-2025-23162",
"url": "https://bugzilla.suse.com/1242834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-23162"
},
{
"cve": "CVE-2025-37738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: ignore xattrs past end\n\nOnce inside \u0027ext4_xattr_inode_dec_ref_all\u0027 we should\nignore xattrs entries past the \u0027end\u0027 entry.\n\nThis fixes the following KASAN reported issue:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\nRead of size 4 at addr ffff888012c120c4 by task repro/2065\n\nCPU: 1 UID: 0 PID: 2065 Comm: repro Not tainted 6.13.0-rc2+ #11\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x1fd/0x300\n ? tcp_gro_dev_warn+0x260/0x260\n ? _printk+0xc0/0x100\n ? read_lock_is_recursive+0x10/0x10\n ? irq_work_queue+0x72/0xf0\n ? __virt_addr_valid+0x17b/0x4b0\n print_address_description+0x78/0x390\n print_report+0x107/0x1f0\n ? __virt_addr_valid+0x17b/0x4b0\n ? __virt_addr_valid+0x3ff/0x4b0\n ? __phys_addr+0xb5/0x160\n ? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n kasan_report+0xcc/0x100\n ? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n ? ext4_xattr_delete_inode+0xd30/0xd30\n ? __ext4_journal_ensure_credits+0x5f0/0x5f0\n ? __ext4_journal_ensure_credits+0x2b/0x5f0\n ? inode_update_timestamps+0x410/0x410\n ext4_xattr_delete_inode+0xb64/0xd30\n ? ext4_truncate+0xb70/0xdc0\n ? ext4_expand_extra_isize_ea+0x1d20/0x1d20\n ? __ext4_mark_inode_dirty+0x670/0x670\n ? ext4_journal_check_start+0x16f/0x240\n ? ext4_inode_is_fast_symlink+0x2f2/0x3a0\n ext4_evict_inode+0xc8c/0xff0\n ? ext4_inode_is_fast_symlink+0x3a0/0x3a0\n ? do_raw_spin_unlock+0x53/0x8a0\n ? ext4_inode_is_fast_symlink+0x3a0/0x3a0\n evict+0x4ac/0x950\n ? proc_nr_inodes+0x310/0x310\n ? trace_ext4_drop_inode+0xa2/0x220\n ? _raw_spin_unlock+0x1a/0x30\n ? iput+0x4cb/0x7e0\n do_unlinkat+0x495/0x7c0\n ? try_break_deleg+0x120/0x120\n ? 0xffffffff81000000\n ? __check_object_size+0x15a/0x210\n ? strncpy_from_user+0x13e/0x250\n ? getname_flags+0x1dc/0x530\n __x64_sys_unlinkat+0xc8/0xf0\n do_syscall_64+0x65/0x110\n entry_SYSCALL_64_after_hwframe+0x67/0x6f\nRIP: 0033:0x434ffd\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 8\nRSP: 002b:00007ffc50fa7b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000107\nRAX: ffffffffffffffda RBX: 00007ffc50fa7e18 RCX: 0000000000434ffd\nRDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000005\nRBP: 00007ffc50fa7be0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001\nR13: 00007ffc50fa7e08 R14: 00000000004bbf30 R15: 0000000000000001\n \u003c/TASK\u003e\n\nThe buggy address belongs to the object at ffff888012c12000\n which belongs to the cache filp of size 360\nThe buggy address is located 196 bytes inside of\n freed 360-byte region [ffff888012c12000, ffff888012c12168)\n\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12c12\nhead: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0\nflags: 0x40(head|node=0|zone=0)\npage_type: f5(slab)\nraw: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nraw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nhead: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000001 ffffea00004b0481 ffffffffffffffff 0000000000000000\nhead: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888012c11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888012c12000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n\u003e ffff888012c12080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888012c12100: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc\n ffff888012c12180: fc fc fc fc fc fc fc fc fc\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37738",
"url": "https://www.suse.com/security/cve/CVE-2025-37738"
},
{
"category": "external",
"summary": "SUSE Bug 1242846 for CVE-2025-37738",
"url": "https://bugzilla.suse.com/1242846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37738"
},
{
"cve": "CVE-2025-37740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add sanity check for agwidth in dbMount\n\nThe width in dmapctl of the AG is zero, it trigger a divide error when\ncalculating the control page level in dbAllocAG.\n\nTo avoid this issue, add a check for agwidth in dbAllocAG.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37740",
"url": "https://www.suse.com/security/cve/CVE-2025-37740"
},
{
"category": "external",
"summary": "SUSE Bug 1243006 for CVE-2025-37740",
"url": "https://bugzilla.suse.com/1243006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37740"
},
{
"cve": "CVE-2025-37741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Prevent copying of nlink with value 0 from disk inode\n\nsyzbot report a deadlock in diFree. [1]\n\nWhen calling \"ioctl$LOOP_SET_STATUS64\", the offset value passed in is 4,\nwhich does not match the mounted loop device, causing the mapping of the\nmounted loop device to be invalidated.\n\nWhen creating the directory and creating the inode of iag in diReadSpecial(),\nread the page of fixed disk inode (AIT) in raw mode in read_metapage(), the\nmetapage data it returns is corrupted, which causes the nlink value of 0 to be\nassigned to the iag inode when executing copy_from_dinode(), which ultimately\ncauses a deadlock when entering diFree().\n\nTo avoid this, first check the nlink value of dinode before setting iag inode.\n\n[1]\nWARNING: possible recursive locking detected\n6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0 Not tainted\n--------------------------------------------\nsyz-executor301/5309 is trying to acquire lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n\nbut task is already holding lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026(imap-\u003eim_aglock[index]));\n lock(\u0026(imap-\u003eim_aglock[index]));\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n5 locks held by syz-executor301/5309:\n #0: ffff8880422a4420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:515\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:850 [inline]\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: filename_create+0x260/0x540 fs/namei.c:4026\n #2: ffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2460 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocAG+0x4b7/0x1e50 fs/jfs/jfs_imap.c:1669\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2477 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocAG+0x869/0x1e50 fs/jfs/jfs_imap.c:1669\n\nstack backtrace:\nCPU: 0 UID: 0 PID: 5309 Comm: syz-executor301 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_deadlock_bug+0x483/0x620 kernel/locking/lockdep.c:3037\n check_deadlock kernel/locking/lockdep.c:3089 [inline]\n validate_chain+0x15e2/0x5920 kernel/locking/lockdep.c:3891\n __lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5202\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825\n __mutex_lock_common kernel/locking/mutex.c:608 [inline]\n __mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752\n diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n jfs_evict_inode+0x32d/0x440 fs/jfs/inode.c:156\n evict+0x4e8/0x9b0 fs/inode.c:725\n diFreeSpecial fs/jfs/jfs_imap.c:552 [inline]\n duplicateIXtree+0x3c6/0x550 fs/jfs/jfs_imap.c:3022\n diNewIAG fs/jfs/jfs_imap.c:2597 [inline]\n diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n diAllocAG+0x17dc/0x1e50 fs/jfs/jfs_imap.c:1669\n diAlloc+0x1d2/0x1630 fs/jfs/jfs_imap.c:1590\n ialloc+0x8f/0x900 fs/jfs/jfs_inode.c:56\n jfs_mkdir+0x1c5/0xba0 fs/jfs/namei.c:225\n vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257\n do_mkdirat+0x264/0x3a0 fs/namei.c:4280\n __do_sys_mkdirat fs/namei.c:4295 [inline]\n __se_sys_mkdirat fs/namei.c:4293 [inline]\n __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293\n do_syscall_x64 arch/x86/en\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37741",
"url": "https://www.suse.com/security/cve/CVE-2025-37741"
},
{
"category": "external",
"summary": "SUSE Bug 1243015 for CVE-2025-37741",
"url": "https://bugzilla.suse.com/1243015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37741"
},
{
"cve": "CVE-2025-37742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix uninit-value access of imap allocated in the diMount() function\n\nsyzbot reports that hex_dump_to_buffer is using uninit-value:\n\n=====================================================\nBUG: KMSAN: uninit-value in hex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nhex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nprint_hex_dump+0x13d/0x3e0 lib/hexdump.c:276\ndiFree+0x5ba/0x4350 fs/jfs/jfs_imap.c:876\njfs_evict_inode+0x510/0x550 fs/jfs/inode.c:156\nevict+0x723/0xd10 fs/inode.c:796\niput_final fs/inode.c:1946 [inline]\niput+0x97b/0xdb0 fs/inode.c:1972\ntxUpdateMap+0xf3e/0x1150 fs/jfs/jfs_txnmgr.c:2367\ntxLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline]\njfs_lazycommit+0x627/0x11d0 fs/jfs/jfs_txnmgr.c:2733\nkthread+0x6b9/0xef0 kernel/kthread.c:464\nret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:148\nret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nUninit was created at:\nslab_post_alloc_hook mm/slub.c:4121 [inline]\nslab_alloc_node mm/slub.c:4164 [inline]\n__kmalloc_cache_noprof+0x8e3/0xdf0 mm/slub.c:4320\nkmalloc_noprof include/linux/slab.h:901 [inline]\ndiMount+0x61/0x7f0 fs/jfs/jfs_imap.c:105\njfs_mount+0xa8e/0x11d0 fs/jfs/jfs_mount.c:176\njfs_fill_super+0xa47/0x17c0 fs/jfs/super.c:523\nget_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636\nget_tree_bdev+0x37/0x50 fs/super.c:1659\njfs_get_tree+0x34/0x40 fs/jfs/super.c:635\nvfs_get_tree+0xb1/0x5a0 fs/super.c:1814\ndo_new_mount+0x71f/0x15e0 fs/namespace.c:3560\npath_mount+0x742/0x1f10 fs/namespace.c:3887\ndo_mount fs/namespace.c:3900 [inline]\n__do_sys_mount fs/namespace.c:4111 [inline]\n__se_sys_mount+0x71f/0x800 fs/namespace.c:4088\n__x64_sys_mount+0xe4/0x150 fs/namespace.c:4088\nx64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\n=====================================================\n\nThe reason is that imap is not properly initialized after memory\nallocation. It will cause the snprintf() function to write uninitialized\ndata into linebuf within hex_dump_to_buffer().\n\nFix this by using kzalloc instead of kmalloc to clear its content at the\nbeginning in diMount().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37742",
"url": "https://www.suse.com/security/cve/CVE-2025-37742"
},
{
"category": "external",
"summary": "SUSE Bug 1243011 for CVE-2025-37742",
"url": "https://bugzilla.suse.com/1243011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37742"
},
{
"cve": "CVE-2025-37743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Avoid memory leak while enabling statistics\n\nDriver uses monitor destination rings for extended statistics mode and\nstandalone monitor mode. In extended statistics mode, TLVs are parsed from\nthe buffer received from the monitor destination ring and assigned to the\nppdu_info structure to update per-packet statistics. In standalone monitor\nmode, along with per-packet statistics, the packet data (payload) is\ncaptured, and the driver updates per MSDU to mac80211.\n\nWhen the AP interface is enabled, only extended statistics mode is\nactivated. As part of enabling monitor rings for collecting statistics,\nthe driver subscribes to HAL_RX_MPDU_START TLV in the filter\nconfiguration. This TLV is received from the monitor destination ring, and\nkzalloc for the mon_mpdu object occurs, which is not freed, leading to a\nmemory leak. The kzalloc for the mon_mpdu object is only required while\nenabling the standalone monitor interface. This causes a memory leak while\nenabling extended statistics mode in the driver.\n\nFix this memory leak by removing the kzalloc for the mon_mpdu object in\nthe HAL_RX_MPDU_START TLV handling. Additionally, remove the standalone\nmonitor mode handlings in the HAL_MON_BUF_ADDR and HAL_RX_MSDU_END TLVs.\nThese TLV tags will be handled properly when enabling standalone monitor\nmode in the future.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37743",
"url": "https://www.suse.com/security/cve/CVE-2025-37743"
},
{
"category": "external",
"summary": "SUSE Bug 1242163 for CVE-2025-37743",
"url": "https://bugzilla.suse.com/1242163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37743"
},
{
"cve": "CVE-2025-37747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37747",
"url": "https://www.suse.com/security/cve/CVE-2025-37747"
},
{
"category": "external",
"summary": "SUSE Bug 1242520 for CVE-2025-37747",
"url": "https://bugzilla.suse.com/1242520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37747"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "important"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/huc: Fix fence not released on early probe errors\n\nHuC delayed loading fence, introduced with commit 27536e03271da\n(\"drm/i915/huc: track delayed HuC load with a fence\"), is registered with\nobject tracker early on driver probe but unregistered only from driver\nremove, which is not called on early probe errors. Since its memory is\nallocated under devres, then released anyway, it may happen to be\nallocated again to the fence and reused on future driver probes, resulting\nin kernel warnings that taint the kernel:\n\n\u003c4\u003e [309.731371] ------------[ cut here ]------------\n\u003c3\u003e [309.731373] ODEBUG: init destroyed (active state 0) object: ffff88813d7dd2e0 object type: i915_sw_fence hint: sw_fence_dummy_notify+0x0/0x20 [i915]\n\u003c4\u003e [309.731575] WARNING: CPU: 2 PID: 3161 at lib/debugobjects.c:612 debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731693] CPU: 2 UID: 0 PID: 3161 Comm: i915_module_loa Tainted: G U 6.14.0-CI_DRM_16362-gf0fd77956987+ #1\n...\n\u003c4\u003e [309.731700] RIP: 0010:debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731728] Call Trace:\n\u003c4\u003e [309.731730] \u003cTASK\u003e\n...\n\u003c4\u003e [309.731949] __debug_object_init+0x17b/0x1c0\n\u003c4\u003e [309.731957] debug_object_init+0x34/0x50\n\u003c4\u003e [309.732126] __i915_sw_fence_init+0x34/0x60 [i915]\n\u003c4\u003e [309.732256] intel_huc_init_early+0x4b/0x1d0 [i915]\n\u003c4\u003e [309.732468] intel_uc_init_early+0x61/0x680 [i915]\n\u003c4\u003e [309.732667] intel_gt_common_init_early+0x105/0x130 [i915]\n\u003c4\u003e [309.732804] intel_root_gt_init_early+0x63/0x80 [i915]\n\u003c4\u003e [309.732938] i915_driver_probe+0x1fa/0xeb0 [i915]\n\u003c4\u003e [309.733075] i915_pci_probe+0xe6/0x220 [i915]\n\u003c4\u003e [309.733198] local_pci_probe+0x44/0xb0\n\u003c4\u003e [309.733203] pci_device_probe+0xf4/0x270\n\u003c4\u003e [309.733209] really_probe+0xee/0x3c0\n\u003c4\u003e [309.733215] __driver_probe_device+0x8c/0x180\n\u003c4\u003e [309.733219] driver_probe_device+0x24/0xd0\n\u003c4\u003e [309.733223] __driver_attach+0x10f/0x220\n\u003c4\u003e [309.733230] bus_for_each_dev+0x7d/0xe0\n\u003c4\u003e [309.733236] driver_attach+0x1e/0x30\n\u003c4\u003e [309.733239] bus_add_driver+0x151/0x290\n\u003c4\u003e [309.733244] driver_register+0x5e/0x130\n\u003c4\u003e [309.733247] __pci_register_driver+0x7d/0x90\n\u003c4\u003e [309.733251] i915_pci_register_driver+0x23/0x30 [i915]\n\u003c4\u003e [309.733413] i915_init+0x34/0x120 [i915]\n\u003c4\u003e [309.733655] do_one_initcall+0x62/0x3f0\n\u003c4\u003e [309.733667] do_init_module+0x97/0x2a0\n\u003c4\u003e [309.733671] load_module+0x25ff/0x2890\n\u003c4\u003e [309.733688] init_module_from_file+0x97/0xe0\n\u003c4\u003e [309.733701] idempotent_init_module+0x118/0x330\n\u003c4\u003e [309.733711] __x64_sys_finit_module+0x77/0x100\n\u003c4\u003e [309.733715] x64_sys_call+0x1f37/0x2650\n\u003c4\u003e [309.733719] do_syscall_64+0x91/0x180\n\u003c4\u003e [309.733763] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\u003c4\u003e [309.733792] \u003c/TASK\u003e\n...\n\u003c4\u003e [309.733806] ---[ end trace 0000000000000000 ]---\n\nThat scenario is most easily reproducible with\nigt@i915_module_load@reload-with-fault-injection.\n\nFix the issue by moving the cleanup step to driver release path.\n\n(cherry picked from commit 795dbde92fe5c6996a02a5b579481de73035e7bf)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37754",
"url": "https://www.suse.com/security/cve/CVE-2025-37754"
},
{
"category": "external",
"summary": "SUSE Bug 1242524 for CVE-2025-37754",
"url": "https://bugzilla.suse.com/1242524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37754"
},
{
"cve": "CVE-2025-37756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tls: explicitly disallow disconnect\n\nsyzbot discovered that it can disconnect a TLS socket and then\nrun into all sort of unexpected corner cases. I have a vague\nrecollection of Eric pointing this out to us a long time ago.\nSupporting disconnect is really hard, for one thing if offload\nis enabled we\u0027d need to wait for all packets to be _acked_.\nDisconnect is not commonly used, disallow it.\n\nThe immediate problem syzbot run into is the warning in the strp,\nbut that\u0027s just the easiest bug to trigger:\n\n WARNING: CPU: 0 PID: 5834 at net/tls/tls_strp.c:486 tls_strp_msg_load+0x72e/0xa80 net/tls/tls_strp.c:486\n RIP: 0010:tls_strp_msg_load+0x72e/0xa80 net/tls/tls_strp.c:486\n Call Trace:\n \u003cTASK\u003e\n tls_rx_rec_wait+0x280/0xa60 net/tls/tls_sw.c:1363\n tls_sw_recvmsg+0x85c/0x1c30 net/tls/tls_sw.c:2043\n inet6_recvmsg+0x2c9/0x730 net/ipv6/af_inet6.c:678\n sock_recvmsg_nosec net/socket.c:1023 [inline]\n sock_recvmsg+0x109/0x280 net/socket.c:1045\n __sys_recvfrom+0x202/0x380 net/socket.c:2237",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37756",
"url": "https://www.suse.com/security/cve/CVE-2025-37756"
},
{
"category": "external",
"summary": "SUSE Bug 1242515 for CVE-2025-37756",
"url": "https://bugzilla.suse.com/1242515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37756"
},
{
"cve": "CVE-2025-37757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37757"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix memory leak in tipc_link_xmit\n\nIn case the backlog transmit queue for system-importance messages is overloaded,\ntipc_link_xmit() returns -ENOBUFS but the skb list is not purged. This leads to\nmemory leak and failure when a skb is allocated.\n\nThis commit fixes this issue by purging the skb list before tipc_link_xmit()\nreturns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37757",
"url": "https://www.suse.com/security/cve/CVE-2025-37757"
},
{
"category": "external",
"summary": "SUSE Bug 1242521 for CVE-2025-37757",
"url": "https://bugzilla.suse.com/1242521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37757"
},
{
"cve": "CVE-2025-37758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()\n\ndevm_ioremap() returns NULL on error. Currently, pxa_ata_probe() does\nnot check for this case, which can result in a NULL pointer dereference.\n\nAdd NULL check after devm_ioremap() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37758",
"url": "https://www.suse.com/security/cve/CVE-2025-37758"
},
{
"category": "external",
"summary": "SUSE Bug 1242514 for CVE-2025-37758",
"url": "https://bugzilla.suse.com/1242514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37758"
},
{
"cve": "CVE-2025-37761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Fix an out-of-bounds shift when invalidating TLB\n\nWhen the size of the range invalidated is larger than\nrounddown_pow_of_two(ULONG_MAX),\nThe function macro roundup_pow_of_two(length) will hit an out-of-bounds\nshift [1].\n\nUse a full TLB invalidation for such cases.\nv2:\n- Use a define for the range size limit over which we use a full\n TLB invalidation. (Lucas)\n- Use a better calculation of the limit.\n\n[1]:\n[ 39.202421] ------------[ cut here ]------------\n[ 39.202657] UBSAN: shift-out-of-bounds in ./include/linux/log2.h:57:13\n[ 39.202673] shift exponent 64 is too large for 64-bit type \u0027long unsigned int\u0027\n[ 39.202688] CPU: 8 UID: 0 PID: 3129 Comm: xe_exec_system_ Tainted: G U 6.14.0+ #10\n[ 39.202690] Tainted: [U]=USER\n[ 39.202690] Hardware name: ASUS System Product Name/PRIME B560M-A AC, BIOS 2001 02/01/2023\n[ 39.202691] Call Trace:\n[ 39.202692] \u003cTASK\u003e\n[ 39.202695] dump_stack_lvl+0x6e/0xa0\n[ 39.202699] ubsan_epilogue+0x5/0x30\n[ 39.202701] __ubsan_handle_shift_out_of_bounds.cold+0x61/0xe6\n[ 39.202705] xe_gt_tlb_invalidation_range.cold+0x1d/0x3a [xe]\n[ 39.202800] ? find_held_lock+0x2b/0x80\n[ 39.202803] ? mark_held_locks+0x40/0x70\n[ 39.202806] xe_svm_invalidate+0x459/0x700 [xe]\n[ 39.202897] drm_gpusvm_notifier_invalidate+0x4d/0x70 [drm_gpusvm]\n[ 39.202900] __mmu_notifier_release+0x1f5/0x270\n[ 39.202905] exit_mmap+0x40e/0x450\n[ 39.202912] __mmput+0x45/0x110\n[ 39.202914] exit_mm+0xc5/0x130\n[ 39.202916] do_exit+0x21c/0x500\n[ 39.202918] ? lockdep_hardirqs_on_prepare+0xdb/0x190\n[ 39.202920] do_group_exit+0x36/0xa0\n[ 39.202922] get_signal+0x8f8/0x900\n[ 39.202926] arch_do_signal_or_restart+0x35/0x100\n[ 39.202930] syscall_exit_to_user_mode+0x1fc/0x290\n[ 39.202932] do_syscall_64+0xa1/0x180\n[ 39.202934] ? do_user_addr_fault+0x59f/0x8a0\n[ 39.202937] ? lock_release+0xd2/0x2a0\n[ 39.202939] ? do_user_addr_fault+0x5a9/0x8a0\n[ 39.202942] ? trace_hardirqs_off+0x4b/0xc0\n[ 39.202944] ? clear_bhb_loop+0x25/0x80\n[ 39.202946] ? clear_bhb_loop+0x25/0x80\n[ 39.202947] ? clear_bhb_loop+0x25/0x80\n[ 39.202950] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 39.202952] RIP: 0033:0x7fa945e543e1\n[ 39.202961] Code: Unable to access opcode bytes at 0x7fa945e543b7.\n[ 39.202962] RSP: 002b:00007ffca8fb4170 EFLAGS: 00000293\n[ 39.202963] RAX: 000000000000003d RBX: 0000000000000000 RCX: 00007fa945e543e3\n[ 39.202964] RDX: 0000000000000000 RSI: 00007ffca8fb41ac RDI: 00000000ffffffff\n[ 39.202964] RBP: 00007ffca8fb4190 R08: 0000000000000000 R09: 00007fa945f600a0\n[ 39.202965] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000\n[ 39.202966] R13: 00007fa9460dd310 R14: 00007ffca8fb41ac R15: 0000000000000000\n[ 39.202970] \u003c/TASK\u003e\n[ 39.202970] ---[ end trace ]---\n\n(cherry picked from commit b88f48f86500bc0b44b4f73ac66d500a40d320ad)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37761",
"url": "https://www.suse.com/security/cve/CVE-2025-37761"
},
{
"category": "external",
"summary": "SUSE Bug 1242724 for CVE-2025-37761",
"url": "https://bugzilla.suse.com/1242724"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37761"
},
{
"cve": "CVE-2025-37763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: take paired job reference\n\nFor paired jobs, have the fragment job take a reference on the\ngeometry job, so that the geometry job cannot be freed until\nthe fragment job has finished with it.\n\nThe geometry job structure is accessed when the fragment job is being\nprepared by the GPU scheduler. Taking the reference prevents the\ngeometry job being freed until the fragment job no longer requires it.\n\nFixes a use after free bug detected by KASAN:\n\n[ 124.256386] BUG: KASAN: slab-use-after-free in pvr_queue_prepare_job+0x108/0x868 [powervr]\n[ 124.264893] Read of size 1 at addr ffff0000084cb960 by task kworker/u16:4/63",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37763",
"url": "https://www.suse.com/security/cve/CVE-2025-37763"
},
{
"category": "external",
"summary": "SUSE Bug 1242508 for CVE-2025-37763",
"url": "https://bugzilla.suse.com/1242508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37763"
},
{
"cve": "CVE-2025-37764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: fix firmware memory leaks\n\nFree the memory used to hold the results of firmware image processing\nwhen the module is unloaded.\n\nFix the related issue of the same memory being leaked if processing\nof the firmware image fails during module load.\n\nEnsure all firmware GEM objects are destroyed if firmware image\nprocessing fails.\n\nFixes memory leaks on powervr module unload detected by Kmemleak:\n\nunreferenced object 0xffff000042e20000 (size 94208):\n comm \"modprobe\", pid 470, jiffies 4295277154\n hex dump (first 32 bytes):\n 02 ae 7f ed bf 45 84 00 3c 5b 1f ed 9f 45 45 05 .....E..\u003c[...EE.\n d5 4f 5d 14 6c 00 3d 23 30 d0 3a 4a 66 0e 48 c8 .O].l.=#0.:Jf.H.\n backtrace (crc dd329dec):\n kmemleak_alloc+0x30/0x40\n ___kmalloc_large_node+0x140/0x188\n __kmalloc_large_node_noprof+0x2c/0x13c\n __kmalloc_noprof+0x48/0x4c0\n pvr_fw_init+0xaa4/0x1f50 [powervr]\n\nunreferenced object 0xffff000042d20000 (size 20480):\n comm \"modprobe\", pid 470, jiffies 4295277154\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 09 00 00 00 0b 00 00 00 ................\n 00 00 00 00 00 00 00 00 07 00 00 00 08 00 00 00 ................\n backtrace (crc 395b02e3):\n kmemleak_alloc+0x30/0x40\n ___kmalloc_large_node+0x140/0x188\n __kmalloc_large_node_noprof+0x2c/0x13c\n __kmalloc_noprof+0x48/0x4c0\n pvr_fw_init+0xb0c/0x1f50 [powervr]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37764",
"url": "https://www.suse.com/security/cve/CVE-2025-37764"
},
{
"category": "external",
"summary": "SUSE Bug 1242577 for CVE-2025-37764",
"url": "https://bugzilla.suse.com/1242577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37764"
},
{
"cve": "CVE-2025-37765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: prime: fix ttm_bo_delayed_delete oops\n\nFix an oops in ttm_bo_delayed_delete which results from dererencing a\ndangling pointer:\n\nOops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [#1] PREEMPT SMP\nCPU: 4 UID: 0 PID: 1082 Comm: kworker/u65:2 Not tainted 6.14.0-rc4-00267-g505460b44513-dirty #216\nHardware name: LENOVO 82N6/LNVNB161216, BIOS GKCN65WW 01/16/2024\nWorkqueue: ttm ttm_bo_delayed_delete [ttm]\nRIP: 0010:dma_resv_iter_first_unlocked+0x55/0x290\nCode: 31 f6 48 c7 c7 00 2b fa aa e8 97 bd 52 ff e8 a2 c1 53 00 5a 85 c0 74 48 e9 88 01 00 00 4c 89 63 20 4d 85 e4 0f 84 30 01 00 00 \u003c41\u003e 8b 44 24 10 c6 43 2c 01 48 89 df 89 43 28 e8 97 fd ff ff 4c 8b\nRSP: 0018:ffffbf9383473d60 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: ffffbf9383473d88 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffbf9383473d78 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 6b6b6b6b6b6b6b6b\nR13: ffffa003bbf78580 R14: ffffa003a6728040 R15: 00000000000383cc\nFS: 0000000000000000(0000) GS:ffffa00991c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000758348024dd0 CR3: 000000012c259000 CR4: 0000000000f50ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x26\n ? die_addr+0x3d/0x70\n ? exc_general_protection+0x159/0x460\n ? asm_exc_general_protection+0x27/0x30\n ? dma_resv_iter_first_unlocked+0x55/0x290\n dma_resv_wait_timeout+0x56/0x100\n ttm_bo_delayed_delete+0x69/0xb0 [ttm]\n process_one_work+0x217/0x5c0\n worker_thread+0x1c8/0x3d0\n ? apply_wqattrs_cleanup.part.0+0xc0/0xc0\n kthread+0x10b/0x240\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork+0x40/0x70\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThe cause of this is:\n\n- drm_prime_gem_destroy calls dma_buf_put(dma_buf) which releases the\n reference to the shared dma_buf. The reference count is 0, so the\n dma_buf is destroyed, which in turn decrements the corresponding\n amdgpu_bo reference count to 0, and the amdgpu_bo is destroyed -\n calling drm_gem_object_release then dma_resv_fini (which destroys the\n reservation object), then finally freeing the amdgpu_bo.\n\n- nouveau_bo obj-\u003ebo.base.resv is now a dangling pointer to the memory\n formerly allocated to the amdgpu_bo.\n\n- nouveau_gem_object_del calls ttm_bo_put(\u0026nvbo-\u003ebo) which calls\n ttm_bo_release, which schedules ttm_bo_delayed_delete.\n\n- ttm_bo_delayed_delete runs and dereferences the dangling resv pointer,\n resulting in a general protection fault.\n\nFix this by moving the drm_prime_gem_destroy call from\nnouveau_gem_object_del to nouveau_bo_del_ttm. This ensures that it will\nbe run after ttm_bo_delayed_delete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37765",
"url": "https://www.suse.com/security/cve/CVE-2025-37765"
},
{
"category": "external",
"summary": "SUSE Bug 1242761 for CVE-2025-37765",
"url": "https://bugzilla.suse.com/1242761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37765"
},
{
"cve": "CVE-2025-37766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37766",
"url": "https://www.suse.com/security/cve/CVE-2025-37766"
},
{
"category": "external",
"summary": "SUSE Bug 1242785 for CVE-2025-37766",
"url": "https://bugzilla.suse.com/1242785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37766"
},
{
"cve": "CVE-2025-37767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37767",
"url": "https://www.suse.com/security/cve/CVE-2025-37767"
},
{
"category": "external",
"summary": "SUSE Bug 1242501 for CVE-2025-37767",
"url": "https://bugzilla.suse.com/1242501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37767"
},
{
"cve": "CVE-2025-37768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37768",
"url": "https://www.suse.com/security/cve/CVE-2025-37768"
},
{
"category": "external",
"summary": "SUSE Bug 1242567 for CVE-2025-37768",
"url": "https://bugzilla.suse.com/1242567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37768"
},
{
"cve": "CVE-2025-37769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm/smu11: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n(cherry picked from commit da7dc714a8f8e1c9fc33c57cd63583779a3bef71)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37769",
"url": "https://www.suse.com/security/cve/CVE-2025-37769"
},
{
"category": "external",
"summary": "SUSE Bug 1242587 for CVE-2025-37769",
"url": "https://bugzilla.suse.com/1242587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37769"
},
{
"cve": "CVE-2025-37770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37770",
"url": "https://www.suse.com/security/cve/CVE-2025-37770"
},
{
"category": "external",
"summary": "SUSE Bug 1242764 for CVE-2025-37770",
"url": "https://bugzilla.suse.com/1242764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37770"
},
{
"cve": "CVE-2025-37771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37771",
"url": "https://www.suse.com/security/cve/CVE-2025-37771"
},
{
"category": "external",
"summary": "SUSE Bug 1242781 for CVE-2025-37771",
"url": "https://bugzilla.suse.com/1242781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37771"
},
{
"cve": "CVE-2025-37772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix workqueue crash in cma_netevent_work_handler\n\nstruct rdma_cm_id has member \"struct work_struct net_work\"\nthat is reused for enqueuing cma_netevent_work_handler()s\nonto cma_wq.\n\nBelow crash[1] can occur if more than one call to\ncma_netevent_callback() occurs in quick succession,\nwhich further enqueues cma_netevent_work_handler()s for the\nsame rdma_cm_id, overwriting any previously queued work-item(s)\nthat was just scheduled to run i.e. there is no guarantee\nthe queued work item may run between two successive calls\nto cma_netevent_callback() and the 2nd INIT_WORK would overwrite\nthe 1st work item (for the same rdma_cm_id), despite grabbing\nid_table_lock during enqueue.\n\nAlso drgn analysis [2] indicates the work item was likely overwritten.\n\nFix this by moving the INIT_WORK() to __rdma_create_id(),\nso that it doesn\u0027t race with any existing queue_work() or\nits worker thread.\n\n[1] Trimmed crash stack:\n=============================================\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nkworker/u256:6 ... 6.12.0-0...\nWorkqueue: cma_netevent_work_handler [rdma_cm] (rdma_cm)\nRIP: 0010:process_one_work+0xba/0x31a\nCall Trace:\n worker_thread+0x266/0x3a0\n kthread+0xcf/0x100\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x1a/0x30\n=============================================\n\n[2] drgn crash analysis:\n\n\u003e\u003e\u003e trace = prog.crashed_thread().stack_trace()\n\u003e\u003e\u003e trace\n(0) crash_setup_regs (./arch/x86/include/asm/kexec.h:111:15)\n(1) __crash_kexec (kernel/crash_core.c:122:4)\n(2) panic (kernel/panic.c:399:3)\n(3) oops_end (arch/x86/kernel/dumpstack.c:382:3)\n...\n(8) process_one_work (kernel/workqueue.c:3168:2)\n(9) process_scheduled_works (kernel/workqueue.c:3310:3)\n(10) worker_thread (kernel/workqueue.c:3391:4)\n(11) kthread (kernel/kthread.c:389:9)\n\nLine workqueue.c:3168 for this kernel version is in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n\n\u003e\u003e\u003e trace[8][\"work\"]\n*(struct work_struct *)0xffff92577d0a21d8 = {\n\t.data = (atomic_long_t){\n\t\t.counter = (s64)536870912, \u003c=== Note\n\t},\n\t.entry = (struct list_head){\n\t\t.next = (struct list_head *)0xffff924d075924c0,\n\t\t.prev = (struct list_head *)0xffff924d075924c0,\n\t},\n\t.func = (work_func_t)cma_netevent_work_handler+0x0 = 0xffffffffc2cec280,\n}\n\nSuspicion is that pwq is NULL:\n\u003e\u003e\u003e trace[8][\"pwq\"]\n(struct pool_workqueue *)\u003cabsent\u003e\n\nIn process_one_work(), pwq is assigned from:\nstruct pool_workqueue *pwq = get_work_pwq(work);\n\nand get_work_pwq() is:\nstatic struct pool_workqueue *get_work_pwq(struct work_struct *work)\n{\n \tunsigned long data = atomic_long_read(\u0026work-\u003edata);\n\n \tif (data \u0026 WORK_STRUCT_PWQ)\n \t\treturn work_struct_pwq(data);\n \telse\n \t\treturn NULL;\n}\n\nWORK_STRUCT_PWQ is 0x4:\n\u003e\u003e\u003e print(repr(prog[\u0027WORK_STRUCT_PWQ\u0027]))\nObject(prog, \u0027enum work_flags\u0027, value=4)\n\nBut work-\u003edata is 536870912 which is 0x20000000.\nSo, get_work_pwq() returns NULL and we crash in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n=============================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37772",
"url": "https://www.suse.com/security/cve/CVE-2025-37772"
},
{
"category": "external",
"summary": "SUSE Bug 1242563 for CVE-2025-37772",
"url": "https://bugzilla.suse.com/1242563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37772"
},
{
"cve": "CVE-2025-37781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: cros-ec-tunnel: defer probe if parent EC is not present\n\nWhen i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent\ndevice will not be found, leading to NULL pointer dereference.\n\nThat can also be reproduced by unbinding the controller driver and then\nloading i2c-cros-ec-tunnel module (or binding the device).\n\n[ 271.991245] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 271.998215] #PF: supervisor read access in kernel mode\n[ 272.003351] #PF: error_code(0x0000) - not-present page\n[ 272.008485] PGD 0 P4D 0\n[ 272.011022] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 272.015207] CPU: 0 UID: 0 PID: 3859 Comm: insmod Tainted: G S 6.15.0-rc1-00004-g44722359ed83 #30 PREEMPT(full) 3c7fb39a552e7d949de2ad921a7d6588d3a4fdc5\n[ 272.030312] Tainted: [S]=CPU_OUT_OF_SPEC\n[ 272.034233] Hardware name: HP Berknip/Berknip, BIOS Google_Berknip.13434.356.0 05/17/2021\n[ 272.042400] RIP: 0010:ec_i2c_probe+0x2b/0x1c0 [i2c_cros_ec_tunnel]\n[ 272.048577] Code: 1f 44 00 00 41 57 41 56 41 55 41 54 53 48 83 ec 10 65 48 8b 05 06 a0 6c e7 48 89 44 24 08 4c 8d 7f 10 48 8b 47 50 4c 8b 60 78 \u003c49\u003e 83 7c 24 58 00 0f 84 2f 01 00 00 48 89 fb be 30 06 00 00 4c 9\n[ 272.067317] RSP: 0018:ffffa32082a03940 EFLAGS: 00010282\n[ 272.072541] RAX: ffff969580b6a810 RBX: ffff969580b68c10 RCX: 0000000000000000\n[ 272.079672] RDX: 0000000000000000 RSI: 0000000000000282 RDI: ffff969580b68c00\n[ 272.086804] RBP: 00000000fffffdfb R08: 0000000000000000 R09: 0000000000000000\n[ 272.093936] R10: 0000000000000000 R11: ffffffffc0600000 R12: 0000000000000000\n[ 272.101067] R13: ffffffffa666fbb8 R14: ffffffffc05b5528 R15: ffff969580b68c10\n[ 272.108198] FS: 00007b930906fc40(0000) GS:ffff969603149000(0000) knlGS:0000000000000000\n[ 272.116282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 272.122024] CR2: 0000000000000058 CR3: 000000012631c000 CR4: 00000000003506f0\n[ 272.129155] Call Trace:\n[ 272.131606] \u003cTASK\u003e\n[ 272.133709] ? acpi_dev_pm_attach+0xdd/0x110\n[ 272.137985] platform_probe+0x69/0xa0\n[ 272.141652] really_probe+0x152/0x310\n[ 272.145318] __driver_probe_device+0x77/0x110\n[ 272.149678] driver_probe_device+0x1e/0x190\n[ 272.153864] __driver_attach+0x10b/0x1e0\n[ 272.157790] ? driver_attach+0x20/0x20\n[ 272.161542] bus_for_each_dev+0x107/0x150\n[ 272.165553] bus_add_driver+0x15d/0x270\n[ 272.169392] driver_register+0x65/0x110\n[ 272.173232] ? cleanup_module+0xa80/0xa80 [i2c_cros_ec_tunnel 3a00532f3f4af4a9eade753f86b0f8dd4e4e5698]\n[ 272.182617] do_one_initcall+0x110/0x350\n[ 272.186543] ? security_kernfs_init_security+0x49/0xd0\n[ 272.191682] ? __kernfs_new_node+0x1b9/0x240\n[ 272.195954] ? security_kernfs_init_security+0x49/0xd0\n[ 272.201093] ? __kernfs_new_node+0x1b9/0x240\n[ 272.205365] ? kernfs_link_sibling+0x105/0x130\n[ 272.209810] ? kernfs_next_descendant_post+0x1c/0xa0\n[ 272.214773] ? kernfs_activate+0x57/0x70\n[ 272.218699] ? kernfs_add_one+0x118/0x160\n[ 272.222710] ? __kernfs_create_file+0x71/0xa0\n[ 272.227069] ? sysfs_add_bin_file_mode_ns+0xd6/0x110\n[ 272.232033] ? internal_create_group+0x453/0x4a0\n[ 272.236651] ? __vunmap_range_noflush+0x214/0x2d0\n[ 272.241355] ? __free_frozen_pages+0x1dc/0x420\n[ 272.245799] ? free_vmap_area_noflush+0x10a/0x1c0\n[ 272.250505] ? load_module+0x1509/0x16f0\n[ 272.254431] do_init_module+0x60/0x230\n[ 272.258181] __se_sys_finit_module+0x27a/0x370\n[ 272.262627] do_syscall_64+0x6a/0xf0\n[ 272.266206] ? do_syscall_64+0x76/0xf0\n[ 272.269956] ? irqentry_exit_to_user_mode+0x79/0x90\n[ 272.274836] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n[ 272.279887] RIP: 0033:0x7b9309168d39\n[ 272.283466] Code: 5b 41 5c 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d af 40 0c 00 f7 d8 64 89 01 8\n[ 272.302210] RSP: 002b:00007fff50f1a288 EFLAGS: 00000246 ORIG_RAX: 000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37781",
"url": "https://www.suse.com/security/cve/CVE-2025-37781"
},
{
"category": "external",
"summary": "SUSE Bug 1242575 for CVE-2025-37781",
"url": "https://bugzilla.suse.com/1242575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37781"
},
{
"cve": "CVE-2025-37782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37782"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37782",
"url": "https://www.suse.com/security/cve/CVE-2025-37782"
},
{
"category": "external",
"summary": "SUSE Bug 1242770 for CVE-2025-37782",
"url": "https://bugzilla.suse.com/1242770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37782"
},
{
"cve": "CVE-2025-37786",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37786"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: free routing table on probe failure\n\nIf complete = true in dsa_tree_setup(), it means that we are the last\nswitch of the tree which is successfully probing, and we should be\nsetting up all switches from our probe path.\n\nAfter \"complete\" becomes true, dsa_tree_setup_cpu_ports() or any\nsubsequent function may fail. If that happens, the entire tree setup is\nin limbo: the first N-1 switches have successfully finished probing\n(doing nothing but having allocated persistent memory in the tree\u0027s\ndst-\u003eports, and maybe dst-\u003ertable), and switch N failed to probe, ending\nthe tree setup process before anything is tangible from the user\u0027s PoV.\n\nIf switch N fails to probe, its memory (ports) will be freed and removed\nfrom dst-\u003eports. However, the dst-\u003ertable elements pointing to its ports,\nas created by dsa_link_touch(), will remain there, and will lead to\nuse-after-free if dereferenced.\n\nIf dsa_tree_setup_switches() returns -EPROBE_DEFER, which is entirely\npossible because that is where ds-\u003eops-\u003esetup() is, we get a kasan\nreport like this:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mv88e6xxx_setup_upstream_port+0x240/0x568\nRead of size 8 at addr ffff000004f56020 by task kworker/u8:3/42\n\nCall trace:\n __asan_report_load8_noabort+0x20/0x30\n mv88e6xxx_setup_upstream_port+0x240/0x568\n mv88e6xxx_setup+0xebc/0x1eb0\n dsa_register_switch+0x1af4/0x2ae0\n mv88e6xxx_register_switch+0x1b8/0x2a8\n mv88e6xxx_probe+0xc4c/0xf60\n mdio_probe+0x78/0xb8\n really_probe+0x2b8/0x5a8\n __driver_probe_device+0x164/0x298\n driver_probe_device+0x78/0x258\n __device_attach_driver+0x274/0x350\n\nAllocated by task 42:\n __kasan_kmalloc+0x84/0xa0\n __kmalloc_cache_noprof+0x298/0x490\n dsa_switch_touch_ports+0x174/0x3d8\n dsa_register_switch+0x800/0x2ae0\n mv88e6xxx_register_switch+0x1b8/0x2a8\n mv88e6xxx_probe+0xc4c/0xf60\n mdio_probe+0x78/0xb8\n really_probe+0x2b8/0x5a8\n __driver_probe_device+0x164/0x298\n driver_probe_device+0x78/0x258\n __device_attach_driver+0x274/0x350\n\nFreed by task 42:\n __kasan_slab_free+0x48/0x68\n kfree+0x138/0x418\n dsa_register_switch+0x2694/0x2ae0\n mv88e6xxx_register_switch+0x1b8/0x2a8\n mv88e6xxx_probe+0xc4c/0xf60\n mdio_probe+0x78/0xb8\n really_probe+0x2b8/0x5a8\n __driver_probe_device+0x164/0x298\n driver_probe_device+0x78/0x258\n __device_attach_driver+0x274/0x350\n\nThe simplest way to fix the bug is to delete the routing table in its\nentirety. dsa_tree_setup_routing_table() has no problem in regenerating\nit even if we deleted links between ports other than those of switch N,\nbecause dsa_link_touch() first checks whether the port pair already\nexists in dst-\u003ertable, allocating if not.\n\nThe deletion of the routing table in its entirety already exists in\ndsa_tree_teardown(), so refactor that into a function that can also be\ncalled from the tree setup error path.\n\nIn my analysis of the commit to blame, it is the one which added\ndsa_link elements to dst-\u003ertable. Prior to that, each switch had its own\nds-\u003ertable which is freed when the switch fails to probe. But the tree\nis potentially persistent memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37786",
"url": "https://www.suse.com/security/cve/CVE-2025-37786"
},
{
"category": "external",
"summary": "SUSE Bug 1242725 for CVE-2025-37786",
"url": "https://bugzilla.suse.com/1242725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37786"
},
{
"cve": "CVE-2025-37788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path\n\nIn the for loop used to allocate the loc_array and bmap for each port, a\nmemory leak is possible when the allocation for loc_array succeeds,\nbut the allocation for bmap fails. This is because when the control flow\ngoes to the label free_eth_finfo, only the allocations starting from\n(i-1)th iteration are freed.\n\nFix that by freeing the loc_array in the bmap allocation error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37788",
"url": "https://www.suse.com/security/cve/CVE-2025-37788"
},
{
"category": "external",
"summary": "SUSE Bug 1242766 for CVE-2025-37788",
"url": "https://bugzilla.suse.com/1242766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37788"
},
{
"cve": "CVE-2025-37791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll()\n\nrpl is passed as a pointer to ethtool_cmis_module_poll(), so the correct\nsize of rpl is sizeof(*rpl) which should be just 1 byte. Using the\npointer size instead can cause stack corruption:\n\nKernel panic - not syncing: stack-protector: Kernel stack is corrupted in: ethtool_cmis_wait_for_cond+0xf4/0x100\nCPU: 72 UID: 0 PID: 4440 Comm: kworker/72:2 Kdump: loaded Tainted: G OE 6.11.0 #24\nTainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\nHardware name: Dell Inc. PowerEdge R760/04GWWM, BIOS 1.6.6 09/20/2023\nWorkqueue: events module_flash_fw_work\nCall Trace:\n \u003cTASK\u003e\n panic+0x339/0x360\n ? ethtool_cmis_wait_for_cond+0xf4/0x100\n ? __pfx_status_success+0x10/0x10\n ? __pfx_status_fail+0x10/0x10\n __stack_chk_fail+0x10/0x10\n ethtool_cmis_wait_for_cond+0xf4/0x100\n ethtool_cmis_cdb_execute_cmd+0x1fc/0x330\n ? __pfx_status_fail+0x10/0x10\n cmis_cdb_module_features_get+0x6d/0xd0\n ethtool_cmis_cdb_init+0x8a/0xd0\n ethtool_cmis_fw_update+0x46/0x1d0\n module_flash_fw_work+0x17/0xa0\n process_one_work+0x179/0x390\n worker_thread+0x239/0x340\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xcc/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2d/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37791",
"url": "https://www.suse.com/security/cve/CVE-2025-37791"
},
{
"category": "external",
"summary": "SUSE Bug 1242729 for CVE-2025-37791",
"url": "https://bugzilla.suse.com/1242729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37791"
},
{
"cve": "CVE-2025-37792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: Prevent potential NULL dereference\n\nThe btrtl_initialize() function checks that rtl_load_file() either\nhad an error or it loaded a zero length file. However, if it loaded\na zero length file then the error code is not set correctly. It\nresults in an error pointer vs NULL bug, followed by a NULL pointer\ndereference. This was detected by Smatch:\n\ndrivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to \u0027ERR_PTR\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37792",
"url": "https://www.suse.com/security/cve/CVE-2025-37792"
},
{
"category": "external",
"summary": "SUSE Bug 1242591 for CVE-2025-37792",
"url": "https://bugzilla.suse.com/1242591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37792"
},
{
"cve": "CVE-2025-37793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\navs_component_probe() does not check for this case, which results in a\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37793",
"url": "https://www.suse.com/security/cve/CVE-2025-37793"
},
{
"category": "external",
"summary": "SUSE Bug 1242584 for CVE-2025-37793",
"url": "https://bugzilla.suse.com/1242584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37793"
},
{
"cve": "CVE-2025-37794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Purge vif txq in ieee80211_do_stop()\n\nAfter ieee80211_do_stop() SKB from vif\u0027s txq could still be processed.\nIndeed another concurrent vif schedule_and_wake_txq call could cause\nthose packets to be dequeued (see ieee80211_handle_wake_tx_queue())\nwithout checking the sdata current state.\n\nBecause vif.drv_priv is now cleared in this function, this could lead to\ndriver crash.\n\nFor example in ath12k, ahvif is store in vif.drv_priv. Thus if\nath12k_mac_op_tx() is called after ieee80211_do_stop(), ahvif-\u003eah can be\nNULL, leading the ath12k_warn(ahvif-\u003eah,...) call in this function to\ntrigger the NULL deref below.\n\n Unable to handle kernel paging request at virtual address dfffffc000000001\n KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n batman_adv: bat0: Interface deactivated: brbh1337\n Mem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n [dfffffc000000001] address between user and kernel address ranges\n Internal error: Oops: 0000000096000004 [#1] SMP\n CPU: 1 UID: 0 PID: 978 Comm: lbd Not tainted 6.13.0-g633f875b8f1e #114\n Hardware name: HW (DT)\n pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k]\n lr : ath12k_mac_op_tx+0x174/0x29b8 [ath12k]\n sp : ffffffc086ace450\n x29: ffffffc086ace450 x28: 0000000000000000 x27: 1ffffff810d59ca4\n x26: ffffff801d05f7c0 x25: 0000000000000000 x24: 000000004000001e\n x23: ffffff8009ce4926 x22: ffffff801f9c0800 x21: ffffff801d05f7f0\n x20: ffffff8034a19f40 x19: 0000000000000000 x18: ffffff801f9c0958\n x17: ffffff800bc0a504 x16: dfffffc000000000 x15: ffffffc086ace4f8\n x14: ffffff801d05f83c x13: 0000000000000000 x12: ffffffb003a0bf03\n x11: 0000000000000000 x10: ffffffb003a0bf02 x9 : ffffff8034a19f40\n x8 : ffffff801d05f818 x7 : 1ffffff0069433dc x6 : ffffff8034a19ee0\n x5 : ffffff801d05f7f0 x4 : 0000000000000000 x3 : 0000000000000001\n x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000008\n Call trace:\n ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k] (P)\n ieee80211_handle_wake_tx_queue+0x16c/0x260\n ieee80211_queue_skb+0xeec/0x1d20\n ieee80211_tx+0x200/0x2c8\n ieee80211_xmit+0x22c/0x338\n __ieee80211_subif_start_xmit+0x7e8/0xc60\n ieee80211_subif_start_xmit+0xc4/0xee0\n __ieee80211_subif_start_xmit_8023.isra.0+0x854/0x17a0\n ieee80211_subif_start_xmit_8023+0x124/0x488\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n br_dev_queue_push_xmit+0x120/0x4a8\n __br_forward+0xe4/0x2b0\n deliver_clone+0x5c/0xd0\n br_flood+0x398/0x580\n br_dev_xmit+0x454/0x9f8\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n ip6_finish_output2+0xc28/0x1b60\n __ip6_finish_output+0x38c/0x638\n ip6_output+0x1b4/0x338\n ip6_local_out+0x7c/0xa8\n ip6_send_skb+0x7c/0x1b0\n ip6_push_pending_frames+0x94/0xd0\n rawv6_sendmsg+0x1a98/0x2898\n inet_sendmsg+0x94/0xe0\n __sys_sendto+0x1e4/0x308\n __arm64_sys_sendto+0xc4/0x140\n do_el0_svc+0x110/0x280\n el0_svc+0x20/0x60\n el0t_64_sync_handler+0x104/0x138\n el0t_64_sync+0x154/0x158\n\nTo avoid that, empty vif\u0027s txq at ieee80211_do_stop() so no packet could\nbe dequeued after ieee80211_do_stop() (new packets cannot be queued\nbecause SDATA_STATE_RUNNING is cleared at this point).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37794",
"url": "https://www.suse.com/security/cve/CVE-2025-37794"
},
{
"category": "external",
"summary": "SUSE Bug 1242566 for CVE-2025-37794",
"url": "https://bugzilla.suse.com/1242566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37794"
},
{
"cve": "CVE-2025-37796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: at76c50x: fix use after free access in at76_disconnect\n\nThe memory pointed to by priv is freed at the end of at76_delete_device\nfunction (using ieee80211_free_hw). But the code then accesses the udev\nfield of the freed object to put the USB device. This may also lead to a\nmemory leak of the usb device. Fix this by using udev from interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37796",
"url": "https://www.suse.com/security/cve/CVE-2025-37796"
},
{
"category": "external",
"summary": "SUSE Bug 1242727 for CVE-2025-37796",
"url": "https://bugzilla.suse.com/1242727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37796"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix potential NULL pointer dereference in dev_uevent()\n\nIf userspace reads \"uevent\" device attribute at the same time as another\nthreads unbinds the device from its driver, change to dev-\u003edriver from a\nvalid pointer to NULL may result in crash. Fix this by using READ_ONCE()\nwhen fetching the pointer, and take bus\u0027 drivers klist lock to make sure\ndriver instance will not disappear while we access it.\n\nUse WRITE_ONCE() when setting the driver pointer to ensure there is no\ntearing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37800",
"url": "https://www.suse.com/security/cve/CVE-2025-37800"
},
{
"category": "external",
"summary": "SUSE Bug 1242849 for CVE-2025-37800",
"url": "https://bugzilla.suse.com/1242849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37800"
},
{
"cve": "CVE-2025-37801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37801"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-imx: Add check for spi_imx_setupxfer()\n\nAdd check for the return value of spi_imx_setupxfer().\nspi_imx-\u003erx and spi_imx-\u003etx function pointer can be NULL when\nspi_imx_setupxfer() return error, and make NULL pointer dereference.\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n Call trace:\n 0x0\n spi_imx_pio_transfer+0x50/0xd8\n spi_imx_transfer_one+0x18c/0x858\n spi_transfer_one_message+0x43c/0x790\n __spi_pump_transfer_message+0x238/0x5d4\n __spi_sync+0x2b0/0x454\n spi_write_then_read+0x11c/0x200",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37801",
"url": "https://www.suse.com/security/cve/CVE-2025-37801"
},
{
"category": "external",
"summary": "SUSE Bug 1242850 for CVE-2025-37801",
"url": "https://bugzilla.suse.com/1242850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37801"
},
{
"cve": "CVE-2025-37805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsound/virtio: Fix cancel_sync warnings on uninitialized work_structs\n\nBetty reported hitting the following warning:\n\n[ 8.709131][ T221] WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182\n...\n[ 8.713282][ T221] Call trace:\n[ 8.713365][ T221] __flush_work+0x8d0/0x914\n[ 8.713468][ T221] __cancel_work_sync+0xac/0xfc\n[ 8.713570][ T221] cancel_work_sync+0x24/0x34\n[ 8.713667][ T221] virtsnd_remove+0xa8/0xf8 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.713868][ T221] virtsnd_probe+0x48c/0x664 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.714035][ T221] virtio_dev_probe+0x28c/0x390\n[ 8.714139][ T221] really_probe+0x1bc/0x4c8\n...\n\nIt seems we\u0027re hitting the error path in virtsnd_probe(), which\ntriggers a virtsnd_remove() which iterates over the substreams\ncalling cancel_work_sync() on the elapsed_period work_struct.\n\nLooking at the code, from earlier in:\nvirtsnd_probe()-\u003evirtsnd_build_devs()-\u003evirtsnd_pcm_parse_cfg()\n\nWe set snd-\u003ensubstreams, allocate the snd-\u003esubstreams, and if\nwe then hit an error on the info allocation or something in\nvirtsnd_ctl_query_info() fails, we will exit without having\ninitialized the elapsed_period work_struct.\n\nWhen that error path unwinds we then call virtsnd_remove()\nwhich as long as the substreams array is allocated, will iterate\nthrough calling cancel_work_sync() on the uninitialized work\nstruct hitting this warning.\n\nTakashi Iwai suggested this fix, which initializes the substreams\nstructure right after allocation, so that if we hit the error\npaths we avoid trying to cleanup uninitialized data.\n\nNote: I have not yet managed to reproduce the issue myself, so\nthis patch has had limited testing.\n\nFeedback or thoughts would be appreciated!",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37805",
"url": "https://www.suse.com/security/cve/CVE-2025-37805"
},
{
"category": "external",
"summary": "SUSE Bug 1242930 for CVE-2025-37805",
"url": "https://bugzilla.suse.com/1242930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37805"
},
{
"cve": "CVE-2025-37810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: check that event count does not exceed event buffer length\n\nThe event count is read from register DWC3_GEVNTCOUNT.\nThere is a check for the count being zero, but not for exceeding the\nevent buffer length.\nCheck that event count does not exceed event buffer length,\navoiding an out-of-bounds access when memcpy\u0027ing the event.\nCrash log:\nUnable to handle kernel paging request at virtual address ffffffc0129be000\npc : __memcpy+0x114/0x180\nlr : dwc3_check_event_buf+0xec/0x348\nx3 : 0000000000000030 x2 : 000000000000dfc4\nx1 : ffffffc0129be000 x0 : ffffff87aad60080\nCall trace:\n__memcpy+0x114/0x180\ndwc3_interrupt+0x24/0x34",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37810",
"url": "https://www.suse.com/security/cve/CVE-2025-37810"
},
{
"category": "external",
"summary": "SUSE Bug 1242906 for CVE-2025-37810",
"url": "https://bugzilla.suse.com/1242906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37810"
},
{
"cve": "CVE-2025-37811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: chipidea: ci_hdrc_imx: fix usbmisc handling\n\nusbmisc is an optional device property so it is totally valid for the\ncorresponding data-\u003eusbmisc_data to have a NULL value.\n\nCheck that before dereferencing the pointer.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37811",
"url": "https://www.suse.com/security/cve/CVE-2025-37811"
},
{
"category": "external",
"summary": "SUSE Bug 1242907 for CVE-2025-37811",
"url": "https://bugzilla.suse.com/1242907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37811"
},
{
"cve": "CVE-2025-37812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: Fix deadlock when using NCM gadget\n\nThe cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit\n58f2fcb3a845 (\"usb: cdnsp: Fix deadlock issue during using NCM gadget\").\n\nUnder PREEMPT_RT the deadlock can be readily triggered by heavy network\ntraffic, for example using \"iperf --bidir\" over NCM ethernet link.\n\nThe deadlock occurs because the threaded interrupt handler gets\npreempted by a softirq, but both are protected by the same spinlock.\nPrevent deadlock by disabling softirq during threaded irq handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37812",
"url": "https://www.suse.com/security/cve/CVE-2025-37812"
},
{
"category": "external",
"summary": "SUSE Bug 1242908 for CVE-2025-37812",
"url": "https://bugzilla.suse.com/1242908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37812"
},
{
"cve": "CVE-2025-37813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix invalid pointer dereference in Etron workaround\n\nThis check is performed before prepare_transfer() and prepare_ring(), so\nenqueue can already point at the final link TRB of a segment. And indeed\nit will, some 0.4% of times this code is called.\n\nThen enqueue + 1 is an invalid pointer. It will crash the kernel right\naway or load some junk which may look like a link TRB and cause the real\nlink TRB to be replaced with a NOOP. This wouldn\u0027t end well.\n\nUse a functionally equivalent test which doesn\u0027t dereference the pointer\nand always gives correct result.\n\nSomething has crashed my machine twice in recent days while playing with\nan Etron HC, and a control transfer stress test ran for confirmation has\njust crashed it again. The same test passes with this patch applied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37813",
"url": "https://www.suse.com/security/cve/CVE-2025-37813"
},
{
"category": "external",
"summary": "SUSE Bug 1242909 for CVE-2025-37813",
"url": "https://bugzilla.suse.com/1242909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37813"
},
{
"cve": "CVE-2025-37814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: Require CAP_SYS_ADMIN for all usages of TIOCL_SELMOUSEREPORT\n\nThis requirement was overeagerly loosened in commit 2f83e38a095f\n(\"tty: Permit some TIOCL_SETSEL modes without CAP_SYS_ADMIN\"), but as\nit turns out,\n\n (1) the logic I implemented there was inconsistent (apologies!),\n\n (2) TIOCL_SELMOUSEREPORT might actually be a small security risk\n after all, and\n\n (3) TIOCL_SELMOUSEREPORT is only meant to be used by the mouse\n daemon (GPM or Consolation), which runs as CAP_SYS_ADMIN\n already.\n\nIn more detail:\n\n1. The previous patch has inconsistent logic:\n\n In commit 2f83e38a095f (\"tty: Permit some TIOCL_SETSEL modes\n without CAP_SYS_ADMIN\"), we checked for sel_mode ==\n TIOCL_SELMOUSEREPORT, but overlooked that the lower four bits of\n this \"mode\" parameter were actually used as an additional way to\n pass an argument. So the patch did actually still require\n CAP_SYS_ADMIN, if any of the mouse button bits are set, but did not\n require it if none of the mouse buttons bits are set.\n\n This logic is inconsistent and was not intentional. We should have\n the same policies for using TIOCL_SELMOUSEREPORT independent of the\n value of the \"hidden\" mouse button argument.\n\n I sent a separate documentation patch to the man page list with\n more details on TIOCL_SELMOUSEREPORT:\n https://lore.kernel.org/all/20250223091342.35523-2-gnoack3000@gmail.com/\n\n2. TIOCL_SELMOUSEREPORT is indeed a potential security risk which can\n let an attacker simulate \"keyboard\" input to command line\n applications on the same terminal, like TIOCSTI and some other\n TIOCLINUX \"selection mode\" IOCTLs.\n\n By enabling mouse reporting on a terminal and then injecting mouse\n reports through TIOCL_SELMOUSEREPORT, an attacker can simulate\n mouse movements on the same terminal, similar to the TIOCSTI\n keystroke injection attacks that were previously possible with\n TIOCSTI and other TIOCL_SETSEL selection modes.\n\n Many programs (including libreadline/bash) are then prone to\n misinterpret these mouse reports as normal keyboard input because\n they do not expect input in the X11 mouse protocol form. The\n attacker does not have complete control over the escape sequence,\n but they can at least control the values of two consecutive bytes\n in the binary mouse reporting escape sequence.\n\n I went into more detail on that in the discussion at\n https://lore.kernel.org/all/20250221.0a947528d8f3@gnoack.org/\n\n It is not equally trivial to simulate arbitrary keystrokes as it\n was with TIOCSTI (commit 83efeeeb3d04 (\"tty: Allow TIOCSTI to be\n disabled\")), but the general mechanism is there, and together with\n the small number of existing legit use cases (see below), it would\n be better to revert back to requiring CAP_SYS_ADMIN for\n TIOCL_SELMOUSEREPORT, as it was already the case before\n commit 2f83e38a095f (\"tty: Permit some TIOCL_SETSEL modes without\n CAP_SYS_ADMIN\").\n\n3. TIOCL_SELMOUSEREPORT is only used by the mouse daemons (GPM or\n Consolation), and they are the only legit use case:\n\n To quote console_codes(4):\n\n The mouse tracking facility is intended to return\n xterm(1)-compatible mouse status reports. Because the console\n driver has no way to know the device or type of the mouse, these\n reports are returned in the console input stream only when the\n virtual terminal driver receives a mouse update ioctl. These\n ioctls must be generated by a mouse-aware user-mode application\n such as the gpm(8) daemon.\n\n Jared Finder has also confirmed in\n https://lore.kernel.org/all/491f3df9de6593df8e70dbe77614b026@finder.org/\n that Emacs does not call TIOCL_SELMOUSEREPORT directly, and it\n would be difficult to find good reasons for doing that, given that\n it would interfere with the reports that GPM is sending.\n\n More information on the interaction between GPM, terminals and th\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37814",
"url": "https://www.suse.com/security/cve/CVE-2025-37814"
},
{
"category": "external",
"summary": "SUSE Bug 1242865 for CVE-2025-37814",
"url": "https://bugzilla.suse.com/1242865"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37814"
},
{
"cve": "CVE-2025-37815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration\n\nResolve kernel panic while accessing IRQ handler associated with the\ngenerated IRQ. This is done by acquiring the spinlock and storing the\ncurrent interrupt state before handling the interrupt request using\ngeneric_handle_irq.\n\nA previous fix patch was submitted where \u0027generic_handle_irq\u0027 was\nreplaced with \u0027handle_nested_irq\u0027. However, this change also causes\nthe kernel panic where after determining which GPIO triggered the\ninterrupt and attempting to call handle_nested_irq with the mapped\nIRQ number, leads to a failure in locating the registered handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37815",
"url": "https://www.suse.com/security/cve/CVE-2025-37815"
},
{
"category": "external",
"summary": "SUSE Bug 1242871 for CVE-2025-37815",
"url": "https://bugzilla.suse.com/1242871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37815"
},
{
"cve": "CVE-2025-37816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37816"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmei: vsc: Fix fortify-panic caused by invalid counted_by() use\n\ngcc 15 honors the __counted_by(len) attribute on vsc_tp_packet.buf[]\nand the vsc-tp.c code is using this in a wrong way. len does not contain\nthe available size in the buffer, it contains the actual packet length\n*without* the crc. So as soon as vsc_tp_xfer() tries to add the crc to\nbuf[] the fortify-panic handler gets triggered:\n\n[ 80.842193] memcpy: detected buffer overflow: 4 byte write of buffer size 0\n[ 80.842243] WARNING: CPU: 4 PID: 272 at lib/string_helpers.c:1032 __fortify_report+0x45/0x50\n...\n[ 80.843175] __fortify_panic+0x9/0xb\n[ 80.843186] vsc_tp_xfer.cold+0x67/0x67 [mei_vsc_hw]\n[ 80.843210] ? seqcount_lockdep_reader_access.constprop.0+0x82/0x90\n[ 80.843229] ? lockdep_hardirqs_on+0x7c/0x110\n[ 80.843250] mei_vsc_hw_start+0x98/0x120 [mei_vsc]\n[ 80.843270] mei_reset+0x11d/0x420 [mei]\n\nThe easiest fix would be to just drop the counted-by but with the exception\nof the ack buffer in vsc_tp_xfer_helper() which only contains enough room\nfor the packet-header, all other uses of vsc_tp_packet always use a buffer\nof VSC_TP_MAX_XFER_SIZE bytes for the packet.\n\nInstead of just dropping the counted-by, split the vsc_tp_packet struct\ndefinition into a header and a full-packet definition and use a fixed\nsize buf[] in the packet definition, this way fortify-source buffer\noverrun checking still works when enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37816",
"url": "https://www.suse.com/security/cve/CVE-2025-37816"
},
{
"category": "external",
"summary": "SUSE Bug 1242863 for CVE-2025-37816",
"url": "https://bugzilla.suse.com/1242863"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37816"
},
{
"cve": "CVE-2025-37819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()\n\nWith ACPI in place, gicv2m_get_fwnode() is registered with the pci\nsubsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime\nduring a PCI host bridge probe. But, the call back is wrongly marked as\n__init, causing it to be freed, while being registered with the PCI\nsubsystem and could trigger:\n\n Unable to handle kernel paging request at virtual address ffff8000816c0400\n gicv2m_get_fwnode+0x0/0x58 (P)\n pci_set_bus_msi_domain+0x74/0x88\n pci_register_host_bridge+0x194/0x548\n\nThis is easily reproducible on a Juno board with ACPI boot.\n\nRetain the function for later use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37819",
"url": "https://www.suse.com/security/cve/CVE-2025-37819"
},
{
"category": "external",
"summary": "SUSE Bug 1242873 for CVE-2025-37819",
"url": "https://bugzilla.suse.com/1242873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37819"
},
{
"cve": "CVE-2025-37836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix reference leak in pci_register_host_bridge()\n\nIf device_register() fails, call put_device() to give up the reference to\navoid a memory leak, per the comment at device_register().\n\nFound by code review.\n\n[bhelgaas: squash Dan Carpenter\u0027s double free fix from\nhttps://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37836",
"url": "https://www.suse.com/security/cve/CVE-2025-37836"
},
{
"category": "external",
"summary": "SUSE Bug 1242957 for CVE-2025-37836",
"url": "https://bugzilla.suse.com/1242957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37836"
},
{
"cve": "CVE-2025-37837",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37837"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent()\n\nTwo WARNINGs are observed when SMMU driver rolls back upon failure:\n arm-smmu-v3.9.auto: Failed to register iommu\n arm-smmu-v3.9.auto: probe with driver arm-smmu-v3 failed with error -22\n ------------[ cut here ]------------\n WARNING: CPU: 5 PID: 1 at kernel/dma/mapping.c:74 dmam_free_coherent+0xc0/0xd8\n Call trace:\n dmam_free_coherent+0xc0/0xd8 (P)\n tegra241_vintf_free_lvcmdq+0x74/0x188\n tegra241_cmdqv_remove_vintf+0x60/0x148\n tegra241_cmdqv_remove+0x48/0xc8\n arm_smmu_impl_remove+0x28/0x60\n devm_action_release+0x1c/0x40\n ------------[ cut here ]------------\n 128 pages are still in use!\n WARNING: CPU: 16 PID: 1 at mm/page_alloc.c:6902 free_contig_range+0x18c/0x1c8\n Call trace:\n free_contig_range+0x18c/0x1c8 (P)\n cma_release+0x154/0x2f0\n dma_free_contiguous+0x38/0xa0\n dma_direct_free+0x10c/0x248\n dma_free_attrs+0x100/0x290\n dmam_free_coherent+0x78/0xd8\n tegra241_vintf_free_lvcmdq+0x74/0x160\n tegra241_cmdqv_remove+0x98/0x198\n arm_smmu_impl_remove+0x28/0x60\n devm_action_release+0x1c/0x40\n\nThis is because the LVCMDQ queue memory are managed by devres, while that\ndmam_free_coherent() is called in the context of devm_action_release().\n\nJason pointed out that \"arm_smmu_impl_probe() has mis-ordered the devres\ncallbacks if ops-\u003edevice_remove() is going to be manually freeing things\nthat probe allocated\":\nhttps://lore.kernel.org/linux-iommu/20250407174408.GB1722458@nvidia.com/\n\nIn fact, tegra241_cmdqv_init_structures() only allocates memory resources\nwhich means any failure that it generates would be similar to -ENOMEM, so\nthere is no point in having that \"falling back to standard SMMU\" routine,\nas the standard SMMU would likely fail to allocate memory too.\n\nRemove the unwind part in tegra241_cmdqv_init_structures(), and return a\nproper error code to ask SMMU driver to call tegra241_cmdqv_remove() via\nimpl_ops-\u003edevice_remove(). Then, drop tegra241_vintf_free_lvcmdq() since\ndevres will take care of that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37837",
"url": "https://www.suse.com/security/cve/CVE-2025-37837"
},
{
"category": "external",
"summary": "SUSE Bug 1242952 for CVE-2025-37837",
"url": "https://bugzilla.suse.com/1242952"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37837"
},
{
"cve": "CVE-2025-37839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb-\u003es_sequence check\n\nJournal emptiness is not determined by sb-\u003es_sequence == 0 but rather by\nsb-\u003es_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37839",
"url": "https://www.suse.com/security/cve/CVE-2025-37839"
},
{
"category": "external",
"summary": "SUSE Bug 1242990 for CVE-2025-37839",
"url": "https://bugzilla.suse.com/1242990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37839"
},
{
"cve": "CVE-2025-37840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: fix PM resume warning\n\nFixed warning on PM resume as shown below caused due to uninitialized\nstruct nand_operation that checks chip select field :\nWARN_ON(op-\u003ecs \u003e= nanddev_ntargets(\u0026chip-\u003ebase)\n\n[ 14.588522] ------------[ cut here ]------------\n[ 14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8\n[ 14.588553] Modules linked in: bdc udc_core\n[ 14.588579] CPU: 0 UID: 0 PID: 1392 Comm: rtcwake Tainted: G W 6.14.0-rc4-g5394eea10651 #16\n[ 14.588590] Tainted: [W]=WARN\n[ 14.588593] Hardware name: Broadcom STB (Flattened Device Tree)\n[ 14.588598] Call trace:\n[ 14.588604] dump_backtrace from show_stack+0x18/0x1c\n[ 14.588622] r7:00000009 r6:0000008b r5:60000153 r4:c0fa558c\n[ 14.588625] show_stack from dump_stack_lvl+0x70/0x7c\n[ 14.588639] dump_stack_lvl from dump_stack+0x18/0x1c\n[ 14.588653] r5:c08d40b0 r4:c1003cb0\n[ 14.588656] dump_stack from __warn+0x84/0xe4\n[ 14.588668] __warn from warn_slowpath_fmt+0x18c/0x194\n[ 14.588678] r7:c08d40b0 r6:c1003cb0 r5:00000000 r4:00000000\n[ 14.588681] warn_slowpath_fmt from nand_reset_op+0x1e0/0x1f8\n[ 14.588695] r8:70c40dff r7:89705f41 r6:36b4a597 r5:c26c9444 r4:c26b0048\n[ 14.588697] nand_reset_op from brcmnand_resume+0x13c/0x150\n[ 14.588714] r9:00000000 r8:00000000 r7:c24f8010 r6:c228a3f8 r5:c26c94bc r4:c26b0040\n[ 14.588717] brcmnand_resume from platform_pm_resume+0x34/0x54\n[ 14.588735] r5:00000010 r4:c0840a50\n[ 14.588738] platform_pm_resume from dpm_run_callback+0x5c/0x14c\n[ 14.588757] dpm_run_callback from device_resume+0xc0/0x324\n[ 14.588776] r9:c24f8054 r8:c24f80a0 r7:00000000 r6:00000000 r5:00000010 r4:c24f8010\n[ 14.588779] device_resume from dpm_resume+0x130/0x160\n[ 14.588799] r9:c22539e4 r8:00000010 r7:c22bebb0 r6:c24f8010 r5:c22539dc r4:c22539b0\n[ 14.588802] dpm_resume from dpm_resume_end+0x14/0x20\n[ 14.588822] r10:c2204e40 r9:00000000 r8:c228a3fc r7:00000000 r6:00000003 r5:c228a414\n[ 14.588826] r4:00000010\n[ 14.588828] dpm_resume_end from suspend_devices_and_enter+0x274/0x6f8\n[ 14.588848] r5:c228a414 r4:00000000\n[ 14.588851] suspend_devices_and_enter from pm_suspend+0x228/0x2bc\n[ 14.588868] r10:c3502910 r9:c3501f40 r8:00000004 r7:c228a438 r6:c0f95e18 r5:00000000\n[ 14.588871] r4:00000003\n[ 14.588874] pm_suspend from state_store+0x74/0xd0\n[ 14.588889] r7:c228a438 r6:c0f934c8 r5:00000003 r4:00000003\n[ 14.588892] state_store from kobj_attr_store+0x1c/0x28\n[ 14.588913] r9:00000000 r8:00000000 r7:f09f9f08 r6:00000004 r5:c3502900 r4:c0283250\n[ 14.588916] kobj_attr_store from sysfs_kf_write+0x40/0x4c\n[ 14.588936] r5:c3502900 r4:c0d92a48\n[ 14.588939] sysfs_kf_write from kernfs_fop_write_iter+0x104/0x1f0\n[ 14.588956] r5:c3502900 r4:c3501f40\n[ 14.588960] kernfs_fop_write_iter from vfs_write+0x250/0x420\n[ 14.588980] r10:c0e14b48 r9:00000000 r8:c25f5780 r7:00443398 r6:f09f9f68 r5:c34f7f00\n[ 14.588983] r4:c042a88c\n[ 14.588987] vfs_write from ksys_write+0x74/0xe4\n[ 14.589005] r10:00000004 r9:c25f5780 r8:c02002fA0 r7:00000000 r6:00000000 r5:c34f7f00\n[ 14.589008] r4:c34f7f00\n[ 14.589011] ksys_write from sys_write+0x10/0x14\n[ 14.589029] r7:00000004 r6:004421c0 r5:00443398 r4:00000004\n[ 14.589032] sys_write from ret_fast_syscall+0x0/0x5c\n[ 14.589044] Exception stack(0xf09f9fa8 to 0xf09f9ff0)\n[ 14.589050] 9fa0: 00000004 00443398 00000004 00443398 00000004 00000001\n[ 14.589056] 9fc0: 00000004 00443398 004421c0 00000004 b6ecbd58 00000008 bebfbc38 0043eb78\n[ 14.589062] 9fe0: 00440eb0 bebfbaf8 b6de18a0 b6e579e8\n[ 14.589065] ---[ end trace 0000000000000000 ]---\n\nThe fix uses the higher level nand_reset(chip, chipnr); where chipnr = 0, when\ndoing PM resume operation in compliance with the controller support for single\ndie nand chip. Switching from nand_reset_op() to nan\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37840",
"url": "https://www.suse.com/security/cve/CVE-2025-37840"
},
{
"category": "external",
"summary": "SUSE Bug 1242953 for CVE-2025-37840",
"url": "https://bugzilla.suse.com/1242953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37840"
},
{
"cve": "CVE-2025-37841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npm: cpupower: bench: Prevent NULL dereference on malloc failure\n\nIf malloc returns NULL due to low memory, \u0027config\u0027 pointer can be NULL.\nAdd a check to prevent NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37841",
"url": "https://www.suse.com/security/cve/CVE-2025-37841"
},
{
"category": "external",
"summary": "SUSE Bug 1242974 for CVE-2025-37841",
"url": "https://bugzilla.suse.com/1242974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37841"
},
{
"cve": "CVE-2025-37844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: avoid NULL pointer dereference in dbg call\n\ncifs_server_dbg() implies server to be non-NULL so\nmove call under condition to avoid NULL pointer dereference.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37844",
"url": "https://www.suse.com/security/cve/CVE-2025-37844"
},
{
"category": "external",
"summary": "SUSE Bug 1242946 for CVE-2025-37844",
"url": "https://bugzilla.suse.com/1242946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37844"
},
{
"cve": "CVE-2025-37847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix deadlock in ivpu_ms_cleanup()\n\nFix deadlock in ivpu_ms_cleanup() by preventing runtime resume after\nfile_priv-\u003ems_lock is acquired.\n\nDuring a failure in runtime resume, a cold boot is executed, which\ncalls ivpu_ms_cleanup_all(). This function calls ivpu_ms_cleanup()\nthat acquires file_priv-\u003ems_lock and causes the deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37847",
"url": "https://www.suse.com/security/cve/CVE-2025-37847"
},
{
"category": "external",
"summary": "SUSE Bug 1242947 for CVE-2025-37847",
"url": "https://bugzilla.suse.com/1242947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37847"
},
{
"cve": "CVE-2025-37848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix PM related deadlocks in MS IOCTLs\n\nPrevent runtime resume/suspend while MS IOCTLs are in progress.\nFailed suspend will call ivpu_ms_cleanup() that would try to acquire\nfile_priv-\u003ems_lock, which is already held by the IOCTLs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37848",
"url": "https://www.suse.com/security/cve/CVE-2025-37848"
},
{
"category": "external",
"summary": "SUSE Bug 1242943 for CVE-2025-37848",
"url": "https://bugzilla.suse.com/1242943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37848"
},
{
"cve": "CVE-2025-37849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Tear down vGIC on failed vCPU creation\n\nIf kvm_arch_vcpu_create() fails to share the vCPU page with the\nhypervisor, we propagate the error back to the ioctl but leave the\nvGIC vCPU data initialised. Note only does this leak the corresponding\nmemory when the vCPU is destroyed but it can also lead to use-after-free\nif the redistributor device handling tries to walk into the vCPU.\n\nAdd the missing cleanup to kvm_arch_vcpu_create(), ensuring that the\nvGIC vCPU structures are destroyed on error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37849",
"url": "https://www.suse.com/security/cve/CVE-2025-37849"
},
{
"category": "external",
"summary": "SUSE Bug 1243000 for CVE-2025-37849",
"url": "https://bugzilla.suse.com/1243000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37849"
},
{
"cve": "CVE-2025-37850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()\n\nWith CONFIG_COMPILE_TEST \u0026\u0026 !CONFIG_HAVE_CLK, pwm_mediatek_config() has a\ndivide-by-zero in the following line:\n\n\tdo_div(resolution, clk_get_rate(pc-\u003eclk_pwms[pwm-\u003ehwpwm]));\n\ndue to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate()\nreturns zero.\n\nThis is presumably just a theoretical problem: COMPILE_TEST overrides\nthe dependency on RALINK which would select COMMON_CLK. Regardless it\u0027s\na good idea to check for the error explicitly to avoid divide-by-zero.\n\nFixes the following warning:\n\n drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section\n\n[ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37850",
"url": "https://www.suse.com/security/cve/CVE-2025-37850"
},
{
"category": "external",
"summary": "SUSE Bug 1242955 for CVE-2025-37850",
"url": "https://bugzilla.suse.com/1242955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37850"
},
{
"cve": "CVE-2025-37851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: Add \u0027plane\u0027 value check\n\nFunction dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB\nof the enum parameter plane.\n\nThe value of this parameter is initialized in dss_init_overlays and in the\ncurrent state of the code it cannot take this value so it\u0027s not a real\nproblem.\n\nFor the purposes of defensive coding it wouldn\u0027t be superfluous to check\nthe parameter value, because some functions down the call stack process\nthis value correctly and some not.\n\nFor example, in dispc_ovl_setup_global_alpha it may lead to buffer\noverflow.\n\nAdd check for this value.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37851",
"url": "https://www.suse.com/security/cve/CVE-2025-37851"
},
{
"category": "external",
"summary": "SUSE Bug 1242977 for CVE-2025-37851",
"url": "https://bugzilla.suse.com/1242977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37851"
},
{
"cve": "CVE-2025-37852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create()\n\nAdd error handling to propagate amdgpu_cgs_create_device() failures\nto the caller. When amdgpu_cgs_create_device() fails, release hwmgr\nand return -ENOMEM to prevent null pointer dereference.\n\n[v1]-\u003e[v2]: Change error code from -EINVAL to -ENOMEM. Free hwmgr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37852",
"url": "https://www.suse.com/security/cve/CVE-2025-37852"
},
{
"category": "external",
"summary": "SUSE Bug 1243074 for CVE-2025-37852",
"url": "https://bugzilla.suse.com/1243074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37852"
},
{
"cve": "CVE-2025-37853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: debugfs hang_hws skip GPU with MES\n\ndebugfs hang_hws is used by GPU reset test with HWS, for MES this crash\nthe kernel with NULL pointer access because dqm-\u003epacket_mgr is not setup\nfor MES path.\n\nSkip GPU with MES for now, MES hang_hws debugfs interface will be\nsupported later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37853",
"url": "https://www.suse.com/security/cve/CVE-2025-37853"
},
{
"category": "external",
"summary": "SUSE Bug 1243076 for CVE-2025-37853",
"url": "https://bugzilla.suse.com/1243076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37853"
},
{
"cve": "CVE-2025-37854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix mode1 reset crash issue\n\nIf HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal\nuser space to abort the processes. After process abort exit, user queues\nstill use the GPU to access system memory before h/w is reset while KFD\ncleanup worker free system memory and free VRAM.\n\nThere is use-after-free race bug that KFD allocate and reuse the freed\nsystem memory, and user queue write to the same system memory to corrupt\nthe data structure and cause driver crash.\n\nTo fix this race, KFD cleanup worker terminate user queues, then flush\nreset_domain wq to wait for any GPU ongoing reset complete, and then\nfree outstanding BOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37854",
"url": "https://www.suse.com/security/cve/CVE-2025-37854"
},
{
"category": "external",
"summary": "SUSE Bug 1243082 for CVE-2025-37854",
"url": "https://bugzilla.suse.com/1243082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37854"
},
{
"cve": "CVE-2025-37858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Prevent integer overflow in AG size calculation\n\nThe JFS filesystem calculates allocation group (AG) size using 1 \u003c\u003c\nl2agsize in dbExtendFS(). When l2agsize exceeds 31 (possible with \u003e2TB\naggregates on 32-bit systems), this 32-bit shift operation causes undefined\nbehavior and improper AG sizing.\n\nOn 32-bit architectures:\n- Left-shifting 1 by 32+ bits results in 0 due to integer overflow\n- This creates invalid AG sizes (0 or garbage values) in\nsbi-\u003ebmap-\u003edb_agsize\n- Subsequent block allocations would reference invalid AG structures\n- Could lead to:\n - Filesystem corruption during extend operations\n - Kernel crashes due to invalid memory accesses\n - Security vulnerabilities via malformed on-disk structures\n\nFix by casting to s64 before shifting:\nbmp-\u003edb_agsize = (s64)1 \u003c\u003c l2agsize;\n\nThis ensures 64-bit arithmetic even on 32-bit architectures. The cast\nmatches the data type of db_agsize (s64) and follows similar patterns in\nJFS block calculation code.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37858",
"url": "https://www.suse.com/security/cve/CVE-2025-37858"
},
{
"category": "external",
"summary": "SUSE Bug 1243049 for CVE-2025-37858",
"url": "https://bugzilla.suse.com/1243049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37858"
},
{
"cve": "CVE-2025-37859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npage_pool: avoid infinite loop to schedule delayed worker\n\nWe noticed the kworker in page_pool_release_retry() was waken\nup repeatedly and infinitely in production because of the\nbuggy driver causing the inflight less than 0 and warning\nus in page_pool_inflight()[1].\n\nSince the inflight value goes negative, it means we should\nnot expect the whole page_pool to get back to work normally.\n\nThis patch mitigates the adverse effect by not rescheduling\nthe kworker when detecting the inflight negative in\npage_pool_release_retry().\n\n[1]\n[Mon Feb 10 20:36:11 2025] ------------[ cut here ]------------\n[Mon Feb 10 20:36:11 2025] Negative(-51446) inflight packet-pages\n...\n[Mon Feb 10 20:36:11 2025] Call Trace:\n[Mon Feb 10 20:36:11 2025] page_pool_release_retry+0x23/0x70\n[Mon Feb 10 20:36:11 2025] process_one_work+0x1b1/0x370\n[Mon Feb 10 20:36:11 2025] worker_thread+0x37/0x3a0\n[Mon Feb 10 20:36:11 2025] kthread+0x11a/0x140\n[Mon Feb 10 20:36:11 2025] ? process_one_work+0x370/0x370\n[Mon Feb 10 20:36:11 2025] ? __kthread_cancel_work+0x40/0x40\n[Mon Feb 10 20:36:11 2025] ret_from_fork+0x35/0x40\n[Mon Feb 10 20:36:11 2025] ---[ end trace ebffe800f33e7e34 ]---\nNote: before this patch, the above calltrace would flood the\ndmesg due to repeated reschedule of release_dw kworker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37859",
"url": "https://www.suse.com/security/cve/CVE-2025-37859"
},
{
"category": "external",
"summary": "SUSE Bug 1243051 for CVE-2025-37859",
"url": "https://bugzilla.suse.com/1243051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37859"
},
{
"cve": "CVE-2025-37861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue\n\nWhen the task management thread processes reply queues while the reset\nthread resets them, the task management thread accesses an invalid queue ID\n(0xFFFF), set by the reset thread, which points to unallocated memory,\ncausing a crash.\n\nAdd flag \u0027io_admin_reset_sync\u0027 to synchronize access between the reset,\nI/O, and admin threads. Before a reset, the reset handler sets this flag to\nblock I/O and admin processing threads. If any thread bypasses the initial\ncheck, the reset thread waits up to 10 seconds for processing to finish. If\nthe wait exceeds 10 seconds, the controller is marked as unrecoverable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37861",
"url": "https://www.suse.com/security/cve/CVE-2025-37861"
},
{
"category": "external",
"summary": "SUSE Bug 1243055 for CVE-2025-37861",
"url": "https://bugzilla.suse.com/1243055"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37861"
},
{
"cve": "CVE-2025-37862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: pidff: Fix null pointer dereference in pidff_find_fields\n\nThis function triggered a null pointer dereference if used to search for\na report that isn\u0027t implemented on the device. This happened both for\noptional and required reports alike.\n\nThe same logic was applied to pidff_find_special_field and although\npidff_init_fields should return an error earlier if one of the required\nreports is missing, future modifications could change this logic and\nresurface this possible null pointer dereference again.\n\nLKML bug report:\nhttps://lore.kernel.org/all/CAL-gK7f5=R0nrrQdPtaZZr1fd-cdAMbDMuZ_NLA8vM0SX+nGSw@mail.gmail.com",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37862",
"url": "https://www.suse.com/security/cve/CVE-2025-37862"
},
{
"category": "external",
"summary": "SUSE Bug 1242982 for CVE-2025-37862",
"url": "https://bugzilla.suse.com/1242982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37862"
},
{
"cve": "CVE-2025-37865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported\n\nRussell King reports that on the ZII dev rev B, deleting a bridge VLAN\nfrom a user port fails with -ENOENT:\nhttps://lore.kernel.org/netdev/Z_lQXNP0s5-IiJzd@shell.armlinux.org.uk/\n\nThis comes from mv88e6xxx_port_vlan_leave() -\u003e mv88e6xxx_mst_put(),\nwhich tries to find an MST entry in \u0026chip-\u003emsts associated with the SID,\nbut fails and returns -ENOENT as such.\n\nBut we know that this chip does not support MST at all, so that is not\nsurprising. The question is why does the guard in mv88e6xxx_mst_put()\nnot exit early:\n\n\tif (!sid)\n\t\treturn 0;\n\nAnd the answer seems to be simple: the sid comes from vlan.sid which\nsupposedly was previously populated by mv88e6xxx_vtu_get().\nBut some chip-\u003einfo-\u003eops-\u003evtu_getnext() implementations do not populate\nvlan.sid, for example see mv88e6185_g1_vtu_getnext(). In that case,\nlater in mv88e6xxx_port_vlan_leave() we are using a garbage sid which is\njust residual stack memory.\n\nTesting for sid == 0 covers all cases of a non-bridge VLAN or a bridge\nVLAN mapped to the default MSTI. For some chips, SID 0 is valid and\ninstalled by mv88e6xxx_stu_setup(). A chip which does not support the\nSTU would implicitly only support mapping all VLANs to the default MSTI,\nso although SID 0 is not valid, it would be sufficient, if we were to\nzero-initialize the vlan structure, to fix the bug, due to the\ncoincidence that a test for vlan.sid == 0 already exists and leads to\nthe same (correct) behavior.\n\nAnother option which would be sufficient would be to add a test for\nmv88e6xxx_has_stu() inside mv88e6xxx_mst_put(), symmetric to the one\nwhich already exists in mv88e6xxx_mst_get(). But that placement means\nthe caller will have to dereference vlan.sid, which means it will access\nuninitialized memory, which is not nice even if it ignores it later.\n\nSo we end up making both modifications, in order to not rely just on the\nsid == 0 coincidence, but also to avoid having uninitialized structure\nfields which might get temporarily accessed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37865",
"url": "https://www.suse.com/security/cve/CVE-2025-37865"
},
{
"category": "external",
"summary": "SUSE Bug 1242954 for CVE-2025-37865",
"url": "https://bugzilla.suse.com/1242954"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37865"
},
{
"cve": "CVE-2025-37867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Silence oversized kvmalloc() warning\n\nsyzkaller triggered an oversized kvmalloc() warning.\nSilence it by adding __GFP_NOWARN.\n\nsyzkaller log:\n WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node_noprof+0x175/0x180\n CPU: 7 UID: 0 PID: 518 Comm: c_repro Not tainted 6.11.0-rc6+ #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__kvmalloc_node_noprof+0x175/0x180\n RSP: 0018:ffffc90001e67c10 EFLAGS: 00010246\n RAX: 0000000000000100 RBX: 0000000000000400 RCX: ffffffff8149d46b\n RDX: 0000000000000000 RSI: ffff8881030fae80 RDI: 0000000000000002\n RBP: 000000712c800000 R08: 0000000000000100 R09: 0000000000000000\n R10: ffffc90001e67c10 R11: 0030ae0601000000 R12: 0000000000000000\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000\n FS: 00007fde79159740(0000) GS:ffff88813bdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000180 CR3: 0000000105eb4005 CR4: 00000000003706b0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ib_umem_odp_get+0x1f6/0x390\n mlx5_ib_reg_user_mr+0x1e8/0x450\n ib_uverbs_reg_mr+0x28b/0x440\n ib_uverbs_write+0x7d3/0xa30\n vfs_write+0x1ac/0x6c0\n ksys_write+0x134/0x170\n ? __sanitizer_cov_trace_pc+0x1c/0x50\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37867",
"url": "https://www.suse.com/security/cve/CVE-2025-37867"
},
{
"category": "external",
"summary": "SUSE Bug 1242948 for CVE-2025-37867",
"url": "https://bugzilla.suse.com/1242948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37867"
},
{
"cve": "CVE-2025-37868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/userptr: fix notifier vs folio deadlock\n\nUser is reporting what smells like notifier vs folio deadlock, where\nmigrate_pages_batch() on core kernel side is holding folio lock(s) and\nthen interacting with the mappings of it, however those mappings are\ntied to some userptr, which means calling into the notifier callback and\ngrabbing the notifier lock. With perfect timing it looks possible that\nthe pages we pulled from the hmm fault can get sniped by\nmigrate_pages_batch() at the same time that we are holding the notifier\nlock to mark the pages as accessed/dirty, but at this point we also want\nto grab the folio locks(s) to mark them as dirty, but if they are\ncontended from notifier/migrate_pages_batch side then we deadlock since\nfolio lock won\u0027t be dropped until we drop the notifier lock.\n\nFortunately the mark_page_accessed/dirty is not really needed in the\nfirst place it seems and should have already been done by hmm fault, so\njust remove it.\n\n(cherry picked from commit bd7c0cb695e87c0e43247be8196b4919edbe0e85)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37868",
"url": "https://www.suse.com/security/cve/CVE-2025-37868"
},
{
"category": "external",
"summary": "SUSE Bug 1242966 for CVE-2025-37868",
"url": "https://bugzilla.suse.com/1242966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37868"
},
{
"cve": "CVE-2025-37869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Use local fence in error path of xe_migrate_clear\n\nThe intent of the error path in xe_migrate_clear is to wait on locally\ngenerated fence and then return. The code is waiting on m-\u003efence which\ncould be the local fence but this is only stable under the job mutex\nleading to a possible UAF. Fix code to wait on local fence.\n\n(cherry picked from commit 762b7e95362170b3e13a8704f38d5e47eca4ba74)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37869",
"url": "https://www.suse.com/security/cve/CVE-2025-37869"
},
{
"category": "external",
"summary": "SUSE Bug 1242967 for CVE-2025-37869",
"url": "https://bugzilla.suse.com/1242967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37869"
},
{
"cve": "CVE-2025-37871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: decrease sc_count directly if fail to queue dl_recall\n\nA deadlock warning occurred when invoking nfs4_put_stid following a failed\ndl_recall queue operation:\n T1 T2\n nfs4_laundromat\n nfs4_get_client_reaplist\n nfs4_anylock_blockers\n__break_lease\n spin_lock // ctx-\u003eflc_lock\n spin_lock // clp-\u003ecl_lock\n nfs4_lockowner_has_blockers\n locks_owner_has_blockers\n spin_lock // flctx-\u003eflc_lock\n nfsd_break_deleg_cb\n nfsd_break_one_deleg\n nfs4_put_stid\n refcount_dec_and_lock\n spin_lock // clp-\u003ecl_lock\n\nWhen a file is opened, an nfs4_delegation is allocated with sc_count\ninitialized to 1, and the file_lease holds a reference to the delegation.\nThe file_lease is then associated with the file through kernel_setlease.\n\nThe disassociation is performed in nfsd4_delegreturn via the following\ncall chain:\nnfsd4_delegreturn --\u003e destroy_delegation --\u003e destroy_unhashed_deleg --\u003e\nnfs4_unlock_deleg_lease --\u003e kernel_setlease --\u003e generic_delete_lease\nThe corresponding sc_count reference will be released after this\ndisassociation.\n\nSince nfsd_break_one_deleg executes while holding the flc_lock, the\ndisassociation process becomes blocked when attempting to acquire flc_lock\nin generic_delete_lease. This means:\n1) sc_count in nfsd_break_one_deleg will not be decremented to 0;\n2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to\nacquire cl_lock;\n3) Consequently, no deadlock condition is created.\n\nGiven that sc_count in nfsd_break_one_deleg remains non-zero, we can\nsafely perform refcount_dec on sc_count directly. This approach\neffectively avoids triggering deadlock warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37871",
"url": "https://www.suse.com/security/cve/CVE-2025-37871"
},
{
"category": "external",
"summary": "SUSE Bug 1242949 for CVE-2025-37871",
"url": "https://bugzilla.suse.com/1242949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37871"
},
{
"cve": "CVE-2025-37873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix missing ring index trim on error path\n\nCommit under Fixes converted tx_prod to be free running but missed\nmasking it on the Tx error path. This crashes on error conditions,\nfor example when DMA mapping fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37873",
"url": "https://www.suse.com/security/cve/CVE-2025-37873"
},
{
"category": "external",
"summary": "SUSE Bug 1242961 for CVE-2025-37873",
"url": "https://bugzilla.suse.com/1242961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37873"
},
{
"cve": "CVE-2025-37874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37874"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ngbe: fix memory leak in ngbe_probe() error path\n\nWhen ngbe_sw_init() is called, memory is allocated for wx-\u003erss_key\nin wx_init_rss_key(). However, in ngbe_probe() function, the subsequent\nerror paths after ngbe_sw_init() don\u0027t free the rss_key. Fix that by\nfreeing it in error path along with wx-\u003emac_table.\n\nAlso change the label to which execution jumps when ngbe_sw_init()\nfails, because otherwise, it could lead to a double free for rss_key,\nwhen the mac_table allocation fails in wx_sw_init().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37874",
"url": "https://www.suse.com/security/cve/CVE-2025-37874"
},
{
"category": "external",
"summary": "SUSE Bug 1242940 for CVE-2025-37874",
"url": "https://bugzilla.suse.com/1242940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37874"
},
{
"cve": "CVE-2025-37875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix PTM cycle trigger logic\n\nWriting to clear the PTM status \u0027valid\u0027 bit while the PTM cycle is\ntriggered results in unreliable PTM operation. To fix this, clear the\nPTM \u0027trigger\u0027 and status after each PTM transaction.\n\nThe issue can be reproduced with the following:\n\n$ sudo phc2sys -R 1000 -O 0 -i tsn0 -m\n\nNote: 1000 Hz (-R 1000) is unrealistically large, but provides a way to\nquickly reproduce the issue.\n\nPHC2SYS exits with:\n\n\"ioctl PTP_OFFSET_PRECISE: Connection timed out\" when the PTM transaction\n fails\n\nThis patch also fixes a hang in igc_probe() when loading the igc\ndriver in the kdump kernel on systems supporting PTM.\n\nThe igc driver running in the base kernel enables PTM trigger in\nigc_probe(). Therefore the driver is always in PTM trigger mode,\nexcept in brief periods when manually triggering a PTM cycle.\n\nWhen a crash occurs, the NIC is reset while PTM trigger is enabled.\nDue to a hardware problem, the NIC is subsequently in a bad busmaster\nstate and doesn\u0027t handle register reads/writes. When running\nigc_probe() in the kdump kernel, the first register access to a NIC\nregister hangs driver probing and ultimately breaks kdump.\n\nWith this patch, igc has PTM trigger disabled most of the time,\nand the trigger is only enabled for very brief (10 - 100 us) periods\nwhen manually triggering a PTM cycle. Chances that a crash occurs\nduring a PTM trigger are not 0, but extremely reduced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37875",
"url": "https://www.suse.com/security/cve/CVE-2025-37875"
},
{
"category": "external",
"summary": "SUSE Bug 1242959 for CVE-2025-37875",
"url": "https://bugzilla.suse.com/1242959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37875"
},
{
"cve": "CVE-2025-37881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()\n\nThe variable d-\u003ename, returned by devm_kasprintf(), could be NULL.\nA pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37881",
"url": "https://www.suse.com/security/cve/CVE-2025-37881"
},
{
"category": "external",
"summary": "SUSE Bug 1242973 for CVE-2025-37881",
"url": "https://bugzilla.suse.com/1242973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37881"
},
{
"cve": "CVE-2025-37884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix deadlock between rcu_tasks_trace and event_mutex.\n\nFix the following deadlock:\nCPU A\n_free_event()\n perf_kprobe_destroy()\n mutex_lock(\u0026event_mutex)\n perf_trace_event_unreg()\n synchronize_rcu_tasks_trace()\n\nThere are several paths where _free_event() grabs event_mutex\nand calls sync_rcu_tasks_trace. Above is one such case.\n\nCPU B\nbpf_prog_test_run_syscall()\n rcu_read_lock_trace()\n bpf_prog_run_pin_on_cpu()\n bpf_prog_load()\n bpf_tracing_func_proto()\n trace_set_clr_event()\n mutex_lock(\u0026event_mutex)\n\nDelegate trace_set_clr_event() to workqueue to avoid\nsuch lock dependency.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37884",
"url": "https://www.suse.com/security/cve/CVE-2025-37884"
},
{
"category": "external",
"summary": "SUSE Bug 1243060 for CVE-2025-37884",
"url": "https://bugzilla.suse.com/1243060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37884"
},
{
"cve": "CVE-2025-37888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table()\n\nAdd NULL check for mlx5_get_flow_namespace() returns in\nmlx5_create_inner_ttc_table() and mlx5_create_ttc_table() to prevent\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37888",
"url": "https://www.suse.com/security/cve/CVE-2025-37888"
},
{
"category": "external",
"summary": "SUSE Bug 1242964 for CVE-2025-37888",
"url": "https://bugzilla.suse.com/1242964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37888"
},
{
"cve": "CVE-2025-37889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Consistently treat platform_max as control value\n\nThis reverts commit 9bdd10d57a88 (\"ASoC: ops: Shift tested values in\nsnd_soc_put_volsw() by +min\"), and makes some additional related\nupdates.\n\nThere are two ways the platform_max could be interpreted; the maximum\nregister value, or the maximum value the control can be set to. The\npatch moved from treating the value as a control value to a register\none. When the patch was applied it was technically correct as\nsnd_soc_limit_volume() also used the register interpretation. However,\neven then most of the other usages treated platform_max as a\ncontrol value, and snd_soc_limit_volume() has since been updated to\nalso do so in commit fb9ad24485087 (\"ASoC: ops: add correct range\ncheck for limiting volume\"). That patch however, missed updating\nsnd_soc_put_volsw() back to the control interpretation, and fixing\nsnd_soc_info_volsw_range(). The control interpretation makes more\nsense as limiting is typically done from the machine driver, so it is\nappropriate to use the customer facing representation rather than the\ninternal codec representation. Update all the code to consistently use\nthis interpretation of platform_max.\n\nFinally, also add some comments to the soc_mixer_control struct to\nhopefully avoid further patches switching between the two approaches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37889",
"url": "https://www.suse.com/security/cve/CVE-2025-37889"
},
{
"category": "external",
"summary": "SUSE Bug 1242945 for CVE-2025-37889",
"url": "https://bugzilla.suse.com/1242945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37889"
},
{
"cve": "CVE-2025-37890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], we have a UAF case when an hfsc class\nhas a netem child qdisc. The crux of the issue is that hfsc is assuming\nthat checking for cl-\u003eqdisc-\u003eq.qlen == 0 guarantees that it hasn\u0027t inserted\nthe class in the vttree or eltree (which is not true for the netem\nduplicate case).\n\nThis patch checks the n_active class variable to make sure that the code\nwon\u0027t insert the class in the vttree or eltree twice, catering for the\nreentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37890",
"url": "https://www.suse.com/security/cve/CVE-2025-37890"
},
{
"category": "external",
"summary": "SUSE Bug 1243330 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "external",
"summary": "SUSE Bug 1245791 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1245791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "important"
}
],
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-37891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ump: Fix buffer overflow at UMP SysEx message conversion\n\nThe conversion function from MIDI 1.0 to UMP packet contains an\ninternal buffer to keep the incoming MIDI bytes, and its size is 4, as\nit was supposed to be the max size for a MIDI1 UMP packet data.\nHowever, the implementation overlooked that SysEx is handled in a\ndifferent format, and it can be up to 6 bytes, as found in\ndo_convert_to_ump(). It leads eventually to a buffer overflow, and\nmay corrupt the memory when a longer SysEx message is received.\n\nThe fix is simply to extend the buffer size to 6 to fit with the SysEx\nUMP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37891",
"url": "https://www.suse.com/security/cve/CVE-2025-37891"
},
{
"category": "external",
"summary": "SUSE Bug 1243589 for CVE-2025-37891",
"url": "https://bugzilla.suse.com/1243589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37891"
},
{
"cve": "CVE-2025-37892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: inftlcore: Add error check for inftl_read_oob()\n\nIn INFTL_findwriteunit(), the return value of inftl_read_oob()\nneed to be checked. A proper implementation can be\nfound in INFTL_deleteblock(). The status will be set as\nSECTOR_IGNORE to break from the while-loop correctly\nif the inftl_read_oob() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37892",
"url": "https://www.suse.com/security/cve/CVE-2025-37892"
},
{
"category": "external",
"summary": "SUSE Bug 1243536 for CVE-2025-37892",
"url": "https://bugzilla.suse.com/1243536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37892"
},
{
"cve": "CVE-2025-37897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37897"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: plfxlc: Remove erroneous assert in plfxlc_mac_release\n\nplfxlc_mac_release() asserts that mac-\u003elock is held. This assertion is\nincorrect, because even if it was possible, it would not be the valid\nbehaviour. The function is used when probe fails or after the device is\ndisconnected. In both cases mac-\u003elock can not be held as the driver is\nnot working with the device at the moment. All functions that use mac-\u003elock\nunlock it just after it was held. There is also no need to hold mac-\u003elock\nfor plfxlc_mac_release() itself, as mac data is not affected, except for\nmac-\u003eflags, which is modified atomically.\n\nThis bug leads to the following warning:\n================================================================\nWARNING: CPU: 0 PID: 127 at drivers/net/wireless/purelifi/plfxlc/mac.c:106 plfxlc_mac_release+0x7d/0xa0\nModules linked in:\nCPU: 0 PID: 127 Comm: kworker/0:2 Not tainted 6.1.124-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:plfxlc_mac_release+0x7d/0xa0 drivers/net/wireless/purelifi/plfxlc/mac.c:106\nCall Trace:\n \u003cTASK\u003e\n probe+0x941/0xbd0 drivers/net/wireless/purelifi/plfxlc/usb.c:694\n usb_probe_interface+0x5c0/0xaf0 drivers/usb/core/driver.c:396\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_set_configuration+0x19dd/0x2020 drivers/usb/core/message.c:2165\n usb_generic_driver_probe+0x84/0x140 drivers/usb/core/generic.c:238\n usb_probe_device+0x130/0x260 drivers/usb/core/driver.c:293\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_new_device+0xbdd/0x18f0 drivers/usb/core/hub.c:2620\n hub_port_connect drivers/usb/core/hub.c:5477 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5617 [inline]\n port_event drivers/usb/core/hub.c:5773 [inline]\n hub_event+0x2efe/0x5730 drivers/usb/core/hub.c:5855\n process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292\n worker_thread+0xa47/0x1200 kernel/workqueue.c:2439\n kthread+0x28d/0x320 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n \u003c/TASK\u003e\n================================================================\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37897",
"url": "https://www.suse.com/security/cve/CVE-2025-37897"
},
{
"category": "external",
"summary": "SUSE Bug 1243534 for CVE-2025-37897",
"url": "https://bugzilla.suse.com/1243534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "low"
}
],
"title": "CVE-2025-37897"
},
{
"cve": "CVE-2025-37900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix two issues in iommu_copy_struct_from_user()\n\nIn the review for iommu_copy_struct_to_user() helper, Matt pointed out that\na NULL pointer should be rejected prior to dereferencing it:\nhttps://lore.kernel.org/all/86881827-8E2D-461C-BDA3-FA8FD14C343C@nvidia.com\n\nAnd Alok pointed out a typo at the same time:\nhttps://lore.kernel.org/all/480536af-6830-43ce-a327-adbd13dc3f1d@oracle.com\n\nSince both issues were copied from iommu_copy_struct_from_user(), fix them\nfirst in the current header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37900",
"url": "https://www.suse.com/security/cve/CVE-2025-37900"
},
{
"category": "external",
"summary": "SUSE Bug 1243560 for CVE-2025-37900",
"url": "https://bugzilla.suse.com/1243560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37900"
},
{
"cve": "CVE-2025-37901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs\n\nOn Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not\nhave a corresponding MPM pin and should not be handled inside the MPM\ndriver. The IRQ domain hierarchy is always applied, so it\u0027s required to\nexplicitly disconnect the hierarchy for those. The pinctrl-msm driver marks\nthese with GPIO_NO_WAKE_IRQ. qcom-pdc has a check for this, but\nirq-qcom-mpm is currently missing the check. This is causing crashes when\nsetting up interrupts for non-wake GPIOs:\n\n root@rb1:~# gpiomon -c gpiochip1 10\n irq: IRQ159: trimming hierarchy from :soc@0:interrupt-controller@f200000-1\n Unable to handle kernel paging request at virtual address ffff8000a1dc3820\n Hardware name: Qualcomm Technologies, Inc. Robotics RB1 (DT)\n pc : mpm_set_type+0x80/0xcc\n lr : mpm_set_type+0x5c/0xcc\n Call trace:\n mpm_set_type+0x80/0xcc (P)\n qcom_mpm_set_type+0x64/0x158\n irq_chip_set_type_parent+0x20/0x38\n msm_gpio_irq_set_type+0x50/0x530\n __irq_set_trigger+0x60/0x184\n __setup_irq+0x304/0x6bc\n request_threaded_irq+0xc8/0x19c\n edge_detector_setup+0x260/0x364\n linereq_create+0x420/0x5a8\n gpio_ioctl+0x2d4/0x6c0\n\nFix this by copying the check for GPIO_NO_WAKE_IRQ from qcom-pdc.c, so that\nMPM is removed entirely from the hierarchy for non-wake GPIOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37901",
"url": "https://www.suse.com/security/cve/CVE-2025-37901"
},
{
"category": "external",
"summary": "SUSE Bug 1243559 for CVE-2025-37901",
"url": "https://bugzilla.suse.com/1243559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37901"
},
{
"cve": "CVE-2025-37903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free in hdcp\n\nThe HDCP code in amdgpu_dm_hdcp.c copies pointers to amdgpu_dm_connector\nobjects without incrementing the kref reference counts. When using a\nUSB-C dock, and the dock is unplugged, the corresponding\namdgpu_dm_connector objects are freed, creating dangling pointers in the\nHDCP code. When the dock is plugged back, the dangling pointers are\ndereferenced, resulting in a slab-use-after-free:\n\n[ 66.775837] BUG: KASAN: slab-use-after-free in event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776171] Read of size 4 at addr ffff888127804120 by task kworker/0:1/10\n\n[ 66.776179] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.14.0-rc7-00180-g54505f727a38-dirty #233\n[ 66.776183] Hardware name: HP HP Pavilion Aero Laptop 13-be0xxx/8916, BIOS F.17 12/18/2024\n[ 66.776186] Workqueue: events event_property_validate [amdgpu]\n[ 66.776494] Call Trace:\n[ 66.776496] \u003cTASK\u003e\n[ 66.776497] dump_stack_lvl+0x70/0xa0\n[ 66.776504] print_report+0x175/0x555\n[ 66.776507] ? __virt_addr_valid+0x243/0x450\n[ 66.776510] ? kasan_complete_mode_report_info+0x66/0x1c0\n[ 66.776515] kasan_report+0xeb/0x1c0\n[ 66.776518] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776819] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777121] __asan_report_load4_noabort+0x14/0x20\n[ 66.777124] event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777342] ? __lock_acquire+0x6b40/0x6b40\n[ 66.777347] ? enable_assr+0x250/0x250 [amdgpu]\n[ 66.777571] process_one_work+0x86b/0x1510\n[ 66.777575] ? pwq_dec_nr_in_flight+0xcf0/0xcf0\n[ 66.777578] ? assign_work+0x16b/0x280\n[ 66.777580] ? lock_is_held_type+0xa3/0x130\n[ 66.777583] worker_thread+0x5c0/0xfa0\n[ 66.777587] ? process_one_work+0x1510/0x1510\n[ 66.777588] kthread+0x3a2/0x840\n[ 66.777591] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777594] ? trace_hardirqs_on+0x4f/0x60\n[ 66.777597] ? _raw_spin_unlock_irq+0x27/0x60\n[ 66.777599] ? calculate_sigpending+0x77/0xa0\n[ 66.777602] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777605] ret_from_fork+0x40/0x90\n[ 66.777607] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777609] ret_from_fork_asm+0x11/0x20\n[ 66.777614] \u003c/TASK\u003e\n\n[ 66.777643] Allocated by task 10:\n[ 66.777646] kasan_save_stack+0x39/0x60\n[ 66.777649] kasan_save_track+0x14/0x40\n[ 66.777652] kasan_save_alloc_info+0x37/0x50\n[ 66.777655] __kasan_kmalloc+0xbb/0xc0\n[ 66.777658] __kmalloc_cache_noprof+0x1c8/0x4b0\n[ 66.777661] dm_dp_add_mst_connector+0xdd/0x5c0 [amdgpu]\n[ 66.777880] drm_dp_mst_port_add_connector+0x47e/0x770 [drm_display_helper]\n[ 66.777892] drm_dp_send_link_address+0x1554/0x2bf0 [drm_display_helper]\n[ 66.777901] drm_dp_check_and_send_link_address+0x187/0x1f0 [drm_display_helper]\n[ 66.777909] drm_dp_mst_link_probe_work+0x2b8/0x410 [drm_display_helper]\n[ 66.777917] process_one_work+0x86b/0x1510\n[ 66.777919] worker_thread+0x5c0/0xfa0\n[ 66.777922] kthread+0x3a2/0x840\n[ 66.777925] ret_from_fork+0x40/0x90\n[ 66.777927] ret_from_fork_asm+0x11/0x20\n\n[ 66.777932] Freed by task 1713:\n[ 66.777935] kasan_save_stack+0x39/0x60\n[ 66.777938] kasan_save_track+0x14/0x40\n[ 66.777940] kasan_save_free_info+0x3b/0x60\n[ 66.777944] __kasan_slab_free+0x52/0x70\n[ 66.777946] kfree+0x13f/0x4b0\n[ 66.777949] dm_dp_mst_connector_destroy+0xfa/0x150 [amdgpu]\n[ 66.778179] drm_connector_free+0x7d/0xb0\n[ 66.778184] drm_mode_object_put.part.0+0xee/0x160\n[ 66.778188] drm_mode_object_put+0x37/0x50\n[ 66.778191] drm_atomic_state_default_clear+0x220/0xd60\n[ 66.778194] __drm_atomic_state_free+0x16e/0x2a0\n[ 66.778197] drm_mode_atomic_ioctl+0x15ed/0x2ba0\n[ 66.778200] drm_ioctl_kernel+0x17a/0x310\n[ 66.778203] drm_ioctl+0x584/0xd10\n[ 66.778206] amdgpu_drm_ioctl+0xd2/0x1c0 [amdgpu]\n[ 66.778375] __x64_sys_ioctl+0x139/0x1a0\n[ 66.778378] x64_sys_call+0xee7/0xfb0\n[ 66.778381] \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37903",
"url": "https://www.suse.com/security/cve/CVE-2025-37903"
},
{
"category": "external",
"summary": "SUSE Bug 1243562 for CVE-2025-37903",
"url": "https://bugzilla.suse.com/1243562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37903"
},
{
"cve": "CVE-2025-37905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Balance device refcount when destroying devices\n\nUsing device_find_child() to lookup the proper SCMI device to destroy\ncauses an unbalance in device refcount, since device_find_child() calls an\nimplicit get_device(): this, in turns, inhibits the call of the provided\nrelease methods upon devices destruction.\n\nAs a consequence, one of the structures that is not freed properly upon\ndestruction is the internal struct device_private dev-\u003ep populated by the\ndrivers subsystem core.\n\nKMemleak detects this situation since loading/unloding some SCMI driver\ncauses related devices to be created/destroyed without calling any\ndevice_release method.\n\nunreferenced object 0xffff00000f583800 (size 512):\n comm \"insmod\", pid 227, jiffies 4294912190\n hex dump (first 32 bytes):\n 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........\n ff ff ff ff ff ff ff ff 60 36 1d 8a 00 80 ff ff ........`6......\n backtrace (crc 114e2eed):\n kmemleak_alloc+0xbc/0xd8\n __kmalloc_cache_noprof+0x2dc/0x398\n device_add+0x954/0x12d0\n device_register+0x28/0x40\n __scmi_device_create.part.0+0x1bc/0x380\n scmi_device_create+0x2d0/0x390\n scmi_create_protocol_devices+0x74/0xf8\n scmi_device_request_notifier+0x1f8/0x2a8\n notifier_call_chain+0x110/0x3b0\n blocking_notifier_call_chain+0x70/0xb0\n scmi_driver_register+0x350/0x7f0\n 0xffff80000a3b3038\n do_one_initcall+0x12c/0x730\n do_init_module+0x1dc/0x640\n load_module+0x4b20/0x5b70\n init_module_from_file+0xec/0x158\n\n$ ./scripts/faddr2line ./vmlinux device_add+0x954/0x12d0\ndevice_add+0x954/0x12d0:\nkmalloc_noprof at include/linux/slab.h:901\n(inlined by) kzalloc_noprof at include/linux/slab.h:1037\n(inlined by) device_private_init at drivers/base/core.c:3510\n(inlined by) device_add at drivers/base/core.c:3561\n\nBalance device refcount by issuing a put_device() on devices found via\ndevice_find_child().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37905",
"url": "https://www.suse.com/security/cve/CVE-2025-37905"
},
{
"category": "external",
"summary": "SUSE Bug 1243456 for CVE-2025-37905",
"url": "https://bugzilla.suse.com/1243456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37905"
},
{
"cve": "CVE-2025-37909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: lan743x: Fix memleak issue when GSO enabled\n\nAlways map the `skb` to the LS descriptor. Previously skb was\nmapped to EXT descriptor when the number of fragments is zero with\nGSO enabled. Mapping the skb to EXT descriptor prevents it from\nbeing freed, leading to a memory leak",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37909",
"url": "https://www.suse.com/security/cve/CVE-2025-37909"
},
{
"category": "external",
"summary": "SUSE Bug 1243467 for CVE-2025-37909",
"url": "https://bugzilla.suse.com/1243467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37909"
},
{
"cve": "CVE-2025-37911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix out-of-bound memcpy() during ethtool -w\n\nWhen retrieving the FW coredump using ethtool, it can sometimes cause\nmemory corruption:\n\nBUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nCorrupted memory at 0x000000008f0f30e8 [ ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ] (in kfence-#45):\n__bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nethtool_get_dump_data+0xdc/0x1a0\n__dev_ethtool+0xa1e/0x1af0\ndev_ethtool+0xa8/0x170\ndev_ioctl+0x1b5/0x580\nsock_do_ioctl+0xab/0xf0\nsock_ioctl+0x1ce/0x2e0\n__x64_sys_ioctl+0x87/0xc0\ndo_syscall_64+0x5c/0xf0\nentry_SYSCALL_64_after_hwframe+0x78/0x80\n\n...\n\nThis happens when copying the coredump segment list in\nbnxt_hwrm_dbg_dma_data() with the HWRM_DBG_COREDUMP_LIST FW command.\nThe info-\u003edest_buf buffer is allocated based on the number of coredump\nsegments returned by the FW. The segment list is then DMA\u0027ed by\nthe FW and the length of the DMA is returned by FW. The driver then\ncopies this DMA\u0027ed segment list to info-\u003edest_buf.\n\nIn some cases, this DMA length may exceed the info-\u003edest_buf length\nand cause the above BUG condition. Fix it by capping the copy\nlength to not exceed the length of info-\u003edest_buf. The extra\nDMA data contains no useful information.\n\nThis code path is shared for the HWRM_DBG_COREDUMP_LIST and the\nHWRM_DBG_COREDUMP_RETRIEVE FW commands. The buffering is different\nfor these 2 FW commands. To simplify the logic, we need to move\nthe line to adjust the buffer length for HWRM_DBG_COREDUMP_RETRIEVE\nup, so that the new check to cap the copy length will work for both\ncommands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37911",
"url": "https://www.suse.com/security/cve/CVE-2025-37911"
},
{
"category": "external",
"summary": "SUSE Bug 1243469 for CVE-2025-37911",
"url": "https://bugzilla.suse.com/1243469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37911"
},
{
"cve": "CVE-2025-37912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()\n\nAs mentioned in the commit baeb705fd6a7 (\"ice: always check VF VSI\npointer values\"), we need to perform a null pointer check on the return\nvalue of ice_get_vf_vsi() before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37912",
"url": "https://www.suse.com/security/cve/CVE-2025-37912"
},
{
"category": "external",
"summary": "SUSE Bug 1243470 for CVE-2025-37912",
"url": "https://bugzilla.suse.com/1243470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37912"
},
{
"cve": "CVE-2025-37913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: qfq: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of qfq, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nThis patch checks whether the class was already added to the agg-\u003eactive\nlist (cl_is_active) before doing the addition to cater for the reentrant\ncase.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37913",
"url": "https://www.suse.com/security/cve/CVE-2025-37913"
},
{
"category": "external",
"summary": "SUSE Bug 1243471 for CVE-2025-37913",
"url": "https://bugzilla.suse.com/1243471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37913"
},
{
"cve": "CVE-2025-37914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: ets: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of ets, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether\nthe class was already added to the active_list (cl_is_active) before\ndoing the addition to cater for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37914",
"url": "https://www.suse.com/security/cve/CVE-2025-37914"
},
{
"category": "external",
"summary": "SUSE Bug 1243472 for CVE-2025-37914",
"url": "https://bugzilla.suse.com/1243472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37914"
},
{
"cve": "CVE-2025-37915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: drr: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of drr, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether the\nclass was already added to the active_list (cl_is_active) before adding\nto the list to cover for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37915",
"url": "https://www.suse.com/security/cve/CVE-2025-37915"
},
{
"category": "external",
"summary": "SUSE Bug 1243473 for CVE-2025-37915",
"url": "https://bugzilla.suse.com/1243473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37915"
},
{
"cve": "CVE-2025-37917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll\n\nUse spin_lock_irqsave and spin_unlock_irqrestore instead of spin_lock\nand spin_unlock in mtk_star_emac driver to avoid spinlock recursion\noccurrence that can happen when enabling the DMA interrupts again in\nrx/tx poll.\n\n```\nBUG: spinlock recursion on CPU#0, swapper/0/0\n lock: 0xffff00000db9cf20, .magic: dead4ead, .owner: swapper/0/0,\n .owner_cpu: 0\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted\n 6.15.0-rc2-next-20250417-00001-gf6a27738686c-dirty #28 PREEMPT\nHardware name: MediaTek MT8365 Open Platform EVK (DT)\nCall trace:\n show_stack+0x18/0x24 (C)\n dump_stack_lvl+0x60/0x80\n dump_stack+0x18/0x24\n spin_dump+0x78/0x88\n do_raw_spin_lock+0x11c/0x120\n _raw_spin_lock+0x20/0x2c\n mtk_star_handle_irq+0xc0/0x22c [mtk_star_emac]\n __handle_irq_event_percpu+0x48/0x140\n handle_irq_event+0x4c/0xb0\n handle_fasteoi_irq+0xa0/0x1bc\n handle_irq_desc+0x34/0x58\n generic_handle_domain_irq+0x1c/0x28\n gic_handle_irq+0x4c/0x120\n do_interrupt_handler+0x50/0x84\n el1_interrupt+0x34/0x68\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x6c/0x70\n regmap_mmio_read32le+0xc/0x20 (P)\n _regmap_bus_reg_read+0x6c/0xac\n _regmap_read+0x60/0xdc\n regmap_read+0x4c/0x80\n mtk_star_rx_poll+0x2f4/0x39c [mtk_star_emac]\n __napi_poll+0x38/0x188\n net_rx_action+0x164/0x2c0\n handle_softirqs+0x100/0x244\n __do_softirq+0x14/0x20\n ____do_softirq+0x10/0x20\n call_on_irq_stack+0x24/0x64\n do_softirq_own_stack+0x1c/0x40\n __irq_exit_rcu+0xd4/0x10c\n irq_exit_rcu+0x10/0x1c\n el1_interrupt+0x38/0x68\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x6c/0x70\n cpuidle_enter_state+0xac/0x320 (P)\n cpuidle_enter+0x38/0x50\n do_idle+0x1e4/0x260\n cpu_startup_entry+0x34/0x3c\n rest_init+0xdc/0xe0\n console_on_rootfs+0x0/0x6c\n __primary_switched+0x88/0x90\n```",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37917",
"url": "https://www.suse.com/security/cve/CVE-2025-37917"
},
{
"category": "external",
"summary": "SUSE Bug 1243475 for CVE-2025-37917",
"url": "https://bugzilla.suse.com/1243475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37917"
},
{
"cve": "CVE-2025-37918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: avoid NULL pointer dereference in skb_dequeue()\n\nA NULL pointer dereference can occur in skb_dequeue() when processing a\nQCA firmware crash dump on WCN7851 (0489:e0f3).\n\n[ 93.672166] Bluetooth: hci0: ACL memdump size(589824)\n\n[ 93.672475] BUG: kernel NULL pointer dereference, address: 0000000000000008\n[ 93.672517] Workqueue: hci0 hci_devcd_rx [bluetooth]\n[ 93.672598] RIP: 0010:skb_dequeue+0x50/0x80\n\nThe issue stems from handle_dump_pkt_qca() returning 0 even when a dump\npacket is successfully processed. This is because it incorrectly\nforwards the return value of hci_devcd_init() (which returns 0 on\nsuccess). As a result, the caller (btusb_recv_acl_qca() or\nbtusb_recv_evt_qca()) assumes the packet was not handled and passes it\nto hci_recv_frame(), leading to premature kfree() of the skb.\n\nLater, hci_devcd_rx() attempts to dequeue the same skb from the dump\nqueue, resulting in a NULL pointer dereference.\n\nFix this by:\n1. Making handle_dump_pkt_qca() return 0 on success and negative errno\n on failure, consistent with kernel conventions.\n2. Splitting dump packet detection into separate functions for ACL\n and event packets for better structure and readability.\n\nThis ensures dump packets are properly identified and consumed, avoiding\ndouble handling and preventing NULL pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37918",
"url": "https://www.suse.com/security/cve/CVE-2025-37918"
},
{
"category": "external",
"summary": "SUSE Bug 1243476 for CVE-2025-37918",
"url": "https://bugzilla.suse.com/1243476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37918"
},
{
"cve": "CVE-2025-37921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: vnifilter: Fix unlocked deletion of default FDB entry\n\nWhen a VNI is deleted from a VXLAN device in \u0027vnifilter\u0027 mode, the FDB\nentry associated with the default remote (assuming one was configured)\nis deleted without holding the hash lock. This is wrong and will result\nin a warning [1] being generated by the lockdep annotation that was\nadded by commit ebe642067455 (\"vxlan: Create wrappers for FDB lookup\").\n\nReproducer:\n\n # ip link add vx0 up type vxlan dstport 4789 external vnifilter local 192.0.2.1\n # bridge vni add vni 10010 remote 198.51.100.1 dev vx0\n # bridge vni del vni 10010 dev vx0\n\nFix by acquiring the hash lock before the deletion and releasing it\nafterwards. Blame the original commit that introduced the issue rather\nthan the one that exposed it.\n\n[1]\nWARNING: CPU: 3 PID: 392 at drivers/net/vxlan/vxlan_core.c:417 vxlan_find_mac+0x17f/0x1a0\n[...]\nRIP: 0010:vxlan_find_mac+0x17f/0x1a0\n[...]\nCall Trace:\n \u003cTASK\u003e\n __vxlan_fdb_delete+0xbe/0x560\n vxlan_vni_delete_group+0x2ba/0x940\n vxlan_vni_del.isra.0+0x15f/0x580\n vxlan_process_vni_filter+0x38b/0x7b0\n vxlan_vnifilter_process+0x3bb/0x510\n rtnetlink_rcv_msg+0x2f7/0xb70\n netlink_rcv_skb+0x131/0x360\n netlink_unicast+0x426/0x710\n netlink_sendmsg+0x75a/0xc20\n __sock_sendmsg+0xc1/0x150\n ____sys_sendmsg+0x5aa/0x7b0\n ___sys_sendmsg+0xfc/0x180\n __sys_sendmsg+0x121/0x1b0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37921",
"url": "https://www.suse.com/security/cve/CVE-2025-37921"
},
{
"category": "external",
"summary": "SUSE Bug 1243480 for CVE-2025-37921",
"url": "https://bugzilla.suse.com/1243480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37921"
},
{
"cve": "CVE-2025-37923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix oob write in trace_seq_to_buffer()\n\nsyzbot reported this bug:\n==================================================================\nBUG: KASAN: slab-out-of-bounds in trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\nBUG: KASAN: slab-out-of-bounds in tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\nWrite of size 4507 at addr ffff888032b6b000 by task syz.2.320/7260\n\nCPU: 1 UID: 0 PID: 7260 Comm: syz.2.320 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xc3/0x670 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n __asan_memcpy+0x3c/0x60 mm/kasan/shadow.c:106\n trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\n tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\n ....\n==================================================================\n\nIt has been reported that trace_seq_to_buffer() tries to copy more data\nthan PAGE_SIZE to buf. Therefore, to prevent this, we should use the\nsmaller of trace_seq_used(\u0026iter-\u003eseq) and PAGE_SIZE as an argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37923",
"url": "https://www.suse.com/security/cve/CVE-2025-37923"
},
{
"category": "external",
"summary": "SUSE Bug 1243551 for CVE-2025-37923",
"url": "https://bugzilla.suse.com/1243551"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37923"
},
{
"cve": "CVE-2025-37925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: reject on-disk inodes of an unsupported type\n\nSyzbot has reported the following BUG:\n\nkernel BUG at fs/inode.c:668!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted 6.12.0-rc4-syzkaller-00085-g4e46774408d9 #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\nRIP: 0010:clear_inode+0x168/0x190\nCode: 4c 89 f7 e8 ba fe e5 ff e9 61 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 7c c1 4c 89 f7 e8 90 ff e5 ff eb b7\n 0b e8 01 5d 7f ff 90 0f 0b e8 f9 5c 7f ff 90 0f 0b e8 f1 5c 7f\nRSP: 0018:ffffc900027dfae8 EFLAGS: 00010093\nRAX: ffffffff82157a87 RBX: 0000000000000001 RCX: ffff888104d4b980\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\nRBP: ffffc900027dfc90 R08: ffffffff82157977 R09: fffff520004fbf38\nR10: dffffc0000000000 R11: fffff520004fbf38 R12: dffffc0000000000\nR13: ffff88811315bc00 R14: ffff88811315bda8 R15: ffff88811315bb80\nFS: 0000000000000000(0000) GS:ffff888135f00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005565222e0578 CR3: 0000000026ef0000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n ? __die_body+0x5f/0xb0\n ? die+0x9e/0xc0\n ? do_trap+0x15a/0x3a0\n ? clear_inode+0x168/0x190\n ? do_error_trap+0x1dc/0x2c0\n ? clear_inode+0x168/0x190\n ? __pfx_do_error_trap+0x10/0x10\n ? report_bug+0x3cd/0x500\n ? handle_invalid_op+0x34/0x40\n ? clear_inode+0x168/0x190\n ? exc_invalid_op+0x38/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? clear_inode+0x57/0x190\n ? clear_inode+0x167/0x190\n ? clear_inode+0x168/0x190\n ? clear_inode+0x167/0x190\n jfs_evict_inode+0xb5/0x440\n ? __pfx_jfs_evict_inode+0x10/0x10\n evict+0x4ea/0x9b0\n ? __pfx_evict+0x10/0x10\n ? iput+0x713/0xa50\n txUpdateMap+0x931/0xb10\n ? __pfx_txUpdateMap+0x10/0x10\n jfs_lazycommit+0x49a/0xb80\n ? _raw_spin_unlock_irqrestore+0x8f/0x140\n ? lockdep_hardirqs_on+0x99/0x150\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_default_wake_function+0x10/0x10\n ? __kthread_parkme+0x169/0x1d0\n ? __pfx_jfs_lazycommit+0x10/0x10\n kthread+0x2f2/0x390\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4d/0x80\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nThis happens when \u0027clear_inode()\u0027 makes an attempt to finalize an underlying\nJFS inode of unknown type. According to JFS layout description from\nhttps://jfs.sourceforge.net/project/pub/jfslayout.pdf, inode types from 5 to\n15 are reserved for future extensions and should not be encountered on a valid\nfilesystem. So add an extra check for valid inode type in \u0027copy_from_dinode()\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37925",
"url": "https://www.suse.com/security/cve/CVE-2025-37925"
},
{
"category": "external",
"summary": "SUSE Bug 1241654 for CVE-2025-37925",
"url": "https://bugzilla.suse.com/1241654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37925"
},
{
"cve": "CVE-2025-37927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid\n\nThere is a string parsing logic error which can lead to an overflow of hid\nor uid buffers. Comparing ACPIID_LEN against a total string length doesn\u0027t\ntake into account the lengths of individual hid and uid buffers so the\ncheck is insufficient in some cases. For example if the length of hid\nstring is 4 and the length of the uid string is 260, the length of str\nwill be equal to ACPIID_LEN + 1 but uid string will overflow uid buffer\nwhich size is 256.\n\nThe same applies to the hid string with length 13 and uid string with\nlength 250.\n\nCheck the length of hid and uid strings separately to prevent\nbuffer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37927",
"url": "https://www.suse.com/security/cve/CVE-2025-37927"
},
{
"category": "external",
"summary": "SUSE Bug 1243620 for CVE-2025-37927",
"url": "https://bugzilla.suse.com/1243620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37927"
},
{
"cve": "CVE-2025-37928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-bufio: don\u0027t schedule in atomic context\n\nA BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and\ntry_verify_in_tasklet are enabled.\n[ 129.444685][ T934] BUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2421\n[ 129.444723][ T934] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 934, name: kworker/1:4\n[ 129.444740][ T934] preempt_count: 201, expected: 0\n[ 129.444756][ T934] RCU nest depth: 0, expected: 0\n[ 129.444781][ T934] Preemption disabled at:\n[ 129.444789][ T934] [\u003cffffffd816231900\u003e] shrink_work+0x21c/0x248\n[ 129.445167][ T934] kernel BUG at kernel/sched/walt/walt_debug.c:16!\n[ 129.445183][ T934] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ 129.445204][ T934] Skip md ftrace buffer dump for: 0x1609e0\n[ 129.447348][ T934] CPU: 1 PID: 934 Comm: kworker/1:4 Tainted: G W OE 6.6.56-android15-8-o-g6f82312b30b9-debug #1 1400000003000000474e5500b3187743670464e8\n[ 129.447362][ T934] Hardware name: Qualcomm Technologies, Inc. Parrot QRD, Alpha-M (DT)\n[ 129.447373][ T934] Workqueue: dm_bufio_cache shrink_work\n[ 129.447394][ T934] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 129.447406][ T934] pc : android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug]\n[ 129.447435][ T934] lr : __traceiter_android_rvh_schedule_bug+0x44/0x6c\n[ 129.447451][ T934] sp : ffffffc0843dbc90\n[ 129.447459][ T934] x29: ffffffc0843dbc90 x28: ffffffffffffffff x27: 0000000000000c8b\n[ 129.447479][ T934] x26: 0000000000000040 x25: ffffff804b3d6260 x24: ffffffd816232b68\n[ 129.447497][ T934] x23: ffffff805171c5b4 x22: 0000000000000000 x21: ffffffd816231900\n[ 129.447517][ T934] x20: ffffff80306ba898 x19: 0000000000000000 x18: ffffffc084159030\n[ 129.447535][ T934] x17: 00000000d2b5dd1f x16: 00000000d2b5dd1f x15: ffffffd816720358\n[ 129.447554][ T934] x14: 0000000000000004 x13: ffffff89ef978000 x12: 0000000000000003\n[ 129.447572][ T934] x11: ffffffd817a823c4 x10: 0000000000000202 x9 : 7e779c5735de9400\n[ 129.447591][ T934] x8 : ffffffd81560d004 x7 : 205b5d3938373434 x6 : ffffffd8167397c8\n[ 129.447610][ T934] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffffffc0843db9e0\n[ 129.447629][ T934] x2 : 0000000000002f15 x1 : 0000000000000000 x0 : 0000000000000000\n[ 129.447647][ T934] Call trace:\n[ 129.447655][ T934] android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug 1400000003000000474e550080cce8a8a78606b6]\n[ 129.447681][ T934] __might_resched+0x190/0x1a8\n[ 129.447694][ T934] shrink_work+0x180/0x248\n[ 129.447706][ T934] process_one_work+0x260/0x624\n[ 129.447718][ T934] worker_thread+0x28c/0x454\n[ 129.447729][ T934] kthread+0x118/0x158\n[ 129.447742][ T934] ret_from_fork+0x10/0x20\n[ 129.447761][ T934] Code: ???????? ???????? ???????? d2b5dd1f (d4210000)\n[ 129.447772][ T934] ---[ end trace 0000000000000000 ]---\n\ndm_bufio_lock will call spin_lock_bh when try_verify_in_tasklet\nis enabled, and __scan will be called in atomic context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37928",
"url": "https://www.suse.com/security/cve/CVE-2025-37928"
},
{
"category": "external",
"summary": "SUSE Bug 1243621 for CVE-2025-37928",
"url": "https://bugzilla.suse.com/1243621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37928"
},
{
"cve": "CVE-2025-37929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays\n\nCommit a5951389e58d (\"arm64: errata: Add newer ARM cores to the\nspectre_bhb_loop_affected() lists\") added some additional CPUs to the\nSpectre-BHB workaround, including some new arrays for designs that\nrequire new \u0027k\u0027 values for the workaround to be effective.\n\nUnfortunately, the new arrays omitted the sentinel entry and so\nis_midr_in_range_list() will walk off the end when it doesn\u0027t find a\nmatch. With UBSAN enabled, this leads to a crash during boot when\nis_midr_in_range_list() is inlined (which was more common prior to\nc8c2647e69be (\"arm64: Make _midr_in_range_list() an exported\nfunction\")):\n\n | Internal error: aarch64 BRK: 00000000f2000001 [#1] PREEMPT SMP\n | pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n | pc : spectre_bhb_loop_affected+0x28/0x30\n | lr : is_spectre_bhb_affected+0x170/0x190\n | [...]\n | Call trace:\n | spectre_bhb_loop_affected+0x28/0x30\n | update_cpu_capabilities+0xc0/0x184\n | init_cpu_features+0x188/0x1a4\n | cpuinfo_store_boot_cpu+0x4c/0x60\n | smp_prepare_boot_cpu+0x38/0x54\n | start_kernel+0x8c/0x478\n | __primary_switched+0xc8/0xd4\n | Code: 6b09011f 54000061 52801080 d65f03c0 (d4200020)\n | ---[ end trace 0000000000000000 ]---\n | Kernel panic - not syncing: aarch64 BRK: Fatal exception\n\nAdd the missing sentinel entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37929",
"url": "https://www.suse.com/security/cve/CVE-2025-37929"
},
{
"category": "external",
"summary": "SUSE Bug 1243624 for CVE-2025-37929",
"url": "https://bugzilla.suse.com/1243624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37929"
},
{
"cve": "CVE-2025-37930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()\n\nNouveau is mostly designed in a way that it\u0027s expected that fences only\never get signaled through nouveau_fence_signal(). However, in at least\none other place, nouveau_fence_done(), can signal fences, too. If that\nhappens (race) a signaled fence remains in the pending list for a while,\nuntil it gets removed by nouveau_fence_update().\n\nShould nouveau_fence_context_kill() run in the meantime, this would be\na bug because the function would attempt to set an error code on an\nalready signaled fence.\n\nHave nouveau_fence_context_kill() check for a fence being signaled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37930",
"url": "https://www.suse.com/security/cve/CVE-2025-37930"
},
{
"category": "external",
"summary": "SUSE Bug 1243625 for CVE-2025-37930",
"url": "https://bugzilla.suse.com/1243625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37930"
},
{
"cve": "CVE-2025-37931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: adjust subpage bit start based on sectorsize\n\nWhen running machines with 64k page size and a 16k nodesize we started\nseeing tree log corruption in production. This turned out to be because\nwe were not writing out dirty blocks sometimes, so this in fact affects\nall metadata writes.\n\nWhen writing out a subpage EB we scan the subpage bitmap for a dirty\nrange. If the range isn\u0027t dirty we do\n\n\tbit_start++;\n\nto move onto the next bit. The problem is the bitmap is based on the\nnumber of sectors that an EB has. So in this case, we have a 64k\npagesize, 16k nodesize, but a 4k sectorsize. This means our bitmap is 4\nbits for every node. With a 64k page size we end up with 4 nodes per\npage.\n\nTo make this easier this is how everything looks\n\n[0 16k 32k 48k ] logical address\n[0 4 8 12 ] radix tree offset\n[ 64k page ] folio\n[ 16k eb ][ 16k eb ][ 16k eb ][ 16k eb ] extent buffers\n[ | | | | | | | | | | | | | | | | ] bitmap\n\nNow we use all of our addressing based on fs_info-\u003esectorsize_bits, so\nas you can see the above our 16k eb-\u003estart turns into radix entry 4.\n\nWhen we find a dirty range for our eb, we correctly do bit_start +=\nsectors_per_node, because if we start at bit 0, the next bit for the\nnext eb is 4, to correspond to eb-\u003estart 16k.\n\nHowever if our range is clean, we will do bit_start++, which will now\nput us offset from our radix tree entries.\n\nIn our case, assume that the first time we check the bitmap the block is\nnot dirty, we increment bit_start so now it == 1, and then we loop\naround and check again. This time it is dirty, and we go to find that\nstart using the following equation\n\n\tstart = folio_start + bit_start * fs_info-\u003esectorsize;\n\nso in the case above, eb-\u003estart 0 is now dirty, and we calculate start\nas\n\n\t0 + 1 * fs_info-\u003esectorsize = 4096\n\t4096 \u003e\u003e 12 = 1\n\nNow we\u0027re looking up the radix tree for 1, and we won\u0027t find an eb.\nWhat\u0027s worse is now we\u0027re using bit_start == 1, so we do bit_start +=\nsectors_per_node, which is now 5. If that eb is dirty we will run into\nthe same thing, we will look at an offset that is not populated in the\nradix tree, and now we\u0027re skipping the writeout of dirty extent buffers.\n\nThe best fix for this is to not use sectorsize_bits to address nodes,\nbut that\u0027s a larger change. Since this is a fs corruption problem fix\nit simply by always using sectors_per_node to increment the start bit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37931",
"url": "https://www.suse.com/security/cve/CVE-2025-37931"
},
{
"category": "external",
"summary": "SUSE Bug 1243626 for CVE-2025-37931",
"url": "https://bugzilla.suse.com/1243626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37931"
},
{
"cve": "CVE-2025-37932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_qlen_notify() idempotent\n\nhtb_qlen_notify() always deactivates the HTB class and in fact could\ntrigger a warning if it is already deactivated. Therefore, it is not\nidempotent and not friendly to its callers, like fq_codel_dequeue().\n\nLet\u0027s make it idempotent to ease qdisc_tree_reduce_backlog() callers\u0027\nlife.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37932",
"url": "https://www.suse.com/security/cve/CVE-2025-37932"
},
{
"category": "external",
"summary": "SUSE Bug 1243627 for CVE-2025-37932",
"url": "https://bugzilla.suse.com/1243627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37932"
},
{
"cve": "CVE-2025-37933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37933"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteon_ep: Fix host hang issue during device reboot\n\nWhen the host loses heartbeat messages from the device,\nthe driver calls the device-specific ndo_stop function,\nwhich frees the resources. If the driver is unloaded in\nthis scenario, it calls ndo_stop again, attempting to free\nresources that have already been freed, leading to a host\nhang issue. To resolve this, dev_close should be called\ninstead of the device-specific stop function.dev_close\ninternally calls ndo_stop to stop the network interface\nand performs additional cleanup tasks. During the driver\nunload process, if the device is already down, ndo_stop\nis not called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37933",
"url": "https://www.suse.com/security/cve/CVE-2025-37933"
},
{
"category": "external",
"summary": "SUSE Bug 1243628 for CVE-2025-37933",
"url": "https://bugzilla.suse.com/1243628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37933"
},
{
"cve": "CVE-2025-37934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction\n\nActually check if the passed pointers are valid, before writing to them.\nThis also fixes a USBAN warning:\nUBSAN: invalid-load in ../sound/soc/fsl/imx-card.c:687:25\nload of value 255 is not a valid value for type \u0027_Bool\u0027\n\nThis is because playback_only is uninitialized and is not written to, as\nthe playback-only property is absent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37934",
"url": "https://www.suse.com/security/cve/CVE-2025-37934"
},
{
"category": "external",
"summary": "SUSE Bug 1243548 for CVE-2025-37934",
"url": "https://bugzilla.suse.com/1243548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37934"
},
{
"cve": "CVE-2025-37936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU\u0027s value.\n\nWhen generating the MSR_IA32_PEBS_ENABLE value that will be loaded on\nVM-Entry to a KVM guest, mask the value with the vCPU\u0027s desired PEBS_ENABLE\nvalue. Consulting only the host kernel\u0027s host vs. guest masks results in\nrunning the guest with PEBS enabled even when the guest doesn\u0027t want to use\nPEBS. Because KVM uses perf events to proxy the guest virtual PMU, simply\nlooking at exclude_host can\u0027t differentiate between events created by host\nuserspace, and events created by KVM on behalf of the guest.\n\nRunning the guest with PEBS unexpectedly enabled typically manifests as\ncrashes due to a near-infinite stream of #PFs. E.g. if the guest hasn\u0027t\nwritten MSR_IA32_DS_AREA, the CPU will hit page faults on address \u00270\u0027 when\ntrying to record PEBS events.\n\nThe issue is most easily reproduced by running `perf kvm top` from before\ncommit 7b100989b4f6 (\"perf evlist: Remove __evlist__add_default\") (after\nwhich, `perf kvm top` effectively stopped using PEBS).\tThe userspace side\nof perf creates a guest-only PEBS event, which intel_guest_get_msrs()\nmisconstrues a guest-*owned* PEBS event.\n\nArguably, this is a userspace bug, as enabling PEBS on guest-only events\nsimply cannot work, and userspace can kill VMs in many other ways (there\nis no danger to the host). However, even if this is considered to be bad\nuserspace behavior, there\u0027s zero downside to perf/KVM restricting PEBS to\nguest-owned events.\n\nNote, commit 854250329c02 (\"KVM: x86/pmu: Disable guest PEBS temporarily\nin two rare situations\") fixed the case where host userspace is profiling\nKVM *and* userspace, but missed the case where userspace is profiling only\nKVM.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37936",
"url": "https://www.suse.com/security/cve/CVE-2025-37936"
},
{
"category": "external",
"summary": "SUSE Bug 1243537 for CVE-2025-37936",
"url": "https://bugzilla.suse.com/1243537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37936"
},
{
"cve": "CVE-2025-37937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds()\n\nIf dib8000_set_dds()\u0027s call to dib8000_read32() returns zero, the result\nis a divide-by-zero. Prevent that from happening.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/media/dvb-frontends/dib8000.o: warning: objtool: dib8000_tune() falls through to next function dib8096p_cfg_DibRx()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37937",
"url": "https://www.suse.com/security/cve/CVE-2025-37937"
},
{
"category": "external",
"summary": "SUSE Bug 1243540 for CVE-2025-37937",
"url": "https://bugzilla.suse.com/1243540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37937"
},
{
"cve": "CVE-2025-37938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Verify event formats that have \"%*p..\"\n\nThe trace event verifier checks the formats of trace events to make sure\nthat they do not point at memory that is not in the trace event itself or\nin data that will never be freed. If an event references data that was\nallocated when the event triggered and that same data is freed before the\nevent is read, then the kernel can crash by reading freed memory.\n\nThe verifier runs at boot up (or module load) and scans the print formats\nof the events and checks their arguments to make sure that dereferenced\npointers are safe. If the format uses \"%*p..\" the verifier will ignore it,\nand that could be dangerous. Cover this case as well.\n\nAlso add to the sample code a use case of \"%*pbl\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37938",
"url": "https://www.suse.com/security/cve/CVE-2025-37938"
},
{
"category": "external",
"summary": "SUSE Bug 1243544 for CVE-2025-37938",
"url": "https://bugzilla.suse.com/1243544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37938"
},
{
"cve": "CVE-2025-37943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi\n\nIn certain cases, hardware might provide packets with a\nlength greater than the maximum native Wi-Fi header length.\nThis can lead to accessing and modifying fields in the header\nwithin the ath12k_dp_rx_h_undecap_nwifi function for\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type and\npotentially resulting in invalid data access and memory corruption.\n\nAdd a sanity check before processing the SKB to prevent invalid\ndata access in the undecap native Wi-Fi function for the\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37943",
"url": "https://www.suse.com/security/cve/CVE-2025-37943"
},
{
"category": "external",
"summary": "SUSE Bug 1243509 for CVE-2025-37943",
"url": "https://bugzilla.suse.com/1243509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37943"
},
{
"cve": "CVE-2025-37944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process\n\nCurrently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry\nto fetch the next entry from the destination ring. This is incorrect because\nath12k_hal_srng_src_get_next_entry is intended for source rings, not destination\nrings. This leads to invalid entry fetches, causing potential data corruption or\ncrashes due to accessing incorrect memory locations. This happens because the\nsource ring and destination ring have different handling mechanisms and using\nthe wrong function results in incorrect pointer arithmetic and ring management.\n\nTo fix this issue, replace the call to ath12k_hal_srng_src_get_next_entry with\nath12k_hal_srng_dst_get_next_entry in ath12k_dp_mon_srng_process. This ensures\nthat the correct function is used for fetching entries from the destination\nring, preventing invalid memory accesses.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37944",
"url": "https://www.suse.com/security/cve/CVE-2025-37944"
},
{
"category": "external",
"summary": "SUSE Bug 1243530 for CVE-2025-37944",
"url": "https://bugzilla.suse.com/1243530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37944"
},
{
"cve": "CVE-2025-37945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY\n\nDSA has 2 kinds of drivers:\n\n1. Those who call dsa_switch_suspend() and dsa_switch_resume() from\n their device PM ops: qca8k-8xxx, bcm_sf2, microchip ksz\n2. Those who don\u0027t: all others. The above methods should be optional.\n\nFor type 1, dsa_switch_suspend() calls dsa_user_suspend() -\u003e phylink_stop(),\nand dsa_switch_resume() calls dsa_user_resume() -\u003e phylink_start().\nThese seem good candidates for setting mac_managed_pm = true because\nthat is essentially its definition [1], but that does not seem to be the\nbiggest problem for now, and is not what this change focuses on.\n\nTalking strictly about the 2nd category of DSA drivers here (which\ndo not have MAC managed PM, meaning that for their attached PHYs,\nmdio_bus_phy_suspend() and mdio_bus_phy_resume() should run in full),\nI have noticed that the following warning from mdio_bus_phy_resume() is\ntriggered:\n\n\tWARN_ON(phydev-\u003estate != PHY_HALTED \u0026\u0026 phydev-\u003estate != PHY_READY \u0026\u0026\n\t\tphydev-\u003estate != PHY_UP);\n\nbecause the PHY state machine is running.\n\nIt\u0027s running as a result of a previous dsa_user_open() -\u003e ... -\u003e\nphylink_start() -\u003e phy_start() having been initiated by the user.\n\nThe previous mdio_bus_phy_suspend() was supposed to have called\nphy_stop_machine(), but it didn\u0027t. So this is why the PHY is in state\nPHY_NOLINK by the time mdio_bus_phy_resume() runs.\n\nmdio_bus_phy_suspend() did not call phy_stop_machine() because for\nphylink, the phydev-\u003eadjust_link function pointer is NULL. This seems a\ntechnicality introduced by commit fddd91016d16 (\"phylib: fix PAL state\nmachine restart on resume\"). That commit was written before phylink\nexisted, and was intended to avoid crashing with consumer drivers which\ndon\u0027t use the PHY state machine - phylink always does, when using a PHY.\nBut phylink itself has historically not been developed with\nsuspend/resume in mind, and apparently not tested too much in that\nscenario, allowing this bug to exist unnoticed for so long. Plus, prior\nto the WARN_ON(), it would have likely been invisible.\n\nThis issue is not in fact restricted to type 2 DSA drivers (according to\nthe above ad-hoc classification), but can be extrapolated to any MAC\ndriver with phylink and MDIO-bus-managed PHY PM ops. DSA is just where\nthe issue was reported. Assuming mac_managed_pm is set correctly, a\nquick search indicates the following other drivers might be affected:\n\n$ grep -Zlr PHYLINK_NETDEV drivers/ | xargs -0 grep -L mac_managed_pm\ndrivers/net/ethernet/atheros/ag71xx.c\ndrivers/net/ethernet/microchip/sparx5/sparx5_main.c\ndrivers/net/ethernet/microchip/lan966x/lan966x_main.c\ndrivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c\ndrivers/net/ethernet/freescale/fs_enet/fs_enet-main.c\ndrivers/net/ethernet/freescale/dpaa/dpaa_eth.c\ndrivers/net/ethernet/freescale/ucc_geth.c\ndrivers/net/ethernet/freescale/enetc/enetc_pf_common.c\ndrivers/net/ethernet/marvell/mvpp2/mvpp2_main.c\ndrivers/net/ethernet/marvell/mvneta.c\ndrivers/net/ethernet/marvell/prestera/prestera_main.c\ndrivers/net/ethernet/mediatek/mtk_eth_soc.c\ndrivers/net/ethernet/altera/altera_tse_main.c\ndrivers/net/ethernet/wangxun/txgbe/txgbe_phy.c\ndrivers/net/ethernet/meta/fbnic/fbnic_phylink.c\ndrivers/net/ethernet/tehuti/tn40_phy.c\ndrivers/net/ethernet/mscc/ocelot_net.c\n\nMake the existing conditions dependent on the PHY device having a\nphydev-\u003ephy_link_change() implementation equal to the default\nphy_link_change() provided by phylib. Otherwise, we implicitly know that\nthe phydev has the phylink-provided phylink_phy_change() callback, and\nwhen phylink is used, the PHY state machine always needs to be stopped/\nstarted on the suspend/resume path. The code is structured as such that\nif phydev-\u003ephy_link_change() is absent, it is a matter of time until the\nkernel will crash - no need to further complicate the test.\n\nThus, for the situation where the PM is not managed b\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37945",
"url": "https://www.suse.com/security/cve/CVE-2025-37945"
},
{
"category": "external",
"summary": "SUSE Bug 1243538 for CVE-2025-37945",
"url": "https://bugzilla.suse.com/1243538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37945"
},
{
"cve": "CVE-2025-37946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37946"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs\n\nWith commit bcb5d6c76903 (\"s390/pci: introduce lock to synchronize state\nof zpci_dev\u0027s\") the code to ignore power off of a PF that has child VFs\nwas changed from a direct return to a goto to the unlock and\npci_dev_put() section. The change however left the existing pci_dev_put()\nuntouched resulting in a doubple put. This can subsequently cause a use\nafter free if the struct pci_dev is released in an unexpected state.\nFix this by removing the extra pci_dev_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37946",
"url": "https://www.suse.com/security/cve/CVE-2025-37946"
},
{
"category": "external",
"summary": "SUSE Bug 1243506 for CVE-2025-37946",
"url": "https://bugzilla.suse.com/1243506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37946"
},
{
"cve": "CVE-2025-37948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Add BHB mitigation to the epilogue for cBPF programs\n\nA malicious BPF program may manipulate the branch history to influence\nwhat the hardware speculates will happen next.\n\nOn exit from a BPF program, emit the BHB mititgation sequence.\n\nThis is only applied for \u0027classic\u0027 cBPF programs that are loaded by\nseccomp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37948",
"url": "https://www.suse.com/security/cve/CVE-2025-37948"
},
{
"category": "external",
"summary": "SUSE Bug 1243649 for CVE-2025-37948",
"url": "https://bugzilla.suse.com/1243649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37948"
},
{
"cve": "CVE-2025-37951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Add job to pending list if the reset was skipped\n\nWhen a CL/CSD job times out, we check if the GPU has made any progress\nsince the last timeout. If so, instead of resetting the hardware, we skip\nthe reset and let the timer get rearmed. This gives long-running jobs a\nchance to complete.\n\nHowever, when `timedout_job()` is called, the job in question is removed\nfrom the pending list, which means it won\u0027t be automatically freed through\n`free_job()`. Consequently, when we skip the reset and keep the job\nrunning, the job won\u0027t be freed when it finally completes.\n\nThis situation leads to a memory leak, as exposed in [1] and [2].\n\nSimilarly to commit 704d3d60fec4 (\"drm/etnaviv: don\u0027t block scheduler when\nGPU is still active\"), this patch ensures the job is put back on the\npending list when extending the timeout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37951",
"url": "https://www.suse.com/security/cve/CVE-2025-37951"
},
{
"category": "external",
"summary": "SUSE Bug 1243659 for CVE-2025-37951",
"url": "https://bugzilla.suse.com/1243659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37951"
},
{
"cve": "CVE-2025-37953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_deactivate() idempotent\n\nAlan reported a NULL pointer dereference in htb_next_rb_node()\nafter we made htb_qlen_notify() idempotent.\n\nIt turns out in the following case it introduced some regression:\n\nhtb_dequeue_tree():\n |-\u003e fq_codel_dequeue()\n |-\u003e qdisc_tree_reduce_backlog()\n |-\u003e htb_qlen_notify()\n |-\u003e htb_deactivate()\n |-\u003e htb_next_rb_node()\n |-\u003e htb_deactivate()\n\nFor htb_next_rb_node(), after calling the 1st htb_deactivate(), the\nclprio[prio]-\u003eptr could be already set to NULL, which means\nhtb_next_rb_node() is vulnerable here.\n\nFor htb_deactivate(), although we checked qlen before calling it, in\ncase of qlen==0 after qdisc_tree_reduce_backlog(), we may call it again\nwhich triggers the warning inside.\n\nTo fix the issues here, we need to:\n\n1) Make htb_deactivate() idempotent, that is, simply return if we\n already call it before.\n2) Make htb_next_rb_node() safe against ptr==NULL.\n\nMany thanks to Alan for testing and for the reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37953",
"url": "https://www.suse.com/security/cve/CVE-2025-37953"
},
{
"category": "external",
"summary": "SUSE Bug 1243543 for CVE-2025-37953",
"url": "https://bugzilla.suse.com/1243543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37953"
},
{
"cve": "CVE-2025-37954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Avoid race in open_cached_dir with lease breaks\n\nA pre-existing valid cfid returned from find_or_create_cached_dir might\nrace with a lease break, meaning open_cached_dir doesn\u0027t consider it\nvalid, and thinks it\u0027s newly-constructed. This leaks a dentry reference\nif the allocation occurs before the queued lease break work runs.\n\nAvoid the race by extending holding the cfid_list_lock across\nfind_or_create_cached_dir and when the result is checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37954",
"url": "https://www.suse.com/security/cve/CVE-2025-37954"
},
{
"category": "external",
"summary": "SUSE Bug 1243664 for CVE-2025-37954",
"url": "https://bugzilla.suse.com/1243664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37954"
},
{
"cve": "CVE-2025-37959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Scrub packet on bpf_redirect_peer\n\nWhen bpf_redirect_peer is used to redirect packets to a device in\nanother network namespace, the skb isn\u0027t scrubbed. That can lead skb\ninformation from one namespace to be \"misused\" in another namespace.\n\nAs one example, this is causing Cilium to drop traffic when using\nbpf_redirect_peer to redirect packets that just went through IPsec\ndecryption to a container namespace. The following pwru trace shows (1)\nthe packet path from the host\u0027s XFRM layer to the container\u0027s XFRM\nlayer where it\u0027s dropped and (2) the number of active skb extensions at\neach function.\n\n NETNS MARK IFACE TUPLE FUNC\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm4_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 gro_cells_receive\n .active_extensions = (__u8)2,\n [...]\n 4026533547 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 skb_do_redirect\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv_core\n .active_extensions = (__u8)2,\n [...]\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 udp_queue_rcv_one_skb\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_policy_check\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 security_xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 kfree_skb_reason(SKB_DROP_REASON_XFRM_POLICY)\n .active_extensions = (__u8)2,\n\nIn this case, there are no XFRM policies in the container\u0027s network\nnamespace so the drop is unexpected. When we decrypt the IPsec packet,\nthe XFRM state used for decryption is set in the skb extensions. This\ninformation is preserved across the netns switch. When we reach the\nXFRM policy check in the container\u0027s netns, __xfrm_policy_check drops\nthe packet with LINUX_MIB_XFRMINNOPOLS because a (container-side) XFRM\npolicy can\u0027t be found that matches the (host-side) XFRM state used for\ndecryption.\n\nThis patch fixes this by scrubbing the packet when using\nbpf_redirect_peer, as is done on typical netns switches via veth\ndevices except skb-\u003emark and skb-\u003etstamp are not zeroed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37959",
"url": "https://www.suse.com/security/cve/CVE-2025-37959"
},
{
"category": "external",
"summary": "SUSE Bug 1243517 for CVE-2025-37959",
"url": "https://bugzilla.suse.com/1243517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37959"
},
{
"cve": "CVE-2025-37961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix uninit-value for saddr in do_output_route4\n\nsyzbot reports for uninit-value for the saddr argument [1].\ncommit 4754957f04f5 (\"ipvs: do not use random local source address for\ntunnels\") already implies that the input value of saddr\nshould be ignored but the code is still reading it which can prevent\nto connect the route. Fix it by changing the argument to ret_saddr.\n\n[1]\nBUG: KMSAN: uninit-value in do_output_route4+0x42c/0x4d0 net/netfilter/ipvs/ip_vs_xmit.c:147\n do_output_route4+0x42c/0x4d0 net/netfilter/ipvs/ip_vs_xmit.c:147\n __ip_vs_get_out_rt+0x403/0x21d0 net/netfilter/ipvs/ip_vs_xmit.c:330\n ip_vs_tunnel_xmit+0x205/0x2380 net/netfilter/ipvs/ip_vs_xmit.c:1136\n ip_vs_in_hook+0x1aa5/0x35b0 net/netfilter/ipvs/ip_vs_core.c:2063\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf7/0x400 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n __ip_local_out+0x758/0x7e0 net/ipv4/ip_output.c:118\n ip_local_out net/ipv4/ip_output.c:127 [inline]\n ip_send_skb+0x6a/0x3c0 net/ipv4/ip_output.c:1501\n udp_send_skb+0xfda/0x1b70 net/ipv4/udp.c:1195\n udp_sendmsg+0x2fe3/0x33c0 net/ipv4/udp.c:1483\n inet_sendmsg+0x1fc/0x280 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x267/0x380 net/socket.c:727\n ____sys_sendmsg+0x91b/0xda0 net/socket.c:2566\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2620\n __sys_sendmmsg+0x41d/0x880 net/socket.c:2702\n __compat_sys_sendmmsg net/compat.c:360 [inline]\n __do_compat_sys_sendmmsg net/compat.c:367 [inline]\n __se_compat_sys_sendmmsg net/compat.c:364 [inline]\n __ia32_compat_sys_sendmmsg+0xc8/0x140 net/compat.c:364\n ia32_sys_call+0x3ffa/0x41f0 arch/x86/include/generated/asm/syscalls_32.h:346\n do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline]\n __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/syscall_32.c:306\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:331\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:369\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4167 [inline]\n slab_alloc_node mm/slub.c:4210 [inline]\n __kmalloc_cache_noprof+0x8fa/0xe00 mm/slub.c:4367\n kmalloc_noprof include/linux/slab.h:905 [inline]\n ip_vs_dest_dst_alloc net/netfilter/ipvs/ip_vs_xmit.c:61 [inline]\n __ip_vs_get_out_rt+0x35d/0x21d0 net/netfilter/ipvs/ip_vs_xmit.c:323\n ip_vs_tunnel_xmit+0x205/0x2380 net/netfilter/ipvs/ip_vs_xmit.c:1136\n ip_vs_in_hook+0x1aa5/0x35b0 net/netfilter/ipvs/ip_vs_core.c:2063\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf7/0x400 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n __ip_local_out+0x758/0x7e0 net/ipv4/ip_output.c:118\n ip_local_out net/ipv4/ip_output.c:127 [inline]\n ip_send_skb+0x6a/0x3c0 net/ipv4/ip_output.c:1501\n udp_send_skb+0xfda/0x1b70 net/ipv4/udp.c:1195\n udp_sendmsg+0x2fe3/0x33c0 net/ipv4/udp.c:1483\n inet_sendmsg+0x1fc/0x280 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x267/0x380 net/socket.c:727\n ____sys_sendmsg+0x91b/0xda0 net/socket.c:2566\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2620\n __sys_sendmmsg+0x41d/0x880 net/socket.c:2702\n __compat_sys_sendmmsg net/compat.c:360 [inline]\n __do_compat_sys_sendmmsg net/compat.c:367 [inline]\n __se_compat_sys_sendmmsg net/compat.c:364 [inline]\n __ia32_compat_sys_sendmmsg+0xc8/0x140 net/compat.c:364\n ia32_sys_call+0x3ffa/0x41f0 arch/x86/include/generated/asm/syscalls_32.h:346\n do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline]\n __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/syscall_32.c:306\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:331\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:369\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n\nCPU: 0 UID: 0 PID: 22408 Comm: syz.4.5165 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(undef)\nHardware name: Google Google Compute Engi\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37961",
"url": "https://www.suse.com/security/cve/CVE-2025-37961"
},
{
"category": "external",
"summary": "SUSE Bug 1243523 for CVE-2025-37961",
"url": "https://bugzilla.suse.com/1243523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37961"
},
{
"cve": "CVE-2025-37963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Only mitigate cBPF programs loaded by unprivileged users\n\nSupport for eBPF programs loaded by unprivileged users is typically\ndisabled. This means only cBPF programs need to be mitigated for BHB.\n\nIn addition, only mitigate cBPF programs that were loaded by an\nunprivileged user. Privileged users can also load the same program\nvia eBPF, making the mitigation pointless.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37963",
"url": "https://www.suse.com/security/cve/CVE-2025-37963"
},
{
"category": "external",
"summary": "SUSE Bug 1243660 for CVE-2025-37963",
"url": "https://bugzilla.suse.com/1243660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "low"
}
],
"title": "CVE-2025-37963"
},
{
"cve": "CVE-2025-37965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix invalid context error in dml helper\n\n[Why]\n\"BUG: sleeping function called from invalid context\" error.\nafter:\n\"drm/amd/display: Protect FPU in dml2_validate()/dml21_validate()\"\n\nThe populate_dml_plane_cfg_from_plane_state() uses the GFP_KERNEL flag\nfor memory allocation, which shouldn\u0027t be used in atomic contexts.\n\nThe allocation is needed only for using another helper function\nget_scaler_data_for_plane().\n\n[How]\nModify helpers to pass a pointer to scaler_data within existing context,\neliminating the need for dynamic memory allocation/deallocation\nand copying.\n\n(cherry picked from commit bd3e84bc98f81b44f2c43936bdadc3241d654259)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37965",
"url": "https://www.suse.com/security/cve/CVE-2025-37965"
},
{
"category": "external",
"summary": "SUSE Bug 1244174 for CVE-2025-37965",
"url": "https://bugzilla.suse.com/1244174"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37965"
},
{
"cve": "CVE-2025-37967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37967"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: displayport: Fix deadlock\n\nThis patch introduces the ucsi_con_mutex_lock / ucsi_con_mutex_unlock\nfunctions to the UCSI driver. ucsi_con_mutex_lock ensures the connector\nmutex is only locked if a connection is established and the partner pointer\nis valid. This resolves a deadlock scenario where\nucsi_displayport_remove_partner holds con-\u003emutex waiting for\ndp_altmode_work to complete while dp_altmode_work attempts to acquire it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37967",
"url": "https://www.suse.com/security/cve/CVE-2025-37967"
},
{
"category": "external",
"summary": "SUSE Bug 1243572 for CVE-2025-37967",
"url": "https://bugzilla.suse.com/1243572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37967"
},
{
"cve": "CVE-2025-37968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: opt3001: fix deadlock due to concurrent flag access\n\nThe threaded IRQ function in this driver is reading the flag twice: once to\nlock a mutex and once to unlock it. Even though the code setting the flag\nis designed to prevent it, there are subtle cases where the flag could be\ntrue at the mutex_lock stage and false at the mutex_unlock stage. This\nresults in the mutex not being unlocked, resulting in a deadlock.\n\nFix it by making the opt3001_irq() code generally more robust, reading the\nflag into a variable and using the variable value at both stages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37968",
"url": "https://www.suse.com/security/cve/CVE-2025-37968"
},
{
"category": "external",
"summary": "SUSE Bug 1243571 for CVE-2025-37968",
"url": "https://bugzilla.suse.com/1243571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37968"
},
{
"cve": "CVE-2025-37969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo\n\nPrevent st_lsm6dsx_read_tagged_fifo from falling in an infinite loop in\ncase pattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37969",
"url": "https://www.suse.com/security/cve/CVE-2025-37969"
},
{
"category": "external",
"summary": "SUSE Bug 1243574 for CVE-2025-37969",
"url": "https://bugzilla.suse.com/1243574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37969"
},
{
"cve": "CVE-2025-37970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo\n\nPrevent st_lsm6dsx_read_fifo from falling in an infinite loop in case\npattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37970",
"url": "https://www.suse.com/security/cve/CVE-2025-37970"
},
{
"category": "external",
"summary": "SUSE Bug 1243575 for CVE-2025-37970",
"url": "https://bugzilla.suse.com/1243575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37970"
},
{
"cve": "CVE-2025-37972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: mtk-pmic-keys - fix possible null pointer dereference\n\nIn mtk_pmic_keys_probe, the regs parameter is only set if the button is\nparsed in the device tree. However, on hardware where the button is left\nfloating, that node will most likely be removed not to enable that\ninput. In that case the code will try to dereference a null pointer.\n\nLet\u0027s use the regs struct instead as it is defined for all supported\nplatforms. Note that it is ok setting the key reg even if that latter is\ndisabled as the interrupt won\u0027t be enabled anyway.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37972",
"url": "https://www.suse.com/security/cve/CVE-2025-37972"
},
{
"category": "external",
"summary": "SUSE Bug 1243573 for CVE-2025-37972",
"url": "https://bugzilla.suse.com/1243573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37972"
},
{
"cve": "CVE-2025-37973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation\n\nCurrently during the multi-link element defragmentation process, the\nmulti-link element length added to the total IEs length when calculating\nthe length of remaining IEs after the multi-link element in\ncfg80211_defrag_mle(). This could lead to out-of-bounds access if the\nmulti-link element or its corresponding fragment elements are the last\nelements in the IEs buffer.\n\nTo address this issue, correctly calculate the remaining IEs length by\ndeducting the multi-link element end offset from total IEs end offset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37973",
"url": "https://www.suse.com/security/cve/CVE-2025-37973"
},
{
"category": "external",
"summary": "SUSE Bug 1244172 for CVE-2025-37973",
"url": "https://bugzilla.suse.com/1244172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37973"
},
{
"cve": "CVE-2025-37978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: integrity: Do not call set_page_dirty_lock()\n\nPlacing multiple protection information buffers inside the same page\ncan lead to oopses because set_page_dirty_lock() can\u0027t be called from\ninterrupt context.\n\nSince a protection information buffer is not backed by a file there is\nno point in setting its page dirty, there is nothing to synchronize.\nDrop the call to set_page_dirty_lock() and remove the last argument to\nbio_integrity_unpin_bvec().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37978",
"url": "https://www.suse.com/security/cve/CVE-2025-37978"
},
{
"category": "external",
"summary": "SUSE Bug 1243516 for CVE-2025-37978",
"url": "https://bugzilla.suse.com/1243516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37978"
},
{
"cve": "CVE-2025-37979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: Fix sc7280 lpass potential buffer overflow\n\nCase values introduced in commit\n5f78e1fb7a3e (\"ASoC: qcom: Add driver support for audioreach solution\")\ncause out of bounds access in arrays of sc7280 driver data (e.g. in case\nof RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()).\n\nRedefine LPASS_MAX_PORTS to consider the maximum possible port id for\nq6dsp as sc7280 driver utilizes some of those values.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37979",
"url": "https://www.suse.com/security/cve/CVE-2025-37979"
},
{
"category": "external",
"summary": "SUSE Bug 1243545 for CVE-2025-37979",
"url": "https://bugzilla.suse.com/1243545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37979"
},
{
"cve": "CVE-2025-37980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix resource leak in blk_register_queue() error path\n\nWhen registering a queue fails after blk_mq_sysfs_register() is\nsuccessful but the function later encounters an error, we need\nto clean up the blk_mq_sysfs resources.\n\nAdd the missing blk_mq_sysfs_unregister() call in the error path\nto properly clean up these resources and prevent a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37980",
"url": "https://www.suse.com/security/cve/CVE-2025-37980"
},
{
"category": "external",
"summary": "SUSE Bug 1243522 for CVE-2025-37980",
"url": "https://bugzilla.suse.com/1243522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37980"
},
{
"cve": "CVE-2025-37981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: smartpqi: Use is_kdump_kernel() to check for kdump\n\nThe smartpqi driver checks the reset_devices variable to determine\nwhether special adjustments need to be made for kdump. This has the\neffect that after a regular kexec reboot, some driver parameters such as\nmax_transfer_size are much lower than usual. More importantly, kexec\nreboot tests have revealed memory corruption caused by the driver log\nbeing written to system memory after a kexec.\n\nFix this by testing is_kdump_kernel() rather than reset_devices where\nappropriate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37981",
"url": "https://www.suse.com/security/cve/CVE-2025-37981"
},
{
"category": "external",
"summary": "SUSE Bug 1243514 for CVE-2025-37981",
"url": "https://bugzilla.suse.com/1243514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37981"
},
{
"cve": "CVE-2025-37982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wl1251: fix memory leak in wl1251_tx_work\n\nThe skb dequeued from tx_queue is lost when wl1251_ps_elp_wakeup fails\nwith a -ETIMEDOUT error. Fix that by queueing the skb back to tx_queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37982",
"url": "https://www.suse.com/security/cve/CVE-2025-37982"
},
{
"category": "external",
"summary": "SUSE Bug 1243524 for CVE-2025-37982",
"url": "https://bugzilla.suse.com/1243524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37982"
},
{
"cve": "CVE-2025-37983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqibfs: fix _another_ leak\n\nfailure to allocate inode =\u003e leaked dentry...\n\nthis one had been there since the initial merge; to be fair,\nif we are that far OOM, the odds of failing at that particular\nallocation are low...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37983",
"url": "https://www.suse.com/security/cve/CVE-2025-37983"
},
{
"category": "external",
"summary": "SUSE Bug 1243567 for CVE-2025-37983",
"url": "https://bugzilla.suse.com/1243567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37983"
},
{
"cve": "CVE-2025-37985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: wdm: close race between wdm_open and wdm_wwan_port_stop\n\nClearing WDM_WWAN_IN_USE must be the last action or\nwe can open a chardev whose URBs are still poisoned",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37985",
"url": "https://www.suse.com/security/cve/CVE-2025-37985"
},
{
"category": "external",
"summary": "SUSE Bug 1243529 for CVE-2025-37985",
"url": "https://bugzilla.suse.com/1243529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37985"
},
{
"cve": "CVE-2025-37986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Invalidate USB device pointers on partner unregistration\n\nTo avoid using invalid USB device pointers after a Type-C partner\ndisconnects, this patch clears the pointers upon partner unregistration.\nThis ensures a clean state for future connections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37986",
"url": "https://www.suse.com/security/cve/CVE-2025-37986"
},
{
"category": "external",
"summary": "SUSE Bug 1243515 for CVE-2025-37986",
"url": "https://bugzilla.suse.com/1243515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37986"
},
{
"cve": "CVE-2025-37987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37987"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: Prevent possible adminq overflow/stuck condition\n\nThe pds_core\u0027s adminq is protected by the adminq_lock, which prevents\nmore than 1 command to be posted onto it at any one time. This makes it\nso the client drivers cannot simultaneously post adminq commands.\nHowever, the completions happen in a different context, which means\nmultiple adminq commands can be posted sequentially and all waiting\non completion.\n\nOn the FW side, the backing adminq request queue is only 16 entries\nlong and the retry mechanism and/or overflow/stuck prevention is\nlacking. This can cause the adminq to get stuck, so commands are no\nlonger processed and completions are no longer sent by the FW.\n\nAs an initial fix, prevent more than 16 outstanding adminq commands so\nthere\u0027s no way to cause the adminq from getting stuck. This works\nbecause the backing adminq request queue will never have more than 16\npending adminq commands, so it will never overflow. This is done by\nreducing the adminq depth to 16.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37987",
"url": "https://www.suse.com/security/cve/CVE-2025-37987"
},
{
"category": "external",
"summary": "SUSE Bug 1243542 for CVE-2025-37987",
"url": "https://bugzilla.suse.com/1243542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37987"
},
{
"cve": "CVE-2025-37989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: leds: fix memory leak\n\nA network restart test on a router led to an out-of-memory condition,\nwhich was traced to a memory leak in the PHY LED trigger code.\n\nThe root cause is misuse of the devm API. The registration function\n(phy_led_triggers_register) is called from phy_attach_direct, not\nphy_probe, and the unregister function (phy_led_triggers_unregister)\nis called from phy_detach, not phy_remove. This means the register and\nunregister functions can be called multiple times for the same PHY\ndevice, but devm-allocated memory is not freed until the driver is\nunbound.\n\nThis also prevents kmemleak from detecting the leak, as the devm API\ninternally stores the allocated pointer.\n\nFix this by replacing devm_kzalloc/devm_kcalloc with standard\nkzalloc/kcalloc, and add the corresponding kfree calls in the unregister\npath.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37989",
"url": "https://www.suse.com/security/cve/CVE-2025-37989"
},
{
"category": "external",
"summary": "SUSE Bug 1243511 for CVE-2025-37989",
"url": "https://bugzilla.suse.com/1243511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37989"
},
{
"cve": "CVE-2025-37990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()\n\nThe function brcmf_usb_dl_writeimage() calls the function\nbrcmf_usb_dl_cmd() but dose not check its return value. The\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized if the\nfunction brcmf_usb_dl_cmd() fails. It is dangerous to use\nuninitialized variables in the conditions.\n\nAdd error handling for brcmf_usb_dl_cmd() to jump to error\nhandling path if the brcmf_usb_dl_cmd() fails and the\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized.\n\nImprove the error message to report more detailed error\ninformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37990",
"url": "https://www.suse.com/security/cve/CVE-2025-37990"
},
{
"category": "external",
"summary": "SUSE Bug 1243528 for CVE-2025-37990",
"url": "https://bugzilla.suse.com/1243528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37990"
},
{
"cve": "CVE-2025-37992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: Flush gso_skb list too during -\u003echange()\n\nPreviously, when reducing a qdisc\u0027s limit via the -\u003echange() operation, only\nthe main skb queue was trimmed, potentially leaving packets in the gso_skb\nlist. This could result in NULL pointer dereference when we only check\nsch-\u003elimit against sch-\u003eq.qlen.\n\nThis patch introduces a new helper, qdisc_dequeue_internal(), which ensures\nboth the gso_skb list and the main queue are properly flushed when trimming\nexcess packets. All relevant qdiscs (codel, fq, fq_codel, fq_pie, hhf, pie)\nare updated to use this helper in their -\u003echange() routines.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37992",
"url": "https://www.suse.com/security/cve/CVE-2025-37992"
},
{
"category": "external",
"summary": "SUSE Bug 1243698 for CVE-2025-37992",
"url": "https://bugzilla.suse.com/1243698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37992"
},
{
"cve": "CVE-2025-37994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: displayport: Fix NULL pointer access\n\nThis patch ensures that the UCSI driver waits for all pending tasks in the\nucsi_displayport_work workqueue to finish executing before proceeding with\nthe partner removal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37994",
"url": "https://www.suse.com/security/cve/CVE-2025-37994"
},
{
"category": "external",
"summary": "SUSE Bug 1243823 for CVE-2025-37994",
"url": "https://bugzilla.suse.com/1243823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37994"
},
{
"cve": "CVE-2025-37995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmodule: ensure that kobject_put() is safe for module type kobjects\n\nIn \u0027lookup_or_create_module_kobject()\u0027, an internal kobject is created\nusing \u0027module_ktype\u0027. So call to \u0027kobject_put()\u0027 on error handling\npath causes an attempt to use an uninitialized completion pointer in\n\u0027module_kobject_release()\u0027. In this scenario, we just want to release\nkobject without an extra synchronization required for a regular module\nunloading process, so adding an extra check whether \u0027complete()\u0027 is\nactually required makes \u0027kobject_put()\u0027 safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37995",
"url": "https://www.suse.com/security/cve/CVE-2025-37995"
},
{
"category": "external",
"summary": "SUSE Bug 1243827 for CVE-2025-37995",
"url": "https://bugzilla.suse.com/1243827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-37995"
},
{
"cve": "CVE-2025-37997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: fix region locking in hash types\n\nRegion locking introduced in v5.6-rc4 contained three macros to handle\nthe region locks: ahash_bucket_start(), ahash_bucket_end() which gave\nback the start and end hash bucket values belonging to a given region\nlock and ahash_region() which should give back the region lock belonging\nto a given hash bucket. The latter was incorrect which can lead to a\nrace condition between the garbage collector and adding new elements\nwhen a hash type of set is defined with timeouts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37997",
"url": "https://www.suse.com/security/cve/CVE-2025-37997"
},
{
"category": "external",
"summary": "SUSE Bug 1243832 for CVE-2025-37997",
"url": "https://bugzilla.suse.com/1243832"
},
{
"category": "external",
"summary": "SUSE Bug 1245774 for CVE-2025-37997",
"url": "https://bugzilla.suse.com/1245774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "important"
}
],
"title": "CVE-2025-37997"
},
{
"cve": "CVE-2025-37998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: Fix unsafe attribute parsing in output_userspace()\n\nThis patch replaces the manual Netlink attribute iteration in\noutput_userspace() with nla_for_each_nested(), which ensures that only\nwell-formed attributes are processed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37998",
"url": "https://www.suse.com/security/cve/CVE-2025-37998"
},
{
"category": "external",
"summary": "SUSE Bug 1243836 for CVE-2025-37998",
"url": "https://bugzilla.suse.com/1243836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "low"
}
],
"title": "CVE-2025-37998"
},
{
"cve": "CVE-2025-38000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38000"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()\n\nWhen enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the\nchild qdisc\u0027s peek() operation before incrementing sch-\u003eq.qlen and\nsch-\u003eqstats.backlog. If the child qdisc uses qdisc_peek_dequeued(), this may\ntrigger an immediate dequeue and potential packet drop. In such cases,\nqdisc_tree_reduce_backlog() is called, but the HFSC qdisc\u0027s qlen and backlog\nhave not yet been updated, leading to inconsistent queue accounting. This\ncan leave an empty HFSC class in the active list, causing further\nconsequences like use-after-free.\n\nThis patch fixes the bug by moving the increment of sch-\u003eq.qlen and\nsch-\u003eqstats.backlog before the call to the child qdisc\u0027s peek() operation.\nThis ensures that queue length and backlog are always accurate when packet\ndrops or dequeues are triggered during the peek.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38000",
"url": "https://www.suse.com/security/cve/CVE-2025-38000"
},
{
"category": "external",
"summary": "SUSE Bug 1244277 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "external",
"summary": "SUSE Bug 1245775 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1245775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "important"
}
],
"title": "CVE-2025-38000"
},
{
"cve": "CVE-2025-38001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Address reentrant enqueue adding class to eltree twice\n\nSavino says:\n \"We are writing to report that this recent patch\n (141d34391abbb315d68556b7c67ad97885407547) [1]\n can be bypassed, and a UAF can still occur when HFSC is utilized with\n NETEM.\n\n The patch only checks the cl-\u003ecl_nactive field to determine whether\n it is the first insertion or not [2], but this field is only\n incremented by init_vf [3].\n\n By using HFSC_RSC (which uses init_ed) [4], it is possible to bypass the\n check and insert the class twice in the eltree.\n Under normal conditions, this would lead to an infinite loop in\n hfsc_dequeue for the reasons we already explained in this report [5].\n\n However, if TBF is added as root qdisc and it is configured with a\n very low rate,\n it can be utilized to prevent packets from being dequeued.\n This behavior can be exploited to perform subsequent insertions in the\n HFSC eltree and cause a UAF.\"\n\nTo fix both the UAF and the infinite loop, with netem as an hfsc child,\ncheck explicitly in hfsc_enqueue whether the class is already in the eltree\nwhenever the HFSC_RSC flag is set.\n\n[1] https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=141d34391abbb315d68556b7c67ad97885407547\n[2] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L1572\n[3] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L677\n[4] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L1574\n[5] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/T/#u",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38001",
"url": "https://www.suse.com/security/cve/CVE-2025-38001"
},
{
"category": "external",
"summary": "SUSE Bug 1244234 for CVE-2025-38001",
"url": "https://bugzilla.suse.com/1244234"
},
{
"category": "external",
"summary": "SUSE Bug 1244235 for CVE-2025-38001",
"url": "https://bugzilla.suse.com/1244235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "important"
}
],
"title": "CVE-2025-38001"
},
{
"cve": "CVE-2025-38003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38003"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: add missing rcu read protection for procfs content\n\nWhen the procfs content is generated for a bcm_op which is in the process\nto be removed the procfs output might show unreliable data (UAF).\n\nAs the removal of bcm_op\u0027s is already implemented with rcu handling this\npatch adds the missing rcu_read_lock() and makes sure the list entries\nare properly removed under rcu protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38003",
"url": "https://www.suse.com/security/cve/CVE-2025-38003"
},
{
"category": "external",
"summary": "SUSE Bug 1244275 for CVE-2025-38003",
"url": "https://bugzilla.suse.com/1244275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38003"
},
{
"cve": "CVE-2025-38004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: add locking for bcm_op runtime updates\n\nThe CAN broadcast manager (CAN BCM) can send a sequence of CAN frames via\nhrtimer. The content and also the length of the sequence can be changed\nresp reduced at runtime where the \u0027currframe\u0027 counter is then set to zero.\n\nAlthough this appeared to be a safe operation the updates of \u0027currframe\u0027\ncan be triggered from user space and hrtimer context in bcm_can_tx().\nAnderson Nascimento created a proof of concept that triggered a KASAN\nslab-out-of-bounds read access which can be prevented with a spin_lock_bh.\n\nAt the rework of bcm_can_tx() the \u0027count\u0027 variable has been moved into\nthe protected section as this variable can be modified from both contexts\ntoo.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38004",
"url": "https://www.suse.com/security/cve/CVE-2025-38004"
},
{
"category": "external",
"summary": "SUSE Bug 1244274 for CVE-2025-38004",
"url": "https://bugzilla.suse.com/1244274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38004"
},
{
"cve": "CVE-2025-38005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: k3-udma: Add missing locking\n\nRecent kernels complain about a missing lock in k3-udma.c when the lock\nvalidator is enabled:\n\n[ 4.128073] WARNING: CPU: 0 PID: 746 at drivers/dma/ti/../virt-dma.h:169 udma_start.isra.0+0x34/0x238\n[ 4.137352] CPU: 0 UID: 0 PID: 746 Comm: kworker/0:3 Not tainted 6.12.9-arm64 #28\n[ 4.144867] Hardware name: pp-v12 (DT)\n[ 4.148648] Workqueue: events udma_check_tx_completion\n[ 4.153841] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 4.160834] pc : udma_start.isra.0+0x34/0x238\n[ 4.165227] lr : udma_start.isra.0+0x30/0x238\n[ 4.169618] sp : ffffffc083cabcf0\n[ 4.172963] x29: ffffffc083cabcf0 x28: 0000000000000000 x27: ffffff800001b005\n[ 4.180167] x26: ffffffc0812f0000 x25: 0000000000000000 x24: 0000000000000000\n[ 4.187370] x23: 0000000000000001 x22: 00000000e21eabe9 x21: ffffff8000fa0670\n[ 4.194571] x20: ffffff8001b6bf00 x19: ffffff8000fa0430 x18: ffffffc083b95030\n[ 4.201773] x17: 0000000000000000 x16: 00000000f0000000 x15: 0000000000000048\n[ 4.208976] x14: 0000000000000048 x13: 0000000000000000 x12: 0000000000000001\n[ 4.216179] x11: ffffffc08151a240 x10: 0000000000003ea1 x9 : ffffffc08046ab68\n[ 4.223381] x8 : ffffffc083cabac0 x7 : ffffffc081df3718 x6 : 0000000000029fc8\n[ 4.230583] x5 : ffffffc0817ee6d8 x4 : 0000000000000bc0 x3 : 0000000000000000\n[ 4.237784] x2 : 0000000000000000 x1 : 00000000001fffff x0 : 0000000000000000\n[ 4.244986] Call trace:\n[ 4.247463] udma_start.isra.0+0x34/0x238\n[ 4.251509] udma_check_tx_completion+0xd0/0xdc\n[ 4.256076] process_one_work+0x244/0x3fc\n[ 4.260129] process_scheduled_works+0x6c/0x74\n[ 4.264610] worker_thread+0x150/0x1dc\n[ 4.268398] kthread+0xd8/0xe8\n[ 4.271492] ret_from_fork+0x10/0x20\n[ 4.275107] irq event stamp: 220\n[ 4.278363] hardirqs last enabled at (219): [\u003cffffffc080a27c7c\u003e] _raw_spin_unlock_irq+0x38/0x50\n[ 4.287183] hardirqs last disabled at (220): [\u003cffffffc080a1c154\u003e] el1_dbg+0x24/0x50\n[ 4.294879] softirqs last enabled at (182): [\u003cffffffc080037e68\u003e] handle_softirqs+0x1c0/0x3cc\n[ 4.303437] softirqs last disabled at (177): [\u003cffffffc080010170\u003e] __do_softirq+0x1c/0x28\n[ 4.311559] ---[ end trace 0000000000000000 ]---\n\nThis commit adds the missing locking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38005",
"url": "https://www.suse.com/security/cve/CVE-2025-38005"
},
{
"category": "external",
"summary": "SUSE Bug 1244727 for CVE-2025-38005",
"url": "https://bugzilla.suse.com/1244727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38005"
},
{
"cve": "CVE-2025-38007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: uclogic: Add NULL check in uclogic_input_configured()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nuclogic_input_configured() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38007",
"url": "https://www.suse.com/security/cve/CVE-2025-38007"
},
{
"category": "external",
"summary": "SUSE Bug 1244938 for CVE-2025-38007",
"url": "https://bugzilla.suse.com/1244938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38007"
},
{
"cve": "CVE-2025-38009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: disable napi on driver removal\n\nA warning on driver removal started occurring after commit 9dd05df8403b\n(\"net: warn if NAPI instance wasn\u0027t shut down\"). Disable tx napi before\ndeleting it in mt76_dma_cleanup().\n\n WARNING: CPU: 4 PID: 18828 at net/core/dev.c:7288 __netif_napi_del_locked+0xf0/0x100\n CPU: 4 UID: 0 PID: 18828 Comm: modprobe Not tainted 6.15.0-rc4 #4 PREEMPT(lazy)\n Hardware name: ASUS System Product Name/PRIME X670E-PRO WIFI, BIOS 3035 09/05/2024\n RIP: 0010:__netif_napi_del_locked+0xf0/0x100\n Call Trace:\n \u003cTASK\u003e\n mt76_dma_cleanup+0x54/0x2f0 [mt76]\n mt7921_pci_remove+0xd5/0x190 [mt7921e]\n pci_device_remove+0x47/0xc0\n device_release_driver_internal+0x19e/0x200\n driver_detach+0x48/0x90\n bus_remove_driver+0x6d/0xf0\n pci_unregister_driver+0x2e/0xb0\n __do_sys_delete_module.isra.0+0x197/0x2e0\n do_syscall_64+0x7b/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nTested with mt7921e but the same pattern can be actually applied to other\nmt76 drivers calling mt76_dma_cleanup() during removal. Tx napi is enabled\nin their *_dma_init() functions and only toggled off and on again inside\ntheir suspend/resume/reset paths. So it should be okay to disable tx\nnapi in such a generic way.\n\nFound by Linux Verification Center (linuxtesting.org).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38009",
"url": "https://www.suse.com/security/cve/CVE-2025-38009"
},
{
"category": "external",
"summary": "SUSE Bug 1244995 for CVE-2025-38009",
"url": "https://bugzilla.suse.com/1244995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "low"
}
],
"title": "CVE-2025-38009"
},
{
"cve": "CVE-2025-38010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: tegra: xusb: Use a bitmask for UTMI pad power state tracking\n\nThe current implementation uses bias_pad_enable as a reference count to\nmanage the shared bias pad for all UTMI PHYs. However, during system\nsuspension with connected USB devices, multiple power-down requests for\nthe UTMI pad result in a mismatch in the reference count, which in turn\nproduces warnings such as:\n\n[ 237.762967] WARNING: CPU: 10 PID: 1618 at tegra186_utmi_pad_power_down+0x160/0x170\n[ 237.763103] Call trace:\n[ 237.763104] tegra186_utmi_pad_power_down+0x160/0x170\n[ 237.763107] tegra186_utmi_phy_power_off+0x10/0x30\n[ 237.763110] phy_power_off+0x48/0x100\n[ 237.763113] tegra_xusb_enter_elpg+0x204/0x500\n[ 237.763119] tegra_xusb_suspend+0x48/0x140\n[ 237.763122] platform_pm_suspend+0x2c/0xb0\n[ 237.763125] dpm_run_callback.isra.0+0x20/0xa0\n[ 237.763127] __device_suspend+0x118/0x330\n[ 237.763129] dpm_suspend+0x10c/0x1f0\n[ 237.763130] dpm_suspend_start+0x88/0xb0\n[ 237.763132] suspend_devices_and_enter+0x120/0x500\n[ 237.763135] pm_suspend+0x1ec/0x270\n\nThe root cause was traced back to the dynamic power-down changes\nintroduced in commit a30951d31b25 (\"xhci: tegra: USB2 pad power controls\"),\nwhere the UTMI pad was being powered down without verifying its current\nstate. This unbalanced behavior led to discrepancies in the reference\ncount.\n\nTo rectify this issue, this patch replaces the single reference counter\nwith a bitmask, renamed to utmi_pad_enabled. Each bit in the mask\ncorresponds to one of the four USB2 PHYs, allowing us to track each pad\u0027s\nenablement status individually.\n\nWith this change:\n - The bias pad is powered on only when the mask is clear.\n - Each UTMI pad is powered on or down based on its corresponding bit\n in the mask, preventing redundant operations.\n - The overall power state of the shared bias pad is maintained\n correctly during suspend/resume cycles.\n\nThe mutex used to prevent race conditions during UTMI pad enable/disable\noperations has been moved from the tegra186_utmi_bias_pad_power_on/off\nfunctions to the parent functions tegra186_utmi_pad_power_on/down. This\nchange ensures that there are no race conditions when updating the bitmask.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38010",
"url": "https://www.suse.com/security/cve/CVE-2025-38010"
},
{
"category": "external",
"summary": "SUSE Bug 1244996 for CVE-2025-38010",
"url": "https://bugzilla.suse.com/1244996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "low"
}
],
"title": "CVE-2025-38010"
},
{
"cve": "CVE-2025-38011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: csa unmap use uninterruptible lock\n\nAfter process exit to unmap csa and free GPU vm, if signal is accepted\nand then waiting to take vm lock is interrupted and return, it causes\nmemory leaking and below warning backtrace.\n\nChange to use uninterruptible wait lock fix the issue.\n\nWARNING: CPU: 69 PID: 167800 at amd/amdgpu/amdgpu_kms.c:1525\n amdgpu_driver_postclose_kms+0x294/0x2a0 [amdgpu]\n Call Trace:\n \u003cTASK\u003e\n drm_file_free.part.0+0x1da/0x230 [drm]\n drm_close_helper.isra.0+0x65/0x70 [drm]\n drm_release+0x6a/0x120 [drm]\n amdgpu_drm_release+0x51/0x60 [amdgpu]\n __fput+0x9f/0x280\n ____fput+0xe/0x20\n task_work_run+0x67/0xa0\n do_exit+0x217/0x3c0\n do_group_exit+0x3b/0xb0\n get_signal+0x14a/0x8d0\n arch_do_signal_or_restart+0xde/0x100\n exit_to_user_mode_loop+0xc1/0x1a0\n exit_to_user_mode_prepare+0xf4/0x100\n syscall_exit_to_user_mode+0x17/0x40\n do_syscall_64+0x69/0xc0\n\n(cherry picked from commit 7dbbfb3c171a6f63b01165958629c9c26abf38ab)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38011",
"url": "https://www.suse.com/security/cve/CVE-2025-38011"
},
{
"category": "external",
"summary": "SUSE Bug 1244729 for CVE-2025-38011",
"url": "https://bugzilla.suse.com/1244729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38011"
},
{
"cve": "CVE-2025-38013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request\n\nMake sure that n_channels is set after allocating the\nstruct cfg80211_registered_device::int_scan_req member. Seen with\nsyzkaller:\n\nUBSAN: array-index-out-of-bounds in net/mac80211/scan.c:1208:5\nindex 0 is out of range for type \u0027struct ieee80211_channel *[] __counted_by(n_channels)\u0027 (aka \u0027struct ieee80211_channel *[]\u0027)\n\nThis was missed in the initial conversions because I failed to locate\nthe allocation likely due to the \"sizeof(void *)\" not matching the\n\"channels\" array type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38013",
"url": "https://www.suse.com/security/cve/CVE-2025-38013"
},
{
"category": "external",
"summary": "SUSE Bug 1244731 for CVE-2025-38013",
"url": "https://bugzilla.suse.com/1244731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38013"
},
{
"cve": "CVE-2025-38014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Refactor remove call with idxd_cleanup() helper\n\nThe idxd_cleanup() helper cleans up perfmon, interrupts, internals and\nso on. Refactor remove call with the idxd_cleanup() helper to avoid code\nduplication. Note, this also fixes the missing put_device() for idxd\ngroups, enginces and wqs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38014",
"url": "https://www.suse.com/security/cve/CVE-2025-38014"
},
{
"category": "external",
"summary": "SUSE Bug 1244732 for CVE-2025-38014",
"url": "https://bugzilla.suse.com/1244732"
},
{
"category": "external",
"summary": "SUSE Bug 1244733 for CVE-2025-38014",
"url": "https://bugzilla.suse.com/1244733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38014"
},
{
"cve": "CVE-2025-38015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: fix memory leak in error handling path of idxd_alloc\n\nMemory allocated for idxd is not freed if an error occurs during\nidxd_alloc(). To fix it, free the allocated memory in the reverse order\nof allocation before exiting the function in case of an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38015",
"url": "https://www.suse.com/security/cve/CVE-2025-38015"
},
{
"category": "external",
"summary": "SUSE Bug 1244789 for CVE-2025-38015",
"url": "https://bugzilla.suse.com/1244789"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38015"
},
{
"cve": "CVE-2025-38018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: fix kernel panic when alloc_page failed\n\nWe cannot set frag_list to NULL pointer when alloc_page failed.\nIt will be used in tls_strp_check_queue_ok when the next time\ntls_strp_read_sock is called.\n\nThis is because we don\u0027t reset full_len in tls_strp_flush_anchor_copy()\nso the recv path will try to continue handling the partial record\non the next call but we dettached the rcvq from the frag list.\nAlternative fix would be to reset full_len.\n\nUnable to handle kernel NULL pointer dereference\nat virtual address 0000000000000028\n Call trace:\n tls_strp_check_rcv+0x128/0x27c\n tls_strp_data_ready+0x34/0x44\n tls_data_ready+0x3c/0x1f0\n tcp_data_ready+0x9c/0xe4\n tcp_data_queue+0xf6c/0x12d0\n tcp_rcv_established+0x52c/0x798",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38018",
"url": "https://www.suse.com/security/cve/CVE-2025-38018"
},
{
"category": "external",
"summary": "SUSE Bug 1244999 for CVE-2025-38018",
"url": "https://bugzilla.suse.com/1244999"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38018"
},
{
"cve": "CVE-2025-38020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Disable MACsec offload for uplink representor profile\n\nMACsec offload is not supported in switchdev mode for uplink\nrepresentors. When switching to the uplink representor profile, the\nMACsec offload feature must be cleared from the netdevice\u0027s features.\n\nIf left enabled, attempts to add offloads result in a null pointer\ndereference, as the uplink representor does not support MACsec offload\neven though the feature bit remains set.\n\nClear NETIF_F_HW_MACSEC in mlx5e_fix_uplink_rep_features().\n\nKernel log:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000000f: 0000 [#1] SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000078-0x000000000000007f]\nCPU: 29 UID: 0 PID: 4714 Comm: ip Not tainted 6.14.0-rc4_for_upstream_debug_2025_03_02_17_35 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nRIP: 0010:__mutex_lock+0x128/0x1dd0\nCode: d0 7c 08 84 d2 0f 85 ad 15 00 00 8b 35 91 5c fe 03 85 f6 75 29 49 8d 7e 60 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 a6 15 00 00 4d 3b 76 60 0f 85 fd 0b 00 00 65 ff\nRSP: 0018:ffff888147a4f160 EFLAGS: 00010206\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000001\nRDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000078\nRBP: ffff888147a4f2e0 R08: ffffffffa05d2c19 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: 0000000000000018 R15: ffff888152de0000\nFS: 00007f855e27d800(0000) GS:ffff88881ee80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000004e5768 CR3: 000000013ae7c005 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x3d/0xa0\n ? exc_general_protection+0x144/0x220\n ? asm_exc_general_protection+0x22/0x30\n ? mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n ? __mutex_lock+0x128/0x1dd0\n ? lockdep_set_lock_cmp_fn+0x190/0x190\n ? mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n ? mutex_lock_io_nested+0x1ae0/0x1ae0\n ? lock_acquire+0x1c2/0x530\n ? macsec_upd_offload+0x145/0x380\n ? lockdep_hardirqs_on_prepare+0x400/0x400\n ? kasan_save_stack+0x30/0x40\n ? kasan_save_stack+0x20/0x40\n ? kasan_save_track+0x10/0x30\n ? __kasan_kmalloc+0x77/0x90\n ? __kmalloc_noprof+0x249/0x6b0\n ? genl_family_rcv_msg_attrs_parse.constprop.0+0xb5/0x240\n ? mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n ? mlx5e_macsec_add_rxsa+0x11a0/0x11a0 [mlx5_core]\n macsec_update_offload+0x26c/0x820\n ? macsec_set_mac_address+0x4b0/0x4b0\n ? lockdep_hardirqs_on_prepare+0x284/0x400\n ? _raw_spin_unlock_irqrestore+0x47/0x50\n macsec_upd_offload+0x2c8/0x380\n ? macsec_update_offload+0x820/0x820\n ? __nla_parse+0x22/0x30\n ? genl_family_rcv_msg_attrs_parse.constprop.0+0x15e/0x240\n genl_family_rcv_msg_doit+0x1cc/0x2a0\n ? genl_family_rcv_msg_attrs_parse.constprop.0+0x240/0x240\n ? cap_capable+0xd4/0x330\n genl_rcv_msg+0x3ea/0x670\n ? genl_family_rcv_msg_dumpit+0x2a0/0x2a0\n ? lockdep_set_lock_cmp_fn+0x190/0x190\n ? macsec_update_offload+0x820/0x820\n netlink_rcv_skb+0x12b/0x390\n ? genl_family_rcv_msg_dumpit+0x2a0/0x2a0\n ? netlink_ack+0xd80/0xd80\n ? rwsem_down_read_slowpath+0xf90/0xf90\n ? netlink_deliver_tap+0xcd/0xac0\n ? netlink_deliver_tap+0x155/0xac0\n ? _copy_from_iter+0x1bb/0x12c0\n genl_rcv+0x24/0x40\n netlink_unicast+0x440/0x700\n ? netlink_attachskb+0x760/0x760\n ? lock_acquire+0x1c2/0x530\n ? __might_fault+0xbb/0x170\n netlink_sendmsg+0x749/0xc10\n ? netlink_unicast+0x700/0x700\n ? __might_fault+0xbb/0x170\n ? netlink_unicast+0x700/0x700\n __sock_sendmsg+0xc5/0x190\n ____sys_sendmsg+0x53f/0x760\n ? import_iovec+0x7/0x10\n ? kernel_sendmsg+0x30/0x30\n ? __copy_msghdr+0x3c0/0x3c0\n ? filter_irq_stacks+0x90/0x90\n ? stack_depot_save_flags+0x28/0xa30\n ___sys_sen\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38020",
"url": "https://www.suse.com/security/cve/CVE-2025-38020"
},
{
"category": "external",
"summary": "SUSE Bug 1245001 for CVE-2025-38020",
"url": "https://bugzilla.suse.com/1245001"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38020"
},
{
"cve": "CVE-2025-38022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38022"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Fix \"KASAN: slab-use-after-free Read in ib_register_device\" problem\n\nCall Trace:\n\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xc3/0x670 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n strlen+0x93/0xa0 lib/string.c:420\n __fortify_strlen include/linux/fortify-string.h:268 [inline]\n get_kobj_path_length lib/kobject.c:118 [inline]\n kobject_get_path+0x3f/0x2a0 lib/kobject.c:158\n kobject_uevent_env+0x289/0x1870 lib/kobject_uevent.c:545\n ib_register_device drivers/infiniband/core/device.c:1472 [inline]\n ib_register_device+0x8cf/0xe00 drivers/infiniband/core/device.c:1393\n rxe_register_device+0x275/0x320 drivers/infiniband/sw/rxe/rxe_verbs.c:1552\n rxe_net_add+0x8e/0xe0 drivers/infiniband/sw/rxe/rxe_net.c:550\n rxe_newlink+0x70/0x190 drivers/infiniband/sw/rxe/rxe.c:225\n nldev_newlink+0x3a3/0x680 drivers/infiniband/core/nldev.c:1796\n rdma_nl_rcv_msg+0x387/0x6e0 drivers/infiniband/core/netlink.c:195\n rdma_nl_rcv_skb.constprop.0.isra.0+0x2e5/0x450\n netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n netlink_unicast+0x53a/0x7f0 net/netlink/af_netlink.c:1339\n netlink_sendmsg+0x8d1/0xdd0 net/netlink/af_netlink.c:1883\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg net/socket.c:727 [inline]\n ____sys_sendmsg+0xa95/0xc70 net/socket.c:2566\n ___sys_sendmsg+0x134/0x1d0 net/socket.c:2620\n __sys_sendmsg+0x16d/0x220 net/socket.c:2652\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x260 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThis problem is similar to the problem that the\ncommit 1d6a9e7449e2 (\"RDMA/core: Fix use-after-free when rename device name\")\nfixes.\n\nThe root cause is: the function ib_device_rename() renames the name with\nlock. But in the function kobject_uevent(), this name is accessed without\nlock protection at the same time.\n\nThe solution is to add the lock protection when this name is accessed in\nthe function kobject_uevent().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38022",
"url": "https://www.suse.com/security/cve/CVE-2025-38022"
},
{
"category": "external",
"summary": "SUSE Bug 1245003 for CVE-2025-38022",
"url": "https://bugzilla.suse.com/1245003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38022"
},
{
"cve": "CVE-2025-38023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: handle failure of nfs_get_lock_context in unlock path\n\nWhen memory is insufficient, the allocation of nfs_lock_context in\nnfs_get_lock_context() fails and returns -ENOMEM. If we mistakenly treat\nan nfs4_unlockdata structure (whose l_ctx member has been set to -ENOMEM)\nas valid and proceed to execute rpc_run_task(), this will trigger a NULL\npointer dereference in nfs4_locku_prepare. For example:\n\nBUG: kernel NULL pointer dereference, address: 000000000000000c\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] SMP PTI\nCPU: 15 UID: 0 PID: 12 Comm: kworker/u64:0 Not tainted 6.15.0-rc2-dirty #60\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40\nWorkqueue: rpciod rpc_async_schedule\nRIP: 0010:nfs4_locku_prepare+0x35/0xc2\nCode: 89 f2 48 89 fd 48 c7 c7 68 69 ef b5 53 48 8b 8e 90 00 00 00 48 89 f3\nRSP: 0018:ffffbbafc006bdb8 EFLAGS: 00010246\nRAX: 000000000000004b RBX: ffff9b964fc1fa00 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: fffffffffffffff4 RDI: ffff9ba53fddbf40\nRBP: ffff9ba539934000 R08: 0000000000000000 R09: ffffbbafc006bc38\nR10: ffffffffb6b689c8 R11: 0000000000000003 R12: ffff9ba539934030\nR13: 0000000000000001 R14: 0000000004248060 R15: ffffffffb56d1c30\nFS: 0000000000000000(0000) GS:ffff9ba5881f0000(0000) knlGS:00000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000000000000c CR3: 000000093f244000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n __rpc_execute+0xbc/0x480\n rpc_async_schedule+0x2f/0x40\n process_one_work+0x232/0x5d0\n worker_thread+0x1da/0x3d0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x10d/0x240\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nModules linked in:\nCR2: 000000000000000c\n---[ end trace 0000000000000000 ]---\n\nFree the allocated nfs4_unlockdata when nfs_get_lock_context() fails and\nreturn NULL to terminate subsequent rpc_run_task, preventing NULL pointer\ndereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38023",
"url": "https://www.suse.com/security/cve/CVE-2025-38023"
},
{
"category": "external",
"summary": "SUSE Bug 1245004 for CVE-2025-38023",
"url": "https://bugzilla.suse.com/1245004"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38023"
},
{
"cve": "CVE-2025-38024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug\n\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x7d/0xa0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xcf/0x610 mm/kasan/report.c:489\n kasan_report+0xb5/0xe0 mm/kasan/report.c:602\n rxe_queue_cleanup+0xd0/0xe0 drivers/infiniband/sw/rxe/rxe_queue.c:195\n rxe_cq_cleanup+0x3f/0x50 drivers/infiniband/sw/rxe/rxe_cq.c:132\n __rxe_cleanup+0x168/0x300 drivers/infiniband/sw/rxe/rxe_pool.c:232\n rxe_create_cq+0x22e/0x3a0 drivers/infiniband/sw/rxe/rxe_verbs.c:1109\n create_cq+0x658/0xb90 drivers/infiniband/core/uverbs_cmd.c:1052\n ib_uverbs_create_cq+0xc7/0x120 drivers/infiniband/core/uverbs_cmd.c:1095\n ib_uverbs_write+0x969/0xc90 drivers/infiniband/core/uverbs_main.c:679\n vfs_write fs/read_write.c:677 [inline]\n vfs_write+0x26a/0xcc0 fs/read_write.c:659\n ksys_write+0x1b8/0x200 fs/read_write.c:731\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xaa/0x1b0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nIn the function rxe_create_cq, when rxe_cq_from_init fails, the function\nrxe_cleanup will be called to handle the allocated resources. In fact,\nsome memory resources have already been freed in the function\nrxe_cq_from_init. Thus, this problem will occur.\n\nThe solution is to let rxe_cleanup do all the work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38024",
"url": "https://www.suse.com/security/cve/CVE-2025-38024"
},
{
"category": "external",
"summary": "SUSE Bug 1245025 for CVE-2025-38024",
"url": "https://bugzilla.suse.com/1245025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38024"
},
{
"cve": "CVE-2025-38027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38027"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: max20086: fix invalid memory access\n\nmax20086_parse_regulators_dt() calls of_regulator_match() using an\narray of struct of_regulator_match allocated on the stack for the\nmatches argument.\n\nof_regulator_match() calls devm_of_regulator_put_matches(), which calls\ndevres_alloc() to allocate a struct devm_of_regulator_matches which will\nbe de-allocated using devm_of_regulator_put_matches().\n\nstruct devm_of_regulator_matches is populated with the stack allocated\nmatches array.\n\nIf the device fails to probe, devm_of_regulator_put_matches() will be\ncalled and will try to call of_node_put() on that stack pointer,\ngenerating the following dmesg entries:\n\nmax20086 6-0028: Failed to read DEVICE_ID reg: -121\nkobject: \u0027\\xc0$\\xa5\\x03\u0027 (000000002cebcb7a): is not initialized, yet\nkobject_put() is being called.\n\nFollowed by a stack trace matching the call flow described above.\n\nSwitch to allocating the matches array using devm_kcalloc() to\navoid accessing the stack pointer long after it\u0027s out of scope.\n\nThis also has the advantage of allowing multiple max20086 to probe\nwithout overriding the data stored inside the global of_regulator_match.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38027",
"url": "https://www.suse.com/security/cve/CVE-2025-38027"
},
{
"category": "external",
"summary": "SUSE Bug 1245042 for CVE-2025-38027",
"url": "https://bugzilla.suse.com/1245042"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38027"
},
{
"cve": "CVE-2025-38031",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38031"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: do not leak refcount in reorder_work\n\nA recent patch that addressed a UAF introduced a reference count leak:\nthe parallel_data refcount is incremented unconditionally, regardless\nof the return value of queue_work(). If the work item is already queued,\nthe incremented refcount is never decremented.\n\nFix this by checking the return value of queue_work() and decrementing\nthe refcount when necessary.\n\nResolves:\n\nUnreferenced object 0xffff9d9f421e3d80 (size 192):\n comm \"cryptomgr_probe\", pid 157, jiffies 4294694003\n hex dump (first 32 bytes):\n 80 8b cf 41 9f 9d ff ff b8 97 e0 89 ff ff ff ff ...A............\n d0 97 e0 89 ff ff ff ff 19 00 00 00 1f 88 23 00 ..............#.\n backtrace (crc 838fb36):\n __kmalloc_cache_noprof+0x284/0x320\n padata_alloc_pd+0x20/0x1e0\n padata_alloc_shell+0x3b/0xa0\n 0xffffffffc040a54d\n cryptomgr_probe+0x43/0xc0\n kthread+0xf6/0x1f0\n ret_from_fork+0x2f/0x50\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38031",
"url": "https://www.suse.com/security/cve/CVE-2025-38031"
},
{
"category": "external",
"summary": "SUSE Bug 1245046 for CVE-2025-38031",
"url": "https://bugzilla.suse.com/1245046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38031"
},
{
"cve": "CVE-2025-38040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38040"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: mctrl_gpio: split disable_ms into sync and no_sync APIs\n\nThe following splat has been observed on a SAMA5D27 platform using\natmel_serial:\n\nBUG: sleeping function called from invalid context at kernel/irq/manage.c:738\nin_atomic(): 1, irqs_disabled(): 128, non_block: 0, pid: 27, name: kworker/u5:0\npreempt_count: 1, expected: 0\nINFO: lockdep is turned off.\nirq event stamp: 0\nhardirqs last enabled at (0): [\u003c00000000\u003e] 0x0\nhardirqs last disabled at (0): [\u003cc01588f0\u003e] copy_process+0x1c4c/0x7bec\nsoftirqs last enabled at (0): [\u003cc0158944\u003e] copy_process+0x1ca0/0x7bec\nsoftirqs last disabled at (0): [\u003c00000000\u003e] 0x0\nCPU: 0 UID: 0 PID: 27 Comm: kworker/u5:0 Not tainted 6.13.0-rc7+ #74\nHardware name: Atmel SAMA5\nWorkqueue: hci0 hci_power_on [bluetooth]\nCall trace:\n unwind_backtrace from show_stack+0x18/0x1c\n show_stack from dump_stack_lvl+0x44/0x70\n dump_stack_lvl from __might_resched+0x38c/0x598\n __might_resched from disable_irq+0x1c/0x48\n disable_irq from mctrl_gpio_disable_ms+0x74/0xc0\n mctrl_gpio_disable_ms from atmel_disable_ms.part.0+0x80/0x1f4\n atmel_disable_ms.part.0 from atmel_set_termios+0x764/0x11e8\n atmel_set_termios from uart_change_line_settings+0x15c/0x994\n uart_change_line_settings from uart_set_termios+0x2b0/0x668\n uart_set_termios from tty_set_termios+0x600/0x8ec\n tty_set_termios from ttyport_set_flow_control+0x188/0x1e0\n ttyport_set_flow_control from wilc_setup+0xd0/0x524 [hci_wilc]\n wilc_setup [hci_wilc] from hci_dev_open_sync+0x330/0x203c [bluetooth]\n hci_dev_open_sync [bluetooth] from hci_dev_do_open+0x40/0xb0 [bluetooth]\n hci_dev_do_open [bluetooth] from hci_power_on+0x12c/0x664 [bluetooth]\n hci_power_on [bluetooth] from process_one_work+0x998/0x1a38\n process_one_work from worker_thread+0x6e0/0xfb4\n worker_thread from kthread+0x3d4/0x484\n kthread from ret_from_fork+0x14/0x28\n\nThis warning is emitted when trying to toggle, at the highest level,\nsome flow control (with serdev_device_set_flow_control) in a device\ndriver. At the lowest level, the atmel_serial driver is using\nserial_mctrl_gpio lib to enable/disable the corresponding IRQs\naccordingly. The warning emitted by CONFIG_DEBUG_ATOMIC_SLEEP is due to\ndisable_irq (called in mctrl_gpio_disable_ms) being possibly called in\nsome atomic context (some tty drivers perform modem lines configuration\nin regions protected by port lock).\n\nSplit mctrl_gpio_disable_ms into two differents APIs, a non-blocking one\nand a blocking one. Replace mctrl_gpio_disable_ms calls with the\nrelevant version depending on whether the call is protected by some port\nlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38040",
"url": "https://www.suse.com/security/cve/CVE-2025-38040"
},
{
"category": "external",
"summary": "SUSE Bug 1245078 for CVE-2025-38040",
"url": "https://bugzilla.suse.com/1245078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38040"
},
{
"cve": "CVE-2025-38043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_ffa: Set dma_mask for ffa devices\n\nSet dma_mask for FFA devices, otherwise DMA allocation using the device pointer\nlead to following warning:\n\nWARNING: CPU: 1 PID: 1 at kernel/dma/mapping.c:597 dma_alloc_attrs+0xe0/0x124",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38043",
"url": "https://www.suse.com/security/cve/CVE-2025-38043"
},
{
"category": "external",
"summary": "SUSE Bug 1245081 for CVE-2025-38043",
"url": "https://bugzilla.suse.com/1245081"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38043"
},
{
"cve": "CVE-2025-38044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx231xx: set device_caps for 417\n\nThe video_device for the MPEG encoder did not set device_caps.\n\nAdd this, otherwise the video device can\u0027t be registered (you get a\nWARN_ON instead).\n\nNot seen before since currently 417 support is disabled, but I found\nthis while experimenting with it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38044",
"url": "https://www.suse.com/security/cve/CVE-2025-38044"
},
{
"category": "external",
"summary": "SUSE Bug 1245082 for CVE-2025-38044",
"url": "https://bugzilla.suse.com/1245082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38044"
},
{
"cve": "CVE-2025-38045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix debug actions order\n\nThe order of actions taken for debug was implemented incorrectly.\nNow we implemented the dump split and do the FW reset only in the\nmiddle of the dump (rather than the FW killing itself on error.)\nAs a result, some of the actions taken when applying the config\nwill now crash the device, so we need to fix the order.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38045",
"url": "https://www.suse.com/security/cve/CVE-2025-38045"
},
{
"category": "external",
"summary": "SUSE Bug 1245083 for CVE-2025-38045",
"url": "https://bugzilla.suse.com/1245083"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38045"
},
{
"cve": "CVE-2025-38053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix null-ptr-deref in idpf_features_check\n\nidpf_features_check is used to validate the TX packet. skb header\nlength is compared with the hardware supported value received from\nthe device control plane. The value is stored in the adapter structure\nand to access it, vport pointer is used. During reset all the vports\nare released and the vport pointer that the netdev private structure\npoints to is NULL.\n\nTo avoid null-ptr-deref, store the max header length value in netdev\nprivate structure. This also helps to cache the value and avoid\naccessing adapter pointer in hot path.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000068\n...\nRIP: 0010:idpf_features_check+0x6d/0xe0 [idpf]\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x154/0x520\n ? exc_page_fault+0x76/0x190\n ? asm_exc_page_fault+0x26/0x30\n ? idpf_features_check+0x6d/0xe0 [idpf]\n netif_skb_features+0x88/0x310\n validate_xmit_skb+0x2a/0x2b0\n validate_xmit_skb_list+0x4c/0x70\n sch_direct_xmit+0x19d/0x3a0\n __dev_queue_xmit+0xb74/0xe70\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38053",
"url": "https://www.suse.com/security/cve/CVE-2025-38053"
},
{
"category": "external",
"summary": "SUSE Bug 1244746 for CVE-2025-38053",
"url": "https://bugzilla.suse.com/1244746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38053"
},
{
"cve": "CVE-2025-38055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel: Fix segfault with PEBS-via-PT with sample_freq\n\nCurrently, using PEBS-via-PT with a sample frequency instead of a sample\nperiod, causes a segfault. For example:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000195\n \u003cNMI\u003e\n ? __die_body.cold+0x19/0x27\n ? page_fault_oops+0xca/0x290\n ? exc_page_fault+0x7e/0x1b0\n ? asm_exc_page_fault+0x26/0x30\n ? intel_pmu_pebs_event_update_no_drain+0x40/0x60\n ? intel_pmu_pebs_event_update_no_drain+0x32/0x60\n intel_pmu_drain_pebs_icl+0x333/0x350\n handle_pmi_common+0x272/0x3c0\n intel_pmu_handle_irq+0x10a/0x2e0\n perf_event_nmi_handler+0x2a/0x50\n\nThat happens because intel_pmu_pebs_event_update_no_drain() assumes all the\npebs_enabled bits represent counter indexes, which is not always the case.\nIn this particular case, bits 60 and 61 are set for PEBS-via-PT purposes.\n\nThe behaviour of PEBS-via-PT with sample frequency is questionable because\nalthough a PMI is generated (PEBS_PMI_AFTER_EACH_RECORD), the period is not\nadjusted anyway.\n\nPutting that aside, fix intel_pmu_pebs_event_update_no_drain() by passing\nthe mask of counter bits instead of \u0027size\u0027. Note, prior to the Fixes\ncommit, \u0027size\u0027 would be limited to the maximum counter index, so the issue\nwas not hit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38055",
"url": "https://www.suse.com/security/cve/CVE-2025-38055"
},
{
"category": "external",
"summary": "SUSE Bug 1244747 for CVE-2025-38055",
"url": "https://bugzilla.suse.com/1244747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38055"
},
{
"cve": "CVE-2025-38057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nespintcp: fix skb leaks\n\nA few error paths are missing a kfree_skb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38057",
"url": "https://www.suse.com/security/cve/CVE-2025-38057"
},
{
"category": "external",
"summary": "SUSE Bug 1244862 for CVE-2025-38057",
"url": "https://bugzilla.suse.com/1244862"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38057"
},
{
"cve": "CVE-2025-38059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: avoid NULL pointer dereference if no valid csum tree\n\n[BUG]\nWhen trying read-only scrub on a btrfs with rescue=idatacsums mount\noption, it will crash with the following call trace:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000208\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n CPU: 1 UID: 0 PID: 835 Comm: btrfs Tainted: G O 6.15.0-rc3-custom+ #236 PREEMPT(full)\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 02/02/2022\n RIP: 0010:btrfs_lookup_csums_bitmap+0x49/0x480 [btrfs]\n Call Trace:\n \u003cTASK\u003e\n scrub_find_fill_first_stripe+0x35b/0x3d0 [btrfs]\n scrub_simple_mirror+0x175/0x290 [btrfs]\n scrub_stripe+0x5f7/0x6f0 [btrfs]\n scrub_chunk+0x9a/0x150 [btrfs]\n scrub_enumerate_chunks+0x333/0x660 [btrfs]\n btrfs_scrub_dev+0x23e/0x600 [btrfs]\n btrfs_ioctl+0x1dcf/0x2f80 [btrfs]\n __x64_sys_ioctl+0x97/0xc0\n do_syscall_64+0x4f/0x120\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n[CAUSE]\nMount option \"rescue=idatacsums\" will completely skip loading the csum\ntree, so that any data read will not find any data csum thus we will\nignore data checksum verification.\n\nNormally call sites utilizing csum tree will check the fs state flag\nNO_DATA_CSUMS bit, but unfortunately scrub does not check that bit at all.\n\nThis results in scrub to call btrfs_search_slot() on a NULL pointer\nand triggered above crash.\n\n[FIX]\nCheck both extent and csum tree root before doing any tree search.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38059",
"url": "https://www.suse.com/security/cve/CVE-2025-38059"
},
{
"category": "external",
"summary": "SUSE Bug 1244759 for CVE-2025-38059",
"url": "https://bugzilla.suse.com/1244759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38059"
},
{
"cve": "CVE-2025-38060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: copy_verifier_state() should copy \u0027loop_entry\u0027 field\n\nThe bpf_verifier_state.loop_entry state should be copied by\ncopy_verifier_state(). Otherwise, .loop_entry values from unrelated\nstates would poison env-\u003ecur_state.\n\nAdditionally, env-\u003estack should not contain any states with\n.loop_entry != NULL. The states in env-\u003estack are yet to be verified,\nwhile .loop_entry is set for states that reached an equivalent state.\nThis means that env-\u003ecur_state-\u003eloop_entry should always be NULL after\npop_stack().\n\nSee the selftest in the next commit for an example of the program that\nis not safe yet is accepted by verifier w/o this fix.\n\nThis change has some verification performance impact for selftests:\n\nFile Program Insns (A) Insns (B) Insns (DIFF) States (A) States (B) States (DIFF)\n---------------------------------- ---------------------------- --------- --------- -------------- ---------- ---------- -------------\narena_htab.bpf.o arena_htab_llvm 717 426 -291 (-40.59%) 57 37 -20 (-35.09%)\narena_htab_asm.bpf.o arena_htab_asm 597 445 -152 (-25.46%) 47 37 -10 (-21.28%)\narena_list.bpf.o arena_list_del 309 279 -30 (-9.71%) 23 14 -9 (-39.13%)\niters.bpf.o iter_subprog_check_stacksafe 155 141 -14 (-9.03%) 15 14 -1 (-6.67%)\niters.bpf.o iter_subprog_iters 1094 1003 -91 (-8.32%) 88 83 -5 (-5.68%)\niters.bpf.o loop_state_deps2 479 725 +246 (+51.36%) 46 63 +17 (+36.96%)\nkmem_cache_iter.bpf.o open_coded_iter 63 59 -4 (-6.35%) 7 6 -1 (-14.29%)\nverifier_bits_iter.bpf.o max_words 92 84 -8 (-8.70%) 8 7 -1 (-12.50%)\nverifier_iterating_callbacks.bpf.o cond_break2 113 107 -6 (-5.31%) 12 12 +0 (+0.00%)\n\nAnd significant negative impact for sched_ext:\n\nFile Program Insns (A) Insns (B) Insns (DIFF) States (A) States (B) States (DIFF)\n----------------- ---------------------- --------- --------- -------------------- ---------- ---------- ------------------\nbpf.bpf.o lavd_init 7039 14723 +7684 (+109.16%) 490 1139 +649 (+132.45%)\nbpf.bpf.o layered_dispatch 11485 10548 -937 (-8.16%) 848 762 -86 (-10.14%)\nbpf.bpf.o layered_dump 7422 1000001 +992579 (+13373.47%) 681 31178 +30497 (+4478.27%)\nbpf.bpf.o layered_enqueue 16854 71127 +54273 (+322.02%) 1611 6450 +4839 (+300.37%)\nbpf.bpf.o p2dq_dispatch 665 791 +126 (+18.95%) 68 78 +10 (+14.71%)\nbpf.bpf.o p2dq_init 2343 2980 +637 (+27.19%) 201 237 +36 (+17.91%)\nbpf.bpf.o refresh_layer_cpumasks 16487 674760 +658273 (+3992.68%) 1770 65370 +63600 (+3593.22%)\nbpf.bpf.o rusty_select_cpu 1937 40872 +38935 (+2010.07%) 177 3210 +3033 (+1713.56%)\nscx_central.bpf.o central_dispatch 636 2687 +2051 (+322.48%) 63 227 +164 (+260.32%)\nscx_nest.bpf.o nest_init 636 815 +179 (+28.14%) 60 73 +13 (+21.67%)\nscx_qmap.bpf.o qmap_dispatch \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38060",
"url": "https://www.suse.com/security/cve/CVE-2025-38060"
},
{
"category": "external",
"summary": "SUSE Bug 1245155 for CVE-2025-38060",
"url": "https://bugzilla.suse.com/1245155"
},
{
"category": "external",
"summary": "SUSE Bug 1245156 for CVE-2025-38060",
"url": "https://bugzilla.suse.com/1245156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "important"
}
],
"title": "CVE-2025-38060"
},
{
"cve": "CVE-2025-38065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: Do not truncate file size\n\n\u0027len\u0027 is used to store the result of i_size_read(), so making \u0027len\u0027\na size_t results in truncation to 4GiB on 32-bit systems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38065",
"url": "https://www.suse.com/security/cve/CVE-2025-38065"
},
{
"category": "external",
"summary": "SUSE Bug 1244906 for CVE-2025-38065",
"url": "https://bugzilla.suse.com/1244906"
},
{
"category": "external",
"summary": "SUSE Bug 1244907 for CVE-2025-38065",
"url": "https://bugzilla.suse.com/1244907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "important"
}
],
"title": "CVE-2025-38065"
},
{
"cve": "CVE-2025-38068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: lzo - Fix compression buffer overrun\n\nUnlike the decompression code, the compression code in LZO never\nchecked for output overruns. It instead assumes that the caller\nalways provides enough buffer space, disregarding the buffer length\nprovided by the caller.\n\nAdd a safe compression interface that checks for the end of buffer\nbefore each write. Use the safe interface in crypto/lzo.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38068",
"url": "https://www.suse.com/security/cve/CVE-2025-38068"
},
{
"category": "external",
"summary": "SUSE Bug 1245210 for CVE-2025-38068",
"url": "https://bugzilla.suse.com/1245210"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38068"
},
{
"cve": "CVE-2025-38072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibnvdimm/labels: Fix divide error in nd_label_data_init()\n\nIf a faulty CXL memory device returns a broken zero LSA size in its\nmemory device information (Identify Memory Device (Opcode 4000h), CXL\nspec. 3.1, 8.2.9.9.1.1), a divide error occurs in the libnvdimm\ndriver:\n\n Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:nd_label_data_init+0x10e/0x800 [libnvdimm]\n\nCode and flow:\n\n1) CXL Command 4000h returns LSA size = 0\n2) config_size is assigned to zero LSA size (CXL pmem driver):\n\ndrivers/cxl/pmem.c: .config_size = mds-\u003elsa_size,\n\n3) max_xfer is set to zero (nvdimm driver):\n\ndrivers/nvdimm/label.c: max_xfer = min_t(size_t, ndd-\u003ensarea.max_xfer, config_size);\n\n4) A subsequent DIV_ROUND_UP() causes a division by zero:\n\ndrivers/nvdimm/label.c: /* Make our initial read size a multiple of max_xfer size */\ndrivers/nvdimm/label.c: read_size = min(DIV_ROUND_UP(read_size, max_xfer) * max_xfer,\ndrivers/nvdimm/label.c- config_size);\n\nFix this by checking the config size parameter by extending an\nexisting check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38072",
"url": "https://www.suse.com/security/cve/CVE-2025-38072"
},
{
"category": "external",
"summary": "SUSE Bug 1244743 for CVE-2025-38072",
"url": "https://bugzilla.suse.com/1244743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38072"
},
{
"cve": "CVE-2025-38077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store()\n\nIf the \u0027buf\u0027 array received from the user contains an empty string, the\n\u0027length\u0027 variable will be zero. Accessing the \u0027buf\u0027 array element with\nindex \u0027length - 1\u0027 will result in a buffer overflow.\n\nAdd a check for an empty string.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38077",
"url": "https://www.suse.com/security/cve/CVE-2025-38077"
},
{
"category": "external",
"summary": "SUSE Bug 1244736 for CVE-2025-38077",
"url": "https://bugzilla.suse.com/1244736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38077"
},
{
"cve": "CVE-2025-38078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: Fix race of buffer access at PCM OSS layer\n\nThe PCM OSS layer tries to clear the buffer with the silence data at\ninitialization (or reconfiguration) of a stream with the explicit call\nof snd_pcm_format_set_silence() with runtime-\u003edma_area. But this may\nlead to a UAF because the accessed runtime-\u003edma_area might be freed\nconcurrently, as it\u0027s performed outside the PCM ops.\n\nFor avoiding it, move the code into the PCM core and perform it inside\nthe buffer access lock, so that it won\u0027t be changed during the\noperation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38078",
"url": "https://www.suse.com/security/cve/CVE-2025-38078"
},
{
"category": "external",
"summary": "SUSE Bug 1244737 for CVE-2025-38078",
"url": "https://bugzilla.suse.com/1244737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38078"
},
{
"cve": "CVE-2025-38079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_hash - fix double free in hash_accept\n\nIf accept(2) is called on socket type algif_hash with\nMSG_MORE flag set and crypto_ahash_import fails,\nsk2 is freed. However, it is also freed in af_alg_release,\nleading to slab-use-after-free error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38079",
"url": "https://www.suse.com/security/cve/CVE-2025-38079"
},
{
"category": "external",
"summary": "SUSE Bug 1245217 for CVE-2025-38079",
"url": "https://bugzilla.suse.com/1245217"
},
{
"category": "external",
"summary": "SUSE Bug 1245218 for CVE-2025-38079",
"url": "https://bugzilla.suse.com/1245218"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "important"
}
],
"title": "CVE-2025-38079"
},
{
"cve": "CVE-2025-38080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Increase block_sequence array size\n\n[Why]\nIt\u0027s possible to generate more than 50 steps in hwss_build_fast_sequence,\nfor example with a 6-pipe asic where all pipes are in one MPC chain. This\noverflows the block_sequence buffer and corrupts block_sequence_steps,\ncausing a crash.\n\n[How]\nExpand block_sequence to 100 items. A naive upper bound on the possible\nnumber of steps for a 6-pipe asic, ignoring the potential for steps to be\nmutually exclusive, is 91 with current code, therefore 100 is sufficient.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38080",
"url": "https://www.suse.com/security/cve/CVE-2025-38080"
},
{
"category": "external",
"summary": "SUSE Bug 1244738 for CVE-2025-38080",
"url": "https://bugzilla.suse.com/1244738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38080"
},
{
"cve": "CVE-2025-38081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38081"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi-rockchip: Fix register out of bounds access\n\nDo not write native chip select stuff for GPIO chip selects.\nGPIOs can be numbered much higher than native CS.\nAlso, it makes no sense.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38081",
"url": "https://www.suse.com/security/cve/CVE-2025-38081"
},
{
"category": "external",
"summary": "SUSE Bug 1244739 for CVE-2025-38081",
"url": "https://bugzilla.suse.com/1244739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38081"
},
{
"cve": "CVE-2025-38083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: prio: fix a race in prio_tune()\n\nGerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer\nfires at the wrong time.\n\nThe race is as follows:\n\nCPU 0 CPU 1\n[1]: lock root\n[2]: qdisc_tree_flush_backlog()\n[3]: unlock root\n |\n | [5]: lock root\n | [6]: rehash\n | [7]: qdisc_tree_reduce_backlog()\n |\n[4]: qdisc_put()\n\nThis can be abused to underflow a parent\u0027s qlen.\n\nCalling qdisc_purge_queue() instead of qdisc_tree_flush_backlog()\nshould fix the race, because all packets will be purged from the qdisc\nbefore releasing the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38083",
"url": "https://www.suse.com/security/cve/CVE-2025-38083"
},
{
"category": "external",
"summary": "SUSE Bug 1245183 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "external",
"summary": "SUSE Bug 1245350 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "important"
}
],
"title": "CVE-2025-38083"
},
{
"cve": "CVE-2025-38104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV\n\nRLCG Register Access is a way for virtual functions to safely access GPU\nregisters in a virtualized environment., including TLB flushes and\nregister reads. When multiple threads or VFs try to access the same\nregisters simultaneously, it can lead to race conditions. By using the\nRLCG interface, the driver can serialize access to the registers. This\nmeans that only one thread can access the registers at a time,\npreventing conflicts and ensuring that operations are performed\ncorrectly. Additionally, when a low-priority task holds a mutex that a\nhigh-priority task needs, ie., If a thread holding a spinlock tries to\nacquire a mutex, it can lead to priority inversion. register access in\namdgpu_virt_rlcg_reg_rw especially in a fast code path is critical.\n\nThe call stack shows that the function amdgpu_virt_rlcg_reg_rw is being\ncalled, which attempts to acquire the mutex. This function is invoked\nfrom amdgpu_sriov_wreg, which in turn is called from\ngmc_v11_0_flush_gpu_tlb.\n\nThe [ BUG: Invalid wait context ] indicates that a thread is trying to\nacquire a mutex while it is in a context that does not allow it to sleep\n(like holding a spinlock).\n\nFixes the below:\n\n[ 253.013423] =============================\n[ 253.013434] [ BUG: Invalid wait context ]\n[ 253.013446] 6.12.0-amdstaging-drm-next-lol-050225 #14 Tainted: G U OE\n[ 253.013464] -----------------------------\n[ 253.013475] kworker/0:1/10 is trying to lock:\n[ 253.013487] ffff9f30542e3cf8 (\u0026adev-\u003evirt.rlcg_reg_lock){+.+.}-{3:3}, at: amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.013815] other info that might help us debug this:\n[ 253.013827] context-{4:4}\n[ 253.013835] 3 locks held by kworker/0:1/10:\n[ 253.013847] #0: ffff9f3040050f58 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x3f5/0x680\n[ 253.013877] #1: ffffb789c008be40 ((work_completion)(\u0026wfc.work)){+.+.}-{0:0}, at: process_one_work+0x1d6/0x680\n[ 253.013905] #2: ffff9f3054281838 (\u0026adev-\u003egmc.invalidate_lock){+.+.}-{2:2}, at: gmc_v11_0_flush_gpu_tlb+0x198/0x4f0 [amdgpu]\n[ 253.014154] stack backtrace:\n[ 253.014164] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G U OE 6.12.0-amdstaging-drm-next-lol-050225 #14\n[ 253.014189] Tainted: [U]=USER, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n[ 253.014203] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/18/2024\n[ 253.014224] Workqueue: events work_for_cpu_fn\n[ 253.014241] Call Trace:\n[ 253.014250] \u003cTASK\u003e\n[ 253.014260] dump_stack_lvl+0x9b/0xf0\n[ 253.014275] dump_stack+0x10/0x20\n[ 253.014287] __lock_acquire+0xa47/0x2810\n[ 253.014303] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014321] lock_acquire+0xd1/0x300\n[ 253.014333] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014562] ? __lock_acquire+0xa6b/0x2810\n[ 253.014578] __mutex_lock+0x85/0xe20\n[ 253.014591] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014782] ? sched_clock_noinstr+0x9/0x10\n[ 253.014795] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014808] ? local_clock_noinstr+0xe/0xc0\n[ 253.014822] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015012] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.015029] mutex_lock_nested+0x1b/0x30\n[ 253.015044] ? mutex_lock_nested+0x1b/0x30\n[ 253.015057] amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015249] amdgpu_sriov_wreg+0xc5/0xd0 [amdgpu]\n[ 253.015435] gmc_v11_0_flush_gpu_tlb+0x44b/0x4f0 [amdgpu]\n[ 253.015667] gfx_v11_0_hw_init+0x499/0x29c0 [amdgpu]\n[ 253.015901] ? __pfx_smu_v13_0_update_pcie_parameters+0x10/0x10 [amdgpu]\n[ 253.016159] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.016173] ? smu_hw_init+0x18d/0x300 [amdgpu]\n[ 253.016403] amdgpu_device_init+0x29ad/0x36a0 [amdgpu]\n[ 253.016614] amdgpu_driver_load_kms+0x1a/0xc0 [amdgpu]\n[ 253.0170\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38104",
"url": "https://www.suse.com/security/cve/CVE-2025-38104"
},
{
"category": "external",
"summary": "SUSE Bug 1241635 for CVE-2025-38104",
"url": "https://bugzilla.suse.com/1241635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38104"
},
{
"cve": "CVE-2025-38240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38240"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr\n\nThe function mtk_dp_wait_hpd_asserted() may be called before the\n`mtk_dp-\u003edrm_dev` pointer is assigned in mtk_dp_bridge_attach().\nSpecifically it can be called via this callpath:\n - mtk_edp_wait_hpd_asserted\n - [panel probe]\n - dp_aux_ep_probe\n\nUsing \"drm\" level prints anywhere in this callpath causes a NULL\npointer dereference. Change the error message directly in\nmtk_dp_wait_hpd_asserted() to dev_err() to avoid this. Also change the\nerror messages in mtk_dp_parse_capabilities(), which is called by\nmtk_dp_wait_hpd_asserted().\n\nWhile touching these prints, also add the error code to them to make\nfuture debugging easier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38240",
"url": "https://www.suse.com/security/cve/CVE-2025-38240"
},
{
"category": "external",
"summary": "SUSE Bug 1241457 for CVE-2025-38240",
"url": "https://bugzilla.suse.com/1241457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-38240"
},
{
"cve": "CVE-2025-39735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix slab-out-of-bounds read in ea_get()\n\nDuring the \"size_check\" label in ea_get(), the code checks if the extended\nattribute list (xattr) size matches ea_size. If not, it logs\n\"ea_get: invalid extended attribute\" and calls print_hex_dump().\n\nHere, EALIST_SIZE(ea_buf-\u003exattr) returns 4110417968, which exceeds\nINT_MAX (2,147,483,647). Then ea_size is clamped:\n\n\tint size = clamp_t(int, ea_size, 0, EALIST_SIZE(ea_buf-\u003exattr));\n\nAlthough clamp_t aims to bound ea_size between 0 and 4110417968, the upper\nlimit is treated as an int, causing an overflow above 2^31 - 1. This leads\n\"size\" to wrap around and become negative (-184549328).\n\nThe \"size\" is then passed to print_hex_dump() (called \"len\" in\nprint_hex_dump()), it is passed as type size_t (an unsigned\ntype), this is then stored inside a variable called\n\"int remaining\", which is then assigned to \"int linelen\" which\nis then passed to hex_dump_to_buffer(). In print_hex_dump()\nthe for loop, iterates through 0 to len-1, where len is\n18446744073525002176, calling hex_dump_to_buffer()\non each iteration:\n\n\tfor (i = 0; i \u003c len; i += rowsize) {\n\t\tlinelen = min(remaining, rowsize);\n\t\tremaining -= rowsize;\n\n\t\thex_dump_to_buffer(ptr + i, linelen, rowsize, groupsize,\n\t\t\t\t linebuf, sizeof(linebuf), ascii);\n\n\t\t...\n\t}\n\nThe expected stopping condition (i \u003c len) is effectively broken\nsince len is corrupted and very large. This eventually leads to\nthe \"ptr+i\" being passed to hex_dump_to_buffer() to get closer\nto the end of the actual bounds of \"ptr\", eventually an out of\nbounds access is done in hex_dump_to_buffer() in the following\nfor loop:\n\n\tfor (j = 0; j \u003c len; j++) {\n\t\t\tif (linebuflen \u003c lx + 2)\n\t\t\t\tgoto overflow2;\n\t\t\tch = ptr[j];\n\t\t...\n\t}\n\nTo fix this we should validate \"EALIST_SIZE(ea_buf-\u003exattr)\"\nbefore it is utilised.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39735",
"url": "https://www.suse.com/security/cve/CVE-2025-39735"
},
{
"category": "external",
"summary": "SUSE Bug 1241625 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "external",
"summary": "SUSE Bug 1241699 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "important"
}
],
"title": "CVE-2025-39735"
},
{
"cve": "CVE-2025-40014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq()\n\nIf speed_hz \u003c AMD_SPI_MIN_HZ, amd_set_spi_freq() iterates over the\nentire amd_spi_freq array without breaking out early, causing \u0027i\u0027 to go\nbeyond the array bounds.\n\nFix that by stopping the loop when it gets to the last entry, so the low\nspeed_hz value gets clamped up to AMD_SPI_MIN_HZ.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/spi/spi-amd.o: error: objtool: amd_set_spi_freq() falls through to next function amd_spi_set_opcode()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40014",
"url": "https://www.suse.com/security/cve/CVE-2025-40014"
},
{
"category": "external",
"summary": "SUSE Bug 1241644 for CVE-2025-40014",
"url": "https://bugzilla.suse.com/1241644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_6-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.6.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-14T12:31:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-40014"
}
]
}
ghsa-g7p4-4259-746x
Vulnerability from github
Published
2025-05-01 15:31
Modified
2025-05-01 15:31
VLAI Severity ?
Details
In the Linux kernel, the following vulnerability has been resolved:
perf: Fix hang while freeing sigtrap event
Perf can hang while freeing a sigtrap event if a related deferred signal hadn't managed to be sent before the file got closed:
perf_event_overflow() task_work_add(perf_pending_task)
fput() task_work_add(____fput())
task_work_run() ____fput() perf_release() perf_event_release_kernel() _free_event() perf_pending_task_sync() task_work_cancel() -> FAILED rcuwait_wait_event()
Once task_work_run() is running, the list of pending callbacks is removed from the task_struct and from this point on task_work_cancel() can't remove any pending and not yet started work items, hence the task_work_cancel() failure and the hang on rcuwait_wait_event().
Task work could be changed to remove one work at a time, so a work running on the current task can always cancel a pending one, however the wait / wake design is still subject to inverted dependencies when remote targets are involved, as pictured by Oleg:
T1 T2
fd = perf_event_open(pid => T2->pid); fd = perf_event_open(pid => T1->pid); close(fd) close(fd) perf_event_overflow() perf_event_overflow() task_work_add(perf_pending_task) task_work_add(perf_pending_task) fput() fput() task_work_add(_fput()) taskwork_add(__fput())
task_work_run() task_work_run()
____fput() ____fput()
perf_release() perf_release()
perf_event_release_kernel() perf_event_release_kernel()
_free_event() _free_event()
perf_pending_task_sync() perf_pending_task_sync()
rcuwait_wait_event() rcuwait_wait_event()
Therefore the only option left is to acquire the event reference count upon queueing the perf task work and release it from the task work, just like it was done before 3a5465418f5f ("perf: Fix event leak upon exec and file release") but without the leaks it fixed.
Some adjustments are necessary to make it work:
-
A child event might dereference its parent upon freeing. Care must be taken to release the parent last.
-
Some places assuming the event doesn't have any reference held and therefore can be freed right away must instead put the reference and let the reference counting to its job.
{
"affected": [],
"aliases": [
"CVE-2025-37747"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-01T13:15:53Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job.",
"id": "GHSA-g7p4-4259-746x",
"modified": "2025-05-01T15:31:42Z",
"published": "2025-05-01T15:31:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37747"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1267bd38f161c1a27d9b722de017027167a225a0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/56799bc035658738f362acec3e7647bb84e68933"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/665b87b8f8b3aeb49083ef3b65c4953e7753fc12"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/fa1827fa968c0674e9b6fca223fa9fb4da4493eb"
}
],
"schema_version": "1.4.0",
"severity": []
}
fkie_cve-2025-37747
Vulnerability from fkie_nvd
Published
2025-05-01 13:15
Modified
2025-05-02 13:53
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
perf: Fix hang while freeing sigtrap event
Perf can hang while freeing a sigtrap event if a related deferred
signal hadn't managed to be sent before the file got closed:
perf_event_overflow()
task_work_add(perf_pending_task)
fput()
task_work_add(____fput())
task_work_run()
____fput()
perf_release()
perf_event_release_kernel()
_free_event()
perf_pending_task_sync()
task_work_cancel() -> FAILED
rcuwait_wait_event()
Once task_work_run() is running, the list of pending callbacks is
removed from the task_struct and from this point on task_work_cancel()
can't remove any pending and not yet started work items, hence the
task_work_cancel() failure and the hang on rcuwait_wait_event().
Task work could be changed to remove one work at a time, so a work
running on the current task can always cancel a pending one, however
the wait / wake design is still subject to inverted dependencies when
remote targets are involved, as pictured by Oleg:
T1 T2
fd = perf_event_open(pid => T2->pid); fd = perf_event_open(pid => T1->pid);
close(fd) close(fd)
<IRQ> <IRQ>
perf_event_overflow() perf_event_overflow()
task_work_add(perf_pending_task) task_work_add(perf_pending_task)
</IRQ> </IRQ>
fput() fput()
task_work_add(____fput()) task_work_add(____fput())
task_work_run() task_work_run()
____fput() ____fput()
perf_release() perf_release()
perf_event_release_kernel() perf_event_release_kernel()
_free_event() _free_event()
perf_pending_task_sync() perf_pending_task_sync()
rcuwait_wait_event() rcuwait_wait_event()
Therefore the only option left is to acquire the event reference count
upon queueing the perf task work and release it from the task work, just
like it was done before 3a5465418f5f ("perf: Fix event leak upon exec and file release")
but without the leaks it fixed.
Some adjustments are necessary to make it work:
* A child event might dereference its parent upon freeing. Care must be
taken to release the parent last.
* Some places assuming the event doesn't have any reference held and
therefore can be freed right away must instead put the reference and
let the reference counting to its job.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/1267bd38f161c1a27d9b722de017027167a225a0 | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/56799bc035658738f362acec3e7647bb84e68933 | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/665b87b8f8b3aeb49083ef3b65c4953e7753fc12 | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/fa1827fa968c0674e9b6fca223fa9fb4da4493eb |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: perf: Se soluciona el bloqueo al liberar el evento sigtrap Perf puede bloquearse al liberar un evento sigtrap si no se ha logrado enviar una se\u00f1al diferida relacionada antes de que se cerrara el archivo: perf_event_overflow() task_work_add(perf_pending_task) fput() task_work_add(____fput()) task_work_run() ____fput() perf_release() perf_event_release_kernel() _free_event() perf_pending_task_sync() task_work_cancel() -\u0026gt; FAILED rcuwait_wait_event() Una vez que task_work_run() se est\u00e1 ejecutando, la lista de devoluciones de llamadas pendientes se elimina de task_struct y desde este punto, task_work_cancel() no puede eliminar ning\u00fan elemento de trabajo pendiente y a\u00fan no iniciado, de ah\u00ed el error de task_work_cancel() y el bloqueo de rcuwait_wait_event(). El trabajo de la tarea se puede cambiar para eliminar un trabajo a la vez, de modo que un trabajo que se ejecuta en la tarea actual siempre puede cancelar uno pendiente, sin embargo, el dise\u00f1o de espera/activaci\u00f3n a\u00fan est\u00e1 sujeto a dependencias invertidas cuando se involucran objetivos remotos, como lo ilustra Oleg: T1 T2 fd = perf_event_open(pid =\u0026gt; T2-\u0026gt;pid); fd = perf_event_open(pid =\u0026gt; T1-\u0026gt;pid); close(fd) close(fd) perf_event_overflow() perf_event_overflow() task_work_add(perf_pending_task) task_work_add(perf_pending_task) fput() fput() task_work_add(____fput()) task_work_add(____fput()) task_work_run() task_work_run() ____fput() ____fput() perf_release() perf_release() perf_event_release_kernel() perf_event_release_kernel() _free_event() _free_event() perf_pending_task_sync() perf_pending_task_sync() rcuwait_wait_event() rcuwait_wait_event() Por lo tanto, la \u00fanica opci\u00f3n que queda es adquirir el recuento de referencias de evento al poner en cola el trabajo de la tarea de rendimiento y liberarlo del trabajo de la tarea. Tal como se hizo antes de 3a5465418f5f (\"perf: Corregir fuga de eventos al ejecutar y liberar archivos\"), pero sin las fugas corregidas. Se requieren algunos ajustes para que funcione: * Un evento secundario podr\u00eda desreferenciar a su padre al liberarse. Se debe tener cuidado de liberar al padre al final. * Algunos sitios, al asumir que el evento no tiene ninguna referencia retenida y, por lo tanto, puede liberarse de inmediato, deben colocar la referencia y dejar que el recuento de referencias contin\u00fae."
}
],
"id": "CVE-2025-37747",
"lastModified": "2025-05-02T13:53:20.943",
"metrics": {},
"published": "2025-05-01T13:15:53.417",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/1267bd38f161c1a27d9b722de017027167a225a0"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/56799bc035658738f362acec3e7647bb84e68933"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/665b87b8f8b3aeb49083ef3b65c4953e7753fc12"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/fa1827fa968c0674e9b6fca223fa9fb4da4493eb"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
wid-sec-w-2025-0922
Vulnerability from csaf_certbund
Published
2025-05-01 22:00
Modified
2025-08-12 22:00
Summary
Linux Kernel: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff und nicht näher spezifizierte Angriffe durchzuführen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff und nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0922 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0922.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0922 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0922"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49834",
"url": "https://lore.kernel.org/linux-cve-announce/2025050138-CVE-2022-49834-72b3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49837",
"url": "https://lore.kernel.org/linux-cve-announce/2025050139-CVE-2022-49837-c13b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49838",
"url": "https://lore.kernel.org/linux-cve-announce/2025050139-CVE-2022-49838-0bb8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49839",
"url": "https://lore.kernel.org/linux-cve-announce/2025050139-CVE-2022-49839-37b0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49840",
"url": "https://lore.kernel.org/linux-cve-announce/2025050140-CVE-2022-49840-5186@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49841",
"url": "https://lore.kernel.org/linux-cve-announce/2025050140-CVE-2022-49841-8d40@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49842",
"url": "https://lore.kernel.org/linux-cve-announce/2025050140-CVE-2022-49842-54c5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49843",
"url": "https://lore.kernel.org/linux-cve-announce/2025050141-CVE-2022-49843-f36d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49857",
"url": "https://lore.kernel.org/linux-cve-announce/2025050146-CVE-2022-49857-39d0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49858",
"url": "https://lore.kernel.org/linux-cve-announce/2025050146-CVE-2022-49858-a1ee@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49859",
"url": "https://lore.kernel.org/linux-cve-announce/2025050146-CVE-2022-49859-4700@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49860",
"url": "https://lore.kernel.org/linux-cve-announce/2025050147-CVE-2022-49860-75f4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49861",
"url": "https://lore.kernel.org/linux-cve-announce/2025050147-CVE-2022-49861-d502@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49862",
"url": "https://lore.kernel.org/linux-cve-announce/2025050147-CVE-2022-49862-04f2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49863",
"url": "https://lore.kernel.org/linux-cve-announce/2025050148-CVE-2022-49863-706e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49864",
"url": "https://lore.kernel.org/linux-cve-announce/2025050148-CVE-2022-49864-a6b3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49865",
"url": "https://lore.kernel.org/linux-cve-announce/2025050149-CVE-2022-49865-cd5b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49867",
"url": "https://lore.kernel.org/linux-cve-announce/2025050149-CVE-2022-49867-e420@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49876",
"url": "https://lore.kernel.org/linux-cve-announce/2025050152-CVE-2022-49876-498d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49877",
"url": "https://lore.kernel.org/linux-cve-announce/2025050153-CVE-2022-49877-1f59@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49878",
"url": "https://lore.kernel.org/linux-cve-announce/2025050153-CVE-2022-49878-1e05@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49879",
"url": "https://lore.kernel.org/linux-cve-announce/2025050154-CVE-2022-49879-e897@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49880",
"url": "https://lore.kernel.org/linux-cve-announce/2025050154-CVE-2022-49880-709b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49881",
"url": "https://lore.kernel.org/linux-cve-announce/2025050154-CVE-2022-49881-3caa@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49882",
"url": "https://lore.kernel.org/linux-cve-announce/2025050155-CVE-2022-49882-6046@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49897",
"url": "https://lore.kernel.org/linux-cve-announce/2025050100-CVE-2022-49897-6af8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49900",
"url": "https://lore.kernel.org/linux-cve-announce/2025050101-CVE-2022-49900-4af3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49901",
"url": "https://lore.kernel.org/linux-cve-announce/2025050101-CVE-2022-49901-1130@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49902",
"url": "https://lore.kernel.org/linux-cve-announce/2025050102-CVE-2022-49902-59fe@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49903",
"url": "https://lore.kernel.org/linux-cve-announce/2025050102-CVE-2022-49903-23a6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49904",
"url": "https://lore.kernel.org/linux-cve-announce/2025050102-CVE-2022-49904-5009@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49905",
"url": "https://lore.kernel.org/linux-cve-announce/2025050103-CVE-2022-49905-1a97@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49906",
"url": "https://lore.kernel.org/linux-cve-announce/2025050103-CVE-2022-49906-4d07@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49917",
"url": "https://lore.kernel.org/linux-cve-announce/2025050107-CVE-2022-49917-50af@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49918",
"url": "https://lore.kernel.org/linux-cve-announce/2025050107-CVE-2022-49918-8541@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49919",
"url": "https://lore.kernel.org/linux-cve-announce/2025050108-CVE-2022-49919-858c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49920",
"url": "https://lore.kernel.org/linux-cve-announce/2025050108-CVE-2022-49920-667b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49921",
"url": "https://lore.kernel.org/linux-cve-announce/2025050108-CVE-2022-49921-e4fc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49922",
"url": "https://lore.kernel.org/linux-cve-announce/2025050109-CVE-2022-49922-93fb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49923",
"url": "https://lore.kernel.org/linux-cve-announce/2025050109-CVE-2022-49923-a098@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49924",
"url": "https://lore.kernel.org/linux-cve-announce/2025050109-CVE-2022-49924-e8b9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49925",
"url": "https://lore.kernel.org/linux-cve-announce/2025050110-CVE-2022-49925-2485@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49926",
"url": "https://lore.kernel.org/linux-cve-announce/2025050110-CVE-2022-49926-d9bc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49927",
"url": "https://lore.kernel.org/linux-cve-announce/2025050110-CVE-2022-49927-461e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49928",
"url": "https://lore.kernel.org/linux-cve-announce/2025050111-CVE-2022-49928-3664@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49929",
"url": "https://lore.kernel.org/linux-cve-announce/2025050111-CVE-2022-49929-d572@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49930",
"url": "https://lore.kernel.org/linux-cve-announce/2025050112-CVE-2022-49930-91ab@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49931",
"url": "https://lore.kernel.org/linux-cve-announce/2025050112-CVE-2022-49931-9e35@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-23146",
"url": "https://lore.kernel.org/linux-cve-announce/2025050126-CVE-2025-23146-611a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-23147",
"url": "https://lore.kernel.org/linux-cve-announce/2025050126-CVE-2025-23147-cfd5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-23148",
"url": "https://lore.kernel.org/linux-cve-announce/2025050127-CVE-2025-23148-5365@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37738",
"url": "https://lore.kernel.org/linux-cve-announce/2025050132-CVE-2025-37738-deb1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37739",
"url": "https://lore.kernel.org/linux-cve-announce/2025050133-CVE-2025-37739-06bb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37740",
"url": "https://lore.kernel.org/linux-cve-announce/2025050133-CVE-2025-37740-bf8e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37741",
"url": "https://lore.kernel.org/linux-cve-announce/2025050133-CVE-2025-37741-3219@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37742",
"url": "https://lore.kernel.org/linux-cve-announce/2025050134-CVE-2025-37742-60be@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37743",
"url": "https://lore.kernel.org/linux-cve-announce/2025050134-CVE-2025-37743-35a7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37744",
"url": "https://lore.kernel.org/linux-cve-announce/2025050134-CVE-2025-37744-e540@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37745",
"url": "https://lore.kernel.org/linux-cve-announce/2025050135-CVE-2025-37745-0aaf@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37746",
"url": "https://lore.kernel.org/linux-cve-announce/2025050135-CVE-2025-37746-2d53@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37747",
"url": "https://lore.kernel.org/linux-cve-announce/2025050135-CVE-2025-37747-6e35@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37748",
"url": "https://lore.kernel.org/linux-cve-announce/2025050136-CVE-2025-37748-56c8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37749",
"url": "https://lore.kernel.org/linux-cve-announce/2025050136-CVE-2025-37749-0f49@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37750",
"url": "https://lore.kernel.org/linux-cve-announce/2025050136-CVE-2025-37750-fdd8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37751",
"url": "https://lore.kernel.org/linux-cve-announce/2025050137-CVE-2025-37751-8ed2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37752",
"url": "https://lore.kernel.org/linux-cve-announce/2025050137-CVE-2025-37752-653f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37753",
"url": "https://lore.kernel.org/linux-cve-announce/2025050138-CVE-2025-37753-9fd7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37754",
"url": "https://lore.kernel.org/linux-cve-announce/2025050138-CVE-2025-37754-47b2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37755",
"url": "https://lore.kernel.org/linux-cve-announce/2025050138-CVE-2025-37755-00b5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37756",
"url": "https://lore.kernel.org/linux-cve-announce/2025050139-CVE-2025-37756-a06e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37757",
"url": "https://lore.kernel.org/linux-cve-announce/2025050139-CVE-2025-37757-8a5e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37758",
"url": "https://lore.kernel.org/linux-cve-announce/2025050139-CVE-2025-37758-32dd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37759",
"url": "https://lore.kernel.org/linux-cve-announce/2025050140-CVE-2025-37759-5f57@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37768",
"url": "https://lore.kernel.org/linux-cve-announce/2025050112-CVE-2025-37768-b24f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37769",
"url": "https://lore.kernel.org/linux-cve-announce/2025050113-CVE-2025-37769-dd42@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37773",
"url": "https://lore.kernel.org/linux-cve-announce/2025050114-CVE-2025-37773-4727@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37774",
"url": "https://lore.kernel.org/linux-cve-announce/2025050114-CVE-2025-37774-8b9d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37775",
"url": "https://lore.kernel.org/linux-cve-announce/2025050115-CVE-2025-37775-296d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37776",
"url": "https://lore.kernel.org/linux-cve-announce/2025050115-CVE-2025-37776-9bfb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37777",
"url": "https://lore.kernel.org/linux-cve-announce/2025050115-CVE-2025-37777-886d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37778",
"url": "https://lore.kernel.org/linux-cve-announce/2025050116-CVE-2025-37778-7202@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37779",
"url": "https://lore.kernel.org/linux-cve-announce/2025050116-CVE-2025-37779-6bed@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37780",
"url": "https://lore.kernel.org/linux-cve-announce/2025050116-CVE-2025-37780-2b54@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37781",
"url": "https://lore.kernel.org/linux-cve-announce/2025050117-CVE-2025-37781-3d19@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37782",
"url": "https://lore.kernel.org/linux-cve-announce/2025050117-CVE-2025-37782-7cc2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37783",
"url": "https://lore.kernel.org/linux-cve-announce/2025050117-CVE-2025-37783-23bf@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37784",
"url": "https://lore.kernel.org/linux-cve-announce/2025050118-CVE-2025-37784-159b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37786",
"url": "https://lore.kernel.org/linux-cve-announce/2025050118-CVE-2025-37786-cbe7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37787",
"url": "https://lore.kernel.org/linux-cve-announce/2025050119-CVE-2025-37787-746d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37788",
"url": "https://lore.kernel.org/linux-cve-announce/2025050119-CVE-2025-37788-fd43@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37789",
"url": "https://lore.kernel.org/linux-cve-announce/2025050119-CVE-2025-37789-3f0b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37790",
"url": "https://lore.kernel.org/linux-cve-announce/2025050120-CVE-2025-37790-3927@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37791",
"url": "https://lore.kernel.org/linux-cve-announce/2025050120-CVE-2025-37791-793c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37792",
"url": "https://lore.kernel.org/linux-cve-announce/2025050120-CVE-2025-37792-def8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37793",
"url": "https://lore.kernel.org/linux-cve-announce/2025050121-CVE-2025-37793-a56f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37794",
"url": "https://lore.kernel.org/linux-cve-announce/2025050121-CVE-2025-37794-0a39@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37795",
"url": "https://lore.kernel.org/linux-cve-announce/2025050121-CVE-2025-37795-1049@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37796",
"url": "https://lore.kernel.org/linux-cve-announce/2025050122-CVE-2025-37796-d6f9@gregkh/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7903 vom 2025-05-19",
"url": "https://access.redhat.com/errata/RHSA-2025:7903"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01614-1 vom 2025-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020870.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-7903 vom 2025-05-23",
"url": "https://linux.oracle.com/errata/ELSA-2025-7903.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01707-1 vom 2025-05-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020902.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4178 vom 2025-05-26",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8248 vom 2025-05-28",
"url": "https://access.redhat.com/errata/RHSA-2025:8248"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20343-1 vom 2025-05-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020965.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4193 vom 2025-05-30",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20344-1 vom 2025-05-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020964.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20355-1 vom 2025-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021015.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20354-1 vom 2025-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021016.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01918-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021478.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01919-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021477.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01951-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021509.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9080 vom 2025-06-16",
"url": "https://access.redhat.com/errata/RHSA-2025:9080"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9079 vom 2025-06-16",
"url": "https://access.redhat.com/errata/RHSA-2025:9079"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01965-1 vom 2025-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021535.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01966-1 vom 2025-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021534.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01964-1 vom 2025-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021531.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01967-1 vom 2025-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021533.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20413-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021547.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01982-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021539.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01983-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021538.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20408-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021550.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-9080 vom 2025-06-18",
"url": "http://linux.oracle.com/errata/ELSA-2025-9080.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01972-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021537.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02000-1 vom 2025-06-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021568.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01995-1 vom 2025-06-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021572.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20421-1 vom 2025-06-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021590.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20419-1 vom 2025-06-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021591.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9302 vom 2025-06-23",
"url": "https://access.redhat.com/errata/RHSA-2025:9302"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9348 vom 2025-06-23",
"url": "https://access.redhat.com/errata/RHSA-2025:9348"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9393 vom 2025-06-23",
"url": "https://access.redhat.com/errata/RHSA-2025:9393"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.15-2025-076 vom 2025-06-24",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.15-2025-076.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-9302 vom 2025-06-24",
"url": "https://linux.oracle.com/errata/ELSA-2025-9302.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7594-1 vom 2025-06-24",
"url": "https://ubuntu.com/security/notices/USN-7594-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7594-2 vom 2025-06-26",
"url": "https://ubuntu.com/security/notices/USN-7594-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02173-1 vom 2025-06-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021714.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.4-2025-102 vom 2025-06-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.4-2025-102.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-9348 vom 2025-07-04",
"url": "https://linux.oracle.com/errata/ELSA-2025-9348.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-9079 vom 2025-07-04",
"url": "https://linux.oracle.com/errata/ELSA-2025-9079.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02249-1 vom 2025-07-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021766.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10675 vom 2025-07-09",
"url": "https://access.redhat.com/errata/RHSA-2025:10675"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02254-1 vom 2025-07-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021770.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7594-3 vom 2025-07-09",
"url": "https://ubuntu.com/security/notices/USN-7594-3"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10671 vom 2025-07-09",
"url": "https://access.redhat.com/errata/RHSA-2025:10671"
},
{
"category": "external",
"summary": "Google Cloud Platform Security Bulletin GCP-2025-038 vom 2025-07-09",
"url": "https://cloud.google.com/support/bulletins#gcp-2025-038"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02262-1 vom 2025-07-10",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/B53IHD74IRNJDAOHBW4L7JGWNOM26XE7/"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.15-2025-079 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.15-2025-079.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02264-1 vom 2025-07-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021785.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10830 vom 2025-07-14",
"url": "https://access.redhat.com/errata/RHSA-2025:10830"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10829 vom 2025-07-14",
"url": "https://access.redhat.com/errata/RHSA-2025:10829"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02308-1 vom 2025-07-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021805.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02307-1 vom 2025-07-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021804.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11298 vom 2025-07-16",
"url": "https://access.redhat.com/errata/RHSA-2025:11298"
},
{
"category": "external",
"summary": "RedHat Security Advisory",
"url": "https://access.redhat.com/errata/RHSA-2025:11299"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02321-1 vom 2025-07-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021811.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02322-1 vom 2025-07-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021810.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11245 vom 2025-07-16",
"url": "https://access.redhat.com/errata/RHSA-2025:11245"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02320-1 vom 2025-07-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021812.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20470 vom 2025-07-16",
"url": "https://linux.oracle.com/errata/ELSA-2025-20470.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20471 vom 2025-07-16",
"url": "https://linux.oracle.com/errata/ELSA-2025-20471.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02333-1 vom 2025-07-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021830.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-11298 vom 2025-07-17",
"url": "https://linux.oracle.com/errata/ELSA-2025-11298.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02334-1 vom 2025-07-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021829.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02335-1 vom 2025-07-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021828.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7653-1 vom 2025-07-17",
"url": "https://ubuntu.com/security/notices/USN-7653-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7652-1 vom 2025-07-17",
"url": "https://ubuntu.com/security/notices/USN-7652-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7651-1 vom 2025-07-17",
"url": "https://ubuntu.com/security/notices/USN-7651-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7654-1 vom 2025-07-18",
"url": "https://ubuntu.com/security/notices/USN-7654-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7654-3 vom 2025-07-18",
"url": "https://ubuntu.com/security/notices/USN-7654-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7654-2 vom 2025-07-18",
"url": "https://ubuntu.com/security/notices/USN-7654-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7651-2 vom 2025-07-18",
"url": "https://ubuntu.com/security/notices/USN-7651-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7655-1 vom 2025-07-18",
"url": "https://ubuntu.com/security/notices/USN-7655-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20483-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021917.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20475-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021919.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7651-3 vom 2025-07-22",
"url": "https://ubuntu.com/security/notices/USN-7651-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7654-4 vom 2025-07-22",
"url": "https://ubuntu.com/security/notices/USN-7654-4"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11571 vom 2025-07-23",
"url": "https://access.redhat.com/errata/RHSA-2025:11571"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7651-4 vom 2025-07-22",
"url": "https://ubuntu.com/security/notices/USN-7651-4"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11572 vom 2025-07-23",
"url": "https://access.redhat.com/errata/RHSA-2025:11572"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7651-5 vom 2025-07-24",
"url": "https://ubuntu.com/security/notices/USN-7651-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7651-6 vom 2025-07-24",
"url": "https://ubuntu.com/security/notices/USN-7651-6"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20493-1 vom 2025-07-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021967.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20498-1 vom 2025-07-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021965.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02537-1 vom 2025-07-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021978.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02538-1 vom 2025-07-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021981.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7654-5 vom 2025-07-29",
"url": "https://ubuntu.com/security/notices/USN-7654-5"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12238 vom 2025-07-30",
"url": "https://access.redhat.com/errata/RHSA-2025:12238"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2944 vom 2025-07-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2944.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02602-1 vom 2025-08-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022047.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02607-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MOXFW6IMLHSFMN655UONMR2V76DWL7LG/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02611-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CAY42JX32A3BASFZGJE6DQP2CXN2LUAW/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02604-1 vom 2025-08-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022046.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02606-1 vom 2025-08-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022045.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12525 vom 2025-08-04",
"url": "https://access.redhat.com/errata/RHSA-2025:12525"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02618-1 vom 2025-08-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022014.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02601-1 vom 2025-08-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022048.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02619-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TWVUGRLCXJQB55343B5DGQRVGA6GMIQ6/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12623 vom 2025-08-04",
"url": "https://access.redhat.com/errata/RHSA-2025:12623"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02608-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SMY25R62WPNQL2TYEAZTDCWAVFYQUQ2E/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02610-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NRIUGMNHYH2DWCCLRZ5NFTLFBXQCRTE6/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12526 vom 2025-08-05",
"url": "https://access.redhat.com/errata/RHSA-2025:12526"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02673-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VPKQ4BU54XGSANMAROPDJAEFKO2OEKKP/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02626-1 vom 2025-08-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022055.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02652-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CPV72PULRBVAYNVLOGDPAXEYAOLJPHYQ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02636-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CZW4BWHO76REHV7LNO6WHLF4JRL7WMEJ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02676-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NBQGO5F7GAWGWOOC2BA5DLBISXIOXMMS/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02648-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IKXBRO2HUJQNRZTJLJHZC32ZUUQLD7RS/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02638-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GT3EVLQ3E46O7RVXSFVUBEM6JEJUWQI4/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02627-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4HNZG2UKJBSDT23RIH4WSPIP5XJJH7AQ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02647-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LHOHSHBEJMHDNQVQMNHA7MC22TR34HJY/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02687-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6VW2HW4WHUKAUC34CIESGAAISQVOIIZS/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02632-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/A6QW6TXS545RIQWDHD4QUITTGGA4K6MY/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02637-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ON23RSVRQYIYWSN7KWZHAT23BQ2YH6EK/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02689-1 vom 2025-08-05",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/U2TRD6KWXEAIWY33DHM2QPZCBKLAECTA/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02688-1 vom 2025-08-05",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5NCR2KWOE2L5E5ZMBPLRQ3ZRAPKHOJX5/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02691-1 vom 2025-08-05",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HQYM2FGJQXM5CJJ3L6LDY723WGAYBFPL/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02693-1 vom 2025-08-05",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q562SYU3GEAQLUF7RIJSZKOPWTHBMXYI/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02697-1 vom 2025-08-05",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4DC3XA5ITEIHVOJ5XXILV3NMSJPM3PS2/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13061 vom 2025-08-05",
"url": "https://access.redhat.com/errata/RHSA-2025:13061"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02708-1 vom 2025-08-05",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OIV3PQR5UOAFXL7SARDQRG7OSG5GJOE7/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02699-1 vom 2025-08-05",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/K2DQYB5BZLMQ7ED2KC4BHVYYJV5JF3S5/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02704-1 vom 2025-08-05",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PAJM6DY43HWTMYM763Y57Q6KWBGTAHOM/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02710-1 vom 2025-08-05",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EF7HBZKJ7TRGPEOKPY66PCZKIYFKRU56/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7686-1 vom 2025-08-05",
"url": "https://ubuntu.com/security/notices/USN-7686-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13099 vom 2025-08-06",
"url": "https://access.redhat.com/errata/RHSA-2025:13099"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02698-1 vom 2025-08-05",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TM2FOPKL26WFLLS5YFPKON7STKP3HL4I/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20520 vom 2025-08-11",
"url": "https://linux.oracle.com/errata/ELSA-2025-20520.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13776 vom 2025-08-13",
"url": "https://access.redhat.com/errata/RHSA-2025:13776"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-08-12T22:00:00.000+00:00",
"generator": {
"date": "2025-08-13T06:27:38.986+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-0922",
"initial_release_date": "2025-05-01T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-05-01T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-05-18T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-21T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-05-22T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-05-26T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE und Debian aufgenommen"
},
{
"date": "2025-05-27T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-29T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE und Debian aufgenommen"
},
{
"date": "2025-06-02T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-11T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-15T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-16T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-17T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
},
{
"date": "2025-06-19T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-22T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-23T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat und Amazon aufgenommen"
},
{
"date": "2025-06-24T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-26T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-30T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von SUSE und Amazon aufgenommen"
},
{
"date": "2025-07-03T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-07-08T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von SUSE, Red Hat und Ubuntu aufgenommen"
},
{
"date": "2025-07-09T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Google aufgenommen"
},
{
"date": "2025-07-10T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Amazon und SUSE aufgenommen"
},
{
"date": "2025-07-13T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-14T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2025-07-16T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Oracle Linux und SUSE aufgenommen"
},
{
"date": "2025-07-17T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-21T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-22T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Red Hat und Ubuntu aufgenommen"
},
{
"date": "2025-07-23T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-24T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-27T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-28T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-29T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
},
{
"date": "2025-07-30T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-07-31T22:00:00.000+00:00",
"number": "36",
"summary": "Referenz(en) aufgenommen:"
},
{
"date": "2025-08-03T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2025-08-04T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-05T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von SUSE, Red Hat und Ubuntu aufgenommen"
},
{
"date": "2025-08-11T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-08-12T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "41"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Google Container-Optimized OS",
"product": {
"name": "Google Container-Optimized OS",
"product_id": "1607324",
"product_identification_helper": {
"cpe": "cpe:/o:google:container-optimized_os:-"
}
}
}
],
"category": "vendor",
"name": "Google"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.10.237",
"product": {
"name": "Open Source Linux Kernel \u003c5.10.237",
"product_id": "T043254"
}
},
{
"category": "product_version",
"name": "5.10.237",
"product": {
"name": "Open Source Linux Kernel 5.10.237",
"product_id": "T043254-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.10.237"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.15.181",
"product": {
"name": "Open Source Linux Kernel \u003c5.15.181",
"product_id": "T043255"
}
},
{
"category": "product_version",
"name": "5.15.181",
"product": {
"name": "Open Source Linux Kernel 5.15.181",
"product_id": "T043255-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.15.181"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.4.293",
"product": {
"name": "Open Source Linux Kernel \u003c5.4.293",
"product_id": "T043256"
}
},
{
"category": "product_version",
"name": "5.4.293",
"product": {
"name": "Open Source Linux Kernel 5.4.293",
"product_id": "T043256-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.4.293"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.1.136",
"product": {
"name": "Open Source Linux Kernel \u003c6.1.136",
"product_id": "T043257"
}
},
{
"category": "product_version",
"name": "6.1.136",
"product": {
"name": "Open Source Linux Kernel 6.1.136",
"product_id": "T043257-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:6.1.136"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.12.26",
"product": {
"name": "Open Source Linux Kernel \u003c6.12.26",
"product_id": "T043259"
}
},
{
"category": "product_version",
"name": "6.12.26",
"product": {
"name": "Open Source Linux Kernel 6.12.26",
"product_id": "T043259-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:6.12.26"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.14.5",
"product": {
"name": "Open Source Linux Kernel \u003c6.14.5",
"product_id": "T043260"
}
},
{
"category": "product_version",
"name": "6.14.5",
"product": {
"name": "Open Source Linux Kernel 6.14.5",
"product_id": "T043260-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:6.14.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.15-rc4",
"product": {
"name": "Open Source Linux Kernel \u003c6.15-rc4",
"product_id": "T043261"
}
},
{
"category": "product_version",
"name": "6.15-rc4",
"product": {
"name": "Open Source Linux Kernel 6.15-rc4",
"product_id": "T043261-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:6.15-rc4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.6.89",
"product": {
"name": "Open Source Linux Kernel \u003c6.6.89",
"product_id": "T043262"
}
},
{
"category": "product_version",
"name": "6.6.89",
"product": {
"name": "Open Source Linux Kernel 6.6.89",
"product_id": "T043262-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:6.6.89"
}
}
}
],
"category": "product_name",
"name": "Linux Kernel"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-49834",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49834"
},
{
"cve": "CVE-2022-49837",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49837"
},
{
"cve": "CVE-2022-49838",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49838"
},
{
"cve": "CVE-2022-49839",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49839"
},
{
"cve": "CVE-2022-49840",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49840"
},
{
"cve": "CVE-2022-49841",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49841"
},
{
"cve": "CVE-2022-49842",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49842"
},
{
"cve": "CVE-2022-49843",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49843"
},
{
"cve": "CVE-2022-49857",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49857"
},
{
"cve": "CVE-2022-49858",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49858"
},
{
"cve": "CVE-2022-49859",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49859"
},
{
"cve": "CVE-2022-49860",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49860"
},
{
"cve": "CVE-2022-49861",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49861"
},
{
"cve": "CVE-2022-49862",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49862"
},
{
"cve": "CVE-2022-49863",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49863"
},
{
"cve": "CVE-2022-49864",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49864"
},
{
"cve": "CVE-2022-49865",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49865"
},
{
"cve": "CVE-2022-49867",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49867"
},
{
"cve": "CVE-2022-49876",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49876"
},
{
"cve": "CVE-2022-49877",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49877"
},
{
"cve": "CVE-2022-49878",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49878"
},
{
"cve": "CVE-2022-49879",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49879"
},
{
"cve": "CVE-2022-49880",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49880"
},
{
"cve": "CVE-2022-49881",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49881"
},
{
"cve": "CVE-2022-49882",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49882"
},
{
"cve": "CVE-2022-49897",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49897"
},
{
"cve": "CVE-2022-49900",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49900"
},
{
"cve": "CVE-2022-49901",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49901"
},
{
"cve": "CVE-2022-49902",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49902"
},
{
"cve": "CVE-2022-49903",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49903"
},
{
"cve": "CVE-2022-49904",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49904"
},
{
"cve": "CVE-2022-49905",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49905"
},
{
"cve": "CVE-2022-49906",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49906"
},
{
"cve": "CVE-2022-49917",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49917"
},
{
"cve": "CVE-2022-49918",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49918"
},
{
"cve": "CVE-2022-49919",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49919"
},
{
"cve": "CVE-2022-49920",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49920"
},
{
"cve": "CVE-2022-49921",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49921"
},
{
"cve": "CVE-2022-49922",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49922"
},
{
"cve": "CVE-2022-49923",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49923"
},
{
"cve": "CVE-2022-49924",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49924"
},
{
"cve": "CVE-2022-49925",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49925"
},
{
"cve": "CVE-2022-49926",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49926"
},
{
"cve": "CVE-2022-49927",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49927"
},
{
"cve": "CVE-2022-49928",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49928"
},
{
"cve": "CVE-2022-49929",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49929"
},
{
"cve": "CVE-2022-49930",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49930"
},
{
"cve": "CVE-2022-49931",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2022-49931"
},
{
"cve": "CVE-2025-23139",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23139"
},
{
"cve": "CVE-2025-23140",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23140"
},
{
"cve": "CVE-2025-23142",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23142"
},
{
"cve": "CVE-2025-23144",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23144"
},
{
"cve": "CVE-2025-23145",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23145"
},
{
"cve": "CVE-2025-23146",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23146"
},
{
"cve": "CVE-2025-23147",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23147"
},
{
"cve": "CVE-2025-23148",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23148"
},
{
"cve": "CVE-2025-23149",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23149"
},
{
"cve": "CVE-2025-23150",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23150"
},
{
"cve": "CVE-2025-23151",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23151"
},
{
"cve": "CVE-2025-23154",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23154"
},
{
"cve": "CVE-2025-23155",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23155"
},
{
"cve": "CVE-2025-23156",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23156"
},
{
"cve": "CVE-2025-23157",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23157"
},
{
"cve": "CVE-2025-23158",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23158"
},
{
"cve": "CVE-2025-23159",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23159"
},
{
"cve": "CVE-2025-23160",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23160"
},
{
"cve": "CVE-2025-23161",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-23161"
},
{
"cve": "CVE-2025-37738",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37738"
},
{
"cve": "CVE-2025-37739",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37739"
},
{
"cve": "CVE-2025-37740",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37740"
},
{
"cve": "CVE-2025-37741",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37741"
},
{
"cve": "CVE-2025-37742",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37742"
},
{
"cve": "CVE-2025-37743",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37743"
},
{
"cve": "CVE-2025-37744",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37744"
},
{
"cve": "CVE-2025-37745",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37745"
},
{
"cve": "CVE-2025-37746",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37746"
},
{
"cve": "CVE-2025-37747",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37747"
},
{
"cve": "CVE-2025-37748",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37748"
},
{
"cve": "CVE-2025-37749",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37749"
},
{
"cve": "CVE-2025-37750",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37750"
},
{
"cve": "CVE-2025-37751",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37751"
},
{
"cve": "CVE-2025-37752",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37753",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37753"
},
{
"cve": "CVE-2025-37754",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37754"
},
{
"cve": "CVE-2025-37755",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37755"
},
{
"cve": "CVE-2025-37756",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37756"
},
{
"cve": "CVE-2025-37757",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37757"
},
{
"cve": "CVE-2025-37758",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37758"
},
{
"cve": "CVE-2025-37759",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37759"
},
{
"cve": "CVE-2025-37760",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37760"
},
{
"cve": "CVE-2025-37763",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37763"
},
{
"cve": "CVE-2025-37768",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37768"
},
{
"cve": "CVE-2025-37769",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37769"
},
{
"cve": "CVE-2025-37772",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37772"
},
{
"cve": "CVE-2025-37773",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37773"
},
{
"cve": "CVE-2025-37774",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37774"
},
{
"cve": "CVE-2025-37775",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37775"
},
{
"cve": "CVE-2025-37776",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37776"
},
{
"cve": "CVE-2025-37777",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37777"
},
{
"cve": "CVE-2025-37778",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37778"
},
{
"cve": "CVE-2025-37779",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37779"
},
{
"cve": "CVE-2025-37780",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37780"
},
{
"cve": "CVE-2025-37781",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37781"
},
{
"cve": "CVE-2025-37782",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37782"
},
{
"cve": "CVE-2025-37783",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37783"
},
{
"cve": "CVE-2025-37784",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37784"
},
{
"cve": "CVE-2025-37786",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37786"
},
{
"cve": "CVE-2025-37787",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37787"
},
{
"cve": "CVE-2025-37788",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37788"
},
{
"cve": "CVE-2025-37789",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37789"
},
{
"cve": "CVE-2025-37790",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37790"
},
{
"cve": "CVE-2025-37791",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37791"
},
{
"cve": "CVE-2025-37792",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37792"
},
{
"cve": "CVE-2025-37793",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37793"
},
{
"cve": "CVE-2025-37794",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37794"
},
{
"cve": "CVE-2025-37795",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37795"
},
{
"cve": "CVE-2025-37796",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T043256",
"T043257",
"T043259",
"2951",
"T002207",
"T000126",
"T043260",
"398363",
"T043261",
"T043262",
"1607324",
"T043254",
"T043255"
]
},
"release_date": "2025-05-01T22:00:00.000+00:00",
"title": "CVE-2025-37796"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…